Update user management feature to allow editing user details directly in the admin user interface.
Also added an option to reset the two factor authentication data of a user, for when that's needed (lost device, technical issues etc).
(cherry picked from commit 3139616282a18c11463c6ecf78888417b2ac1c35)
PowerDNS 3.x API does not support setting or getting account info.
This patch lets PowerDNS 3.x users use the rest of the interface without problems.
Account stuff still does not work.
A message is logged in debug mode, to help with troubleshooting on newer versions
of PowerDNS.
Adds an `allow_quick_edit` setting, using the improved setting handling logic from PR #287 to toggle whether records are editable by simply clicking the row or not.
Aims to fix#288
For a setting to be useful, the code has to be able to make sense of it anyway. For this reason it makes sense, that the available settings are defined within the code, rather than in the database, where a missing row has previously caused problems. Instead, settings are now written to the database, when they are changed.
So instead of relying on the database initialization process to create all available settings for us in the database, the supported settings and their defaults are now in a `defaults` dict in the Setting class. With this in place, we can stop populating the `setting` table as a part of database initialization and it will be much easier to support new settings in the future (we no longer need to do anything to the database, to achieve that).
Another benefit is that any changes to default values will take effect automatically, unless the admin has already modified that setting to his/her liking.
To make it easier to get the value of a setting, falling back to defaults etc, a new function `get` has been added to the Setting class. Call it as `Setting().get('setting_name'), and it will take care of returning a setting from the database or return the default value for that setting, if nothing was found.
The `get` function returns `None`, if the setting passed to the function, does not exist in the `Setting.defaults` dict - Indicating that we don't know of a setting by that name.
For DNSSEC enabled zones to function correctly, they need to be rectified on update.
This changes the DNSSEC enable/disable code to set API-RECTIFY:
To `true` when activating DNSSEC on a domain
To `false` when deactivating DNSSEC on a domain
With this, PowerDNS promises to handle the needed rectifications.
(cherry picked from commit 5d15d8899cc03a4a7d433d33c2c4b1da09b5eb2d)
Added the possibility for assigning users to an account, providing access to all domains associated with that account automatically.
This makes management easier, especially in installations with lots of domains and lots of managing entities.
The old style per-domain permissions are still there and working as usual. The two methods work perfectly side-by-side and are analogous to "user" (per-domain) and "group" (account) permissions as we know them from Active Directory and such places.
(cherry picked from commit 34fbc634d2848a7f76dc89a03dd8c0604068cc17)
This adds initial support for accounts a concept meant to signify a customer, a department or any other entity that somehow owns or manages one or more domains.
The purpose is to be able to assign an account to any number of domains, making it easy to track who owns or manages a domain, significantly improving manageability in setups with a large number of domains.
An account consists of a mandatory, unique `name` and optional `description`, `contact` name and `mail` address. The account `name` is stripped of spaces and symbols, and lower cased before getting stored in the database and in PowerDNS, to help ensure some type of predictability and uniqueness in the database.
The term *account* is actually taken from the PowerDNS database, where the `domains.account` column is used to store the account relationship, in in the form of the account `name`.
The link to a domain in PowerDNS-Admin is done through the `domain.account_id` FOREIGN KEY, that is linked to the `account.id` PRIMARY KEY.
(cherry picked from commits 4e95f33dfb0676d1c401a033c28bca3be7d6ec26, da0d596bd019a339549e2c59630a8fdee65d0e22, 7f06e6aaf4fd8011c784f24b7bbbba5f52aef319, 1c624dad8749024033d1d15dd6242ca52b39f135)
The options for SOA-EDIT-API included was actually the options used for SOA-EDIT, which is a very different beast.
Those options have been swapped out for the options allowed in SOA-EDIT-API and SOA-EDIT-DNSUPDATE.
