mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-08 22:50:26 +00:00
Add config option to allow DNSSEC changes only for admins
DNSSEC requires changes to the parent domain, which in many cases requires special access to a registry or the like. For that reason, especially the option to disable DNSSEC can be dangerous - if DNSSEC is disabled in PowerDNS but not in the registry, the domain stops working. For this reason, adding an option to disable DNSSEC changes for non-admins seems reasonable. (cherry picked from commit 5cdfc0263b07f4658d51cf7c038fea9a8911152a)
This commit is contained in:
parent
0fb6e10cf5
commit
10f47039ec
@ -224,6 +224,7 @@
|
||||
modal.modal('show');
|
||||
});
|
||||
|
||||
{% if current_user.role.name == 'Administrator' or dnssec_adm_only == false %}
|
||||
$(document.body).on("click", ".button_dnssec", function() {
|
||||
var domain = $(this).prop('id');
|
||||
getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
|
||||
@ -240,6 +241,7 @@
|
||||
enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable');
|
||||
|
||||
});
|
||||
{% endif %}
|
||||
</script>
|
||||
{% endblock %}
|
||||
{% block modals %}
|
||||
|
@ -472,7 +472,8 @@ def dashboard():
|
||||
uptime = list([uptime for uptime in statistics if uptime['name'] == 'uptime'])[0]['value']
|
||||
else:
|
||||
uptime = 0
|
||||
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history,pdns_version=app.config['PDNS_VERSION'])
|
||||
|
||||
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, dnssec_adm_only=app.config['DNSSEC_ADMINS_ONLY'], pdns_version=app.config['PDNS_VERSION'])
|
||||
|
||||
|
||||
@app.route('/dashboard-domains', methods=['GET'])
|
||||
|
@ -125,5 +125,8 @@ RECORDS_ALLOW_EDIT = ['SOA', 'A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'S
|
||||
FORWARD_RECORDS_ALLOW_EDIT = ['A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'SRV', 'TXT', 'LOC' 'NS']
|
||||
REVERSE_RECORDS_ALLOW_EDIT = ['SOA', 'TXT', 'LOC', 'NS', 'PTR']
|
||||
|
||||
# ALLOW DNSSEC CHANGES FOR ADMINS ONLY
|
||||
DNSSEC_ADMINS_ONLY = False
|
||||
|
||||
# EXPERIMENTAL FEATURES
|
||||
PRETTY_IPV6_PTR = False
|
||||
|
Loading…
Reference in New Issue
Block a user