jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

domains: remove SECRET_PLACEHOLDER from responses

Browse Source
This commit is contained in:
Girish Ramakrishnan
2025-10-08 12:04:31 +02:00
parent f1fb5f2530
commit 01d7d41c17
21 changed files with 266 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/dns/desec.js
+35 -35
View File
@@ -1,15 +1,5 @@
'use strict';
exports = module.exports = {
removePrivateFields,
injectPrivateFields,
upsert,
get,
del,
wait,
verifyDomainConfig
};
const assert = require('node:assert'),
constants = require('../constants.js'),
BoxError = require('../boxerror.js'),
@@ -28,12 +18,12 @@ function formatError(response) {
}
function removePrivateFields(domainObject) {
domainObject.config.token = constants.SECRET_PLACEHOLDER;
delete domainObject.config.token;
return domainObject;
}
function injectPrivateFields(newConfig, currentConfig) {
if (newConfig.token === constants.SECRET_PLACEHOLDER) newConfig.token = currentConfig.token;
if (!Object.hasOwn(newConfig, 'token')) newConfig.token = currentConfig.token;
}
async function get(domainObject, location, type) {
@@ -62,6 +52,29 @@ async function get(domainObject, location, type) {
return response.body.records;
}
async function del(domainObject, location, type, values) {
assert.strictEqual(typeof domainObject, 'object');
assert.strictEqual(typeof location, 'string');
assert.strictEqual(typeof type, 'string');
assert(Array.isArray(values));
const domainConfig = domainObject.config,
zoneName = domainObject.zoneName,
name = dns.getName(domainObject, location, type) || '@';
await timers.setTimeout(1000); // https://desec.readthedocs.io/en/latest/rate-limits.html
const [error, response] = await safe(superagent.del(`${DESEC_ENDPOINT}/domains/${zoneName}/rrsets/${name}/${type}/`)
.set('Authorization', `Token ${domainConfig.token}`)
.timeout(30 * 1000)
.retry(5)
.ok(() => true));
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
if (response.status === 404) return;
if (response.status === 403 || response.status === 401) throw new BoxError(BoxError.ACCESS_DENIED, formatError(response));
if (response.status !== 204) throw new BoxError(BoxError.EXTERNAL_ERROR, formatError(response));
}
async function upsert(domainObject, location, type, values) {
assert.strictEqual(typeof domainObject, 'object');
assert.strictEqual(typeof location, 'string');
@@ -94,29 +107,6 @@ async function upsert(domainObject, location, type, values) {
if (response.status !== 201) throw new BoxError(BoxError.EXTERNAL_ERROR, formatError(response));
}
async function del(domainObject, location, type, values) {
assert.strictEqual(typeof domainObject, 'object');
assert.strictEqual(typeof location, 'string');
assert.strictEqual(typeof type, 'string');
assert(Array.isArray(values));
const domainConfig = domainObject.config,
zoneName = domainObject.zoneName,
name = dns.getName(domainObject, location, type) || '@';
await timers.setTimeout(1000); // https://desec.readthedocs.io/en/latest/rate-limits.html
const [error, response] = await safe(superagent.del(`${DESEC_ENDPOINT}/domains/${zoneName}/rrsets/${name}/${type}/`)
.set('Authorization', `Token ${domainConfig.token}`)
.timeout(30 * 1000)
.retry(5)
.ok(() => true));
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
if (response.status === 404) return;
if (response.status === 403 || response.status === 401) throw new BoxError(BoxError.ACCESS_DENIED, formatError(response));
if (response.status !== 204) throw new BoxError(BoxError.EXTERNAL_ERROR, formatError(response));
}
async function wait(domainObject, subdomain, type, value, options) {
assert.strictEqual(typeof domainObject, 'object');
assert.strictEqual(typeof subdomain, 'string');
@@ -166,3 +156,13 @@ async function verifyDomainConfig(domainObject) {
return credentials;
}
exports = module.exports = {
removePrivateFields,
injectPrivateFields,
upsert,
get,
del,
wait,
verifyDomainConfig
};