Fix issues with unauthorised adding subdomain to user account (hestiacp#1642)

jaapmarcus · web-flow · commit c16ec4070194 · 2021-02-28T09:32:45.000+01:00
* Don’t allow xxx.domain.tld to be created to different user if domain.tld exists

* $HESTIA/data/extensions is missing

* Enable Domain in use for other types
ALLOW_USERS var to allow domain to be used by user for sub domain.

* Set / change flag allow_users via bash command

* Fix 2 minor bugs

* Update automated tests

* Issue with v-add-web-domian-alias

* Improved testing the limitation for domains to user

* Fix issue with IDN domains

* Missing clossing “  on test

* Fix spelling
diff --git a/bin/v-add-dns-domain b/bin/v-add-dns-domain
@@ -53,6 +53,8 @@ is_package_full 'DNS_DOMAINS'
 template=$(get_user_value '$DNS_TEMPLATE')
 is_dns_template_valid $template
 
+is_base_domain_owner "$domain"
+
 if [ ! -z "$ns1" ]; then
     ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g')
     is_format_valid 'ns1'
diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain
@@ -51,6 +51,8 @@ is_domain_new 'mail' "$domain"
 is_package_full 'MAIL_DOMAINS'
 is_dir_symlink $HOMEDIR/$user/mail
 
+is_base_domain_owner "$domain"
+
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode
 
diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
@@ -51,6 +51,9 @@ is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
 is_domain_new 'web' "$domain,$aliases"
 is_dir_symlink "$HOMEDIR/$user/web"
 is_dir_symlink "$HOMEDIR/$user/web/$domain"
+
+is_base_domain_owner "$domain,$aliases"
+
 if [ ! -z "$ip" ]; then
     is_ip_valid "$ip" "$user"
 else
diff --git a/bin/v-add-web-domain-alias b/bin/v-add-web-domain-alias
@@ -51,6 +51,8 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain"
 is_domain_new 'web' "$aliases"
 is_package_full 'WEB_ALIASES'
 
+is_base_domain_owner "$aliases"
+
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode
 
diff --git a/bin/v-add-web-domain-allow-users b/bin/v-add-web-domain-allow-users
@@ -0,0 +1,67 @@
+#!/bin/bash
+# info: disables other users create subdomains
+# options: USER DOMAIN
+# labels: web hestia
+#
+# example: v-delete-web-domain-allow-users
+#
+# Disallow other users to create a new subdomain.
+# eg: admin adds admin.com
+# user can't create user.admin.com
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+domain_idn=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/func/domain.sh
+source $HESTIA/func/ip.sh
+source $HESTIA/conf/hestia.conf
+
+# Additional argument formatting
+format_domain
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [ -z "$ALLOW_USERS" ]; then
+    add_object_key "web" 'DOMAIN' "$domain" 'ALLOW_USERS' 'TIME'
+fi
+
+# Adding new alias
+update_object_value 'web' 'DOMAIN' "$domain" '$ALLOW_USERS' "yes"
+
+log_history "Allow users create subdomain for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-delete-web-domain-allow-users b/bin/v-delete-web-domain-allow-users
@@ -0,0 +1,68 @@
+#!/bin/bash
+# info: disables other users create subdomains
+# options: USER DOMAIN
+# labels: web hestia
+#
+# example: v-delete-web-domain-allow-users
+#
+# Disallow other users to create a new subdomain.
+# eg: admin adds admin.com
+# user can't create user.admin.com
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+domain_idn=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/func/domain.sh
+source $HESTIA/func/ip.sh
+source $HESTIA/conf/hestia.conf
+
+# Additional argument formatting
+format_domain
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [ -z "$ALLOW_USERS" ]; then
+add_object_key "web" 'DOMAIN' "$domain" 'ALLOW_USERS' 'TIME'
+fi
+
+# Adding new alias
+update_object_value 'web' 'DOMAIN' "$domain" '$ALLOW_USERS' "no"
+
+log_history "Allow users create subdomain for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/func/domain.sh b/func/domain.sh
@@ -867,3 +867,67 @@ is_domain_new() {
 get_domain_values() {
     parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/$1.conf)
 }
+
+#----------------------------------------------------------#
+# 2 Char domain name detection                             #
+#----------------------------------------------------------#
+
+is_valid_extension() {
+    if [ ! -e "$HESTIA/data/extensions/public_suffix_list.dat" ]; then
+        mkdir $HESTIA/data/extensions/
+        chmod 750 $HESTIA/data/extensions/
+        /usr/bin/wget --tries=3 --timeout=15 --read-timeout=15 --waitretry=3 --no-dns-cache --quiet -O $HESTIA/data/extensions/public_suffix_list.dat https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat 
+    fi
+    test_domain=$(idn -t --quiet -u "$1" )
+    extension=$( /bin/echo "${test_domain}" | /usr/bin/rev | /usr/bin/cut -d "." --output-delimiter="." -f 1 | /usr/bin/rev );
+    exten=$(grep "^$extension\$" $HESTIA/data/extensions/public_suffix_list.dat);
+    if [ $? -ne 0 ]; then
+        check_result 2 ".$extension is not valid"
+    fi
+}
+
+is_valid_2_part_extension() {
+    if [ ! -e "$HESTIA/data/extensions/public_suffix_list.dat" ]; then
+        mkdir $HESTIA/data/extensions/
+        chmod 750 $HESTIA/data/extensions/
+        /usr/bin/wget --tries=3 --timeout=15 --read-timeout=15 --waitretry=3 --no-dns-cache --quiet -O $HESTIA/data/extensions/public_suffix_list.dat https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat 
+    fi
+    test_domain=$(idn -t --quiet -u "$1" )
+    extension=$( /bin/echo "${test_domain}" | /usr/bin/rev | /usr/bin/cut -d "." --output-delimiter="." -f 1-2 | /usr/bin/rev );
+    exten=$(grep "^$extension\$" $HESTIA/data/extensions/public_suffix_list.dat);
+}
+
+get_base_domain() {
+    test_domain=$1
+    is_valid_extension "$test_domain"
+    if [ $? -ne 0 ]; then
+        basedomain=""
+    else 
+        is_valid_2_part_extension "$test_domain"
+        if [ $? -ne 0 ]; then
+           basedomain=$( /bin/echo "${test_domain}" | /usr/bin/rev | /usr/bin/cut -d "." --output-delimiter="." -f 1-2 | /usr/bin/rev ); 
+        else
+           extension=$( /bin/echo "${test_domain}" | /usr/bin/rev | /usr/bin/cut -d "." --output-delimiter="." -f 1-2 | /usr/bin/rev ); 
+           partdomain=$( /bin/echo "${test_domain}" | /usr/bin/rev | /usr/bin/cut -d "." --output-delimiter="." -f 3 | /usr/bin/rev );
+           basedomain="$partdomain.$extension"
+        fi
+    fi
+}
+
+is_base_domain_owner(){
+    for object in ${1//,/ }; do
+        if [ "$object" != "none" ]; then
+            get_base_domain $object
+            web=$(grep -F -H -h "DOMAIN='$basedomain'" $HESTIA/data/users/*/web.conf);
+            if [ ! -z "$web" ]; then
+                parse_object_kv_list "$web"
+                if [ -z "$ALLOW_USERS" ] ||  [ "$ALLOW_USERS" != "yes" ]; then
+                # Don't care if $basedomain all ready exists only if the owner is of the base domain is the current user
+                is_domain_new "" $basedomain
+                fi
+            else
+                is_domain_new "" $basedomain
+            fi
+        fi
+    done
+}
diff --git a/test/test.bats b/test/test.bats
@@ -13,11 +13,14 @@ function setup() {
     # echo "# Setup_file" > &3
     if [ $BATS_TEST_NUMBER = 1 ]; then
         echo 'user=test-5285' > /tmp/hestia-test-env.sh
+        echo 'user2=test-5286' >> /tmp/hestia-test-env.sh
         echo 'userbk=testbk-5285' >> /tmp/hestia-test-env.sh
         echo 'userpass1=test-5285' >> /tmp/hestia-test-env.sh
         echo 'userpass2=t3st-p4ssw0rd' >> /tmp/hestia-test-env.sh
         echo 'HESTIA=/usr/local/hestia' >> /tmp/hestia-test-env.sh
         echo 'domain=test-5285.hestiacp.com' >> /tmp/hestia-test-env.sh
+        echo 'rootdomain=testhestiacp.com' >> /tmp/hestia-test-env.sh
+        echo 'subdomain=cdn.testhestiacp.com' >> /tmp/hestia-test-env.sh
         echo 'database=test-5285_database' >> /tmp/hestia-test-env.sh
         echo 'dbuser=test-5285_dbuser' >> /tmp/hestia-test-env.sh
     fi
@@ -552,8 +555,7 @@ function validate_database(){
     assert_success
     refute_output
 }
-
-
+ 
 #----------------------------------------------------------#
 #                      MULTIPHP                            #
 #----------------------------------------------------------#
@@ -941,6 +943,114 @@ function validate_database(){
     assert_failure $E_NOTEXIST
 }
 
+#----------------------------------------------------------#
+#    Limit possibilities adding different owner domain    #
+#----------------------------------------------------------#
+
+@test "Allow Users: User can't add user.user2.com " {
+    # Case: admin company.ltd
+    # users should not be allowed to add user.company.ltd
+    run v-add-user $user2 $user2 $user@hestiacp.com default "Super Test"
+    assert_success
+    refute_output
+    
+    run v-add-web-domain $user2 $rootdomain 
+    assert_success
+    refute_output
+    
+    run v-add-web-domain $user $subdomain
+    assert_failure $E_EXISTS
+}
+
+@test "Allow Users: User can't add user.user2.com as alias" {
+    run v-add-web-domain-alias $user $domain $subdomain
+    assert_failure $E_EXISTS
+}
+
+@test "Allow Users: User can't add user.user2.com as mail domain" {
+    run v-add-mail-domain $user $subdomain
+    assert_failure $E_EXISTS
+}
+
+@test "Allow Users: User can't add user.user2.com as dns domain" {
+    run v-add-dns-domain $user $subdomain 198.18.0.125
+    assert_failure $E_EXISTS
+}
+
+@test "Allow Users: Set Allow users" {
+    # Allow user to yes allows
+    # Case: admin company.ltd
+    # users are allowed to add user.company.ltd
+    run v-add-web-domain-allow-users $user2 $rootdomain
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: User can add user.user2.com" {
+    run v-add-web-domain $user $subdomain
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: User can add user.user2.com as alias" {
+    run v-delete-web-domain $user $subdomain
+    assert_success
+    refute_output
+    
+    run v-add-web-domain-alias $user $domain $subdomain
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: User can add user.user2.com as mail domain" {
+    run v-add-mail-domain $user $subdomain
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: User can add user.user2.com as dns domain" {
+    run v-add-dns-domain $user $subdomain 198.18.0.125
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: Cleanup tests" {
+    run v-delete-dns-domain $user $subdomain
+    assert_success
+    refute_output
+
+    run v-delete-mail-domain $user $subdomain
+    assert_success
+    refute_output
+}
+
+
+@test "Allow Users: Set Allow users no" {
+    run v-delete-web-domain-alias $user $domain $subdomain 
+    assert_success
+    refute_output
+    
+    run v-delete-web-domain-allow-users $user2 $rootdomain
+    assert_success
+    refute_output
+}
+
+@test "Allow Users: User can't add user.user2.com again" {
+    run v-add-web-domain $user $subdomain
+    assert_failure $E_EXISTS
+}
+
+@test "Allow Users: user2 can add user.user2.com again" {
+    run v-add-web-domain $user2 $subdomain
+    assert_success
+    refute_output
+
+    run v-delete-user $user2
+    assert_success
+    refute_output
+}
+
+
 
 #----------------------------------------------------------#
 #                         DB                               #
