zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-15 17:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add more tests for RDAP contact data permissioning

Browse source 
This CL adds extra tests to make sure that contact data is hidden for RDAP domain and contact requests when not logged in as the proper registrar.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=168234733
This commit is contained in:
mountford 2017-09-11 08:37:15 -07:00 committed by jianglai
parent 4b83615513
commit 985d14b51f
11 changed files with 573 additions and 87 deletions
Download patch file Download diff file Expand all files Collapse all files

54
javatests/google/registry/rdap/RdapDomainActionTest.java
View file

@ -31,6 +31,7 @@ import static org.mockito.Mockito.when;
import com.google.appengine.api.users.User;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import google.registry.model.contact.ContactResource;
import google.registry.model.domain.DomainBase;
import google.registry.model.domain.Period;
@ -77,6 +78,7 @@ public class RdapDomainActionTest {
private final FakeClock clock = new FakeClock(DateTime.parse("2000-01-01TZ"));
private final SessionUtils sessionUtils = mock(SessionUtils.class);
private final User user = new User("rdap.user@example.com", "gmail.com", "12345");
private final UserAuthInfo userAuthInfo = UserAuthInfo.create(user, false);
private RdapDomainAction action;
@ -232,7 +234,6 @@ public class RdapDomainActionTest {
action.rdapLinkBase = "https://example.com/rdap/";
action.rdapWhoisServer = null;
action.sessionUtils = sessionUtils;
UserAuthInfo userAuthInfo = UserAuthInfo.create(user, false);
action.authResult = AuthResult.create(AuthLevel.USER, userAuthInfo);
when(sessionUtils.checkRegistrarConsoleLogin(request, userAuthInfo)).thenReturn(true);
when(sessionUtils.getRegistrarClientId(request)).thenReturn("evilregistrar");
@ -284,17 +285,18 @@ public class RdapDomainActionTest {
if (obj instanceof Map) {
@SuppressWarnings("unchecked")
Map<String, Object> map = (Map<String, Object>) obj;
ImmutableMap.Builder<String, Object> builder = new ImmutableMap.Builder<>();
builder.putAll(map);
if (!map.containsKey("rdapConformance")) {
builder.put("rdapConformance", ImmutableList.of("rdap_level_0"));
}
if (!map.containsKey("notices")) {
RdapTestHelper.addTermsOfServiceNotice(builder, "https://example.com/rdap/");
}
if (!map.containsKey("remarks")) {
RdapTestHelper.addDomainBoilerplateRemarks(builder);
}
ImmutableMap.Builder<String, Object> builder =
RdapTestHelper.getBuilderExcluding(
map, ImmutableSet.of("rdapConformance", "notices", "remarks"));
builder.put("rdapConformance", ImmutableList.of("rdap_level_0"));
RdapTestHelper.addNotices(
builder,
"https://example.com/rdap/",
(contactRoids == null)
? RdapTestHelper.ContactNoticeType.DOMAIN
: RdapTestHelper.ContactNoticeType.NONE,
map.get("notices"));
RdapTestHelper.addDomainBoilerplateRemarks(builder, false, map.get("remarks"));
obj = builder.build();
}
return obj;
@ -348,6 +350,34 @@ public class RdapDomainActionTest {
assertThat(response.getStatus()).isEqualTo(200);
}
@Test
public void testValidDomain_notLoggedIn_noContacts() throws Exception {
when(sessionUtils.checkRegistrarConsoleLogin(request, userAuthInfo)).thenReturn(false);
assertJsonEqual(
generateActualJson("cat.lol"),
generateExpectedJsonWithTopLevelEntries(
"cat.lol",
null,
"C-LOL",
null,
"rdap_domain_no_contacts.json"));
assertThat(response.getStatus()).isEqualTo(200);
}
@Test
public void testValidDomain_loggedInAsOtherRegistrar_noContacts() throws Exception {
when(sessionUtils.getRegistrarClientId(request)).thenReturn("otherregistrar");
assertJsonEqual(
generateActualJson("cat.lol"),
generateExpectedJsonWithTopLevelEntries(
"cat.lol",
null,
"C-LOL",
null,
"rdap_domain_no_contacts.json"));
assertThat(response.getStatus()).isEqualTo(200);
}
@Test
public void testTrailingDot_ignored() throws Exception {
assertJsonEqual(