web.go: return badauth when authenticated user does not own record in question
This commit is contained in:
parent
76286b6388
commit
8479da58bc
1 changed files with 5 additions and 2 deletions
7
web.go
7
web.go
|
|
@ -70,10 +70,10 @@ func verifyHostname(cfg *Config, user *User, hostname string) (string, *RRConfig
|
|||
// check whether the authenticated user is allowed to update the dns record
|
||||
_, ok := user.records[hostname]
|
||||
if !ok {
|
||||
return "nohost", nil
|
||||
return "badauth", nil
|
||||
}
|
||||
|
||||
// this should not fail as it is verified in LoadConfig, but better be sure
|
||||
// this should not fail as it is verified in LoadConfig, but better be safe
|
||||
entry, ok := cfg.rrconfigs[hostname]
|
||||
if !ok {
|
||||
return "nohost", nil
|
||||
|
|
@ -81,6 +81,9 @@ func verifyHostname(cfg *Config, user *User, hostname string) (string, *RRConfig
|
|||
|
||||
// TODO: return notfqdn -> differentiate between 'hostname doesnt exist' and
|
||||
// 'hostname is not fqdn'
|
||||
|
||||
// again, this should not fail since 'hostname' was the key used for
|
||||
// cfg.rrconfigs to acquire the entry
|
||||
if hostname != entry.Recordname {
|
||||
return "nohost", nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue