diff options
author | Kiall Mac Innes <kiall@hp.com> | 2014-09-22 15:16:46 +0100 |
---|---|---|
committer | Kiall Mac Innes <kiall@hp.com> | 2014-09-25 13:31:37 +0100 |
commit | e68f77775707628cb18bd3244893500898d4c199 (patch) | |
tree | 8023626cbcd13af04140d9fe187c324aa651a15f | |
parent | adb46ab4d3ece0b3354dfc5ce979deb57ac0bb02 (diff) | |
download | designate-e68f77775707628cb18bd3244893500898d4c199.tar.gz |
Prevent update/delete of managed records in v1 API
This is a partial fix, as the V2 API may still update/delete these
records. As the V2 API is still experimental, I'd like to fix the V1
API first - and ensure the "managed=True" flag is set correctly ASAP.
Closes-Bug: 1373913
Change-Id: If1de4c0043cf735e1f5e32ee1a1c0996d0a0ab8e
-rw-r--r-- | designate/api/v1/records.py | 16 | ||||
-rw-r--r-- | designate/central/service.py | 4 |
2 files changed, 9 insertions, 11 deletions
diff --git a/designate/api/v1/records.py b/designate/api/v1/records.py index 187060be..81ca056f 100644 --- a/designate/api/v1/records.py +++ b/designate/api/v1/records.py @@ -180,14 +180,14 @@ def update_record(domain_id, record_id): criterion = {'domain_id': domain_id, 'id': record_id} record = get_central_api().find_record(context, criterion) + # Cannot update a managed record via the API. + if record['managed'] is True: + raise exceptions.BadRequest('Managed records may not be updated') + # Find the associated recordset recordset = get_central_api().get_recordset( context, domain_id, record.recordset_id) - # Cannot manually update a SOA record - if recordset['type'] == 'SOA': - raise exceptions.BadRequest('SOA records cannot be manually updated.') - # Prepare a dict of fields for validation record_data = record_schema.filter(_format_record_v1(record, recordset)) record_data.update(values) @@ -232,11 +232,9 @@ def delete_record(domain_id, record_id): criterion = {'domain_id': domain_id, 'id': record_id} record = get_central_api().find_record(context, criterion) - # SOA records cannot be deleted - recordset = get_central_api().get_recordset(context, domain_id, - record['recordset_id']) - if recordset['type'] == 'SOA': - raise exceptions.BadRequest('SOA records cannot be manually deleted.') + # Cannot delete a managed record via the API. + if record['managed'] is True: + raise exceptions.BadRequest('Managed records may not be deleted') get_central_api().delete_record( context, domain_id, record['recordset_id'], record_id) diff --git a/designate/central/service.py b/designate/central/service.py index 9228bbc5..6e210464 100644 --- a/designate/central/service.py +++ b/designate/central/service.py @@ -347,7 +347,7 @@ class Service(service.RPCService): soa_values = [self._build_soa_record(zone, servers)] recordlist = objects.RecordList(objects=[ - objects.Record(data=r) for r in soa_values]) + objects.Record(data=r, managed=True) for r in soa_values]) values = { 'name': zone['name'], 'type': "SOA", @@ -380,7 +380,7 @@ class Service(service.RPCService): for s in servers: ns_values.append(s.name) recordlist = objects.RecordList(objects=[ - objects.Record(data=r) for r in ns_values]) + objects.Record(data=r, managed=True) for r in ns_values]) values = { 'name': zone['name'], 'type': "NS", |