diff --git a/nsupdate/api/views.py b/nsupdate/api/views.py index 1b6e4c7..b58098d 100644 --- a/nsupdate/api/views.py +++ b/nsupdate/api/views.py @@ -255,6 +255,14 @@ class AuthorizedNicUpdateView(View): def _update(host, hostname, ipaddr, agent='unknown', ssl=False, logger=None): + # we are doing abuse / available checks rather late, so the client might + # get more specific responses (like 'badagent' or 'notfqdn') by earlier + # checks. it also avoids some code duplication if done here: + if host.abuse or host.abuse_blocked: + return Response('abuse') + if not host.available: + # not available is like it doesn't exist + return Response('nohost') ipaddr = str(ipaddr) # bug in dnspython: crashes if ipaddr is unicode, wants a str! # https://github.com/rthalley/dnspython/issues/41 # TODO: reproduce and submit traceback to issue 41 diff --git a/nsupdate/main/forms.py b/nsupdate/main/forms.py index 01c6491..ae41d31 100644 --- a/nsupdate/main/forms.py +++ b/nsupdate/main/forms.py @@ -16,7 +16,7 @@ class CreateHostForm(forms.ModelForm): class EditHostForm(forms.ModelForm): class Meta(object): model = Host - fields = ['comment'] + fields = ['comment', 'available', 'abuse'] class CreateDomainForm(forms.ModelForm): diff --git a/nsupdate/main/migrations/0023_auto__add_field_host_available__add_field_host_abuse__add_field_host_a.py b/nsupdate/main/migrations/0023_auto__add_field_host_available__add_field_host_abuse__add_field_host_a.py new file mode 100644 index 0000000..22a2db6 --- /dev/null +++ b/nsupdate/main/migrations/0023_auto__add_field_host_available__add_field_host_abuse__add_field_host_a.py @@ -0,0 +1,148 @@ +# -*- coding: utf-8 -*- +import datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + + +class Migration(SchemaMigration): + + def forwards(self, orm): + # Adding field 'Host.available' + db.add_column(u'main_host', 'available', + self.gf('django.db.models.fields.BooleanField')(default=True), + keep_default=False) + + # Adding field 'Host.abuse' + db.add_column(u'main_host', 'abuse', + self.gf('django.db.models.fields.BooleanField')(default=False), + keep_default=False) + + # Adding field 'Host.abuse_blocked' + db.add_column(u'main_host', 'abuse_blocked', + self.gf('django.db.models.fields.BooleanField')(default=False), + keep_default=False) + + + def backwards(self, orm): + # Deleting field 'Host.available' + db.delete_column(u'main_host', 'available') + + # Deleting field 'Host.abuse' + db.delete_column(u'main_host', 'abuse') + + # Deleting field 'Host.abuse_blocked' + db.delete_column(u'main_host', 'abuse_blocked') + + + models = { + u'auth.group': { + 'Meta': {'object_name': 'Group'}, + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + u'auth.permission': { + 'Meta': {'ordering': "(u'content_type__app_label', u'content_type__model', u'codename')", 'unique_together': "((u'content_type', u'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['contenttypes.ContentType']"}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + u'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + u'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + u'main.blacklisteddomain': { + 'Meta': {'object_name': 'BlacklistedDomain'}, + 'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'created_by': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'blacklisted_domains'", 'to': u"orm['auth.User']"}), + 'domain': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'last_update': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}) + }, + u'main.domain': { + 'Meta': {'object_name': 'Domain'}, + 'available': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'comment': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'null': 'True', 'blank': 'True'}), + 'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'created_by': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'domains'", 'to': u"orm['auth.User']"}), + 'domain': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'last_update': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'nameserver_ip': ('django.db.models.fields.GenericIPAddressField', [], {'max_length': '39'}), + 'nameserver_update_algorithm': ('django.db.models.fields.CharField', [], {'default': "'HMAC_SHA512'", 'max_length': '16'}), + 'nameserver_update_secret': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '88'}), + 'public': ('django.db.models.fields.BooleanField', [], {'default': 'False'}) + }, + u'main.host': { + 'Meta': {'unique_together': "(('subdomain', 'domain'),)", 'object_name': 'Host'}, + 'abuse': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'abuse_blocked': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'available': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'client_faults': ('django.db.models.fields.PositiveIntegerField', [], {'default': '0'}), + 'comment': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'null': 'True', 'blank': 'True'}), + 'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'created_by': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'hosts'", 'to': u"orm['auth.User']"}), + 'domain': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['main.Domain']"}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'last_update': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'last_update_ipv4': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}), + 'last_update_ipv6': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}), + 'server_faults': ('django.db.models.fields.PositiveIntegerField', [], {'default': '0'}), + 'ssl_update_ipv4': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'ssl_update_ipv6': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'subdomain': ('django.db.models.fields.CharField', [], {'max_length': '255'}), + 'update_secret': ('django.db.models.fields.CharField', [], {'max_length': '64'}) + }, + u'main.serviceupdater': { + 'Meta': {'object_name': 'ServiceUpdater'}, + 'accept_ipv4': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'accept_ipv6': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'comment': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'null': 'True', 'blank': 'True'}), + 'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'created_by': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'serviceupdater'", 'to': u"orm['auth.User']"}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'last_update': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '32'}), + 'path': ('django.db.models.fields.CharField', [], {'default': "'/nic/update'", 'max_length': '255'}), + 'secure': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'server': ('django.db.models.fields.CharField', [], {'max_length': '255'}) + }, + u'main.serviceupdaterhostconfig': { + 'Meta': {'object_name': 'ServiceUpdaterHostConfig'}, + 'comment': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'null': 'True', 'blank': 'True'}), + 'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'created_by': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'serviceupdaterhostconfigs'", 'to': u"orm['auth.User']"}), + 'give_ipv4': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'give_ipv6': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'host': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'serviceupdaterhostconfigs'", 'to': u"orm['main.Host']"}), + 'hostname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'null': 'True', 'blank': 'True'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'last_update': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '255'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '255'}), + 'service': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['main.ServiceUpdater']"}) + } + } + + complete_apps = ['main'] \ No newline at end of file diff --git a/nsupdate/main/models.py b/nsupdate/main/models.py index eeebb51..ffb662b 100644 --- a/nsupdate/main/models.py +++ b/nsupdate/main/models.py @@ -124,6 +124,31 @@ class Host(models.Model): default='', blank=True, null=True, help_text="Some arbitrary comment about your host, e.g who / what / where this host is") + # available means that this host may be updated (or not, if False) - + # gets set to False if abuse happens (client malfunctioning) or + # if updating this host triggers other errors: + available = models.BooleanField( + default=True, + help_text="Check if host is available/in use - " + "if not checked, we won't accept updates for this host") + + # abuse means that we (either the operator or some automatic mechanism) + # think the host is used in some abusive or unfair way, e.g.: + # sending nochg updates way too often or otherwise using a defect, + # misconfigured or otherwise malfunctioning update client + # acting against fair use / ToS. + # the abuse flag can be switched off by the user, if the user thinks + # he fixed the problem on his side (or that there was no problem). + abuse = models.BooleanField( + default=False, + help_text="Checked if we think you abuse the service - " + "you may uncheck this AFTER fixing all issues on your side") + + # similar to above, but can not be toggled by the user: + abuse_blocked = models.BooleanField( + default=False, + help_text="Checked to block a host for abuse.") + # count client misbehaviours, like sending nochg updates or other # errors that should make the client stop trying to update: client_faults = models.PositiveIntegerField(default=0) diff --git a/nsupdate/main/templates/main/host.html b/nsupdate/main/templates/main/host.html index b260ef3..ff9d265 100644 --- a/nsupdate/main/templates/main/host.html +++ b/nsupdate/main/templates/main/host.html @@ -6,7 +6,6 @@

{{ host.get_fqdn }}
back to overview

Edit Host

-

You can only change the comment. If you want to have another host name, you have to delete this host and create a new one.

{% csrf_token %} {{ form|bootstrap }} diff --git a/nsupdate/main/templates/main/overview.html b/nsupdate/main/templates/main/overview.html index f6cbc91..4f5c2d8 100644 --- a/nsupdate/main/templates/main/overview.html +++ b/nsupdate/main/templates/main/overview.html @@ -9,6 +9,7 @@ Host + Available Faults IPv4 Address IPv6 Address @@ -18,7 +19,8 @@ {% for host in hosts %} {{ host.subdomain }}.{{ host.domain.domain }} - C: {{ host.client_faults }} S: {{ host.server_faults }} + {{ host.available|yesno }} + C: {{ host.client_faults }} S: {{ host.server_faults }}{% if host.abuse_blocked %} ABUSE-BLOCKED{% elif host.abuse %} ABUSE{% endif %} {{ host.get_ipv4 }} ({{ host.last_update_ipv4|timesince }}, {% if not host.ssl_update_ipv4 %}no {% endif %}SSL) {{ host.get_ipv6 }} ({{ host.last_update_ipv6|timesince }}, {% if not host.ssl_update_ipv6 %}no {% endif %}SSL) {{ host.comment }} diff --git a/nsupdate/management/commands/faults.py b/nsupdate/management/commands/faults.py index c084139..9283023 100644 --- a/nsupdate/management/commands/faults.py +++ b/nsupdate/management/commands/faults.py @@ -38,6 +38,24 @@ class Command(BaseCommand): default=False, help='reset the client faults counters of all hosts', ), + make_option('--reset-abuse', + action='store_true', + dest='reset_abuse', + default=False, + help='reset the abuse flag (to False) of all hosts', + ), + make_option('--reset-abuse-blocked', + action='store_true', + dest='reset_abuse_blocked', + default=False, + help='reset the abuse_blocked flag (to False) of all hosts', + ), + make_option('--reset-available', + action='store_true', + dest='reset_available', + default=True, + help='reset the available flag (to True) of all hosts', + ), ) def handle(self, *args, **options): @@ -45,6 +63,9 @@ class Command(BaseCommand): show_server = options['show_server'] reset_client = options['reset_client'] reset_server = options['reset_server'] + reset_available = options['reset_available'] + reset_abuse = options['reset_abuse'] + reset_abuse_blocked = options['reset_abuse_blocked'] for h in Host.objects.all(): if show_client or show_server: output = u"" @@ -54,9 +75,15 @@ class Command(BaseCommand): output += u"%-6d " % h.server_faults output += u"%s %s\n" % (h.created_by.username, h.get_fqdn(), ) self.stdout.write(output) - if reset_client or reset_server: + if reset_client or reset_server or reset_available or reset_abuse or reset_abuse_blocked: if reset_client: h.client_faults = 0 if reset_server: h.server_faults = 0 + if reset_available: + h.available = True + if reset_abuse: + h.abuse = False + if reset_abuse_blocked: + h.abuse_blocked = False h.save()