mirror of
https://github.com/google/nomulus.git
synced 2025-08-04 00:42:12 +02:00
Adds the ability to whitelist registrants and nameservers on a TLD
This is needed for ROCC TLDs like .foo ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=118404870
This commit is contained in:
cgoldfeder
Justine Tunney
parent
f9e1bab1d2
commit
ec2daec412
17 changed files with 576 additions and 85 deletions
|
|
@ -78,9 +78,11 @@ import com.google.domain.registry.flows.domain.DomainFlowUtils.LaunchPhaseMismat
|
|||
import com.google.domain.registry.flows.domain.DomainFlowUtils.LeadingDashException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.LinkedResourceDoesNotExistException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NameserverNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NoMarksFoundMatchingDomainException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.PremiumNameBlockedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.RegistrantNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.SignedMarkCertificateExpiredException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.SignedMarkCertificateInvalidException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.SignedMarkCertificateNotYetValidException;
|
||||
|
|
@ -1170,6 +1172,41 @@ public class DomainApplicationCreateFlowTest
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_registrantNotWhitelisted() throws Exception {
|
||||
persistActiveContact("someone");
|
||||
persistContactsAndHosts();
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("someone"))
|
||||
.build());
|
||||
thrown.expect(RegistrantNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_nameserverNotWhitelisted() throws Exception {
|
||||
persistActiveHost("ns1.example.com");
|
||||
persistContactsAndHosts();
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.someone.tld"))
|
||||
.build());
|
||||
thrown.expect(NameserverNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_nameserverAndRegistrantWhitelisted() throws Exception {
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("jd1234"))
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.net", "ns2.example.net"))
|
||||
.build());
|
||||
persistContactsAndHosts();
|
||||
clock.advanceOneMilli();
|
||||
doSuccessfulTest("domain_create_sunrise_encoded_signed_mark_response.xml", true);
|
||||
assertAboutApplications().that(getOnlyGlobalResource(DomainApplication.class))
|
||||
.hasApplicationStatus(ApplicationStatus.VALIDATED);
|
||||
}
|
||||
|
||||
/**
|
||||
* There is special logic that disallows a failfast for domains in add grace period and sunrush
|
||||
* add grace period, so make sure that they fail anyways in the actual flow.
|
||||
|
|
|
|||
|
|
@ -49,7 +49,9 @@ import com.google.domain.registry.flows.domain.DomainFlowUtils.LinkedResourceDoe
|
|||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingAdminContactException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingTechnicalContactException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NameserverNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.RegistrantNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyDsRecordsException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyNameserversException;
|
||||
import com.google.domain.registry.model.contact.ContactResource;
|
||||
|
|
@ -63,6 +65,7 @@ import com.google.domain.registry.model.domain.secdns.DelegationSignerData;
|
|||
import com.google.domain.registry.model.eppcommon.StatusValue;
|
||||
import com.google.domain.registry.model.host.HostResource;
|
||||
import com.google.domain.registry.model.registrar.Registrar;
|
||||
import com.google.domain.registry.model.registry.Registry;
|
||||
import com.google.domain.registry.model.registry.Registry.TldState;
|
||||
import com.google.domain.registry.model.reporting.HistoryEntry;
|
||||
|
||||
|
|
@ -622,4 +625,43 @@ public class DomainApplicationUpdateFlowTest
|
|||
.build());
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_newRegistrantNotWhitelisted() throws Exception {
|
||||
setEppInput("domain_update_sunrise_registrant_to_tech.xml");
|
||||
persistReferencedEntities();
|
||||
persistApplication();
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("sha8013"))
|
||||
.build());
|
||||
clock.advanceOneMilli();
|
||||
thrown.expect(RegistrantNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_newNameserverNotWhitelisted() throws Exception {
|
||||
persistReferencedEntities();
|
||||
persistApplication();
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.foo"))
|
||||
.build());
|
||||
clock.advanceOneMilli();
|
||||
thrown.expect(NameserverNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_nameserverAndRegistrantWhitelisted() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("sh8013"))
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns2.example.tld"))
|
||||
.build());
|
||||
persistReferencedEntities();
|
||||
persistApplication();
|
||||
doSuccessfulTest();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,8 +87,10 @@ import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingAdminConta
|
|||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingRegistrantException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingTechnicalContactException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NameserverNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.PremiumNameBlockedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.RegistrantNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TldDoesNotExistException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyDsRecordsException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyNameserversException;
|
||||
|
|
@ -1226,4 +1228,36 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
|
|||
assertSuccessfulCreate("tld", true);
|
||||
assertClaimsLordn();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_registrantNotWhitelisted() throws Exception {
|
||||
persistActiveContact("someone");
|
||||
persistContactsAndHosts();
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("someone"))
|
||||
.build());
|
||||
thrown.expect(RegistrantNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_nameserverNotWhitelisted() throws Exception {
|
||||
persistActiveHost("ns1.example.com");
|
||||
persistContactsAndHosts();
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.someone.tld"))
|
||||
.build());
|
||||
thrown.expect(NameserverNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_nameserverAndRegistrantWhitelisted() throws Exception {
|
||||
persistResource(Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("jd1234"))
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.net", "ns2.example.net"))
|
||||
.build());
|
||||
persistContactsAndHosts();
|
||||
doSuccessfulTest();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -58,7 +58,9 @@ import com.google.domain.registry.flows.domain.DomainFlowUtils.LinkedResourceInP
|
|||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingAdminContactException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.MissingTechnicalContactException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NameserverNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.RegistrantNotAllowedException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyDsRecordsException;
|
||||
import com.google.domain.registry.flows.domain.DomainFlowUtils.TooManyNameserversException;
|
||||
import com.google.domain.registry.model.billing.BillingEvent;
|
||||
|
|
@ -1068,4 +1070,43 @@ public class DomainUpdateFlowTest extends ResourceFlowTestCase<DomainUpdateFlow,
|
|||
clock.advanceOneMilli();
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_newRegistrantNotWhitelisted() throws Exception {
|
||||
setEppInput("domain_update_registrant_to_tech.xml");
|
||||
persistReferencedEntities();
|
||||
persistDomain();
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("sha8013"))
|
||||
.build());
|
||||
clock.advanceOneMilli();
|
||||
thrown.expect(RegistrantNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_newNameserverNotWhitelisted() throws Exception {
|
||||
persistReferencedEntities();
|
||||
persistDomain();
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.foo"))
|
||||
.build());
|
||||
clock.advanceOneMilli();
|
||||
thrown.expect(NameserverNotAllowedException.class);
|
||||
runFlow();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_nameserverAndRegistrantWhitelisted() throws Exception {
|
||||
persistReferencedEntities();
|
||||
persistDomain();
|
||||
persistResource(
|
||||
Registry.get("tld").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("sh8013"))
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns2.example.foo"))
|
||||
.build());
|
||||
doSuccessfulTest();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -673,6 +673,8 @@ class com.google.domain.registry.model.registry.Registry {
|
|||
java.lang.String tldStr;
|
||||
java.lang.String tldUnicode;
|
||||
java.util.Set<com.googlecode.objectify.Key<com.google.domain.registry.model.registry.label.ReservedList>> reservedLists;
|
||||
java.util.Set<java.lang.String> allowedFullyQualifiedHostNames;
|
||||
java.util.Set<java.lang.String> allowedRegistrantContactIds;
|
||||
org.joda.money.CurrencyUnit currency;
|
||||
org.joda.money.Money createBillingCost;
|
||||
org.joda.money.Money restoreBillingCost;
|
||||
|
|
|
|||
|
|
@ -255,6 +255,23 @@ public class CreateTldCommandTest extends CommandTestCase<CreateTldCommand> {
|
|||
runCommandForced("1foo", "--roid_suffix=1FOO");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setAllowedRegistrants() throws Exception {
|
||||
runCommandForced("--allowed_registrants=alice,bob", "--roid_suffix=Q9JYB4C", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds())
|
||||
.containsExactly("alice", "bob");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setAllowedNameservers() throws Exception {
|
||||
runCommandForced(
|
||||
"--allowed_nameservers=ns1.example.com,ns2.example.com",
|
||||
"--roid_suffix=Q9JYB4C",
|
||||
"xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames())
|
||||
.containsExactly("ns1.example.com", "ns2.example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setCommonReservedListOnTld() throws Exception {
|
||||
runSuccessfulReservedListsTest("common_abuse");
|
||||
|
|
|
|||
|
|
@ -271,43 +271,144 @@ public class UpdateTldCommandTest extends CommandTestCase<UpdateTldCommand> {
|
|||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setReservedListsOverwritesCorrectly() throws Exception {
|
||||
Registry registry = addTwoReservedListsToRegistry();
|
||||
public void testSuccess_setReservedListsOverwrites() throws Exception {
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
.build());
|
||||
runCommandForced("--reserved_lists=xn--q9jyb4c_r2", "xn--q9jyb4c");
|
||||
registry = Registry.get("xn--q9jyb4c");
|
||||
assertThat(registry.getReservedLists()).hasSize(1);
|
||||
assertThat(registry.getReservedLists().asList().get(0).getName()).isEqualTo("xn--q9jyb4c_r2");
|
||||
assertThat(transform(Registry.get("xn--q9jyb4c").getReservedLists(), GET_NAME_FUNCTION))
|
||||
.containsExactly("xn--q9jyb4c_r2");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_addReservedListsWorksCorrectly() throws Exception {
|
||||
runCommandForced("--add_reserved_lists=xn--q9jyb4c_r1,xn--q9jyb4c_r2", "xn--q9jyb4c");
|
||||
public void testSuccess_addReservedLists() throws Exception {
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1"))
|
||||
.build());
|
||||
runCommandForced("--add_reserved_lists=xn--q9jyb4c_r2", "xn--q9jyb4c");
|
||||
assertThat(transform(Registry.get("xn--q9jyb4c").getReservedLists(), GET_NAME_FUNCTION))
|
||||
.containsExactly("xn--q9jyb4c_r1", "xn--q9jyb4c_r2");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeAllReservedListsWorksCorrectly() throws Exception {
|
||||
addTwoReservedListsToRegistry();
|
||||
public void testSuccess_removeAllReservedLists() throws Exception {
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
.build());
|
||||
runCommandForced("--remove_reserved_lists=xn--q9jyb4c_r1,xn--q9jyb4c_r2", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getReservedLists()).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeSomeReservedListsWorksCorrectly() throws Exception {
|
||||
addTwoReservedListsToRegistry();
|
||||
public void testSuccess_removeSomeReservedLists() throws Exception {
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
.build());
|
||||
runCommandForced("--remove_reserved_lists=xn--q9jyb4c_r1", "xn--q9jyb4c");
|
||||
assertThat(transform(Registry.get("xn--q9jyb4c").getReservedLists(), GET_NAME_FUNCTION))
|
||||
.containsExactly("xn--q9jyb4c_r2");
|
||||
}
|
||||
|
||||
private Registry addTwoReservedListsToRegistry() throws Exception {
|
||||
@Test
|
||||
public void testSuccess_setAllowedRegistrants() throws Exception {
|
||||
runCommandForced("--allowed_registrants=alice,bob", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds())
|
||||
.containsExactly("alice", "bob");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setAllowedRegistrantsOverwrites() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c")
|
||||
.asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("jane", "john"))
|
||||
.build());
|
||||
return Registry.get("xn--q9jyb4c");
|
||||
runCommandForced("--allowed_registrants=alice,bob", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds())
|
||||
.containsExactly("alice", "bob");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_addAllowedRegistrants() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("alice"))
|
||||
.build());
|
||||
runCommandForced("--add_allowed_registrants=bob", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds())
|
||||
.containsExactly("alice", "bob");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeAllAllowedRegistrants() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("alice", "bob"))
|
||||
.build());
|
||||
runCommandForced("--remove_allowed_registrants=alice,bob", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds()).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeSomeAllowedRegistrants() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("alice", "bob"))
|
||||
.build());
|
||||
runCommandForced("--remove_allowed_registrants=alice", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedRegistrantContactIds()).containsExactly("bob");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setAllowedNameservers() throws Exception {
|
||||
runCommandForced("--allowed_nameservers=ns1.example.com,ns2.example.com", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames())
|
||||
.containsExactly("ns1.example.com", "ns2.example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_setAllowedNameserversOverwrites() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(
|
||||
ImmutableSet.of("ns1.example.tld", "ns2.example.tld"))
|
||||
.build());
|
||||
runCommandForced("--allowed_nameservers=ns1.example.com,ns2.example.com", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames())
|
||||
.containsExactly("ns1.example.com", "ns2.example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_addAllowedNameservers() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.com"))
|
||||
.build());
|
||||
runCommandForced("--add_allowed_nameservers=ns2.example.com", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames())
|
||||
.containsExactly("ns1.example.com", "ns2.example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeAllAllowedNameservers() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(
|
||||
ImmutableSet.of("ns1.example.com", "ns2.example.com"))
|
||||
.build());
|
||||
runCommandForced("--remove_allowed_nameservers=ns1.example.com,ns2.example.com", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames()).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccess_removeSomeAllowedNameservers() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(
|
||||
ImmutableSet.of("ns1.example.com", "ns2.example.com"))
|
||||
.build());
|
||||
runCommandForced("--remove_allowed_nameservers=ns1.example.com", "xn--q9jyb4c");
|
||||
assertThat(Registry.get("xn--q9jyb4c").getAllowedFullyQualifiedHostNames())
|
||||
.containsExactly("ns2.example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -445,34 +546,91 @@ public class UpdateTldCommandTest extends CommandTestCase<UpdateTldCommand> {
|
|||
|
||||
@Test
|
||||
public void testFailure_cantAddDuplicateReservedList() throws Exception {
|
||||
thrown.expect(
|
||||
IllegalArgumentException.class,
|
||||
"Cannot add reserved list(s) xn--q9jyb4c_r1 to TLD xn--q9jyb4c "
|
||||
+ "because they're already on it");
|
||||
addTwoReservedListsToRegistry();
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "xn--q9jyb4c_r1");
|
||||
runCommandForced("--add_reserved_lists=xn--q9jyb4c_r1", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantRemoveReservedListThatIsntPresent() throws Exception {
|
||||
thrown.expect(
|
||||
IllegalArgumentException.class,
|
||||
"Cannot remove reserved list xn--q9jyb4c_Z from TLD xn--q9jyb4c because it isn't on it");
|
||||
addTwoReservedListsToRegistry();
|
||||
persistResource(Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setReservedListsByName(ImmutableSet.of("xn--q9jyb4c_r1", "xn--q9jyb4c_r2"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "xn--q9jyb4c_Z");
|
||||
runCommandForced("--remove_reserved_lists=xn--q9jyb4c_Z", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantAddAndRemoveSameReservedListSimultaneously() throws Exception {
|
||||
thrown.expect(
|
||||
IllegalArgumentException.class,
|
||||
"Adding and removing the same reserved list simultaneously doesn't make sense");
|
||||
thrown.expect(IllegalArgumentException.class, "xn--q9jyb4c_r1");
|
||||
runCommandForced(
|
||||
"--add_reserved_lists=xn--q9jyb4c_r1",
|
||||
"--remove_reserved_lists=xn--q9jyb4c_r1",
|
||||
"xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantAddDuplicateAllowedRegistrants() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("alice", "bob"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "alice");
|
||||
runCommandForced("--add_allowed_registrants=alice", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantRemoveAllowedRegistrantThatIsntPresent() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedRegistrantContactIds(ImmutableSet.of("alice"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "bob");
|
||||
runCommandForced("--remove_allowed_registrants=bob", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantAddAndRemoveSameAllowedRegistrantsSimultaneously() throws Exception {
|
||||
thrown.expect(IllegalArgumentException.class, "alice");
|
||||
runCommandForced(
|
||||
"--add_allowed_registrants=alice",
|
||||
"--remove_allowed_registrants=alice",
|
||||
"xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantAddDuplicateAllowedNameservers() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(
|
||||
ImmutableSet.of("ns1.example.com", "ns2.example.com"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "ns1.example.com");
|
||||
runCommandForced("--add_allowed_nameservers=ns1.example.com", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantRemoveAllowedNameserverThatIsntPresent() throws Exception {
|
||||
persistResource(
|
||||
Registry.get("xn--q9jyb4c").asBuilder()
|
||||
.setAllowedFullyQualifiedHostNames(
|
||||
ImmutableSet.of("ns1.example.com"))
|
||||
.build());
|
||||
thrown.expect(IllegalArgumentException.class, "ns2.example.com");
|
||||
runCommandForced("--remove_allowed_nameservers=ns2.example.com", "xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_cantAddAndRemoveSameAllowedNameserversSimultaneously() throws Exception {
|
||||
thrown.expect(IllegalArgumentException.class, "ns1.example.com");
|
||||
runCommandForced(
|
||||
"--add_allowed_nameservers=ns1.example.com",
|
||||
"--remove_allowed_nameservers=ns1.example.com",
|
||||
"xn--q9jyb4c");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_roidSuffixAlreadyInUse() throws Exception {
|
||||
createTld("foo", "BLAH");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue