Check zone serial before allowing user to submit their change. #183

app/views.py

@@ -1,5 +1,6 @@
 import base64
 import json
+import logging as logger
 import os
 import traceback
 import re
@@ -19,15 +20,13 @@ from werkzeug.security import gen_salt
 from .models import User, Domain, Record, Server, History, Anonymous, Setting, DomainSetting, DomainTemplate, DomainTemplateRecord
 from app import app, login_manager, github, google
 from app.lib import utils
-from app.lib.log import logger
 from app.decorators import admin_role_required, can_access_domain
 
 if app.config['SAML_ENABLED']:
     from onelogin.saml2.auth import OneLogin_Saml2_Auth
     from onelogin.saml2.utils import OneLogin_Saml2_Utils
 
-# LOG CONFIG
-logging = logger('MODEL', app.config['LOG_LEVEL'], app.config['LOG_FILE']).config()
+logging = logger.getLogger(__name__)
 
 # FILTERS
 jinja2.filters.FILTERS['display_record_name'] = utils.display_record_name
@@ -541,7 +540,6 @@ def dashboard_domains():
 
 
 @app.route('/domain/<path:domain_name>', methods=['GET', 'POST'])
-@app.route('/domain', methods=['GET', 'POST'])
 @login_required
 @can_access_domain
 def domain(domain_name):
@@ -580,7 +578,7 @@ def domain(domain_name):
         editable_records = app.config['FORWARD_RECORDS_ALLOW_EDIT']
     else:
         editable_records = app.config['REVERSE_RECORDS_ALLOW_EDIT']
-    return render_template('domain.html', domain=domain, records=records, editable_records=editable_records,pdns_version=app.config['PDNS_VERSION'])
+    return render_template('domain.html', domain=domain, records=records, editable_records=editable_records, pdns_version=app.config['PDNS_VERSION'])
 
 
 @app.route('/admin/domain/add', methods=['GET', 'POST'])
@@ -593,7 +591,6 @@ def domain_add():
             domain_name = request.form.getlist('domain_name')[0]
             domain_type = request.form.getlist('radio_type')[0]
             domain_template = request.form.getlist('domain_template')[0]
-            logging.info("Selected template ==== {0}".format(domain_template))
             soa_edit_api = request.form.getlist('radio_type_soa_edit_api')[0]
 
             if ' ' in domain_name or not domain_name or not domain_type:
@@ -716,11 +713,26 @@ def record_apply(domain_name):
     example jdata: {u'record_ttl': u'1800', u'record_type': u'CNAME', u'record_name': u'test4', u'record_status': u'Active', u'record_data': u'duykhanh.me'}
     """
     #TODO: filter removed records / name modified records.
+
     try:
         jdata = request.json
 
+        submitted_serial = jdata['serial']
+        submitted_record = jdata['record']
+
+        domain = Domain.query.filter(Domain.name==domain_name).first()
+
+        logging.debug('Your submitted serial: {0}'.format(submitted_serial))
+        logging.debug('Current domain serial: {0}'.format(domain.serial))
+
+        if domain:
+            if int(submitted_serial) != domain.serial:
+                return make_response(jsonify( {'status': 'error', 'msg': 'The zone has been changed by another session or user. Please refresh this web page to load updated records.'} ), 500)
+        else:
+            return make_response(jsonify( {'status': 'error', 'msg': 'Domain name {0} does not exist'.format(domain_name)} ), 404)
+
         r = Record()
-        result = r.apply(domain_name, jdata)
+        result = r.apply(domain_name, submitted_record)
         if result['status'] == 'ok':
             history = History(msg='Apply record changes to domain {0}'.format(domain_name), detail=str(jdata), created_by=current_user.username)
             history.add()
@@ -770,6 +782,15 @@ def record_delete(domain_name, record_name, record_type):
     return redirect(url_for('domain', domain_name=domain_name))
 
 
+@app.route('/domain/<path:domain_name>/info', methods=['GET'])
+@login_required
+@can_access_domain
+def domain_info(domain_name):
+    domain = Domain()
+    domain_info = domain.get_domain_info(domain_name)
+    return make_response(jsonify(domain_info), 200)
+
+
 @app.route('/domain/<path:domain_name>/dnssec', methods=['GET'])
 @login_required
 @can_access_domain