From 37dba9bfa191ede74fb97db88dd4a2eba72dedeb Mon Sep 17 00:00:00 2001 From: Shreyas Zare Date: Sun, 1 Jan 2023 18:10:10 +0530 Subject: [PATCH] WebServiceOtherZonesApi: updated code to support kestral. --- DnsServerCore/WebServiceOtherZonesApi.cs | 350 +++++++++++++---------- 1 file changed, 200 insertions(+), 150 deletions(-) diff --git a/DnsServerCore/WebServiceOtherZonesApi.cs b/DnsServerCore/WebServiceOtherZonesApi.cs index 5a36bd0b..4b2f4e71 100644 --- a/DnsServerCore/WebServiceOtherZonesApi.cs +++ b/DnsServerCore/WebServiceOtherZonesApi.cs @@ -1,6 +1,6 @@ /* Technitium DNS Server -Copyright (C) 2022 Shreyas Zare (shreyas@technitium.com) +Copyright (C) 2023 Shreyas Zare (shreyas@technitium.com) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,8 +17,9 @@ along with this program. If not, see . */ +using DnsServerCore.Auth; using DnsServerCore.Dns.Zones; -using System; +using Microsoft.AspNetCore.Http; using System.Collections.Generic; using System.IO; using System.Net; @@ -50,20 +51,30 @@ namespace DnsServerCore #region cache api - public void FlushCache(HttpListenerRequest request) + public void FlushCache(HttpContext context) { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Cache, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + _dnsWebService._dnsServer.CacheZoneManager.Flush(); - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Cache was flushed."); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Cache was flushed."); } - public void ListCachedZones(HttpListenerRequest request, Utf8JsonWriter jsonWriter) + public void ListCachedZones(HttpContext context) { - string domain = request.QueryString["domain"]; - if (domain == null) - domain = ""; + UserSession session = context.GetCurrentSession(); - string direction = request.QueryString["direction"]; + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Cache, session.User, PermissionFlag.View)) + throw new DnsWebServiceException("Access was denied."); + + HttpRequest request = context.Request; + + string domain = request.GetQuery("domain", ""); + + string direction = request.Query["direction"]; if (direction is not null) direction = direction.ToLower(); @@ -107,6 +118,8 @@ namespace DnsServerCore subZones.Sort(); + Utf8JsonWriter jsonWriter = context.GetCurrentJsonWriter(); + jsonWriter.WriteString("domain", domain); jsonWriter.WritePropertyName("zones"); @@ -123,27 +136,35 @@ namespace DnsServerCore WebServiceZonesApi.WriteRecordsAsJson(records, jsonWriter, false); } - public void DeleteCachedZone(HttpListenerRequest request) + public void DeleteCachedZone(HttpContext context) { - string domain = request.QueryString["domain"]; - if (string.IsNullOrEmpty(domain)) - throw new DnsWebServiceException("Parameter 'domain' missing."); + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Cache, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + + string domain = context.Request.GetQuery("domain"); if (_dnsWebService._dnsServer.CacheZoneManager.DeleteZone(domain)) - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Cached zone was deleted: " + domain); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Cached zone was deleted: " + domain); } #endregion #region allowed zones api - public void ListAllowedZones(HttpListenerRequest request, Utf8JsonWriter jsonWriter) + public void ListAllowedZones(HttpContext context) { - string domain = request.QueryString["domain"]; - if (domain == null) - domain = ""; + UserSession session = context.GetCurrentSession(); - string direction = request.QueryString["direction"]; + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.View)) + throw new DnsWebServiceException("Access was denied."); + + HttpRequest request = context.Request; + + string domain = request.GetQuery("domain", ""); + + string direction = request.Query["direction"]; if (direction is not null) direction = direction.ToLower(); @@ -187,6 +208,8 @@ namespace DnsServerCore subZones.Sort(); + Utf8JsonWriter jsonWriter = context.GetCurrentJsonWriter(); + jsonWriter.WriteString("domain", domain); jsonWriter.WritePropertyName("zones"); @@ -203,93 +226,103 @@ namespace DnsServerCore WebServiceZonesApi.WriteRecordsAsJson(new List(records), jsonWriter, false); } - public async Task ImportAllowedZonesAsync(HttpListenerRequest request) + public void ImportAllowedZones(HttpContext context) { - if (!request.ContentType.StartsWith("application/x-www-form-urlencoded")) + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.Modify)) + throw new DnsWebServiceException("Access was denied."); + + HttpRequest request = context.Request; + + if (!request.HasFormContentType) throw new DnsWebServiceException("Invalid content type. Expected application/x-www-form-urlencoded."); - string formRequest; - using (StreamReader sR = new StreamReader(request.InputStream, request.ContentEncoding)) + string allowedZones = request.Form["allowedZones"]; + if (string.IsNullOrEmpty(allowedZones)) + throw new DnsWebServiceException("Form parameter 'allowedZones' missing."); + + string[] allowedZonesList = allowedZones.Split(','); + bool added = false; + + foreach (string allowedZone in allowedZonesList) { - formRequest = await sR.ReadToEndAsync(); + if (_dnsWebService._dnsServer.AllowedZoneManager.AllowZone(allowedZone)) + added = true; } - string[] formParts = formRequest.Split('&'); - - foreach (string formPart in formParts) + if (added) { - if (formPart.StartsWith("allowedZones=")) - { - string value = Uri.UnescapeDataString(formPart.Substring(13)); - string[] allowedZones = value.Split(','); - bool added = false; - - foreach (string allowedZone in allowedZones) - { - if (_dnsWebService._dnsServer.AllowedZoneManager.AllowZone(allowedZone)) - added = true; - } - - if (added) - { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Total " + allowedZones.Length + " zones were imported into allowed zone successfully."); - _dnsWebService._dnsServer.AllowedZoneManager.SaveZoneFile(); - } - - return; - } - } - - throw new DnsWebServiceException("Parameter 'allowedZones' missing."); - } - - public void ExportAllowedZones(HttpListenerResponse response) - { - IReadOnlyList zoneInfoList = _dnsWebService._dnsServer.AllowedZoneManager.ListZones(); - - response.ContentType = "text/plain"; - response.AddHeader("Content-Disposition", "attachment;filename=AllowedZones.txt"); - - using (StreamWriter sW = new StreamWriter(new BufferedStream(response.OutputStream))) - { - foreach (AuthZoneInfo zoneInfo in zoneInfoList) - sW.WriteLine(zoneInfo.Name); - } - } - - public void DeleteAllowedZone(HttpListenerRequest request) - { - string domain = request.QueryString["domain"]; - if (string.IsNullOrEmpty(domain)) - throw new DnsWebServiceException("Parameter 'domain' missing."); - - if (_dnsWebService._dnsServer.AllowedZoneManager.DeleteZone(domain)) - { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Allowed zone was deleted: " + domain); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + allowedZonesList.Length + " zones were imported into allowed zone successfully."); _dnsWebService._dnsServer.AllowedZoneManager.SaveZoneFile(); } } - public void FlushAllowedZone(HttpListenerRequest request) + public async Task ExportAllowedZonesAsync(HttpContext context) { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.View)) + throw new DnsWebServiceException("Access was denied."); + + IReadOnlyList zoneInfoList = _dnsWebService._dnsServer.AllowedZoneManager.ListZones(); + + HttpResponse response = context.Response; + + response.ContentType = "text/plain"; + response.Headers.ContentDisposition = "attachment;filename=AllowedZones.txt"; + + await using (StreamWriter sW = new StreamWriter(response.Body)) + { + foreach (AuthZoneInfo zoneInfo in zoneInfoList) + await sW.WriteLineAsync(zoneInfo.Name); + } + } + + public void DeleteAllowedZone(HttpContext context) + { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + + string domain = context.Request.GetQuery("domain"); + + if (_dnsWebService._dnsServer.AllowedZoneManager.DeleteZone(domain)) + { + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Allowed zone was deleted: " + domain); + _dnsWebService._dnsServer.AllowedZoneManager.SaveZoneFile(); + } + } + + public void FlushAllowedZone(HttpContext context) + { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + _dnsWebService._dnsServer.AllowedZoneManager.Flush(); - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Allowed zone was flushed successfully."); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Allowed zone was flushed successfully."); _dnsWebService._dnsServer.AllowedZoneManager.SaveZoneFile(); } - public void AllowZone(HttpListenerRequest request) + public void AllowZone(HttpContext context) { - string domain = request.QueryString["domain"]; - if (string.IsNullOrEmpty(domain)) - throw new DnsWebServiceException("Parameter 'domain' missing."); + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Allowed, session.User, PermissionFlag.Modify)) + throw new DnsWebServiceException("Access was denied."); + + string domain = context.Request.GetQuery("domain"); if (IPAddress.TryParse(domain, out IPAddress ipAddress)) domain = ipAddress.GetReverseDomain(); if (_dnsWebService._dnsServer.AllowedZoneManager.AllowZone(domain)) { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Zone was allowed: " + domain); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Zone was allowed: " + domain); _dnsWebService._dnsServer.AllowedZoneManager.SaveZoneFile(); } } @@ -298,13 +331,18 @@ namespace DnsServerCore #region blocked zones api - public void ListBlockedZones(HttpListenerRequest request, Utf8JsonWriter jsonWriter) + public void ListBlockedZones(HttpContext context) { - string domain = request.QueryString["domain"]; - if (domain == null) - domain = ""; + UserSession session = context.GetCurrentSession(); - string direction = request.QueryString["direction"]; + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.View)) + throw new DnsWebServiceException("Access was denied."); + + HttpRequest request = context.Request; + + string domain = request.GetQuery("domain", ""); + + string direction = request.Query["direction"]; if (direction is not null) direction = direction.ToLower(); @@ -348,6 +386,8 @@ namespace DnsServerCore subZones.Sort(); + Utf8JsonWriter jsonWriter = context.GetCurrentJsonWriter(); + jsonWriter.WriteString("domain", domain); jsonWriter.WritePropertyName("zones"); @@ -364,93 +404,103 @@ namespace DnsServerCore WebServiceZonesApi.WriteRecordsAsJson(new List(records), jsonWriter, false); } - public async Task ImportBlockedZonesAsync(HttpListenerRequest request) + public void ImportBlockedZones(HttpContext context) { - if (!request.ContentType.StartsWith("application/x-www-form-urlencoded")) + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.Modify)) + throw new DnsWebServiceException("Access was denied."); + + HttpRequest request = context.Request; + + if (!request.HasFormContentType) throw new DnsWebServiceException("Invalid content type. Expected application/x-www-form-urlencoded."); - string formRequest; - using (StreamReader sR = new StreamReader(request.InputStream, request.ContentEncoding)) + string blockedZones = request.Form["blockedZones"]; + if (string.IsNullOrEmpty(blockedZones)) + throw new DnsWebServiceException("Form parameter 'blockedZones' missing."); + + string[] blockedZonesList = blockedZones.Split(','); + bool added = false; + + foreach (string blockedZone in blockedZonesList) { - formRequest = await sR.ReadToEndAsync(); + if (_dnsWebService._dnsServer.BlockedZoneManager.BlockZone(blockedZone)) + added = true; } - string[] formParts = formRequest.Split('&'); - - foreach (string formPart in formParts) + if (added) { - if (formPart.StartsWith("blockedZones=")) - { - string value = Uri.UnescapeDataString(formPart.Substring(13)); - string[] blockedZones = value.Split(','); - bool added = false; - - foreach (string blockedZone in blockedZones) - { - if (_dnsWebService._dnsServer.BlockedZoneManager.BlockZone(blockedZone)) - added = true; - } - - if (added) - { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Total " + blockedZones.Length + " zones were imported into blocked zone successfully."); - _dnsWebService._dnsServer.BlockedZoneManager.SaveZoneFile(); - } - - return; - } - } - - throw new DnsWebServiceException("Parameter 'blockedZones' missing."); - } - - public void ExportBlockedZones(HttpListenerResponse response) - { - IReadOnlyList zoneInfoList = _dnsWebService._dnsServer.BlockedZoneManager.ListZones(); - - response.ContentType = "text/plain"; - response.AddHeader("Content-Disposition", "attachment;filename=BlockedZones.txt"); - - using (StreamWriter sW = new StreamWriter(new BufferedStream(response.OutputStream))) - { - foreach (AuthZoneInfo zoneInfo in zoneInfoList) - sW.WriteLine(zoneInfo.Name); - } - } - - public void DeleteBlockedZone(HttpListenerRequest request) - { - string domain = request.QueryString["domain"]; - if (string.IsNullOrEmpty(domain)) - throw new DnsWebServiceException("Parameter 'domain' missing."); - - if (_dnsWebService._dnsServer.BlockedZoneManager.DeleteZone(domain)) - { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Blocked zone was deleted: " + domain); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + blockedZonesList.Length + " zones were imported into blocked zone successfully."); _dnsWebService._dnsServer.BlockedZoneManager.SaveZoneFile(); } } - public void FlushBlockedZone(HttpListenerRequest request) + public async Task ExportBlockedZonesAsync(HttpContext context) { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.View)) + throw new DnsWebServiceException("Access was denied."); + + IReadOnlyList zoneInfoList = _dnsWebService._dnsServer.BlockedZoneManager.ListZones(); + + HttpResponse response = context.Response; + + response.ContentType = "text/plain"; + response.Headers.ContentDisposition = "attachment;filename=BlockedZones.txt"; + + await using (StreamWriter sW = new StreamWriter(response.Body)) + { + foreach (AuthZoneInfo zoneInfo in zoneInfoList) + await sW.WriteLineAsync(zoneInfo.Name); + } + } + + public void DeleteBlockedZone(HttpContext context) + { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + + string domain = context.Request.GetQuery("domain"); + + if (_dnsWebService._dnsServer.BlockedZoneManager.DeleteZone(domain)) + { + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Blocked zone was deleted: " + domain); + _dnsWebService._dnsServer.BlockedZoneManager.SaveZoneFile(); + } + } + + public void FlushBlockedZone(HttpContext context) + { + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.Delete)) + throw new DnsWebServiceException("Access was denied."); + _dnsWebService._dnsServer.BlockedZoneManager.Flush(); - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Blocked zone was flushed successfully."); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Blocked zone was flushed successfully."); _dnsWebService._dnsServer.BlockedZoneManager.SaveZoneFile(); } - public void BlockZone(HttpListenerRequest request) + public void BlockZone(HttpContext context) { - string domain = request.QueryString["domain"]; - if (string.IsNullOrEmpty(domain)) - throw new DnsWebServiceException("Parameter 'domain' missing."); + UserSession session = context.GetCurrentSession(); + + if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Blocked, session.User, PermissionFlag.Modify)) + throw new DnsWebServiceException("Access was denied."); + + string domain = context.Request.GetQuery("domain"); if (IPAddress.TryParse(domain, out IPAddress ipAddress)) domain = ipAddress.GetReverseDomain(); if (_dnsWebService._dnsServer.BlockedZoneManager.BlockZone(domain)) { - _dnsWebService._log.Write(DnsWebService.GetRequestRemoteEndPoint(request), "[" + _dnsWebService.GetSession(request).User.Username + "] Domain was added to blocked zone: " + domain); + _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Domain was added to blocked zone: " + domain); _dnsWebService._dnsServer.BlockedZoneManager.SaveZoneFile(); } }