zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-15 08:57:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

Properly handle NAME_COLLISION domains in start-date sunrise

Browse source 
Domains that are reserved with type NAME_COLLISION can be registered defensively
during sunrise only, but DNS can never resolve for them. Correspondingly, we
need to apply the SERVER_HOLD status for such registrations. We also send the
registrar a poll message informing them of this act.

This brings us up to feature parity with end-date sunrise (implemented in
DomainAllocateFlow), which already has all of this handling.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=205277728
This commit is contained in:
mcilwain 2018-07-19 11:57:04 -07:00 committed by jianglai
parent 8a8cd9f0d2
commit 4b99fae1dd
6 changed files with 153 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

6
java/google/registry/flows/domain/DomainAllocateFlow.java
View file

@ -17,6 +17,7 @@ package google.registry.flows.domain;
import static com.google.common.collect.MoreCollectors.onlyElement;
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
import static google.registry.flows.domain.DomainFlowUtils.COLLISION_MESSAGE;
import static google.registry.flows.domain.DomainFlowUtils.cloneAndLinkReferences;
import static google.registry.flows.domain.DomainFlowUtils.createFeeCreateResponse;
import static google.registry.flows.domain.DomainFlowUtils.getReservationTypes;
@ -113,11 +114,6 @@ import org.joda.time.Duration;
@ReportingSpec(ActivityReportField.DOMAIN_CREATE) // Allocates are special domain creates.
public class DomainAllocateFlow implements TransactionalFlow {
private static final String COLLISION_MESSAGE =
"Domain on the name collision list was allocated. But by policy, the domain will not be "
+ "delegated. Please visit https://www.icann.org/namecollision for more information on name "
+ "collision.";
@Inject ExtensionManager extensionManager;
@Inject AuthInfo authInfo;
@Inject ResourceCommand resourceCommand;

41
java/google/registry/flows/domain/DomainCreateFlow.java
View file

@ -17,9 +17,11 @@ package google.registry.flows.domain;
import static google.registry.flows.FlowUtils.persistEntityChanges;
import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
import static google.registry.flows.domain.DomainFlowUtils.COLLISION_MESSAGE;
import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
import static google.registry.flows.domain.DomainFlowUtils.cloneAndLinkReferences;
import static google.registry.flows.domain.DomainFlowUtils.createFeeCreateResponse;
import static google.registry.flows.domain.DomainFlowUtils.getReservationTypes;
import static google.registry.flows.domain.DomainFlowUtils.prepareMarkedLrpTokenEntity;
import static google.registry.flows.domain.DomainFlowUtils.validateCreateCommandContactsAndNameservers;
import static google.registry.flows.domain.DomainFlowUtils.validateDomainAllowedOnCreateRestrictedTld;
@ -38,6 +40,7 @@ import static google.registry.flows.domain.DomainFlowUtils.verifyPremiumNameIsNo
import static google.registry.flows.domain.DomainFlowUtils.verifyRegistrarIsActive;
import static google.registry.flows.domain.DomainFlowUtils.verifyUnitIsYears;
import static google.registry.model.EppResourceUtils.createDomainRepoId;
import static google.registry.model.eppcommon.StatusValue.SERVER_HOLD;
import static google.registry.model.eppcommon.StatusValue.SERVER_TRANSFER_PROHIBITED;
import static google.registry.model.eppcommon.StatusValue.SERVER_UPDATE_PROHIBITED;
import static google.registry.model.index.DomainApplicationIndex.loadActiveApplicationsByDomainName;
@ -46,6 +49,7 @@ import static google.registry.model.registry.Registry.TldState.GENERAL_AVAILABIL
import static google.registry.model.registry.Registry.TldState.START_DATE_SUNRISE;
import static google.registry.model.registry.Registry.TldState.SUNRISE;
import static google.registry.model.registry.Registry.TldState.SUNRUSH;
import static google.registry.model.registry.label.ReservationType.NAME_COLLISION;
import static google.registry.model.registry.label.ReservedList.matchesAnchorTenantReservation;
import static google.registry.util.DateTimeUtils.END_OF_TIME;
import static google.registry.util.DateTimeUtils.leapSafeAddYears;
@ -74,7 +78,6 @@ import google.registry.flows.domain.token.AllocationTokenFlowUtils;
import google.registry.model.ImmutableObject;
import google.registry.model.billing.BillingEvent;
import google.registry.model.billing.BillingEvent.Flag;
import google.registry.model.billing.BillingEvent.OneTime;
import google.registry.model.billing.BillingEvent.Reason;
import google.registry.model.billing.BillingEvent.Recurring;
import google.registry.model.domain.DomainApplication;
@ -92,6 +95,7 @@ import google.registry.model.domain.secdns.SecDnsCreateExtension;
import google.registry.model.domain.token.AllocationToken;
import google.registry.model.domain.token.AllocationTokenExtension;
import google.registry.model.eppcommon.AuthInfo;
import google.registry.model.eppcommon.StatusValue;
import google.registry.model.eppinput.EppInput;
import google.registry.model.eppinput.ResourceCommand;
import google.registry.model.eppoutput.CreateData.DomainCreateData;
@ -99,6 +103,7 @@ import google.registry.model.eppoutput.EppResponse;
import google.registry.model.index.EppResourceIndex;
import google.registry.model.index.ForeignKeyIndex;
import google.registry.model.ofy.ObjectifyService;
import google.registry.model.poll.PendingActionNotificationResponse.DomainPendingActionNotificationResponse;
import google.registry.model.poll.PollMessage;
import google.registry.model.poll.PollMessage.Autorenew;
import google.registry.model.registry.Registry;
@ -326,6 +331,17 @@ public class DomainCreateFlow implements TransactionalFlow {
if (!feesAndCredits.getEapCost().isZero()) {
entitiesToSave.add(createEapBillingEvent(feesAndCredits, createBillingEvent));
}
ImmutableSet.Builder<StatusValue> statuses = new ImmutableSet.Builder<>();
if (registry.getDomainCreateRestricted()) {
statuses.add(SERVER_UPDATE_PROHIBITED, SERVER_TRANSFER_PROHIBITED);
}
if (getReservationTypes(domainName).contains(NAME_COLLISION)) {
statuses.add(SERVER_HOLD);
entitiesToSave.add(
createNameCollisionOneTimePollMessage(targetId, historyEntry, clientId, now));
}
DomainResource newDomain =
new DomainResource.Builder()
.setCreationClientId(clientId)
@ -342,10 +358,7 @@ public class DomainCreateFlow implements TransactionalFlow {
.setAuthInfo(command.getAuthInfo())
.setFullyQualifiedDomainName(targetId)
.setNameservers(command.getNameservers())
.setStatusValues(
registry.getDomainCreateRestricted()
? ImmutableSet.of(SERVER_UPDATE_PROHIBITED, SERVER_TRANSFER_PROHIBITED)
: ImmutableSet.of())
.setStatusValues(statuses.build())
.setContacts(command.getContacts())
.addGracePeriod(GracePeriod.forBillingEvent(GracePeriodStatus.ADD, createBillingEvent))
.build();
@ -499,7 +512,7 @@ public class DomainCreateFlow implements TransactionalFlow {
.build();
}
private OneTime createOneTimeBillingEvent(
private BillingEvent.OneTime createOneTimeBillingEvent(
Registry registry,
boolean isAnchorTenant,
boolean isSunriseCreate,
@ -556,7 +569,7 @@ public class DomainCreateFlow implements TransactionalFlow {
.build();
}
private static OneTime createEapBillingEvent(
private static BillingEvent.OneTime createEapBillingEvent(
FeesAndCredits feesAndCredits, BillingEvent.OneTime createBillingEvent) {
return new BillingEvent.OneTime.Builder()
.setReason(Reason.FEE_EARLY_ACCESS)
@ -571,6 +584,20 @@ public class DomainCreateFlow implements TransactionalFlow {
.build();
}
private static PollMessage.OneTime createNameCollisionOneTimePollMessage(
String fullyQualifiedDomainName, HistoryEntry historyEntry, String clientId, DateTime now) {
return new PollMessage.OneTime.Builder()
.setClientId(clientId)
.setEventTime(now)
.setMsg(COLLISION_MESSAGE) // Remind the registrar of the name collision policy.
.setResponseData(
ImmutableList.of(
DomainPendingActionNotificationResponse.create(
fullyQualifiedDomainName, true, historyEntry.getTrid(), now)))
.setParent(historyEntry)
.build();
}
private boolean isLrpCreate(Registry registry, boolean isAnchorTenant, DateTime now) {
return registry.getLrpPeriod().contains(now) && !isAnchorTenant;
}

6
java/google/registry/flows/domain/DomainFlowUtils.java
View file

@ -149,6 +149,12 @@ public class DomainFlowUtils {
ReservationType.NAME_COLLISION,
ReservationType.MISTAKEN_PREMIUM);
/** Warning message for allocation of collision domains in sunrise. */
public static final String COLLISION_MESSAGE =
"Domain on the name collision list was allocated. But by policy, the domain will not be "
+ "delegated. Please visit https://www.icann.org/namecollision for more information on "
+ "name collision.";
/** Non-sunrise tld states. */
private static final ImmutableSet<TldState> DISALLOWED_TLD_STATES_FOR_APPLICATION_FLOWS =
Sets.immutableEnumSet(

134
javatests/google/registry/flows/domain/DomainCreateFlowTest.java
View file

@ -21,6 +21,7 @@ import static google.registry.flows.FlowTestCase.UserPrivileges.SUPERUSER;
import static google.registry.model.billing.BillingEvent.Flag.ANCHOR_TENANT;
import static google.registry.model.domain.fee.Fee.FEE_EXTENSION_URIS;
import static google.registry.model.eppcommon.StatusValue.OK;
import static google.registry.model.eppcommon.StatusValue.SERVER_HOLD;
import static google.registry.model.eppcommon.StatusValue.SERVER_TRANSFER_PROHIBITED;
import static google.registry.model.eppcommon.StatusValue.SERVER_UPDATE_PROHIBITED;
import static google.registry.model.ofy.ObjectifyService.ofy;
@ -59,6 +60,7 @@ import static org.joda.money.CurrencyUnit.EUR;
import static org.joda.money.CurrencyUnit.USD;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.ImmutableSortedMap;
@ -144,6 +146,7 @@ import google.registry.model.domain.rgp.GracePeriodStatus;
import google.registry.model.domain.secdns.DelegationSignerData;
import google.registry.model.domain.token.AllocationToken;
import google.registry.model.eppcommon.StatusValue;
import google.registry.model.poll.PendingActionNotificationResponse.DomainPendingActionNotificationResponse;
import google.registry.model.poll.PollMessage;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.Registrar.State;
@ -184,7 +187,9 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
persistReservedList(
"tld-reserved",
"reserved,FULLY_BLOCKED",
"anchor,RESERVED_FOR_ANCHOR_TENANT,2fooBAR"))
"anchor,RESERVED_FOR_ANCHOR_TENANT,2fooBAR",
"test-and-validate,NAME_COLLISION",
"badcrash,NAME_COLLISION"))
.build());
persistClaimsList(ImmutableMap.of("example-one", CLAIMS_KEY));
}
@ -308,18 +313,17 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
assertNoTasksEnqueued(QUEUE_CLAIMS, QUEUE_SUNRISE);
}
private void assertSunriseLordn() throws Exception {
private void assertSunriseLordn(String domainName) throws Exception {
assertAboutDomains()
.that(reloadResourceByForeignKey())
.hasSmdId("0000001761376042759136-65535")
.and()
.hasLaunchNotice(null);
TaskMatcher task =
new TaskMatcher()
.payload(
reloadResourceByForeignKey().getRepoId()
+ ",test-validate.tld,0000001761376042759136-65535,1,2014-09-09T09:09:09.001Z");
assertTasksEnqueued(QUEUE_SUNRISE, task);
String expectedPayload =
String.format(
"%s,%s,0000001761376042759136-65535,1,2014-09-09T09:09:09.001Z",
reloadResourceByForeignKey().getRepoId(), domainName);
assertTasksEnqueued(QUEUE_SUNRISE, new TaskMatcher().payload(expectedPayload));
}
private void assertClaimsLordn() throws Exception {
@ -544,7 +548,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "test-validate.tld", "PHASE", "open"));
ImmutableMap.of("DOMAIN", "test-validate.tld", "PHASE", "open"));
persistContactsAndHosts();
EppException thrown =
assertThrows(SignedMarksOnlyDuringSunriseException.class, this::runFlow);
@ -557,7 +561,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "wrong.tld", "PHASE", "open"));
ImmutableMap.of("DOMAIN", "wrong.tld", "PHASE", "open"));
persistContactsAndHosts();
EppException thrown =
assertThrows(NoMarksFoundMatchingDomainException.class, this::runFlowAsSuperuser);
@ -1168,6 +1172,77 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
assertSuccessfulCreate("tld", ImmutableSet.of());
}
@Test
public void testSuccess_reservedNameCollisionDomain_inSunrise_setsServerHoldAndPollMessage()
throws Exception {
persistResource(
Registry.get("tld")
.asBuilder()
.setTldStateTransitions(ImmutableSortedMap.of(START_OF_TIME, START_DATE_SUNRISE))
.build());
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("DOMAIN", "test-and-validate.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
runFlowAssertResponse(
loadFile(
"domain_create_response_encoded_signed_mark_name.xml",
ImmutableMap.of("DOMAIN", "test-and-validate.tld")));
assertSunriseLordn("test-and-validate.tld");
// Check for SERVER_HOLD status, no DNS tasks enqueued, and collision poll message.
assertNoDnsTasksEnqueued();
DomainResource domain = reloadResourceByForeignKey();
assertThat(domain.getStatusValues()).contains(SERVER_HOLD);
assertPollMessagesWithCollisionOneTime(domain);
}
@Test
public void testSuccess_reservedNameCollisionDomain_withSuperuser_setsServerHoldAndPollMessage()
throws Exception {
setEppInput("domain_create.xml", ImmutableMap.of("DOMAIN", "badcrash.tld"));
persistContactsAndHosts();
runFlowAssertResponse(
CommitMode.LIVE,
SUPERUSER,
loadFile("domain_create_response.xml", ImmutableMap.of("DOMAIN", "badcrash.tld")));
// Check for SERVER_HOLD status, no DNS tasks enqueued, and collision poll message.
assertNoDnsTasksEnqueued();
DomainResource domain = reloadResourceByForeignKey();
assertThat(domain.getStatusValues()).contains(SERVER_HOLD);
assertPollMessagesWithCollisionOneTime(domain);
}
private void assertPollMessagesWithCollisionOneTime(DomainResource domain) {
HistoryEntry historyEntry = getHistoryEntries(domain).get(0);
assertPollMessagesForResource(
domain,
new PollMessage.Autorenew.Builder()
.setTargetId(domain.getFullyQualifiedDomainName())
.setClientId("TheRegistrar")
.setEventTime(domain.getRegistrationExpirationTime())
.setMsg("Domain was auto-renewed.")
.setParent(historyEntry)
.build(),
new PollMessage.OneTime.Builder()
.setParent(historyEntry)
.setEventTime(domain.getCreationTime())
.setClientId("TheRegistrar")
.setMsg(DomainFlowUtils.COLLISION_MESSAGE)
.setResponseData(
ImmutableList.of(
DomainPendingActionNotificationResponse.create(
domain.getFullyQualifiedDomainName(),
true,
historyEntry.getTrid(),
clock.nowUtc())))
.setId(1L)
.build());
}
@Test
public void testFailure_missingHost() {
persistActiveHost("ns1.example.net");
@ -1755,9 +1830,12 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
setEppInput("domain_create_registration_qlp_sunrise_encoded_signed_mark.xml");
eppRequestSource = EppRequestSource.TOOL; // Only tools can pass in metadata.
persistContactsAndHosts();
runFlowAssertResponse(loadFile("domain_create_response_encoded_signed_mark_name.xml"));
runFlowAssertResponse(
loadFile(
"domain_create_response_encoded_signed_mark_name.xml",
ImmutableMap.of("DOMAIN", "test-validate.tld")));
assertSuccessfulCreate("tld", ImmutableSet.of(ANCHOR_TENANT, Flag.SUNRISE));
assertSunriseLordn();
assertSunriseLordn("test-validate.tld");
}
@Test
@ -1809,11 +1887,14 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "test-validate.tld", "PHASE", "sunrise"));
ImmutableMap.of("DOMAIN", "test-validate.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
runFlowAssertResponse(loadFile("domain_create_response_encoded_signed_mark_name.xml"));
runFlowAssertResponse(
loadFile(
"domain_create_response_encoded_signed_mark_name.xml",
ImmutableMap.of("DOMAIN", "test-validate.tld")));
assertSuccessfulCreate("tld", ImmutableSet.of(Flag.SUNRISE));
assertSunriseLordn();
assertSunriseLordn("test-validate.tld");
}
/**
@ -1829,12 +1910,14 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput("domain_create_sunrise_encoded_signed_mark_no_type.xml");
persistContactsAndHosts();
runFlowAssertResponse(loadFile("domain_create_response_encoded_signed_mark_name.xml"));
runFlowAssertResponse(
loadFile(
"domain_create_response_encoded_signed_mark_name.xml",
ImmutableMap.of("DOMAIN", "test-validate.tld")));
assertSuccessfulCreate("tld", ImmutableSet.of(Flag.SUNRISE));
assertSunriseLordn();
assertSunriseLordn("test-validate.tld");
}
/** Tests possible confusion caused by the common start-date and end-date sunrise LaunchPhase. */
@Test
public void testFail_sunriseRegistration_withEncodedSignedMark() {
@ -1842,7 +1925,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "test-validate.tld", "PHASE", "sunrise"));
ImmutableMap.of("DOMAIN", "test-validate.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
EppException thrown =
assertThrows(NoGeneralRegistrationsInCurrentPhaseException.class, this::runFlow);
@ -1855,7 +1938,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2014-09-09T09:09:09Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "wrong.tld", "PHASE", "sunrise"));
ImmutableMap.of("DOMAIN", "wrong.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
EppException thrown = assertThrows(NoMarksFoundMatchingDomainException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
@ -1868,7 +1951,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2013-08-09T10:05:59Z").minusSeconds(1));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "test-validate.tld", "PHASE", "sunrise"));
ImmutableMap.of("DOMAIN", "test-validate.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
EppException thrown = assertThrows(FoundMarkNotYetValidException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
@ -1881,7 +1964,7 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
clock.setTo(DateTime.parse("2017-07-23T22:00:00.000Z"));
setEppInput(
"domain_create_registration_encoded_signed_mark.xml",
ImmutableMap.of("NAME", "test-validate.tld", "PHASE", "sunrise"));
ImmutableMap.of("DOMAIN", "test-validate.tld", "PHASE", "sunrise"));
persistContactsAndHosts();
EppException thrown = assertThrows(FoundMarkExpiredException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
@ -1949,9 +2032,12 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
setEppInput("domain_create_registration_qlp_sunrush_encoded_signed_mark.xml");
eppRequestSource = EppRequestSource.TOOL; // Only tools can pass in metadata.
persistContactsAndHosts();
runFlowAssertResponse(loadFile("domain_create_response_encoded_signed_mark_name.xml"));
runFlowAssertResponse(
loadFile(
"domain_create_response_encoded_signed_mark_name.xml",
ImmutableMap.of("DOMAIN", "test-validate.tld")));
assertSuccessfulCreate("tld", ImmutableSet.of(ANCHOR_TENANT, Flag.SUNRISE));
assertSunriseLordn();
assertSunriseLordn("test-validate.tld");
}
@Test

2
javatests/google/registry/flows/domain/testdata/domain_create_registration_encoded_signed_mark.xml vendored
View file

@ -4,7 +4,7 @@
<create>
<domain:create
xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>%NAME%</domain:name>
<domain:name>%DOMAIN%</domain:name>
<domain:period unit="y">2</domain:period>
<domain:ns>
<domain:hostObj>ns1.example.net</domain:hostObj>

2
javatests/google/registry/flows/domain/testdata/domain_create_response_encoded_signed_mark_name.xml vendored
View file

@ -5,7 +5,7 @@
</result>
<resData>
<domain:creData xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>test-validate.tld</domain:name>
<domain:name>%DOMAIN%</domain:name>
<domain:crDate>2014-09-09T09:09:09Z</domain:crDate>
<domain:exDate>2016-09-09T09:09:09Z</domain:exDate>
</domain:creData>