Skip to content

Implement Subzone detection

Limit creation of zones to subzones of domains from the public suffix list. Furthermore disallow creating zones which are subzones of existing zones, unless the creating user also owns the parent zone. When multiple layers are involved the next layer up counts.

Admins may bypass this restriction, however this should not happen by accident but need a conscious decision. The current plan is a message box when the action fails stating something like "This is a subzone of example.org which is owned by another user. As Admin you can bypass the limitation which would forbid this action [Button: create zone bypassing this restriction]"

Assuming the following zones exist:

  • example.org. owned by A
  • foo.example.org. owned by B

The following zones are forbidden to create:

  • com. - no valid SLD

The following zones can only be created by certain users:

  • bar.example.org. by A
  • bar.foo.example.org. by B