Decouple superuser from SessionMetadata

Superuser should only be settable via the tool (see []
which is merged in here but not diffbased, and which removes
the implicit superuser for CharlestonRoad). It is a property
of the request, not of the session (there are no sessions in the tool).
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=125204707
This commit is contained in:
cgoldfeder 2016-06-17 14:48:46 -07:00 committed by Ben McIlwain
parent e359ab5f52
commit fd6c4888db
44 changed files with 80 additions and 136 deletions

View file

@ -187,7 +187,7 @@ public abstract class BaseDomainCreateFlow<R extends DomainBase, B extends Build
domainLabel, tld, command.getAuthInfo().getPw().getValue());
// Superusers can create reserved domains, force creations on domains that require a claims
// notice without specifying a claims key, and override blocks on registering premium domains.
if (!superuser) {
if (!isSuperuser) {
boolean isSunriseApplication =
launchCreate != null && !launchCreate.getSignedMarks().isEmpty();
if (!isAnchorTenantViaReservation) {
@ -254,7 +254,7 @@ public abstract class BaseDomainCreateFlow<R extends DomainBase, B extends Build
if (launchCreate == null) {
return;
}
if (!superuser) { // Superusers can ignore the phase.
if (!isSuperuser) { // Superusers can ignore the phase.
verifyLaunchPhase(getTld(), launchCreate, now);
}
if (launchCreate.hasCodeMarks()) {
@ -269,7 +269,7 @@ public abstract class BaseDomainCreateFlow<R extends DomainBase, B extends Build
throw new InvalidTrademarkValidatorException();
}
// Superuser can force domain creations regardless of the current date.
if (!superuser) {
if (!isSuperuser) {
if (notice.getExpirationTime().isBefore(now)) {
throw new ExpiredClaimException();
}

View file

@ -73,7 +73,7 @@ public class DomainAllocateFlow extends DomainCreateOrAllocateFlow {
@Override
protected final void verifyDomainCreateIsAllowed() throws EppException {
if (!superuser) {
if (!isSuperuser) {
throw new OnlySuperuserCanAllocateException();
}
if (allocateCreate == null) {

View file

@ -140,7 +140,7 @@ public class DomainApplicationCreateFlow extends BaseDomainCreateFlow<DomainAppl
@Override
protected void verifyDomainCreateIsAllowed() throws EppException {
validateFeeChallenge(targetId, getTld(), now, feeCreate, createCost);
if (tldState == TldState.LANDRUSH && !superuser) {
if (tldState == TldState.LANDRUSH && !isSuperuser) {
// Prohibit creating a landrush application in LANDRUSH (but not in SUNRUSH) if there is
// exactly one sunrise application for the same name.
List<DomainApplication> applications = FluentIterable

View file

@ -66,7 +66,7 @@ public class DomainApplicationDeleteFlow
// Don't allow deleting a sunrise application during landrush.
if (existingResource.getPhase().equals(LaunchPhase.SUNRISE)
&& Registry.get(existingResource.getTld()).getTldState(now).equals(TldState.LANDRUSH)
&& !superuser) {
&& !isSuperuser) {
throw new SunriseApplicationCannotBeDeletedInLandrushException();
}
}

View file

@ -109,7 +109,7 @@ public class DomainCreateFlow extends DomainCreateOrAllocateFlow {
protected final void verifyDomainCreateIsAllowed() throws EppException {
String tld = getTld();
validateFeeChallenge(targetId, tld, now, feeCreate, createCost);
if (!superuser) {
if (!isSuperuser) {
// Prohibit creating a domain if there is an open application for the same name.
for (DomainApplication application : loadActiveApplicationsByDomainName(targetId, now)) {
if (!application.getApplicationStatus().isFinalStatus()) {

View file

@ -97,7 +97,7 @@ public class DomainRestoreRequestFlow extends OwnedResourceMutateFlow<DomainReso
String tld = existingResource.getTld();
checkAllowedAccessToTld(getAllowedTlds(), tld);
if (!superuser) {
if (!isSuperuser) {
verifyNotReserved(InternetDomainName.from(targetId), false);
verifyPremiumNameIsNotBlocked(targetId, now, getClientId());
}

View file

@ -152,7 +152,7 @@ public class DomainTransferRequestFlow
@Override
protected final void verifyTransferRequestIsAllowed() throws EppException {
verifyUnitIsYears(command.getPeriod());
if (!superuser) {
if (!isSuperuser) {
verifyPremiumNameIsNotBlocked(targetId, now, getClientId());
}
validateFeeChallenge(