Send out Lordn during start-date sunrise

Also prevents signed marks from being used in non-sunrise TldStates. Currently, we send out a Lordn update only when there's a ClaimNotice, or if we're in end-date sunrise. But EPPs can contain a SignedMark instead of a ClaimsNotice for trademarked domains - in which case we aren't sending out Lordn update. This also applies to start-date sunrises. We also change the SignedMark behavior for superusers. Currently, if a mismatched signed mark is given as superuser, we accept it. That causes problems when we want to send the Lordn update. Instead - we no longer allow superusers to give a mismatched SignedMark (just as we don't allow users to give a bad ClaimNotice). A super user can still create a domain WITHOUT a signed mark - but if one is provided, it must match. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=199783411
2025-05-14 00:17:20 +02:00 · 2018-06-08 06:01:30 -07:00 · 2018-06-08 06:01:30 -07:00 · 5aeee19699
commit 5aeee19699
parent 658f31933c
9 changed files with 103 additions and 318 deletions
--- a/java/google/registry/flows/domain/DomainCreateFlow.java
+++ b/java/google/registry/flows/domain/DomainCreateFlow.java
@ -44,6 +44,8 @@ import static google.registry.model.index.DomainApplicationIndex.loadActiveAppli
 import static google.registry.model.ofy.ObjectifyService.ofy;
 import static google.registry.model.registry.Registry.TldState.GENERAL_AVAILABILITY;
 import static google.registry.model.registry.Registry.TldState.START_DATE_SUNRISE;
+import static google.registry.model.registry.Registry.TldState.SUNRISE;
+import static google.registry.model.registry.Registry.TldState.SUNRUSH;
 import static google.registry.model.registry.label.ReservedList.matchesAnchorTenantReservation;
 import static google.registry.util.DateTimeUtils.END_OF_TIME;
 import static google.registry.util.DateTimeUtils.leapSafeAddYears;
@ -125,6 +127,7 @@ import org.joda.time.Duration;
 * @error {@link DomainCreateFlow.DomainHasOpenApplicationsException}
 * @error {@link DomainCreateFlow.MustHaveSignedMarksInCurrentPhaseException}
 * @error {@link DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException}
+ * @error {@link DomainCreateFlow.SignedMarksOnlyDuringSunriseException}
 * @error {@link DomainFlowTmchUtils.NoMarksFoundMatchingDomainException}
 * @error {@link DomainFlowTmchUtils.FoundMarkNotYetValidException}
 * @error {@link DomainFlowTmchUtils.FoundMarkExpiredException}
@ -183,8 +186,18 @@ import org.joda.time.Duration;
@ReportingSpec(ActivityReportField.DOMAIN_CREATE)
 public class DomainCreateFlow implements TransactionalFlow {

+  /**
+   * States when the TLD is in sunrise.
+   *
+   * <p>Note that a TLD in SUNRUSH means sunrise is in effect, but not necessarily that the "create"
+   * command is a "sunrise create". It might be a landrush create. We must make sure there's a
+   * signed mark to know if the create is "sunrise" or "landrush" for verification purposes.
+   *
+   * <p>Note also that SUNRISE (start-date sunrise) and LANDRUSH can't "naturally" succeed in this
+   * flow. They can only succeed if sent as a superuser or anchor tenant.
+   */
  private static final ImmutableSet<TldState> SUNRISE_STATES =
-      Sets.immutableEnumSet(TldState.SUNRISE, TldState.SUNRUSH);
+      Sets.immutableEnumSet(SUNRISE, SUNRUSH, START_DATE_SUNRISE);

  /** Anchor tenant creates should always be for 2 years, since they get 2 years free. */
  private static final int ANCHOR_TENANT_CREATE_VALID_YEARS = 2;
@ -245,7 +258,6 @@ public class DomainCreateFlow implements TransactionalFlow {
      validateLaunchCreateNotice(launchCreate.get().getNotice(), domainLabel, isSuperuser, now);
    }
    boolean isSunriseCreate = hasSignedMarks && SUNRISE_STATES.contains(tldState);
-    String signedMarkId = null;
    // Superusers can create reserved domains, force creations on domains that require a claims
    // notice without specifying a claims key, ignore the registry phase, and override blocks on
    // registering premium domains.
@ -266,14 +278,16 @@ public class DomainCreateFlow implements TransactionalFlow {
      verifyPremiumNameIsNotBlocked(targetId, now, clientId);
      verifyNoOpenApplications(now);
      verifyIsGaOrIsSpecialCase(tldState, isAnchorTenant, hasSignedMarks);
-      if (hasSignedMarks) {
-        // If a signed mark was provided, then it must match the desired domain label. Get the mark
-        // at this point so that we can verify it before the "after validation" extension point.
-        signedMarkId =
-            tmchUtils
-                .verifySignedMarks(launchCreate.get().getSignedMarks(), domainLabel, now)
-                .getId();
-      }
+      verifySignedMarkOnlyInSunrise(hasSignedMarks, tldState);
+    }
+    String signedMarkId = null;
+    if (hasSignedMarks) {
+      // If a signed mark was provided, then it must match the desired domain label. Get the mark
+      // at this point so that we can verify it before the "after validation" extension point.
+      signedMarkId =
+          tmchUtils
+              .verifySignedMarks(launchCreate.get().getSignedMarks(), domainLabel, now)
+              .getId();
    }
    Optional<AllocationToken> allocationToken =
        verifyAllocationTokenIfPresent(command, registry, clientId, now);
@ -348,7 +362,7 @@ public class DomainCreateFlow implements TransactionalFlow {
      entitiesToSave.add(
          prepareMarkedLrpTokenEntity(authInfo.getPw().getValue(), domainName, historyEntry));
    }
-    enqueueTasks(isSunriseCreate, hasClaimsNotice, newDomain);
+    enqueueTasks(newDomain, hasSignedMarks, hasClaimsNotice);

    EntityChanges entityChanges =
        flowCustomLogic.beforeSave(
@ -380,6 +394,23 @@ public class DomainCreateFlow implements TransactionalFlow {
        || (metadataExtension.isPresent() && metadataExtension.get().getIsAnchorTenant());
  }

+  /**
+   * Verifies that signed marks are only sent during sunrise.
+   *
+   * <p>A trademarked domain name requires either a signed mark or a claims notice. We then need to
+   * send out a LORDN message - either a "sunrise" LORDN if we have a signed mark, or a "claims"
+   * LORDN if we have a claims notice.
+   *
+   * <p>This verification prevents us from either sending out a "sunrise" LORDN out of sunrise, or
+   * not sending out any LORDN, for a trademarked domain with a signed mark in GA.
+   */
+  static void verifySignedMarkOnlyInSunrise(boolean hasSignedMarks, TldState tldState)
+      throws EppException {
+    if (hasSignedMarks && !SUNRISE_STATES.contains(tldState)) {
+      throw new SignedMarksOnlyDuringSunriseException();
+    }
+  }
+
  /**
   * Verifies anchor tenant creates are only done for {@value ANCHOR_TENANT_CREATE_VALID_YEARS} year
   * periods, as anchor tenants get exactly that many years of free registration.
@ -539,11 +570,11 @@ public class DomainCreateFlow implements TransactionalFlow {
  }

  private void enqueueTasks(
-      boolean isSunriseCreate, boolean hasClaimsNotice, DomainResource newDomain) {
+      DomainResource newDomain, boolean hasSignedMarks, boolean hasClaimsNotice) {
    if (newDomain.shouldPublishToDns()) {
      dnsQueue.addDomainRefreshTask(newDomain.getFullyQualifiedDomainName());
    }
-    if (hasClaimsNotice || isSunriseCreate) {
+    if (hasClaimsNotice || hasSignedMarks) {
      LordnTask.enqueueDomainResourceTask(newDomain);
    }
  }
@ -555,6 +586,13 @@ public class DomainCreateFlow implements TransactionalFlow {
        : ImmutableList.of();
  }

+  /** Signed marks are only allowed during sunrise. */
+  static class SignedMarksOnlyDuringSunriseException extends CommandUseErrorException {
+    public SignedMarksOnlyDuringSunriseException() {
+      super("Signed marks are only allowed during sunrise");
+    }
+  }
+
  /** There is an open application for this domain. */
  static class DomainHasOpenApplicationsException extends StatusProhibitsOperationException {
    public DomainHasOpenApplicationsException() {