diff --git a/src/accesscontrol.js b/src/accesscontrol.js index 1eefc1402..122cfbde0 100644 --- a/src/accesscontrol.js +++ b/src/accesscontrol.js @@ -4,7 +4,8 @@ exports = module.exports = { SCOPE_APPS: 'apps', SCOPE_CLIENTS: 'clients', SCOPE_CLOUDRON: 'cloudron', - SCOPE_DOMAINS: 'domains', + SCOPE_DOMAINS_READ: 'domains:read', + SCOPE_DOMAINS_MANAGE: 'domains:manage', SCOPE_MAIL: 'mail', SCOPE_PROFILE: 'profile', SCOPE_SETTINGS: 'settings', @@ -32,7 +33,7 @@ const ROLE_DEFINITIONS = { scopes: exports.VALID_SCOPES }, 'manage_apps': { - scopes: [ 'apps', 'domains', 'users' ] + scopes: [ 'apps', 'domains:read', 'users' ] }, 'manage_users': { scopes: [ 'users' ] diff --git a/src/domains.js b/src/domains.js index 0c36765a9..187d5c31c 100644 --- a/src/domains.js +++ b/src/domains.js @@ -17,6 +17,7 @@ module.exports = exports = { waitForDnsRecord: waitForDnsRecord, removePrivateFields: removePrivateFields, + removeRestrictedFields: removeRestrictedFields, DomainsError: DomainsError }; @@ -372,8 +373,15 @@ function fqdn(location, domain, provider) { return location + (location ? (provider !== 'caas' ? '.' : '-') : '') + domain; } +// removes all fields that are strictly private and should never be returned by API calls function removePrivateFields(domain) { var result = _.pick(domain, 'domain', 'zoneName', 'provider', 'config', 'tlsConfig', 'fallbackCertificate'); if (result.fallbackCertificate) delete result.fallbackCertificate.key; // do not return the 'key'. in caas, this is private return result; } + +// removes all fields that are not accessible by a normal user +function removeRestrictedFields(domain) { + var result = _.pick(domain, 'domain', 'zoneName', 'provider'); + return result; +} \ No newline at end of file diff --git a/src/routes/domains.js b/src/routes/domains.js index 9d040da17..48e913c7d 100644 --- a/src/routes/domains.js +++ b/src/routes/domains.js @@ -55,7 +55,7 @@ function getAll(req, res, next) { domains.getAll(function (error, result) { if (error) return next(new HttpError(500, error)); - result = result.map(domains.removePrivateFields); + result = result.map(domains.removeRestrictedFields); next(new HttpSuccess(200, { domains: result })); }); @@ -98,4 +98,3 @@ function del(req, res, next) { next(new HttpSuccess(204)); }); } - diff --git a/src/server.js b/src/server.js index 13b03d84b..006d9cbdf 100644 --- a/src/server.js +++ b/src/server.js @@ -96,7 +96,8 @@ function initializeExpressSync() { var settingsScope = routes.accesscontrol.scope(accesscontrol.SCOPE_SETTINGS); var mailScope = routes.accesscontrol.scope(accesscontrol.SCOPE_MAIL); var clientsScope = routes.accesscontrol.scope(accesscontrol.SCOPE_CLIENTS); - var domainsScope = routes.accesscontrol.scope(accesscontrol.SCOPE_DOMAINS); + var domainsReadScope = routes.accesscontrol.scope(accesscontrol.SCOPE_DOMAINS_READ); + var domainsManageScope = routes.accesscontrol.scope(accesscontrol.SCOPE_DOMAINS_MANAGE); var appstoreScope = routes.accesscontrol.scope(accesscontrol.SCOPE_APPSTORE); // csrf protection @@ -258,11 +259,11 @@ function initializeExpressSync() { router.post('/api/v1/backups', settingsScope, routes.backups.create); // domain routes - router.post('/api/v1/domains', domainsScope, routes.domains.add); - router.get ('/api/v1/domains', domainsScope, routes.domains.getAll); - router.get ('/api/v1/domains/:domain', domainsScope, routes.domains.get); - router.put ('/api/v1/domains/:domain', domainsScope, routes.domains.update); - router.del ('/api/v1/domains/:domain', domainsScope, routes.users.verifyPassword, routes.domains.del); + router.post('/api/v1/domains', domainsManageScope, routes.domains.add); + router.get ('/api/v1/domains', domainsReadScope, routes.domains.getAll); + router.get ('/api/v1/domains/:domain', domainsManageScope, routes.domains.get); + router.put ('/api/v1/domains/:domain', domainsManageScope, routes.domains.update); + router.del ('/api/v1/domains/:domain', domainsManageScope, routes.users.verifyPassword, routes.domains.del); // caas routes router.post('/api/v1/caas/change_plan', cloudronScope, routes.users.verifyPassword, routes.caas.changePlan);