mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-14 01:20:27 +00:00
Add config option to allow DNSSEC changes only for admins
DNSSEC requires changes to the parent domain, which in many cases requires special access to a registry or the like. For that reason, especially the option to disable DNSSEC can be dangerous - if DNSSEC is disabled in PowerDNS but not in the registry, the domain stops working. For this reason, adding an option to disable DNSSEC changes for non-admins seems reasonable. (cherry picked from commit 5cdfc0263b07f4658d51cf7c038fea9a8911152a)
This commit is contained in:
parent
0fb6e10cf5
commit
10f47039ec
@ -224,6 +224,7 @@
|
|||||||
modal.modal('show');
|
modal.modal('show');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
{% if current_user.role.name == 'Administrator' or dnssec_adm_only == false %}
|
||||||
$(document.body).on("click", ".button_dnssec", function() {
|
$(document.body).on("click", ".button_dnssec", function() {
|
||||||
var domain = $(this).prop('id');
|
var domain = $(this).prop('id');
|
||||||
getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
|
getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
|
||||||
@ -240,6 +241,7 @@
|
|||||||
enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable');
|
enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable');
|
||||||
|
|
||||||
});
|
});
|
||||||
|
{% endif %}
|
||||||
</script>
|
</script>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
{% block modals %}
|
{% block modals %}
|
||||||
|
@ -472,7 +472,8 @@ def dashboard():
|
|||||||
uptime = list([uptime for uptime in statistics if uptime['name'] == 'uptime'])[0]['value']
|
uptime = list([uptime for uptime in statistics if uptime['name'] == 'uptime'])[0]['value']
|
||||||
else:
|
else:
|
||||||
uptime = 0
|
uptime = 0
|
||||||
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history,pdns_version=app.config['PDNS_VERSION'])
|
|
||||||
|
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, dnssec_adm_only=app.config['DNSSEC_ADMINS_ONLY'], pdns_version=app.config['PDNS_VERSION'])
|
||||||
|
|
||||||
|
|
||||||
@app.route('/dashboard-domains', methods=['GET'])
|
@app.route('/dashboard-domains', methods=['GET'])
|
||||||
|
@ -125,5 +125,8 @@ RECORDS_ALLOW_EDIT = ['SOA', 'A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'S
|
|||||||
FORWARD_RECORDS_ALLOW_EDIT = ['A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'SRV', 'TXT', 'LOC' 'NS']
|
FORWARD_RECORDS_ALLOW_EDIT = ['A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'SRV', 'TXT', 'LOC' 'NS']
|
||||||
REVERSE_RECORDS_ALLOW_EDIT = ['SOA', 'TXT', 'LOC', 'NS', 'PTR']
|
REVERSE_RECORDS_ALLOW_EDIT = ['SOA', 'TXT', 'LOC', 'NS', 'PTR']
|
||||||
|
|
||||||
|
# ALLOW DNSSEC CHANGES FOR ADMINS ONLY
|
||||||
|
DNSSEC_ADMINS_ONLY = False
|
||||||
|
|
||||||
# EXPERIMENTAL FEATURES
|
# EXPERIMENTAL FEATURES
|
||||||
PRETTY_IPV6_PTR = False
|
PRETTY_IPV6_PTR = False
|
||||||
|
Loading…
Reference in New Issue
Block a user