Merge remote-tracking branch 'origin/master' into 1828-send-poll-message-to-registrant-on-applying-and-removing-registry-lock

2025-07-24 11:38:30 +02:00 · 2021-02-10 15:49:34 +02:00 · 2021-02-10 15:49:34 +02:00 · 0bc86229e2
commit 0bc86229e2
parent 3fcaaaee46 2e582283a5
43 changed files with 1079 additions and 17 deletions
--- a/app/controllers/api/v1/base_controller.rb
+++ b/app/controllers/api/v1/base_controller.rb
@ -11,7 +11,7 @@ module Api
      end

      def authenticate_shared_key
-        api_key = "Basic #{ENV['api_shared_key']}"
+        api_key = "Basic #{ENV['rwhois_internal_api_shared_key']}"
        head(:unauthorized) unless api_key == request.authorization
      end

--- a/app/controllers/api/v1/bounces_controller.rb
+++ b/app/controllers/api/v1/bounces_controller.rb
@ -1,7 +1,7 @@
 module Api
  module V1
    class BouncesController < BaseController
-      before_action :authenticate_shared_key
+      before_action :validate_shared_key_integrity

      # POST api/v1/bounces/
      def create
@ -20,6 +20,13 @@ module Api

        params.require(:data)
      end
+
+      private
+
+      def validate_shared_key_integrity
+        api_key = "Basic #{ENV['rwhois_bounces_api_shared_key']}"
+        head(:unauthorized) unless api_key == request.authorization
+      end
    end
  end
 end
--- a/app/controllers/api/v1/contact_requests_controller.rb
+++ b/app/controllers/api/v1/contact_requests_controller.rb
@ -0,0 +1,37 @@
+module Api
+  module V1
+    class ContactRequestsController < BaseController
+      before_action :authenticate_shared_key
+
+      # POST api/v1/contact_requests/
+      def create
+        return head(:bad_request) if contact_request_params[:email].blank?
+
+        contact_request = ContactRequest.save_record(contact_request_params)
+        render json: contact_request, status: :created
+      rescue StandardError
+        head(:bad_request)
+      end
+
+      def update
+        return head(:bad_request) if params[:id].blank?
+
+        process_id(params[:id])
+      end
+
+      def process_id(id)
+        record = ContactRequest.find_by(id: id)
+        return :not_found unless record
+
+        record.update_status(contact_request_params)
+        render json: record, status: :ok
+      rescue StandardError
+        head :bad_request
+      end
+
+      def contact_request_params
+        params.require(:contact_request).permit(:email, :whois_record_id, :name, :status, :ip)
+      end
+    end
+  end
+end
--- a/app/models/bounced_mail_address.rb
+++ b/app/models/bounced_mail_address.rb
@ -1,5 +1,6 @@
 class BouncedMailAddress < ApplicationRecord
  validates :email, :message_id, :bounce_type, :bounce_subtype, :action, :status, presence: true
+  after_destroy :destroy_aws_suppression

  def bounce_reason
    "#{action} (#{status} #{diagnostic})"
@ -25,4 +26,20 @@ class BouncedMailAddress < ApplicationRecord
      diagnostic: bounced_record['diagnosticCode'],
    }
  end
+
+  def destroy_aws_suppression
+    return unless BouncedMailAddress.ses_configured?
+
+    res = Aws::SESV2::Client.new.delete_suppressed_destination(email_address: email)
+    res.successful?
+  rescue Aws::SESV2::Errors::ServiceError => e
+    logger.warn("Suppression not removed. #{e}")
+  end
+
+  def self.ses_configured?
+    ses ||= Aws::SESV2::Client.new
+    ses.config.credentials.access_key_id.present?
+  rescue Aws::Errors::MissingRegionError
+    false
+  end
 end
--- a/app/models/concerns/domain/bulk_updatable.rb
+++ b/app/models/concerns/domain/bulk_updatable.rb
@ -0,0 +1,17 @@
+module Concerns
+  module Domain
+    module BulkUpdatable
+      extend ActiveSupport::Concern
+
+      def bulk_update_prohibited?
+        discarded? || statuses_blocks_update?
+      end
+
+      def statuses_blocks_update?
+        prohibited_array = [DomainStatus::SERVER_UPDATE_PROHIBITED,
+                            DomainStatus::CLIENT_UPDATE_PROHIBITED]
+        prohibited_array.any? { |block_status| statuses.include?(block_status) }
+      end
+    end
+  end
+end
--- a/app/models/contact_request.rb
+++ b/app/models/contact_request.rb
@ -0,0 +1,40 @@
+class ContactRequest < ApplicationRecord
+  establish_connection :"whois_#{Rails.env}"
+  self.table_name = 'contact_requests'
+
+  STATUS_NEW       = 'new'.freeze
+  STATUS_CONFIRMED = 'confirmed'.freeze
+  STATUS_SENT      = 'sent'.freeze
+  STATUSES         = [STATUS_NEW, STATUS_CONFIRMED, STATUS_SENT].freeze
+
+  validates :whois_record_id, presence: true
+  validates :email, presence: true
+  validates :name, presence: true
+  validates :status, inclusion: { in: STATUSES }
+
+  attr_readonly :secret,
+                :valid_to
+
+  def self.save_record(params)
+    contact_request = new(params)
+    contact_request.secret = create_random_secret
+    contact_request.valid_to = set_valid_to_24_hours_from_now
+    contact_request.status = STATUS_NEW
+    contact_request.save!
+    contact_request
+  end
+
+  def update_status(params)
+    self.status = params['status']
+    self.ip_address = params['ip']
+    save!
+  end
+
+  def self.create_random_secret
+    SecureRandom.hex(64)
+  end
+
+  def self.set_valid_to_24_hours_from_now
+    (Time.zone.now + 24.hours)
+  end
+end
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@ -10,6 +10,7 @@ class Domain < ApplicationRecord
  include Concerns::Domain::RegistryLockable
  include Concerns::Domain::Releasable
  include Concerns::Domain::Disputable
+  include Concerns::Domain::BulkUpdatable

  attr_accessor :roles

--- a/app/models/tech_domain_contact.rb
+++ b/app/models/tech_domain_contact.rb
@ -6,7 +6,7 @@ class TechDomainContact < DomainContact
    tech_contacts = where(contact: current_contact)

    tech_contacts.each do |tech_contact|
-      if tech_contact.domain.discarded?
+      if tech_contact.domain.bulk_update_prohibited?
        skipped_domains << tech_contact.domain.name
        next
      end
@ -18,7 +18,6 @@ class TechDomainContact < DomainContact
        skipped_domains << tech_contact.domain.name
      end
    end
-
    [affected_domains.sort, skipped_domains.sort]
  end
 end
--- a/app/models/white_ip.rb
+++ b/app/models/white_ip.rb
@ -4,8 +4,13 @@ class WhiteIp < ApplicationRecord

  validate :valid_ipv4?
  validate :valid_ipv6?
-
  validate :validate_ipv4_and_ipv6
+  before_save :normalize_blank_values
+
+  def normalize_blank_values
+    %i[ipv4 ipv6].each { |c| self[c].present? || self[c] = nil }
+  end
+
  def validate_ipv4_and_ipv6
    return if ipv4.present? || ipv6.present?
    errors.add(:base, I18n.t(:ipv4_or_ipv6_must_be_present))
@ -50,10 +55,10 @@ class WhiteIp < ApplicationRecord
    def ids_including(ip)
      ipv4 = ipv6 = []
      if check_ip4(ip).present?
-        ipv4 = select { |white_ip| IPAddr.new(white_ip.ipv4, Socket::AF_INET) === check_ip4(ip) }
+        ipv4 = select { |white_ip| check_ip4(white_ip.ipv4) === check_ip4(ip) }
      end
      if check_ip6(ip).present?
-        ipv6 = select { |white_ip| IPAddr.new(white_ip.ipv6, Socket::AF_INET6) === check_ip6(ip) }
+        ipv6 = select { |white_ip| check_ip6(white_ip.ipv6) === check_ip6(ip) }
      end
      (ipv4 + ipv6).pluck(:id).flatten.uniq
    end
--- a/app/views/admin/repp_logs/show.haml
+++ b/app/views/admin/repp_logs/show.haml
@ -1,6 +1,6 @@
 - content_for :actions do
  = link_to(t(:back), :back, class: 'btn btn-primary')
-= render 'shared/title', name: t(:repp_log)
+= render 'shared/title', name: t('.title')

 .row
  .col-md-12