Speed up authentication on large zones

The proxy does this validation in `def zone_detail`:

```python
    zone = json_or_none(proxy_to_backend("GET", "zones/%s" % requested_zone))
    if zone and zone.get("account", None) != g.username:
        raise Forbidden
```
However for zones with many RRsets, it's a lot of overhead, and the RRsets are not needed for validation of the zone owner. So I would suggest to only fetch the full zone for `GET` requests, but for all other requests `rrsets=false` is added as a query parameter:

```python
    if request.method == "GET":
        zone = json_or_none(proxy_to_backend("GET", "zones/%s" % requested_zone))
    else:
        zone = json_or_none(proxy_to_backend("GET", "zones/%s?rrsets=false" % requested_zone))
    if zone and zone.get("account", None) != g.username:
        raise Forbidden
```

The same applies for `def zone_notify`, but as here only `PUT` is used, I'd suggest to blindly set `rrsets=false`.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Speed up authentication on large zones #19

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Speed up authentication on large zones #19

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions