Block ability to remove allowed TLDs from the registrar console

This is a temporary measure until we implement access control for Support. Once we implement access control, we will only block Support from removing TLDs on production. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=222180321
2025-08-06 01:35:17 +02:00 · 2018-11-19 19:50:02 -08:00 · 2018-11-19 19:50:02 -08:00 · 274b7115d4
commit 274b7115d4
parent f46f817f9e
2 changed files with 36 additions and 5 deletions
--- a/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java
+++ b/javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTest.java
@ -302,7 +302,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
    setUserAdmin();
    doTestUpdate(
        Registrar::getAllowedTlds,
-        ImmutableSet.of("newtld"),
+        ImmutableSet.of("newtld", "currenttld"),
        (builder, s) -> builder.setAllowedTlds(s));
    assertMetric(CLIENT_ID, "update", "[ADMIN]", "SUCCESS");
  }
@ -340,7 +340,7 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
                ImmutableMap.of(
                    "lastUpdateTime", getLastUpdateTime(),
                    "emailAddress", "abc@def.com",
-                    "allowedTlds", ImmutableList.of("invalidtld"))));
+                    "allowedTlds", ImmutableList.of("invalidtld", "currenttld"))));
    assertThat(response)
        .containsExactly(
            "status", "ERROR",
@ -350,6 +350,28 @@ public class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase
    assertNoTasksEnqueued("sheet");
  }

+  @Test
+  public void testUpdate_allowedTlds_failedWhenRemovingTld() {
+    setUserAdmin();
+    Map<String, Object> response =
+        action.handleJsonRequest(
+            ImmutableMap.of(
+                "op", "update",
+                "id", CLIENT_ID,
+                "args",
+                ImmutableMap.of(
+                    "lastUpdateTime", getLastUpdateTime(),
+                    "emailAddress", "abc@def.com",
+                    "allowedTlds", ImmutableList.of("newTld"))));
+    assertThat(response)
+        .containsExactly(
+            "status", "ERROR",
+            "results", ImmutableList.of(),
+            "message", "Can't remove allowed TLDs using the console.");
+    assertMetric(CLIENT_ID, "update", "[ADMIN]", "ERROR: ForbiddenException");
+    assertNoTasksEnqueued("sheet");
+  }
+
  @Test
  public void testUpdate_allowedTlds_noChange_successWhenUserIsNotAdmin() {
    Map<String, Object> response =