From eb1a6069d65ffc84c12759902ba909c11ea8a0b4 Mon Sep 17 00:00:00 2001
From: Ezri Brimhall <ezri.brimhall@usu.edu>
Date: Tue, 2 Apr 2024 14:55:22 -0400
Subject: [PATCH 1/2] Should fix cascading delete issue (#3)

Reviewed-on: https://git.hatecomputers.club/hatecomputers/hatecomputers.club/pulls/3
Co-authored-by: Ezri Brimhall <ezri.brimhall@usu.edu>
Co-committed-by: Ezri Brimhall <ezri.brimhall@usu.edu>
---
 database/users.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/database/users.go b/database/users.go
index ab48699..f438281 100644
--- a/database/users.go
+++ b/database/users.go
@@ -50,7 +50,12 @@ func GetUser(dbConn *sql.DB, id string) (*User, error) {
 func FindOrSaveUser(dbConn *sql.DB, user *User) (*User, error) {
 	log.Println("finding or saving user", user.ID)
 
-	_, err := dbConn.Exec(`INSERT OR REPLACE INTO users (id, mail, username, display_name) VALUES (?, ?, ?, ?);`, user.ID, user.Mail, user.Username, user.DisplayName)
+	_, err := dbConn.Exec(`INSERT OR IGNORE INTO users (id, mail, username, display_name) VALUES (?, ?, ?, ?);`, user.ID, user.Mail, user.Username, user.DisplayName)
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = dbConn.Exec(`UPDATE users SET mail = ?, username = ?, display_name = ? WHERE id = ?;`, user.Mail, user.Username, user.DisplayName, user.ID)
 	if err != nil {
 		return nil, err
 	}

From 1fb45f8c4aca0d0d61b017d4b7afe24d0157fd18 Mon Sep 17 00:00:00 2001
From: Elizabeth <elizabeth@simponic.xyz>
Date: Tue, 2 Apr 2024 14:33:11 -0600
Subject: [PATCH 2/2] allow user to fuck with <user>.endpoints

---
 api/dns.go | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/api/dns.go b/api/dns.go
index a1739d3..ad41103 100644
--- a/api/dns.go
+++ b/api/dns.go
@@ -2,6 +2,7 @@ package api
 
 import (
 	"database/sql"
+	"fmt"
 	"log"
 	"net/http"
 	"strconv"
@@ -20,10 +21,23 @@ type FormError struct {
 
 func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord) bool {
 	ownedByUser := (user.ID == record.UserID)
+	if !ownedByUser {
+		return false
+	}
 
 	if !record.Internal {
-		publicallyOwnedByUser := (record.Name == user.Username || strings.HasSuffix(record.Name, "."+user.Username))
-		return ownedByUser && publicallyOwnedByUser
+		userOwnedDomains := []string{
+			fmt.Sprintf("%s", user.Username),
+			fmt.Sprintf("%s.endpoints", user.Username),
+		}
+
+		for _, domain := range userOwnedDomains {
+			isInSubDomain := strings.HasSuffix(record.Name, "."+domain)
+			if domain == record.Name || isInSubDomain {
+				return true
+			}
+		}
+		return false
 	}
 
 	owner, err := database.FindFirstDomainOwnerId(dbConn, record.Name)