diff --git a/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java b/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java index 24937264a..cf04cb12e 100644 --- a/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java +++ b/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java @@ -22,6 +22,7 @@ import static google.registry.export.sheet.SyncRegistrarsSheetAction.enqueueRegi import static google.registry.model.ofy.ObjectifyService.ofy; import static google.registry.security.JsonResponseHelper.Status.ERROR; import static google.registry.security.JsonResponseHelper.Status.SUCCESS; +import static google.registry.util.PreconditionsUtils.checkArgumentPresent; import com.google.auto.value.AutoValue; import com.google.common.base.Ascii; @@ -330,6 +331,16 @@ public class RegistrarSettingsAction implements Runnable, JsonActionRunner.JsonA if (!Sets.difference(initialRegistrar.getAllowedTlds(), updatedAllowedTlds).isEmpty()) { throw new ForbiddenException("Can't remove allowed TLDs using the console."); } + if (!Sets.difference(updatedAllowedTlds, initialRegistrar.getAllowedTlds()).isEmpty()) { + // If a REAL registrar isn't in compliance with regards to having an abuse contact set, + // prevent addition of allowed TLDs until that's fixed. + if (Registrar.Type.REAL.equals(initialRegistrar.getType()) + && RegistryEnvironment.PRODUCTION.equals(registryEnvironment)) { + checkArgumentPresent( + initialRegistrar.getWhoisAbuseContact(), + "Cannot add allowed TLDs if there is no WHOIS abuse contact set."); + } + } builder.setAllowedTlds(updatedAllowedTlds); return checkNotChangedUnlessAllowed(builder, initialRegistrar, Role.ADMIN); } diff --git a/javatests/google/registry/model/registrar/RegistrarTest.java b/javatests/google/registry/model/registrar/RegistrarTest.java index bdf2aab4a..21d4041f3 100644 --- a/javatests/google/registry/model/registrar/RegistrarTest.java +++ b/javatests/google/registry/model/registrar/RegistrarTest.java @@ -467,7 +467,7 @@ public class RegistrarTest extends EntityTestCase { // Make sure the TLD we want to create doesn't exist yet. // This is also important because getTlds fills out the cache when used. assertThat(Registries.getTlds()).doesNotContain("newtld"); - // We can't use createTld here because it failes when the cache is used. + // We can't use createTld here because it fails when the cache is used. persistResource(newRegistry("newtld", "NEWTLD")); // Make sure we set up the cache correctly, so the newly created TLD isn't in the cache assertThat(Registries.getTlds()).doesNotContain("newtld"); diff --git a/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java b/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java index dc1ae7ea3..cfbe6c122 100644 --- a/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java +++ b/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java @@ -30,6 +30,7 @@ import com.google.common.collect.ImmutableSet; import com.google.common.collect.ImmutableSetMultimap; import com.google.common.collect.Maps; import com.google.common.collect.Sets; +import google.registry.config.RegistryEnvironment; import google.registry.export.sheet.SyncRegistrarsSheetAction; import google.registry.model.registrar.Registrar; import google.registry.request.auth.AuthenticatedRegistrarAccessor; @@ -245,7 +246,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase * Makes sure a field update succeeds IF AND ONLY IF we have the "correct" role. * * Each of the Registrar fields can be changed only by a single {@link Role}. We make sure that - * trying to update the field works if the user has the "correct" role, but failes if it doesn't. + * trying to update the field works if the user has the "correct" role, but fails if it doesn't. */ private void doTestUpdate( Role correctRole, @@ -253,7 +254,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase T newValue, BiFunction setter) { doTestUpdateWithCorrectRole_succeeds(correctRole, getter, newValue, setter); - doTestUpdateWithoutCorrectRole_failes(correctRole, getter, newValue, setter); + doTestUpdateWithoutCorrectRole_fails(correctRole, getter, newValue, setter); } private void doTestUpdateWithCorrectRole_succeeds( @@ -293,7 +294,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase assertMetric(CLIENT_ID, "update", String.format("[%s]", role), "SUCCESS"); } - private void doTestUpdateWithoutCorrectRole_failes( + private void doTestUpdateWithoutCorrectRole_fails( Role correctRole, Function getter, T newValue, @@ -405,6 +406,29 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase (builder, s) -> builder.setAllowedTlds(s)); } + @Test + public void testUpdate_allowedTlds_failedWhenNoWhoisAbuseContactExists() { + setUserAdmin(); + action.registryEnvironment = RegistryEnvironment.PRODUCTION; + Map args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap()); + args.put("allowedTlds", ImmutableList.of("newtld", "currenttld")); + + Map response = + action.handleJsonRequest( + ImmutableMap.of( + "op", "update", + "id", CLIENT_ID, + "args", args)); + + assertThat(response) + .containsExactly( + "status", "ERROR", + "results", ImmutableList.of(), + "message", "Cannot add allowed TLDs if there is no WHOIS abuse contact set."); + assertMetric(CLIENT_ID, "update", "[ADMIN]", "ERROR: IllegalArgumentException"); + assertNoTasksEnqueued("sheet"); + } + @Test public void testUpdate_allowedTlds_failedWhenTldNotExist() { setUserAdmin();