Make sure config lower case, allow DNS records to be deleted and perform actions based on request methods

This commit is contained in:
Damian Myerscough 2013-10-09 21:38:51 -07:00
parent 34ffc81772
commit dc08b528a1
2 changed files with 28 additions and 31 deletions

View File

@ -9,21 +9,11 @@ import dns.zone
from dns.rdatatype import * from dns.rdatatype import *
from flask import Flask, jsonify from flask import Flask, jsonify, request
from werkzeug.routing import BaseConverter
app = Flask(__name__) app = Flask(__name__)
class RegexConverter(BaseConverter):
def __init__(self, url_map, *items):
super(RegexConverter, self).__init__(url_map)
self.regex = items[0]
app.url_map.converters['regex'] = RegexConverter
def parse_config(config): def parse_config(config):
""" """
Parse the user config and retreieve the nameserver, username and Parse the user config and retreieve the nameserver, username and
@ -33,11 +23,11 @@ def parse_config(config):
parser = ConfigParser.ConfigParser() parser = ConfigParser.ConfigParser()
parser.read(config) parser.read(config)
options['nameserver'] = parser.get('Nameserver', 'nameserver') options['nameserver'] = parser.get('nameserver', 'server')
options['username'] = parser.get('Auth', 'username') options['username'] = parser.get('auth', 'username')
options['password'] = parser.get('Auth', 'password') options['password'] = parser.get('auth', 'password')
options['zones'] = [i + '.' for i in parser.get('Zones', 'valid').split(",")] options['zones'] = [i + '.' for i in parser.get('zones', 'valid').split(",")]
return options return options
@ -108,8 +98,8 @@ def get_record(domain):
return jsonify({'error': 'zone not permitted'}) return jsonify({'error': 'zone not permitted'})
@app.route('/dns/record/<regex("update|create"):action>/<string:domain>/<int:ttl>/<string:record_type>/<string:response>', methods=['PUT', 'POST']) @app.route('/dns/record/<string:domain>/<int:ttl>/<string:record_type>/<string:response>', methods=['PUT', 'POST', 'DELETE'])
def dns_mgmt(action, domain, ttl, record_type, response): def dns_mgmt(domain, ttl, record_type, response):
""" """
Allow users to update existing records Allow users to update existing records
""" """
@ -131,26 +121,33 @@ def dns_mgmt(action, domain, ttl, record_type, response):
If the user is only updating make sure the record exists before If the user is only updating make sure the record exists before
attempting to perform a dynamic update. This will attempting to perform a dynamic update. This will
""" """
if action == 'update': if request.method == 'PUT' or request.method == 'DELETE':
resolver = dns.resolver.Resolver()
resolver.nameservers = [config['nameserver']]
try: try:
answer = dns.resolver.query('.'.join([domain, zone]), record_type) answer = resolver.query(domain, record_type)
except dns.resolver.NXDOMAIN: except dns.resolver.NXDOMAIN:
return jsonify({'error': 'does not exist'}) return jsonify({'error': 'domain does not exist'})
tsig = dns.tsigkeyring.from_text({config['username']: config['password']}) tsig = dns.tsigkeyring.from_text({config['username']: config['password']})
update = dns.update.Update(zone, keyring=tsig) action = dns.update.Update(zone, keyring=tsig)
update.replace(dns.name.from_text(domain).labels[0], ttl, str(record_type), str(response))
if request.method == 'DELETE':
action.delete(dns.name.from_text(domain).labels[0])
elif request.method == 'PUT' or request.method == 'POST':
action.replace(dns.name.from_text(domain).labels[0], ttl, str(record_type), str(response))
try: try:
response = dns.query.tcp(update, config['nameserver']) response = dns.query.tcp(action, config['nameserver'])
except: except:
return jsonify({'error': 'unable to update domain'}) return jsonify({'error': 'DNS transaction failed'})
if response.rcode() == 0: if response.rcode() == 0:
return jsonify({domain: 'successfully updated'}) return jsonify({domain: 'DNS request successful'})
else: else:
return jsonify({domain: 'failed to update'}) return jsonify({domain: 'DNS request failed'})
if __name__ == '__main__': if __name__ == '__main__':

View File

@ -1,9 +1,9 @@
[Nameserver] [nameserver]
nameserver = 172.16.33.135 server = 172.16.33.135
[Auth] [auth]
username = TRANSFER username = TRANSFER
password = /h9xIk0tbF3A0lOzy6BYAQ== password = /h9xIk0tbF3A0lOzy6BYAQ==
[Zones] [zones]
valid = ops.zone.org,eng.zone.net valid = ops.sfdc.net,eng.sfdc.net