Release version: 0.1.56.

CHANGELOG

@@ -1,3 +1,27 @@
+nsaproxy (0.1.56) unstable; urgency=medium
+
+  * Release version: 0.1.56.
+
+ -- Adrien DELLE CAVE (Decryptus) <adrien.delle.cave@commandersact.com>  Sun, 09 Oct 2022 14:08:07 +0200
+
+nsaproxy (0.1.55) unstable; urgency=medium
+
+  * Release version: 0.1.55.
+
+ -- Adrien DELLE CAVE (Decryptus) <adrien.delle.cave@commandersact.com>  Sat, 08 Oct 2022 02:02:11 +0200
+
+nsaproxy (0.1.54) unstable; urgency=medium
+
+  * Release version: 0.1.54.
+
+ -- Adrien DELLE CAVE (Decryptus) <adrien.delle.cave@commandersact.com>  Thu, 04 Aug 2022 03:15:44 +0200
+
+nsaproxy (0.1.53) unstable; urgency=medium
+
+  * Release version: 0.1.53.
+
+ -- Adrien DELLE CAVE (Decryptus) <adrien.delle.cave@commandersact.com>  Fri, 29 Jul 2022 15:50:15 +0200
+
 nsaproxy (0.1.52) unstable; urgency=medium
 
   * Release version: 0.1.52.

RELEASE

@@ -1 +1 @@
-0.1.52
+0.1.56

VERSION

@@ -1 +1 @@
-0.1.52
+0.1.56

bin/nsaproxy

@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 """nsaproxy"""
 
-__version__ = '0.1.52'
+__version__ = '0.1.56'
 
 # TODO: load Python logging configuration (using standard logging.config)
 

nsaproxy/modules/pdns.py

@@ -17,7 +17,7 @@
 from dwho.classes.modules import DWhoModuleBase, MODULES
 from sonicprobe import helpers
 from sonicprobe.libs import network, urisup, xys
-from sonicprobe.libs.moresynchro import RWLock
+from sonicprobe.libs.moresynchro import ListLock, RWLock
 from httpdis.ext.httpdis_json import HttpReqErrJson, HttpResponseJson
 
 from ..classes.apis import NSAProxyApiObject, APIS_SYNC
@@ -46,6 +46,7 @@ class PDNSModule(DWhoModuleBase):
     MODULE_NAME     = 'pdns'
 
     LOCK            = RWLock()
+    ZONELOCK        = ListLock()
 
     def __init__(self):
         DWhoModuleBase.__init__(self)
@@ -75,6 +76,22 @@ def safe_init(self, options):
 
             self.api_key = cred['pdns']['api_key']
 
+    def _lock(self, endpoint, zone_id, lock_func = None):
+        if not lock_func:
+            lock_func = self.LOCK.acquire_read
+
+        if endpoint == 'zones' and zone_id:
+            zone_id = zone_id.rstrip('.')
+            if self.ZONELOCK.try_acquire(zone_id):
+                raise HttpReqErrJson(503, "unable to take ZONELOCK(%r)" % zone_id)
+
+            return (self.ZONELOCK.release, [zone_id])
+
+        if not lock_func(self.lock_timeout):
+            raise HttpReqErrJson(503, "unable to take LOCK for reading after %s seconds" % self.lock_timeout)
+
+        return (self.LOCK.release, [])
+
     @staticmethod
     def _add_record(content):
         return {'content': content, 'disabled': False, 'set-prt': False}
@@ -257,8 +274,9 @@ def api_endpoint_get(self, request):
         if not xys.validate(params, self.ENDPOINT_GET_QSCHEMA):
             raise HttpReqErrJson(415, "invalid arguments for command")
 
-        if not self.LOCK.acquire_read(self.lock_timeout):
-            raise HttpReqErrJson(503, "unable to take LOCK for reading after %s seconds" % self.lock_timeout)
+        (lock_release_func,
+         lock_release_args) = self._lock(params['endpoint'],
+                                         params.get('id'))
 
         try:
             return self._do_response(request, params)
@@ -267,15 +285,17 @@ def api_endpoint_get(self, request):
         except Exception as e:
             LOG.exception("%r", e)
         finally:
-            self.LOCK.release()
+            lock_release_func(*lock_release_args)
+
+        return None
 
 
     ENDPOINT_PUT_QSCHEMA = xys.load("""
-    server_id:    !!str
-    endpoint:     !!str
-    id:           !!str
-    command*:     !~~enum(axfr-retrieve,notify,rectify)
-    domain*:      !!str
+    server_id: !!str
+    endpoint:  !!str
+    id:        !!str
+    command*:  !~~enum(axfr-retrieve,notify,rectify)
+    domain*:   !!str
     """)
 
     def api_endpoint_put(self, request):
@@ -289,8 +309,9 @@ def api_endpoint_put(self, request):
         if not xys.validate(params, self.ENDPOINT_PUT_QSCHEMA):
             raise HttpReqErrJson(415, "invalid arguments for command")
 
-        if not self.LOCK.acquire_read(self.lock_timeout):
-            raise HttpReqErrJson(503, "unable to take LOCK for reading after %s seconds" % self.lock_timeout)
+        (lock_release_func,
+         lock_release_args) = self._lock(params['endpoint'],
+                                         params['id'])
 
         try:
             return self._do_response(request, params)
@@ -299,19 +320,21 @@ def api_endpoint_put(self, request):
         except Exception as e:
             LOG.exception("%r", e)
         finally:
-            self.LOCK.release()
+            lock_release_func(*lock_release_args)
+
+        return None
 
 
     ENDPOINT_POST_QSCHEMA = xys.load("""
-    server_id?:   !!str
-    endpoint?:    !!str
+    server_id: !!str
+    endpoint:  !~~enum(zones)
     """)
 
     ENDPOINT_POST_PSCHEMA = xys.load("""
     nameservers?:  [ !~~callback(pdns.domain) ]
     masters?:      [ !~~callback(pdns.ipaddr) ]
-    kind?:         !~~ienum(native,master,primary,slave,secondary)
-    name?:         !~~callback(pdns.domain)
+    kind:          !~~ienum(native,master,primary,slave,secondary)
+    name:          !~~callback(pdns.domain)
     account?:      !!str
     soa_edit_api?: !~~enum(DEFAULT,INCREASE,INCEPTION-INCREMENT,EPOCH,INCEPTION-EPOCH)
     """)
@@ -334,13 +357,12 @@ def api_endpoint_post(self, request):
         if not xys.validate(args, self.ENDPOINT_POST_PSCHEMA):
             raise HttpReqErrJson(415, "invalid arguments for command payload parameters")
 
-        if not self.LOCK.acquire_write(self.lock_timeout):
-            raise HttpReqErrJson(503, "unable to take LOCK for writing after %s seconds" % self.lock_timeout)
+        (lock_release_func,
+         lock_release_args) = self._lock(params['endpoint'],
+                                         args['name'],
+                                         self.LOCK.acquire_write)
 
         try:
-            if params.get('endpoint') != 'zones':
-                raise HttpReqErrJson(400, "invalid request")
-
             has_rrsets = False
             domain_name = args['name'].rstrip('.')
 
@@ -396,13 +418,15 @@ def api_endpoint_post(self, request):
         except Exception as e:
             LOG.exception("%r", e)
         finally:
-            self.LOCK.release()
+            lock_release_func(*lock_release_args)
+
+        return None
 
 
     ENDPOINT_PATCH_QSCHEMA = xys.load("""
-    server_id:    !!str
-    endpoint:     !!str
-    id:           !!str
+    server_id: !!str
+    endpoint:  !~~enum(zones)
+    id:        !!str
     """)
 
     ENDPOINT_PATCH_PSCHEMA = xys.load("""
@@ -443,13 +467,12 @@ def api_endpoint_patch(self, request):
         if not xys.validate(args, self.ENDPOINT_PATCH_PSCHEMA):
             raise HttpReqErrJson(415, "invalid arguments for command payload parameters")
 
-        if not self.LOCK.acquire_write(self.lock_timeout):
-            raise HttpReqErrJson(503, "unable to take LOCK for writing after %s seconds" % self.lock_timeout)
+        (lock_release_func,
+         lock_release_args) = self._lock(params['endpoint'],
+                                         params['id'],
+                                         self.LOCK.acquire_write)
 
         try:
-            if params.get('endpoint') != 'zones':
-                raise HttpReqErrJson(400, "invalid request")
-
             if not args.get('rrsets'):
                 return self._do_response(request, None, args)
 
@@ -468,13 +491,15 @@ def api_endpoint_patch(self, request):
         except Exception as e:
             LOG.exception("%r", e)
         finally:
-            self.LOCK.release()
+            lock_release_func(*lock_release_args)
+
+        return None
 
 
     ENDPOINT_DELETE_QSCHEMA = xys.load("""
-    server_id:   !!str
-    endpoint:    !!str
-    id:          !!str
+    server_id: !!str
+    endpoint:  !~~enum(zones)
+    id:        !!str
     """)
 
     def api_endpoint_delete(self, request):
@@ -488,13 +513,12 @@ def api_endpoint_delete(self, request):
         if not xys.validate(params, self.ENDPOINT_DELETE_QSCHEMA):
             raise HttpReqErrJson(415, "invalid arguments for command for query parameters")
 
-        if not self.LOCK.acquire_write(self.lock_timeout):
-            raise HttpReqErrJson(503, "unable to take LOCK for writing after %s seconds" % self.lock_timeout)
+        (lock_release_func,
+         lock_release_args) = self._lock(params['endpoint'],
+                                         params['id'],
+                                         self.LOCK.acquire_write)
 
         try:
-            if params.get('endpoint') != 'zones':
-                raise HttpReqErrJson(400, "invalid request")
-
             uids = self._push_apis_sync('delete_hosted_zone', params)
             if not uids:
                 raise HttpReqErrJson(500, "unable to retrieve uids")
@@ -509,7 +533,9 @@ def api_endpoint_delete(self, request):
         except Exception as e:
             LOG.exception("%r", e)
         finally:
-            self.LOCK.release()
+            lock_release_func(*lock_release_args)
+
+        return None
 
 
     ENDPOINT_VALIDATE_QSCHEMA = xys.load("""
@@ -561,6 +587,8 @@ def api_endpoint_validate(self, request):
         finally:
             self.LOCK.release()
 
+        return False
+
 
 if __name__ != "__main__":
     def _start():

nsaproxy/plugins/cdns.py

@@ -29,9 +29,9 @@ class NSAProxyCdnsPlugin(NSAProxyApiBase):
 
     # pylint: disable-msg=attribute-defined-outside-init
     def safe_init(self):
-        self.conn           = None
+        self.conn = None
 
-        if self.PLUGIN_NAME not in self.config['plugins']:
+        if not self.plugconf:
             return
 
         self.adapter_redis  = DWhoAdapterRedis(self.config, prefix = 'nsaproxy')
@@ -150,13 +150,13 @@ def _do_change_rrsets(self, obj):
 
         xid     = self.adapter_redis.get_key(self._keyname_zone(zoneid))
         if not xid:
-            domains = self.conn.search_domains(zoneid)
-            if not domains \
-               or 'domains' not in domains \
-               or not domains['domains'].get('domains'):
+            zones = self.conn.search_zones(zoneid)
+            if not zones \
+               or 'data' not in zones \
+               or not zones['data'].get('results'):
                 raise LookupError("unable to find zone id: %r" % zoneid)
             self.adapter_redis.set_key(self._keyname_zone(zoneid),
-                                       domains['domains']['domains'][0]['domain_id'])
+                                       zones['data']['results'][0]['zoneId'])
 
         xid     = self.adapter_redis.get_key(self._keyname_zone(zoneid))
         if not xid:
@@ -188,15 +188,15 @@ def _do_change_rrsets(self, obj):
                 action = rrset['changetype'].lower()
 
             if rrset['changetype'] == 'DELETE':
-                changes.append({'action':      'purge',
-                                'host_name':   name,
-                                'record_type': rrset['type']})
+                changes.append({'action': 'purge',
+                                'hostName': name,
+                                'type': rrset['type']})
                 continue
 
             for record in rrset['records']:
-                change = {'host_name':   name,
-                          'ttl':         rrset.get('ttl') or 0,
-                          'record_type': rrset['type']}
+                change = {'hostName': name,
+                          'ttl': rrset.get('ttl') or 0,
+                          'type': rrset['type']}
 
                 change.update(self._build_record_value(zoneid, rrset['type'], record['content']))
                 nrrsets.append(change.copy())
@@ -214,8 +214,8 @@ def _do_change_rrsets(self, obj):
         if changes:
             self.conn.change_records(xid,
                                      changes,
-                                     deploy_type = self.config['plugins'][self.PLUGIN_NAME].get('deployment'),
-                                     force       = True)
+                                     deployment = self.plugconf.get('deployment'),
+                                     force      = True)
         self.adapter_redis.set_key(self._keyname_rrsets(zoneid),
                                    json.dumps(nrrsets))