We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
desec-stack
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix(api): don't accept POST requests for already registered domains

We return 409 CONFLICT when someone trys to register a domain that is already
registered.

Closes #6
Nils Wisiol 8 years ago
parent
d391585f78
commit
67f02b3f13
2 changed files with 16 additions and 2 deletions
Split View Show Diff Stats
  1. 8 0
      api/desecapi/tests/testdomains.py
  2. 8 2
      api/desecapi/views.py

+ 8 - 0
api/desecapi/tests/testdomains.py
View File 

@@ -106,6 +106,14 @@ class AuthenticatedDomainTests(APITestCase):
 
         self.assertTrue(self.token in email)
 
         self.assertEqual(response.data['dyn'], True)
 
 
+    def testCantPostSameDomainTwice(self):
 
+        url = reverse('domain-list')
 
+        data = {'name': utils.generateDomainname(), 'dyn': True}
 
+        response = self.client.post(url, data)
 
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
 
+        response = self.client.post(url, data)
 
+        self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
 
+
 
     def testCanUpdateARecord(self):
 
         url = reverse('domain-detail', args=(self.ownedDomains[1].pk,))
 
         response = self.client.get(url)

+ 8 - 2
api/desecapi/views.py
View File 

@@ -12,13 +12,13 @@ from rest_framework.reverse import reverse
 
 from rest_framework.authentication import TokenAuthentication, get_authorization_header
 
 from rest_framework.renderers import StaticHTMLRenderer
 
 from dns import resolver
 
-import subprocess
 
-import re
 
 from django.template.loader import get_template
 
 from django.template import Context
 
 from desecapi.authentication import BasicTokenAuthentication, URLParamAuthentication
 
 import base64
 
 from desecapi import settings
 
+from rest_framework.exceptions import ValidationError
 
+
 
 
 class DomainList(generics.ListCreateAPIView):
 
     serializer_class = DomainSerializer
 
@@ -28,6 +28,12 @@ class DomainList(generics.ListCreateAPIView):
 
         return Domain.objects.filter(owner=self.request.user.pk)
 
 
     def perform_create(self, serializer):
 
+        queryset = Domain.objects.filter(name=serializer.validated_data['name'])
 
+        if queryset.exists():
 
+            ex = ValidationError(detail={"detail": "This domain name is already registered.", "code": "domain-taken"})
 
+            ex.status_code = 409
 
+            raise ex
 
+
 
         obj = serializer.save(owner=self.request.user)
 
 
         def sendDynDnsEmail(domain):

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5