From 15f9b4ae504f5ebbc9d31ff036273189b6c79d62 Mon Sep 17 00:00:00 2001
From: Priit Tark <priit@gitlab.eu>
Date: Wed, 1 Apr 2015 11:52:53 +0300
Subject: [PATCH] Contact info request will return auth error when pw is
 incorrect

---
 app/models/ability.rb    | 6 ++++--
 spec/epp/contact_spec.rb | 6 +++---
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/app/models/ability.rb b/app/models/ability.rb
index 78d858cdf..f86984d14 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -18,6 +18,7 @@ class Ability
   end
 
   # rubocop: disable Metrics/CyclomaticComplexity
+  # rubocop: disable Metrics/PerceivedComplexity
   def epp
     # Epp::Domain
     can(:info,     Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
@@ -28,7 +29,7 @@ class Ability
     can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw }
 
     # Epp::Contact
-    can(:info, Epp::Contact)
+    can(:info, Epp::Contact)           { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
     can(:view_full_info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
     can(:check,  Epp::Contact)
     can(:create, Epp::Contact)
@@ -37,7 +38,8 @@ class Ability
     can(:renew,  Epp::Contact)
     can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
   end
-  # rubocop: enabled Metrics/CyclomaticComplexity
+  # rubocop: enable Metrics/CyclomaticComplexity
+  # rubocop: enable Metrics/PerceivedComplexity
 
   def registrar
     can :manage, Invoice
diff --git a/spec/epp/contact_spec.rb b/spec/epp/contact_spec.rb
index ea8bdafa0..6c268818a 100644
--- a/spec/epp/contact_spec.rb
+++ b/spec/epp/contact_spec.rb
@@ -534,11 +534,11 @@ describe 'EPP Contact', epp: true do
         end
       end
 
-      it 'returns no authorization error for wrong user and wrong pw' do
+      it 'returns authorization error for wrong user and wrong pw' do
         login_as :registrar2 do
           response = info_request({ authInfo: { pw: { value: 'wrong-pw' } } })
-          response[:msg].should == 'Command completed successfully'
-          response[:result_code].should == '1000'
+          response[:msg].should == 'Authorization error'
+          response[:result_code].should == '2201'
           response[:results].count.should == 1
 
           contact = response[:parsed].css('resData infData')