]>
Commit | Line | Data |
---|---|---|
541bb91b | 1 | from __future__ import print_function |
e2dba705 | 2 | import json |
d29d5db7 | 3 | import time |
e2dba705 | 4 | import unittest |
ccfabd0d | 5 | from copy import deepcopy |
646bcd7d | 6 | from parameterized import parameterized |
6754ef71 | 7 | from pprint import pprint |
d1b98434 | 8 | from test_helper import ApiTestCase, unique_zone_name, is_auth, is_auth_lmdb, is_recursor, get_db_records, pdnsutil_rectify |
6754ef71 CH |
9 | |
10 | ||
11 | def get_rrset(data, qname, qtype): | |
12 | for rrset in data['rrsets']: | |
13 | if rrset['name'] == qname and rrset['type'] == qtype: | |
14 | return rrset | |
15 | return None | |
16 | ||
17 | ||
18 | def get_first_rec(data, qname, qtype): | |
19 | rrset = get_rrset(data, qname, qtype) | |
20 | if rrset: | |
21 | return rrset['records'][0] | |
22 | return None | |
23 | ||
24 | ||
25 | def eq_zone_rrsets(rrsets, expected): | |
26 | data_got = {} | |
27 | data_expected = {} | |
541bb91b | 28 | for type_, expected_records in expected.items(): |
6754ef71 CH |
29 | type_ = str(type_) |
30 | data_got[type_] = set() | |
31 | data_expected[type_] = set() | |
32 | uses_name = any(['name' in expected_record for expected_record in expected_records]) | |
33 | # minify + convert received data | |
34 | for rrset in [rrset for rrset in rrsets if rrset['type'] == type_]: | |
541bb91b | 35 | print(rrset) |
6754ef71 CH |
36 | for r in rrset['records']: |
37 | data_got[type_].add((rrset['name'] if uses_name else '@', rrset['type'], r['content'])) | |
38 | # minify expected data | |
39 | for r in expected_records: | |
40 | data_expected[type_].add((r['name'] if uses_name else '@', type_, r['content'])) | |
41 | ||
541bb91b | 42 | print("eq_zone_rrsets: got:") |
6754ef71 | 43 | pprint(data_got) |
541bb91b | 44 | print("eq_zone_rrsets: expected:") |
6754ef71 CH |
45 | pprint(data_expected) |
46 | ||
47 | assert data_got == data_expected, "%r != %r" % (data_got, data_expected) | |
1a152698 CH |
48 | |
49 | ||
02945d9a | 50 | class Zones(ApiTestCase): |
1a152698 | 51 | |
80e9a517 PD |
52 | def _test_list_zones(self, dnssec=True): |
53 | path = "/api/v1/servers/localhost/zones" | |
54 | if not dnssec: | |
55 | path = path + "?dnssec=false" | |
56 | r = self.session.get(self.url(path)) | |
c1374bdb | 57 | self.assert_success_json(r) |
45de6290 | 58 | domains = r.json() |
02945d9a | 59 | example_com = [domain for domain in domains if domain['name'] in ('example.com', 'example.com.')] |
4bfebc93 | 60 | self.assertEqual(len(example_com), 1) |
1a152698 | 61 | example_com = example_com[0] |
a21e8566 | 62 | print(example_com) |
02945d9a | 63 | required_fields = ['id', 'url', 'name', 'kind'] |
c1374bdb | 64 | if is_auth(): |
80e9a517 PD |
65 | required_fields = required_fields + ['masters', 'last_check', 'notified_serial', 'serial', 'account'] |
66 | if dnssec: | |
67 | required_fields = required_fields = ['dnssec', 'edited_serial'] | |
4bfebc93 | 68 | self.assertNotEqual(example_com['serial'], 0) |
a25bc5e9 PD |
69 | if not dnssec: |
70 | self.assertNotIn('dnssec', example_com) | |
c1374bdb | 71 | elif is_recursor(): |
02945d9a CH |
72 | required_fields = required_fields + ['recursion_desired', 'servers'] |
73 | for field in required_fields: | |
74 | self.assertIn(field, example_com) | |
75 | ||
80e9a517 | 76 | def test_list_zones_with_dnssec(self): |
a25bc5e9 PD |
77 | if is_auth(): |
78 | self._test_list_zones(True) | |
80e9a517 PD |
79 | |
80 | def test_list_zones_without_dnssec(self): | |
81 | self._test_list_zones(False) | |
02945d9a | 82 | |
406497f5 | 83 | class AuthZonesHelperMixin(object): |
284fdfe9 | 84 | def create_zone(self, name=None, **kwargs): |
bee2acae CH |
85 | if name is None: |
86 | name = unique_zone_name() | |
e2dba705 | 87 | payload = { |
bee2acae | 88 | 'name': name, |
e2dba705 | 89 | 'kind': 'Native', |
1d6b70f9 | 90 | 'nameservers': ['ns1.example.com.', 'ns2.example.com.'] |
e2dba705 | 91 | } |
284fdfe9 | 92 | for k, v in kwargs.items(): |
4bdff352 CH |
93 | if v is None: |
94 | del payload[k] | |
95 | else: | |
96 | payload[k] = v | |
541bb91b | 97 | print("sending", payload) |
e2dba705 | 98 | r = self.session.post( |
46d06a12 | 99 | self.url("/api/v1/servers/localhost/zones"), |
e2dba705 CH |
100 | data=json.dumps(payload), |
101 | headers={'content-type': 'application/json'}) | |
c1374bdb | 102 | self.assert_success_json(r) |
4bfebc93 | 103 | self.assertEqual(r.status_code, 201) |
1d6b70f9 | 104 | reply = r.json() |
541bb91b | 105 | print("reply", reply) |
6754ef71 | 106 | return name, payload, reply |
bee2acae | 107 | |
406497f5 CH |
108 | |
109 | @unittest.skipIf(not is_auth(), "Not applicable") | |
110 | class AuthZones(ApiTestCase, AuthZonesHelperMixin): | |
111 | ||
c1374bdb | 112 | def test_create_zone(self): |
b0af9105 | 113 | # soa_edit_api has a default, override with empty for this test |
6754ef71 | 114 | name, payload, data = self.create_zone(serial=22, soa_edit_api='') |
1258fecd | 115 | for k in ('id', 'url', 'name', 'masters', 'kind', 'last_check', 'notified_serial', 'serial', 'edited_serial', 'soa_edit_api', 'soa_edit', 'account'): |
d29d5db7 CH |
116 | self.assertIn(k, data) |
117 | if k in payload: | |
4bfebc93 | 118 | self.assertEqual(data[k], payload[k]) |
f63168e6 | 119 | # validate generated SOA |
f527c6ff | 120 | expected_soa = "a.misconfigured.dns.server.invalid. hostmaster." + name + " " + \ |
1d6b70f9 | 121 | str(payload['serial']) + " 10800 3600 604800 3600" |
4bfebc93 | 122 | self.assertEqual( |
6754ef71 | 123 | get_first_rec(data, name, 'SOA')['content'], |
1d6b70f9 | 124 | expected_soa |
f63168e6 | 125 | ) |
d1b98434 PD |
126 | |
127 | if not is_auth_lmdb(): | |
128 | # Because we had confusion about dots, check that the DB is without dots. | |
129 | dbrecs = get_db_records(name, 'SOA') | |
130 | self.assertEqual(dbrecs[0]['content'], expected_soa.replace('. ', ' ')) | |
4bfebc93 | 131 | self.assertNotEqual(data['serial'], data['edited_serial']) |
d29d5db7 | 132 | |
c1374bdb | 133 | def test_create_zone_with_soa_edit_api(self): |
f63168e6 | 134 | # soa_edit_api wins over serial |
6754ef71 | 135 | name, payload, data = self.create_zone(soa_edit_api='EPOCH', serial=10) |
f63168e6 | 136 | for k in ('soa_edit_api', ): |
e2dba705 CH |
137 | self.assertIn(k, data) |
138 | if k in payload: | |
4bfebc93 | 139 | self.assertEqual(data[k], payload[k]) |
f63168e6 | 140 | # generated EPOCH serial surely is > fixed serial we passed in |
541bb91b | 141 | print(data) |
f63168e6 | 142 | self.assertGreater(data['serial'], payload['serial']) |
6754ef71 | 143 | soa_serial = int(get_first_rec(data, name, 'SOA')['content'].split(' ')[2]) |
f63168e6 | 144 | self.assertGreater(soa_serial, payload['serial']) |
4bfebc93 | 145 | self.assertEqual(soa_serial, data['serial']) |
6bb25159 | 146 | |
79532aa7 CH |
147 | def test_create_zone_with_account(self): |
148 | # soa_edit_api wins over serial | |
6754ef71 | 149 | name, payload, data = self.create_zone(account='anaccount', serial=10) |
541bb91b | 150 | print(data) |
79532aa7 CH |
151 | for k in ('account', ): |
152 | self.assertIn(k, data) | |
153 | if k in payload: | |
4bfebc93 | 154 | self.assertEqual(data[k], payload[k]) |
79532aa7 | 155 | |
9440a9f0 CH |
156 | def test_create_zone_default_soa_edit_api(self): |
157 | name, payload, data = self.create_zone() | |
541bb91b | 158 | print(data) |
4bfebc93 | 159 | self.assertEqual(data['soa_edit_api'], 'DEFAULT') |
9440a9f0 | 160 | |
331d3062 CH |
161 | def test_create_zone_exists(self): |
162 | name, payload, data = self.create_zone() | |
163 | print(data) | |
164 | payload = { | |
165 | 'name': name, | |
166 | 'kind': 'Native' | |
167 | } | |
168 | print(payload) | |
169 | r = self.session.post( | |
170 | self.url("/api/v1/servers/localhost/zones"), | |
171 | data=json.dumps(payload), | |
172 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 173 | self.assertEqual(r.status_code, 409) # Conflict - already exists |
331d3062 | 174 | |
01f7df3f CH |
175 | def test_create_zone_with_soa_edit(self): |
176 | name, payload, data = self.create_zone(soa_edit='INCEPTION-INCREMENT', soa_edit_api='SOA-EDIT-INCREASE') | |
541bb91b | 177 | print(data) |
4bfebc93 CH |
178 | self.assertEqual(data['soa_edit'], 'INCEPTION-INCREMENT') |
179 | self.assertEqual(data['soa_edit_api'], 'SOA-EDIT-INCREASE') | |
01f7df3f CH |
180 | soa_serial = get_first_rec(data, name, 'SOA')['content'].split(' ')[2] |
181 | # These particular settings lead to the first serial set to YYYYMMDD01. | |
4bfebc93 | 182 | self.assertEqual(soa_serial[-2:], '01') |
f613d242 CH |
183 | rrset = { |
184 | 'changetype': 'replace', | |
185 | 'name': name, | |
186 | 'type': 'A', | |
187 | 'ttl': 3600, | |
188 | 'records': [ | |
189 | { | |
190 | "content": "127.0.0.1", | |
191 | "disabled": False | |
192 | } | |
193 | ] | |
194 | } | |
195 | payload = {'rrsets': [rrset]} | |
196 | self.session.patch( | |
197 | self.url("/api/v1/servers/localhost/zones/" + data['id']), | |
198 | data=json.dumps(payload), | |
199 | headers={'content-type': 'application/json'}) | |
200 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + data['id'])) | |
201 | data = r.json() | |
202 | soa_serial = get_first_rec(data, name, 'SOA')['content'].split(' ')[2] | |
4bfebc93 | 203 | self.assertEqual(soa_serial[-2:], '02') |
01f7df3f | 204 | |
c1374bdb | 205 | def test_create_zone_with_records(self): |
f63168e6 | 206 | name = unique_zone_name() |
6754ef71 CH |
207 | rrset = { |
208 | "name": name, | |
209 | "type": "A", | |
210 | "ttl": 3600, | |
211 | "records": [{ | |
f63168e6 | 212 | "content": "4.3.2.1", |
6754ef71 CH |
213 | "disabled": False, |
214 | }], | |
215 | } | |
216 | name, payload, data = self.create_zone(name=name, rrsets=[rrset]) | |
f63168e6 | 217 | # check our record has appeared |
4bfebc93 | 218 | self.assertEqual(get_rrset(data, name, 'A')['records'], rrset['records']) |
f63168e6 | 219 | |
d0953126 AT |
220 | def test_create_zone_with_wildcard_records(self): |
221 | name = unique_zone_name() | |
6754ef71 CH |
222 | rrset = { |
223 | "name": "*."+name, | |
224 | "type": "A", | |
225 | "ttl": 3600, | |
226 | "records": [{ | |
d0953126 | 227 | "content": "4.3.2.1", |
6754ef71 CH |
228 | "disabled": False, |
229 | }], | |
230 | } | |
231 | name, payload, data = self.create_zone(name=name, rrsets=[rrset]) | |
d0953126 | 232 | # check our record has appeared |
4bfebc93 | 233 | self.assertEqual(get_rrset(data, rrset['name'], 'A')['records'], rrset['records']) |
d0953126 | 234 | |
d1b98434 | 235 | @unittest.skipIf(is_auth_lmdb(), "No comments in LMDB") |
c1374bdb | 236 | def test_create_zone_with_comments(self): |
f63168e6 | 237 | name = unique_zone_name() |
f2d6dcc0 RG |
238 | rrsets = [ |
239 | { | |
240 | "name": name, | |
241 | "type": "soa", # test uppercasing of type, too. | |
242 | "comments": [{ | |
243 | "account": "test1", | |
244 | "content": "blah blah", | |
245 | "modified_at": 11112, | |
246 | }], | |
247 | }, | |
248 | { | |
249 | "name": name, | |
250 | "type": "AAAA", | |
251 | "ttl": 3600, | |
252 | "records": [{ | |
253 | "content": "2001:DB8::1", | |
254 | "disabled": False, | |
255 | }], | |
256 | "comments": [{ | |
257 | "account": "test AAAA", | |
258 | "content": "blah blah AAAA", | |
259 | "modified_at": 11112, | |
260 | }], | |
261 | }, | |
262 | { | |
263 | "name": name, | |
264 | "type": "TXT", | |
265 | "ttl": 3600, | |
266 | "records": [{ | |
267 | "content": "\"test TXT\"", | |
268 | "disabled": False, | |
269 | }], | |
270 | }, | |
271 | { | |
272 | "name": name, | |
273 | "type": "A", | |
274 | "ttl": 3600, | |
275 | "records": [{ | |
276 | "content": "192.0.2.1", | |
277 | "disabled": False, | |
278 | }], | |
279 | }, | |
280 | ] | |
281 | name, payload, data = self.create_zone(name=name, rrsets=rrsets) | |
282 | # NS records have been created | |
4bfebc93 | 283 | self.assertEqual(len(data['rrsets']), len(rrsets) + 1) |
f63168e6 | 284 | # check our comment has appeared |
4bfebc93 CH |
285 | self.assertEqual(get_rrset(data, name, 'SOA')['comments'], rrsets[0]['comments']) |
286 | self.assertEqual(get_rrset(data, name, 'A')['comments'], []) | |
287 | self.assertEqual(get_rrset(data, name, 'TXT')['comments'], []) | |
288 | self.assertEqual(get_rrset(data, name, 'AAAA')['comments'], rrsets[1]['comments']) | |
f63168e6 | 289 | |
1d6b70f9 CH |
290 | def test_create_zone_uncanonical_nameservers(self): |
291 | name = unique_zone_name() | |
292 | payload = { | |
293 | 'name': name, | |
294 | 'kind': 'Native', | |
295 | 'nameservers': ['uncanon.example.com'] | |
296 | } | |
541bb91b | 297 | print(payload) |
1d6b70f9 CH |
298 | r = self.session.post( |
299 | self.url("/api/v1/servers/localhost/zones"), | |
300 | data=json.dumps(payload), | |
301 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 302 | self.assertEqual(r.status_code, 422) |
1d6b70f9 CH |
303 | self.assertIn('Nameserver is not canonical', r.json()['error']) |
304 | ||
305 | def test_create_auth_zone_no_name(self): | |
306 | name = unique_zone_name() | |
307 | payload = { | |
308 | 'name': '', | |
309 | 'kind': 'Native', | |
310 | } | |
541bb91b | 311 | print(payload) |
1d6b70f9 CH |
312 | r = self.session.post( |
313 | self.url("/api/v1/servers/localhost/zones"), | |
314 | data=json.dumps(payload), | |
315 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 316 | self.assertEqual(r.status_code, 422) |
1d6b70f9 CH |
317 | self.assertIn('is not canonical', r.json()['error']) |
318 | ||
c1374bdb | 319 | def test_create_zone_with_custom_soa(self): |
f63168e6 | 320 | name = unique_zone_name() |
6754ef71 CH |
321 | content = u"ns1.example.net. testmaster@example.net. 10 10800 3600 604800 3600" |
322 | rrset = { | |
323 | "name": name, | |
324 | "type": "soa", # test uppercasing of type, too. | |
325 | "ttl": 3600, | |
326 | "records": [{ | |
327 | "content": content, | |
328 | "disabled": False, | |
329 | }], | |
330 | } | |
331 | name, payload, data = self.create_zone(name=name, rrsets=[rrset], soa_edit_api='') | |
4bfebc93 | 332 | self.assertEqual(get_rrset(data, name, 'SOA')['records'], rrset['records']) |
d1b98434 PD |
333 | if not is_auth_lmdb(): |
334 | dbrecs = get_db_records(name, 'SOA') | |
335 | self.assertEqual(dbrecs[0]['content'], content.replace('. ', ' ')) | |
1d6b70f9 CH |
336 | |
337 | def test_create_zone_double_dot(self): | |
338 | name = 'test..' + unique_zone_name() | |
339 | payload = { | |
340 | 'name': name, | |
341 | 'kind': 'Native', | |
342 | 'nameservers': ['ns1.example.com.'] | |
343 | } | |
541bb91b | 344 | print(payload) |
1d6b70f9 CH |
345 | r = self.session.post( |
346 | self.url("/api/v1/servers/localhost/zones"), | |
347 | data=json.dumps(payload), | |
348 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 349 | self.assertEqual(r.status_code, 422) |
1d6b70f9 | 350 | self.assertIn('Unable to parse DNS Name', r.json()['error']) |
05776d2f | 351 | |
1d6b70f9 CH |
352 | def test_create_zone_restricted_chars(self): |
353 | name = 'test:' + unique_zone_name() # : isn't good as a name. | |
354 | payload = { | |
355 | 'name': name, | |
356 | 'kind': 'Native', | |
357 | 'nameservers': ['ns1.example.com'] | |
358 | } | |
541bb91b | 359 | print(payload) |
1d6b70f9 CH |
360 | r = self.session.post( |
361 | self.url("/api/v1/servers/localhost/zones"), | |
362 | data=json.dumps(payload), | |
363 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 364 | self.assertEqual(r.status_code, 422) |
1d6b70f9 | 365 | self.assertIn('contains unsupported characters', r.json()['error']) |
4ebf78b1 | 366 | |
33e6c3e9 CH |
367 | def test_create_zone_mixed_nameservers_ns_rrset_zonelevel(self): |
368 | name = unique_zone_name() | |
369 | rrset = { | |
370 | "name": name, | |
371 | "type": "NS", | |
372 | "ttl": 3600, | |
373 | "records": [{ | |
374 | "content": "ns2.example.com.", | |
375 | "disabled": False, | |
376 | }], | |
377 | } | |
378 | payload = { | |
379 | 'name': name, | |
380 | 'kind': 'Native', | |
381 | 'nameservers': ['ns1.example.com.'], | |
382 | 'rrsets': [rrset], | |
383 | } | |
541bb91b | 384 | print(payload) |
33e6c3e9 CH |
385 | r = self.session.post( |
386 | self.url("/api/v1/servers/localhost/zones"), | |
387 | data=json.dumps(payload), | |
388 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 389 | self.assertEqual(r.status_code, 422) |
33e6c3e9 CH |
390 | self.assertIn('Nameservers list MUST NOT be mixed with zone-level NS in rrsets', r.json()['error']) |
391 | ||
392 | def test_create_zone_mixed_nameservers_ns_rrset_below_zonelevel(self): | |
393 | name = unique_zone_name() | |
394 | rrset = { | |
395 | "name": 'subzone.'+name, | |
396 | "type": "NS", | |
397 | "ttl": 3600, | |
398 | "records": [{ | |
399 | "content": "ns2.example.com.", | |
400 | "disabled": False, | |
401 | }], | |
402 | } | |
403 | payload = { | |
404 | 'name': name, | |
405 | 'kind': 'Native', | |
406 | 'nameservers': ['ns1.example.com.'], | |
407 | 'rrsets': [rrset], | |
408 | } | |
541bb91b | 409 | print(payload) |
33e6c3e9 CH |
410 | r = self.session.post( |
411 | self.url("/api/v1/servers/localhost/zones"), | |
412 | data=json.dumps(payload), | |
413 | headers={'content-type': 'application/json'}) | |
414 | self.assert_success_json(r) | |
415 | ||
c1374bdb | 416 | def test_create_zone_with_symbols(self): |
6754ef71 | 417 | name, payload, data = self.create_zone(name='foo/bar.'+unique_zone_name()) |
bee2acae | 418 | name = payload['name'] |
1d6b70f9 | 419 | expected_id = name.replace('/', '=2F') |
00a9b229 CH |
420 | for k in ('id', 'url', 'name', 'masters', 'kind', 'last_check', 'notified_serial', 'serial'): |
421 | self.assertIn(k, data) | |
422 | if k in payload: | |
4bfebc93 CH |
423 | self.assertEqual(data[k], payload[k]) |
424 | self.assertEqual(data['id'], expected_id) | |
d1b98434 PD |
425 | if not is_auth_lmdb(): |
426 | dbrecs = get_db_records(name, 'SOA') | |
427 | self.assertEqual(dbrecs[0]['name'], name.rstrip('.')) | |
00a9b229 | 428 | |
c1374bdb | 429 | def test_create_zone_with_nameservers_non_string(self): |
e90b4e38 CH |
430 | # ensure we don't crash |
431 | name = unique_zone_name() | |
432 | payload = { | |
433 | 'name': name, | |
434 | 'kind': 'Native', | |
435 | 'nameservers': [{'a': 'ns1.example.com'}] # invalid | |
436 | } | |
541bb91b | 437 | print(payload) |
e90b4e38 | 438 | r = self.session.post( |
46d06a12 | 439 | self.url("/api/v1/servers/localhost/zones"), |
e90b4e38 CH |
440 | data=json.dumps(payload), |
441 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 442 | self.assertEqual(r.status_code, 422) |
e90b4e38 | 443 | |
986e4858 PL |
444 | def test_create_zone_with_dnssec(self): |
445 | """ | |
446 | Create a zone with "dnssec" set and see if a key was made. | |
447 | """ | |
448 | name = unique_zone_name() | |
449 | name, payload, data = self.create_zone(dnssec=True) | |
450 | ||
451 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
452 | ||
453 | for k in ('dnssec', ): | |
454 | self.assertIn(k, data) | |
455 | if k in payload: | |
4bfebc93 | 456 | self.assertEqual(data[k], payload[k]) |
986e4858 PL |
457 | |
458 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name + '/cryptokeys')) | |
459 | ||
460 | keys = r.json() | |
461 | ||
541bb91b | 462 | print(keys) |
986e4858 | 463 | |
4bfebc93 CH |
464 | self.assertEqual(r.status_code, 200) |
465 | self.assertEqual(len(keys), 1) | |
466 | self.assertEqual(keys[0]['type'], 'Cryptokey') | |
467 | self.assertEqual(keys[0]['active'], True) | |
468 | self.assertEqual(keys[0]['keytype'], 'csk') | |
986e4858 | 469 | |
cbe8b186 PL |
470 | def test_create_zone_with_dnssec_disable_dnssec(self): |
471 | """ | |
472 | Create a zone with "dnssec", then set "dnssec" to false and see if the | |
473 | keys are gone | |
474 | """ | |
475 | name = unique_zone_name() | |
476 | name, payload, data = self.create_zone(dnssec=True) | |
477 | ||
478 | self.session.put(self.url("/api/v1/servers/localhost/zones/" + name), | |
479 | data=json.dumps({'dnssec': False})) | |
480 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
481 | ||
482 | zoneinfo = r.json() | |
483 | ||
4bfebc93 CH |
484 | self.assertEqual(r.status_code, 200) |
485 | self.assertEqual(zoneinfo['dnssec'], False) | |
cbe8b186 PL |
486 | |
487 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name + '/cryptokeys')) | |
488 | ||
489 | keys = r.json() | |
490 | ||
4bfebc93 CH |
491 | self.assertEqual(r.status_code, 200) |
492 | self.assertEqual(len(keys), 0) | |
cbe8b186 | 493 | |
986e4858 PL |
494 | def test_create_zone_with_nsec3param(self): |
495 | """ | |
496 | Create a zone with "nsec3param" set and see if the metadata was added. | |
497 | """ | |
498 | name = unique_zone_name() | |
499 | nsec3param = '1 0 500 aabbccddeeff' | |
500 | name, payload, data = self.create_zone(dnssec=True, nsec3param=nsec3param) | |
501 | ||
502 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
503 | ||
504 | for k in ('dnssec', 'nsec3param'): | |
505 | self.assertIn(k, data) | |
506 | if k in payload: | |
4bfebc93 | 507 | self.assertEqual(data[k], payload[k]) |
986e4858 PL |
508 | |
509 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name + '/metadata/NSEC3PARAM')) | |
510 | ||
511 | data = r.json() | |
512 | ||
541bb91b | 513 | print(data) |
986e4858 | 514 | |
4bfebc93 CH |
515 | self.assertEqual(r.status_code, 200) |
516 | self.assertEqual(len(data['metadata']), 1) | |
517 | self.assertEqual(data['kind'], 'NSEC3PARAM') | |
518 | self.assertEqual(data['metadata'][0], nsec3param) | |
986e4858 PL |
519 | |
520 | def test_create_zone_with_nsec3narrow(self): | |
521 | """ | |
522 | Create a zone with "nsec3narrow" set and see if the metadata was added. | |
523 | """ | |
524 | name = unique_zone_name() | |
525 | nsec3param = '1 0 500 aabbccddeeff' | |
526 | name, payload, data = self.create_zone(dnssec=True, nsec3param=nsec3param, | |
527 | nsec3narrow=True) | |
528 | ||
529 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
530 | ||
531 | for k in ('dnssec', 'nsec3param', 'nsec3narrow'): | |
532 | self.assertIn(k, data) | |
533 | if k in payload: | |
4bfebc93 | 534 | self.assertEqual(data[k], payload[k]) |
986e4858 PL |
535 | |
536 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name + '/metadata/NSEC3NARROW')) | |
537 | ||
538 | data = r.json() | |
539 | ||
541bb91b | 540 | print(data) |
986e4858 | 541 | |
4bfebc93 CH |
542 | self.assertEqual(r.status_code, 200) |
543 | self.assertEqual(len(data['metadata']), 1) | |
544 | self.assertEqual(data['kind'], 'NSEC3NARROW') | |
545 | self.assertEqual(data['metadata'][0], '1') | |
986e4858 | 546 | |
df434f42 PL |
547 | def test_create_zone_with_nsec3param_switch_to_nsec(self): |
548 | """ | |
549 | Create a zone with "nsec3param", then remove the params | |
550 | """ | |
551 | name, payload, data = self.create_zone(dnssec=True, | |
552 | nsec3param='1 0 1 ab') | |
553 | self.session.put(self.url("/api/v1/servers/localhost/zones/" + name), | |
554 | data=json.dumps({'nsec3param': ''})) | |
555 | r = self.session.get( | |
556 | self.url("/api/v1/servers/localhost/zones/" + name)) | |
557 | data = r.json() | |
558 | ||
4bfebc93 CH |
559 | self.assertEqual(r.status_code, 200) |
560 | self.assertEqual(data['nsec3param'], '') | |
df434f42 | 561 | |
a843c67e KM |
562 | def test_create_zone_dnssec_serial(self): |
563 | """ | |
564 | Create a zone set/unset "dnssec" and see if the serial was increased | |
565 | after every step | |
566 | """ | |
567 | name = unique_zone_name() | |
568 | name, payload, data = self.create_zone() | |
569 | ||
570 | soa_serial = get_first_rec(data, name, 'SOA')['content'].split(' ')[2] | |
4bfebc93 | 571 | self.assertEqual(soa_serial[-2:], '01') |
a843c67e KM |
572 | |
573 | self.session.put(self.url("/api/v1/servers/localhost/zones/" + name), | |
574 | data=json.dumps({'dnssec': True})) | |
575 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
576 | ||
577 | data = r.json() | |
578 | soa_serial = get_first_rec(data, name, 'SOA')['content'].split(' ')[2] | |
579 | ||
4bfebc93 CH |
580 | self.assertEqual(r.status_code, 200) |
581 | self.assertEqual(soa_serial[-2:], '02') | |
a843c67e KM |
582 | |
583 | self.session.put(self.url("/api/v1/servers/localhost/zones/" + name), | |
584 | data=json.dumps({'dnssec': False})) | |
585 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)) | |
586 | ||
587 | data = r.json() | |
588 | soa_serial = get_first_rec(data, name, 'SOA')['content'].split(' ')[2] | |
589 | ||
4bfebc93 CH |
590 | self.assertEqual(r.status_code, 200) |
591 | self.assertEqual(soa_serial[-2:], '03') | |
a843c67e | 592 | |
16e25450 CH |
593 | def test_zone_absolute_url(self): |
594 | name, payload, data = self.create_zone() | |
595 | r = self.session.get(self.url("/api/v1/servers/localhost/zones")) | |
596 | rdata = r.json() | |
597 | print(rdata[0]) | |
598 | self.assertTrue(rdata[0]['url'].startswith('/api/v')) | |
599 | ||
24e11043 CJ |
600 | def test_create_zone_metadata(self): |
601 | payload_metadata = {"type": "Metadata", "kind": "AXFR-SOURCE", "metadata": ["127.0.0.2"]} | |
602 | r = self.session.post(self.url("/api/v1/servers/localhost/zones/example.com/metadata"), | |
603 | data=json.dumps(payload_metadata)) | |
604 | rdata = r.json() | |
4bfebc93 CH |
605 | self.assertEqual(r.status_code, 201) |
606 | self.assertEqual(rdata["metadata"], payload_metadata["metadata"]) | |
24e11043 CJ |
607 | |
608 | def test_create_zone_metadata_kind(self): | |
609 | payload_metadata = {"metadata": ["127.0.0.2"]} | |
610 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/example.com/metadata/AXFR-SOURCE"), | |
611 | data=json.dumps(payload_metadata)) | |
612 | rdata = r.json() | |
4bfebc93 CH |
613 | self.assertEqual(r.status_code, 200) |
614 | self.assertEqual(rdata["metadata"], payload_metadata["metadata"]) | |
24e11043 CJ |
615 | |
616 | def test_create_protected_zone_metadata(self): | |
617 | # test whether it prevents modification of certain kinds | |
618 | for k in ("NSEC3NARROW", "NSEC3PARAM", "PRESIGNED", "LUA-AXFR-SCRIPT"): | |
619 | payload = {"metadata": ["FOO", "BAR"]} | |
620 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/example.com/metadata/%s" % k), | |
621 | data=json.dumps(payload)) | |
4bfebc93 | 622 | self.assertEqual(r.status_code, 422) |
24e11043 CJ |
623 | |
624 | def test_retrieve_zone_metadata(self): | |
625 | payload_metadata = {"type": "Metadata", "kind": "AXFR-SOURCE", "metadata": ["127.0.0.2"]} | |
626 | self.session.post(self.url("/api/v1/servers/localhost/zones/example.com/metadata"), | |
627 | data=json.dumps(payload_metadata)) | |
628 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/example.com/metadata")) | |
629 | rdata = r.json() | |
4bfebc93 | 630 | self.assertEqual(r.status_code, 200) |
24e11043 CJ |
631 | self.assertIn(payload_metadata, rdata) |
632 | ||
633 | def test_delete_zone_metadata(self): | |
634 | r = self.session.delete(self.url("/api/v1/servers/localhost/zones/example.com/metadata/AXFR-SOURCE")) | |
4bfebc93 | 635 | self.assertEqual(r.status_code, 200) |
24e11043 CJ |
636 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/example.com/metadata/AXFR-SOURCE")) |
637 | rdata = r.json() | |
4bfebc93 CH |
638 | self.assertEqual(r.status_code, 200) |
639 | self.assertEqual(rdata["metadata"], []) | |
24e11043 | 640 | |
9ac4e6d5 PL |
641 | def test_create_external_zone_metadata(self): |
642 | payload_metadata = {"metadata": ["My very important message"]} | |
643 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/example.com/metadata/X-MYMETA"), | |
644 | data=json.dumps(payload_metadata)) | |
4bfebc93 | 645 | self.assertEqual(r.status_code, 200) |
9ac4e6d5 | 646 | rdata = r.json() |
4bfebc93 | 647 | self.assertEqual(rdata["metadata"], payload_metadata["metadata"]) |
9ac4e6d5 | 648 | |
d38e81e6 PL |
649 | def test_create_metadata_in_non_existent_zone(self): |
650 | payload_metadata = {"type": "Metadata", "kind": "AXFR-SOURCE", "metadata": ["127.0.0.2"]} | |
651 | r = self.session.post(self.url("/api/v1/servers/localhost/zones/idonotexist.123.456.example./metadata"), | |
652 | data=json.dumps(payload_metadata)) | |
4bfebc93 | 653 | self.assertEqual(r.status_code, 404) |
77bfe8de PL |
654 | # Note: errors should probably contain json (see #5988) |
655 | # self.assertIn('Could not find domain ', r.json()['error']) | |
d38e81e6 | 656 | |
4bdff352 CH |
657 | def test_create_slave_zone(self): |
658 | # Test that nameservers can be absent for slave zones. | |
6754ef71 | 659 | name, payload, data = self.create_zone(kind='Slave', nameservers=None, masters=['127.0.0.2']) |
4bdff352 CH |
660 | for k in ('name', 'masters', 'kind'): |
661 | self.assertIn(k, data) | |
4bfebc93 | 662 | self.assertEqual(data[k], payload[k]) |
541bb91b CH |
663 | print("payload:", payload) |
664 | print("data:", data) | |
4de11a54 | 665 | # Because slave zones don't get a SOA, we need to test that they'll show up in the zone list. |
46d06a12 | 666 | r = self.session.get(self.url("/api/v1/servers/localhost/zones")) |
4de11a54 | 667 | zonelist = r.json() |
541bb91b | 668 | print("zonelist:", zonelist) |
4de11a54 CH |
669 | self.assertIn(payload['name'], [zone['name'] for zone in zonelist]) |
670 | # Also test that fetching the zone works. | |
46d06a12 | 671 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + data['id'])) |
4de11a54 | 672 | data = r.json() |
541bb91b | 673 | print("zone (fetched):", data) |
4de11a54 CH |
674 | for k in ('name', 'masters', 'kind'): |
675 | self.assertIn(k, data) | |
4bfebc93 | 676 | self.assertEqual(data[k], payload[k]) |
4de11a54 | 677 | self.assertEqual(data['serial'], 0) |
6754ef71 | 678 | self.assertEqual(data['rrsets'], []) |
4de11a54 | 679 | |
e543cc8f CH |
680 | def test_find_zone_by_name(self): |
681 | name = 'foo/' + unique_zone_name() | |
682 | name, payload, data = self.create_zone(name=name) | |
683 | r = self.session.get(self.url("/api/v1/servers/localhost/zones?zone=" + name)) | |
684 | data = r.json() | |
685 | print(data) | |
4bfebc93 | 686 | self.assertEqual(data[0]['name'], name) |
e543cc8f | 687 | |
4de11a54 | 688 | def test_delete_slave_zone(self): |
6754ef71 | 689 | name, payload, data = self.create_zone(kind='Slave', nameservers=None, masters=['127.0.0.2']) |
46d06a12 | 690 | r = self.session.delete(self.url("/api/v1/servers/localhost/zones/" + data['id'])) |
4de11a54 | 691 | r.raise_for_status() |
4bdff352 | 692 | |
a426cb89 | 693 | def test_retrieve_slave_zone(self): |
6754ef71 | 694 | name, payload, data = self.create_zone(kind='Slave', nameservers=None, masters=['127.0.0.2']) |
541bb91b CH |
695 | print("payload:", payload) |
696 | print("data:", data) | |
46d06a12 | 697 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/" + data['id'] + "/axfr-retrieve")) |
a426cb89 | 698 | data = r.json() |
541bb91b | 699 | print("status for axfr-retrieve:", data) |
a426cb89 CH |
700 | self.assertEqual(data['result'], u'Added retrieval request for \'' + payload['name'] + |
701 | '\' from master 127.0.0.2') | |
702 | ||
703 | def test_notify_master_zone(self): | |
6754ef71 | 704 | name, payload, data = self.create_zone(kind='Master') |
541bb91b CH |
705 | print("payload:", payload) |
706 | print("data:", data) | |
46d06a12 | 707 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/" + data['id'] + "/notify")) |
a426cb89 | 708 | data = r.json() |
541bb91b | 709 | print("status for notify:", data) |
a426cb89 CH |
710 | self.assertEqual(data['result'], 'Notification queued') |
711 | ||
c1374bdb | 712 | def test_get_zone_with_symbols(self): |
6754ef71 | 713 | name, payload, data = self.create_zone(name='foo/bar.'+unique_zone_name()) |
3c3c006b | 714 | name = payload['name'] |
1d6b70f9 | 715 | zone_id = (name.replace('/', '=2F')) |
46d06a12 | 716 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + zone_id)) |
c1374bdb | 717 | data = r.json() |
6bb25159 | 718 | for k in ('id', 'url', 'name', 'masters', 'kind', 'last_check', 'notified_serial', 'serial', 'dnssec'): |
3c3c006b CH |
719 | self.assertIn(k, data) |
720 | if k in payload: | |
4bfebc93 | 721 | self.assertEqual(data[k], payload[k]) |
3c3c006b | 722 | |
c1374bdb | 723 | def test_get_zone(self): |
46d06a12 | 724 | r = self.session.get(self.url("/api/v1/servers/localhost/zones")) |
05776d2f | 725 | domains = r.json() |
1d6b70f9 | 726 | example_com = [domain for domain in domains if domain['name'] == u'example.com.'][0] |
46d06a12 | 727 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + example_com['id'])) |
c1374bdb | 728 | self.assert_success_json(r) |
05776d2f CH |
729 | data = r.json() |
730 | for k in ('id', 'url', 'name', 'masters', 'kind', 'last_check', 'notified_serial', 'serial'): | |
731 | self.assertIn(k, data) | |
4bfebc93 | 732 | self.assertEqual(data['name'], 'example.com.') |
7c0ba3d2 | 733 | |
0f0e73fe | 734 | def test_import_zone_broken(self): |
646bcd7d CH |
735 | payload = { |
736 | 'name': 'powerdns-broken.com', | |
737 | 'kind': 'Master', | |
738 | 'nameservers': [], | |
739 | } | |
0f0e73fe MS |
740 | payload['zone'] = """ |
741 | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58571 | |
742 | flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | |
743 | ;; WARNING: recursion requested but not available | |
744 | ||
745 | ;; OPT PSEUDOSECTION: | |
746 | ; EDNS: version: 0, flags:; udp: 1680 | |
747 | ;; QUESTION SECTION: | |
748 | ;powerdns.com. IN SOA | |
749 | ||
750 | ;; ANSWER SECTION: | |
751 | powerdns-broken.com. 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 | |
752 | powerdns-broken.com. 3600 IN NS powerdnssec2.ds9a.nl. | |
753 | powerdns-broken.com. 3600 IN AAAA 2001:888:2000:1d::2 | |
754 | powerdns-broken.com. 86400 IN A 82.94.213.34 | |
755 | powerdns-broken.com. 3600 IN MX 0 xs.powerdns.com. | |
756 | powerdns-broken.com. 3600 IN NS powerdnssec1.ds9a.nl. | |
757 | powerdns-broken.com. 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 | |
758 | """ | |
0f0e73fe | 759 | r = self.session.post( |
46d06a12 | 760 | self.url("/api/v1/servers/localhost/zones"), |
0f0e73fe MS |
761 | data=json.dumps(payload), |
762 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 763 | self.assertEqual(r.status_code, 422) |
0f0e73fe | 764 | |
1d6b70f9 CH |
765 | def test_import_zone_axfr_outofzone(self): |
766 | # Ensure we don't create out-of-zone records | |
646bcd7d CH |
767 | payload = { |
768 | 'name': unique_zone_name(), | |
769 | 'kind': 'Master', | |
770 | 'nameservers': [], | |
771 | } | |
1d6b70f9 | 772 | payload['zone'] = """ |
646bcd7d CH |
773 | %NAME% 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 |
774 | %NAME% 3600 IN NS powerdnssec2.ds9a.nl. | |
1d6b70f9 | 775 | example.org. 3600 IN AAAA 2001:888:2000:1d::2 |
646bcd7d CH |
776 | %NAME% 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 |
777 | """.replace('%NAME%', payload['name']) | |
1d6b70f9 CH |
778 | r = self.session.post( |
779 | self.url("/api/v1/servers/localhost/zones"), | |
780 | data=json.dumps(payload), | |
781 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 782 | self.assertEqual(r.status_code, 422) |
1d6b70f9 CH |
783 | self.assertEqual(r.json()['error'], 'RRset example.org. IN AAAA: Name is out of zone') |
784 | ||
0f0e73fe | 785 | def test_import_zone_axfr(self): |
646bcd7d CH |
786 | payload = { |
787 | 'name': 'powerdns.com.', | |
788 | 'kind': 'Master', | |
789 | 'nameservers': [], | |
790 | 'soa_edit_api': '', # turn off so exact SOA comparison works. | |
791 | } | |
0f0e73fe MS |
792 | payload['zone'] = """ |
793 | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58571 | |
794 | ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | |
795 | ;; WARNING: recursion requested but not available | |
796 | ||
797 | ;; OPT PSEUDOSECTION: | |
798 | ; EDNS: version: 0, flags:; udp: 1680 | |
799 | ;; QUESTION SECTION: | |
800 | ;powerdns.com. IN SOA | |
801 | ||
802 | ;; ANSWER SECTION: | |
803 | powerdns.com. 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 | |
804 | powerdns.com. 3600 IN NS powerdnssec2.ds9a.nl. | |
805 | powerdns.com. 3600 IN AAAA 2001:888:2000:1d::2 | |
806 | powerdns.com. 86400 IN A 82.94.213.34 | |
807 | powerdns.com. 3600 IN MX 0 xs.powerdns.com. | |
808 | powerdns.com. 3600 IN NS powerdnssec1.ds9a.nl. | |
809 | powerdns.com. 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800 | |
810 | """ | |
0f0e73fe | 811 | r = self.session.post( |
46d06a12 | 812 | self.url("/api/v1/servers/localhost/zones"), |
0f0e73fe MS |
813 | data=json.dumps(payload), |
814 | headers={'content-type': 'application/json'}) | |
815 | self.assert_success_json(r) | |
816 | data = r.json() | |
817 | self.assertIn('name', data) | |
0f0e73fe | 818 | |
90568eb2 MS |
819 | expected = { |
820 | 'NS': [ | |
6754ef71 CH |
821 | {'content': 'powerdnssec1.ds9a.nl.'}, |
822 | {'content': 'powerdnssec2.ds9a.nl.'}, | |
823 | ], | |
90568eb2 | 824 | 'SOA': [ |
6754ef71 CH |
825 | {'content': 'powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746984 10800 3600 604800 10800'}, |
826 | ], | |
90568eb2 | 827 | 'MX': [ |
6754ef71 CH |
828 | {'content': '0 xs.powerdns.com.'}, |
829 | ], | |
90568eb2 | 830 | 'A': [ |
6754ef71 CH |
831 | {'content': '82.94.213.34', 'name': 'powerdns.com.'}, |
832 | ], | |
90568eb2 | 833 | 'AAAA': [ |
6754ef71 CH |
834 | {'content': '2001:888:2000:1d::2', 'name': 'powerdns.com.'}, |
835 | ], | |
90568eb2 | 836 | } |
0f0e73fe | 837 | |
6754ef71 | 838 | eq_zone_rrsets(data['rrsets'], expected) |
1d6b70f9 | 839 | |
d1b98434 PD |
840 | if not is_auth_lmdb(): |
841 | # check content in DB is stored WITHOUT trailing dot. | |
842 | dbrecs = get_db_records(payload['name'], 'NS') | |
843 | dbrec = next((dbrec for dbrec in dbrecs if dbrec['content'].startswith('powerdnssec1'))) | |
844 | self.assertEqual(dbrec['content'], 'powerdnssec1.ds9a.nl') | |
0f0e73fe MS |
845 | |
846 | def test_import_zone_bind(self): | |
646bcd7d CH |
847 | payload = { |
848 | 'name': 'example.org.', | |
849 | 'kind': 'Master', | |
850 | 'nameservers': [], | |
851 | 'soa_edit_api': '', # turn off so exact SOA comparison works. | |
852 | } | |
0f0e73fe MS |
853 | payload['zone'] = """ |
854 | $TTL 86400 ; 24 hours could have been written as 24h or 1d | |
855 | ; $TTL used for all RRs without explicit TTL value | |
856 | $ORIGIN example.org. | |
857 | @ 1D IN SOA ns1.example.org. hostmaster.example.org. ( | |
858 | 2002022401 ; serial | |
859 | 3H ; refresh | |
860 | 15 ; retry | |
861 | 1w ; expire | |
862 | 3h ; minimum | |
863 | ) | |
864 | IN NS ns1.example.org. ; in the domain | |
865 | IN NS ns2.smokeyjoe.com. ; external to domain | |
866 | IN MX 10 mail.another.com. ; external mail provider | |
867 | ; server host definitions | |
1d6b70f9 | 868 | ns1 IN A 192.168.0.1 ;name server definition |
0f0e73fe MS |
869 | www IN A 192.168.0.2 ;web server definition |
870 | ftp IN CNAME www.example.org. ;ftp server definition | |
871 | ; non server domain hosts | |
872 | bill IN A 192.168.0.3 | |
1d6b70f9 | 873 | fred IN A 192.168.0.4 |
0f0e73fe | 874 | """ |
0f0e73fe | 875 | r = self.session.post( |
46d06a12 | 876 | self.url("/api/v1/servers/localhost/zones"), |
0f0e73fe MS |
877 | data=json.dumps(payload), |
878 | headers={'content-type': 'application/json'}) | |
879 | self.assert_success_json(r) | |
880 | data = r.json() | |
881 | self.assertIn('name', data) | |
0f0e73fe | 882 | |
90568eb2 MS |
883 | expected = { |
884 | 'NS': [ | |
6754ef71 CH |
885 | {'content': 'ns1.example.org.'}, |
886 | {'content': 'ns2.smokeyjoe.com.'}, | |
887 | ], | |
90568eb2 | 888 | 'SOA': [ |
6754ef71 CH |
889 | {'content': 'ns1.example.org. hostmaster.example.org. 2002022401 10800 15 604800 10800'}, |
890 | ], | |
90568eb2 | 891 | 'MX': [ |
6754ef71 CH |
892 | {'content': '10 mail.another.com.'}, |
893 | ], | |
90568eb2 | 894 | 'A': [ |
6754ef71 CH |
895 | {'content': '192.168.0.1', 'name': 'ns1.example.org.'}, |
896 | {'content': '192.168.0.2', 'name': 'www.example.org.'}, | |
897 | {'content': '192.168.0.3', 'name': 'bill.example.org.'}, | |
898 | {'content': '192.168.0.4', 'name': 'fred.example.org.'}, | |
899 | ], | |
90568eb2 | 900 | 'CNAME': [ |
6754ef71 CH |
901 | {'content': 'www.example.org.', 'name': 'ftp.example.org.'}, |
902 | ], | |
90568eb2 | 903 | } |
0f0e73fe | 904 | |
6754ef71 | 905 | eq_zone_rrsets(data['rrsets'], expected) |
0f0e73fe | 906 | |
646bcd7d CH |
907 | def test_import_zone_bind_cname_apex(self): |
908 | payload = { | |
909 | 'name': unique_zone_name(), | |
910 | 'kind': 'Master', | |
911 | 'nameservers': [], | |
912 | } | |
913 | payload['zone'] = """ | |
914 | $ORIGIN %NAME% | |
915 | @ IN SOA ns1.example.org. hostmaster.example.org. (2002022401 3H 15 1W 3H) | |
916 | @ IN NS ns1.example.org. | |
917 | @ IN NS ns2.smokeyjoe.com. | |
918 | @ IN CNAME www.example.org. | |
919 | """.replace('%NAME%', payload['name']) | |
920 | r = self.session.post( | |
921 | self.url("/api/v1/servers/localhost/zones"), | |
922 | data=json.dumps(payload), | |
923 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 924 | self.assertEqual(r.status_code, 422) |
646bcd7d CH |
925 | self.assertIn('Conflicts with another RRset', r.json()['error']) |
926 | ||
c1374bdb | 927 | def test_export_zone_json(self): |
6754ef71 | 928 | name, payload, zone = self.create_zone(nameservers=['ns1.foo.com.', 'ns2.foo.com.'], soa_edit_api='') |
a83004d3 CH |
929 | # export it |
930 | r = self.session.get( | |
46d06a12 | 931 | self.url("/api/v1/servers/localhost/zones/" + name + "/export"), |
a83004d3 CH |
932 | headers={'accept': 'application/json;q=0.9,*/*;q=0.8'} |
933 | ) | |
c1374bdb | 934 | self.assert_success_json(r) |
a83004d3 CH |
935 | data = r.json() |
936 | self.assertIn('zone', data) | |
ba2a1254 DK |
937 | expected_data = [name + '\t3600\tIN\tNS\tns1.foo.com.', |
938 | name + '\t3600\tIN\tNS\tns2.foo.com.', | |
f527c6ff | 939 | name + '\t3600\tIN\tSOA\ta.misconfigured.dns.server.invalid. hostmaster.' + name + |
1d6b70f9 | 940 | ' 0 10800 3600 604800 3600'] |
7386e38f | 941 | self.assertCountEqual(data['zone'].strip().split('\n'), expected_data) |
a83004d3 | 942 | |
c1374bdb | 943 | def test_export_zone_text(self): |
6754ef71 | 944 | name, payload, zone = self.create_zone(nameservers=['ns1.foo.com.', 'ns2.foo.com.'], soa_edit_api='') |
a83004d3 CH |
945 | # export it |
946 | r = self.session.get( | |
46d06a12 | 947 | self.url("/api/v1/servers/localhost/zones/" + name + "/export"), |
a83004d3 CH |
948 | headers={'accept': '*/*'} |
949 | ) | |
950 | data = r.text.strip().split("\n") | |
ba2a1254 DK |
951 | expected_data = [name + '\t3600\tIN\tNS\tns1.foo.com.', |
952 | name + '\t3600\tIN\tNS\tns2.foo.com.', | |
f527c6ff | 953 | name + '\t3600\tIN\tSOA\ta.misconfigured.dns.server.invalid. hostmaster.' + name + |
1d6b70f9 | 954 | ' 0 10800 3600 604800 3600'] |
7386e38f | 955 | self.assertCountEqual(data, expected_data) |
a83004d3 | 956 | |
c1374bdb | 957 | def test_update_zone(self): |
6754ef71 | 958 | name, payload, zone = self.create_zone() |
bee2acae | 959 | name = payload['name'] |
d29d5db7 | 960 | # update, set as Master and enable SOA-EDIT-API |
7c0ba3d2 CH |
961 | payload = { |
962 | 'kind': 'Master', | |
c1374bdb | 963 | 'masters': ['192.0.2.1', '192.0.2.2'], |
6bb25159 MS |
964 | 'soa_edit_api': 'EPOCH', |
965 | 'soa_edit': 'EPOCH' | |
7c0ba3d2 CH |
966 | } |
967 | r = self.session.put( | |
46d06a12 | 968 | self.url("/api/v1/servers/localhost/zones/" + name), |
7c0ba3d2 CH |
969 | data=json.dumps(payload), |
970 | headers={'content-type': 'application/json'}) | |
f0e76cee CH |
971 | self.assert_success(r) |
972 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() | |
7c0ba3d2 CH |
973 | for k in payload.keys(): |
974 | self.assertIn(k, data) | |
4bfebc93 | 975 | self.assertEqual(data[k], payload[k]) |
d29d5db7 | 976 | # update, back to Native and empty(off) |
7c0ba3d2 | 977 | payload = { |
d29d5db7 | 978 | 'kind': 'Native', |
6bb25159 MS |
979 | 'soa_edit_api': '', |
980 | 'soa_edit': '' | |
7c0ba3d2 CH |
981 | } |
982 | r = self.session.put( | |
46d06a12 | 983 | self.url("/api/v1/servers/localhost/zones/" + name), |
7c0ba3d2 CH |
984 | data=json.dumps(payload), |
985 | headers={'content-type': 'application/json'}) | |
f0e76cee CH |
986 | self.assert_success(r) |
987 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() | |
7c0ba3d2 CH |
988 | for k in payload.keys(): |
989 | self.assertIn(k, data) | |
4bfebc93 | 990 | self.assertEqual(data[k], payload[k]) |
b3905a3d | 991 | |
c1374bdb | 992 | def test_zone_rr_update(self): |
6754ef71 | 993 | name, payload, zone = self.create_zone() |
b3905a3d | 994 | # do a replace (= update) |
d708640f | 995 | rrset = { |
b3905a3d CH |
996 | 'changetype': 'replace', |
997 | 'name': name, | |
8ce0dc75 | 998 | 'type': 'ns', |
6754ef71 | 999 | 'ttl': 3600, |
b3905a3d CH |
1000 | 'records': [ |
1001 | { | |
1d6b70f9 | 1002 | "content": "ns1.bar.com.", |
cea26350 CH |
1003 | "disabled": False |
1004 | }, | |
1005 | { | |
1d6b70f9 | 1006 | "content": "ns2-disabled.bar.com.", |
cea26350 | 1007 | "disabled": True |
b3905a3d CH |
1008 | } |
1009 | ] | |
1010 | } | |
d708640f | 1011 | payload = {'rrsets': [rrset]} |
b3905a3d | 1012 | r = self.session.patch( |
46d06a12 | 1013 | self.url("/api/v1/servers/localhost/zones/" + name), |
b3905a3d CH |
1014 | data=json.dumps(payload), |
1015 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1016 | self.assert_success(r) |
b3905a3d | 1017 | # verify that (only) the new record is there |
f0e76cee | 1018 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
7386e38f | 1019 | self.assertCountEqual(get_rrset(data, name, 'NS')['records'], rrset['records']) |
b3905a3d | 1020 | |
c1374bdb | 1021 | def test_zone_rr_update_mx(self): |
05cf6a71 | 1022 | # Important to test with MX records, as they have a priority field, which must end up in the content field. |
6754ef71 | 1023 | name, payload, zone = self.create_zone() |
41e3b10e | 1024 | # do a replace (= update) |
d708640f | 1025 | rrset = { |
41e3b10e CH |
1026 | 'changetype': 'replace', |
1027 | 'name': name, | |
1028 | 'type': 'MX', | |
6754ef71 | 1029 | 'ttl': 3600, |
41e3b10e CH |
1030 | 'records': [ |
1031 | { | |
1d6b70f9 | 1032 | "content": "10 mail.example.org.", |
41e3b10e CH |
1033 | "disabled": False |
1034 | } | |
1035 | ] | |
1036 | } | |
d708640f | 1037 | payload = {'rrsets': [rrset]} |
41e3b10e | 1038 | r = self.session.patch( |
46d06a12 | 1039 | self.url("/api/v1/servers/localhost/zones/" + name), |
41e3b10e CH |
1040 | data=json.dumps(payload), |
1041 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1042 | self.assert_success(r) |
41e3b10e | 1043 | # verify that (only) the new record is there |
f0e76cee | 1044 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
4bfebc93 | 1045 | self.assertEqual(get_rrset(data, name, 'MX')['records'], rrset['records']) |
d708640f | 1046 | |
81950930 CHB |
1047 | def test_zone_rr_update_invalid_mx(self): |
1048 | name, payload, zone = self.create_zone() | |
1049 | # do a replace (= update) | |
1050 | rrset = { | |
1051 | 'changetype': 'replace', | |
1052 | 'name': name, | |
1053 | 'type': 'MX', | |
1054 | 'ttl': 3600, | |
1055 | 'records': [ | |
1056 | { | |
1057 | "content": "10 mail@mx.example.org.", | |
1058 | "disabled": False | |
1059 | } | |
1060 | ] | |
1061 | } | |
1062 | payload = {'rrsets': [rrset]} | |
1063 | r = self.session.patch( | |
1064 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1065 | data=json.dumps(payload), | |
1066 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1067 | self.assertEqual(r.status_code, 422) |
97c8ea81 | 1068 | self.assertIn('non-hostname content', r.json()['error']) |
81950930 CHB |
1069 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1070 | self.assertIsNone(get_rrset(data, name, 'MX')) | |
1071 | ||
a53b24d0 CHB |
1072 | def test_zone_rr_update_opt(self): |
1073 | name, payload, zone = self.create_zone() | |
1074 | # do a replace (= update) | |
1075 | rrset = { | |
1076 | 'changetype': 'replace', | |
1077 | 'name': name, | |
1078 | 'type': 'OPT', | |
1079 | 'ttl': 3600, | |
1080 | 'records': [ | |
1081 | { | |
1082 | "content": "9", | |
1083 | "disabled": False | |
1084 | } | |
1085 | ] | |
1086 | } | |
1087 | payload = {'rrsets': [rrset]} | |
1088 | r = self.session.patch( | |
1089 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1090 | data=json.dumps(payload), | |
1091 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1092 | self.assertEqual(r.status_code, 422) |
a53b24d0 CHB |
1093 | self.assertIn('OPT: invalid type given', r.json()['error']) |
1094 | ||
c1374bdb | 1095 | def test_zone_rr_update_multiple_rrsets(self): |
6754ef71 | 1096 | name, payload, zone = self.create_zone() |
d708640f CH |
1097 | rrset1 = { |
1098 | 'changetype': 'replace', | |
1099 | 'name': name, | |
1100 | 'type': 'NS', | |
6754ef71 | 1101 | 'ttl': 3600, |
d708640f CH |
1102 | 'records': [ |
1103 | { | |
6754ef71 | 1104 | |
1d6b70f9 | 1105 | "content": "ns9999.example.com.", |
d708640f CH |
1106 | "disabled": False |
1107 | } | |
1108 | ] | |
1109 | } | |
1110 | rrset2 = { | |
1111 | 'changetype': 'replace', | |
1112 | 'name': name, | |
1113 | 'type': 'MX', | |
6754ef71 | 1114 | 'ttl': 3600, |
d708640f CH |
1115 | 'records': [ |
1116 | { | |
1d6b70f9 | 1117 | "content": "10 mx444.example.com.", |
d708640f CH |
1118 | "disabled": False |
1119 | } | |
1120 | ] | |
1121 | } | |
1122 | payload = {'rrsets': [rrset1, rrset2]} | |
1123 | r = self.session.patch( | |
46d06a12 | 1124 | self.url("/api/v1/servers/localhost/zones/" + name), |
d708640f CH |
1125 | data=json.dumps(payload), |
1126 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1127 | self.assert_success(r) |
d708640f | 1128 | # verify that all rrsets have been updated |
f0e76cee | 1129 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
4bfebc93 CH |
1130 | self.assertEqual(get_rrset(data, name, 'NS')['records'], rrset1['records']) |
1131 | self.assertEqual(get_rrset(data, name, 'MX')['records'], rrset2['records']) | |
41e3b10e | 1132 | |
e3675a8a CH |
1133 | def test_zone_rr_update_duplicate_record(self): |
1134 | name, payload, zone = self.create_zone() | |
1135 | rrset = { | |
1136 | 'changetype': 'replace', | |
1137 | 'name': name, | |
1138 | 'type': 'NS', | |
1139 | 'ttl': 3600, | |
1140 | 'records': [ | |
1141 | {"content": "ns9999.example.com.", "disabled": False}, | |
1142 | {"content": "ns9996.example.com.", "disabled": False}, | |
1143 | {"content": "ns9987.example.com.", "disabled": False}, | |
1144 | {"content": "ns9988.example.com.", "disabled": False}, | |
1145 | {"content": "ns9999.example.com.", "disabled": False}, | |
1146 | ] | |
1147 | } | |
1148 | payload = {'rrsets': [rrset]} | |
1149 | r = self.session.patch( | |
1150 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1151 | data=json.dumps(payload), | |
1152 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1153 | self.assertEqual(r.status_code, 422) |
e3675a8a CH |
1154 | self.assertIn('Duplicate record in RRset', r.json()['error']) |
1155 | ||
90904988 PD |
1156 | def test_zone_rr_update_duplicate_rrset(self): |
1157 | name, payload, zone = self.create_zone() | |
1158 | rrset1 = { | |
1159 | 'changetype': 'replace', | |
1160 | 'name': name, | |
1161 | 'type': 'NS', | |
1162 | 'ttl': 3600, | |
1163 | 'records': [ | |
1164 | { | |
1165 | "content": "ns9999.example.com.", | |
1166 | "disabled": False | |
1167 | } | |
1168 | ] | |
1169 | } | |
1170 | rrset2 = { | |
1171 | 'changetype': 'replace', | |
1172 | 'name': name, | |
1173 | 'type': 'NS', | |
1174 | 'ttl': 3600, | |
1175 | 'records': [ | |
1176 | { | |
1177 | "content": "ns9998.example.com.", | |
1178 | "disabled": False | |
1179 | } | |
1180 | ] | |
1181 | } | |
1182 | payload = {'rrsets': [rrset1, rrset2]} | |
1183 | r = self.session.patch( | |
1184 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1185 | data=json.dumps(payload), | |
1186 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1187 | self.assertEqual(r.status_code, 422) |
90904988 PD |
1188 | self.assertIn('Duplicate RRset', r.json()['error']) |
1189 | ||
c1374bdb | 1190 | def test_zone_rr_delete(self): |
6754ef71 | 1191 | name, payload, zone = self.create_zone() |
b3905a3d | 1192 | # do a delete of all NS records (these are created with the zone) |
d708640f | 1193 | rrset = { |
b3905a3d CH |
1194 | 'changetype': 'delete', |
1195 | 'name': name, | |
1196 | 'type': 'NS' | |
1197 | } | |
d708640f | 1198 | payload = {'rrsets': [rrset]} |
b3905a3d | 1199 | r = self.session.patch( |
46d06a12 | 1200 | self.url("/api/v1/servers/localhost/zones/" + name), |
b3905a3d CH |
1201 | data=json.dumps(payload), |
1202 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1203 | self.assert_success(r) |
b3905a3d | 1204 | # verify that the records are gone |
f0e76cee | 1205 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
6754ef71 | 1206 | self.assertIsNone(get_rrset(data, name, 'NS')) |
cea26350 | 1207 | |
e732e9cc JE |
1208 | def test_zone_rr_update_rrset_combine_replace_and_delete(self): |
1209 | name, payload, zone = self.create_zone() | |
1210 | rrset1 = { | |
1211 | 'changetype': 'delete', | |
1212 | 'name': 'sub.' + name, | |
1213 | 'type': 'CNAME', | |
1214 | } | |
1215 | rrset2 = { | |
1216 | 'changetype': 'replace', | |
1217 | 'name': 'sub.' + name, | |
1218 | 'type': 'CNAME', | |
1219 | 'ttl': 500, | |
1220 | 'records': [ | |
1221 | { | |
1222 | "content": "www.example.org.", | |
1223 | "disabled": False | |
1224 | } | |
1225 | ] | |
1226 | } | |
1227 | payload = {'rrsets': [rrset1, rrset2]} | |
1228 | r = self.session.patch( | |
1229 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1230 | data=json.dumps(payload), | |
1231 | headers={'content-type': 'application/json'}) | |
1232 | self.assert_success(r) | |
1233 | # verify that (only) the new record is there | |
1234 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() | |
4bfebc93 | 1235 | self.assertEqual(get_rrset(data, 'sub.' + name, 'CNAME')['records'], rrset2['records']) |
e732e9cc | 1236 | |
c1374bdb | 1237 | def test_zone_disable_reenable(self): |
d29d5db7 | 1238 | # This also tests that SOA-EDIT-API works. |
6754ef71 | 1239 | name, payload, zone = self.create_zone(soa_edit_api='EPOCH') |
cea26350 | 1240 | # disable zone by disabling SOA |
d708640f | 1241 | rrset = { |
cea26350 CH |
1242 | 'changetype': 'replace', |
1243 | 'name': name, | |
1244 | 'type': 'SOA', | |
6754ef71 | 1245 | 'ttl': 3600, |
cea26350 CH |
1246 | 'records': [ |
1247 | { | |
1d6b70f9 | 1248 | "content": "ns1.bar.com. hostmaster.foo.org. 1 1 1 1 1", |
cea26350 CH |
1249 | "disabled": True |
1250 | } | |
1251 | ] | |
1252 | } | |
d708640f | 1253 | payload = {'rrsets': [rrset]} |
cea26350 | 1254 | r = self.session.patch( |
46d06a12 | 1255 | self.url("/api/v1/servers/localhost/zones/" + name), |
cea26350 CH |
1256 | data=json.dumps(payload), |
1257 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1258 | self.assert_success(r) |
d29d5db7 | 1259 | # check SOA serial has been edited |
f0e76cee CH |
1260 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1261 | soa_serial1 = get_first_rec(data, name, 'SOA')['content'].split()[2] | |
4bfebc93 | 1262 | self.assertNotEqual(soa_serial1, '1') |
d29d5db7 | 1263 | # make sure domain is still in zone list (disabled SOA!) |
46d06a12 | 1264 | r = self.session.get(self.url("/api/v1/servers/localhost/zones")) |
cea26350 | 1265 | domains = r.json() |
4bfebc93 | 1266 | self.assertEqual(len([domain for domain in domains if domain['name'] == name]), 1) |
d29d5db7 CH |
1267 | # sleep 1sec to ensure the EPOCH value changes for the next request |
1268 | time.sleep(1) | |
cea26350 | 1269 | # verify that modifying it still works |
d708640f CH |
1270 | rrset['records'][0]['disabled'] = False |
1271 | payload = {'rrsets': [rrset]} | |
cea26350 | 1272 | r = self.session.patch( |
46d06a12 | 1273 | self.url("/api/v1/servers/localhost/zones/" + name), |
cea26350 CH |
1274 | data=json.dumps(payload), |
1275 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1276 | self.assert_success(r) |
d29d5db7 | 1277 | # check SOA serial has been edited again |
f0e76cee CH |
1278 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1279 | soa_serial2 = get_first_rec(data, name, 'SOA')['content'].split()[2] | |
4bfebc93 CH |
1280 | self.assertNotEqual(soa_serial2, '1') |
1281 | self.assertNotEqual(soa_serial2, soa_serial1) | |
02945d9a | 1282 | |
c1374bdb | 1283 | def test_zone_rr_update_out_of_zone(self): |
6754ef71 | 1284 | name, payload, zone = self.create_zone() |
35f26cc5 | 1285 | # replace with qname mismatch |
d708640f | 1286 | rrset = { |
35f26cc5 | 1287 | 'changetype': 'replace', |
1d6b70f9 | 1288 | 'name': 'not-in-zone.', |
35f26cc5 | 1289 | 'type': 'NS', |
6754ef71 | 1290 | 'ttl': 3600, |
35f26cc5 CH |
1291 | 'records': [ |
1292 | { | |
1d6b70f9 | 1293 | "content": "ns1.bar.com.", |
35f26cc5 CH |
1294 | "disabled": False |
1295 | } | |
1296 | ] | |
1297 | } | |
d708640f | 1298 | payload = {'rrsets': [rrset]} |
35f26cc5 | 1299 | r = self.session.patch( |
46d06a12 | 1300 | self.url("/api/v1/servers/localhost/zones/" + name), |
35f26cc5 CH |
1301 | data=json.dumps(payload), |
1302 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1303 | self.assertEqual(r.status_code, 422) |
35f26cc5 CH |
1304 | self.assertIn('out of zone', r.json()['error']) |
1305 | ||
1d6b70f9 | 1306 | def test_zone_rr_update_restricted_chars(self): |
6754ef71 | 1307 | name, payload, zone = self.create_zone() |
1d6b70f9 CH |
1308 | # replace with qname mismatch |
1309 | rrset = { | |
1310 | 'changetype': 'replace', | |
1311 | 'name': 'test:' + name, | |
1312 | 'type': 'NS', | |
6754ef71 | 1313 | 'ttl': 3600, |
1d6b70f9 CH |
1314 | 'records': [ |
1315 | { | |
1d6b70f9 CH |
1316 | "content": "ns1.bar.com.", |
1317 | "disabled": False | |
1318 | } | |
1319 | ] | |
1320 | } | |
1321 | payload = {'rrsets': [rrset]} | |
1322 | r = self.session.patch( | |
1323 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1324 | data=json.dumps(payload), | |
1325 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1326 | self.assertEqual(r.status_code, 422) |
1d6b70f9 CH |
1327 | self.assertIn('contains unsupported characters', r.json()['error']) |
1328 | ||
24cd86ca | 1329 | def test_rrset_unknown_type(self): |
6754ef71 | 1330 | name, payload, zone = self.create_zone() |
24cd86ca CH |
1331 | rrset = { |
1332 | 'changetype': 'replace', | |
1333 | 'name': name, | |
1334 | 'type': 'FAFAFA', | |
6754ef71 | 1335 | 'ttl': 3600, |
24cd86ca CH |
1336 | 'records': [ |
1337 | { | |
24cd86ca CH |
1338 | "content": "4.3.2.1", |
1339 | "disabled": False | |
1340 | } | |
1341 | ] | |
1342 | } | |
1343 | payload = {'rrsets': [rrset]} | |
46d06a12 | 1344 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), |
24cd86ca | 1345 | headers={'content-type': 'application/json'}) |
4bfebc93 | 1346 | self.assertEqual(r.status_code, 422) |
24cd86ca CH |
1347 | self.assertIn('unknown type', r.json()['error']) |
1348 | ||
646bcd7d CH |
1349 | @parameterized.expand([ |
1350 | ('CNAME', ), | |
646bcd7d CH |
1351 | ]) |
1352 | def test_rrset_exclusive_and_other(self, qtype): | |
8560f36a CH |
1353 | name, payload, zone = self.create_zone() |
1354 | rrset = { | |
1355 | 'changetype': 'replace', | |
1356 | 'name': name, | |
646bcd7d | 1357 | 'type': qtype, |
8560f36a CH |
1358 | 'ttl': 3600, |
1359 | 'records': [ | |
1360 | { | |
1361 | "content": "example.org.", | |
1362 | "disabled": False | |
1363 | } | |
1364 | ] | |
1365 | } | |
1366 | payload = {'rrsets': [rrset]} | |
1367 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1368 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1369 | self.assertEqual(r.status_code, 422) |
646bcd7d | 1370 | self.assertIn('Conflicts with pre-existing RRset', r.json()['error']) |
8560f36a | 1371 | |
646bcd7d CH |
1372 | @parameterized.expand([ |
1373 | ('CNAME', ), | |
646bcd7d CH |
1374 | ]) |
1375 | def test_rrset_other_and_exclusive(self, qtype): | |
8560f36a CH |
1376 | name, payload, zone = self.create_zone() |
1377 | rrset = { | |
1378 | 'changetype': 'replace', | |
1379 | 'name': 'sub.'+name, | |
646bcd7d | 1380 | 'type': qtype, |
8560f36a CH |
1381 | 'ttl': 3600, |
1382 | 'records': [ | |
1383 | { | |
1384 | "content": "example.org.", | |
1385 | "disabled": False | |
1386 | } | |
1387 | ] | |
1388 | } | |
1389 | payload = {'rrsets': [rrset]} | |
1390 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1391 | headers={'content-type': 'application/json'}) | |
1392 | self.assert_success(r) | |
1393 | rrset = { | |
1394 | 'changetype': 'replace', | |
1395 | 'name': 'sub.'+name, | |
1396 | 'type': 'A', | |
1397 | 'ttl': 3600, | |
1398 | 'records': [ | |
1399 | { | |
1400 | "content": "1.2.3.4", | |
1401 | "disabled": False | |
1402 | } | |
1403 | ] | |
1404 | } | |
1405 | payload = {'rrsets': [rrset]} | |
1406 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1407 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1408 | self.assertEqual(r.status_code, 422) |
646bcd7d CH |
1409 | self.assertIn('Conflicts with pre-existing RRset', r.json()['error']) |
1410 | ||
1411 | @parameterized.expand([ | |
1412 | ('SOA', ['ns1.example.org. test@example.org. 10 10800 3600 604800 3600', 'ns2.example.org. test@example.org. 10 10800 3600 604800 3600']), | |
1413 | ('CNAME', ['01.example.org.', '02.example.org.']), | |
646bcd7d CH |
1414 | ]) |
1415 | def test_rrset_single_qtypes(self, qtype, contents): | |
8b1fa85d RG |
1416 | name, payload, zone = self.create_zone() |
1417 | rrset = { | |
1418 | 'changetype': 'replace', | |
1419 | 'name': 'sub.'+name, | |
646bcd7d | 1420 | 'type': qtype, |
8b1fa85d RG |
1421 | 'ttl': 3600, |
1422 | 'records': [ | |
1423 | { | |
646bcd7d | 1424 | "content": contents[0], |
8b1fa85d RG |
1425 | "disabled": False |
1426 | }, | |
1427 | { | |
646bcd7d | 1428 | "content": contents[1], |
8b1fa85d RG |
1429 | "disabled": False |
1430 | } | |
1431 | ] | |
1432 | } | |
1433 | payload = {'rrsets': [rrset]} | |
1434 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1435 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1436 | self.assertEqual(r.status_code, 422) |
646bcd7d | 1437 | self.assertIn('IN ' + qtype + ' has more than one record', r.json()['error']) |
8b1fa85d | 1438 | |
d2b117ec AT |
1439 | def test_rrset_zone_apex(self): |
1440 | name, payload, zone = self.create_zone() | |
1441 | rrset1 = { | |
1442 | 'changetype': 'replace', | |
1443 | 'name': name, | |
1444 | 'type': 'SOA', | |
1445 | 'ttl': 3600, | |
1446 | 'records': [ | |
1447 | { | |
1448 | "content": 'ns1.example.org. test@example.org. 10 10800 3600 604800 3600', | |
1449 | "disabled": False | |
1450 | }, | |
1451 | ] | |
1452 | } | |
1453 | rrset2 = { | |
1454 | 'changetype': 'replace', | |
1455 | 'name': name, | |
1456 | 'type': 'DNAME', | |
1457 | 'ttl': 3600, | |
1458 | 'records': [ | |
1459 | { | |
1460 | "content": 'example.com.', | |
1461 | "disabled": False | |
1462 | }, | |
1463 | ] | |
1464 | } | |
1465 | ||
1466 | payload = {'rrsets': [rrset1, rrset2]} | |
1467 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1468 | headers={'content-type': 'application/json'}) | |
1469 | self.assert_success(r) # user should be able to create DNAME at APEX as per RFC 6672 section 2.3 | |
1470 | ||
0ab5d78e PL |
1471 | def test_rr_svcb(self): |
1472 | name, payload, zone = self.create_zone() | |
1473 | rrset = { | |
1474 | 'changetype': 'replace', | |
1475 | 'name': 'svcb.' + name, | |
1476 | 'type': 'SVCB', | |
1477 | 'ttl': 3600, | |
1478 | 'records': [ | |
1479 | { | |
1480 | "content": '40 . mandatory=alpn alpn=h2,h3 ipv4hint=192.0.2.1,192.0.2.2 echconfig="dG90YWxseSBib2d1cyBlY2hjb25maWcgdmFsdWU="', | |
1481 | "disabled": False | |
1482 | }, | |
1483 | ] | |
1484 | } | |
1485 | payload = {'rrsets': [rrset]} | |
1486 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1487 | headers={'content-type': 'application/json'}) | |
1488 | self.assert_success(r) | |
1489 | ||
d2b117ec AT |
1490 | def test_rrset_ns_dname_exclude(self): |
1491 | name, payload, zone = self.create_zone() | |
1492 | rrset = { | |
1493 | 'changetype': 'replace', | |
1494 | 'name': 'delegation.'+name, | |
1495 | 'type': 'NS', | |
1496 | 'ttl': 3600, | |
1497 | 'records': [ | |
1498 | { | |
1499 | "content": "ns.example.org.", | |
1500 | "disabled": False | |
1501 | } | |
1502 | ] | |
1503 | } | |
1504 | payload = {'rrsets': [rrset]} | |
1505 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1506 | headers={'content-type': 'application/json'}) | |
1507 | self.assert_success(r) | |
1508 | rrset = { | |
1509 | 'changetype': 'replace', | |
1510 | 'name': 'delegation.'+name, | |
1511 | 'type': 'DNAME', | |
1512 | 'ttl': 3600, | |
1513 | 'records': [ | |
1514 | { | |
7bc54205 | 1515 | "content": "example.com.", |
d2b117ec AT |
1516 | "disabled": False |
1517 | } | |
1518 | ] | |
1519 | } | |
1520 | payload = {'rrsets': [rrset]} | |
1521 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1522 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1523 | self.assertEqual(r.status_code, 422) |
d2b117ec AT |
1524 | self.assertIn('Cannot have both NS and DNAME except in zone apex', r.json()['error']) |
1525 | ||
7bc54205 AT |
1526 | ## FIXME: Enable this when it's time for it |
1527 | # def test_rrset_dname_nothing_under(self): | |
1528 | # name, payload, zone = self.create_zone() | |
1529 | # rrset = { | |
1530 | # 'changetype': 'replace', | |
1531 | # 'name': 'delegation.'+name, | |
1532 | # 'type': 'DNAME', | |
1533 | # 'ttl': 3600, | |
1534 | # 'records': [ | |
1535 | # { | |
1536 | # "content": "example.com.", | |
1537 | # "disabled": False | |
1538 | # } | |
1539 | # ] | |
1540 | # } | |
1541 | # payload = {'rrsets': [rrset]} | |
1542 | # r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1543 | # headers={'content-type': 'application/json'}) | |
1544 | # self.assert_success(r) | |
1545 | # rrset = { | |
1546 | # 'changetype': 'replace', | |
1547 | # 'name': 'sub.delegation.'+name, | |
1548 | # 'type': 'A', | |
1549 | # 'ttl': 3600, | |
1550 | # 'records': [ | |
1551 | # { | |
1552 | # "content": "1.2.3.4", | |
1553 | # "disabled": False | |
1554 | # } | |
1555 | # ] | |
1556 | # } | |
1557 | # payload = {'rrsets': [rrset]} | |
1558 | # r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), | |
1559 | # headers={'content-type': 'application/json'}) | |
4bfebc93 | 1560 | # self.assertEqual(r.status_code, 422) |
7bc54205 AT |
1561 | # self.assertIn('You cannot have record(s) under CNAME/DNAME', r.json()['error']) |
1562 | ||
1e5b9ab9 CH |
1563 | def test_create_zone_with_leading_space(self): |
1564 | # Actual regression. | |
6754ef71 | 1565 | name, payload, zone = self.create_zone() |
1e5b9ab9 CH |
1566 | rrset = { |
1567 | 'changetype': 'replace', | |
1568 | 'name': name, | |
1569 | 'type': 'A', | |
6754ef71 | 1570 | 'ttl': 3600, |
1e5b9ab9 CH |
1571 | 'records': [ |
1572 | { | |
1e5b9ab9 CH |
1573 | "content": " 4.3.2.1", |
1574 | "disabled": False | |
1575 | } | |
1576 | ] | |
1577 | } | |
1578 | payload = {'rrsets': [rrset]} | |
46d06a12 | 1579 | r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload), |
1e5b9ab9 | 1580 | headers={'content-type': 'application/json'}) |
4bfebc93 | 1581 | self.assertEqual(r.status_code, 422) |
1e5b9ab9 CH |
1582 | self.assertIn('Not in expected format', r.json()['error']) |
1583 | ||
d1b98434 | 1584 | @unittest.skipIf(is_auth_lmdb(), "No out-of-zone storage in LMDB") |
c1374bdb | 1585 | def test_zone_rr_delete_out_of_zone(self): |
6754ef71 | 1586 | name, payload, zone = self.create_zone() |
d708640f | 1587 | rrset = { |
35f26cc5 | 1588 | 'changetype': 'delete', |
1d6b70f9 | 1589 | 'name': 'not-in-zone.', |
35f26cc5 CH |
1590 | 'type': 'NS' |
1591 | } | |
d708640f | 1592 | payload = {'rrsets': [rrset]} |
35f26cc5 | 1593 | r = self.session.patch( |
46d06a12 | 1594 | self.url("/api/v1/servers/localhost/zones/" + name), |
35f26cc5 CH |
1595 | data=json.dumps(payload), |
1596 | headers={'content-type': 'application/json'}) | |
541bb91b | 1597 | print(r.content) |
f0e76cee | 1598 | self.assert_success(r) # succeed so users can fix their wrong, old data |
35f26cc5 | 1599 | |
37663c3b | 1600 | def test_zone_delete(self): |
6754ef71 | 1601 | name, payload, zone = self.create_zone() |
46d06a12 | 1602 | r = self.session.delete(self.url("/api/v1/servers/localhost/zones/" + name)) |
4bfebc93 | 1603 | self.assertEqual(r.status_code, 204) |
37663c3b CH |
1604 | self.assertNotIn('Content-Type', r.headers) |
1605 | ||
d1b98434 | 1606 | @unittest.skipIf(is_auth_lmdb(), "No comments in LMDB") |
c1374bdb | 1607 | def test_zone_comment_create(self): |
6754ef71 | 1608 | name, payload, zone = self.create_zone() |
d708640f | 1609 | rrset = { |
6cc98ddf CH |
1610 | 'changetype': 'replace', |
1611 | 'name': name, | |
1612 | 'type': 'NS', | |
6754ef71 | 1613 | 'ttl': 3600, |
6cc98ddf CH |
1614 | 'comments': [ |
1615 | { | |
1616 | 'account': 'test1', | |
1617 | 'content': 'blah blah', | |
1618 | }, | |
1619 | { | |
1620 | 'account': 'test2', | |
1621 | 'content': 'blah blah bleh', | |
1622 | } | |
1623 | ] | |
1624 | } | |
d708640f | 1625 | payload = {'rrsets': [rrset]} |
6cc98ddf | 1626 | r = self.session.patch( |
46d06a12 | 1627 | self.url("/api/v1/servers/localhost/zones/" + name), |
6cc98ddf CH |
1628 | data=json.dumps(payload), |
1629 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1630 | self.assert_success(r) |
6cc98ddf CH |
1631 | # make sure the comments have been set, and that the NS |
1632 | # records are still present | |
f0e76cee CH |
1633 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1634 | serverset = get_rrset(data, name, 'NS') | |
541bb91b | 1635 | print(serverset) |
4bfebc93 CH |
1636 | self.assertNotEqual(serverset['records'], []) |
1637 | self.assertNotEqual(serverset['comments'], []) | |
6cc98ddf | 1638 | # verify that modified_at has been set by pdns |
4bfebc93 | 1639 | self.assertNotEqual([c for c in serverset['comments']][0]['modified_at'], 0) |
0d7f3c75 | 1640 | # verify that TTL is correct (regression test) |
4bfebc93 | 1641 | self.assertEqual(serverset['ttl'], 3600) |
6cc98ddf | 1642 | |
d1b98434 | 1643 | @unittest.skipIf(is_auth_lmdb(), "No comments in LMDB") |
c1374bdb | 1644 | def test_zone_comment_delete(self): |
6cc98ddf | 1645 | # Test: Delete ONLY comments. |
6754ef71 | 1646 | name, payload, zone = self.create_zone() |
d708640f | 1647 | rrset = { |
6cc98ddf CH |
1648 | 'changetype': 'replace', |
1649 | 'name': name, | |
1650 | 'type': 'NS', | |
1651 | 'comments': [] | |
1652 | } | |
d708640f | 1653 | payload = {'rrsets': [rrset]} |
6cc98ddf | 1654 | r = self.session.patch( |
46d06a12 | 1655 | self.url("/api/v1/servers/localhost/zones/" + name), |
6cc98ddf CH |
1656 | data=json.dumps(payload), |
1657 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1658 | self.assert_success(r) |
6cc98ddf | 1659 | # make sure the NS records are still present |
f0e76cee CH |
1660 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1661 | serverset = get_rrset(data, name, 'NS') | |
541bb91b | 1662 | print(serverset) |
4bfebc93 CH |
1663 | self.assertNotEqual(serverset['records'], []) |
1664 | self.assertEqual(serverset['comments'], []) | |
6cc98ddf | 1665 | |
d1b98434 | 1666 | @unittest.skipIf(is_auth_lmdb(), "No comments in LMDB") |
1148587f CH |
1667 | def test_zone_comment_out_of_range_modified_at(self): |
1668 | # Test if comments on an rrset stay intact if the rrset is replaced | |
1669 | name, payload, zone = self.create_zone() | |
1670 | rrset = { | |
1671 | 'changetype': 'replace', | |
1672 | 'name': name, | |
1673 | 'type': 'NS', | |
1674 | 'comments': [ | |
1675 | { | |
1676 | 'account': 'test1', | |
1677 | 'content': 'oh hi there', | |
1678 | 'modified_at': '4294967297' | |
1679 | } | |
1680 | ] | |
1681 | } | |
1682 | payload = {'rrsets': [rrset]} | |
1683 | r = self.session.patch( | |
1684 | self.url("/api/v1/servers/localhost/zones/" + name), | |
1685 | data=json.dumps(payload), | |
1686 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1687 | self.assertEqual(r.status_code, 422) |
1148587f CH |
1688 | self.assertIn("Value for key 'modified_at' is out of range", r.json()['error']) |
1689 | ||
d1b98434 | 1690 | @unittest.skipIf(is_auth_lmdb(), "No comments in LMDB") |
c1374bdb | 1691 | def test_zone_comment_stay_intact(self): |
6cc98ddf | 1692 | # Test if comments on an rrset stay intact if the rrset is replaced |
6754ef71 | 1693 | name, payload, zone = self.create_zone() |
6cc98ddf | 1694 | # create a comment |
d708640f | 1695 | rrset = { |
6cc98ddf CH |
1696 | 'changetype': 'replace', |
1697 | 'name': name, | |
1698 | 'type': 'NS', | |
1699 | 'comments': [ | |
1700 | { | |
1701 | 'account': 'test1', | |
1702 | 'content': 'oh hi there', | |
2696eea0 | 1703 | 'modified_at': 1111 |
6cc98ddf CH |
1704 | } |
1705 | ] | |
1706 | } | |
d708640f | 1707 | payload = {'rrsets': [rrset]} |
6cc98ddf | 1708 | r = self.session.patch( |
46d06a12 | 1709 | self.url("/api/v1/servers/localhost/zones/" + name), |
6cc98ddf CH |
1710 | data=json.dumps(payload), |
1711 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1712 | self.assert_success(r) |
6cc98ddf | 1713 | # replace rrset records |
d708640f | 1714 | rrset2 = { |
6cc98ddf CH |
1715 | 'changetype': 'replace', |
1716 | 'name': name, | |
1717 | 'type': 'NS', | |
6754ef71 | 1718 | 'ttl': 3600, |
6cc98ddf CH |
1719 | 'records': [ |
1720 | { | |
1d6b70f9 | 1721 | "content": "ns1.bar.com.", |
6cc98ddf CH |
1722 | "disabled": False |
1723 | } | |
1724 | ] | |
1725 | } | |
d708640f | 1726 | payload2 = {'rrsets': [rrset2]} |
6cc98ddf | 1727 | r = self.session.patch( |
46d06a12 | 1728 | self.url("/api/v1/servers/localhost/zones/" + name), |
6cc98ddf CH |
1729 | data=json.dumps(payload2), |
1730 | headers={'content-type': 'application/json'}) | |
f0e76cee | 1731 | self.assert_success(r) |
6cc98ddf | 1732 | # make sure the comments still exist |
f0e76cee CH |
1733 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json() |
1734 | serverset = get_rrset(data, name, 'NS') | |
541bb91b | 1735 | print(serverset) |
4bfebc93 CH |
1736 | self.assertEqual(serverset['records'], rrset2['records']) |
1737 | self.assertEqual(serverset['comments'], rrset['comments']) | |
6cc98ddf | 1738 | |
d1b98434 | 1739 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
c1374bdb | 1740 | def test_search_rr_exact_zone(self): |
b1902fab | 1741 | name = unique_zone_name() |
1d6b70f9 CH |
1742 | self.create_zone(name=name, serial=22, soa_edit_api='') |
1743 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=" + name.rstrip('.'))) | |
c1374bdb | 1744 | self.assert_success_json(r) |
541bb91b | 1745 | print(r.json()) |
7386e38f | 1746 | self.assertCountEqual(r.json(), [ |
1d6b70f9 | 1747 | {u'object_type': u'zone', u'name': name, u'zone_id': name}, |
1d6b70f9 CH |
1748 | {u'content': u'ns1.example.com.', |
1749 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, | |
1750 | u'ttl': 3600, u'type': u'NS', u'name': name}, | |
1751 | {u'content': u'ns2.example.com.', | |
1752 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, | |
1753 | u'ttl': 3600, u'type': u'NS', u'name': name}, | |
f527c6ff | 1754 | {u'content': u'a.misconfigured.dns.server.invalid. hostmaster.'+name+' 22 10800 3600 604800 3600', |
45250285 JE |
1755 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, |
1756 | u'ttl': 3600, u'type': u'SOA', u'name': name}, | |
1757 | ]) | |
1758 | ||
d1b98434 | 1759 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
45250285 JE |
1760 | def test_search_rr_exact_zone_filter_type_zone(self): |
1761 | name = unique_zone_name() | |
1762 | data_type = "zone" | |
1763 | self.create_zone(name=name, serial=22, soa_edit_api='') | |
0bd91de6 | 1764 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=" + name.rstrip('.') + "&object_type=" + data_type)) |
45250285 JE |
1765 | self.assert_success_json(r) |
1766 | print(r.json()) | |
4bfebc93 | 1767 | self.assertEqual(r.json(), [ |
45250285 JE |
1768 | {u'object_type': u'zone', u'name': name, u'zone_id': name}, |
1769 | ]) | |
1770 | ||
d1b98434 | 1771 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
45250285 JE |
1772 | def test_search_rr_exact_zone_filter_type_record(self): |
1773 | name = unique_zone_name() | |
1774 | data_type = "record" | |
1775 | self.create_zone(name=name, serial=22, soa_edit_api='') | |
0bd91de6 | 1776 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=" + name.rstrip('.') + "&object_type=" + data_type)) |
45250285 JE |
1777 | self.assert_success_json(r) |
1778 | print(r.json()) | |
7386e38f | 1779 | self.assertCountEqual(r.json(), [ |
45250285 JE |
1780 | {u'content': u'ns1.example.com.', |
1781 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, | |
1782 | u'ttl': 3600, u'type': u'NS', u'name': name}, | |
1783 | {u'content': u'ns2.example.com.', | |
1784 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, | |
1785 | u'ttl': 3600, u'type': u'NS', u'name': name}, | |
f527c6ff | 1786 | {u'content': u'a.misconfigured.dns.server.invalid. hostmaster.'+name+' 22 10800 3600 604800 3600', |
f2d6dcc0 RG |
1787 | u'zone_id': name, u'zone': name, u'object_type': u'record', u'disabled': False, |
1788 | u'ttl': 3600, u'type': u'SOA', u'name': name}, | |
1d6b70f9 | 1789 | ]) |
b1902fab | 1790 | |
d1b98434 | 1791 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
c1374bdb | 1792 | def test_search_rr_substring(self): |
541bb91b CH |
1793 | name = unique_zone_name() |
1794 | search = name[5:-5] | |
b1902fab | 1795 | self.create_zone(name=name) |
541bb91b | 1796 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=*%s*" % search)) |
c1374bdb | 1797 | self.assert_success_json(r) |
541bb91b | 1798 | print(r.json()) |
b1902fab | 1799 | # should return zone, SOA, ns1, ns2 |
4bfebc93 | 1800 | self.assertEqual(len(r.json()), 4) |
b1902fab | 1801 | |
d1b98434 | 1802 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
c1374bdb | 1803 | def test_search_rr_case_insensitive(self): |
541bb91b | 1804 | name = unique_zone_name()+'testsuffix.' |
57cb86d8 | 1805 | self.create_zone(name=name) |
541bb91b | 1806 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=*testSUFFIX*")) |
c1374bdb | 1807 | self.assert_success_json(r) |
541bb91b | 1808 | print(r.json()) |
57cb86d8 | 1809 | # should return zone, SOA, ns1, ns2 |
4bfebc93 | 1810 | self.assertEqual(len(r.json()), 4) |
57cb86d8 | 1811 | |
478a7402 PL |
1812 | @unittest.skipIf(is_auth_lmdb(), "No search or comments in LMDB") |
1813 | def test_search_rr_comment(self): | |
1814 | name = unique_zone_name() | |
1815 | rrsets = [{ | |
1816 | "name": name, | |
1817 | "type": "AAAA", | |
1818 | "ttl": 3600, | |
1819 | "records": [{ | |
1820 | "content": "2001:DB8::1", | |
1821 | "disabled": False, | |
1822 | }], | |
1823 | "comments": [{ | |
1824 | "account": "test AAAA", | |
1825 | "content": "blah", | |
1826 | "modified_at": 11112, | |
1827 | }], | |
1828 | }] | |
1829 | name, payload, data = self.create_zone(name=name, rrsets=rrsets) | |
1830 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=blah")) | |
1831 | self.assert_success_json(r) | |
1832 | data = r.json() | |
1833 | # should return the AAAA record | |
4bfebc93 | 1834 | self.assertEqual(len(data), 1) |
478a7402 PL |
1835 | self.assertEqual(data[0]['object_type'], 'comment') |
1836 | self.assertEqual(data[0]['type'], 'AAAA') | |
1837 | self.assertEqual(data[0]['name'], name) | |
1838 | self.assertEqual(data[0]['content'], rrsets[0]['comments'][0]['content']) | |
1839 | ||
d1b98434 | 1840 | @unittest.skipIf(is_auth_lmdb(), "No search in LMDB") |
7cbc5255 | 1841 | def test_search_after_rectify_with_ent(self): |
541bb91b CH |
1842 | name = unique_zone_name() |
1843 | search = name.split('.')[0] | |
7cbc5255 CH |
1844 | rrset = { |
1845 | "name": 'sub.sub.' + name, | |
1846 | "type": "A", | |
1847 | "ttl": 3600, | |
1848 | "records": [{ | |
1849 | "content": "4.3.2.1", | |
1850 | "disabled": False, | |
1851 | }], | |
1852 | } | |
1853 | self.create_zone(name=name, rrsets=[rrset]) | |
1854 | pdnsutil_rectify(name) | |
541bb91b | 1855 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=*%s*" % search)) |
7cbc5255 | 1856 | self.assert_success_json(r) |
541bb91b | 1857 | print(r.json()) |
7cbc5255 | 1858 | # should return zone, SOA, ns1, ns2, sub.sub A (but not the ENT) |
4bfebc93 | 1859 | self.assertEqual(len(r.json()), 5) |
7cbc5255 | 1860 | |
d1b98434 | 1861 | @unittest.skipIf(is_auth_lmdb(), "No get_db_records for LMDB") |
b8cd24cc SH |
1862 | def test_default_api_rectify(self): |
1863 | name = unique_zone_name() | |
1864 | search = name.split('.')[0] | |
1865 | rrsets = [ | |
1866 | { | |
1867 | "name": 'a.' + name, | |
1868 | "type": "AAAA", | |
1869 | "ttl": 3600, | |
1870 | "records": [{ | |
1871 | "content": "2001:DB8::1", | |
1872 | "disabled": False, | |
1873 | }], | |
1874 | }, | |
1875 | { | |
1876 | "name": 'b.' + name, | |
1877 | "type": "AAAA", | |
1878 | "ttl": 3600, | |
1879 | "records": [{ | |
1880 | "content": "2001:DB8::2", | |
1881 | "disabled": False, | |
1882 | }], | |
1883 | }, | |
1884 | ] | |
1885 | self.create_zone(name=name, rrsets=rrsets, dnssec=True, nsec3param='1 0 1 ab') | |
1886 | dbrecs = get_db_records(name, 'AAAA') | |
1887 | self.assertIsNotNone(dbrecs[0]['ordername']) | |
1888 | ||
d1b98434 | 1889 | @unittest.skipIf(is_auth_lmdb(), "No get_db_records for LMDB") |
b8cd24cc SH |
1890 | def test_override_api_rectify(self): |
1891 | name = unique_zone_name() | |
1892 | search = name.split('.')[0] | |
1893 | rrsets = [ | |
1894 | { | |
1895 | "name": 'a.' + name, | |
1896 | "type": "AAAA", | |
1897 | "ttl": 3600, | |
1898 | "records": [{ | |
1899 | "content": "2001:DB8::1", | |
1900 | "disabled": False, | |
1901 | }], | |
1902 | }, | |
1903 | { | |
1904 | "name": 'b.' + name, | |
1905 | "type": "AAAA", | |
1906 | "ttl": 3600, | |
1907 | "records": [{ | |
1908 | "content": "2001:DB8::2", | |
1909 | "disabled": False, | |
1910 | }], | |
1911 | }, | |
1912 | ] | |
1913 | self.create_zone(name=name, rrsets=rrsets, api_rectify=False, dnssec=True, nsec3param='1 0 1 ab') | |
1914 | dbrecs = get_db_records(name, 'AAAA') | |
1915 | self.assertIsNone(dbrecs[0]['ordername']) | |
1916 | ||
d1b98434 | 1917 | @unittest.skipIf(is_auth_lmdb(), "No get_db_records for LMDB") |
a6185e05 CH |
1918 | def test_explicit_rectify_success(self): |
1919 | name, _, data = self.create_zone = self.create_zone(api_rectify=False, dnssec=True, nsec3param='1 0 1 ab') | |
1920 | dbrecs = get_db_records(name, 'SOA') | |
1921 | self.assertIsNone(dbrecs[0]['ordername']) | |
1922 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/" + data['id'] + "/rectify")) | |
4bfebc93 | 1923 | self.assertEqual(r.status_code, 200) |
a6185e05 CH |
1924 | dbrecs = get_db_records(name, 'SOA') |
1925 | self.assertIsNotNone(dbrecs[0]['ordername']) | |
1926 | ||
a6185e05 CH |
1927 | def test_explicit_rectify_slave(self): |
1928 | # Some users want to move a zone to kind=Slave and then rectify, without a re-transfer. | |
1929 | name, _, data = self.create_zone = self.create_zone(api_rectify=False, dnssec=True, nsec3param='1 0 1 ab') | |
1930 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/" + data['id']), | |
1931 | data=json.dumps({'kind': 'Slave'}), | |
1932 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1933 | self.assertEqual(r.status_code, 204) |
a6185e05 | 1934 | r = self.session.put(self.url("/api/v1/servers/localhost/zones/" + data['id'] + "/rectify")) |
4bfebc93 | 1935 | self.assertEqual(r.status_code, 200) |
d1b98434 PD |
1936 | if not is_auth_lmdb(): |
1937 | dbrecs = get_db_records(name, 'SOA') | |
1938 | self.assertIsNotNone(dbrecs[0]['ordername']) | |
a6185e05 | 1939 | |
03b1cc25 | 1940 | def test_cname_at_ent_place(self): |
f04b32e4 | 1941 | name, payload, zone = self.create_zone(dnssec=True, api_rectify=True) |
03b1cc25 CH |
1942 | rrset = { |
1943 | 'changetype': 'replace', | |
1944 | 'name': 'sub2.sub1.' + name, | |
1945 | 'type': "A", | |
1946 | 'ttl': 3600, | |
1947 | 'records': [{ | |
1948 | 'content': "4.3.2.1", | |
1949 | 'disabled': False, | |
1950 | }], | |
1951 | } | |
1952 | payload = {'rrsets': [rrset]} | |
1953 | r = self.session.patch( | |
1954 | self.url("/api/v1/servers/localhost/zones/" + zone['id']), | |
1955 | data=json.dumps(payload), | |
1956 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1957 | self.assertEqual(r.status_code, 204) |
03b1cc25 CH |
1958 | rrset = { |
1959 | 'changetype': 'replace', | |
1960 | 'name': 'sub1.' + name, | |
1961 | 'type': "CNAME", | |
1962 | 'ttl': 3600, | |
1963 | 'records': [{ | |
1964 | 'content': "www.example.org.", | |
1965 | 'disabled': False, | |
1966 | }], | |
1967 | } | |
1968 | payload = {'rrsets': [rrset]} | |
1969 | r = self.session.patch( | |
1970 | self.url("/api/v1/servers/localhost/zones/" + zone['id']), | |
1971 | data=json.dumps(payload), | |
1972 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 1973 | self.assertEqual(r.status_code, 204) |
03b1cc25 | 1974 | |
986e4858 PL |
1975 | def test_rrset_parameter_post_false(self): |
1976 | name = unique_zone_name() | |
1977 | payload = { | |
1978 | 'name': name, | |
1979 | 'kind': 'Native', | |
1980 | 'nameservers': ['ns1.example.com.', 'ns2.example.com.'] | |
1981 | } | |
1982 | r = self.session.post( | |
1983 | self.url("/api/v1/servers/localhost/zones?rrsets=false"), | |
1984 | data=json.dumps(payload), | |
1985 | headers={'content-type': 'application/json'}) | |
541bb91b | 1986 | print(r.json()) |
986e4858 | 1987 | self.assert_success_json(r) |
4bfebc93 CH |
1988 | self.assertEqual(r.status_code, 201) |
1989 | self.assertEqual(r.json().get('rrsets'), None) | |
986e4858 PL |
1990 | |
1991 | def test_rrset_false_parameter(self): | |
1992 | name = unique_zone_name() | |
1993 | self.create_zone(name=name, kind='Native') | |
1994 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/"+name+"?rrsets=false")) | |
1995 | self.assert_success_json(r) | |
541bb91b | 1996 | print(r.json()) |
4bfebc93 | 1997 | self.assertEqual(r.json().get('rrsets'), None) |
986e4858 PL |
1998 | |
1999 | def test_rrset_true_parameter(self): | |
2000 | name = unique_zone_name() | |
2001 | self.create_zone(name=name, kind='Native') | |
2002 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/"+name+"?rrsets=true")) | |
2003 | self.assert_success_json(r) | |
541bb91b | 2004 | print(r.json()) |
4bfebc93 | 2005 | self.assertEqual(len(r.json().get('rrsets')), 2) |
986e4858 PL |
2006 | |
2007 | def test_wrong_rrset_parameter(self): | |
2008 | name = unique_zone_name() | |
2009 | self.create_zone(name=name, kind='Native') | |
2010 | r = self.session.get(self.url("/api/v1/servers/localhost/zones/"+name+"?rrsets=foobar")) | |
4bfebc93 | 2011 | self.assertEqual(r.status_code, 422) |
986e4858 PL |
2012 | self.assertIn("'rrsets' request parameter value 'foobar' is not supported", r.json()['error']) |
2013 | ||
dc30b8fd PL |
2014 | def test_put_master_tsig_key_ids_non_existent(self): |
2015 | name = unique_zone_name() | |
2016 | keyname = unique_zone_name().split('.')[0] | |
2017 | self.create_zone(name=name, kind='Native') | |
2018 | payload = { | |
2019 | 'master_tsig_key_ids': [keyname] | |
2020 | } | |
2021 | r = self.session.put(self.url('/api/v1/servers/localhost/zones/' + name), | |
2022 | data=json.dumps(payload), | |
2023 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 2024 | self.assertEqual(r.status_code, 422) |
dc30b8fd PL |
2025 | self.assertIn('A TSIG key with the name', r.json()['error']) |
2026 | ||
2027 | def test_put_slave_tsig_key_ids_non_existent(self): | |
2028 | name = unique_zone_name() | |
2029 | keyname = unique_zone_name().split('.')[0] | |
2030 | self.create_zone(name=name, kind='Native') | |
2031 | payload = { | |
2032 | 'slave_tsig_key_ids': [keyname] | |
2033 | } | |
2034 | r = self.session.put(self.url('/api/v1/servers/localhost/zones/' + name), | |
2035 | data=json.dumps(payload), | |
2036 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 2037 | self.assertEqual(r.status_code, 422) |
dc30b8fd PL |
2038 | self.assertIn('A TSIG key with the name', r.json()['error']) |
2039 | ||
02945d9a | 2040 | |
406497f5 CH |
2041 | @unittest.skipIf(not is_auth(), "Not applicable") |
2042 | class AuthRootZone(ApiTestCase, AuthZonesHelperMixin): | |
2043 | ||
2044 | def setUp(self): | |
2045 | super(AuthRootZone, self).setUp() | |
2046 | # zone name is not unique, so delete the zone before each individual test. | |
46d06a12 | 2047 | self.session.delete(self.url("/api/v1/servers/localhost/zones/=2E")) |
406497f5 CH |
2048 | |
2049 | def test_create_zone(self): | |
6754ef71 | 2050 | name, payload, data = self.create_zone(name='.', serial=22, soa_edit_api='') |
406497f5 CH |
2051 | for k in ('id', 'url', 'name', 'masters', 'kind', 'last_check', 'notified_serial', 'serial', 'soa_edit_api', 'soa_edit', 'account'): |
2052 | self.assertIn(k, data) | |
2053 | if k in payload: | |
4bfebc93 | 2054 | self.assertEqual(data[k], payload[k]) |
406497f5 | 2055 | # validate generated SOA |
6754ef71 | 2056 | rec = get_first_rec(data, '.', 'SOA') |
4bfebc93 | 2057 | self.assertEqual( |
6754ef71 | 2058 | rec['content'], |
f527c6ff | 2059 | "a.misconfigured.dns.server.invalid. hostmaster. " + str(payload['serial']) + |
406497f5 CH |
2060 | " 10800 3600 604800 3600" |
2061 | ) | |
2062 | # Regression test: verify zone list works | |
46d06a12 | 2063 | zonelist = self.session.get(self.url("/api/v1/servers/localhost/zones")).json() |
541bb91b | 2064 | print("zonelist:", zonelist) |
406497f5 CH |
2065 | self.assertIn(payload['name'], [zone['name'] for zone in zonelist]) |
2066 | # Also test that fetching the zone works. | |
541bb91b | 2067 | print("id:", data['id']) |
4bfebc93 | 2068 | self.assertEqual(data['id'], '=2E') |
46d06a12 | 2069 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + data['id'])).json() |
541bb91b | 2070 | print("zone (fetched):", data) |
406497f5 CH |
2071 | for k in ('name', 'kind'): |
2072 | self.assertIn(k, data) | |
4bfebc93 | 2073 | self.assertEqual(data[k], payload[k]) |
6754ef71 | 2074 | self.assertEqual(data['rrsets'][0]['name'], '.') |
406497f5 CH |
2075 | |
2076 | def test_update_zone(self): | |
6754ef71 | 2077 | name, payload, zone = self.create_zone(name='.') |
406497f5 CH |
2078 | zone_id = '=2E' |
2079 | # update, set as Master and enable SOA-EDIT-API | |
2080 | payload = { | |
2081 | 'kind': 'Master', | |
2082 | 'masters': ['192.0.2.1', '192.0.2.2'], | |
2083 | 'soa_edit_api': 'EPOCH', | |
2084 | 'soa_edit': 'EPOCH' | |
2085 | } | |
2086 | r = self.session.put( | |
46d06a12 | 2087 | self.url("/api/v1/servers/localhost/zones/" + zone_id), |
406497f5 CH |
2088 | data=json.dumps(payload), |
2089 | headers={'content-type': 'application/json'}) | |
f0e76cee CH |
2090 | self.assert_success(r) |
2091 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + zone_id)).json() | |
406497f5 CH |
2092 | for k in payload.keys(): |
2093 | self.assertIn(k, data) | |
4bfebc93 | 2094 | self.assertEqual(data[k], payload[k]) |
406497f5 CH |
2095 | # update, back to Native and empty(off) |
2096 | payload = { | |
2097 | 'kind': 'Native', | |
2098 | 'soa_edit_api': '', | |
2099 | 'soa_edit': '' | |
2100 | } | |
2101 | r = self.session.put( | |
46d06a12 | 2102 | self.url("/api/v1/servers/localhost/zones/" + zone_id), |
406497f5 CH |
2103 | data=json.dumps(payload), |
2104 | headers={'content-type': 'application/json'}) | |
f0e76cee CH |
2105 | self.assert_success(r) |
2106 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + zone_id)).json() | |
406497f5 CH |
2107 | for k in payload.keys(): |
2108 | self.assertIn(k, data) | |
4bfebc93 | 2109 | self.assertEqual(data[k], payload[k]) |
406497f5 CH |
2110 | |
2111 | ||
c1374bdb | 2112 | @unittest.skipIf(not is_recursor(), "Not applicable") |
02945d9a CH |
2113 | class RecursorZones(ApiTestCase): |
2114 | ||
37bc3d01 CH |
2115 | def create_zone(self, name=None, kind=None, rd=False, servers=None): |
2116 | if name is None: | |
2117 | name = unique_zone_name() | |
2118 | if servers is None: | |
2119 | servers = [] | |
02945d9a | 2120 | payload = { |
37bc3d01 CH |
2121 | 'name': name, |
2122 | 'kind': kind, | |
2123 | 'servers': servers, | |
2124 | 'recursion_desired': rd | |
02945d9a CH |
2125 | } |
2126 | r = self.session.post( | |
46d06a12 | 2127 | self.url("/api/v1/servers/localhost/zones"), |
02945d9a CH |
2128 | data=json.dumps(payload), |
2129 | headers={'content-type': 'application/json'}) | |
c1374bdb CH |
2130 | self.assert_success_json(r) |
2131 | return payload, r.json() | |
37bc3d01 | 2132 | |
c1374bdb | 2133 | def test_create_auth_zone(self): |
37bc3d01 | 2134 | payload, data = self.create_zone(kind='Native') |
02945d9a | 2135 | for k in payload.keys(): |
4bfebc93 | 2136 | self.assertEqual(data[k], payload[k]) |
02945d9a | 2137 | |
1d6b70f9 | 2138 | def test_create_zone_no_name(self): |
1d6b70f9 CH |
2139 | payload = { |
2140 | 'name': '', | |
2141 | 'kind': 'Native', | |
2142 | 'servers': ['8.8.8.8'], | |
2143 | 'recursion_desired': False, | |
2144 | } | |
541bb91b | 2145 | print(payload) |
1d6b70f9 CH |
2146 | r = self.session.post( |
2147 | self.url("/api/v1/servers/localhost/zones"), | |
2148 | data=json.dumps(payload), | |
2149 | headers={'content-type': 'application/json'}) | |
4bfebc93 | 2150 | self.assertEqual(r.status_code, 422) |
1d6b70f9 CH |
2151 | self.assertIn('is not canonical', r.json()['error']) |
2152 | ||
c1374bdb | 2153 | def test_create_forwarded_zone(self): |
37bc3d01 | 2154 | payload, data = self.create_zone(kind='Forwarded', rd=False, servers=['8.8.8.8']) |
02945d9a CH |
2155 | # return values are normalized |
2156 | payload['servers'][0] += ':53' | |
02945d9a | 2157 | for k in payload.keys(): |
4bfebc93 | 2158 | self.assertEqual(data[k], payload[k]) |
02945d9a | 2159 | |
c1374bdb | 2160 | def test_create_forwarded_rd_zone(self): |
1d6b70f9 | 2161 | payload, data = self.create_zone(name='google.com.', kind='Forwarded', rd=True, servers=['8.8.8.8']) |
02945d9a CH |
2162 | # return values are normalized |
2163 | payload['servers'][0] += ':53' | |
02945d9a | 2164 | for k in payload.keys(): |
4bfebc93 | 2165 | self.assertEqual(data[k], payload[k]) |
02945d9a | 2166 | |
c1374bdb | 2167 | def test_create_auth_zone_with_symbols(self): |
37bc3d01 | 2168 | payload, data = self.create_zone(name='foo/bar.'+unique_zone_name(), kind='Native') |
1dbe38ba | 2169 | expected_id = (payload['name'].replace('/', '=2F')) |
02945d9a | 2170 | for k in payload.keys(): |
4bfebc93 CH |
2171 | self.assertEqual(data[k], payload[k]) |
2172 | self.assertEqual(data['id'], expected_id) | |
e2367534 | 2173 | |
c1374bdb | 2174 | def test_rename_auth_zone(self): |
37bc3d01 | 2175 | payload, data = self.create_zone(kind='Native') |
1d6b70f9 | 2176 | name = payload['name'] |
e2367534 CH |
2177 | # now rename it |
2178 | payload = { | |
2179 | 'name': 'renamed-'+name, | |
2180 | 'kind': 'Native', | |
2181 | 'recursion_desired': False | |
2182 | } | |
2183 | r = self.session.put( | |
46d06a12 | 2184 | self.url("/api/v1/servers/localhost/zones/" + name), |
e2367534 CH |
2185 | data=json.dumps(payload), |
2186 | headers={'content-type': 'application/json'}) | |
f0e76cee CH |
2187 | self.assert_success(r) |
2188 | data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + payload['name'])).json() | |
e2367534 | 2189 | for k in payload.keys(): |
4bfebc93 | 2190 | self.assertEqual(data[k], payload[k]) |
37bc3d01 | 2191 | |
37663c3b CH |
2192 | def test_zone_delete(self): |
2193 | payload, zone = self.create_zone(kind='Native') | |
2194 | name = payload['name'] | |
46d06a12 | 2195 | r = self.session.delete(self.url("/api/v1/servers/localhost/zones/" + name)) |
4bfebc93 | 2196 | self.assertEqual(r.status_code, 204) |
37663c3b CH |
2197 | self.assertNotIn('Content-Type', r.headers) |
2198 | ||
c1374bdb | 2199 | def test_search_rr_exact_zone(self): |
1d6b70f9 | 2200 | name = unique_zone_name() |
37bc3d01 | 2201 | self.create_zone(name=name, kind='Native') |
46d06a12 | 2202 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=" + name)) |
c1374bdb | 2203 | self.assert_success_json(r) |
541bb91b | 2204 | print(r.json()) |
4bfebc93 | 2205 | self.assertEqual(r.json(), [{u'type': u'zone', u'name': name, u'zone_id': name}]) |
37bc3d01 | 2206 | |
c1374bdb | 2207 | def test_search_rr_substring(self): |
1d6b70f9 | 2208 | name = 'search-rr-zone.name.' |
37bc3d01 | 2209 | self.create_zone(name=name, kind='Native') |
46d06a12 | 2210 | r = self.session.get(self.url("/api/v1/servers/localhost/search-data?q=rr-zone")) |
c1374bdb | 2211 | self.assert_success_json(r) |
541bb91b | 2212 | print(r.json()) |
37bc3d01 | 2213 | # should return zone, SOA |
4bfebc93 | 2214 | self.assertEqual(len(r.json()), 2) |
ccfabd0d | 2215 | |
ccfabd0d CH |
2216 | @unittest.skipIf(not is_auth(), "Not applicable") |
2217 | class AuthZoneKeys(ApiTestCase, AuthZonesHelperMixin): | |
2218 | ||
2219 | def test_get_keys(self): | |
2220 | r = self.session.get( | |
2221 | self.url("/api/v1/servers/localhost/zones/powerdnssec.org./cryptokeys")) | |
2222 | self.assert_success_json(r) | |
2223 | keys = r.json() | |
2224 | self.assertGreater(len(keys), 0) | |
2225 | ||
2226 | key0 = deepcopy(keys[0]) | |
2227 | del key0['dnskey'] | |
b6bd795c | 2228 | del key0['ds'] |
ccfabd0d | 2229 | expected = { |
5d9c6182 PL |
2230 | u'algorithm': u'ECDSAP256SHA256', |
2231 | u'bits': 256, | |
ccfabd0d CH |
2232 | u'active': True, |
2233 | u'type': u'Cryptokey', | |
b6bd795c PL |
2234 | u'keytype': u'csk', |
2235 | u'flags': 257, | |
33918299 | 2236 | u'published': True, |
ccfabd0d | 2237 | u'id': 1} |
4bfebc93 | 2238 | self.assertEqual(key0, expected) |
ccfabd0d CH |
2239 | |
2240 | keydata = keys[0]['dnskey'].split() | |
2241 | self.assertEqual(len(keydata), 4) | |
17d96af7 PD |
2242 | |
2243 | def test_get_keys_with_cds(self): | |
2244 | payload_metadata = {"type": "Metadata", "kind": "PUBLISH-CDS", "metadata": ["4"]} | |
2245 | r = self.session.post(self.url("/api/v1/servers/localhost/zones/powerdnssec.org./metadata"), | |
2246 | data=json.dumps(payload_metadata)) | |
2247 | rdata = r.json() | |
4bfebc93 CH |
2248 | self.assertEqual(r.status_code, 201) |
2249 | self.assertEqual(rdata["metadata"], payload_metadata["metadata"]) | |
17d96af7 PD |
2250 | |
2251 | r = self.session.get( | |
2252 | self.url("/api/v1/servers/localhost/zones/powerdnssec.org./cryptokeys")) | |
2253 | self.assert_success_json(r) | |
2254 | keys = r.json() | |
2255 | self.assertGreater(len(keys), 0) | |
2256 | ||
2257 | key0 = deepcopy(keys[0]) | |
4bfebc93 | 2258 | self.assertEqual(len(key0['cds']), 1) |
17d96af7 | 2259 | self.assertIn(key0['cds'][0], key0['ds']) |
4bfebc93 | 2260 | self.assertEqual(key0['cds'][0].split()[2], '4') |
17d96af7 PD |
2261 | del key0['dnskey'] |
2262 | del key0['ds'] | |
2263 | del key0['cds'] | |
2264 | expected = { | |
2265 | u'algorithm': u'ECDSAP256SHA256', | |
2266 | u'bits': 256, | |
2267 | u'active': True, | |
2268 | u'type': u'Cryptokey', | |
2269 | u'keytype': u'csk', | |
2270 | u'flags': 257, | |
2271 | u'published': True, | |
2272 | u'id': 1} | |
4bfebc93 | 2273 | self.assertEqual(key0, expected) |
17d96af7 PD |
2274 | |
2275 | keydata = keys[0]['dnskey'].split() | |
2276 | self.assertEqual(len(keydata), 4) | |
2277 | ||
2278 | r = self.session.delete(self.url("/api/v1/servers/localhost/zones/powerdnssec.org./metadata/PUBLISH-CDS")) | |
4bfebc93 | 2279 | self.assertEqual(r.status_code, 200) |