Merge branch 'master' into refactor-messages

# Conflicts: # db/structure.sql
2025-07-25 12:08:27 +02:00 · 2018-09-01 19:39:25 +03:00 · 2018-09-01 19:39:25 +03:00 · 056c57530c
commit 056c57530c
parent aff5b68a2f fea8333215
32 changed files with 730 additions and 148 deletions
--- a/app/controllers/admin/domains/registry_lock_controller.rb
+++ b/app/controllers/admin/domains/registry_lock_controller.rb
@ -0,0 +1,21 @@
+module Admin
+  module Domains
+    class RegistryLockController < BaseController
+      def destroy
+        set_domain
+        authorize! :manage, @domain
+        if @domain.remove_registry_lock
+          redirect_to edit_admin_domain_url(@domain), notice: t('.success')
+        else
+          redirect_to edit_admin_domain_url(@domain), alert: t('.error')
+        end
+      end
+
+      private
+
+      def set_domain
+        @domain = Domain.find(params[:domain_id])
+      end
+    end
+  end
+end
--- a/app/controllers/admin/mail_templates_controller.rb
+++ b/app/controllers/admin/mail_templates_controller.rb
@ -47,7 +47,7 @@ module Admin
    def destroy
      @mail_template = MailTemplate.find(params[:id])
      if @mail_template.destroy
-        redirect_to admin_mail_templates_path, notise: t(:deleted)
+        redirect_to admin_mail_templates_path, notice: t(:deleted)
      else
        flash.now[:alert] = I18n.t(:failure)
        render 'show'
--- a/app/controllers/api/v1/registrant/base_controller.rb
+++ b/app/controllers/api/v1/registrant/base_controller.rb
@ -6,6 +6,7 @@ module Api
    module Registrant
      class BaseController < ActionController::API
        before_action :authenticate
+        before_action :set_paper_trail_whodunnit

        rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
          error = {}
@ -22,16 +23,32 @@ module Api
          header.gsub(pattern, '') if header&.match(pattern)
        end

+        def associated_domains(user)
+          country_code, ident = user.registrant_ident.split('-')
+
+          BusinessRegistryCache.fetch_associated_domains(ident, country_code)
+        rescue Soap::Arireg::NotAvailableError => error
+          Rails.logger.fatal("[EXCEPTION] #{error}")
+          user.domains
+        end
+
        def authenticate
          decryptor = AuthTokenDecryptor.create_with_defaults(bearer_token)
          decryptor.decrypt_token

          if decryptor.valid?
-            sign_in decryptor.user
+            sign_in(:registrant_user, decryptor.user)
          else
-            render json: { errors: [{base: ['Not authorized']}] }, status: :unauthorized
+            render json: { errors: [{ base: ['Not authorized'] }] },
+                   status: :unauthorized
          end
        end
+
+        # This controller does not inherit from ApplicationController,
+        # so user_for_paper_trail method is not usable.
+        def set_paper_trail_whodunnit
+          ::PaperTrail.whodunnit = current_registrant_user.id_role_username
+        end
      end
    end
  end
--- a/app/controllers/api/v1/registrant/domains_controller.rb
+++ b/app/controllers/api/v1/registrant/domains_controller.rb
@ -30,17 +30,6 @@ module Api
            render json: { errors: [{ base: ['Domain not found'] }] }, status: :not_found
          end
        end
-
-        private
-
-        def associated_domains(user)
-          country_code, ident = user.registrant_ident.split('-')
-
-          BusinessRegistryCache.fetch_associated_domains(ident, country_code)
-        rescue Soap::Arireg::NotAvailableError => error
-          Rails.logger.fatal("[EXCEPTION] #{error}")
-          user.domains
-        end
      end
    end
  end
--- a/app/controllers/api/v1/registrant/registry_locks_controller.rb
+++ b/app/controllers/api/v1/registrant/registry_locks_controller.rb
@ -0,0 +1,48 @@
+module Api
+  module V1
+    module Registrant
+      class RegistryLocksController < BaseController
+        before_action :set_domain
+        before_action :authorized_to_manage_locks?
+
+        def create
+          if @domain.apply_registry_lock
+            render json: @domain
+          else
+            render json: { errors: [{ base: ['Domain cannot be locked'] }] },
+                   status: :unprocessable_entity
+          end
+        end
+
+        def destroy
+          if @domain.remove_registry_lock
+            render json: @domain
+          else
+            render json: { errors: [{ base: ['Domain is not locked'] }] },
+                   status: :unprocessable_entity
+          end
+        end
+
+        private
+
+        def set_domain
+          domain_pool = current_registrant_user.domains
+          @domain = domain_pool.find_by(uuid: params[:domain_uuid])
+
+          return if @domain
+          render json: { errors: [{ base: ['Domain not found'] }] },
+                 status: :not_found and return
+        end
+
+        def authorized_to_manage_locks?
+          return if current_registrant_user.administered_domains.include?(@domain)
+
+          render json: { errors: [
+            { base: ['Only administrative contacts can manage registry locks'] }
+          ] },
+                 status: :unauthorized and return
+        end
+      end
+    end
+  end
+end