Merge remote-tracking branch 'origin/master' into fix-registrant-contact-view

app/controllers/admin/bank_statements_controller.rb

@@ -60,7 +60,7 @@ module Admin
     end
 
     def bind_invoices
-      @bank_statement.bind_invoices
+      @bank_statement.bind_invoices(manual: true)
 
       flash[:notice] = t('invoices_were_fully_binded') if @bank_statement.fully_binded?
       flash[:warning] = t('invoices_were_partially_binded') if @bank_statement.partially_binded?

app/controllers/admin/bank_transactions_controller.rb

@@ -34,7 +34,7 @@ module Admin
     end
 
     def bind
-      if @bank_transaction.bind_invoice(params[:invoice_no])
+      if @bank_transaction.bind_invoice(params[:invoice_no], manual: true)
         flash[:notice] = I18n.t('record_created')
         redirect_to [:admin, @bank_transaction]
       else

app/controllers/admin/zonefiles_controller.rb

@@ -13,7 +13,7 @@ module Admin
         send_data @zonefile, filename: "#{params[:origin]}.txt"
       else
         flash[:alert] = 'Origin not supported'
-        redirect_to :back
+        redirect_back(fallback_location: root_path)
       end
     end
   end

app/controllers/application_controller.rb

@@ -1,5 +1,6 @@
 class ApplicationController < ActionController::Base
   check_authorization unless: :devise_controller?
+  before_action :set_paper_trail_whodunnit
 
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
@@ -32,4 +33,4 @@ class ApplicationController < ActionController::Base
   def available_languages
     { en: 'English', et: 'Estonian' }.invert
   end
-end
+end

app/controllers/epp/base_controller.rb

@@ -10,7 +10,7 @@ module Epp
     before_action :latin_only
     before_action :validate_against_schema
     before_action :validate_request
-    before_action :update_epp_session, if: 'signed_in?'
+    before_action :update_epp_session, if: -> { signed_in? }
 
     around_action :wrap_exceptions
 

app/controllers/epp/domains_controller.rb

@@ -2,6 +2,7 @@ module Epp
   class DomainsController < BaseController
     before_action :find_domain, only: %i[info renew update transfer delete]
     before_action :find_password, only: %i[info update transfer delete]
+    before_action :set_paper_trail_whodunnit
 
     def info
       authorize! :info, @domain

app/controllers/epp/sessions_controller.rb

@@ -1,6 +1,7 @@
 module Epp
   class SessionsController < BaseController
     skip_authorization_check only: [:hello, :login, :logout]
+    before_action :set_paper_trail_whodunnit
 
     def hello
       render_epp_response('greeting')

app/controllers/registrar/contacts_controller.rb

@@ -17,12 +17,13 @@ class Registrar
         search_params[:registrant_domains_id_not_null] = 1
       end
 
-      if params[:statuses_contains]
-        contacts = current_registrar_user.registrar.contacts.includes(:registrar).where(
-          "contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
-        )
-      else
-        contacts = current_registrar_user.registrar.contacts.includes(:registrar)
+      contacts = current_registrar_user.registrar.contacts.includes(:registrar)
+      status_list = params[:statuses_contains]
+
+      if status_list
+        contacts_ids = contacts.select { |c| (c.statuses & status_list.to_a) == status_list.to_a }
+                               .map(&:id)
+        contacts = contacts.where(id: contacts_ids)
       end
 
       normalize_search_parameters do

app/controllers/registrar/current_user_controller.rb

@@ -6,7 +6,7 @@ class Registrar
       raise 'Cannot switch to unlinked user' unless current_registrar_user.linked_with?(new_user)
 
       sign_in(:registrar_user, new_user)
-      redirect_to :back, notice: t('.switched', new_user: new_user)
+      redirect_back(fallback_location: root_path, notice: t('.switched', new_user: new_user))
     end
 
     private

app/controllers/registrar/domains_controller.rb

@@ -59,6 +59,7 @@ class Registrar
     def info
       authorize! :info, Depp::Domain
       @data = @domain.info(params[:domain_name]) if params[:domain_name]
+      @client_holded = client_holded(@data)
       if response_ok?
         render 'info'
       else
@@ -85,7 +86,7 @@ class Registrar
 
     def create
       authorize! :create, Depp::Domain
-      @domain_params = params[:domain]
+      @domain_params = domain_params.to_h
       @data = @domain.create(@domain_params)
 
       if response_ok?
@@ -153,12 +154,26 @@ class Registrar
       render json: scope.pluck(:name, :code).map { |c| { display_key: "#{c.second} #{c.first}", value: c.second } }
     end
 
+    def remove_hold
+      authorize! :remove_hold, Depp::Domain
+      return unless params[:domain_name]
+
+      @data = @domain.remove_hold(params)
+
+      flash[:alert] = @data.css('msg').text unless response_ok?
+      redirect_to info_registrar_domains_url(domain_name: params[:domain_name])
+    end
+
     private
 
     def init_domain
       @domain = Depp::Domain.new(current_user: depp_current_user)
     end
 
+    def client_holded(data)
+      data.css('status')&.map { |element| element.attribute('s').value }
+         &.any? { |status| status == DomainStatus::CLIENT_HOLD }
+    end
 
     def contacts
       current_registrar_user.registrar.contacts
@@ -187,5 +202,12 @@ class Registrar
                                   :valid_to_lteq,
                                   :s)
     end
+
+    def domain_params
+      params.require(:domain).permit(:name, :period, :registrant, :registrant_helper, :reserved_pw,
+                                     :verified, :legal_document, contacts_attributes: {},
+                                                                 nameservers_attributes: {},
+                                                                 dnskeys_attributes: {})
+    end
   end
 end

app/controllers/registrar/payments_controller.rb

@@ -5,50 +5,51 @@ class Registrar
     skip_authorization_check # actually anyone can pay, no problems at all
     skip_before_action :authenticate_registrar_user!, :check_ip_restriction,
                        only: [:back, :callback]
-    before_action :check_supported_payment_method
+
+    before_action :check_supported_payment_method, only: [:pay]
 
     def pay
       invoice = Invoice.find(params[:invoice_id])
-      bank = params[:bank]
-      opts = {
-        return_url: registrar_return_payment_with_url(
-          bank, invoice_id: invoice
-        ),
-        response_url: registrar_response_payment_with_url(
-          bank, invoice_id: invoice
-        )
-      }
-      @payment = ::PaymentOrders.create_with_type(bank, invoice, opts)
-      @payment.create_transaction
+      channel = params[:bank]
+
+      @payment_order = PaymentOrder.new_with_type(type: channel, invoice: invoice)
+      @payment_order.save
+      @payment_order.reload
+
+      @payment_order.return_url = registrar_return_payment_with_url(@payment_order)
+      @payment_order.response_url = registrar_response_payment_with_url(@payment_order)
+
+      @payment_order.save
+      @payment_order.reload
     end
 
     def back
-      invoice = Invoice.find(params[:invoice_id])
-      opts = { response: params }
-      @payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
-      if @payment.valid_response_from_intermediary? && @payment.settled_payment?
-        Rails.logger.info("User paid invoice ##{invoice.number} successfully")
+      @payment_order = PaymentOrder.find_by!(id: params[:payment_order])
+      @payment_order.update!(response: params.to_unsafe_h)
 
-        @payment.complete_transaction
+      if @payment_order.payment_received?
+        @payment_order.complete_transaction
 
-        if invoice.paid?
-          flash[:notice] = t(:pending_applied)
+        if @payment_order.invoice.paid?
+          flash[:notice] = t('.payment_successful')
         else
-          flash[:alert] = t(:something_wrong)
+          flash[:alert] = t('.successful_payment_backend_error')
         end
       else
-        flash[:alert] = t(:something_wrong)
+        @payment_order.create_failure_report
+        flash[:alert] = t('.payment_not_received')
       end
-      redirect_to registrar_invoice_path(invoice)
+      redirect_to registrar_invoice_path(@payment_order.invoice)
     end
 
     def callback
-      invoice = Invoice.find(params[:invoice_id])
-      opts = { response: params }
-      @payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
+      @payment_order = PaymentOrder.find_by!(id: params[:payment_order])
+      @payment_order.update!(response: params.to_unsafe_h)
 
-      if @payment.valid_response_from_intermediary? && @payment.settled_payment?
-        @payment.complete_transaction
+      if @payment_order.payment_received?
+        @payment_order.complete_transaction
+      else
+        @payment_order.create_failure_report
       end
 
       render status: 200, json: { status: 'ok' }
@@ -57,13 +58,9 @@ class Registrar
     private
 
     def check_supported_payment_method
-      return if supported_payment_method?
-      raise StandardError.new("Not supported payment method")
-    end
+      return if PaymentOrder.supported_method?(params[:bank], shortname: true)
 
-
-    def supported_payment_method?
-      PaymentOrders::PAYMENT_METHODS.include?(params[:bank])
+      raise(StandardError, 'Not supported payment method')
     end
   end
 end