diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py index bd2215620..c00d1c589 100644 --- a/src/registrar/config/urls.py +++ b/src/registrar/config/urls.py @@ -100,11 +100,6 @@ urlpatterns = [ views.DomainDsDataView.as_view(), name="domain-dns-dnssec-dsdata", ), - path( - "domain//dns/dnssec/keydata", - views.DomainKeyDataView.as_view(), - name="domain-dns-dnssec-keydata", - ), path( "domain//your-contact-information", views.DomainYourContactInformationView.as_view(), diff --git a/src/registrar/forms/__init__.py b/src/registrar/forms/__init__.py index 7d2baf646..c3aa89fed 100644 --- a/src/registrar/forms/__init__.py +++ b/src/registrar/forms/__init__.py @@ -8,6 +8,4 @@ from .domain import ( DomainDnssecForm, DomainDsdataFormset, DomainDsdataForm, - DomainKeydataFormset, - DomainKeydataForm, ) diff --git a/src/registrar/forms/common.py b/src/registrar/forms/common.py index 159113488..585d5ed3e 100644 --- a/src/registrar/forms/common.py +++ b/src/registrar/forms/common.py @@ -1,6 +1,6 @@ # common.py # -# ALGORITHM_CHOICES are options for alg attribute in DS Data and Key Data +# ALGORITHM_CHOICES are options for alg attribute in DS Data # reference: # https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml ALGORITHM_CHOICES = [ @@ -24,15 +24,4 @@ DIGEST_TYPE_CHOICES = [ (0, "(0) Reserved"), (1, "(1) SHA-256"), ] -# PROTOCOL_CHOICES are options for protocol attribute in Key Data -# reference: https://datatracker.ietf.org/doc/html/rfc4034#section-2.1.2 -PROTOCOL_CHOICES = [ - (3, "(3) DNSSEC"), -] -# FLAG_CHOICES are options for flags attribute in Key Data -# reference: https://datatracker.ietf.org/doc/html/rfc4034#section-2.1.1 -FLAG_CHOICES = [ - (0, "(0)"), - (256, "(256) ZSK"), - (257, "(257) KSK"), -] + diff --git a/src/registrar/forms/domain.py b/src/registrar/forms/domain.py index 8abc7e14a..6bbade5ef 100644 --- a/src/registrar/forms/domain.py +++ b/src/registrar/forms/domain.py @@ -10,8 +10,6 @@ from ..models import Contact, DomainInformation from .common import ( ALGORITHM_CHOICES, DIGEST_TYPE_CHOICES, - FLAG_CHOICES, - PROTOCOL_CHOICES, ) @@ -188,44 +186,3 @@ DomainDsdataFormset = formset_factory( extra=0, can_delete=True, ) - - -class DomainKeydataForm(forms.Form): - """Form for adding or editing DNSSEC Key Data to a domain.""" - - flag = forms.TypedChoiceField( - required=True, - label="Flag", - coerce=int, - choices=FLAG_CHOICES, - error_messages={"required": ("Flag is required.")}, - ) - - protocol = forms.TypedChoiceField( - required=True, - label="Protocol", - coerce=int, - choices=PROTOCOL_CHOICES, - error_messages={"required": ("Protocol is required.")}, - ) - - algorithm = forms.TypedChoiceField( - required=True, - label="Algorithm", - coerce=int, - choices=[(None, "--Select--")] + ALGORITHM_CHOICES, # type: ignore - error_messages={"required": ("Algorithm is required.")}, - ) - - pub_key = forms.CharField( - required=True, - label="Pub key", - error_messages={"required": ("Pub key is required.")}, - ) - - -DomainKeydataFormset = formset_factory( - DomainKeydataForm, - extra=0, - can_delete=True, -) diff --git a/src/registrar/models/domain.py b/src/registrar/models/domain.py index bab993b04..1aad4fef4 100644 --- a/src/registrar/models/domain.py +++ b/src/registrar/models/domain.py @@ -486,12 +486,11 @@ class Domain(TimeStampedModel, DomainHelper): addExtension: dict remExtension: dict - addExtension includes all dsData or keyData to be added - remExtension includes all dsData or keyData to be removed + addExtension includes all dsData to be added + remExtension includes all dsData to be removed - method operates on dsData OR keyData, never a mix of the two; - operates based on which is present in _dnssecdata; - if neither is present, addExtension will be empty dict, and + method operates on dsData; + if dsData is not present, addExtension will be empty dict, and remExtension will be all existing dnssecdata to be deleted """ diff --git a/src/registrar/templates/domain_dnssec.html b/src/registrar/templates/domain_dnssec.html index 5eedb2184..c4a19470e 100644 --- a/src/registrar/templates/domain_dnssec.html +++ b/src/registrar/templates/domain_dnssec.html @@ -7,14 +7,14 @@

DNSSEC

-

DNSSEC, or DNS Security Extensions, is additional security layer to protect your domain. Enabling DNSSEC ensures that when someone visits your domain, they can be certain that it's connecting to the correct server, preventing potential hijacking or tampering with your domain's records.

+

DNSSEC, or DNS Security Extensions, is additional security layer to protect your website. Enabling DNSSEC ensures that when someone visits your domain, they can be certain that it's connecting to the correct server, preventing potential hijacking or tampering with your domain's records.

{% csrf_token %} {% if has_dnssec_records %}
- In order to fully disable DNSSEC on your domain, you will need to work with your DNS provider to remove your DNSSEC-related records from your zone. + In order to fully disable DNSSEC on your domain, you will need to work with your DNS provider to remove your DNSSEC-related records from your zone.
Disable DNSSEC - {% elif dnssec_enabled %} -
-

Add DS Records

-

In order to enable DNSSEC and add Delegation Signer (DS) records, you must first configure it with your DNS hosting service. Your configuration will determine whether you need to add DS Data or Key Data. Contact your DNS hosting provider if you are unsure which record type to add.

-

- Add DS Data - Add Key Data - -

-
{% else %}
- It is strongly recommended that you only enable DNSSEC if you know how to set it up properly at your hosting service. If you make a mistake, it could cause your domain name to stop working. + It is strongly recommended that you only enable DNSSEC if you know how to set it up properly at your hosting service. If you make a mistake, it could cause your domain name to stop working.
- + Enable DNSSEC
{% endif %}
diff --git a/src/registrar/templates/domain_dsdata.html b/src/registrar/templates/domain_dsdata.html index ca4dce783..ac38bd87f 100644 --- a/src/registrar/templates/domain_dsdata.html +++ b/src/registrar/templates/domain_dsdata.html @@ -8,41 +8,17 @@ {% include "includes/form_errors.html" with form=form %} {% endfor %} - {% if domain.dnssecdata is None and not dnssec_ds_confirmed %} + {% if domain.dnssecdata is None %}
- You have no DS Data added. Enable DNSSEC by adding DS Data or return to the DNSSEC page and click 'enable.' + You have no DS Data added. Enable DNSSEC by adding DS Data.
{% endif %}

DS Data

- {% if domain.dnssecdata is not None and domain.dnssecdata.keyData is not None %} -
-
-

Warning, you cannot add DS Data

-

- You cannot add DS Data because you have already added Key Data. Delete your Key Data records in order to add DS Data. -

-
-
- {% elif not dnssec_ds_confirmed %} -

In order to enable DNSSEC, you must first configure it with your DNS hosting service.

-

Enter the values given by your DNS provider for DS Data.

-

Required fields are marked with an asterisk (*).

-
- {% csrf_token %} - -
- {% else %} +

In order to enable DNSSEC, you must first configure it with your DNS hosting service.

Enter the values given by your DNS provider for DS Data.

{% include "includes/required_fields.html" %} @@ -119,5 +95,5 @@ >Cancel - {% endif %} + {% endblock %} {# domain_content #} diff --git a/src/registrar/templates/domain_keydata.html b/src/registrar/templates/domain_keydata.html deleted file mode 100644 index 167d86370..000000000 --- a/src/registrar/templates/domain_keydata.html +++ /dev/null @@ -1,110 +0,0 @@ -{% extends "domain_base.html" %} -{% load static field_helpers url_helpers %} - -{% block title %}Key Data | {{ domain.name }} | {% endblock %} - -{% block domain_content %} - {% for form in formset %} - {% include "includes/form_errors.html" with form=form %} - {% endfor %} - -

Key Data

- - {% if domain.dnssecdata is not None and domain.dnssecdata.dsData is not None %} -
-
-

Warning, you cannot add Key Data

-

- You cannot add Key Data because you have already added DS Data. Delete your DS Data records in order to add Key Data. -

-
-
- {% elif not dnssec_key_confirmed %} -

In order to enable DNSSEC and add DS records, you must first configure it with your DNS hosting service. Your configuration will determine whether you need to add DS Data or Key Data. Contact your DNS hosting provider if you are unsure which record type to add.

-
- {% csrf_token %} - -
- {% else %} - -

Enter the values given by your DNS provider for DS Key Data.

- {% include "includes/required_fields.html" %} - -
- {% csrf_token %} - {{ formset.management_form }} - - {% for form in formset %} -
- - DS Data record {{forloop.counter}} - -

DS Data record {{forloop.counter}}

- -
-
- {% with attr_required=True add_group_class="usa-form-group--unstyled-error" %} - {% input_with_errors form.flag %} - {% endwith %} -
-
- {% with attr_required=True add_group_class="usa-form-group--unstyled-error" %} - {% input_with_errors form.protocol %} - {% endwith %} -
-
- {% with attr_required=True add_group_class="usa-form-group--unstyled-error" %} - {% input_with_errors form.algorithm %} - {% endwith %} -
-
- -
-
- {% with attr_required=True add_group_class="usa-form-group--unstyled-error" %} - {% input_with_errors form.pub_key %} - {% endwith %} -
-
- -
-
- -
-
- -
- {% endfor %} - - - - -
- -
- -
- {% endif %} -{% endblock %} {# domain_content #} diff --git a/src/registrar/templates/domain_sidebar.html b/src/registrar/templates/domain_sidebar.html index 1acd87eeb..fda3b322d 100644 --- a/src/registrar/templates/domain_sidebar.html +++ b/src/registrar/templates/domain_sidebar.html @@ -34,7 +34,7 @@ > DNSSEC - {% if domain.dnssecdata is not None or request.path|startswith:url and request.path|endswith:'data' %} + {% if domain.dnssecdata is not None or request.path|startswith:url and request.path|endswith:'dsdata' %} {% endif %} diff --git a/src/registrar/tests/common.py b/src/registrar/tests/common.py index 7ae107006..239e50ae8 100644 --- a/src/registrar/tests/common.py +++ b/src/registrar/tests/common.py @@ -732,12 +732,6 @@ class MockEppLib(TestCase): "digestType": 1, "digest": "ec0bdd990b39feead889f0ba613db4adecb4adec", } - keyDataDict = { - "flags": 257, - "protocol": 3, - "alg": 1, - "pubKey": "AQPJ////4Q==", - } dnssecExtensionWithDsData = extensions.DNSSECExtension( **{ "dsData": [ @@ -753,11 +747,6 @@ class MockEppLib(TestCase): ], # type: ignore } ) - dnssecExtensionWithKeyData = extensions.DNSSECExtension( - **{ - "keyData": [common.DNSSECKeyData(**keyDataDict)], # type: ignore - } - ) dnssecExtensionRemovingDsData = extensions.DNSSECExtension() infoDomainHasIP = fakedEppObject( @@ -851,10 +840,6 @@ class MockEppLib(TestCase): self.mockDataInfoDomain, self.dnssecExtensionWithMultDsData, ), - "dnssec-keydata.gov": ( - self.mockDataInfoDomain, - self.dnssecExtensionWithKeyData, - ), "dnssec-none.gov": (self.mockDataInfoDomain, None), "my-nameserver.gov": ( self.infoDomainTwoHosts diff --git a/src/registrar/tests/test_models_domain.py b/src/registrar/tests/test_models_domain.py index ef3084f9c..e612d7b22 100644 --- a/src/registrar/tests/test_models_domain.py +++ b/src/registrar/tests/test_models_domain.py @@ -1798,79 +1798,6 @@ class TestRegistrantDNSSEC(MockEppLib): patcher.stop() - def test_user_adds_dnssec_keydata(self): - """ - Scenario: Registrant adds DNSSEC key data. - Verify that both the setter and getter are functioning properly - - This test verifies: - 1 - setter calls UpdateDomain command - 2 - setter adds the UpdateDNSSECExtension extension to the command - 3 - setter causes the getter to call info domain on next get from cache - 4 - getter properly parses dnssecdata from InfoDomain response and sets to cache - - """ - - # need to use a separate patcher and side_effect for this test, as - # response from InfoDomain must be different for different iterations - # of the same command - def side_effect(_request, cleaned): - if isinstance(_request, commands.InfoDomain): - if mocked_send.call_count == 1: - return MagicMock(res_data=[self.mockDataInfoDomain]) - else: - return MagicMock( - res_data=[self.mockDataInfoDomain], - extensions=[self.dnssecExtensionWithKeyData], - ) - else: - return MagicMock(res_data=[self.mockDataInfoHosts]) - - patcher = patch("registrar.models.domain.registry.send") - mocked_send = patcher.start() - mocked_send.side_effect = side_effect - - domain, _ = Domain.objects.get_or_create(name="dnssec-keydata.gov") - - domain.dnssecdata = self.dnssecExtensionWithKeyData - # get the DNS SEC extension added to the UpdateDomain command - # and verify that it is properly sent - # args[0] is the _request sent to registry - args, _ = mocked_send.call_args - # assert that the extension matches - self.assertEquals( - args[0].extensions[0], - self.createUpdateExtension(self.dnssecExtensionWithKeyData), - ) - # test that the dnssecdata getter is functioning properly - dnssecdata_get = domain.dnssecdata - mocked_send.assert_has_calls( - [ - call( - commands.UpdateDomain( - name="dnssec-keydata.gov", - nsset=None, - keyset=None, - registrant=None, - auth_info=None, - ), - cleaned=True, - ), - call( - commands.InfoDomain( - name="dnssec-keydata.gov", - ), - cleaned=True, - ), - ] - ) - - self.assertEquals( - dnssecdata_get.keyData, self.dnssecExtensionWithKeyData.keyData - ) - - patcher.stop() - def test_update_is_unsuccessful(self): """ Scenario: An update to the dns data is unsuccessful diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py index 06fddfde7..e8946c52c 100644 --- a/src/registrar/tests/test_views.py +++ b/src/registrar/tests/test_views.py @@ -1075,7 +1075,6 @@ class TestWithDomainPermissions(TestWithUser): self.domain_multdsdata, _ = Domain.objects.get_or_create( name="dnssec-multdsdata.gov" ) - self.domain_keydata, _ = Domain.objects.get_or_create(name="dnssec-keydata.gov") # We could simply use domain (igorville) but this will be more readable in tests # that inherit this setUp self.domain_dnssec_none, _ = Domain.objects.get_or_create( @@ -1090,9 +1089,6 @@ class TestWithDomainPermissions(TestWithUser): DomainInformation.objects.get_or_create( creator=self.user, domain=self.domain_multdsdata ) - DomainInformation.objects.get_or_create( - creator=self.user, domain=self.domain_keydata - ) DomainInformation.objects.get_or_create( creator=self.user, domain=self.domain_dnssec_none ) @@ -1107,9 +1103,6 @@ class TestWithDomainPermissions(TestWithUser): domain=self.domain_multdsdata, role=UserDomainRole.Roles.ADMIN, ) - UserDomainRole.objects.get_or_create( - user=self.user, domain=self.domain_keydata, role=UserDomainRole.Roles.ADMIN - ) UserDomainRole.objects.get_or_create( user=self.user, domain=self.domain_dnssec_none, @@ -1561,38 +1554,13 @@ class TestDomainDNSSEC(TestDomainOverview): def test_dnssec_page_refreshes_enable_button(self): """DNSSEC overview page loads when domain has no DNSSEC data - and shows a 'Enable DNSSEC' button. When button is clicked the template - updates. When user navigates away then comes back to the page, the - 'Enable DNSSEC' button is shown again.""" - # home_page = self.app.get("/") - + and shows a 'Enable DNSSEC' button.""" + page = self.client.get( reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}) ) self.assertContains(page, "Enable DNSSEC") - # Prepare the data for the POST request - post_data = { - "enable_dnssec": "Enable DNSSEC", - } - updated_page = self.client.post( - reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}), - post_data, - follow=True, - ) - - self.assertEqual(updated_page.status_code, 200) - - self.assertContains(updated_page, "Add DS Data") - self.assertContains(updated_page, "Add Key Data") - - self.app.get("/") - - back_to_page = self.client.get( - reverse("domain-dns-dnssec", kwargs={"pk": self.domain.id}) - ) - self.assertContains(back_to_page, "Enable DNSSEC") - def test_dnssec_page_loads_with_data_in_domain(self): """DNSSEC overview page loads when domain has DNSSEC data and the template contains a button to disable DNSSEC.""" @@ -1637,44 +1605,6 @@ class TestDomainDNSSEC(TestDomainOverview): ) self.assertContains(page, "DS Data record 1") - def test_ds_form_loads_with_key_data(self): - """DNSSEC Add DS Data page loads when there is - domain DNSSEC KEY data and shows an alert""" - - page = self.client.get( - reverse("domain-dns-dnssec-dsdata", kwargs={"pk": self.domain_keydata.id}) - ) - self.assertContains(page, "Warning, you cannot add DS Data") - - def test_key_form_loads_with_no_domain_data(self): - """DNSSEC Add Key Data page loads when there is no - domain DNSSEC data and shows a button to Add DS Key record""" - - page = self.client.get( - reverse( - "domain-dns-dnssec-keydata", kwargs={"pk": self.domain_dnssec_none.id} - ) - ) - self.assertContains(page, "Add DS Key record") - - def test_key_form_loads_with_key_data(self): - """DNSSEC Add Key Data page loads when there is - domain DNSSEC Key data and shows the data""" - - page = self.client.get( - reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.domain_keydata.id}) - ) - self.assertContains(page, "DS Data record 1") - - def test_key_form_loads_with_ds_data(self): - """DNSSEC Add Key Data page loads when there is - domain DNSSEC DS data and shows an alert""" - - page = self.client.get( - reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.domain_dsdata.id}) - ) - self.assertContains(page, "Warning, you cannot add Key Data") - def test_ds_data_form_submits(self): """DS Data form submits successfully @@ -1719,50 +1649,6 @@ class TestDomainDNSSEC(TestDomainOverview): # the field. self.assertContains(result, "Key tag is required", count=2, status_code=200) - def test_key_data_form_submits(self): - """Key Data form submits successfully - - Uses self.app WebTest because we need to interact with forms. - """ - add_data_page = self.app.get( - reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.domain_keydata.id}) - ) - session_id = self.app.cookies[settings.SESSION_COOKIE_NAME] - self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) - with less_console_noise(): # swallow log warning message - result = add_data_page.forms[0].submit() - # form submission was a post, response should be a redirect - self.assertEqual(result.status_code, 302) - self.assertEqual( - result["Location"], - reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.domain_keydata.id}), - ) - self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) - page = result.follow() - self.assertContains( - page, "The Key Data records for this domain have been updated." - ) - - def test_key_data_form_invalid(self): - """Key Data form errors with invalid data - - Uses self.app WebTest because we need to interact with forms. - """ - add_data_page = self.app.get( - reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.domain_keydata.id}) - ) - session_id = self.app.cookies[settings.SESSION_COOKIE_NAME] - self.app.set_cookie(settings.SESSION_COOKIE_NAME, session_id) - # first two nameservers are required, so if we empty one out we should - # get a form error - add_data_page.forms[0]["form-0-pub_key"] = "" - with less_console_noise(): # swallow logged warning message - result = add_data_page.forms[0].submit() - # form submission was a post with an error, response should be a 200 - # error text appears twice, once at the top of the page, once around - # the field. - self.assertContains(result, "Pub key is required", count=2, status_code=200) - class TestApplicationStatus(TestWithUser, WebTest): def setUp(self): diff --git a/src/registrar/views/__init__.py b/src/registrar/views/__init__.py index 5fd81df8c..c1400d7c0 100644 --- a/src/registrar/views/__init__.py +++ b/src/registrar/views/__init__.py @@ -7,7 +7,6 @@ from .domain import ( DomainNameserversView, DomainDNSSECView, DomainDsDataView, - DomainKeyDataView, DomainYourContactInformationView, DomainSecurityEmailView, DomainUsersView, diff --git a/src/registrar/views/domain.py b/src/registrar/views/domain.py index 36b7a9445..1e0505353 100644 --- a/src/registrar/views/domain.py +++ b/src/registrar/views/domain.py @@ -33,8 +33,6 @@ from ..forms import ( DomainDnssecForm, DomainDsdataFormset, DomainDsdataForm, - DomainKeydataFormset, - DomainKeydataForm, ) from epplibwrapper import ( @@ -280,12 +278,6 @@ class DomainDNSSECView(DomainPermissionView, FormMixin): errmsg = "Error removing existing DNSSEC record(s)." logger.error(errmsg + ": " + err) messages.error(self.request, errmsg) - request.session["dnssec_ds_confirmed"] = False - request.session["dnssec_key_confirmed"] = False - elif "enable_dnssec" in request.POST: - request.session["dnssec_enabled"] = True - request.session["dnssec_ds_confirmed"] = False - request.session["dnssec_key_confirmed"] = False return self.form_valid(form) @@ -303,24 +295,17 @@ class DomainDsDataView(DomainPermissionView, FormMixin): dnssecdata: extensions.DNSSECExtension = domain.dnssecdata initial_data = [] - if dnssecdata is not None: - if dnssecdata.keyData is not None: - # TODO: Throw an error - # Note: This is moot if we're - # removing key data - pass - - if dnssecdata.dsData is not None: - # Add existing nameservers as initial data - initial_data.extend( - { - "key_tag": record.keyTag, - "algorithm": record.alg, - "digest_type": record.digestType, - "digest": record.digest, - } - for record in dnssecdata.dsData - ) + if dnssecdata is not None and dnssecdata.dsData is not None: + # Add existing nameservers as initial data + initial_data.extend( + { + "key_tag": record.keyTag, + "algorithm": record.alg, + "digest_type": record.digestType, + "digest": record.digest, + } + for record in dnssecdata.dsData + ) # Ensure at least 1 record, filled or empty while len(initial_data) == 0: @@ -338,18 +323,6 @@ class DomainDsDataView(DomainPermissionView, FormMixin): # use "formset" instead of "form" for the key context["formset"] = context.pop("form") - # set the dnssec_ds_confirmed flag in the context for this view - # based either on the existence of DS Data in the domain, - # or on the flag stored in the session - domain = self.get_object() - dnssecdata: extensions.DNSSECExtension = domain.dnssecdata - - if dnssecdata is not None and dnssecdata.dsData is not None: - self.request.session["dnssec_ds_confirmed"] = True - - context["dnssec_ds_confirmed"] = self.request.session.get( - "dnssec_ds_confirmed", False - ) return context def post(self, request, *args, **kwargs): @@ -357,11 +330,6 @@ class DomainDsDataView(DomainPermissionView, FormMixin): self.object = self.get_object() formset = self.get_form() - if "confirm-ds" in request.POST: - request.session["dnssec_ds_confirmed"] = True - request.session["dnssec_key_confirmed"] = False - return super().form_valid(formset) - if "btn-cancel-click" in request.POST: return redirect("/", {"formset": formset}, RequestContext(request)) @@ -411,126 +379,6 @@ class DomainDsDataView(DomainPermissionView, FormMixin): return super().form_valid(formset) -class DomainKeyDataView(DomainPermissionView, FormMixin): - """Domain DNSSEC key data editing view.""" - - template_name = "domain_keydata.html" - form_class = DomainKeydataFormset - form = DomainKeydataForm - - def get_initial(self): - """The initial value for the form (which is a formset here).""" - domain = self.get_object() - dnssecdata: extensions.DNSSECExtension = domain.dnssecdata - initial_data = [] - - if dnssecdata is not None: - if dnssecdata.dsData is not None: - # TODO: Throw an error? - # Note: this is moot if we're - # removing Key data - pass - - if dnssecdata.keyData is not None: - # Add existing keydata as initial data - initial_data.extend( - { - "flag": record.flags, - "protocol": record.protocol, - "algorithm": record.alg, - "pub_key": record.pubKey, - } - for record in dnssecdata.keyData - ) - - # Ensure at least 1 record, filled or empty - while len(initial_data) == 0: - initial_data.append({}) - - return initial_data - - def get_success_url(self): - """Redirect to the Key Data page for the domain.""" - return reverse("domain-dns-dnssec-keydata", kwargs={"pk": self.object.pk}) - - def get_context_data(self, **kwargs): - """Adjust context from FormMixin for formsets.""" - context = super().get_context_data(**kwargs) - # use "formset" instead of "form" for the key - context["formset"] = context.pop("form") - - # set the dnssec_key_confirmed flag in the context for this view - # based either on the existence of Key Data in the domain, - # or on the flag stored in the session - domain = self.get_object() - dnssecdata: extensions.DNSSECExtension = domain.dnssecdata - - if dnssecdata is not None and dnssecdata.keyData is not None: - self.request.session["dnssec_key_confirmed"] = True - - context["dnssec_key_confirmed"] = self.request.session.get( - "dnssec_key_confirmed", False - ) - return context - - def post(self, request, *args, **kwargs): - """Formset submission posts to this view.""" - self.object = self.get_object() - formset = self.get_form() - - if "confirm-key" in request.POST: - request.session["dnssec_key_confirmed"] = True - request.session["dnssec_ds_confirmed"] = False - self.object.save() - return super().form_valid(formset) - - if "btn-cancel-click" in request.POST: - return redirect("/", {"formset": formset}, RequestContext(request)) - - if formset.is_valid(): - return self.form_valid(formset) - else: - return self.form_invalid(formset) - - def form_valid(self, formset): - """The formset is valid, perform something with it.""" - - # Set the nameservers from the formset - dnssecdata = extensions.DNSSECExtension() - - for form in formset: - try: - # if 'delete' not in form.cleaned_data - # or form.cleaned_data['delete'] == False: - keyrecord = { - "flags": int(form.cleaned_data["flag"]), - "protocol": int(form.cleaned_data["protocol"]), - "alg": int(form.cleaned_data["algorithm"]), - "pubKey": form.cleaned_data["pub_key"], - } - if dnssecdata.keyData is None: - dnssecdata.keyData = [] - dnssecdata.keyData.append(common.DNSSECKeyData(**keyrecord)) - except KeyError: - # no server information in this field, skip it - pass - domain = self.get_object() - try: - domain.dnssecdata = dnssecdata - except RegistryError as err: - errmsg = "Error updating DNSSEC data in the registry." - logger.error(errmsg) - logger.error(err) - messages.error(self.request, errmsg) - return self.form_invalid(formset) - else: - messages.success( - self.request, "The Key Data records for this domain have been updated." - ) - # superclass has the redirect - return super().form_valid(formset) - - class DomainYourContactInformationView(DomainPermissionView, FormMixin): """Domain your contact information editing view."""