mirror of
https://github.com/cisagov/manage.get.gov.git
synced 2025-07-23 19:20:47 +02:00
updated logic for setter of dnssec
This commit is contained in:
David Kennedy
parent
faf70b9d17
commit
6bd93d56e2
3 changed files with 41 additions and 30 deletions
|
|
@ -169,6 +169,7 @@ class DomainDsdataForm(forms.Form):
|
||||||
algorithm = forms.TypedChoiceField(
|
algorithm = forms.TypedChoiceField(
|
||||||
required=True,
|
required=True,
|
||||||
label="Algorithm",
|
label="Algorithm",
|
||||||
|
coerce=int, # need to coerce into int so dsData objects can be compared
|
||||||
choices=[(None, "--Select--")] + ALGORITHM_CHOICES, # type: ignore
|
choices=[(None, "--Select--")] + ALGORITHM_CHOICES, # type: ignore
|
||||||
error_messages={"required": ("Algorithm is required.")},
|
error_messages={"required": ("Algorithm is required.")},
|
||||||
)
|
)
|
||||||
|
|
@ -176,6 +177,7 @@ class DomainDsdataForm(forms.Form):
|
||||||
digest_type = forms.TypedChoiceField(
|
digest_type = forms.TypedChoiceField(
|
||||||
required=True,
|
required=True,
|
||||||
label="Digest Type",
|
label="Digest Type",
|
||||||
|
coerce=int, # need to coerce into int so dsData objects can be compared
|
||||||
choices=[(None, "--Select--")] + DIGEST_TYPE_CHOICES, # type: ignore
|
choices=[(None, "--Select--")] + DIGEST_TYPE_CHOICES, # type: ignore
|
||||||
error_messages={"required": ("Digest Type is required.")},
|
error_messages={"required": ("Digest Type is required.")},
|
||||||
)
|
)
|
||||||
|
|
@ -201,6 +203,7 @@ class DomainKeydataForm(forms.Form):
|
||||||
flag = forms.TypedChoiceField(
|
flag = forms.TypedChoiceField(
|
||||||
required=True,
|
required=True,
|
||||||
label="Flag",
|
label="Flag",
|
||||||
|
coerce=int,
|
||||||
choices=FLAG_CHOICES,
|
choices=FLAG_CHOICES,
|
||||||
error_messages={"required": ("Flag is required.")},
|
error_messages={"required": ("Flag is required.")},
|
||||||
)
|
)
|
||||||
|
|
@ -208,6 +211,7 @@ class DomainKeydataForm(forms.Form):
|
||||||
protocol = forms.TypedChoiceField(
|
protocol = forms.TypedChoiceField(
|
||||||
required=True,
|
required=True,
|
||||||
label="Protocol",
|
label="Protocol",
|
||||||
|
coerce=int,
|
||||||
choices=PROTOCOL_CHOICES,
|
choices=PROTOCOL_CHOICES,
|
||||||
error_messages={"required": ("Protocol is required.")},
|
error_messages={"required": ("Protocol is required.")},
|
||||||
)
|
)
|
||||||
|
|
@ -215,6 +219,7 @@ class DomainKeydataForm(forms.Form):
|
||||||
algorithm = forms.TypedChoiceField(
|
algorithm = forms.TypedChoiceField(
|
||||||
required=True,
|
required=True,
|
||||||
label="Algorithm",
|
label="Algorithm",
|
||||||
|
coerce=int,
|
||||||
choices=[(None, "--Select--")] + ALGORITHM_CHOICES, # type: ignore
|
choices=[(None, "--Select--")] + ALGORITHM_CHOICES, # type: ignore
|
||||||
error_messages={"required": ("Algorithm is required.")},
|
error_messages={"required": ("Algorithm is required.")},
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -312,33 +312,37 @@ class Domain(TimeStampedModel, DomainHelper):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
oldDnssecdata = self.dnssecdata
|
oldDnssecdata = self.dnssecdata
|
||||||
addDnssecdata = {}
|
addDnssecdata = {"dsData": [], "keyData": [],}
|
||||||
remDnssecdata = {}
|
remDnssecdata = {"dsData": [], "keyData": [],}
|
||||||
|
|
||||||
|
if _dnssecdata and len(_dnssecdata["dsData"]) > 0:
|
||||||
|
|
||||||
if len(_dnssecdata["dsData"]) > 0:
|
|
||||||
# initialize addDnssecdata and remDnssecdata for dsData
|
# initialize addDnssecdata and remDnssecdata for dsData
|
||||||
addDnssecdata["dsData"] = []
|
addDnssecdata["dsData"] = _dnssecdata["dsData"]
|
||||||
remDnssecdata["dsData"] = []
|
remDnssecdata["dsData"] = []
|
||||||
|
|
||||||
|
if oldDnssecdata and len(oldDnssecdata.dsData) > 0:
|
||||||
# if existing dsData not in new dsData, mark for removal
|
# if existing dsData not in new dsData, mark for removal
|
||||||
remDnssecdata["dsData"] = [dsData for dsData in oldDnssecdata["dsData"] if dsData not in _dnssecdata["dsData"]]
|
remDnssecdata["dsData"] = [dsData for dsData in oldDnssecdata.dsData if dsData not in _dnssecdata["dsData"]]
|
||||||
|
|
||||||
# if new dsData not in existing dsData, mark for add
|
# if new dsData not in existing dsData, mark for add
|
||||||
addDnssecdata["dsData"] = [dsData for dsData in _dnssecdata["dsData"] if dsData not in oldDnssecdata["dsData"]]
|
addDnssecdata["dsData"] = [dsData for dsData in _dnssecdata["dsData"] if dsData not in oldDnssecdata.dsData]
|
||||||
elif len(_dnssecdata["keyData"]) > 0:
|
|
||||||
|
elif _dnssecdata and len(_dnssecdata["keyData"]) > 0:
|
||||||
# initialize addDnssecdata and remDnssecdata for keyData
|
# initialize addDnssecdata and remDnssecdata for keyData
|
||||||
addDnssecdata["keyData"] = []
|
addDnssecdata["keyData"] = _dnssecdata["keyData"]
|
||||||
remDnssecdata["keyData"] = []
|
remDnssecdata["keyData"] = []
|
||||||
|
|
||||||
|
if oldDnssecdata and len(oldDnssecdata.keyData) > 0:
|
||||||
# if existing keyData not in new keyData, mark for removal
|
# if existing keyData not in new keyData, mark for removal
|
||||||
remDnssecdata["keyData"] = [keyData for keyData in oldDnssecdata["keyData"] if keyData not in _dnssecdata["keyData"]]
|
remDnssecdata["keyData"] = [keyData for keyData in oldDnssecdata.keyData if keyData not in _dnssecdata["keyData"]]
|
||||||
|
|
||||||
# if new keyData not in existing keyData, mark for add
|
# if new keyData not in existing keyData, mark for add
|
||||||
addDnssecdata["keyData"] = [keyData for keyData in _dnssecdata["keyData"] if keyData not in oldDnssecdata["keyData"]]
|
addDnssecdata["keyData"] = [keyData for keyData in _dnssecdata["keyData"] if keyData not in oldDnssecdata.keyData]
|
||||||
else:
|
else:
|
||||||
# there are no new dsData or keyData, remove all
|
# there are no new dsData or keyData, remove all
|
||||||
remDnssecdata["dsData"] = oldDnssecdata["dsData"]
|
remDnssecdata["dsData"] = getattr(oldDnssecdata, "dsData", None)
|
||||||
remDnssecdata["keyData"] = oldDnssecdata["keyData"]
|
remDnssecdata["keyData"] = getattr(oldDnssecdata, "keyData", None)
|
||||||
|
|
||||||
return addDnssecdata, remDnssecdata
|
return addDnssecdata, remDnssecdata
|
||||||
|
|
||||||
|
|
@ -346,14 +350,14 @@ class Domain(TimeStampedModel, DomainHelper):
|
||||||
def dnssecdata(self, _dnssecdata: dict):
|
def dnssecdata(self, _dnssecdata: dict):
|
||||||
_addDnssecdata, _remDnssecdata = self.getDnssecdataChanges(_dnssecdata)
|
_addDnssecdata, _remDnssecdata = self.getDnssecdataChanges(_dnssecdata)
|
||||||
addParams = {
|
addParams = {
|
||||||
"maxSigLife": _dnssecdata.get("maxSigLife", None),
|
"maxSigLife": _addDnssecdata.get("maxSigLife", None),
|
||||||
"dsData": _dnssecdata.get("dsData", None),
|
"dsData": _addDnssecdata.get("dsData", None),
|
||||||
"keyData": _dnssecdata.get("keyData", None),
|
"keyData": _addDnssecdata.get("keyData", None),
|
||||||
}
|
}
|
||||||
remParams = {
|
remParams = {
|
||||||
"maxSigLife": _dnssecdata.get("maxSigLife", None),
|
"maxSigLife": _remDnssecdata.get("maxSigLife", None),
|
||||||
"dsData": _dnssecdata.get("dsData", None),
|
"remDsData": _remDnssecdata.get("dsData", None),
|
||||||
"keyData": _dnssecdata.get("keyData", None),
|
"remKeyData": _remDnssecdata.get("keyData", None),
|
||||||
}
|
}
|
||||||
addRequest = commands.UpdateDomain(name=self.name)
|
addRequest = commands.UpdateDomain(name=self.name)
|
||||||
addExtension = commands.UpdateDomainDNSSECExtension(**addParams)
|
addExtension = commands.UpdateDomainDNSSECExtension(**addParams)
|
||||||
|
|
@ -362,7 +366,9 @@ class Domain(TimeStampedModel, DomainHelper):
|
||||||
remExtension = commands.UpdateDomainDNSSECExtension(**remParams)
|
remExtension = commands.UpdateDomainDNSSECExtension(**remParams)
|
||||||
remRequest.add_extension(remExtension)
|
remRequest.add_extension(remExtension)
|
||||||
try:
|
try:
|
||||||
|
if len(_addDnssecdata.get("dsData", [])) > 0 or len(_addDnssecdata.get("keyData",[])) > 0:
|
||||||
registry.send(addRequest, cleaned=True)
|
registry.send(addRequest, cleaned=True)
|
||||||
|
if len(_remDnssecdata.get("dsData", [])) > 0 or len(_remDnssecdata.get("keyData", [])) > 0:
|
||||||
registry.send(remRequest, cleaned=True)
|
registry.send(remRequest, cleaned=True)
|
||||||
except RegistryError as e:
|
except RegistryError as e:
|
||||||
logger.error("Error updating DNSSEC, code was %s error was %s" % (e.code, e))
|
logger.error("Error updating DNSSEC, code was %s error was %s" % (e.code, e))
|
||||||
|
|
|
||||||
|
|
@ -371,8 +371,8 @@ class DomainDsdataView(DomainPermissionView, FormMixin):
|
||||||
# or form.cleaned_data['delete'] == False:
|
# or form.cleaned_data['delete'] == False:
|
||||||
dsrecord = {
|
dsrecord = {
|
||||||
"keyTag": form.cleaned_data["key_tag"],
|
"keyTag": form.cleaned_data["key_tag"],
|
||||||
"alg": form.cleaned_data["algorithm"],
|
"alg": int(form.cleaned_data["algorithm"]),
|
||||||
"digestType": form.cleaned_data["digest_type"],
|
"digestType": int(form.cleaned_data["digest_type"]),
|
||||||
"digest": form.cleaned_data["digest"],
|
"digest": form.cleaned_data["digest"],
|
||||||
}
|
}
|
||||||
dnssecdata["dsData"].append(common.DSData(**dsrecord))
|
dnssecdata["dsData"].append(common.DSData(**dsrecord))
|
||||||
|
|
@ -490,9 +490,9 @@ class DomainKeydataView(DomainPermissionView, FormMixin):
|
||||||
# if 'delete' not in form.cleaned_data
|
# if 'delete' not in form.cleaned_data
|
||||||
# or form.cleaned_data['delete'] == False:
|
# or form.cleaned_data['delete'] == False:
|
||||||
keyrecord = {
|
keyrecord = {
|
||||||
"flags": form.cleaned_data["flag"],
|
"flags": int(form.cleaned_data["flag"]),
|
||||||
"protocol": form.cleaned_data["protocol"],
|
"protocol": int(form.cleaned_data["protocol"]),
|
||||||
"alg": form.cleaned_data["algorithm"],
|
"alg": int(form.cleaned_data["algorithm"]),
|
||||||
"pubKey": form.cleaned_data["pub_key"],
|
"pubKey": form.cleaned_data["pub_key"],
|
||||||
}
|
}
|
||||||
dnssecdata["keyData"].append(common.DNSSECKeyData(**keyrecord))
|
dnssecdata["keyData"].append(common.DNSSECKeyData(**keyrecord))
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue