Development

2026-05-25 01:04:47 -04:00 · 2026-05-25 01:04:47 -04:00 · 27eaea3d73
commit 27eaea3d73
parent a4652866c3
19 changed files with 602 additions and 427 deletions
--- a/docker/routlin-dash/app/action_dnsblocking.py
+++ b/docker/routlin-dash/app/action_dnsblocking.py
@ -0,0 +1,214 @@
+import re
+from flask import Blueprint, request, redirect, flash
+from auth import require_level
+from config_utils import load_core, save_core, verify_core_hash, queued_msg
+import sanitize
+import validation as validate
+
+bp = Blueprint('action_dnsblocking', __name__)
+
+VIEW = '/view/view_dns_blocking'
+
+_VALID_FORMATS_STR = ', '.join(sorted(validate.VALID_BLOCKLIST_FORMATS))
+
+
+def _row_index():
+    try:
+        return int(request.form.get('row_index', ''))
+    except (ValueError, TypeError):
+        return None
+
+
+def _hash_ok():
+    if not verify_core_hash(request.form.get('config_hash', '')):
+        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
+        return False
+    return True
+
+
+def _save_as_from_name(name):
+    slug = re.sub(r'[^a-z0-9_-]', '_', name.lower()).strip('_')
+    return f'{slug}.conf'
+
+
+def _parse_fields():
+    name        = sanitize.name(request.form.get('name', ''))
+    description = sanitize.description(request.form.get('description', ''))
+    fmt         = sanitize.filtervalue(request.form.get('format', ''), validate.VALID_BLOCKLIST_FORMATS)
+    url         = sanitize.url(request.form.get('url', ''))
+
+    if not name:
+        flash('The configuration has not been saved because a name is required.', 'error')
+        return None, True
+    if not url:
+        flash('The configuration has not been saved because a URL is required.', 'error')
+        return None, True
+    if not fmt:
+        flash(f'The configuration has not been saved because the format is invalid. '
+              f'Accepted formats: {_VALID_FORMATS_STR}.', 'error')
+        return None, True
+
+    return {'name': name, 'description': description, 'format': fmt, 'url': url}, None
+
+
+@bp.route('/action/dnsblocking_tableblocklists_rowdelete', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_tableblocklists_rowdelete():
+    idx = _row_index()
+    if idx is None:
+        flash('Invalid request.', 'error')
+        return redirect(VIEW)
+
+    if not _hash_ok():
+        return redirect(VIEW)
+
+    core  = load_core()
+    items = core.get('dns_blocking', {}).get('blocklists', [])
+    if idx < 0 or idx >= len(items):
+        flash('Entry not found.', 'error')
+        return redirect(VIEW)
+
+    items.pop(idx)
+    errors = validate.validate_config(core)
+    if errors:
+        for msg in errors:
+            flash(msg, 'error')
+        return redirect(VIEW)
+    save_core(core)
+
+    flash(queued_msg('core apply'), 'success')
+    return redirect(VIEW)
+
+
+@bp.route('/action/dnsblocking_tableblocklists_rowedit', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_tableblocklists_rowedit():
+    idx = _row_index()
+    if idx is None:
+        flash('Invalid request.', 'error')
+        return redirect(VIEW)
+
+    fields, err = _parse_fields()
+    if err:
+        return redirect(VIEW)
+
+    if not _hash_ok():
+        return redirect(VIEW)
+
+    core  = load_core()
+    items = core.get('dns_blocking', {}).get('blocklists', [])
+    if idx < 0 or idx >= len(items):
+        flash('Entry not found.', 'error')
+        return redirect(VIEW)
+
+    items[idx].update({
+        'name':        fields['name'],
+        'description': fields['description'],
+        'format':      fields['format'],
+        'url':         fields['url'],
+    })
+    errors = validate.validate_config(core)
+    if errors:
+        for msg in errors:
+            flash(msg, 'error')
+        return redirect(VIEW)
+    save_core(core)
+
+    flash(queued_msg('core apply'), 'success')
+    return redirect(VIEW)
+
+
+@bp.route('/action/dnsblocking_cardaddblocklist_add', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_cardaddblocklist_add():
+    fields, err = _parse_fields()
+    if err:
+        return redirect(VIEW)
+
+    if not _hash_ok():
+        return redirect(VIEW)
+
+    core       = load_core()
+    blocklists = core.setdefault('dns_blocking', {}).setdefault('blocklists', [])
+
+    if any(b.get('name', '').lower() == fields['name'].lower() for b in blocklists):
+        flash('The configuration has not been saved because a blocklist with that name already exists.', 'error')
+        return redirect(VIEW)
+
+    blocklists.append({
+        'name':        fields['name'],
+        'description': fields['description'],
+        'format':      fields['format'],
+        'url':         fields['url'],
+        'save_as':     _save_as_from_name(fields['name']),
+    })
+    errors = validate.validate_config(core)
+    if errors:
+        for msg in errors:
+            flash(msg, 'error')
+        return redirect(VIEW)
+    save_core(core)
+
+    flash(queued_msg('core apply'), 'success')
+    return redirect(VIEW)
+
+
+@bp.route('/action/dnsblocking_cardblocklistrefresh_save', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_cardblocklistrefresh_save():
+    daily_execute_time = validate.time_24h(sanitize.time_24h(request.form.get('daily_execute_time_24hr_local', '')))
+
+    if not daily_execute_time:
+        flash('Daily Refresh Time must be a valid 24-hour time (e.g. 02:30).', 'error')
+        return redirect(VIEW)
+
+    if not verify_core_hash(request.form.get('config_hash', '')):
+        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
+        return redirect(VIEW)
+
+    core = load_core()
+    core.setdefault('dns_blocking', {}).setdefault('general', {})['daily_execute_time_24hr_local'] = daily_execute_time
+    save_core(core)
+
+    flash(queued_msg('core apply'), 'success')
+    return redirect(VIEW)
+
+
+@bp.route('/action/dnsblocking_cardblocklistrefresh_refreshnow', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_cardblocklistrefresh_refreshnow():
+    flash(queued_msg('core update-blocklists', action_label='Blocklist refresh queued'), 'success')
+    return redirect(VIEW)
+
+
+@bp.route('/action/dnsblocking_cardlogging_save', methods=['POST'])
+@require_level('administrator')
+def dnsblocking_cardlogging_save():
+    log_max_kb_raw      = request.form.get('log_max_kb', '').strip()
+    log_errors_only     = 'log_errors_only' in request.form
+    dnsmasq_log_queries = 'dnsmasq_log_queries' in request.form
+
+    log_max_kb = validate.int_range(log_max_kb_raw, 64, None)
+    if log_max_kb is None:
+        flash('Max Log Size must be a number >= 64.', 'error')
+        return redirect(VIEW)
+
+    if not verify_core_hash(request.form.get('config_hash', '')):
+        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
+        return redirect(VIEW)
+
+    core = load_core()
+    core.setdefault('dns_blocking', {}).setdefault('general', {}).update({
+        'log_max_kb':      log_max_kb,
+        'log_errors_only': log_errors_only,
+    })
+    core.setdefault('network_interfaces', {})['dnsmasq_log_queries'] = dnsmasq_log_queries
+    errors = validate.validate_config(core)
+    if errors:
+        for msg in errors:
+            flash(msg, 'error')
+        return redirect(VIEW)
+    save_core(core)
+
+    flash(queued_msg('core apply'), 'success')
+    return redirect(VIEW)