Don't allow setting reserved lists with conflicting auth codes

This is an error condition that will soon throw an exception when
attempting to register the domain name, so it's good to let the registry
operator know of the error when it is first introduced.

Unfortunately there's still a backdoor that allows duplicate labels
that's harder to protect against (that this commit doesn't cover): the
case where reserved lists are already applied to a TLD, then one of the
reserved lists is updated to add another auth code, which then conflicts
with one on a different reserved list.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=149443007
This commit is contained in:
mcilwain 2017-03-07 11:28:41 -08:00 committed by Ben McIlwain
parent 5d4287a375
commit ce4f3c0d56
4 changed files with 74 additions and 12 deletions

View file

@ -48,8 +48,7 @@ import org.junit.Test;
/** Unit tests for {@link Registry}. */
public class RegistryTest extends EntityTestCase {
@Rule
public final ExceptionRule thrown = new ExceptionRule();
@Rule public final ExceptionRule thrown = new ExceptionRule();
Registry registry;
@ -173,6 +172,37 @@ public class RegistryTest extends EntityTestCase {
assertThat(r.getReservedLists()).isEmpty();
}
@Test
public void testSetReservedLists_succeedsWithDuplicateIdenticalAuthCodes() {
ReservedList rl1 = persistReservedList(
"tld-reserved007",
"lol,RESERVED_FOR_ANCHOR_TENANT,identical",
"cat,FULLY_BLOCKED");
ReservedList rl2 = persistReservedList(
"tld-reserved008",
"lol,RESERVED_FOR_ANCHOR_TENANT,identical",
"tim,FULLY_BLOCKED");
Registry registry = Registry.get("tld").asBuilder().setReservedLists(rl1, rl2).build();
assertThat(registry.getReservedLists()).containsExactly(Key.create(rl1), Key.create(rl2));
}
@Test
public void testSetReservedLists_failsForConflictingAuthCodes() {
ReservedList rl1 = persistReservedList(
"tld-reserved055",
"lol,RESERVED_FOR_ANCHOR_TENANT,conflict1",
"cat,FULLY_BLOCKED");
ReservedList rl2 = persistReservedList(
"tld-reserved056",
"lol,RESERVED_FOR_ANCHOR_TENANT,conflict2",
"tim,FULLY_BLOCKED");
thrown.expect(
IllegalArgumentException.class,
"auth code conflicts for labels: [lol=[conflict1, conflict2]]");
@SuppressWarnings("unused")
Registry unused = Registry.get("tld").asBuilder().setReservedLists(rl1, rl2).build();
}
@Test
public void testSetPremiumList() {
PremiumList pl2 = persistPremiumList("tld2", "lol,USD 50", "cat,USD 700");