mirror of
https://github.com/google/nomulus.git
synced 2025-06-12 23:44:46 +02:00
Refactor authInfo validation
1) Don't do ofy().load() inside a model class (in DomainAuthInfo) 2) Move the one use of verify into the one caller in ResourceFlowUtils 3) Hosts don't support authInfo, so remove useless code ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=137984809
This commit is contained in:
cgoldfeder
Ben McIlwain
parent
f95f27ed72
commit
2dd703ef3a
28 changed files with 102 additions and 146 deletions
|
|
@ -18,7 +18,7 @@ import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
|||
import static google.registry.flows.ResourceFlowUtils.failfastForAsyncDelete;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.model.eppoutput.Result.Code.SUCCESS_WITH_ACTION_PENDING;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
|
|
@ -92,7 +92,7 @@ public final class ContactDeleteFlow implements TransactionalFlow {
|
|||
failfastForAsyncDelete(targetId, now, ContactResource.class, GET_REFERENCED_CONTACTS);
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyNoDisallowedStatuses(existingContact, DISALLOWED_STATUSES);
|
||||
verifyOptionalAuthInfoForResource(authInfo, existingContact);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(clientId, existingContact);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ package google.registry.flows.contact;
|
|||
|
||||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.model.EppResourceUtils.cloneResourceWithLinkedStatus;
|
||||
|
||||
import com.google.common.base.Optional;
|
||||
|
|
@ -58,7 +58,7 @@ public final class ContactInfoFlow implements Flow {
|
|||
extensionManager.validate(); // There are no legal extensions for this flow.
|
||||
validateClientIsLoggedIn(clientId);
|
||||
ContactResource contact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyOptionalAuthInfoForResource(authInfo, contact);
|
||||
verifyOptionalAuthInfo(authInfo, contact);
|
||||
if (!clientId.equals(contact.getCurrentSponsorClientId()) && !authInfo.isPresent()) {
|
||||
contact = contact.asBuilder().setAuthInfo(null).build();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ package google.registry.flows.contact;
|
|||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.approvePendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
|
|
@ -78,7 +78,7 @@ public final class ContactTransferApproveFlow implements TransactionalFlow {
|
|||
validateClientIsLoggedIn(clientId);
|
||||
DateTime now = ofy().getTransactionTime();
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyOptionalAuthInfoForResource(authInfo, existingContact);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
TransferData transferData = existingContact.getTransferData();
|
||||
if (transferData.getTransferStatus() != TransferStatus.PENDING) {
|
||||
throw new NotPendingTransferException(targetId);
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ package google.registry.flows.contact;
|
|||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.denyPendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
|
|
@ -74,7 +74,7 @@ public final class ContactTransferCancelFlow implements TransactionalFlow {
|
|||
validateClientIsLoggedIn(clientId);
|
||||
DateTime now = ofy().getTransactionTime();
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyOptionalAuthInfoForResource(authInfo, existingContact);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
TransferData transferData = existingContact.getTransferData();
|
||||
if (transferData.getTransferStatus() != TransferStatus.PENDING) {
|
||||
throw new NotPendingTransferException(targetId);
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ package google.registry.flows.contact;
|
|||
|
||||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
|
||||
import com.google.common.base.Optional;
|
||||
|
|
@ -64,7 +64,7 @@ public final class ContactTransferQueryFlow implements Flow {
|
|||
validateClientIsLoggedIn(clientId);
|
||||
ContactResource contact =
|
||||
loadAndVerifyExistence(ContactResource.class, targetId, clock.nowUtc());
|
||||
verifyOptionalAuthInfoForResource(authInfo, contact);
|
||||
verifyOptionalAuthInfo(authInfo, contact);
|
||||
// Most of the fields on the transfer response are required, so there's no way to return valid
|
||||
// XML if the object has never been transferred (and hence the fields aren't populated).
|
||||
if (contact.getTransferData().getTransferStatus() == null) {
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ package google.registry.flows.contact;
|
|||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.denyPendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
|
|
@ -72,7 +72,7 @@ public final class ContactTransferRejectFlow implements TransactionalFlow {
|
|||
validateClientIsLoggedIn(clientId);
|
||||
DateTime now = ofy().getTransactionTime();
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyOptionalAuthInfoForResource(authInfo, existingContact);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
TransferData transferData = existingContact.getTransferData();
|
||||
if (transferData.getTransferStatus() != TransferStatus.PENDING) {
|
||||
throw new NotPendingTransferException(targetId);
|
||||
|
|
|
|||
|
|
@ -16,8 +16,9 @@ package google.registry.flows.contact;
|
|||
|
||||
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAuthInfoPresentForResourceTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyRequiredAuthInfoForResourceTransfer;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
|
|
@ -88,7 +89,8 @@ public final class ContactTransferRequestFlow implements TransactionalFlow {
|
|||
validateClientIsLoggedIn(gainingClientId);
|
||||
DateTime now = ofy().getTransactionTime();
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyRequiredAuthInfoForResourceTransfer(authInfo, existingContact);
|
||||
verifyAuthInfoPresentForResourceTransfer(authInfo);
|
||||
verifyAuthInfo(authInfo.get(), existingContact);
|
||||
// Verify that the resource does not already have a pending transfer.
|
||||
if (TransferStatus.PENDING.equals(existingContact.getTransferData().getTransferStatus())) {
|
||||
throw new AlreadyPendingTransferException(targetId);
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ import static google.registry.flows.ResourceFlowUtils.checkSameValuesNotAddedAnd
|
|||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAllStatusesAreClientSettable;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateAsciiPostalInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateContactAgainstPolicy;
|
||||
|
|
@ -92,7 +92,7 @@ public final class ContactUpdateFlow implements TransactionalFlow {
|
|||
Update command = (Update) resourceCommand;
|
||||
DateTime now = ofy().getTransactionTime();
|
||||
ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
|
||||
verifyOptionalAuthInfoForResource(authInfo, existingContact);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
ImmutableSet<StatusValue> statusToRemove = command.getInnerRemove().getStatusValues();
|
||||
ImmutableSet<StatusValue> statusesToAdd = command.getInnerAdd().getStatusValues();
|
||||
if (!isSuperuser) { // The superuser can update any contact and set any status.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue