nomilo/src/routes/zones.rs

use rocket::Response;
use rocket::http::Status;

use rocket_contrib::json::Json;

use trust_dns_client::client::ClientHandle;
use trust_dns_client::op::ResponseCode;
use trust_dns_client::rr::{DNSClass, RecordType};

use crate::{DbConn, models::dns};
use crate::models::errors::{ErrorResponse, make_500};
use crate::models::users::{LocalUser, UserInfo, Zone, AddZoneMemberRequest};


#[get("/zones/<zone>/records")]
pub async fn get_zone_records(
    mut client: dns::DnsClient,
    conn: DbConn,
    user_info: Result<UserInfo, ErrorResponse>,
    zone: dns::AbsoluteName
) -> Result<Json<Vec<dns::Record>>, ErrorResponse> {

    let user_info = user_info?;

    if !user_info.is_admin() {
        let zone_name = zone.clone().to_string();
        conn.run(move |c| {
            user_info.get_zone(c, &zone_name)
        }).await?;
    }

    let response = {
        let query = client.query(zone.clone(), DNSClass::IN, RecordType::AXFR);
        query.await.map_err(make_500)?
    };

    // TODO: Better error handling (ex. not authorized should be 500)
    if response.response_code() != ResponseCode::NoError {
        println!("Querrying of zone {} failed with code {}", *zone, response.response_code());
        return ErrorResponse::new(
            Status::NotFound,
            format!("Zone {} could not be found", *zone)
        ).err()
    }

    let answers = response.answers();
    let mut records: Vec<_> = answers.to_vec().into_iter()
        .map(dns::Record::from)
        .filter(|record| !matches!(record.rdata, dns::RData::NULL { .. } | dns::RData::DNSSEC(_)))
        .collect();

    // AXFR response ends with SOA, we remove it so it is not doubled in the response.
    records.pop();

    Ok(Json(records))
}

// TODO: the post version of that
#[get("/zones")]
pub async fn get_zones(
    conn: DbConn,
    user_info: Result<UserInfo, ErrorResponse>,
) -> Result<Json<Vec<Zone>>, ErrorResponse> {
    let user_info = user_info?;

    let zones = conn.run(move |c| {
        if user_info.is_admin() {
            Zone::get_all(c)
        } else {
            user_info.get_zones(c)
        }
    }).await?;

    Ok(Json(zones))
}


#[post("/zones/<zone>/members", data = "<zone_member_request>")]
pub async fn add_member_to_zone<'r>(
    conn: DbConn,
    zone: dns::AbsoluteName,
    user_info: Result<UserInfo, ErrorResponse>,
    zone_member_request: Json<AddZoneMemberRequest>
) -> Result<Response<'r>, ErrorResponse> {
    let user_info = user_info?;
    let zone_name = zone.to_utf8();

    conn.run(move |c| {
        let zone = if user_info.is_admin() {
            Zone::get_by_name(c, &zone_name)
        } else {
            user_info.get_zone(c, &zone_name)
        }?;

        let new_member = LocalUser::get_user_by_uuid(c, &zone_member_request.id)?;
        zone.add_member(&c, &new_member)
    }).await?;

    Response::build()
        .status(Status::Created) // TODO: change this?
        .ok()
}
change zone member management 2021-05-02 13:56:42 +00:00			`use rocket::Response;`
change architecture 2021-04-02 20:09:51 +00:00			`use rocket::http::Status;`

			`use rocket_contrib::json::Json;`

use enum for role and fix dns client for async 2021-04-03 06:16:54 +00:00			`use trust_dns_client::client::ClientHandle;`
add some kind of authorizations 2021-04-05 22:56:15 +00:00			`use trust_dns_client::op::ResponseCode;`
fix async dns client 2021-04-05 21:21:40 +00:00			`use trust_dns_client::rr::{DNSClass, RecordType};`
change architecture 2021-04-02 20:09:51 +00:00
add some kind of authorizations 2021-04-05 22:56:15 +00:00			`use crate::{DbConn, models::dns};`
use enum for role and fix dns client for async 2021-04-03 06:16:54 +00:00			`use crate::models::errors::{ErrorResponse, make_500};`
change zone member management 2021-05-02 13:56:42 +00:00			`use crate::models::users::{LocalUser, UserInfo, Zone, AddZoneMemberRequest};`
change architecture 2021-04-02 20:09:51 +00:00

			`#[get("/zones/<zone>/records")]`
use enum for role and fix dns client for async 2021-04-03 06:16:54 +00:00			`pub async fn get_zone_records(`
fix async dns client 2021-04-05 21:21:40 +00:00			`mut client: dns::DnsClient,`
add some kind of authorizations 2021-04-05 22:56:15 +00:00			`conn: DbConn,`
improve error type 2021-04-02 21:12:29 +00:00			`user_info: Result<UserInfo, ErrorResponse>,`
fix async dns client 2021-04-05 21:21:40 +00:00			`zone: dns::AbsoluteName`
improve error type 2021-04-02 21:12:29 +00:00			`) -> Result<Json<Vec<dns::Record>>, ErrorResponse> {`
change architecture 2021-04-02 20:09:51 +00:00
add some kind of authorizations 2021-04-05 22:56:15 +00:00			`let user_info = user_info?;`

			`if !user_info.is_admin() {`
			`let zone_name = zone.clone().to_string();`
			`conn.run(move \|c\| {`
change zone member management 2021-05-02 13:56:42 +00:00			`user_info.get_zone(c, &zone_name)`
add some kind of authorizations 2021-04-05 22:56:15 +00:00			`}).await?;`
			`}`

			`let response = {`
add route to give user access to a zone 2021-04-06 02:39:56 +00:00			`let query = client.query(zone.clone(), DNSClass::IN, RecordType::AXFR);`
use enum for role and fix dns client for async 2021-04-03 06:16:54 +00:00			`query.await.map_err(make_500)?`
			`};`
change architecture 2021-04-02 20:09:51 +00:00
change zone member management 2021-05-02 13:56:42 +00:00			`// TODO: Better error handling (ex. not authorized should be 500)`
change architecture 2021-04-02 20:09:51 +00:00			`if response.response_code() != ResponseCode::NoError {`
change zone member management 2021-05-02 13:56:42 +00:00			`println!("Querrying of zone {} failed with code {}", *zone, response.response_code());`
change architecture 2021-04-02 20:09:51 +00:00			`return ErrorResponse::new(`
			`Status::NotFound,`
change zone member management 2021-05-02 13:56:42 +00:00			`format!("Zone {} could not be found", *zone)`
change architecture 2021-04-02 20:09:51 +00:00			`).err()`
			`}`

			`let answers = response.answers();`
			`let mut records: Vec<_> = answers.to_vec().into_iter()`
apply linter suggestions 2021-04-05 01:05:39 +00:00			`.map(dns::Record::from)`
			`.filter(\|record\| !matches!(record.rdata, dns::RData::NULL { .. } \| dns::RData::DNSSEC(_)))`
			`.collect();`
change architecture 2021-04-02 20:09:51 +00:00
			`// AXFR response ends with SOA, we remove it so it is not doubled in the response.`
			`records.pop();`

			`Ok(Json(records))`
			`}`
change zone member management 2021-05-02 13:56:42 +00:00
			`// TODO: the post version of that`
			`#[get("/zones")]`
			`pub async fn get_zones(`
			`conn: DbConn,`
			`user_info: Result<UserInfo, ErrorResponse>,`
			`) -> Result<Json<Vec<Zone>>, ErrorResponse> {`
			`let user_info = user_info?;`

			`let zones = conn.run(move \|c\| {`
			`if user_info.is_admin() {`
			`Zone::get_all(c)`
			`} else {`
			`user_info.get_zones(c)`
			`}`
			`}).await?;`

			`Ok(Json(zones))`
			`}`


			`#[post("/zones/<zone>/members", data = "<zone_member_request>")]`
			`pub async fn add_member_to_zone<'r>(`
			`conn: DbConn,`
			`zone: dns::AbsoluteName,`
			`user_info: Result<UserInfo, ErrorResponse>,`
			`zone_member_request: Json<AddZoneMemberRequest>`
			`) -> Result<Response<'r>, ErrorResponse> {`
			`let user_info = user_info?;`
			`let zone_name = zone.to_utf8();`

			`conn.run(move \|c\| {`
			`let zone = if user_info.is_admin() {`
			`Zone::get_by_name(c, &zone_name)`
			`} else {`
			`user_info.get_zone(c, &zone_name)`
			`}?;`

			`let new_member = LocalUser::get_user_by_uuid(c, &zone_member_request.id)?;`
			`zone.add_member(&c, &new_member)`
			`}).await?;`

			`Response::build()`
			`.status(Status::Created) // TODO: change this?`
			`.ok()`
			`}`