From 7368d1d7563927a006c83bfbcdca04689d8951a0 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 27 Aug 2018 01:45:53 +0300 Subject: [PATCH 1/7] Return UTC date in EPP poll response Closes #948 --- app/views/epp/poll/poll_req.xml.builder | 2 +- test/fixtures/messages.yml | 6 ++++++ test/integration/epp/poll_test.rb | 26 ++++++++++++++++++++----- 3 files changed, 28 insertions(+), 6 deletions(-) diff --git a/app/views/epp/poll/poll_req.xml.builder b/app/views/epp/poll/poll_req.xml.builder index d5da707a6..9981e8be6 100644 --- a/app/views/epp/poll/poll_req.xml.builder +++ b/app/views/epp/poll/poll_req.xml.builder @@ -5,7 +5,7 @@ xml.epp_head do end xml.tag!('msgQ', 'count' => current_user.queued_messages.count, 'id' => @message.id) do - xml.qDate @message.created_at.try(:iso8601) + xml.qDate @message.created_at.utc.xmlschema xml.msg @message.body end diff --git a/test/fixtures/messages.yml b/test/fixtures/messages.yml index 47cbdd0f2..a60ee762e 100644 --- a/test/fixtures/messages.yml +++ b/test/fixtures/messages.yml @@ -2,3 +2,9 @@ greeting: body: Welcome! queued: true registrar: bestnames + +domain_deleted: + body: Your domain has been deleted + queued: true + registrar: bestnames + created_at: <%= Time.zone.parse('2010-07-05') %> \ No newline at end of file diff --git a/test/integration/epp/poll_test.rb b/test/integration/epp/poll_test.rb index 30ee5c769..5a9f0deec 100644 --- a/test/integration/epp/poll_test.rb +++ b/test/integration/epp/poll_test.rb @@ -1,11 +1,27 @@ require 'test_helper' class EppPollTest < ApplicationIntegrationTest - def test_messages - post '/epp/command/poll', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_bestnames' } - assert_equal '1301', Nokogiri::XML(response.body).at_css('result')[:code] - assert_equal 1, Nokogiri::XML(response.body).css('msgQ').size - assert_equal 1, Nokogiri::XML(response.body).css('result').size + # Deliberately does not conform to RFC5730, which requires the first message to be returned + def test_return_latest_message_when_queue_is_not_empty + message = messages(:domain_deleted) + + request_xml = <<-XML + + + + + + + XML + post '/epp/command/poll', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames' + response_xml = Nokogiri::XML(response.body) + + assert_equal 1301.to_s, response_xml.at_css('result')[:code] + assert_equal 1, response_xml.css('result').size + assert_equal 2.to_s, response_xml.at_css('msgQ')[:count] + assert_equal message.id.to_s, response_xml.at_css('msgQ')[:id] + assert_equal Time.zone.parse('2010-07-05').utc.xmlschema, response_xml.at_css('msgQ qDate').text + assert_equal 'Your domain has been deleted', response_xml.at_css('msgQ msg').text end def test_no_messages From 63ac18f0f391a31292657a2c95a4ab882c6f8277 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Mon, 3 Sep 2018 18:02:22 +0300 Subject: [PATCH 2/7] Changelog update 180904 --- CHANGELOG.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 44b66ef4e..f5f39a382 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,22 @@ +04.09.2018 +* New registrant portal API [#902](https://github.com/internetee/registry/issues/902) +* Registry lock in Registrant API [#927](https://github.com/internetee/registry/issues/927) +* Password encryption for EPP [#914](https://github.com/internetee/registry/issues/914) +* Registrar: 0 amount invoices invalidated [#651](https://github.com/internetee/registry/issues/651) +* Ruby upgrade to 2.4 [#938](https://github.com/internetee/registry/issues/938) +* Admin: removig deleteCandidate status removes Que job as well [#790](https://github.com/internetee/registry/issues/790) +* Admin: Cancel force delete no possible with deleteCandidate status set [#791](https://github.com/internetee/registry/issues/791) +* Contact tests added [#930](https://github.com/internetee/registry/issues/930) +* Change test structure [#924](https://github.com/internetee/registry/issues/924) +* Grape gem update to 1.1.0 (CVE-2018-3769) [#934](https://github.com/internetee/registry/pull/934) +* Remove changelog from codeclimate analysis [#961](https://github.com/internetee/registry/issues/961) +* Remove dead code [#925](https://github.com/internetee/registry/issues/925) +* Quote value in fixture [#937](https://github.com/internetee/registry/issues/937) +* Generate CSS class for every action [#939](https://github.com/internetee/registry/issues/939) +* Add TaskTestCase [#941](https://github.com/internetee/registry/issues/941) +* Set NOT NULL constraint for contact.email field [#936](https://github.com/internetee/registry/issues/936) +* Remove duplicate fixture [#946](https://github.com/internetee/registry/issues/946) + 26.07.2018 * Grape (1.0.3), mustermann (1.0.2), multi_json (1.13.1) gem updates [#912](https://github.com/internetee/registry/issues/912) * Capybara (3.3.1), mini_mime (0.1.3), nokogiri (1.8), rack (1.6.0), xpath (3.1) gem updates [#980](https://github.com/internetee/registry/issues/908) From f0473825e4472b11692e06375968d0d8b4d2d048 Mon Sep 17 00:00:00 2001 From: Maciej Szlosarczyk Date: Mon, 3 Sep 2018 19:08:14 +0300 Subject: [PATCH 3/7] Make whois JSON test order independent The test relied on nameservers being inserted in specific order. For whatever reason, that order can change, but it does not make the record invalid. [ns1.google.com, ns2.google.com] is semantically equal to [ns2.google.com, ns1.google.com] --- test/models/whois_record_test.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/test/models/whois_record_test.rb b/test/models/whois_record_test.rb index 438ee9cc4..e86deafd9 100644 --- a/test/models/whois_record_test.rb +++ b/test/models/whois_record_test.rb @@ -22,7 +22,6 @@ class WhoisRecordTest < ActiveSupport::TestCase registrant_kind: 'priv', email: 'john@inbox.test', expire: '2010-07-05', - nameservers: ['ns1.bestnames.test', 'ns2.bestnames.test'], registrar_address: 'Main Street, New York, New York, 12345', dnssec_keys: [], } @@ -30,6 +29,10 @@ class WhoisRecordTest < ActiveSupport::TestCase expected_partial_hash.each do |key, value| assert_equal(value, @record.generated_json[key]) end + + ['ns1.bestnames.test', 'ns2.bestnames.test'].each do |item| + assert(@record.generated_json[:nameservers].include?(item)) + end end def test_generated_body_has_justified_disclaimer From 840b6da1be52e9be93d6400396a2120bf3d51653 Mon Sep 17 00:00:00 2001 From: Maciej Szlosarczyk Date: Thu, 6 Sep 2018 11:54:06 +0300 Subject: [PATCH 4/7] Change callback method to fix 401 reported by a user --- app/controllers/registrant/domain_delete_confirms_controller.rb | 2 +- app/controllers/registrant/domain_update_confirms_controller.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/registrant/domain_delete_confirms_controller.rb b/app/controllers/registrant/domain_delete_confirms_controller.rb index d6e4666c7..59492fefb 100644 --- a/app/controllers/registrant/domain_delete_confirms_controller.rb +++ b/app/controllers/registrant/domain_delete_confirms_controller.rb @@ -1,5 +1,5 @@ class Registrant::DomainDeleteConfirmsController < RegistrantController - skip_before_action :authenticate_user!, only: [:show, :update] + skip_before_action :authenticate_registrant_user!, only: [:show, :update] skip_authorization_check only: [:show, :update] def show diff --git a/app/controllers/registrant/domain_update_confirms_controller.rb b/app/controllers/registrant/domain_update_confirms_controller.rb index 413ac43ff..d0bc1e7a1 100644 --- a/app/controllers/registrant/domain_update_confirms_controller.rb +++ b/app/controllers/registrant/domain_update_confirms_controller.rb @@ -1,5 +1,5 @@ class Registrant::DomainUpdateConfirmsController < RegistrantController - skip_before_action :authenticate_user!, only: %i[show update] + skip_before_action :authenticate_registrant_user!, only: %i[show update] skip_authorization_check only: %i[show update] def show From 087f890a256c075ece1bfd78cc055f1689785df8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Thu, 6 Sep 2018 12:13:38 +0300 Subject: [PATCH 5/7] Changelog update 180906 --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f5f39a382..a2dd4e76a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +06.09.2018 +* Bug: registrant confirmation does not require authentication any more [#969](https://github.com/internetee/registry/issues/969) +* Whois JSON tests order independent [#965](https://github.com/internetee/registry/issues/965) + 04.09.2018 * New registrant portal API [#902](https://github.com/internetee/registry/issues/902) * Registry lock in Registrant API [#927](https://github.com/internetee/registry/issues/927) From 0fef419799b2aeee805f917b81a6b1804fc8da90 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 12 Sep 2018 13:55:22 +0300 Subject: [PATCH 6/7] Fix redirection after sign-in Closes #973 --- app/controllers/registrar/sessions_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index 8f4db9fdd..991d5cbed 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -115,7 +115,7 @@ class Registrar sign_in(:registrar_user, @user) flash[:notice] = t(:welcome) flash.keep(:notice) - render js: "window.location = '#{registrar_root_url}'" + render js: "window.location = '#{after_sign_in_path_for(@user)}'" when 'NOT_VALID' render json: { message: t(:user_signature_is_invalid) }, status: :bad_request when 'EXPIRED_TRANSACTION' From 6f4fe945855bfb450ce9faeddaa75bf040290d6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Wed, 12 Sep 2018 14:33:19 +0300 Subject: [PATCH 7/7] Changelog update 180912 --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a2dd4e76a..7ed78ec6f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +12.09.2018 +* Bug: user with billing access only can now login to the portal for Regsitrars [#973](https://github.com/internetee/registry/issues/973) + 06.09.2018 * Bug: registrant confirmation does not require authentication any more [#969](https://github.com/internetee/registry/issues/969) * Whois JSON tests order independent [#965](https://github.com/internetee/registry/issues/965)