zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 00:17:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Make the superuser flag bypass TLD access checks

Browse source 
The --superuser command in the nomulus command-line tool should be
bypassing checks on whether the passed-in registrar client ID has access
to the TLD in question, but currently it is not.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=158974462
This commit is contained in:
Ben McIlwain 2017-06-14 07:14:19 -07:00
parent 3a02e6fb11
commit 580c41f2d6
26 changed files with 223 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

2
java/google/registry/flows/domain/DomainRestoreRequestFlow.java
View file

@ -188,6 +188,7 @@ public final class DomainRestoreRequestFlow implements TransactionalFlow {
verifyResourceOwnership(clientId, existingDomain);
verifyNotReserved(InternetDomainName.from(targetId), false);
verifyPremiumNameIsNotBlocked(targetId, now, clientId);
checkAllowedAccessToTld(clientId, existingDomain.getTld());
}
// No other changes can be specified on a restore request.
if (!command.noChangesPresent()) {
@ -197,7 +198,6 @@ public final class DomainRestoreRequestFlow implements TransactionalFlow {
if (!existingDomain.getGracePeriodStatuses().contains(GracePeriodStatus.REDEMPTION)) {
throw new DomainNotEligibleForRestoreException();
}
checkAllowedAccessToTld(clientId, existingDomain.getTld());
validateFeeChallenge(targetId, existingDomain.getTld(), now, feeUpdate, feesAndCredits);
}