Standardize usage of some transfer flow verification helpers

We were using verifyHasPendingTransfer() only in the domain transfer flows; now we use it in both. I also added a helper verifyTransferInitiator() even though it's only used in two places (the transfer cancel flows), because I think it streamlines the flow and makes it more consistent with the whole section of verification checking. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=150324823
2025-05-13 07:57:13 +02:00 · 2017-03-16 08:54:04 -07:00 · 2017-03-16 08:54:04 -07:00 · d8349aa0ee
commit d8349aa0ee
parent 7622e71dcf
5 changed files with 21 additions and 29 deletions
--- a/java/google/registry/flows/ResourceFlowUtils.java
+++ b/java/google/registry/flows/ResourceFlowUtils.java
@ -41,6 +41,7 @@ import google.registry.flows.EppException.ParameterValuePolicyErrorException;
 import google.registry.flows.EppException.ParameterValueRangeErrorException;
 import google.registry.flows.exceptions.MissingTransferRequestAuthInfoException;
 import google.registry.flows.exceptions.NotPendingTransferException;
 import google.registry.flows.exceptions.NotTransferInitiatorException;
 import google.registry.flows.exceptions.ResourceAlreadyExistsException;
 import google.registry.flows.exceptions.ResourceStatusProhibitsOperationException;
 import google.registry.flows.exceptions.ResourceToDeleteIsReferencedException;
@ -288,6 +289,13 @@ public final class ResourceFlowUtils {
    }
  }
  public static <R extends EppResource & ResourceWithTransferData> void verifyTransferInitiator(
      String clientId, R resource) throws NotTransferInitiatorException {
    if (!resource.getTransferData().getGainingClientId().equals(clientId)) {
      throw new NotTransferInitiatorException();
    }
  }
  public static <R extends EppResource & ForeignKeyedEppResource> R loadAndVerifyExistence(
      Class<R> clazz, String targetId, DateTime now)
          throws ResourceDoesNotExistException {
--- a/java/google/registry/flows/contact/ContactTransferApproveFlow.java
+++ b/java/google/registry/flows/contact/ContactTransferApproveFlow.java
@ -17,6 +17,7 @@ package google.registry.flows.contact;
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.approvePendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
 import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
@ -30,7 +31,6 @@ import google.registry.flows.ExtensionManager;
 import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
 import google.registry.flows.TransactionalFlow;
 import google.registry.flows.exceptions.NotPendingTransferException;
 import google.registry.model.contact.ContactResource;
 import google.registry.model.domain.metadata.MetadataExtension;
 import google.registry.model.eppcommon.AuthInfo;
@ -38,7 +38,6 @@ import google.registry.model.eppinput.ResourceCommand;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.transfer.TransferData;
 import google.registry.model.transfer.TransferStatus;
 import javax.inject.Inject;
 import org.joda.time.DateTime;
@ -79,10 +78,7 @@ public final class ContactTransferApproveFlow implements TransactionalFlow {
    DateTime now = ofy().getTransactionTime();
    ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
    verifyOptionalAuthInfo(authInfo, existingContact);
-    TransferData transferData = existingContact.getTransferData();
+    verifyHasPendingTransfer(existingContact);
    if (transferData.getTransferStatus() != TransferStatus.PENDING) {
      throw new NotPendingTransferException(targetId);
    }
    verifyResourceOwnership(clientId, existingContact);
    ContactResource newContact =
        approvePendingTransfer(existingContact, TransferStatus.CLIENT_APPROVED, now);
@ -97,7 +93,7 @@ public final class ContactTransferApproveFlow implements TransactionalFlow {
    ofy().save().<Object>entities(newContact, historyEntry, gainingPollMessage);
    // Delete the billing event and poll messages that were written in case the transfer would have
    // been implicitly server approved.
-    ofy().delete().keys(transferData.getServerApproveEntities());
+    ofy().delete().keys(existingContact.getTransferData().getServerApproveEntities());
    return responseBuilder
        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
        .build();
--- a/java/google/registry/flows/contact/ContactTransferCancelFlow.java
+++ b/java/google/registry/flows/contact/ContactTransferCancelFlow.java
@ -17,7 +17,9 @@ package google.registry.flows.contact;
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.denyPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
 import static google.registry.flows.ResourceFlowUtils.verifyTransferInitiator;
 import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
 import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
 import static google.registry.model.ofy.ObjectifyService.ofy;
@ -29,8 +31,6 @@ import google.registry.flows.ExtensionManager;
 import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
 import google.registry.flows.TransactionalFlow;
 import google.registry.flows.exceptions.NotPendingTransferException;
 import google.registry.flows.exceptions.NotTransferInitiatorException;
 import google.registry.model.contact.ContactResource;
 import google.registry.model.domain.metadata.MetadataExtension;
 import google.registry.model.eppcommon.AuthInfo;
@ -38,7 +38,6 @@ import google.registry.model.eppinput.ResourceCommand;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.transfer.TransferData;
 import google.registry.model.transfer.TransferStatus;
 import javax.inject.Inject;
 import org.joda.time.DateTime;
@ -75,13 +74,8 @@ public final class ContactTransferCancelFlow implements TransactionalFlow {
    DateTime now = ofy().getTransactionTime();
    ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
    verifyOptionalAuthInfo(authInfo, existingContact);
-    TransferData transferData = existingContact.getTransferData();
+    verifyHasPendingTransfer(existingContact);
-    if (transferData.getTransferStatus() != TransferStatus.PENDING) {
+    verifyTransferInitiator(clientId, existingContact);
      throw new NotPendingTransferException(targetId);
    }
    if (!clientId.equals(transferData.getGainingClientId())) {
      throw new NotTransferInitiatorException();
    }
    ContactResource newContact =
        denyPendingTransfer(existingContact, TransferStatus.CLIENT_CANCELLED, now);
    HistoryEntry historyEntry = historyBuilder
@ -95,7 +89,7 @@ public final class ContactTransferCancelFlow implements TransactionalFlow {
    ofy().save().<Object>entities(newContact, historyEntry, losingPollMessage);
    // Delete the billing event and poll messages that were written in case the transfer would have
    // been implicitly server approved.
-    ofy().delete().keys(transferData.getServerApproveEntities());
+    ofy().delete().keys(existingContact.getTransferData().getServerApproveEntities());
    return responseBuilder
        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
        .build();
--- a/java/google/registry/flows/contact/ContactTransferRejectFlow.java
+++ b/java/google/registry/flows/contact/ContactTransferRejectFlow.java
@ -17,6 +17,7 @@ package google.registry.flows.contact;
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.denyPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
 import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
@ -30,14 +31,12 @@ import google.registry.flows.ExtensionManager;
 import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
 import google.registry.flows.TransactionalFlow;
 import google.registry.flows.exceptions.NotPendingTransferException;
 import google.registry.model.contact.ContactResource;
 import google.registry.model.domain.metadata.MetadataExtension;
 import google.registry.model.eppcommon.AuthInfo;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.transfer.TransferData;
 import google.registry.model.transfer.TransferStatus;
 import javax.inject.Inject;
 import org.joda.time.DateTime;
@ -73,10 +72,7 @@ public final class ContactTransferRejectFlow implements TransactionalFlow {
    DateTime now = ofy().getTransactionTime();
    ContactResource existingContact = loadAndVerifyExistence(ContactResource.class, targetId, now);
    verifyOptionalAuthInfo(authInfo, existingContact);
-    TransferData transferData = existingContact.getTransferData();
+    verifyHasPendingTransfer(existingContact);
    if (transferData.getTransferStatus() != TransferStatus.PENDING) {
      throw new NotPendingTransferException(targetId);
    }
    verifyResourceOwnership(clientId, existingContact);
    ContactResource newContact =
        denyPendingTransfer(existingContact, TransferStatus.CLIENT_REJECTED, now);
@ -90,7 +86,7 @@ public final class ContactTransferRejectFlow implements TransactionalFlow {
    ofy().save().<Object>entities(newContact, historyEntry, gainingPollMessage);
    // Delete the billing event and poll messages that were written in case the transfer would have
    // been implicitly server approved.
-    ofy().delete().keys(transferData.getServerApproveEntities());
+    ofy().delete().keys(existingContact.getTransferData().getServerApproveEntities());
    return responseBuilder
        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
        .build();
--- a/java/google/registry/flows/domain/DomainTransferCancelFlow.java
+++ b/java/google/registry/flows/domain/DomainTransferCancelFlow.java
@ -19,6 +19,7 @@ import static google.registry.flows.ResourceFlowUtils.denyPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
 import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
 import static google.registry.flows.ResourceFlowUtils.verifyTransferInitiator;
 import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
 import static google.registry.flows.domain.DomainFlowUtils.updateAutorenewRecurrenceEndTime;
 import static google.registry.flows.domain.DomainTransferUtils.createLosingTransferPollMessage;
@ -33,7 +34,6 @@ import google.registry.flows.ExtensionManager;
 import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
 import google.registry.flows.TransactionalFlow;
 import google.registry.flows.exceptions.NotTransferInitiatorException;
 import google.registry.model.ImmutableObject;
 import google.registry.model.domain.DomainResource;
 import google.registry.model.domain.metadata.MetadataExtension;
@ -81,9 +81,7 @@ public final class DomainTransferCancelFlow implements TransactionalFlow {
    DomainResource existingDomain = loadAndVerifyExistence(DomainResource.class, targetId, now);
    verifyOptionalAuthInfo(authInfo, existingDomain);
    verifyHasPendingTransfer(existingDomain);
-    if (!clientId.equals(existingDomain.getTransferData().getGainingClientId())) {
+    verifyTransferInitiator(clientId, existingDomain);
      throw new NotTransferInitiatorException();
    }
    checkAllowedAccessToTld(clientId, existingDomain.getTld());
    HistoryEntry historyEntry = historyBuilder
        .setType(HistoryEntry.Type.DOMAIN_TRANSFER_CANCEL)