Merge branch 'master' into refactor-messages

# Conflicts:
#	db/structure.sql

test/integration/api/registrant/registrant_api_contacts_test.rb

@@ -25,7 +25,7 @@ class RegistrantApiContactsTest < ApplicationIntegrationTest
     assert_equal(200, response.status)
 
     json_body = JSON.parse(response.body, symbolize_names: true)
-    assert_equal(5, json_body.count)
+    assert_equal(4, json_body.count)
     array_of_contact_codes = json_body.map { |x| x[:code] }
     assert(array_of_contact_codes.include?('william-001'))
     assert(array_of_contact_codes.include?('jane-001'))
@@ -39,7 +39,7 @@ class RegistrantApiContactsTest < ApplicationIntegrationTest
 
     get '/api/v1/registrant/contacts', {}, @auth_headers
     response_json = JSON.parse(response.body, symbolize_names: true)
-    assert_equal(5, response_json.count)
+    assert_equal(4, response_json.count)
   end
 
   def test_get_contact_details_by_uuid

test/integration/api/registrant/registrant_api_domains_test.rb

@@ -57,7 +57,7 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest
     get '/api/v1/registrant/domains', {}, @auth_headers
     response_json = JSON.parse(response.body, symbolize_names: true)
 
-    assert_equal(5, response_json.count)
+    assert_equal(4, response_json.count)
   end
 
   def test_root_does_not_accept_limit_higher_than_200

test/integration/api/registrant/registrant_api_registry_locks_test.rb

@@ -0,0 +1,131 @@
+require 'test_helper'
+require 'auth_token/auth_token_creator'
+
+class RegistrantApiRegistryLocksTest < ApplicationIntegrationTest
+  def setup
+    super
+
+    @original_registry_time = Setting.days_to_keep_business_registry_cache
+    Setting.days_to_keep_business_registry_cache = 1
+    travel_to Time.zone.parse('2010-07-05')
+
+    @user = users(:registrant)
+    @domain = domains(:airport)
+    @auth_headers = { 'HTTP_AUTHORIZATION' => auth_token }
+  end
+
+  def teardown
+    super
+
+    Setting.days_to_keep_business_registry_cache = @original_registry_time
+    travel_back
+  end
+
+  def test_can_lock_a_not_locked_domain
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+
+    @domain.reload
+    assert(@domain.locked_by_registrant?)
+  end
+
+  def test_locking_a_domain_creates_a_version_record
+    assert_difference '@domain.versions.count', 1 do
+      post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+           {}, @auth_headers
+    end
+
+    @domain.reload
+    assert_equal(@domain.updator, @user)
+  end
+
+  def test_cannot_lock_a_domain_in_pending_state
+    @domain.statuses << DomainStatus::PENDING_UPDATE
+    @domain.save
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_cannot_lock_an_already_locked_domain
+    @domain.apply_registry_lock
+    assert(@domain.locked_by_registrant?)
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_can_unlock_a_locked_domain
+    @domain.apply_registry_lock
+
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert(response_json[:statuses].include?(DomainStatus::OK))
+    @domain.reload
+    refute(@domain.locked_by_registrant?)
+  end
+
+  def test_cannot_unlock_a_not_locked_domain
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain is not locked'] }] }, response_json)
+  end
+
+  def test_returns_404_when_domain_is_not_found
+    post '/api/v1/registrant/domains/random-uuid/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(404, response.status)
+    assert_equal({ errors: [{ base: ['Domain not found'] }] }, response_json)
+  end
+
+  def test_technical_contact_cannot_lock_a_domain
+    post '/api/v1/registrant/domains/647bcc48-8d5e-4a04-8ce5-2a3cd17b6eab/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(401, response.status)
+    assert_equal({ errors: [{ base: ['Only administrative contacts can manage registry locks'] }] },
+                 response_json)
+  end
+
+  def test_registrant_can_lock_a_domain
+    post '/api/v1/registrant/domains/1b3ee442-e8fe-4922-9492-8fcb9dccc69c/registry_lock',
+         {}, @auth_headers
+
+    assert_equal(200, response.status)
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+  end
+
+  private
+
+  def auth_token
+    token_creator = AuthTokenCreator.create_with_defaults(@user)
+    hash = token_creator.token_in_hash
+    "Bearer #{hash[:access_token]}"
+  end
+end