From 740d49e22ee5241c584559f1d26beb29e33cc3bc Mon Sep 17 00:00:00 2001
From: cgoldfeder <cgoldfeder@google.com>
Date: Thu, 22 Sep 2016 09:06:43 -0700
Subject: [PATCH] Contact authInfo should not be visible to all registrars in
 <info> flows

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=133960014
---
 .../flows/contact/ContactInfoFlow.java        |  8 +++-
 .../flows/contact/ContactInfoFlowTest.java    | 43 ++++++++++++++++++
 .../testdata/contact_info_no_authinfo.xml     | 11 +++++
 .../contact_info_response_no_authinfo.xml     | 44 +++++++++++++++++++
 4 files changed, 105 insertions(+), 1 deletion(-)
 create mode 100644 javatests/google/registry/flows/contact/testdata/contact_info_no_authinfo.xml
 create mode 100644 javatests/google/registry/flows/contact/testdata/contact_info_response_no_authinfo.xml

diff --git a/java/google/registry/flows/contact/ContactInfoFlow.java b/java/google/registry/flows/contact/ContactInfoFlow.java
index 2f35f48b4..4e15f1870 100644
--- a/java/google/registry/flows/contact/ContactInfoFlow.java
+++ b/java/google/registry/flows/contact/ContactInfoFlow.java
@@ -21,6 +21,7 @@ import static google.registry.model.eppoutput.Result.Code.SUCCESS;
 
 import com.google.common.base.Optional;
 import google.registry.flows.EppException;
+import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
 import google.registry.flows.LoggedInFlow;
 import google.registry.model.contact.ContactResource;
@@ -33,12 +34,14 @@ import javax.inject.Inject;
  *
  * <p>The response includes the contact's postal info, phone numbers, emails, the authInfo which can
  * be used to request a transfer and the details of the contact's most recent transfer if it has
- * ever been transferred. Any registrar can see any contact's information.
+ * ever been transferred. Any registrar can see any contact's information, but the authInfo is only
+ * visible to the registrar that owns the contact or to a registrar that already supplied it.
  *
  * @error {@link google.registry.flows.exceptions.ResourceToQueryDoesNotExistException}
  */
 public final class ContactInfoFlow extends LoggedInFlow {
 
+  @Inject @ClientId String clientId;
   @Inject @TargetId String targetId;
   @Inject Optional<AuthInfo> authInfo;
   @Inject ContactInfoFlow() {}
@@ -47,6 +50,9 @@ public final class ContactInfoFlow extends LoggedInFlow {
   public final EppOutput run() throws EppException {
     ContactResource contact = loadResourceForQuery(ContactResource.class, targetId, now);
     verifyOptionalAuthInfoForResource(authInfo, contact);
+    if (!clientId.equals(contact.getCurrentSponsorClientId()) && !authInfo.isPresent()) {
+      contact = contact.asBuilder().setAuthInfo(null).build();
+    }
     return createOutput(SUCCESS, cloneResourceWithLinkedStatus(contact, now));
   }
 }
diff --git a/javatests/google/registry/flows/contact/ContactInfoFlowTest.java b/javatests/google/registry/flows/contact/ContactInfoFlowTest.java
index d0c87dd0f..0236f74b2 100644
--- a/javatests/google/registry/flows/contact/ContactInfoFlowTest.java
+++ b/javatests/google/registry/flows/contact/ContactInfoFlowTest.java
@@ -118,6 +118,49 @@ public class ContactInfoFlowTest extends ResourceFlowTestCase<ContactInfoFlow, C
     assertNoBillingEvents();
   }
 
+  @Test
+  public void testSuccess_owningRegistrarWithoutAuthInfo_seesAuthInfo() throws Exception {
+    setEppInput("contact_info_no_authinfo.xml");
+    persistContactResource(true);
+    // Check that the persisted contact info was returned.
+    assertTransactionalFlow(false);
+    runFlowAssertResponse(
+        readFile("contact_info_response.xml"),
+        // We use a different roid scheme than the samples so ignore it.
+        "epp.response.resData.infData.roid");
+    assertNoHistory();
+    assertNoBillingEvents();
+  }
+
+  @Test
+  public void testSuccess_otherRegistrarWithoutAuthInfio_doesNotSeeAuthInfo() throws Exception {
+    setClientIdForFlow("NewRegistrar");
+    setEppInput("contact_info_no_authinfo.xml");
+    persistContactResource(true);
+    // Check that the persisted contact info was returned.
+    assertTransactionalFlow(false);
+    runFlowAssertResponse(
+        readFile("contact_info_response_no_authinfo.xml"),
+        // We use a different roid scheme than the samples so ignore it.
+        "epp.response.resData.infData.roid");
+    assertNoHistory();
+    assertNoBillingEvents();
+  }
+
+  @Test
+  public void testSuccess_otherRegistrarWithAuthInfo_seesAuthInfo() throws Exception {
+    setClientIdForFlow("NewRegistrar");
+    persistContactResource(true);
+    // Check that the persisted contact info was returned.
+    assertTransactionalFlow(false);
+    runFlowAssertResponse(
+        readFile("contact_info_response.xml"),
+        // We use a different roid scheme than the samples so ignore it.
+        "epp.response.resData.infData.roid");
+    assertNoHistory();
+    assertNoBillingEvents();
+  }
+
   @Test
   public void testFailure_neverExisted() throws Exception {
     thrown.expect(
diff --git a/javatests/google/registry/flows/contact/testdata/contact_info_no_authinfo.xml b/javatests/google/registry/flows/contact/testdata/contact_info_no_authinfo.xml
new file mode 100644
index 000000000..9a824b220
--- /dev/null
+++ b/javatests/google/registry/flows/contact/testdata/contact_info_no_authinfo.xml
@@ -0,0 +1,11 @@
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <command>
+    <info>
+      <contact:info
+       xmlns:contact="urn:ietf:params:xml:ns:contact-1.0">
+        <contact:id>sh8013</contact:id>
+      </contact:info>
+    </info>
+    <clTRID>ABC-12345</clTRID>
+  </command>
+</epp>
diff --git a/javatests/google/registry/flows/contact/testdata/contact_info_response_no_authinfo.xml b/javatests/google/registry/flows/contact/testdata/contact_info_response_no_authinfo.xml
new file mode 100644
index 000000000..2ad7709fd
--- /dev/null
+++ b/javatests/google/registry/flows/contact/testdata/contact_info_response_no_authinfo.xml
@@ -0,0 +1,44 @@
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <response>
+    <result code="1000">
+      <msg>Command completed successfully</msg>
+    </result>
+    <resData>
+      <contact:infData
+       xmlns:contact="urn:ietf:params:xml:ns:contact-1.0">
+        <contact:id>sh8013</contact:id>
+        <contact:roid>SH8013-REP</contact:roid>
+        <contact:status s="clientDeleteProhibited"/>
+        <contact:postalInfo type="int">
+          <contact:name>John Doe</contact:name>
+          <contact:org>Example Inc.</contact:org>
+          <contact:addr>
+            <contact:street>123 Example Dr.</contact:street>
+            <contact:street>Suite 100</contact:street>
+            <contact:city>Dulles</contact:city>
+            <contact:sp>VA</contact:sp>
+            <contact:pc>20166-6503</contact:pc>
+            <contact:cc>US</contact:cc>
+          </contact:addr>
+        </contact:postalInfo>
+        <contact:voice x="1234">+1.7035555555</contact:voice>
+        <contact:fax>+1.7035555556</contact:fax>
+        <contact:email>jdoe@example.com</contact:email>
+        <contact:clID>TheRegistrar</contact:clID>
+        <contact:crID>NewRegistrar</contact:crID>
+        <contact:crDate>1999-04-03T22:00:00.0Z</contact:crDate>
+        <contact:upID>NewRegistrar</contact:upID>
+        <contact:upDate>1999-12-03T09:00:00.0Z</contact:upDate>
+        <contact:trDate>2000-04-08T09:00:00.0Z</contact:trDate>
+        <contact:disclose flag="1">
+          <contact:voice/>
+          <contact:email/>
+        </contact:disclose>
+      </contact:infData>
+    </resData>
+    <trID>
+      <clTRID>ABC-12345</clTRID>
+      <svTRID>server-trid</svTRID>
+    </trID>
+  </response>
+</epp>