1 files changed, 6 insertions, 11 deletions

diff --git a/api/dns.go b/api/dns.go
index 6f0e1fd..7ade6e4 100644
--- a/api/dns.go
+++ b/api/dns.go
@@ -15,23 +15,18 @@ import (
 
 const MAX_USER_RECORDS = 65
 
-type FormError struct {
-	Errors []string
-}
+var USER_OWNED_INTERNAL_FMT_DOMAINS = []string{"%s", "%s.endpoints"}
 
-func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord) bool {
+func userCanFuckWithDNSRecord(dbConn *sql.DB, user *database.User, record *database.DNSRecord, ownedInternalDomainFormats []string) bool {
 	ownedByUser := (user.ID == record.UserID)
 	if !ownedByUser {
 		return false
 	}
 
 	if !record.Internal {
-		userOwnedDomains := []string{
-			fmt.Sprintf("%s", user.Username),
-			fmt.Sprintf("%s.endpoints", user.Username),
-		}
+		for _, format := range ownedInternalDomainFormats {
+			domain := fmt.Sprintf(format, user.Username)
 
-		for _, domain := range userOwnedDomains {
 			isInSubDomain := strings.HasSuffix(record.Name, "."+domain)
 			if domain == record.Name || isInSubDomain {
 				return true
@@ -106,7 +101,7 @@ func CreateDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
 				Internal: internal,
 			}
 
-			if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord) {
+			if !userCanFuckWithDNSRecord(context.DBConn, context.User, dnsRecord, USER_OWNED_INTERNAL_FMT_DOMAINS) {
 				formErrors.Errors = append(formErrors.Errors, "'name' must end with "+context.User.Username+" or you must be a domain owner for internal domains")
 			}
 
@@ -155,7 +150,7 @@ func DeleteDNSRecordContinuation(dnsAdapter external_dns.ExternalDNSAdapter) fun
 				return failure(context, req, resp)
 			}
 
-			if !userCanFuckWithDNSRecord(context.DBConn, context.User, record) {
+			if !userCanFuckWithDNSRecord(context.DBConn, context.User, record, USER_OWNED_INTERNAL_FMT_DOMAINS) {
 				resp.WriteHeader(http.StatusUnauthorized)
 				return failure(context, req, resp)
 			}