From 3688add76afe96e3366976edc4a1bfcbf2a8ae9b Mon Sep 17 00:00:00 2001 From: Rauno Tuul Date: Mon, 13 Feb 2023 12:10:44 +0200 Subject: [PATCH 1/2] Global Search available for all users. Apply allowed domain filter for standard users search result. --- powerdnsadmin/routes/admin.py | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py index 609f875..77c027d 100644 --- a/powerdnsadmin/routes/admin.py +++ b/powerdnsadmin/routes/admin.py @@ -2021,7 +2021,6 @@ def delete_template(template): @admin_bp.route('/global-search', methods=['GET']) @login_required -@operator_role_required def global_search(): if request.method == 'GET': domains = [] @@ -2033,6 +2032,22 @@ def global_search(): server = Server(server_id='localhost') results = server.global_search(object_type='all', query=query) + # Filter results to domains to which the user has access permission + if current_user.role.name not in [ 'Administrator', 'Operator' ]: + allowed_domains = db.session.query(Domain) \ + .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \ + .outerjoin(Account, Domain.account_id == Account.id) \ + .outerjoin(AccountUser, Account.id == AccountUser.account_id) \ + .filter( + db.or_( + DomainUser.user_id == current_user.id, + AccountUser.user_id == current_user.id + )) \ + .with_entities(Domain.name) \ + .all() + allowed_domains = [value for value, in allowed_domains] + results = list(filter(lambda r: r['zone_id'][:-1] in allowed_domains, results)) + # Format the search result for result in results: if result['object_type'] == 'zone': From 524b6c6883f1778d8b83e4ad18e5818ef68d3bf5 Mon Sep 17 00:00:00 2001 From: Rauno Tuul Date: Wed, 1 Mar 2023 11:21:29 +0200 Subject: [PATCH 2/2] Move Global Search menu item next to dashboard. --- powerdnsadmin/templates/base.html | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html index c2dc239..0a526d5 100644 --- a/powerdnsadmin/templates/base.html +++ b/powerdnsadmin/templates/base.html @@ -85,6 +85,12 @@

Dashboard

+
  • + + +

    Global Search

    +
    +
  • {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
  • @@ -115,12 +121,6 @@

    Server Configuration

  • -
  • - - -

    Global Search

    -
    -