Block ability to remove allowed TLDs from the registrar console

This is a temporary measure until we implement access control for Support.

Once we implement access control, we will only block Support from removing TLDs
on production.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222180321
This commit is contained in:
guyben 2018-11-19 19:50:02 -08:00 committed by jianglai
parent f46f817f9e
commit 274b7115d4
2 changed files with 36 additions and 5 deletions

View file

@ -302,7 +302,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
setUserAdmin();
doTestUpdate(
Registrar::getAllowedTlds,
ImmutableSet.of("newtld"),
ImmutableSet.of("newtld", "currenttld"),
(builder, s) -> builder.setAllowedTlds(s));
assertMetric(CLIENT_ID, "update", "[ADMIN]", "SUCCESS");
}
@ -340,7 +340,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
ImmutableMap.of(
"lastUpdateTime", getLastUpdateTime(),
"emailAddress", "abc@def.com",
"allowedTlds", ImmutableList.of("invalidtld"))));
"allowedTlds", ImmutableList.of("invalidtld", "currenttld"))));
assertThat(response)
.containsExactly(
"status", "ERROR",
@ -350,6 +350,28 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
assertNoTasksEnqueued("sheet");
}
@Test
public void testUpdate_allowedTlds_failedWhenRemovingTld() {
setUserAdmin();
Map<String, Object> response =
action.handleJsonRequest(
ImmutableMap.of(
"op", "update",
"id", CLIENT_ID,
"args",
ImmutableMap.of(
"lastUpdateTime", getLastUpdateTime(),
"emailAddress", "abc@def.com",
"allowedTlds", ImmutableList.of("newTld"))));
assertThat(response)
.containsExactly(
"status", "ERROR",
"results", ImmutableList.of(),
"message", "Can't remove allowed TLDs using the console.");
assertMetric(CLIENT_ID, "update", "[ADMIN]", "ERROR: ForbiddenException");
assertNoTasksEnqueued("sheet");
}
@Test
public void testUpdate_allowedTlds_noChange_successWhenUserIsNotAdmin() {
Map<String, Object> response =