zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-08-05 17:28:25 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove per-domain nameserver restrictions in reserved lists

Browse source 
This also removes the related setting on the Registry entity. We never used
either of these, and keeping them around in our codebase just adds complexity
for no purpose. We already achieve the goals of this feature by restricting
nameservers on entire TLDs and by registry-locking important domain names.

This is also two fewer things we'll have to worry about carrying over to the new
schema in Registry 3.0.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=243816241
This commit is contained in:
mcilwain 2019-04-16 08:57:07 -07:00 committed by jianglai
parent f6dbc4156a
commit ff3aeff0ed
15 changed files with 24 additions and 794 deletions
Download patch file Download diff file Expand all files Collapse all files

194
javatests/google/registry/flows/domain/DomainCreateFlowTest.java
View file

@ -23,11 +23,8 @@ import static google.registry.model.billing.BillingEvent.Flag.SUNRISE;
import static google.registry.model.domain.fee.Fee.FEE_EXTENSION_URIS;
import static google.registry.model.domain.token.AllocationToken.TokenType.SINGLE_USE;
import static google.registry.model.domain.token.AllocationToken.TokenType.UNLIMITED_USE;
import static google.registry.model.eppcommon.StatusValue.OK;
import static google.registry.model.eppcommon.StatusValue.PENDING_DELETE;
import static google.registry.model.eppcommon.StatusValue.SERVER_HOLD;
import static google.registry.model.eppcommon.StatusValue.SERVER_TRANSFER_PROHIBITED;
import static google.registry.model.eppcommon.StatusValue.SERVER_UPDATE_PROHIBITED;
import static google.registry.model.ofy.ObjectifyService.ofy;
import static google.registry.model.registry.Registry.TldState.GENERAL_AVAILABILITY;
import static google.registry.model.registry.Registry.TldState.PREDELEGATION;
@ -92,7 +89,6 @@ import google.registry.flows.domain.DomainFlowUtils.CurrencyValueScaleException;
import google.registry.flows.domain.DomainFlowUtils.DashesInThirdAndFourthException;
import google.registry.flows.domain.DomainFlowUtils.DomainLabelTooLongException;
import google.registry.flows.domain.DomainFlowUtils.DomainNameExistsAsTldException;
import google.registry.flows.domain.DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException;
import google.registry.flows.domain.DomainFlowUtils.DomainReservedException;
import google.registry.flows.domain.DomainFlowUtils.DuplicateContactForRoleException;
import google.registry.flows.domain.DomainFlowUtils.EmptyDomainNamePartException;
@ -117,9 +113,7 @@ import google.registry.flows.domain.DomainFlowUtils.MissingClaimsNoticeException
import google.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
import google.registry.flows.domain.DomainFlowUtils.MissingRegistrantException;
import google.registry.flows.domain.DomainFlowUtils.MissingTechnicalContactException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotAllowedForDomainException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotAllowedForTldException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException;
import google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
import google.registry.flows.domain.DomainFlowUtils.PremiumNameBlockedException;
@ -1788,194 +1782,6 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
doSuccessfulTest();
}
@Test
public void testSuccess_domainNameserverRestricted_allNameserversAllowed() throws Exception {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
doSuccessfulTest();
}
@Test
public void testFailure_domainNameserverRestricted_noNameservers() {
setEppInput("domain_create_no_hosts_or_dsdata.xml", ImmutableMap.of("DOMAIN", "example.tld"));
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
EppException thrown =
assertThrows(
NameserversNotSpecifiedForNameserverRestrictedDomainException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@Test
public void testFailure_domainNameserverRestricted_someNameserversDisallowed() {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns2.example.net:ns3.example.net"))
.build());
NameserversNotAllowedForDomainException thrown =
assertThrows(NameserversNotAllowedForDomainException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns1.example.net");
}
@Test
public void testFailure_domainCreateRestricted_domainNotReserved() {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setReservedLists(
persistReservedList(
"reserved", "lol,NAMESERVER_RESTRICTED,ns1.example.net:ns2.example.net"))
.build());
DomainNotAllowedForTldWithCreateRestrictionException thrown =
assertThrows(DomainNotAllowedForTldWithCreateRestrictionException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("example.tld");
}
@Test
public void testSuccess_domainCreateNotRestricted_domainNotReserved() throws Exception {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "lol,NAMESERVER_RESTRICTED,ns1.example.net:ns2.example.net"))
.build());
doSuccessfulTest();
}
@Test
public void testSuccess_tldAndDomainNameserversWhitelistBothSatisfied() throws Exception {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.net", "ns2.example.net", "ns3.example.net"))
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns4.example.net"))
.build());
doSuccessfulTest();
}
@Test
public void testFailure_domainNameserversAllowed_tldNameserversDisallowed() {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns2.example.net", "ns3.example.net", "ns4.example.net"))
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
NameserversNotAllowedForTldException thrown =
assertThrows(NameserversNotAllowedForTldException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns1.example.net");
}
@Test
public void testFailure_domainNameserversDisallowed_tldNameserversAllowed() {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.net", "ns2.example.net", "ns3.example.net"))
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns2.example.net:ns3.example.net:ns4.example.net"))
.build());
NameserversNotAllowedForDomainException thrown =
assertThrows(NameserversNotAllowedForDomainException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns1.example.net");
}
@Test
public void testFailure_tldNameserversAllowed_domainCreateRestricted_domainNotReserved() {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.net", "ns2.example.net", "ns3.example.net"))
.setReservedLists(
persistReservedList(
"reserved",
"lol,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
DomainNotAllowedForTldWithCreateRestrictionException thrown =
assertThrows(DomainNotAllowedForTldWithCreateRestrictionException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("example.tld");
}
@Test
public void testSuccess_domainCreateRestricted_serverStatusSet() throws Exception {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
doSuccessfulTest();
assertThat(reloadResourceByForeignKey().getStatusValues())
.containsExactly(SERVER_UPDATE_PROHIBITED, SERVER_TRANSFER_PROHIBITED);
}
@Test
public void testSuccess_domainCreateNotRestricted_serverStatusNotSet() throws Exception {
persistContactsAndHosts();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved",
"example,NAMESERVER_RESTRICTED,"
+ "ns1.example.net:ns2.example.net:ns3.example.net"))
.build());
doSuccessfulTest();
assertThat(reloadResourceByForeignKey().getStatusValues()).containsExactly(OK);
}
@Test
public void testFailure_eapFee_combined() {
setEppInput("domain_create_eap_combined_fee.xml", ImmutableMap.of("FEE_VERSION", "0.6"));

232
javatests/google/registry/flows/domain/DomainUpdateFlowTest.java
View file

@ -31,7 +31,6 @@ import static google.registry.testing.DatastoreHelper.persistActiveDomain;
import static google.registry.testing.DatastoreHelper.persistActiveHost;
import static google.registry.testing.DatastoreHelper.persistActiveSubordinateHost;
import static google.registry.testing.DatastoreHelper.persistDeletedDomain;
import static google.registry.testing.DatastoreHelper.persistReservedList;
import static google.registry.testing.DatastoreHelper.persistResource;
import static google.registry.testing.DomainBaseSubject.assertAboutDomains;
import static google.registry.testing.EppExceptionSubject.assertAboutEppExceptions;
@ -53,7 +52,6 @@ import google.registry.flows.ResourceFlowUtils.AddRemoveSameValueException;
import google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException;
import google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException;
import google.registry.flows.ResourceFlowUtils.StatusNotClientSettableException;
import google.registry.flows.domain.DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException;
import google.registry.flows.domain.DomainFlowUtils.DuplicateContactForRoleException;
import google.registry.flows.domain.DomainFlowUtils.EmptySecDnsUpdateException;
import google.registry.flows.domain.DomainFlowUtils.FeesMismatchException;
@ -65,9 +63,7 @@ import google.registry.flows.domain.DomainFlowUtils.MissingAdminContactException
import google.registry.flows.domain.DomainFlowUtils.MissingContactTypeException;
import google.registry.flows.domain.DomainFlowUtils.MissingRegistrantException;
import google.registry.flows.domain.DomainFlowUtils.MissingTechnicalContactException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotAllowedForDomainException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotAllowedForTldException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException;
import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException;
import google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
import google.registry.flows.domain.DomainFlowUtils.RegistrantNotAllowedException;
@ -1157,7 +1153,8 @@ public class DomainUpdateFlowTest extends ResourceFlowTestCase<DomainUpdateFlow,
}
@Test
public void testFailure_newNameserverNotWhitelisted() throws Exception {
public void testFailure_addedNameserverDisallowedInTld()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
@ -1165,8 +1162,9 @@ public class DomainUpdateFlowTest extends ResourceFlowTestCase<DomainUpdateFlow,
.asBuilder()
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.foo"))
.build());
clock.advanceOneMilli();
EppException thrown = assertThrows(NameserversNotAllowedForTldException.class, this::runFlow);
NameserversNotAllowedForTldException thrown =
assertThrows(NameserversNotAllowedForTldException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns2.example.foo");
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@ -1299,226 +1297,6 @@ public class DomainUpdateFlowTest extends ResourceFlowTestCase<DomainUpdateFlow,
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@Test
public void testSuccess_domainNameserverRestricted_addedNameserverAllowed() throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
doSuccessfulTest();
}
@Test
public void testFailure_domainNameserverRestricted_addedNameserverDisallowed() throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns3.example.foo"))
.build());
NameserversNotAllowedForDomainException thrown =
assertThrows(NameserversNotAllowedForDomainException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns2.example.foo");
}
@Test
public void testFailure_domainNameserverRestricted_removeLastNameserver() throws Exception {
persistReferencedEntities();
persistDomain();
setEppInput("domain_update_remove_nameserver.xml");
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
EppException thrown =
assertThrows(
NameserversNotSpecifiedForNameserverRestrictedDomainException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@Test
public void testSuccess_domainNameserverRestricted_removeNameservers() throws Exception {
setEppInput("domain_update_remove_nameserver.xml");
persistReferencedEntities();
persistDomain();
persistResource(
reloadResourceByForeignKey()
.asBuilder()
.addNameserver(
Key.create(
loadByForeignKey(HostResource.class, "ns2.example.foo", clock.nowUtc()).get()))
.build());
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
assertThat(reloadResourceByForeignKey().getNameservers())
.contains(
Key.create(
loadByForeignKey(HostResource.class, "ns1.example.foo", clock.nowUtc()).get()));
clock.advanceOneMilli();
runFlow();
assertThat(reloadResourceByForeignKey().getNameservers())
.doesNotContain(
Key.create(
loadByForeignKey(HostResource.class, "ns1.example.foo", clock.nowUtc()).get()));
}
@Test
public void testSuccess_domainCreateRestricted_addedNameserverNotAllowed() throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns3.example.foo"))
.build());
NameserversNotAllowedForDomainException thrown =
assertThrows(NameserversNotAllowedForDomainException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns2.example.foo");
}
@Test
public void testSuccess_addedNameserversAllowedInTldAndDomainNameserversWhitelists()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.foo", "ns2.example.foo"))
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
doSuccessfulTest();
}
@Test
public void testFailure_addedNameserversAllowedInTld_disallowedInDomainNameserversWhitelists()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.foo", "ns2.example.foo"))
.setReservedLists(
persistReservedList("reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo"))
.build());
NameserversNotAllowedForDomainException thrown =
assertThrows(NameserversNotAllowedForDomainException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns2.example.foo");
}
@Test
public void testFailure_addedNameserversDisallowedInTld_AllowedInDomainNameserversWhitelists()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setAllowedFullyQualifiedHostNames(ImmutableSet.of("ns1.example.foo"))
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
NameserversNotAllowedForTldException thrown =
assertThrows(NameserversNotAllowedForTldException.class, this::runFlow);
assertThat(thrown).hasMessageThat().contains("ns2.example.foo");
}
@Test
public void testFailure_tldNameserversAllowed_domainCreateRestricted_domainNotReserved()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setAllowedFullyQualifiedHostNames(
ImmutableSet.of("ns1.example.foo", "ns2.example.foo"))
.setReservedLists(
persistReservedList(
"reserved", "lol,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
EppException thrown =
assertThrows(DomainNotAllowedForTldWithCreateRestrictionException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@Test
public void testFailure_domainCreateRestricted_domainNotReserved() throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setReservedLists(
persistReservedList(
"reserved", "lol,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
EppException thrown =
assertThrows(DomainNotAllowedForTldWithCreateRestrictionException.class, this::runFlow);
assertAboutEppExceptions().that(thrown).marshalsToXml();
}
@Test
public void testSuccess_domainCreateNotRestricted_domainNotReserved() throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
persistReservedList(
"reserved", "lol,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
doSuccessfulTest();
}
@Test
public void testSuccess_domainCreateRestricted_reApplyServerProhibitedStatusCodes()
throws Exception {
persistReferencedEntities();
persistDomain();
persistResource(
Registry.get("tld")
.asBuilder()
.setDomainCreateRestricted(true)
.setReservedLists(
persistReservedList(
"reserved", "example,NAMESERVER_RESTRICTED,ns1.example.foo:ns2.example.foo"))
.build());
doSuccessfulTest();
assertAboutDomains()
.that(reloadResourceByForeignKey())
.hasStatusValue(SERVER_UPDATE_PROHIBITED)
.and()
.hasStatusValue(StatusValue.SERVER_TRANSFER_PROHIBITED);
}
@Test
public void testSuccess_domainCreateNotRestricted_doNotApplyServerProhibitedStatusCodes()
throws Exception {

103
javatests/google/registry/model/registry/label/ReservedListTest.java
View file

@ -23,9 +23,7 @@ import static google.registry.model.registry.label.DomainLabelMetrics.reservedLi
import static google.registry.model.registry.label.DomainLabelMetrics.reservedListProcessingTime;
import static google.registry.model.registry.label.ReservationType.ALLOWED_IN_SUNRISE;
import static google.registry.model.registry.label.ReservationType.FULLY_BLOCKED;
import static google.registry.model.registry.label.ReservationType.NAMESERVER_RESTRICTED;
import static google.registry.model.registry.label.ReservationType.NAME_COLLISION;
import static google.registry.model.registry.label.ReservedList.getAllowedNameservers;
import static google.registry.model.registry.label.ReservedList.getReservationTypes;
import static google.registry.testing.DatastoreHelper.createTld;
import static google.registry.testing.DatastoreHelper.persistReservedList;
@ -34,7 +32,6 @@ import static google.registry.testing.JUnitBackports.assertThrows;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.net.InternetDomainName;
import google.registry.model.ofy.Ofy;
import google.registry.model.registry.Registry;
import google.registry.model.registry.label.ReservedList.ReservedListEntry;
@ -115,38 +112,6 @@ public class ReservedListTest {
verifyUnreservedCheckCount(26);
}
@Test
public void testGetAllowedNameservers() {
ReservedList rl1 =
persistReservedList(
"reserved1",
"lol,NAMESERVER_RESTRICTED,ns1.nameserver.com",
"lol1,NAMESERVER_RESTRICTED,ns1.nameserver.com:ns2.domain.tld:ns3.domain.tld",
"lol2,NAMESERVER_RESTRICTED,ns.name.tld # This is a comment");
ReservedList rl2 =
persistReservedList(
"reserved2",
"lol1,NAMESERVER_RESTRICTED,ns3.nameserver.com:ns2.domain.tld:ns3.domain.tld",
"lol2,NAMESERVER_RESTRICTED,ns3.nameserver.com:ns4.domain.tld",
"lol3,NAMESERVER_RESTRICTED,ns3.nameserver.com");
ReservedList rl3 =
persistReservedList(
"reserved3", "lol1,NAMESERVER_RESTRICTED,ns3.domain.tld", "lol4,ALLOWED_IN_SUNRISE");
persistResource(Registry.get("tld").asBuilder().setReservedLists(rl1, rl2, rl3).build());
assertThat(getReservationTypes("lol", "tld")).containsExactly(NAMESERVER_RESTRICTED);
assertThat(getReservationTypes("lol1", "tld")).containsExactly(NAMESERVER_RESTRICTED);
assertThat(getReservationTypes("lol2", "tld")).containsExactly(NAMESERVER_RESTRICTED);
assertThat(getReservationTypes("lol3", "tld")).containsExactly(NAMESERVER_RESTRICTED);
assertThat(getAllowedNameservers(InternetDomainName.from("lol.tld")))
.containsExactly("ns1.nameserver.com");
assertThat(getAllowedNameservers(InternetDomainName.from("lol1.tld")))
.containsExactly("ns3.domain.tld");
assertThat(getAllowedNameservers(InternetDomainName.from("lol2.tld"))).isEmpty();
assertThat(getAllowedNameservers(InternetDomainName.from("lol3.tld")))
.containsExactly("ns3.nameserver.com");
assertThat(getAllowedNameservers(InternetDomainName.from("lol4.tld"))).isEmpty();
}
@Test
public void testGetReservationTypes_concatsMultipleListsCorrectly() {
ReservedList rl1 = persistReservedList(
@ -352,70 +317,6 @@ public class ReservedListTest {
IllegalArgumentException.class, () -> persistReservedList("tld", "lol,FULLY_BLOCKZ # yup"));
}
@Test
public void testSave_additionalRestrictionWithIncompatibleReservationType() {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
() ->
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
ImmutableSet.of(
persistReservedList("reserved1", "lol,FULLY_BLOCKED,foobar1")))
.build()));
assertThat(thrown)
.hasMessageThat()
.contains(
"Allowed nameservers must be specified for NAMESERVER_RESTRICTED reservations only");
}
@Test
public void testSave_badNameservers_invalidSyntax() {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
() ->
persistReservedList(
"reserved1",
"lol,NAMESERVER_RESTRICTED,ns1.domain.tld:ns2.domain.tld",
"lol1,NAMESERVER_RESTRICTED,ns1.domain.tld:ns@.domain.tld"));
assertThat(thrown).hasMessageThat().contains("Not a valid domain name: 'ns@.domain.tld'");
}
@Test
public void testSave_badNameservers_tooFewPartsForHostname() {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
() ->
persistReservedList(
"reserved1",
"lol,NAMESERVER_RESTRICTED,ns1.domain.tld:ns2.domain.tld",
"lol1,NAMESERVER_RESTRICTED,ns1.domain.tld:domain.tld"));
assertThat(thrown).hasMessageThat().contains("domain.tld is not a valid nameserver hostname");
}
@Test
public void testSave_noNameserversWithNameserverRestrictedReservation() {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
() ->
persistResource(
Registry.get("tld")
.asBuilder()
.setReservedLists(
ImmutableSet.of(
persistReservedList("reserved1", "lol,NAMESERVER_RESTRICTED")))
.build()));
assertThat(thrown)
.hasMessageThat()
.contains(
"Allowed nameservers must be specified for NAMESERVER_RESTRICTED reservations only");
}
@Test
public void testParse_cannotIncludeDuplicateLabels() {
ReservedList rl = new ReservedList.Builder().setName("blah").build();
@ -441,7 +342,7 @@ public class ReservedListTest {
Exception e =
assertThrows(
IllegalArgumentException.class,
() -> ReservedListEntry.create("UPPER.tld", FULLY_BLOCKED, null, null));
() -> ReservedListEntry.create("UPPER.tld", FULLY_BLOCKED, null));
assertThat(e).hasMessageThat().contains("must be in puny-coded, lower-case form");
}
@ -450,7 +351,7 @@ public class ReservedListTest {
Exception e =
assertThrows(
IllegalArgumentException.class,
() -> ReservedListEntry.create("lower.みんな", FULLY_BLOCKED, null, null));
() -> ReservedListEntry.create("lower.みんな", FULLY_BLOCKED, null));
assertThat(e).hasMessageThat().contains("must be in puny-coded, lower-case form");
}
}

3
javatests/google/registry/model/testdata/schema.txt vendored
View file

@ -488,7 +488,6 @@ class google.registry.model.registry.Registry {
@Id java.lang.String tldStrId;
@Parent com.googlecode.objectify.Key<google.registry.model.common.EntityGroupRoot> parent;
boolean dnsPaused;
boolean domainCreateRestricted;
boolean escrowEnabled;
com.googlecode.objectify.Key<google.registry.model.registry.label.PremiumList> premiumList;
google.registry.model.CreateAutoTimestamp creationTime;
@ -561,7 +560,6 @@ class google.registry.model.registry.label.PremiumList$PremiumListRevision {
enum google.registry.model.registry.label.ReservationType {
ALLOWED_IN_SUNRISE;
FULLY_BLOCKED;
NAMESERVER_RESTRICTED;
NAME_COLLISION;
RESERVED_FOR_ANCHOR_TENANT;
RESERVED_FOR_SPECIFIC_USE;
@ -577,7 +575,6 @@ class google.registry.model.registry.label.ReservedList {
class google.registry.model.registry.label.ReservedList$ReservedListEntry {
@Id java.lang.String label;
google.registry.model.registry.label.ReservationType reservationType;
java.lang.String allowedNameservers;
java.lang.String comment;
}
class google.registry.model.reporting.DomainTransactionRecord {

11
javatests/google/registry/tools/CreateTldCommandTest.java
View file

@ -68,7 +68,6 @@ public class CreateTldCommandTest extends CommandTestCase<CreateTldCommand> {
assertThat(registry).isNotNull();
assertThat(registry.getAddGracePeriodLength()).isEqualTo(Registry.DEFAULT_ADD_GRACE_PERIOD);
assertThat(registry.getCreationTime()).isIn(Range.closed(before, after));
assertThat(registry.getDomainCreateRestricted()).isFalse();
assertThat(registry.getDnsWriters()).containsExactly("FooDnsWriter");
assertThat(registry.getTldState(registry.getCreationTime())).isEqualTo(PREDELEGATION);
assertThat(registry.getRedemptionGracePeriodLength())
@ -441,16 +440,6 @@ public class CreateTldCommandTest extends CommandTestCase<CreateTldCommand> {
.containsExactly("ns1.example.com", "ns2.example.com");
}
@Test
public void testSuccess_setDomainCreateRestricted() throws Exception {
runCommandForced(
"--domain_create_restricted=true",
"--roid_suffix=Q9JYB4C",
"--dns_writers=FooDnsWriter",
"xn--q9jyb4c");
assertThat(Registry.get("xn--q9jyb4c").getDomainCreateRestricted()).isTrue();
}
@Test
public void testSuccess_setCommonReservedListOnTld() throws Exception {
runSuccessfulReservedListsTest("common_abuse");

24
javatests/google/registry/tools/UpdateTldCommandTest.java
View file

@ -398,30 +398,6 @@ public class UpdateTldCommandTest extends CommandTestCase<UpdateTldCommand> {
.containsExactly("ns2.example.com");
}
@Test
public void testSuccess_setTldToDomainCreateRestricted() throws Exception {
persistResource(
Registry.get("xn--q9jyb4c").asBuilder().setDomainCreateRestricted(false).build());
runCommandForced("--domain_create_restricted=true", "xn--q9jyb4c");
assertThat(Registry.get("xn--q9jyb4c").getDomainCreateRestricted()).isTrue();
}
@Test
public void testSuccess_unsetTldToDomainCreateRestricted() throws Exception {
persistResource(
Registry.get("xn--q9jyb4c").asBuilder().setDomainCreateRestricted(true).build());
runCommandForced("--domain_create_restricted=false", "xn--q9jyb4c");
assertThat(Registry.get("xn--q9jyb4c").getDomainCreateRestricted()).isFalse();
}
@Test
public void testSuccess_leaveDomainCreateRestrictedStatusUnchanged() throws Exception {
persistResource(
Registry.get("xn--q9jyb4c").asBuilder().setDomainCreateRestricted(true).build());
runCommandForced("xn--q9jyb4c");
assertThat(Registry.get("xn--q9jyb4c").getDomainCreateRestricted()).isTrue();
}
@Test
public void testFailure_invalidAddGracePeriod() {
IllegalArgumentException thrown =