Merge branch 'master' into refactor-messages

# Conflicts: # db/structure.sql
2025-08-03 16:32:04 +02:00 · 2018-09-01 19:39:25 +03:00 · 2018-09-01 19:39:25 +03:00 · 056c57530c
commit 056c57530c
parent aff5b68a2f fea8333215
32 changed files with 730 additions and 148 deletions
--- a/test/fixtures/contacts.yml
+++ b/test/fixtures/contacts.yml
@ -15,7 +15,7 @@ william: &william
  email: william@inbox.test
  phone: '+555.555'
  fax: '+666.6'
-  ident: 1234
+  ident: 12345
  ident_type: priv
  ident_country_code: US
  registrar: bestnames
@ -34,7 +34,7 @@ jane:
  name: Jane
  email: jane@mail.test
  phone: '+555.555'
-  ident: 1234
+  ident: 123456
  ident_type: priv
  ident_country_code: US
  registrar: bestnames
@ -46,7 +46,7 @@ acme_ltd:
  name: Acme Ltd
  email: acme@outlook.test
  phone: '+555.555'
-  ident: 1234
+  ident: 1234567
  ident_type: org
  registrar: bestnames
  ident_country_code: US
@ -58,7 +58,7 @@ jack:
  name: Jack
  email: jack@inbox.test
  phone: '+555.555'
-  ident: 1234
+  ident: 12345678
  ident_type: org
  registrar: goodnames
  ident_country_code: US
@ -87,4 +87,4 @@ invalid:
  email: invalid@invalid.test
  auth_info: any
  registrar: bestnames
-  uuid: bd80c0f9-26ee-49e0-a2cb-2311d931c433
+  uuid: bd80c0f9-26ee-49e0-a2cb-2311d931c433
--- a/test/fixtures/domain_contacts.yml
+++ b/test/fixtures/domain_contacts.yml
@ -28,11 +28,36 @@ airport_william_tech:
  contact: william
  type: TechDomainContact

-library_john:
+library_acme_admin:
+  domain: library
+  contact: acme_ltd
+  type: AdminDomainContact
+
+library_john_tech:
  domain: library
  contact: john
+  type: TechDomainContact
+
+metro_jack_admin:
+  domain: metro
+  contact: jack
  type: AdminDomainContact

+metro_jack_tech:
+  domain: metro
+  contact: jack
+  type: TechDomainContact
+
+hospital_john_admin:
+  domain: hospital
+  contact: john
+  type: AdminDomainContact
+
+hospital_john_tech:
+  domain: hospital
+  contact: john
+  type: TechDomainContact
+
 invalid_invalid_admin:
  domain: invalid
  contact: invalid
--- a/test/integration/api/registrant/registrant_api_contacts_test.rb
+++ b/test/integration/api/registrant/registrant_api_contacts_test.rb
@ -25,7 +25,7 @@ class RegistrantApiContactsTest < ApplicationIntegrationTest
    assert_equal(200, response.status)

    json_body = JSON.parse(response.body, symbolize_names: true)
-    assert_equal(5, json_body.count)
+    assert_equal(4, json_body.count)
    array_of_contact_codes = json_body.map { |x| x[:code] }
    assert(array_of_contact_codes.include?('william-001'))
    assert(array_of_contact_codes.include?('jane-001'))
@ -39,7 +39,7 @@ class RegistrantApiContactsTest < ApplicationIntegrationTest

    get '/api/v1/registrant/contacts', {}, @auth_headers
    response_json = JSON.parse(response.body, symbolize_names: true)
-    assert_equal(5, response_json.count)
+    assert_equal(4, response_json.count)
  end

  def test_get_contact_details_by_uuid
--- a/test/integration/api/registrant/registrant_api_domains_test.rb
+++ b/test/integration/api/registrant/registrant_api_domains_test.rb
@ -57,7 +57,7 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest
    get '/api/v1/registrant/domains', {}, @auth_headers
    response_json = JSON.parse(response.body, symbolize_names: true)

-    assert_equal(5, response_json.count)
+    assert_equal(4, response_json.count)
  end

  def test_root_does_not_accept_limit_higher_than_200
--- a/test/integration/api/registrant/registrant_api_registry_locks_test.rb
+++ b/test/integration/api/registrant/registrant_api_registry_locks_test.rb
@ -0,0 +1,131 @@
+require 'test_helper'
+require 'auth_token/auth_token_creator'
+
+class RegistrantApiRegistryLocksTest < ApplicationIntegrationTest
+  def setup
+    super
+
+    @original_registry_time = Setting.days_to_keep_business_registry_cache
+    Setting.days_to_keep_business_registry_cache = 1
+    travel_to Time.zone.parse('2010-07-05')
+
+    @user = users(:registrant)
+    @domain = domains(:airport)
+    @auth_headers = { 'HTTP_AUTHORIZATION' => auth_token }
+  end
+
+  def teardown
+    super
+
+    Setting.days_to_keep_business_registry_cache = @original_registry_time
+    travel_back
+  end
+
+  def test_can_lock_a_not_locked_domain
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+
+    @domain.reload
+    assert(@domain.locked_by_registrant?)
+  end
+
+  def test_locking_a_domain_creates_a_version_record
+    assert_difference '@domain.versions.count', 1 do
+      post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+           {}, @auth_headers
+    end
+
+    @domain.reload
+    assert_equal(@domain.updator, @user)
+  end
+
+  def test_cannot_lock_a_domain_in_pending_state
+    @domain.statuses << DomainStatus::PENDING_UPDATE
+    @domain.save
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_cannot_lock_an_already_locked_domain
+    @domain.apply_registry_lock
+    assert(@domain.locked_by_registrant?)
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_can_unlock_a_locked_domain
+    @domain.apply_registry_lock
+
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert(response_json[:statuses].include?(DomainStatus::OK))
+    @domain.reload
+    refute(@domain.locked_by_registrant?)
+  end
+
+  def test_cannot_unlock_a_not_locked_domain
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain is not locked'] }] }, response_json)
+  end
+
+  def test_returns_404_when_domain_is_not_found
+    post '/api/v1/registrant/domains/random-uuid/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(404, response.status)
+    assert_equal({ errors: [{ base: ['Domain not found'] }] }, response_json)
+  end
+
+  def test_technical_contact_cannot_lock_a_domain
+    post '/api/v1/registrant/domains/647bcc48-8d5e-4a04-8ce5-2a3cd17b6eab/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(401, response.status)
+    assert_equal({ errors: [{ base: ['Only administrative contacts can manage registry locks'] }] },
+                 response_json)
+  end
+
+  def test_registrant_can_lock_a_domain
+    post '/api/v1/registrant/domains/1b3ee442-e8fe-4922-9492-8fcb9dccc69c/registry_lock',
+         {}, @auth_headers
+
+    assert_equal(200, response.status)
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+  end
+
+  private
+
+  def auth_token
+    token_creator = AuthTokenCreator.create_with_defaults(@user)
+    hash = token_creator.token_in_hash
+    "Bearer #{hash[:access_token]}"
+  end
+end
--- a/test/models/domain/domain_version_test.rb
+++ b/test/models/domain/domain_version_test.rb
@ -0,0 +1,52 @@
+require 'test_helper'
+
+class DomainVersionTest < ActiveSupport::TestCase
+  def setup
+    super
+
+    @domain = domains(:shop)
+    @contacts = @domain.contacts
+    @user = users(:registrant)
+  end
+
+  def teardown
+    super
+  end
+
+  def test_assigns_creator_to_paper_trail_whodunnit
+    duplicate_domain = prepare_duplicate_domain
+
+    PaperTrail.whodunnit = @user.id_role_username
+    assert_difference 'duplicate_domain.versions.count', 1 do
+      duplicate_domain.save!
+    end
+
+    assert_equal(duplicate_domain.creator, @user)
+    assert_equal(duplicate_domain.updator, @user)
+    assert_equal(duplicate_domain.creator_str, @user.id_role_username)
+    assert_equal(duplicate_domain.updator_str, @user.id_role_username)
+  end
+
+  def test_assigns_updator_to_paper_trail_whodunnit
+    PaperTrail.whodunnit = @user.id_role_username
+
+    assert_difference '@domain.versions.count', 1 do
+      @domain.apply_registry_lock
+    end
+
+    assert_equal(@domain.updator, @user)
+    assert_equal(@domain.updator_str, @user.id_role_username)
+  end
+
+  private
+
+  def prepare_duplicate_domain
+    duplicate_domain = @domain.dup
+    duplicate_domain.tech_contacts << @contacts
+    duplicate_domain.admin_contacts << @contacts
+    duplicate_domain.name = 'duplicate.test'
+    duplicate_domain.uuid = nil
+
+    duplicate_domain
+  end
+end
--- a/test/models/domain/registry_lockable_test.rb
+++ b/test/models/domain/registry_lockable_test.rb
@ -0,0 +1,72 @@
+require 'test_helper'
+
+class DomainRegistryLockableTest < ActiveSupport::TestCase
+  def setup
+    super
+
+    @domain = domains(:airport)
+  end
+
+  def test_registry_lock_on_lockable_domain
+    refute(@domain.locked_by_registrant?)
+    @domain.apply_registry_lock
+
+    assert_equal(
+      [DomainStatus::SERVER_UPDATE_PROHIBITED,
+       DomainStatus::SERVER_DELETE_PROHIBITED,
+       DomainStatus::SERVER_TRANSFER_PROHIBITED],
+      @domain.statuses
+    )
+
+    assert(@domain.locked_by_registrant?)
+    assert(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_applied_twice
+    @domain.apply_registry_lock
+    refute(@domain.apply_registry_lock)
+    assert(@domain.locked_by_registrant?)
+    assert(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_applied_on_pending_statuses
+    @domain.statuses << DomainStatus::PENDING_RENEW
+    refute(@domain.apply_registry_lock)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_remove_registry_lock_on_locked_domain
+    @domain.apply_registry_lock
+
+    assert_equal(
+      [DomainStatus::SERVER_UPDATE_PROHIBITED,
+       DomainStatus::SERVER_DELETE_PROHIBITED,
+       DomainStatus::SERVER_TRANSFER_PROHIBITED],
+      @domain.statuses
+    )
+
+    @domain.remove_registry_lock
+
+    assert_equal(["ok"], @domain.statuses)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_remove_registry_lock_on_non_locked_domain
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.remove_registry_lock)
+
+    assert_equal([], @domain.statuses)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_removed_if_statuses_were_set_by_admin
+    @domain.statuses << DomainStatus::SERVER_UPDATE_PROHIBITED
+    @domain.statuses << DomainStatus::SERVER_DELETE_PROHIBITED
+    @domain.statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED
+
+    refute(@domain.remove_registry_lock)
+  end
+end
--- a/test/models/registrant_user/registrant_user_creation_test.rb
+++ b/test/models/registrant_user/registrant_user_creation_test.rb
@ -0,0 +1,56 @@
+require 'test_helper'
+
+class RegistrantUserCreationTest < ActiveSupport::TestCase
+  def test_find_or_create_by_api_data_creates_a_user
+    user_data = {
+      ident: '37710100070',
+      first_name: 'JOHN',
+      last_name: 'SMITH'
+    }
+
+    RegistrantUser.find_or_create_by_api_data(user_data)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_api_data_creates_a_user_after_upcasing_input
+    user_data = {
+      ident: '37710100070',
+      first_name: 'John',
+      last_name: 'Smith'
+    }
+
+    RegistrantUser.find_or_create_by_api_data(user_data)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_mid_data_creates_a_user
+    user_data = OpenStruct.new(user_country: 'EE', user_id_code: '37710100070',
+                               user_givenname: 'JOHN', user_surname: 'SMITH')
+
+    RegistrantUser.find_or_create_by_mid_data(user_data)
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_idc_with_legacy_header_creates_a_user
+    header = '/C=EE/O=ESTEID/OU=authentication/CN=SMITH,JOHN,37710100070/SN=SMITH/GN=JOHN/serialNumber=37710100070'
+
+    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_idc_with_rfc2253_header_creates_a_user
+    header = 'serialNumber=37710100070,GN=JOHN,SN=SMITH,CN=SMITH\\,JOHN\\,37710100070,OU=authentication,O=ESTEID,C=EE'
+
+    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+end
--- a/test/models/registrant_user_test.rb
+++ b/test/models/registrant_user_test.rb
@ -1,62 +1,38 @@
+require 'test_helper'
+
 class RegistrantUserTest < ActiveSupport::TestCase
  def setup
    super
+
+    @user = users(:registrant)
  end

  def teardown
    super
  end

-  def test_find_or_create_by_api_data_creates_a_user
-    user_data = {
-      ident: '37710100070',
-      first_name: 'JOHN',
-      last_name: 'SMITH'
-    }
+  def test_domains_returns_an_list_of_distinct_domains_associated_with_a_specific_id_code
+    domain_names = @user.domains.pluck(:name)
+    assert_equal(4, domain_names.length)

-    RegistrantUser.find_or_create_by_api_data(user_data)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+    # User is a registrant, but not a contact for the domain. Should be included in the list.
+    assert(domain_names.include?('shop.test'))
  end

-  def test_find_or_create_by_api_data_creates_a_user_after_upcasing_input
-    user_data = {
-      ident: '37710100070',
-      first_name: 'John',
-      last_name: 'Smith'
-    }
+  def test_administered_domains_returns_a_list_of_domains
+    domain_names = @user.administered_domains.pluck(:name)
+    assert_equal(3, domain_names.length)

-    RegistrantUser.find_or_create_by_api_data(user_data)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+    # User is a tech contact for the domain.
+    refute(domain_names.include?('library.test'))
  end

-  def test_find_or_create_by_mid_data_creates_a_user
-    user_data = OpenStruct.new(user_country: 'EE', user_id_code: '37710100070',
-                              user_givenname: 'JOHN', user_surname: 'SMITH')
-
-    RegistrantUser.find_or_create_by_mid_data(user_data)
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+  def test_contacts_returns_an_list_of_contacts_associated_with_a_specific_id_code
+    assert_equal(1, @user.contacts.count)
  end

-  def test_find_or_create_by_idc_with_legacy_header_creates_a_user
-    header = '/C=EE/O=ESTEID/OU=authentication/CN=SMITH,JOHN,37710100070/SN=SMITH/GN=JOHN/serialNumber=37710100070'
-
-    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
-  end
-
-  def test_find_or_create_by_idc_with_rfc2253_header_creates_a_user
-    header = 'serialNumber=37710100070,GN=JOHN,SN=SMITH,CN=SMITH\\,JOHN\\,37710100070,OU=authentication,O=ESTEID,C=EE'
-
-    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+  def test_ident_and_country_code_helper_methods
+    assert_equal('1234', @user.ident)
+    assert_equal('US', @user.country_code)
  end
 end
--- a/test/system/admin_area/domains/registry_lock_test.rb
+++ b/test/system/admin_area/domains/registry_lock_test.rb
@ -0,0 +1,57 @@
+require 'test_helper'
+
+class AdminAreaRegistryLockTest < JavaScriptApplicationSystemTestCase
+  def setup
+    super
+    WebMock.allow_net_connect!
+
+    sign_in users(:admin)
+    travel_to Time.zone.parse('2010-07-05 00:30:00')
+    @domain = domains(:airport)
+  end
+
+  def teardown
+    travel_back
+  end
+
+  def test_does_not_have_link_when_domain_is_not_locked
+    visit edit_admin_domain_path(@domain)
+    click_link_or_button('Actions')
+    refute(page.has_link?('Remove registry lock'))
+  end
+
+  def test_can_remove_registry_lock_from_a_domain
+    @domain.apply_registry_lock
+
+    visit edit_admin_domain_path(@domain)
+    click_link_or_button('Actions')
+    assert(page.has_link?('Remove registry lock'))
+
+    accept_confirm('Are you sure you want to remove the registry lock?') do
+      click_link_or_button('Remove registry lock')
+    end
+
+    assert_text('Registry lock removed')
+
+    @domain.reload
+    refute @domain.locked_by_registrant?
+  end
+
+  def test_cannot_remove_registry_lock_from_not_locked_domain
+    @domain.apply_registry_lock
+    visit edit_admin_domain_path(@domain)
+    @domain.remove_registry_lock
+
+    refute @domain.locked_by_registrant?
+
+    click_link_or_button('Actions')
+    assert(page.has_link?('Remove registry lock'))
+
+    accept_confirm('Are you sure you want to remove the registry lock?') do
+      click_link_or_button('Remove registry lock')
+    end
+
+    assert_text('Registry lock could not be removed')
+    refute @domain.locked_by_registrant?
+  end
+end
--- a/test/system/admin_area/domains_test.rb
+++ b/test/system/admin_area/domains_test.rb
@ -3,6 +3,7 @@ require 'test_helper'
 class AdminDomainsTestTest < ApplicationSystemTestCase
  setup do
    sign_in users(:admin)
+    travel_to Time.zone.parse('2010-07-05 00:30:00')
    @domain = domains(:shop)
  end

@ -15,8 +16,19 @@ class AdminDomainsTestTest < ApplicationSystemTestCase
    assert_field nil, with: @domain.transfer_code
  end

+  def test_admin_registry_lock_date
+    visit admin_domain_path(@domain)
+    refute_text 'Registry lock time 2010-07-05 00:30'
+
+    lockable_domain = domains(:airport)
+    lockable_domain.apply_registry_lock
+
+    visit admin_domain_path(lockable_domain)
+    assert_text 'Registry lock time 2010-07-05 00:30'
+    assert_text 'registryLock'
+  end
+
  def test_keep_a_domain
-    travel_to Time.zone.parse('2010-07-05 10:30')
    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
    @domain.discard