Can now use tokens.

This commit is contained in:
Philippe Pittoli 2024-03-14 02:43:00 +01:00
parent 8534dcb246
commit 7786f1d3b8
2 changed files with 43 additions and 7 deletions

View File

@ -29,6 +29,8 @@ module DNSManager
end end
class RRNotFoundException < ::Exception class RRNotFoundException < ::Exception
end end
class TokenNotFoundException < ::Exception
end
class AdminAuthorizationException < ::Exception class AdminAuthorizationException < ::Exception
end end
end end
@ -117,12 +119,15 @@ class DNSManager::Service < IPC
rescue e : RRNotFoundException rescue e : RRNotFoundException
Baguette::Log.error "#{reqname} RR not found" Baguette::Log.error "#{reqname} RR not found"
Response::RRNotFound.new Response::RRNotFound.new
rescue e : TokenNotFoundException
Baguette::Log.error "#{reqname} Token not found"
Response::Error.new "token not found"
rescue e : RRReadOnlyException rescue e : RRReadOnlyException
Baguette::Log.error "#{reqname} RR is read only" Baguette::Log.error "#{reqname} RR is read only"
Response::RRReadOnly.new e.domain, e.rr Response::RRReadOnly.new e.domain, e.rr
rescue e # Generic case rescue e # Generic case
Baguette::Log.error "#{reqname} generic error #{e}" Baguette::Log.error "#{reqname} generic error #{e}"
DNSManager::Response::Error.new "generic error" Response::Error.new "generic error"
end end
# If clients sent requests with an “id” field, it is copied # If clients sent requests with an “id” field, it is copied

View File

@ -29,7 +29,6 @@ class DNSManager::Storage
@tokens_by_domain = @tokens.new_partition "domain", &.domain @tokens_by_domain = @tokens.new_partition "domain", &.domain
@zonefiledir = "#{@root}/bind9-zones" @zonefiledir = "#{@root}/bind9-zones"
# TODO: create the directory
Dir.mkdir_p @zonefiledir Dir.mkdir_p @zonefiledir
Baguette::Log.info "storage initialized" Baguette::Log.info "storage initialized"
@ -85,8 +84,7 @@ class DNSManager::Storage
# Only an admin can access this function. # Only an admin can access this function.
def generate_zonefile(domain : String) : IPC::JSON def generate_zonefile(domain : String) : IPC::JSON
zone = zones_by_domain.get? domain zone = zone_must_exist! domain
return Response::DomainNotFound.new unless zone
Baguette::Log.info "writing zone file #{@zonefiledir}/#{zone.domain}" Baguette::Log.info "writing zone file #{@zonefiledir}/#{zone.domain}"
# TODO: safe write. # TODO: safe write.
@ -281,6 +279,12 @@ class DNSManager::Storage
user_data user_data
end end
def user_must_be_admin!(user_id : Int32) : UserData
user_data = user_must_exist! user_id
raise AdminAuthorizationException.new unless user_data.admin
user_data
end
def zone_must_exist!(domain : String) : Zone def zone_must_exist!(domain : String) : Zone
zone = zones_by_domain.get? domain zone = zones_by_domain.get? domain
raise DomainNotFoundException.new unless zone raise DomainNotFoundException.new unless zone
@ -323,9 +327,36 @@ class DNSManager::Storage
Response::RRUpdated.new domain, rr Response::RRUpdated.new domain, rr
end end
def use_token(user_id : Int32, token : String, address : String) : IPC::JSON def token_must_exist!(token_uuid : String) : Token
puts "use token #{token} address #{address}" token = tokens_by_uuid.get? token_uuid
Response::Error.new "unimplemented" raise TokenNotFoundException.new unless token
token
end
def use_token(user_id : Int32, token_uuid : String, address : String) : IPC::JSON
puts "use token #{token_uuid} address #{address}"
user_data = user_must_be_admin! user_id
token = token_must_exist! token_uuid
zone = zone_must_exist! token.domain
rr = zone.rr_must_exist! token.rrid
# TODO: validate target?
case rr
when Zone::A
rr.target = address
zone.update_rr rr
zones_by_domain.update_or_create zone.domain, zone
Response::Success.new
when Zone::AAAA
rr.target = address
zone.update_rr rr
zones_by_domain.update_or_create zone.domain, zone
Response::Success.new
else
Response::Error.new "use token on invalid entry (not A or AAAA)"
end
end end
end end