From 218caa892e68841935d43e69a1f9070b8d667720 Mon Sep 17 00:00:00 2001
From: Martin Lensment <mlensment@gmail.com>
Date: Mon, 9 Mar 2015 14:43:31 +0200
Subject: [PATCH] Remove dsData with keys option

---
 app/models/epp/epp_domain.rb            | 22 ++++++++----
 config/initializers/initial_settings.rb |  3 +-
 spec/epp/domain_spec.rb                 | 46 ++++++++++++-------------
 3 files changed, 39 insertions(+), 32 deletions(-)

diff --git a/app/models/epp/epp_domain.rb b/app/models/epp/epp_domain.rb
index 50a1fb5ad..a506e0545 100644
--- a/app/models/epp/epp_domain.rb
+++ b/app/models/epp/epp_domain.rb
@@ -146,7 +146,7 @@ class Epp::EppDomain < Domain
   def domain_contact_list_from(frame)
     res = []
     frame.css('contact').each do |x|
-      c = Contact.find_by(code: x.text).try(:id)
+      c = Contact.find_by(code: x.text)
 
         #       contact = Contact.find_by(code: x[:contact])
         # unless contact
@@ -154,16 +154,16 @@ class Epp::EppDomain < Domain
         #   next
         # end
 
-        # if k == :admin && contact.bic?
-        #   add_epp_error('2306', 'contact', x[:contact], [:domain_contacts, :admin_contact_can_be_only_citizen])
-        #   next
-        # end
-
       unless c
         add_epp_error('2303', 'contact', x.text, [:domain_contacts, :not_found])
         next
       end
 
+      if x['type'] == 'admin' && c.bic?
+        add_epp_error('2306', 'contact', x.text, [:domain_contacts, :admin_contact_can_be_only_citizen])
+        next
+      end
+
       res << {
         contact_id: Contact.find_by(code: x.text).try(:id),
         contact_type: x['type'],
@@ -175,6 +175,14 @@ class Epp::EppDomain < Domain
   end
 
   def dnskeys_attrs(frame, action)
+    if frame.css('dsData').any? && !Setting.ds_data_allowed
+      errors.add(:base, :ds_data_not_allowed)
+    end
+
+    if frame.xpath('keyData').any? && !Setting.key_data_allowed
+      errors.add(:base, :key_data_not_allowed)
+    end
+
     res = []
     # res = { ds_data: [], key_data: [] }
 
@@ -495,7 +503,7 @@ class Epp::EppDomain < Domain
 
   def validate_dnssec_data(dnssec_data)
     ds_data_allowed?(dnssec_data)
-    ds_data_with_keys_allowed?(dnssec_data)
+    # ds_data_with_keys_allowed?(dnssec_data)
     key_data_allowed?(dnssec_data)
 
     errors.empty?
diff --git a/config/initializers/initial_settings.rb b/config/initializers/initial_settings.rb
index 5458b6d2e..de7abdf73 100644
--- a/config/initializers/initial_settings.rb
+++ b/config/initializers/initial_settings.rb
@@ -1,5 +1,5 @@
 # otherwise rake not working 100%
-if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('settings') 
+if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('settings')
   Setting.disclosure_name = true if Setting.disclosure_name.nil?
   Setting.disclosure_name = true if Setting.disclosure_name.nil?
   Setting.disclosure_org_name = true if Setting.disclosure_org_name.nil?
@@ -15,7 +15,6 @@ if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?(
 
   Setting.save_default(:ds_algorithm, 2)
   Setting.save_default(:ds_data_allowed, true)
-  Setting.save_default(:ds_data_with_key_allowed, true)
   Setting.save_default(:key_data_allowed, true)
 
   Setting.save_default(:dnskeys_min_count, 0)
diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb
index 7e3e61e4b..cb5ed37f5 100644
--- a/spec/epp/domain_spec.rb
+++ b/spec/epp/domain_spec.rb
@@ -540,32 +540,32 @@ describe 'EPP Domain', epp: true do
       ds.public_key.should == '700b97b591ed27ec2590d19f06f88bba700b97b591ed27ec2590d19f'
     end
 
-    it 'prohibits dsData with key' do
-      Setting.ds_data_with_key_allowed = false
+    # it 'prohibits dsData with key' do
+    #   Setting.ds_data_with_key_allowed = false
 
-      xml = domain_create_xml({}, {
-        _anonymus: [
-          { dsData: {
-              keyTag: { value: '12345' },
-              alg: { value: '3' },
-              digestType: { value: '1' },
-              digest: { value: '49FD46E6C4B45C55D4AC' },
-              keyData: {
-                flags: { value: '0' },
-                protocol: { value: '3' },
-                alg: { value: '5' },
-                pubKey: { value: '700b97b591ed27ec2590d19f06f88bba700b97b591ed27ec2590d19f' }
-              }
-            }
-          }]
-        })
+    #   xml = domain_create_xml({}, {
+    #     _anonymus: [
+    #       { dsData: {
+    #           keyTag: { value: '12345' },
+    #           alg: { value: '3' },
+    #           digestType: { value: '1' },
+    #           digest: { value: '49FD46E6C4B45C55D4AC' },
+    #           keyData: {
+    #             flags: { value: '0' },
+    #             protocol: { value: '3' },
+    #             alg: { value: '5' },
+    #             pubKey: { value: '700b97b591ed27ec2590d19f06f88bba700b97b591ed27ec2590d19f' }
+    #           }
+    #         }
+    #       }]
+    #     })
 
-      response = epp_plain_request(xml, :xml)
-      response[:result_code].should == '2306'
-      response[:msg].should == 'dsData object with key data is not allowed'
+    #   response = epp_plain_request(xml, :xml)
+    #   response[:result_code].should == '2306'
+    #   response[:msg].should == 'dsData object with key data is not allowed'
 
-      create_settings
-    end
+    #   create_settings
+    # end
 
     it 'prohibits dsData' do
       Setting.ds_data_allowed = false