feat(api): read zone records without template + snapshot-to-template
LoadDomain requires a template, so a zone without one could never be
viewed or snapshotted. Adds a template-free path: store.LoadZone /
service.ZoneRef / DomainService.ZoneRecords read a zone's live records
straight from the provider (no diff, no template). GET
/domains/{did}/records exposes read-only viewing; POST
/domains/{did}/template-from-zone snapshots only managed record types
(NS/SOA excluded) into a new template and auto-attaches it to the domain.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01BwxdSt4reTm7Dj1oxRvpP3
This commit is contained in:
@@ -33,6 +33,18 @@ func (s *Store) LoadDomain(ctx context.Context, projectID, domainID uuid.UUID) (
|
||||
}, nil
|
||||
}
|
||||
|
||||
// LoadZone returns just the provider-access half of a domain (provider name,
|
||||
// encrypted secret, zone id), WITHOUT requiring an attached template — so a
|
||||
// zone's live records can be read for viewing/snapshot even when no template
|
||||
// is set. Scoped by projectID (same IDOR closure as LoadDomain).
|
||||
func (s *Store) LoadZone(ctx context.Context, projectID, domainID uuid.UUID) (service.ZoneRef, error) {
|
||||
row, err := s.q.LoadDomainFull(ctx, db.LoadDomainFullParams{ID: domainID, ProjectID: projectID})
|
||||
if err != nil {
|
||||
return service.ZoneRef{}, err
|
||||
}
|
||||
return service.ZoneRef{ZoneID: row.ZoneID, Provider: row.Provider, SecretEnc: row.SecretEnc}, nil
|
||||
}
|
||||
|
||||
// SaveCheckRun persists a summary of the changeset (counts of updates/prunes)
|
||||
// as a check_runs row.
|
||||
func (s *Store) SaveCheckRun(ctx context.Context, domainID uuid.UUID, cs diff.Changeset) error {
|
||||
|
||||
Reference in New Issue
Block a user