Create a usecase from API to extract domain creation on provider
Fixes a security issue where a user can create a domain on a provider while DisableProviders option was set
This commit is contained in:
parent
b0e0ab6d9e
commit
ce91b49a73
5 changed files with 84 additions and 33 deletions
|
|
@ -246,23 +246,12 @@ func (pc *ProviderController) GetDomainsHostedByProvider(c *gin.Context) {
|
|||
// @Failure 401 {object} happydns.ErrorResponse "Authentication failure"
|
||||
// @Failure 404 {object} happydns.ErrorResponse "Provider not found"
|
||||
// @Router /providers/{providerId}/domains/{fqdn} [get]
|
||||
func (pc *ProviderController) CreateDomainsOnProvider(c *gin.Context) {
|
||||
func (pc *ProviderController) CreateDomainOnProvider(c *gin.Context) {
|
||||
provider := c.MustGet("provider").(*happydns.Provider)
|
||||
|
||||
p, err := provider.InstantiateProvider()
|
||||
err := pc.providerService.CreateDomainOnProvider(provider, c.Param("fqdn"))
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": fmt.Sprintf("Unable to instantiate the provider: %s", err.Error())})
|
||||
return
|
||||
}
|
||||
|
||||
if !p.CanCreateDomain() {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "Provider doesn't support domain creation."})
|
||||
return
|
||||
}
|
||||
|
||||
err = p.CreateDomain(c.Param("fqdn"))
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
|
||||
middleware.ErrorResponse(c, http.StatusBadRequest, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -47,5 +47,5 @@ func DeclareProviderRoutes(router *gin.RouterGroup, dependancies happydns.Usecas
|
|||
apiProviderRoutes.PUT("", pc.UpdateProvider)
|
||||
|
||||
apiProviderRoutes.GET("/domains", pc.GetDomainsHostedByProvider)
|
||||
apiProviderRoutes.POST("/domains/:fqdn", pc.CreateDomainsOnProvider)
|
||||
apiProviderRoutes.POST("/domains/:fqdn", pc.CreateDomainOnProvider)
|
||||
}
|
||||
|
|
|
|||
47
internal/usecase/provider/create_domain.go
Normal file
47
internal/usecase/provider/create_domain.go
Normal file
|
|
@ -0,0 +1,47 @@
|
|||
// This file is part of the happyDomain (R) project.
|
||||
// Copyright (c) 2020-2025 happyDomain
|
||||
// Authors: Pierre-Olivier Mercier, et al.
|
||||
//
|
||||
// This program is offered under a commercial and under the AGPL license.
|
||||
// For commercial licensing, contact us at <contact@happydomain.org>.
|
||||
//
|
||||
// For AGPL licensing:
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package provider
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"git.happydns.org/happyDomain/model"
|
||||
)
|
||||
|
||||
type CreateDomainOnProviderUsecase struct{}
|
||||
|
||||
func NewCreateDomainOnProviderUsecase() *CreateDomainOnProviderUsecase {
|
||||
return &CreateDomainOnProviderUsecase{}
|
||||
}
|
||||
|
||||
func (uc *CreateDomainOnProviderUsecase) Create(provider *happydns.Provider, fqdn string) error {
|
||||
p, err := provider.InstantiateProvider()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to instantiate the provider: %w", err)
|
||||
}
|
||||
|
||||
if !p.CanCreateDomain() {
|
||||
return fmt.Errorf("the provider doesn't support domain creation")
|
||||
}
|
||||
|
||||
return p.CreateDomain(fqdn)
|
||||
}
|
||||
|
|
@ -26,15 +26,16 @@ import (
|
|||
)
|
||||
|
||||
type Service struct {
|
||||
CreateProviderUC *CreateProviderUsecase
|
||||
DeleteProviderUC *DeleteProviderUsecase
|
||||
UpdateProviderUC *UpdateProviderUsecase
|
||||
ListHostedDomainsUC *ListHostedDomainsUsecase
|
||||
GetProviderUC *GetProviderUsecase
|
||||
ListProvidersUC *ListProvidersUsecase
|
||||
RetrieveZoneUC *ZoneRetrieverUsecase
|
||||
ZoneCorrectionsUC *ZoneCorrectorUsecase
|
||||
DomainExistenceUC *DomainExistenceUsecase
|
||||
CreateProviderUC *CreateProviderUsecase
|
||||
CreateDomainOnProviderUC *CreateDomainOnProviderUsecase
|
||||
DeleteProviderUC *DeleteProviderUsecase
|
||||
UpdateProviderUC *UpdateProviderUsecase
|
||||
ListHostedDomainsUC *ListHostedDomainsUsecase
|
||||
GetProviderUC *GetProviderUsecase
|
||||
ListProvidersUC *ListProvidersUsecase
|
||||
RetrieveZoneUC *ZoneRetrieverUsecase
|
||||
ZoneCorrectionsUC *ZoneCorrectorUsecase
|
||||
DomainExistenceUC *DomainExistenceUsecase
|
||||
}
|
||||
|
||||
func NewProviderUsecases(store ProviderStorage) *Service {
|
||||
|
|
@ -42,15 +43,16 @@ func NewProviderUsecases(store ProviderStorage) *Service {
|
|||
validator := &DefaultProviderValidator{}
|
||||
|
||||
return &Service{
|
||||
CreateProviderUC: NewCreateProviderUsecase(store, validator),
|
||||
DeleteProviderUC: NewDeleteProviderUsecase(store),
|
||||
UpdateProviderUC: NewUpdateProviderUsecase(store, getProvider, validator),
|
||||
ListHostedDomainsUC: NewListHostedDomainsUsecase(),
|
||||
GetProviderUC: getProvider,
|
||||
ListProvidersUC: NewListProvidersUsecase(store),
|
||||
RetrieveZoneUC: NewZoneRetrieverUsecase(),
|
||||
ZoneCorrectionsUC: NewZoneCorrectorUsecase(),
|
||||
DomainExistenceUC: NewDomainExistenceUsecase(),
|
||||
CreateProviderUC: NewCreateProviderUsecase(store, validator),
|
||||
CreateDomainOnProviderUC: NewCreateDomainOnProviderUsecase(),
|
||||
DeleteProviderUC: NewDeleteProviderUsecase(store),
|
||||
UpdateProviderUC: NewUpdateProviderUsecase(store, getProvider, validator),
|
||||
ListHostedDomainsUC: NewListHostedDomainsUsecase(),
|
||||
GetProviderUC: getProvider,
|
||||
ListProvidersUC: NewListProvidersUsecase(store),
|
||||
RetrieveZoneUC: NewZoneRetrieverUsecase(),
|
||||
ZoneCorrectionsUC: NewZoneCorrectorUsecase(),
|
||||
DomainExistenceUC: NewDomainExistenceUsecase(),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -58,6 +60,10 @@ func (s *Service) CreateProvider(user *happydns.User, msg *happydns.ProviderMess
|
|||
return s.CreateProviderUC.Create(user, msg)
|
||||
}
|
||||
|
||||
func (s *Service) CreateDomainOnProvider(provider *happydns.Provider, fqdn string) error {
|
||||
return s.CreateDomainOnProviderUC.Create(provider, fqdn)
|
||||
}
|
||||
|
||||
func (s *Service) DeleteProvider(user *happydns.User, providerID happydns.Identifier) error {
|
||||
return s.DeleteProviderUC.Delete(user, providerID)
|
||||
}
|
||||
|
|
@ -119,6 +125,14 @@ func (s *RestrictedService) CreateProvider(user *happydns.User, msg *happydns.Pr
|
|||
return s.Service.CreateProvider(user, msg)
|
||||
}
|
||||
|
||||
func (s *RestrictedService) CreateDomainOnProvider(provider *happydns.Provider, fqdn string) error {
|
||||
if s.config.DisableProviders {
|
||||
return happydns.ForbiddenError{Msg: "cannot create domain on provider as DisableProviders parameter is set."}
|
||||
}
|
||||
|
||||
return s.Service.CreateDomainOnProvider(provider, fqdn)
|
||||
}
|
||||
|
||||
func (s *RestrictedService) DeleteProvider(user *happydns.User, providerID happydns.Identifier) error {
|
||||
if s.config.DisableProviders {
|
||||
return happydns.ForbiddenError{Msg: "cannot delete provider as DisableProviders parameter is set."}
|
||||
|
|
|
|||
|
|
@ -124,6 +124,7 @@ func (p *Provider) Meta() *ProviderMeta {
|
|||
|
||||
type ProviderUsecase interface {
|
||||
CreateProvider(*User, *ProviderMessage) (*Provider, error)
|
||||
CreateDomainOnProvider(*Provider, string) error
|
||||
DeleteProvider(*User, Identifier) error
|
||||
GetUserProvider(*User, Identifier) (*Provider, error)
|
||||
GetUserProviderMeta(*User, Identifier) (*ProviderMeta, error)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue