Merge remote-tracking branch 'origin/master' into directo-requests-one-by-one

2025-08-03 16:32:04 +02:00 · 2020-09-03 13:48:25 +03:00 · 2020-09-03 13:48:25 +03:00 · 1f49a7411d
commit 1f49a7411d
parent 732afd8cbf bfa60a9c17
21 changed files with 235 additions and 36 deletions
--- a/app/controllers/epp/base_controller.rb
+++ b/app/controllers/epp/base_controller.rb
@ -10,7 +10,8 @@ module Epp
    before_action :latin_only
    before_action :validate_against_schema
    before_action :validate_request
-    before_action :update_epp_session, if: -> { signed_in? }
+    before_action :enforce_epp_session_timeout, if: :signed_in?
+    before_action :iptables_counter_update, if: :signed_in?

    around_action :wrap_exceptions

@ -349,32 +350,22 @@ module Epp
      raise 'EPP session id is empty' unless epp_session_id.present?
    end

-    def update_epp_session
-      iptables_counter_update
-
-      if session_timeout_reached?
-        @api_user = current_user # cache current_user for logging
-        epp_session.destroy
-
+    def enforce_epp_session_timeout
+      if epp_session.timed_out?
        epp_errors << {
-          msg: t('session_timeout'),
-          code: '2201'
+          code: '2201',
+          msg: 'Authorization error: Session timeout',
        }
-
-        handle_errors and return
+        handle_errors
+        epp_session.destroy!
      else
-        epp_session.update_column(:updated_at, Time.zone.now)
+        epp_session.update_last_access
      end
    end

-    def session_timeout_reached?
-      timeout = 5.minutes
-      epp_session.updated_at < (Time.zone.now - timeout)
-    end
-
    def iptables_counter_update
      return if ENV['iptables_counter_enabled'].blank? && ENV['iptables_counter_enabled'] != 'true'
-      return if current_user.blank?
+
      counter_update(current_user.registrar_code, ENV['iptables_server_ip'])
    end

--- a/app/models/contact.rb
+++ b/app/models/contact.rb
@ -21,8 +21,6 @@ class Contact < ApplicationRecord
  alias_attribute :kind, :ident_type
  alias_attribute :copy_from_id, :original_id # Old attribute name; for PaperTrail

-  accepts_nested_attributes_for :legal_documents
-
  scope :email_verification_failed, lambda {
    joins('LEFT JOIN email_address_verifications emv ON contacts.email = emv.email')
      .where('success = false and verified_at IS NOT NULL')
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@ -55,7 +55,6 @@ class Domain < ApplicationRecord
  accepts_nested_attributes_for :dnskeys, allow_destroy: true

  has_many :legal_documents, as: :documentable
-  accepts_nested_attributes_for :legal_documents, reject_if: proc { |attrs| attrs[:body].blank? }
  has_many :registrant_verifications, dependent: :destroy

  after_initialize do
--- a/app/models/epp/expired_sessions.rb
+++ b/app/models/epp/expired_sessions.rb
@ -0,0 +1,13 @@
+module Epp
+  class ExpiredSessions
+    attr_reader :sessions
+
+    def initialize(sessions)
+      @sessions = sessions
+    end
+
+    def clear
+      sessions.find_each(&:destroy!)
+    end
+  end
+end
--- a/app/models/epp_session.rb
+++ b/app/models/epp_session.rb
@ -3,6 +3,11 @@ class EppSession < ApplicationRecord

  validates :session_id, uniqueness: true, presence: true

+  class_attribute :timeout
+  self.timeout = (ENV['epp_session_timeout_seconds'] || 300).to_i.seconds
+
+  alias_attribute :last_access, :updated_at
+
  def self.limit_per_registrar
    4
  end
@ -11,4 +16,21 @@ class EppSession < ApplicationRecord
    count = where(user_id: registrar.api_users.ids).where('updated_at >= ?', Time.zone.now - 1.second).count
    count >= limit_per_registrar
  end
+
+  def self.expired
+    interval = "#{timeout.parts.first.second} #{timeout.parts.first.first}"
+    where(':now > (updated_at + interval :interval)', now: Time.zone.now, interval: interval)
+  end
+
+  def update_last_access
+    touch
+  end
+
+  def timed_out?
+    (updated_at + self.class.timeout).past?
+  end
+
+  def expired?
+    timed_out?
+  end
 end
--- a/app/models/legal_document.rb
+++ b/app/models/legal_document.rb
@ -1,5 +1,4 @@
 class LegalDocument < ApplicationRecord
-  cattr_accessor :explicitly_write_file
  include EppErrors
  MIN_BODY_SIZE = (1.37 * 3.kilobytes).ceil

@ -44,7 +43,7 @@ class LegalDocument < ApplicationRecord
        break unless File.file?(path)
    end

-    File.open(path, 'wb') { |f| f.write(binary) } if !Rails.env.test? || self.class.explicitly_write_file
+    File.open(path, 'wb') { |f| f.write(binary) } unless Rails.env.test?
    self.path = path
    self.checksum = digest
  end