|
|
|
|
class Domain < ActiveRecord::Base
|
|
|
|
|
self.inheritance_column = "sti_disabled"
|
|
|
|
|
nilify_blanks
|
|
|
|
|
stampable
|
|
|
|
|
|
|
|
|
|
# optional IP for create form, results in a type A record
|
|
|
|
|
attr_accessor :ip
|
|
|
|
|
|
|
|
|
|
belongs_to :user, :inverse_of => :domain
|
|
|
|
|
has_many :records, :inverse_of => :domain, :dependent => :destroy
|
|
|
|
|
has_many :permissions, :inverse_of => :domain, :dependent => :destroy
|
|
|
|
|
has_many :permitted_users, :through => :permissions, :source => :user
|
|
|
|
|
|
|
|
|
|
cattr_reader :types
|
|
|
|
|
@@types = ['NATIVE', 'MASTER', 'SLAVE', 'SUPERSLAVE']
|
|
|
|
|
|
|
|
|
|
has_one :soa_record,
|
|
|
|
|
:class_name => 'SOA',
|
|
|
|
|
:conditions => {:type => 'SOA'},
|
|
|
|
|
:inverse_of => :domain
|
|
|
|
|
|
|
|
|
|
for type in Record.types
|
|
|
|
|
has_many :"#{type.downcase}_records",
|
|
|
|
|
:class_name => type,
|
|
|
|
|
:conditions => {:type => type},
|
|
|
|
|
:inverse_of => :domain
|
|
|
|
|
validates_associated :"#{type.downcase}_records"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
validates :name, :presence => true, :uniqueness => true, :domainname => {:require_valid_tld => false}
|
|
|
|
|
validates :master, :presence => true, :if => :slave?
|
|
|
|
|
validates :master, :ip => true, :allow_nil => true, :if => :slave?
|
|
|
|
|
validates :type, :inclusion => { :in => @@types, :message => "Unknown domain type" }
|
|
|
|
|
validates :soa_record, :presence => {:unless => :slave?}
|
|
|
|
|
validates_associated :soa_record #, :allow_nil => true
|
|
|
|
|
validates :ns_records, :on => :create, :presence => true, :length => {
|
|
|
|
|
:minimum => 2, :maximum => 10, :message => "must have be at least 2, at most 10"}
|
|
|
|
|
validates_associated :records
|
|
|
|
|
validates :user_id, :presence => true
|
|
|
|
|
|
|
|
|
|
validate :max_domains_per_user, :on => :create
|
|
|
|
|
def max_domains_per_user
|
|
|
|
|
if domains_exceeding?
|
|
|
|
|
errors.add :base, "as a security measure, you cannot have more than #{Settings.max_domains_per_user} domains on one account"
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
delegate :domains_exceeding?, :to => :user
|
|
|
|
|
|
|
|
|
|
validate :domain_ownership
|
|
|
|
|
def domain_ownership
|
|
|
|
|
# non-TLD validation
|
|
|
|
|
errors[:name] = "cannot be a TLD or a reserved domain" if Tld.include?(name)
|
|
|
|
|
|
|
|
|
|
# If parent domain is on our system, the user be permitted to manage current domain.
|
|
|
|
|
# He either owns parent, or is permitted to current domain or to an ancestor.
|
|
|
|
|
if parent_domain.present? && can_be_managed_by_current_user?
|
|
|
|
|
errors[:name] = "issue, the parent domain `#{parent_domain.name}` is registered to another user"
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def parent_domain
|
|
|
|
|
return nil if name.nil?
|
|
|
|
|
@parent_domain ||= {}
|
|
|
|
|
@parent_domain[name] ||= begin
|
|
|
|
|
segments = name.split('.')
|
|
|
|
|
if segments.size >= 2
|
|
|
|
|
domain_name = segments[1..-1].join('.')
|
|
|
|
|
Domain.find_by_name(domain_name)
|
|
|
|
|
else
|
|
|
|
|
nil
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# If current user present authorize it
|
|
|
|
|
# If current user not present, just allow (rake tasks etc)
|
|
|
|
|
def can_be_managed_by_current_user?
|
|
|
|
|
User.current.present? ? User.current.can?(:manage, self) : true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def slave?; self.type == 'SLAVE' end
|
|
|
|
|
|
|
|
|
|
before_create do
|
|
|
|
|
a_records.build(:content => ip) if ip.present?
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before_save do
|
|
|
|
|
self.name_reversed = name.reverse if name_changed?
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before_validation(:on => :update) do
|
|
|
|
|
if name_changed?
|
|
|
|
|
name_was_pattern = /#{Regexp.escape(name_was)}$/
|
|
|
|
|
each_update_involved_record do |record|
|
|
|
|
|
if record.type == 'SOA'
|
|
|
|
|
record.reset_serial
|
|
|
|
|
record.name = name
|
|
|
|
|
else
|
|
|
|
|
record.name = record.name.sub(name_was_pattern, name)
|
|
|
|
|
end
|
|
|
|
|
record.domain = self
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
after_update do
|
|
|
|
|
if name_changed?
|
|
|
|
|
name_was_pattern = /#{Regexp.escape(name_was)}$/
|
|
|
|
|
for record in records.all
|
|
|
|
|
record.name = record.name.sub(name_was_pattern, name)
|
|
|
|
|
record.save!
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def each_update_involved_record
|
|
|
|
|
yield soa_record
|
|
|
|
|
for record in soa_records
|
|
|
|
|
yield record
|
|
|
|
|
end
|
|
|
|
|
for record in records
|
|
|
|
|
yield record
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
scope :host_domains, where(:name => Settings.host_domains)
|
|
|
|
|
|
|
|
|
|
def subdomains
|
|
|
|
|
Domain.where(:name_reversed.matches => "#{name_reversed}.%")
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def host_domain?
|
|
|
|
|
Settings.host_domains.include?(name)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# domains per user limit for DOS protection
|
|
|
|
|
def records_exceeding?
|
|
|
|
|
records.count >= Settings.max_records_per_domain.to_i
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# domain.has_ns?('129.168.0.1')
|
|
|
|
|
def has_ns?(ns)
|
|
|
|
|
ns_records.any? {|ns_record| ns_record.content == ns}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def setup(email)
|
|
|
|
|
build_soa_record
|
|
|
|
|
soa = soa_record
|
|
|
|
|
soa.contact ||= email
|
|
|
|
|
|
|
|
|
|
ns_records.build
|
|
|
|
|
ns_records.build
|
|
|
|
|
ns_records.build
|
|
|
|
|
ns1, ns2, ns3 = ns_records
|
|
|
|
|
ns1.content = Settings.ns.first
|
|
|
|
|
ns2.content = Settings.ns.second
|
|
|
|
|
ns3.content = Settings.ns.third
|
|
|
|
|
end
|
|
|
|
|
end
|
