-
Notifications
You must be signed in to change notification settings - Fork 0
Unauthorized access template
Security best practices and common security policies mandate that an application dashboard should not be exposed to accounts with no privileges on it, in order to minimize the attack surface.
However, in a corporate environment with hundreds or thousands of users on the company's directory, PowerDNS-Admin has no mechanism to restrict access to the few PDA-Admins/Operators and prevent access to all the others who can just authenticate following the company's directory.
The rationale of this PR is to distinct the eligible PowerDNS-Admin Users, by taking into account the derived privileges of the logged-in user in the early stage of the login process. Users that don't have any rights to their profile, shall be redirected to a non-authorized access page.
That includes every PDA-User that has neither Accounts nor Domains registered to their name. Furthermore, we have taken into consideration the setting allow_user_create_domain.
PowerDNS-Admin philosophy currently states that, when this setting is toggled on, Users can create their own Domains if and only if they belong to an Account, but when toggled off Users are ineligible to create a Domain. Additionally, Users that don't have any Account also can't create a Domain.
Following that logic, every PDA-User that technically is unable to create a Domain and also has zero Domains, is prohibited from entering the application.