From: Miod Vallat <miod.vallat@powerdns.com>
Date: Thu, 11 Sep 2025 12:09:12 +0000 (+0200)
Subject: Merge pull request #16040 from miodvallat/dentist
X-Git-Tag: rec-5.4.0-alpha1~289
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa3c913755745588256740ae5af661bf2c719005;p=thirdparty%2Fpdns.git

Merge pull request #16040 from miodvallat/dentist

rest api: better report ill-formed zone data
---

fa3c913755745588256740ae5af661bf2c719005
diff --cc regression-tests.api/test_Zones.py
index 0c8dd52741,1ec1770789..bf28bb1475
--- a/regression-tests.api/test_Zones.py
+++ b/regression-tests.api/test_Zones.py
@@@ -2649,8 -2640,45 +2649,45 @@@ $NAME$  1D  IN  SOA ns1.example.org. ho
          modified_at_new = data['rrsets'][0]['records'][0]['modified_at']
          self.assertGreater(modified_at_new, modified_at)
  
+     @unittest.skipIf(is_auth_lmdb(), "Needs to perform database update")
+     def test_access_zone_with_invalid_content(self):
+         name, payload, zone = self.create_zone()
+         rrset = {
+             'changetype': 'replace',
+             'name': name,
+             'type': 'TXT',
+             'ttl': 3600,
+             'records': [
+                 {
+                     "content": "\"innocuous data\"",
+                     "disabled": False
+                 }
+             ]
+         }
+         payload = {'rrsets': [rrset]}
+         r = self.session.patch(self.url("/api/v1/servers/localhost/zones/" + name), data=json.dumps(payload),
+                                headers={'content-type': 'application/json'})
+         self.assert_success(r)
+         # Now alter the data - see get_db_records() for inspiration
+         badcontent = 'invalid \"TXT data'
+         db, placeholder = get_auth_db()
+         cur = db.cursor()
+         cur.execute("""
+             UPDATE records
+             SET content="""+placeholder+"""
+             WHERE name="""+placeholder+""" AND type='TXT'"""
+             ,
+             (badcontent, name.rstrip('.')))
+         cur.execute('COMMIT') # Figuring out how many hours I wasted on this test because of this missing line is left as an exercize to the reader
+         cur.close()
+         db.close()
+         # Try and get the zone data
+         r = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name))
+         self.assertEqual(r.status_code, 422)
+         self.assertIn('Data field in DNS should end on a quote', r.json()['error'])
+ 
  @unittest.skipIf(not is_auth(), "Not applicable")
 -class AuthRootZone(ApiTestCase, AuthZonesHelperMixin):
 +class AuthRootZone(ZonesApiTestCase, AuthZonesHelperMixin):
  
      def setUp(self):
          super(AuthRootZone, self).setUp()