mirror of
https://github.com/google/nomulus.git
synced 2025-07-26 12:38:32 +02:00
75d9268ecd
The RFCs are ambiguous.
5733 (contacts):
3.2.4. EPP <transfer> Command
...the
<transfer> command MUST contain a <contact:transfer> element that
identifies the contact namespace. The <contact:transfer> element
contains the following child elements:
...
- A <contact:authInfo> element that contains authorization
information associated with the contact object.
However, the xsd explicitly marks it as optional:
<complexType name="authIDType">
<sequence>
<element name="id" type="eppcom:clIDType"/>
<element name="authInfo" type="contact:authInfoType"
minOccurs="0"/>
</sequence>
</complexType>
The language in 5731 (domains) is [] The only example given in both is for a transfer request, which is the one flow that obviously requires the authInfo.
We had decided that for transfer approve and reject, which are done by the losing client, requiring the authInfo is silly because it's available to that registrar from an <info> and there's no extra security in having them present it (although if they do present it we validate it). The question about cancel was whether the gaining client, which had to present the authInfo in the original transfer request, needs it again for cancel.
I can't come up with any reason this would be beneficial, and I'm making the decision: authInfo is not required on transfer cancel.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=133168739
97 lines
4.6 KiB
Java
97 lines
4.6 KiB
Java
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package google.registry.flows.contact;
|
|
|
|
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
|
|
import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
|
|
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
|
import static google.registry.model.EppResourceUtils.loadByUniqueId;
|
|
import static google.registry.model.eppoutput.Result.Code.Success;
|
|
import static google.registry.model.ofy.ObjectifyService.ofy;
|
|
|
|
import com.google.common.base.Optional;
|
|
import com.googlecode.objectify.Key;
|
|
import google.registry.flows.EppException;
|
|
import google.registry.flows.FlowModule.ClientId;
|
|
import google.registry.flows.FlowModule.TargetId;
|
|
import google.registry.flows.LoggedInFlow;
|
|
import google.registry.flows.TransactionalFlow;
|
|
import google.registry.flows.exceptions.NotPendingTransferException;
|
|
import google.registry.flows.exceptions.NotTransferInitiatorException;
|
|
import google.registry.flows.exceptions.ResourceToMutateDoesNotExistException;
|
|
import google.registry.model.contact.ContactResource;
|
|
import google.registry.model.domain.metadata.MetadataExtension;
|
|
import google.registry.model.eppcommon.AuthInfo;
|
|
import google.registry.model.eppinput.ResourceCommand;
|
|
import google.registry.model.eppoutput.EppOutput;
|
|
import google.registry.model.poll.PollMessage;
|
|
import google.registry.model.reporting.HistoryEntry;
|
|
import google.registry.model.transfer.TransferStatus;
|
|
import javax.inject.Inject;
|
|
|
|
/**
|
|
* An EPP flow that cancels a pending transfer on a {@link ContactResource}.
|
|
*
|
|
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
|
* @error {@link google.registry.flows.exceptions.NotPendingTransferException}
|
|
* @error {@link google.registry.flows.exceptions.NotTransferInitiatorException}
|
|
* @error {@link google.registry.flows.exceptions.ResourceToMutateDoesNotExistException}
|
|
*/
|
|
public class ContactTransferCancelFlow extends LoggedInFlow implements TransactionalFlow {
|
|
|
|
@Inject ResourceCommand resourceCommand;
|
|
@Inject Optional<AuthInfo> authInfo;
|
|
@Inject @ClientId String clientId;
|
|
@Inject @TargetId String targetId;
|
|
@Inject HistoryEntry.Builder historyBuilder;
|
|
@Inject ContactTransferCancelFlow() {}
|
|
|
|
@Override
|
|
protected final void initLoggedInFlow() throws EppException {
|
|
registerExtensions(MetadataExtension.class);
|
|
}
|
|
|
|
@Override
|
|
protected final EppOutput run() throws EppException {
|
|
ContactResource existingResource = loadByUniqueId(ContactResource.class, targetId, now);
|
|
// Fail if the object doesn't exist or was deleted.
|
|
if (existingResource == null) {
|
|
throw new ResourceToMutateDoesNotExistException(ContactResource.class, targetId);
|
|
}
|
|
verifyOptionalAuthInfoForResource(authInfo, existingResource);
|
|
if (existingResource.getTransferData().getTransferStatus() != TransferStatus.PENDING) {
|
|
throw new NotPendingTransferException(targetId);
|
|
}
|
|
if (!clientId.equals(existingResource.getTransferData().getGainingClientId())) {
|
|
throw new NotTransferInitiatorException();
|
|
}
|
|
ContactResource newResource = existingResource.asBuilder()
|
|
.clearPendingTransfer(TransferStatus.CLIENT_CANCELLED, now)
|
|
.build();
|
|
HistoryEntry historyEntry = historyBuilder
|
|
.setType(HistoryEntry.Type.CONTACT_TRANSFER_CANCEL)
|
|
.setModificationTime(now)
|
|
.setParent(Key.create(existingResource))
|
|
.build();
|
|
// Create a poll message for the losing client.
|
|
PollMessage losingPollMessage =
|
|
createLosingTransferPollMessage(targetId, newResource.getTransferData(), historyEntry);
|
|
ofy().save().<Object>entities(newResource, historyEntry, losingPollMessage);
|
|
// Delete the billing event and poll messages that were written in case the transfer would have
|
|
// been implicitly server approved.
|
|
ofy().delete().keys(existingResource.getTransferData().getServerApproveEntities());
|
|
return createOutput(Success, createTransferResponse(targetId, newResource.getTransferData()));
|
|
}
|
|
}
|