API: 404 on non-existing CryptoKey keyid

author Pieter Lexis <pieter.lexis@powerdns.com>

Wed, 23 May 2018 16:18:36 +0000 (18:18 +0200)

committer Pieter Lexis <pieter.lexis@powerdns.com>

Wed, 23 May 2018 18:51:11 +0000 (20:51 +0200)
author Pieter Lexis <pieter.lexis@powerdns.com>
Wed, 23 May 2018 16:18:36 +0000 (18:18 +0200)
committer Pieter Lexis <pieter.lexis@powerdns.com>
Wed, 23 May 2018 18:51:11 +0000 (20:51 +0200)
diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc

index 5a38d0f9d85b277ed6d7572862d3b550c7e6f303..ce66ceae218e7e47f29a37442dd1687e81eb1698 100644 (file)
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -906,6 +906,21 @@ static void apiZoneMetadataKind(HttpRequest* req, HttpResponse* resp) {
      throw HttpMethodNotAllowedException();
  }
  
+// Throws 404 if the key with inquireKeyId does not exist
+static void apiZoneCryptoKeysCheckKeyExists(DNSName zonename, int inquireKeyId, DNSSECKeeper *dk) {
+  DNSSECKeeper::keyset_t keyset=dk->getKeys(zonename, false);
+  bool found = false;
+  for(const auto& value : keyset) {
+    if (value.second.id == (unsigned) inquireKeyId) {
+      found = true;
+      break;
+    }
+  }
+  if (!found) {
+    throw HttpNotFoundException();
+  }
+}
+
  static void apiZoneCryptokeysGET(DNSName zonename, int inquireKeyId, HttpResponse *resp, DNSSECKeeper *dk) {
    DNSSECKeeper::keyset_t keyset=dk->getKeys(zonename, false);
  
@@ -972,18 +987,6 @@ static void apiZoneCryptokeysGET(DNSName zonename, int inquireKeyId, HttpRespons
   *      The server returns 404 Not Found
   * */
  static void apiZoneCryptokeysDELETE(DNSName zonename, int inquireKeyId, HttpRequest *req, HttpResponse *resp, DNSSECKeeper *dk) {
-  DNSSECKeeper::keyset_t keyset=dk->getKeys(zonename, false);
-  bool found = false;
-  for(const auto& value : keyset) {
-    if (value.second.id == (unsigned) inquireKeyId) {
-      found = true;
-      break;
-    }
-  }
-  if (!found) {
-    throw HttpNotFoundException();
-  }
-
    if (dk->removeKey(zonename, inquireKeyId)) {
      resp->body = "";
      resp->status = 204;
@@ -1167,6 +1170,7 @@ static void apiZoneCryptokeys(HttpRequest *req, HttpResponse *resp) {
    int inquireKeyId = -1;
    if (req->parameters.count("key_id")) {
      inquireKeyId = std::stoi(req->parameters["key_id"]);
+    apiZoneCryptoKeysCheckKeyExists(zonename, inquireKeyId, &dk);
    }
  
    if (req->method == "GET") {
diff --git a/regression-tests.api/test_cryptokeys.py b/regression-tests.api/test_cryptokeys.py

index a3469ca9a3ed32ed578005491d8d302906b75d1d..8a4c874d6459bff564b647ffd3a6e8ecf974691c 100644 (file)
--- a/regression-tests.api/test_cryptokeys.py
+++ b/regression-tests.api/test_cryptokeys.py
@@ -71,8 +71,7 @@ class Cryptokeys(ApiTestCase):
          self.remove_zone_key(self.keyid)
          #checks for key is gone. Its ok even if no key had to be deleted. Or something went wrong with the backend.
          r = self.session.delete(self.url("/api/v1/servers/localhost/zones/"+self.zone+"/cryptokeys/"+self.keyid))
-        self.assertEquals(r.status_code, 200)
-        self.assertEquals(r.content, b"")
+        self.assertEquals(r.status_code, 404)
  
      # Prepares the json object for Post and sends it to the server
      def add_key(self, content='', type='ksk', active='true', algo='', bits=None):
author	Pieter Lexis <pieter.lexis@powerdns.com>
	Wed, 23 May 2018 16:18:36 +0000 (18:18 +0200)
committer	Pieter Lexis <pieter.lexis@powerdns.com>
	Wed, 23 May 2018 18:51:11 +0000 (20:51 +0200)
pdns/ws-auth.cc		patch \| blob \| history
regression-tests.api/test_cryptokeys.py		patch \| blob \| history