From 1996ff725eb0f75939c96cee7de56d25b8b2d53a Mon Sep 17 00:00:00 2001
From: Martin Lensment <mlensment@gmail.com>
Date: Fri, 2 Jan 2015 18:14:58 +0200
Subject: [PATCH] Require legal doc on domain delete

---
 app/helpers/epp/domains_helper.rb |  8 +++-----
 spec/epp/domain_spec.rb           | 32 +++++++++++++++++++++++++++++--
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/app/helpers/epp/domains_helper.rb b/app/helpers/epp/domains_helper.rb
index 6d0ef712c..d61dafae3 100644
--- a/app/helpers/epp/domains_helper.rb
+++ b/app/helpers/epp/domains_helper.rb
@@ -174,8 +174,7 @@ module Epp::DomainsHelper
 
   ## DELETE
   def validate_domain_delete_request
-    @ph = params_hash['epp']['command']['delete']['delete']
-    xml_attrs_present?(@ph, [['name']])
+    epp_request_valid?('name', 'legalDocument')
   end
 
   ## SHARED
@@ -192,14 +191,13 @@ module Epp::DomainsHelper
       return nil
     end
 
-    @ph[:authInfo] ||= {}
-    return domain if domain.auth_info == @ph[:authInfo][:pw]
+    return domain if domain.auth_info == parsed_frame.css('authInfo pw').text
 
     if (domain.registrar != current_epp_user.registrar && secure[:secure] == true) &&
       epp_errors << {
         code: '2302',
         msg: I18n.t('errors.messages.domain_exists_but_belongs_to_other_registrar'),
-        value: { obj: 'name', val: @ph[:name].strip.downcase }
+        value: { obj: 'name', val: parsed_frame.css('name').text.strip.downcase }
       }
       return nil
     end
diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb
index a9eb59555..e714d17bd 100644
--- a/spec/epp/domain_spec.rb
+++ b/spec/epp/domain_spec.rb
@@ -1191,7 +1191,18 @@ describe 'EPP Domain', epp: true do
 
       it 'deletes domain' do
         expect(DomainContact.count).to eq(2)
-        response = epp_request(epp_xml.domain.delete(name: { value: 'example.ee' }), :xml)
+
+        response = epp_request(epp_xml.domain.delete({
+          name: { value: 'example.ee' }
+        }, {
+          _anonymus: [
+            legalDocument: {
+              value: 'JVBERi0xLjQKJcOkw7zDtsOfCjIgMCBvYmoKPDwvTGVuZ3RoIDMgMCBSL0Zp==',
+              attrs: { type: 'pdf' }
+            }
+          ]
+        }), :xml)
+
         expect(response[:result_code]).to eq('1000')
 
         expect(Domain.first).to eq(nil)
@@ -1201,10 +1212,27 @@ describe 'EPP Domain', epp: true do
       it 'does not delete domain with specific status' do
         d = Domain.first
         d.domain_statuses.create(value: DomainStatus::CLIENT_DELETE_PROHIBITED)
-        response = epp_request(epp_xml.domain.delete(name: { value: 'example.ee' }), :xml)
+
+        response = epp_request(epp_xml.domain.delete({
+          name: { value: 'example.ee' }
+        }, {
+          _anonymus: [
+            legalDocument: {
+              value: 'JVBERi0xLjQKJcOkw7zDtsOfCjIgMCBvYmoKPDwvTGVuZ3RoIDMgMCBSL0Zp==',
+              attrs: { type: 'pdf' }
+            }
+          ]
+        }), :xml)
+
         expect(response[:result_code]).to eq('2304')
         expect(response[:msg]).to eq('Domain status prohibits operation')
       end
+
+      it 'does not delete domain without legal document' do
+        response = epp_request(epp_xml.domain.delete(name: { value: 'example.ee' }), :xml)
+        expect(response[:result_code]).to eq('2003')
+        expect(response[:msg]).to eq('Required parameter missing: legalDocument')
+      end
     end
 
     it 'checks a domain' do