summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKiall Mac Innes <kiall@hp.com>2014-09-22 15:16:46 +0100
committerKiall Mac Innes <kiall@hp.com>2014-09-25 13:31:37 +0100
commite68f77775707628cb18bd3244893500898d4c199 (patch)
tree8023626cbcd13af04140d9fe187c324aa651a15f
parentadb46ab4d3ece0b3354dfc5ce979deb57ac0bb02 (diff)
downloaddesignate-e68f77775707628cb18bd3244893500898d4c199.tar.gz
Prevent update/delete of managed records in v1 API
This is a partial fix, as the V2 API may still update/delete these records. As the V2 API is still experimental, I'd like to fix the V1 API first - and ensure the "managed=True" flag is set correctly ASAP. Closes-Bug: 1373913 Change-Id: If1de4c0043cf735e1f5e32ee1a1c0996d0a0ab8e
Diffstat
-rw-r--r--designate/api/v1/records.py16
-rw-r--r--designate/central/service.py4
2 files changed, 9 insertions, 11 deletions
diff --git a/designate/api/v1/records.py b/designate/api/v1/records.py
index 187060be..81ca056f 100644
--- a/designate/api/v1/records.py
+++ b/designate/api/v1/records.py
@@ -180,14 +180,14 @@ def update_record(domain_id, record_id):
criterion = {'domain_id': domain_id, 'id': record_id}
record = get_central_api().find_record(context, criterion)
+ # Cannot update a managed record via the API.
+ if record['managed'] is True:
+ raise exceptions.BadRequest('Managed records may not be updated')
+
# Find the associated recordset
recordset = get_central_api().get_recordset(
context, domain_id, record.recordset_id)
- # Cannot manually update a SOA record
- if recordset['type'] == 'SOA':
- raise exceptions.BadRequest('SOA records cannot be manually updated.')
-
# Prepare a dict of fields for validation
record_data = record_schema.filter(_format_record_v1(record, recordset))
record_data.update(values)
@@ -232,11 +232,9 @@ def delete_record(domain_id, record_id):
criterion = {'domain_id': domain_id, 'id': record_id}
record = get_central_api().find_record(context, criterion)
- # SOA records cannot be deleted
- recordset = get_central_api().get_recordset(context, domain_id,
- record['recordset_id'])
- if recordset['type'] == 'SOA':
- raise exceptions.BadRequest('SOA records cannot be manually deleted.')
+ # Cannot delete a managed record via the API.
+ if record['managed'] is True:
+ raise exceptions.BadRequest('Managed records may not be deleted')
get_central_api().delete_record(
context, domain_id, record['recordset_id'], record_id)
diff --git a/designate/central/service.py b/designate/central/service.py
index 9228bbc5..6e210464 100644
--- a/designate/central/service.py
+++ b/designate/central/service.py
@@ -347,7 +347,7 @@ class Service(service.RPCService):
soa_values = [self._build_soa_record(zone, servers)]
recordlist = objects.RecordList(objects=[
- objects.Record(data=r) for r in soa_values])
+ objects.Record(data=r, managed=True) for r in soa_values])
values = {
'name': zone['name'],
'type': "SOA",
@@ -380,7 +380,7 @@ class Service(service.RPCService):
for s in servers:
ns_values.append(s.name)
recordlist = objects.RecordList(objects=[
- objects.Record(data=r) for r in ns_values])
+ objects.Record(data=r, managed=True) for r in ns_values])
values = {
'name': zone['name'],
'type': "NS",
View Lorry Controller Status