Deny to delete 'SOA' record

2024-11-08 22:50:26 +00:00 · 2018-01-23 12:08:50 +03:00 · 2018-01-23 12:08:50 +03:00 · cff534890f
commit cff534890f
parent 0355fe4293
3 changed files with 16 additions and 12 deletions
--- a/app/models.py
+++ b/app/models.py
@ -891,7 +891,7 @@ class Record(object):
        list_deleted_records = [x for x in list_current_records if x not in list_new_records]

        # convert back to list of hash
-        deleted_records = [x for x in current_records if [x['name'],x['type']] in list_deleted_records and x['type'] in app.config['RECORDS_ALLOW_EDIT']]
+        deleted_records = [x for x in current_records if [x['name'],x['type']] in list_deleted_records and (x['type'] in app.config['RECORDS_ALLOW_EDIT'] and x['type'] != 'SOA')]

        # return a tuple
        return deleted_records, new_records
@ -1126,12 +1126,18 @@ class Record(object):
            logging.error("Cannot remove record %s/%s/%s from domain %s" % (self.name, self.type, self.data, domain))
            return {'status': 'error', 'msg': 'There was something wrong, please contact administrator'}

-    def is_allowed(self):
+    def is_allowed_edit(self):
        """
-        Check if record is allowed to edit/removed
+        Check if record is allowed to edit
        """
        return self.type in app.config['RECORDS_ALLOW_EDIT']

+    def is_allowed_delete(self):
+        """
+        Check if record is allowed to removed
+        """
+        return (self.type in app.config['RECORDS_ALLOW_EDIT'] and self.type != 'SOA')
+
    def exists(self, domain):
        """
        Check if record is present within domain records, and if it's present set self to found record
--- a/app/templates/domain.html
+++ b/app/templates/domain.html
@ -70,25 +70,23 @@
                                    </td>
                                {% if domain.type != 'Slave' %}
                                    <td width="6%">
-                                    {% if record.is_allowed() %}
+                                    {% if record.is_allowed_edit() %}
                                        <button type="button" class="btn btn-flat btn-warning button_edit" id="{{ (record.name,domain.name)|display_record_name }}">Edit&nbsp;<i class="fa fa-edit"></i></button>
                                       {% else %}
                                       <button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
                                    {% endif %}
                                    </td>
                                    <td width="6%">
-                                    {% if record.is_allowed() %}
+                                    {% if record.is_allowed_delete() %}
                                        <button type="button" class="btn btn-flat btn-danger button_delete" id="{{ (record.name,domain.name)|display_record_name }}">Delete&nbsp;<i class="fa fa-trash"></i></button>
-                                    {% else %}
-                                        <button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
                                    {% endif %}
                                {% else %}
                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
+                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
                                    </td>
                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
-                                    </td> 
+                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
+                                    </td>
                                {% endif %}
                                    </td>
                                    <!-- hidden column that we can sort on -->
--- a/app/views.py
+++ b/app/views.py
@ -966,7 +966,7 @@ def dyndns_update():
    r = Record()
    r.name = hostname
    # check if the user requested record exists within this domain
-    if r.exists(domain.name) and r.is_allowed:
+    if r.exists(domain.name) and r.is_allowed_edit():
        if r.data == myip:
            # record content did not change, return 'nochg'
            history = History(msg="DynDNS update: attempted update of %s but record did not change" % hostname, created_by=current_user.username)
@ -981,7 +981,7 @@ def dyndns_update():
                return render_template('dyndns.html', response='good'), 200
            else:
                return render_template('dyndns.html', response='911'), 200
-    elif r.is_allowed:
+    elif r.is_allowed_edit():
        ondemand_creation = DomainSetting.query.filter(DomainSetting.domain == domain).filter(DomainSetting.setting == 'create_via_dyndns').first()
        if (ondemand_creation != None) and (strtobool(ondemand_creation.value) == True):
            record = Record(name=hostname,type='A',data=myip,status=False,ttl=3600)