change validate logic: going through all nameserver

app/jobs/validate_dnssec_job.rb

@@ -7,16 +7,14 @@ class ValidateDnssecJob < ApplicationJob
 
       return logger.info "No domain found" if domain.nil?
 
-      return logger.info "No related dnskeys for this domain" if domain.dnskeys.empty?
+      return logger.info "No related nameservers for this domain" if domain.nameservers.empty?
 
-      flag = iterate_domain_data(domain: domain)
+      iterate_nameservers(domain)
-      logger.info "#{domain_name} " + log_templates[flag.to_s]
     else
-      Dnskey.all.each do |key|
+      domain_list = Domain.all.reject { |d| d.nameservers.empty? }
-        domain = Domain.find(key.domain_id)
 
-        flag = iterate_domain_data(domain: domain)
+      domain_list.each do |d|
-        logger.info "#{domain.name} " + log_templates[flag.to_s]
+        iterate_nameservers(d)
       end
     end
   rescue StandardError => e
@@ -26,58 +24,45 @@ class ValidateDnssecJob < ApplicationJob
 
   private
 
-  def iterate_domain_data(domain:)
+  def iterate_nameservers(domain)
-    zone_datas = get_data_from_zone(domain: domain)
+    domain.nameservers.each do |n|
-    flag = domain.dnskeys.all? { |key| validate(zone_datas: zone_datas, domain_dnskey: key) }
+      text = "Hostname nameserver #{n.hostname}"
-
+      flag = validate(name: n.hostname)
-    flag
+      if flag.nil?
+        logger.info "#{text} - #{log_templates['false']}"
+      else
+        logger.info "#{text} - #{log_templates['true']}"
       end
 
-  def get_data_from_zone(domain:)
+      logger.info "----------------------------"
-    resolver = prepare_resolver
+    end
-    ds_records_answers = resolver.query(domain.name, 'DNSKEY').answer
-
-    result_container = []
-
-    ds_records_answers.each do |ds|
-      next unless ds.type == Dnsruby::Types.DNSKEY
-
-      result_container << {
-        flags: ds.flags.to_s,
-        algorithm: ds.algorithm.code.to_s,
-        protocol: ds.protocol.to_s,
-        public_key: ds.public_key.export.gsub!(/\s+/, ''),
-      }
   end
 
-    result_container
+  def validate(name:, resolver: prepare_validator, type: 'DNSKEY', klass: 'IN')
-  rescue Dnsruby::NXDomain
+    # make_query(name: hostname)
-    domain.add_epp_error('2308', nil, nil, I18n.t(:dns_policy_violation))
+    resolver.query(name, type, klass)
+  rescue Exception => e
+    logger.error e.message
+    nil
   end
 
-  def validate(zone_datas:, domain_dnskey:)
+  def prepare_validator
-    flag = zone_datas.any? do |zone_data|
-      zone_data[:flags] == domain_dnskey.flags.to_s &&
-        zone_data[:algorithm] == domain_dnskey.alg.to_s &&
-        zone_data[:protocol] == domain_dnskey.protocol.to_s &&
-        zone_data[:public_key].include?(domain_dnskey[:public_key].to_s)
-    end
-
-    text = "#{domain_dnskey.flags} - #{domain_dnskey.alg} -
-            #{domain_dnskey.protocol} - #{domain_dnskey.public_key} "
-    logger.info text + log_templates[flag.to_s]
-
-    flag
-  end
-
-  def prepare_resolver
     dns_servers = ENV['dnssec_resolver_ips'].to_s.split(',').map(&:strip)
-    dns = Dnsruby::Resolver.new({ nameserver: dns_servers })
+    inner_resolver = Dnsruby::Resolver.new
-    dns.do_validation = true
+    inner_resolver.do_validation = true
-    dns.do_caching = true
+    inner_resolver.dnssec = true
-    dns.dnssec = true
+    inner_resolver.nameserver = dns_servers
+    resolver = Dnsruby::Recursor.new(inner_resolver)
+    resolver.dnssec = true
 
-    dns
+    resolver
+  end
+
+  def make_query(name:, resolver: prepare_validator, type: 'DNSKEY', klass: 'IN')
+    logger.info "DNS query to #{name}; type: #{type}"
+    resolver.query(name, type, klass)
+  rescue Dnsruby::NXDomain
+    false
   end
 
   def log_templates
@@ -90,4 +75,63 @@ class ValidateDnssecJob < ApplicationJob
   def logger
     @logger ||= Rails.logger
   end
+
+
+  #
+  #
+  # def iterate_domain_data(domain:)
+  #   zone_datas = get_data_from_zone(domain: domain)
+  #   flag = domain.dnskeys.all? { |key| validate(zone_datas: zone_datas, domain_dnskey: key) }
+  #
+  #   flag
+  # end
+  #
+  # def get_data_from_zone(domain:)
+  #   resolver = prepare_resolver
+  #   ds_records_answers = resolver.query(domain.name, 'DNSKEY').answer
+  #
+  #   result_container = []
+  #
+  #   ds_records_answers.each do |ds|
+  #     next unless ds.type == Dnsruby::Types.DNSKEY
+  #
+  #     result_container << {
+  #       flags: ds.flags.to_s,
+  #       algorithm: ds.algorithm.code.to_s,
+  #       protocol: ds.protocol.to_s,
+  #       public_key: ds.public_key.export.gsub!(/\s+/, ''),
+  #     }
+  #   end
+  #
+  #   result_container
+  # rescue Dnsruby::NXDomain
+  #   domain.add_epp_error('2308', nil, nil, I18n.t(:dns_policy_violation))
+  # end
+  #
+  # def validate(zone_datas:, domain_dnskey:)
+  #   flag = zone_datas.any? do |zone_data|
+  #     zone_data[:flags] == domain_dnskey.flags.to_s &&
+  #       zone_data[:algorithm] == domain_dnskey.alg.to_s &&
+  #       zone_data[:protocol] == domain_dnskey.protocol.to_s &&
+  #       zone_data[:public_key].include?(domain_dnskey[:public_key].to_s)
+  #   end
+  #
+  #   text = "#{domain_dnskey.flags} - #{domain_dnskey.alg} -
+  #           #{domain_dnskey.protocol} - #{domain_dnskey.public_key} "
+  #   logger.info text + log_templates[flag.to_s]
+  #
+  #   flag
+  # end
+  #
+  # def prepare_resolver
+  #   dns_servers = ENV['dnssec_resolver_ips'].to_s.split(',').map(&:strip)
+  #   dns = Dnsruby::Resolver.new({ nameserver: dns_servers })
+  #   dns.do_validation = true
+  #   dns.do_caching = true
+  #   dns.dnssec = true
+  #
+  #   dns
+  # end
+
+
 end