zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 09:57:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

Refactor + tests

Browse source
This commit is contained in:
Martin Lensment 2015-05-20 13:49:34 +03:00
parent dc1ad9e6c5
commit 19e133ec6a
7 changed files with 37 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

13
app/controllers/epp/sessions_controller.rb
View file

@ -18,7 +18,7 @@ class Epp::SessionsController < EppController
@api_user = ApiUser.find_by(login_params) @api_user = ApiUser.find_by(login_params)
end end
if @api_user.try(:active) && cert_valid if @api_user.try(:active) && cert_valid && ip_white?
if parsed_frame.css('newPW').first if parsed_frame.css('newPW').first
unless @api_user.update(password: parsed_frame.css('newPW').first.text) unless @api_user.update(password: parsed_frame.css('newPW').first.text)
response.headers['X-EPP-Returncode'] = '2200' response.headers['X-EPP-Returncode'] = '2200'
@ -33,6 +33,17 @@ class Epp::SessionsController < EppController
render_epp_response('login_fail') render_epp_response('login_fail')
end end
end end
def ip_white?
if @api_user
unless @api_user.registrar.epp_ip_white?(request.ip)
@msg = t('ip_is_not_whitelisted')
return false
end
end
true
end
# rubocop: enable Metrics/PerceivedComplexity # rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity # rubocop: enable Metrics/CyclomaticComplexity

20
app/controllers/epp_controller.rb
View file

@ -80,11 +80,7 @@ class EppController < ApplicationController
end end
# VALIDATION # VALIDATION
# rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity
def validate_request def validate_request
handle_errors and return unless ip_white?
validation_method = "validate_#{params[:action]}" validation_method = "validate_#{params[:action]}"
return unless respond_to?(validation_method, true) return unless respond_to?(validation_method, true)
send(validation_method) send(validation_method)
@ -97,22 +93,6 @@ class EppController < ApplicationController
handle_errors and return if epp_errors.any? handle_errors and return if epp_errors.any?
end end
# rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity
def ip_white?
if current_user
unless current_user.registrar.epp_ip_white?(request.ip)
epp_errors << {
msg: t('ip_is_not_whitelisted'),
code: '2201'
}
return false
end
end
true
end
# let's follow grape's validations: https://github.com/intridea/grape/#parameter-validation-and-coercion # let's follow grape's validations: https://github.com/intridea/grape/#parameter-validation-and-coercion

2
app/views/epp/sessions/login_fail.xml.builder
View file

@ -1,7 +1,7 @@
xml.epp_head do xml.epp_head do
xml.response do xml.response do
xml.result('code' => '2501') do xml.result('code' => '2501') do
xml.msg('Authentication error; server closing connection') xml.msg(@msg || 'Authentication error; server closing connection')
end end
end end

13
spec/epp/session_spec.rb
View file

@ -39,6 +39,19 @@ describe 'EPP Session', epp: true do
response[:result_code].should == '2501' response[:result_code].should == '2501'
end end
it 'does not log in with ip that is not whitelisted' do
@registrar = Fabricate(:registrar,
{ name: 'registrar123', reg_no: '1234', white_ips: [Fabricate(:white_ip_repp), Fabricate(:white_ip_registrar)] }
)
Fabricate(:api_user, username: 'invalid-ip-user', registrar: @registrar)
inactive = @epp_xml.session.login(clID: { value: 'invalid-ip-user' }, pw: { value: 'ghyt9e4fu' })
response = epp_plain_request(inactive, :xml)
response[:msg].should == 'IP is not whitelisted'
response[:result_code].should == '2501'
end
it 'prohibits further actions unless logged in' do it 'prohibits further actions unless logged in' do
response = epp_plain_request(@epp_xml.domain.create, :xml) response = epp_plain_request(@epp_xml.domain.create, :xml)
response[:msg].should == 'You need to login first.' response[:msg].should == 'You need to login first.'

2
spec/fabricators/registrar_fabricator.rb
View file

@ -10,7 +10,7 @@ Fabricator(:registrar) do
code { sequence(:code) { |i| "REGISTRAR#{i}" } } code { sequence(:code) { |i| "REGISTRAR#{i}" } }
reference_no { sequence(:reference_no) { |i| "RF#{i}" } } reference_no { sequence(:reference_no) { |i| "RF#{i}" } }
accounts(count: 1) accounts(count: 1)
white_ips { [Fabricate(:white_ip_repp, ipv4: '127.0.0.1'), Fabricate(:white_ip, ipv4: '127.0.0.1')] } white_ips { [Fabricate(:white_ip)] }
end end
Fabricator(:registrar_with_no_account_activities, from: :registrar) do Fabricator(:registrar_with_no_account_activities, from: :registrar) do

10
spec/fabricators/white_ip_fabricator.rb
View file

@ -1,8 +1,16 @@
Fabricator(:white_ip) do Fabricator(:white_ip) do
ipv4 '127.0.0.1' ipv4 '127.0.0.1'
interface WhiteIp::EPP interface WhiteIp::GLOBAL
end end
Fabricator(:white_ip_repp, from: :white_ip) do Fabricator(:white_ip_repp, from: :white_ip) do
interface WhiteIp::REPP interface WhiteIp::REPP
end end
Fabricator(:white_ip_epp, from: :white_ip) do
interface WhiteIp::EPP
end
Fabricator(:white_ip_registrar, from: :white_ip) do
interface WhiteIp::REGISTRAR
end

2
spec/requests/v1/account_spec.rb
View file

@ -2,7 +2,7 @@ require 'rails_helper'
describe Repp::AccountV1 do describe Repp::AccountV1 do
it 'should fail without whitelisted IP' do it 'should fail without whitelisted IP' do
@registrar1 = Fabricate(:registrar, white_ips: [Fabricate(:white_ip)]) @registrar1 = Fabricate(:registrar, white_ips: [Fabricate(:white_ip_epp), Fabricate(:white_ip_registrar)])
@api_user = Fabricate(:api_user, registrar: @registrar1) @api_user = Fabricate(:api_user, registrar: @registrar1)
get_with_auth '/repp/v1/accounts/balance', {}, @api_user get_with_auth '/repp/v1/accounts/balance', {}, @api_user