mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-12-04 19:15:30 +00:00
Migrate more config values to db
This commit is contained in:
parent
8af7a6ac9e
commit
74a7b5a3b7
@ -2,7 +2,7 @@ from functools import wraps
|
||||
from flask import g, request, redirect, url_for
|
||||
|
||||
from app import app
|
||||
from app.models import Role
|
||||
from app.models import Role, Setting
|
||||
|
||||
|
||||
def admin_role_required(f):
|
||||
@ -31,7 +31,7 @@ def can_access_domain(f):
|
||||
def can_configure_dnssec(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
if g.user.role.name != 'Administrator' and app.config['DNSSEC_ADMINS_ONLY']:
|
||||
if g.user.role.name != 'Administrator' and Setting().get('dnssec_admins_only'):
|
||||
return redirect(url_for('error', code=401))
|
||||
|
||||
return f(*args, **kwargs)
|
||||
|
@ -9,6 +9,8 @@ import traceback
|
||||
import pyotp
|
||||
import re
|
||||
import dns.reversename
|
||||
import dns.inet
|
||||
import dns.name
|
||||
import sys
|
||||
import logging as logger
|
||||
|
||||
@ -24,14 +26,6 @@ from app.lib import utils
|
||||
logging = logger.getLogger(__name__)
|
||||
|
||||
|
||||
if 'PRETTY_IPV6_PTR' in app.config.keys():
|
||||
import dns.inet
|
||||
import dns.name
|
||||
PRETTY_IPV6_PTR = app.config['PRETTY_IPV6_PTR']
|
||||
else:
|
||||
PRETTY_IPV6_PTR = False
|
||||
|
||||
|
||||
class Anonymous(AnonymousUserMixin):
|
||||
def __init__(self):
|
||||
self.username = 'Anonymous'
|
||||
@ -1244,6 +1238,7 @@ class Record(object):
|
||||
self.PDNS_API_KEY = Setting().get('pdns_api_key')
|
||||
self.PDNS_VERSION = Setting().get('pdns_version')
|
||||
self.API_EXTENDED_URL = utils.pdns_api_extended_uri(self.PDNS_VERSION)
|
||||
self.PRETTY_IPV6_PTR = Setting().get('pretty_ipv6_ptr')
|
||||
|
||||
if StrictVersion(self.PDNS_VERSION) >= StrictVersion('4.0.0'):
|
||||
self.NEW_SCHEMA = True
|
||||
@ -1266,7 +1261,7 @@ class Record(object):
|
||||
rrsets = jdata['rrsets']
|
||||
for rrset in rrsets:
|
||||
r_name = rrset['name'].rstrip('.')
|
||||
if PRETTY_IPV6_PTR: # only if activated
|
||||
if self.PRETTY_IPV6_PTR: # only if activated
|
||||
if rrset['type'] == 'PTR': # only ptr
|
||||
if 'ip6.arpa' in r_name: # only if v6-ptr
|
||||
r_name = dns.reversename.to_address(dns.name.from_text(r_name))
|
||||
@ -1371,7 +1366,7 @@ class Record(object):
|
||||
for r in post_records:
|
||||
r_name = domain if r['record_name'] in ['@', ''] else r['record_name'] + '.' + domain
|
||||
r_type = r['record_type']
|
||||
if PRETTY_IPV6_PTR: # only if activated
|
||||
if self.PRETTY_IPV6_PTR: # only if activated
|
||||
if self.NEW_SCHEMA: # only if new schema
|
||||
if r_type == 'PTR': # only ptr
|
||||
if ':' in r['record_name']: # dirty ipv6 check
|
||||
@ -1392,7 +1387,7 @@ class Record(object):
|
||||
for r in deleted_records:
|
||||
r_name = r['name'].rstrip('.') + '.' if self.NEW_SCHEMA else r['name']
|
||||
r_type = r['type']
|
||||
if PRETTY_IPV6_PTR: # only if activated
|
||||
if self.PRETTY_IPV6_PTR: # only if activated
|
||||
if self.NEW_SCHEMA: # only if new schema
|
||||
if r_type == 'PTR': # only ptr
|
||||
if ':' in r['name']: # dirty ipv6 check
|
||||
@ -1414,7 +1409,7 @@ class Record(object):
|
||||
if self.NEW_SCHEMA:
|
||||
r_name = r['name'].rstrip('.') + '.'
|
||||
r_type = r['type']
|
||||
if PRETTY_IPV6_PTR: # only if activated
|
||||
if self.PRETTY_IPV6_PTR: # only if activated
|
||||
if r_type == 'PTR': # only ptr
|
||||
if ':' in r['name']: # dirty ipv6 check
|
||||
r_name = r['name']
|
||||
@ -1459,7 +1454,7 @@ class Record(object):
|
||||
r_type = key[1]
|
||||
r_changetype = key[2]
|
||||
|
||||
if PRETTY_IPV6_PTR: # only if activated
|
||||
if self.PRETTY_IPV6_PTR: # only if activated
|
||||
if r_type == 'PTR': # only ptr
|
||||
if ':' in r_name: # dirty ipv6 check
|
||||
r_name = dns.reversename.from_address(r_name).to_text()
|
||||
@ -1792,6 +1787,9 @@ class Setting(db.Model):
|
||||
'default_domain_table_size': 10,
|
||||
'auto_ptr': False,
|
||||
'allow_quick_edit': True,
|
||||
'pretty_ipv6_ptr': False,
|
||||
'dnssec_admins_only': False,
|
||||
'bg_domain_updates': False,
|
||||
'site_name': 'PowerDNS-Admin',
|
||||
'pdns_api_url': '',
|
||||
'pdns_api_key': '',
|
||||
|
@ -236,7 +236,7 @@
|
||||
modal.modal('show');
|
||||
});
|
||||
|
||||
{% if current_user.role.name == 'Administrator' or dnssec_adm_only == false %}
|
||||
{% if current_user.role.name == 'Administrator' or not SETTING.get('dnssec_admins_only') %}
|
||||
$(document.body).on("click", ".button_dnssec", function() {
|
||||
var domain = $(this).prop('id');
|
||||
getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
|
||||
|
@ -442,7 +442,8 @@ def dashboard():
|
||||
if not Setting().get('pdns_api_url') or not Setting().get('pdns_api_key') or not Setting().get('pdns_version'):
|
||||
return redirect(url_for('admin_setting_pdns'))
|
||||
|
||||
if not app.config.get('BG_DOMAIN_UPDATES'):
|
||||
BG_DOMAIN_UPDATE = Setting().get('bg_domain_updates')
|
||||
if not BG_DOMAIN_UPDATE:
|
||||
logging.debug('Update domains in foreground')
|
||||
d = Domain().update()
|
||||
else:
|
||||
@ -460,7 +461,7 @@ def dashboard():
|
||||
else:
|
||||
uptime = 0
|
||||
|
||||
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, dnssec_adm_only=app.config['DNSSEC_ADMINS_ONLY'], show_bg_domain_button=app.config['BG_DOMAIN_UPDATES'])
|
||||
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, show_bg_domain_button=BG_DOMAIN_UPDATE)
|
||||
|
||||
|
||||
@app.route('/dashboard-domains', methods=['GET'])
|
||||
@ -573,7 +574,7 @@ def domain(domain_name):
|
||||
record = Record(name=jr['name'], type=jr['type'], status='Disabled' if subrecord['disabled'] else 'Active', ttl=jr['ttl'], data=subrecord['content'])
|
||||
records.append(record)
|
||||
if not re.search('ip6\.arpa|in-addr\.arpa$', domain_name):
|
||||
editable_records = app.config['RECORDS_ALLOW_EDIT']
|
||||
editable_records = app.config['FORWARD_RECORDS_ALLOW_EDIT']
|
||||
else:
|
||||
editable_records = app.config['REVERSE_RECORDS_ALLOW_EDIT']
|
||||
return render_template('domain.html', domain=domain, records=records, editable_records=editable_records, quick_edit=quick_edit)
|
||||
|
@ -32,37 +32,40 @@ def update_data():
|
||||
# add more new settings
|
||||
op.bulk_insert(setting_table,
|
||||
[
|
||||
{'id': 8, 'name': 'site_name', 'value': 'PowerDNS-Admin', 'view': 'basic'},
|
||||
{'id': 9, 'name': 'pdns_api_url', 'value': '', 'view': 'pdns'},
|
||||
{'id': 10, 'name': 'pdns_api_key', 'value': '', 'view': 'pdns'},
|
||||
{'id': 11, 'name': 'pdns_version', 'value': '4.1.1', 'view': 'pdns'},
|
||||
{'id': 12, 'name': 'local_db_enabled', 'value': 'True', 'view': 'authentication'},
|
||||
{'id': 13, 'name': 'signup_enabled', 'value': 'True', 'view': 'authentication'},
|
||||
{'id': 14, 'name': 'ldap_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 15, 'name': 'ldap_type', 'value': 'ldap', 'view': 'authentication'},
|
||||
{'id': 16, 'name': 'ldap_uri', 'value': '', 'view': 'authentication'},
|
||||
{'id': 17, 'name': 'ldap_base_dn', 'value': '', 'view': 'authentication'},
|
||||
{'id': 18, 'name': 'ldap_admin_username', 'value': '', 'view': 'authentication'},
|
||||
{'id': 19, 'name': 'ldap_admin_password', 'value': '', 'view': 'authentication'},
|
||||
{'id': 20, 'name': 'ldap_filter_basic', 'value': '', 'view': 'authentication'},
|
||||
{'id': 21, 'name': 'ldap_filter_username', 'value': '', 'view': 'authentication'},
|
||||
{'id': 22, 'name': 'ldap_sg_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 23, 'name': 'ldap_admin_group', 'value': '', 'view': 'authentication'},
|
||||
{'id': 24, 'name': 'ldap_user_group', 'value': '', 'view': 'authentication'},
|
||||
{'id': 25, 'name': 'github_oauth_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 26, 'name': 'github_oauth_key', 'value': '', 'view': 'authentication'},
|
||||
{'id': 27, 'name': 'github_oauth_secret', 'value': '', 'view': 'authentication'},
|
||||
{'id': 28, 'name': 'github_oauth_scope', 'value': 'email', 'view': 'authentication'},
|
||||
{'id': 29, 'name': 'github_oauth_api_url', 'value': 'https://api.github.com/user', 'view': 'authentication'},
|
||||
{'id': 30, 'name': 'github_oauth_token_url', 'value': 'https://github.com/login/oauth/access_token', 'view': 'authentication'},
|
||||
{'id': 31, 'name': 'github_oauth_authorize_url', 'value': 'https://github.com/login/oauth/authorize', 'view': 'authentication'},
|
||||
{'id': 32, 'name': 'google_oauth_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 33, 'name': 'google_oauth_client_id', 'value': '', 'view': 'authentication'},
|
||||
{'id': 34, 'name': 'google_oauth_client_secret', 'value': '', 'view': 'authentication'},
|
||||
{'id': 35, 'name': 'google_token_url', 'value': 'https://accounts.google.com/o/oauth2/token', 'view': 'authentication'},
|
||||
{'id': 36, 'name': 'google_token_params', 'value': "{'scope': 'email profile'}", 'view': 'authentication'},
|
||||
{'id': 37, 'name': 'google_authorize_url', 'value': 'https://accounts.google.com/o/oauth2/auth', 'view': 'authentication'},
|
||||
{'id': 38, 'name': 'google_base_url', 'value': 'https://www.googleapis.com/oauth2/v1/', 'view': 'authentication'},
|
||||
{'id': 8, 'name': 'pretty_ipv6_ptr', 'value': 'False', 'view': 'basic'},
|
||||
{'id': 9, 'name': 'dnssec_admins_only', 'value': 'False', 'view': 'basic'},
|
||||
{'id': 10, 'name': 'bg_domain_updates', 'value': 'False', 'view': 'basic'},
|
||||
{'id': 11, 'name': 'site_name', 'value': 'PowerDNS-Admin', 'view': 'basic'},
|
||||
{'id': 12, 'name': 'pdns_api_url', 'value': '', 'view': 'pdns'},
|
||||
{'id': 13, 'name': 'pdns_api_key', 'value': '', 'view': 'pdns'},
|
||||
{'id': 14, 'name': 'pdns_version', 'value': '4.1.1', 'view': 'pdns'},
|
||||
{'id': 15, 'name': 'local_db_enabled', 'value': 'True', 'view': 'authentication'},
|
||||
{'id': 16, 'name': 'signup_enabled', 'value': 'True', 'view': 'authentication'},
|
||||
{'id': 17, 'name': 'ldap_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 18, 'name': 'ldap_type', 'value': 'ldap', 'view': 'authentication'},
|
||||
{'id': 19, 'name': 'ldap_uri', 'value': '', 'view': 'authentication'},
|
||||
{'id': 20, 'name': 'ldap_base_dn', 'value': '', 'view': 'authentication'},
|
||||
{'id': 21, 'name': 'ldap_admin_username', 'value': '', 'view': 'authentication'},
|
||||
{'id': 22, 'name': 'ldap_admin_password', 'value': '', 'view': 'authentication'},
|
||||
{'id': 23, 'name': 'ldap_filter_basic', 'value': '', 'view': 'authentication'},
|
||||
{'id': 24, 'name': 'ldap_filter_username', 'value': '', 'view': 'authentication'},
|
||||
{'id': 25, 'name': 'ldap_sg_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 26, 'name': 'ldap_admin_group', 'value': '', 'view': 'authentication'},
|
||||
{'id': 27, 'name': 'ldap_user_group', 'value': '', 'view': 'authentication'},
|
||||
{'id': 28, 'name': 'github_oauth_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 29, 'name': 'github_oauth_key', 'value': '', 'view': 'authentication'},
|
||||
{'id': 30, 'name': 'github_oauth_secret', 'value': '', 'view': 'authentication'},
|
||||
{'id': 31, 'name': 'github_oauth_scope', 'value': 'email', 'view': 'authentication'},
|
||||
{'id': 32, 'name': 'github_oauth_api_url', 'value': 'https://api.github.com/user', 'view': 'authentication'},
|
||||
{'id': 33, 'name': 'github_oauth_token_url', 'value': 'https://github.com/login/oauth/access_token', 'view': 'authentication'},
|
||||
{'id': 34, 'name': 'github_oauth_authorize_url', 'value': 'https://github.com/login/oauth/authorize', 'view': 'authentication'},
|
||||
{'id': 35, 'name': 'google_oauth_enabled', 'value': 'False', 'view': 'authentication'},
|
||||
{'id': 36, 'name': 'google_oauth_client_id', 'value': '', 'view': 'authentication'},
|
||||
{'id': 37, 'name': 'google_oauth_client_secret', 'value': '', 'view': 'authentication'},
|
||||
{'id': 38, 'name': 'google_token_url', 'value': 'https://accounts.google.com/o/oauth2/token', 'view': 'authentication'},
|
||||
{'id': 39, 'name': 'google_token_params', 'value': "{'scope': 'email profile'}", 'view': 'authentication'},
|
||||
{'id': 40, 'name': 'google_authorize_url', 'value': 'https://accounts.google.com/o/oauth2/auth', 'view': 'authentication'},
|
||||
{'id': 41, 'name': 'google_base_url', 'value': 'https://www.googleapis.com/oauth2/v1/', 'view': 'authentication'},
|
||||
]
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user