// Copyright 2018 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.ui.server.registrar;
import static com.google.common.net.HttpHeaders.LOCATION;
import static com.google.common.truth.Truth.assertThat;
import static google.registry.model.common.GaeUserIdConverter.convertEmailAddressToGaeUserId;
import static google.registry.model.registrar.Registrar.loadByClientId;
import static google.registry.testing.DatastoreHelper.persistPremiumList;
import static javax.servlet.http.HttpServletResponse.SC_MOVED_TEMPORARILY;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import com.google.appengine.api.users.User;
import com.google.appengine.api.users.UserServiceFactory;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSetMultimap;
import google.registry.config.RegistryEnvironment;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarAddress;
import google.registry.model.registrar.RegistrarContact;
import google.registry.request.Action.Method;
import google.registry.request.auth.AuthLevel;
import google.registry.request.auth.AuthResult;
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
import google.registry.request.auth.UserAuthInfo;
import google.registry.security.XsrfTokenManager;
import google.registry.testing.AppEngineRule;
import google.registry.testing.DeterministicStringGenerator;
import google.registry.testing.FakeClock;
import google.registry.testing.FakeResponse;
import google.registry.ui.server.SendEmailUtils;
import google.registry.util.EmailMessage;
import google.registry.util.SendEmailService;
import java.util.Optional;
import javax.mail.internet.InternetAddress;
import javax.servlet.http.HttpServletRequest;
import org.joda.money.CurrencyUnit;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
import org.mockito.ArgumentCaptor;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnit;
import org.mockito.junit.MockitoRule;
@RunWith(JUnit4.class)
public final class ConsoleRegistrarCreatorActionTest {
@Rule
public final AppEngineRule appEngineRule = AppEngineRule.builder()
.withDatastore()
.build();
@Rule public final MockitoRule mocks = MockitoJUnit.rule();
private final FakeResponse response = new FakeResponse();
private final ConsoleRegistrarCreatorAction action = new ConsoleRegistrarCreatorAction();
private final User user = new User("marla.singer@example.com", "gmail.com", "12345");
@Mock HttpServletRequest request;
@Mock SendEmailService emailService;
@Before
public void setUp() throws Exception {
persistPremiumList("default_sandbox_list", "sandbox,USD 1000");
action.req = request;
action.method = Method.GET;
action.response = response;
action.registrarAccessor =
AuthenticatedRegistrarAccessor.createForTesting(
ImmutableSetMultimap.of("unused", AuthenticatedRegistrarAccessor.Role.ADMIN));
action.userService = UserServiceFactory.getUserService();
action.xsrfTokenManager = new XsrfTokenManager(new FakeClock(), action.userService);
action.authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user, false));
action.registryEnvironment = RegistryEnvironment.UNITTEST;
action.sendEmailUtils =
new SendEmailUtils(
new InternetAddress("outgoing@registry.example"),
"UnitTest Registry",
ImmutableList.of("notification@test.example", "notification2@test.example"),
emailService);
action.logoFilename = "logo.png";
action.productName = "Nomulus";
action.clientId = Optional.empty();
action.name = Optional.empty();
action.billingAccount = Optional.empty();
action.ianaId = Optional.empty();
action.referralEmail = Optional.empty();
action.driveId = Optional.empty();
action.consoleUserEmail = Optional.empty();
action.street1 = Optional.empty();
action.optionalStreet2 = Optional.empty();
action.optionalStreet3 = Optional.empty();
action.city = Optional.empty();
action.optionalState = Optional.empty();
action.optionalZip = Optional.empty();
action.countryCode = Optional.empty();
action.optionalPassword = Optional.empty();
action.optionalPasscode = Optional.empty();
action.passwordGenerator = new DeterministicStringGenerator("abcdefghijklmnopqrstuvwxyz");
action.passcodeGenerator = new DeterministicStringGenerator("314159265");
}
@Test
public void testNoUser_redirect() {
when(request.getRequestURI()).thenReturn("/test");
action.authResult = AuthResult.NOT_AUTHENTICATED;
action.run();
assertThat(response.getStatus()).isEqualTo(SC_MOVED_TEMPORARILY);
assertThat(response.getHeaders().get(LOCATION)).isEqualTo("/_ah/login?continue=%2Ftest");
}
@Test
public void testGet_authorized() {
action.run();
assertThat(response.getPayload()).contains("Create Registrar
");
}
@Test
public void testGet_authorized_onProduction() {
action.registryEnvironment = RegistryEnvironment.PRODUCTION;
action.run();
assertThat(response.getPayload()).contains("Create Registrar
");
}
@Test
public void testGet_unauthorized() {
action.registrarAccessor =
AuthenticatedRegistrarAccessor.createForTesting(ImmutableSetMultimap.of());
action.run();
assertThat(response.getPayload()).contains("You need permission
");
}
@Test
public void testPost_authorized_minimalAddress() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.billingAccount = Optional.of("USD=billing-account");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.run();
assertThat(response.getPayload())
.contains("Successfully created Registrar myclientid
");
ArgumentCaptor contentCaptor = ArgumentCaptor.forClass(EmailMessage.class);
verify(emailService).sendEmail(contentCaptor.capture());
EmailMessage emailMessage = contentCaptor.getValue();
assertThat(emailMessage.subject()).isEqualTo("Registrar myclientid created in unittest");
assertThat(emailMessage.body())
.isEqualTo(
""
+ "The following registrar was created in unittest by TestUserId:\n"
+ " clientId: myclientid\n"
+ " name: registrar name\n"
+ " billingAccount: USD=billing-account\n"
+ " ianaId: 12321\n"
+ " referralEmail: icann@example.com\n"
+ " driveId: drive-id\n"
+ "Gave user myclientid@registry.example web access to the registrar\n");
Registrar registrar = loadByClientId("myclientid").orElse(null);
assertThat(registrar).isNotNull();
assertThat(registrar.getClientId()).isEqualTo("myclientid");
assertThat(registrar.getBillingAccountMap())
.containsExactly(CurrencyUnit.USD, "billing-account");
assertThat(registrar.getDriveFolderId()).isEqualTo("drive-id");
assertThat(registrar.getIanaIdentifier()).isEqualTo(12321L);
assertThat(registrar.getIcannReferralEmail()).isEqualTo("icann@example.com");
assertThat(registrar.getEmailAddress()).isEqualTo("icann@example.com");
assertThat(registrar.testPassword("abcdefghijklmnop")).isTrue();
assertThat(registrar.getPhonePasscode()).isEqualTo("31415");
assertThat(registrar.getState()).isEqualTo(Registrar.State.PENDING);
assertThat(registrar.getType()).isEqualTo(Registrar.Type.REAL);
assertThat(registrar.getLocalizedAddress()).isEqualTo(new RegistrarAddress.Builder()
.setStreet(ImmutableList.of("my street"))
.setCity("my city")
.setCountryCode("CC")
.build());
assertThat(registrar.getContacts())
.containsExactly(
new RegistrarContact.Builder()
.setParent(registrar)
.setGaeUserId("-1509175207")
.setGaeUserId(convertEmailAddressToGaeUserId("myclientid@registry.example"))
.setName("myclientid@registry.example")
.setEmailAddress("myclientid@registry.example")
.build());
}
@Test
public void testPost_authorized_allAddress() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.billingAccount = Optional.of("USD=billing-account");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.optionalStreet2 = Optional.of("more street");
action.optionalStreet3 = Optional.of("final street");
action.city = Optional.of("my city");
action.optionalState = Optional.of("province");
action.optionalZip = Optional.of("12345-678");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.run();
assertThat(response.getPayload())
.contains("Successfully created Registrar myclientid
");
Registrar registrar = loadByClientId("myclientid").orElse(null);
assertThat(registrar).isNotNull();
assertThat(registrar.getLocalizedAddress()).isEqualTo(new RegistrarAddress.Builder()
.setStreet(ImmutableList.of("my street", "more street", "final street"))
.setCity("my city")
.setState("province")
.setZip("12345-678")
.setCountryCode("CC")
.build());
}
@Test
public void testPost_authorized_multipleBillingLines() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.billingAccount =
Optional.of(
""
+ "JPY=billing-account-yen\n"
+ " Usd = billing-account-usd \r\n"
+ "\n"
+ " \n"
+ "eur=billing-account-eur\n");
action.run();
assertThat(response.getPayload())
.contains("Successfully created Registrar myclientid
");
Registrar registrar = loadByClientId("myclientid").orElse(null);
assertThat(registrar).isNotNull();
assertThat(registrar.getBillingAccountMap())
.containsExactly(
CurrencyUnit.JPY, "billing-account-yen",
CurrencyUnit.USD, "billing-account-usd",
CurrencyUnit.EUR, "billing-account-eur");
}
@Test
public void testPost_authorized_repeatingCurrency_fails() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.billingAccount =
Optional.of(
""
+ "JPY=billing-account-1\n"
+ "jpy=billing-account-2\n");
action.run();
assertThat(response.getPayload())
.contains(
"Failed: Error parsing billing accounts - Multiple entries with same key:"
+ " JPY=billing-account-2 and JPY=billing-account-1");
}
@Test
public void testPost_authorized_badCurrency_fails() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.billingAccount =
Optional.of(
""
+ "JPY=billing-account-1\n"
+ "xyz=billing-account-2\n"
+ "usd=billing-account-3\n");
action.run();
assertThat(response.getPayload())
.contains("Failed: Error parsing billing accounts - Unknown currency 'XYZ'");
}
@Test
public void testPost_authorized_badBillingLine_fails() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.method = Method.POST;
action.billingAccount =
Optional.of(
""
+ "JPY=billing-account-1\n"
+ "some bad line\n"
+ "usd=billing-account-2\n");
action.run();
assertThat(response.getPayload())
.contains(
"Failed: Error parsing billing accounts - Can't parse line [some bad line]."
+ " The format should be [currency]=[account ID]");
}
@Test
public void testPost_authorized_setPassword() {
action.clientId = Optional.of("myclientid");
action.name = Optional.of("registrar name");
action.billingAccount = Optional.of("USD=billing-account");
action.ianaId = Optional.of(12321);
action.referralEmail = Optional.of("icann@example.com");
action.driveId = Optional.of("drive-id");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.street1 = Optional.of("my street");
action.city = Optional.of("my city");
action.countryCode = Optional.of("CC");
action.optionalPassword = Optional.of("SomePassword");
action.optionalPasscode = Optional.of("10203");
action.method = Method.POST;
action.run();
assertThat(response.getPayload())
.contains("Successfully created Registrar myclientid
");
Registrar registrar = loadByClientId("myclientid").orElse(null);
assertThat(registrar).isNotNull();
assertThat(registrar.testPassword("SomePassword")).isTrue();
assertThat(registrar.getPhonePasscode()).isEqualTo("10203");
}
@Test
public void testPost_unauthorized() {
action.registrarAccessor =
AuthenticatedRegistrarAccessor.createForTesting(ImmutableSetMultimap.of());
action.clientId = Optional.of("myclientid");
action.consoleUserEmail = Optional.of("myclientid@registry.example");
action.method = Method.POST;
action.run();
assertThat(response.getPayload()).contains("You need permission
");
}
}