better validation

bin/build_zone

@@ -38,6 +38,7 @@ use feature qw{signatures state};
 use FindBin::libs;
 use Trog::Config();
 use Trog::Zone();
+use Trog::Auth;
 
 use DNS::Unbound;
 use Net::DNS::Packet;
@@ -47,7 +48,7 @@ use Net::IP;
 
 use Getopt::Long qw{GetOptionsFromArray};
 
-exit main(@ARGV) unless caller;
+main(@ARGV) unless caller;
 
 sub main(@args) {
 
@@ -65,6 +66,9 @@ sub main(@args) {
     my $domain = Trog::Config->get()->param('general.hostname');
     die "Hostname not set in tCMS configuration.  Please set this first." unless $domain;
 
+    my $user = Trog::Auth::primary_user;
+    die "Primary tCMS user not yet set up" unless $user;
+
     # Get a flesh start
     Trog::Zone::delzone($domain);
 
@@ -84,12 +88,23 @@ sub main(@args) {
         version    => 0,
         dkim_pkey => extract_pkey($domain),
         acme_challenge => get_dns_dcv_string( $domain ),
+        visibility => 'private',
+        acls       => [qw{admin}],
+        aliases    => [],
+        tags       => ['zone'],
+        form       => 'dns.tx',
+        callback   => "Trog::Routes::TXT::zone",
+        id         => undef,
+        created    => undef,
+        local_href => "/text/zone/$domain",
+        href       => "/text/zone/$domain",
+        user       => $user,
     };
 
-    my $zone = Trog::Zone::addzone($data);
-
     my $processor = Text::Xslate->new( path => 'www/templates/text' );
-    print $processor->render('zone.tx', $zone);
+    $data->{data} = $processor->render('zone.tx', $data);
+
+    my $zone = Trog::Zone::addzone($data);
 
     return 0;
 }

lib/Trog/Auth.pm

@@ -71,6 +71,20 @@ sub user_exists ($user) {
     return 1;
 }
 
+=head2 primary_user
+
+Returns the oldest user with the admin ACL.
+
+=cut
+
+sub primary_user {
+    my $dbh  = _dbh();
+    my $rows = $dbh->selectall_arrayref( "SELECT username FROM user_acl WHERE acl='admin' LIMIT 1", { Slice => {} });
+    return 0 unless ref $rows eq 'ARRAY' && @$rows;
+    return $rows->[0]{username};
+}
+
+
 =head2 get_existing_user_data
 
 Fetch existing settings for a user.

lib/Trog/DataModule.pm

@@ -296,7 +296,6 @@ our %schema = (
     'version'    => $not_ref,
     'visibility' => $not_ref,
     'aliases'    => \&Ref::Util::is_arrayref,
-    'tiled'      => $not_ref,
 
     # title links here
     'href' => $not_ref,
@@ -323,6 +322,8 @@ our %schema = (
     ## Series specific parameters
     'child_form' => $not_ref,
     'aclname'    => $not_ref,
+    'tiled'      => $not_ref,
+
     ## User specific parameters
     'user_acls'      => \&Ref::Util::is_arrayref,
     'username'       => $not_ref,

lib/Trog/Vars.pm

@@ -67,7 +67,6 @@ our %schema = (
     'version'    => $not_ref,
     'visibility' => $not_ref,
     'aliases'    => \&Ref::Util::is_arrayref,
-    'tiled'      => $not_ref,
 
     # title links here
     'href' => $not_ref,
@@ -108,6 +107,14 @@ sub filter ($data, $user_schema={}) {
     foreach my $key ( keys(%$data) ) {
         # We need to have the key in the schema, and it validate.
         delete $data->{$key} unless List::Util::any { ( $_ eq $key ) && ( $user_schema->{$key}->( $data->{$key} ) ) } keys(%$user_schema);
+
+        #use Data::Dumper;
+        #print Dumper($data);
+
+        # All parameters in the schema are MANDATORY.
+        foreach my $param (keys(%$user_schema)) {
+            die "Missing mandatory parameter $param" unless exists $data->{$param};
+        }
     }
     return %$data;
 }

lib/Trog/Zone.pm

@@ -48,11 +48,11 @@ my $valid_ip = sub {
 };
 
 my $valid_rev_ip = sub {
-    return shift =~ m/\.in-addr\.arpa$/;
+    return shift =~ m/\.in-addr\.arpa\.$/;
 };
 
 my $valid_rev_ip6 = sub {
-    return shift =~ m/\.ip6\.arpa$/;
+    return shift =~ m/\.ip6\.arpa\.$/;
 };
 
 my $spec = {
@@ -60,7 +60,6 @@ my $spec = {
     ip6            => $valid_ip,
     ip_reversed    => $valid_rev_ip,
     ip6_reversed   => $valid_rev_ip6,
-    domain         => $Trog::Vars::not_ref,
     nameservers    => \&Ref::Util::is_arrayref,
     subdomains     => \&Ref::Util::is_arrayref,
     cnames         => \&Ref::Util::is_arrayref,