From a5ffce290de6c8f5e219546640865b1f059dbc8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 6 Jun 2022 13:43:30 +0300 Subject: [PATCH 01/27] Updated REPP API for new registrar portal --- .gitignore | 1 + Dockerfile | 1 + Gemfile | 4 +- Gemfile.lock | 9 +- app/controllers/repp/v1/account_controller.rb | 149 +++++++++++++++ .../repp/v1/accounts_controller.rb | 33 ---- app/controllers/repp/v1/base_controller.rb | 29 ++- .../repp/v1/contacts_controller.rb | 172 +++++++++++++----- .../v1/domains/base_contacts_controller.rb | 22 +-- .../repp/v1/domains/renews_controller.rb | 12 +- app/controllers/repp/v1/domains_controller.rb | 128 +++++++++---- .../repp/v1/invoices_controller.rb | 118 ++++++++++++ .../repp/v1/registrar/auth_controller.rb | 49 +++++ .../v1/registrar/nameservers_controller.rb | 37 ++-- .../v1/registrar/notifications_controller.rb | 4 +- .../repp/v1/registrar/summary_controller.rb | 111 +++++++++++ app/interactions/actions/domain_delete.rb | 6 +- app/interactions/actions/domain_update.rb | 7 +- app/interactions/actions/invoice_cancel.rb | 15 ++ app/models/ability.rb | 7 +- app/models/action.rb | 18 +- app/models/admin_domain_contact.rb | 2 +- app/models/api_user.rb | 12 +- .../balance_auto_reload_types/threshold.rb | 4 +- app/models/bulk_action.rb | 1 - app/models/concerns/invoice/cancellable.rb | 10 + app/models/concerns/invoice/payable.rb | 2 + app/models/contact.rb | 87 +++++---- app/models/contact_update_action.rb | 1 + app/models/deposit.rb | 1 + app/models/depp/user.rb | 4 +- app/models/domain_transfer.rb | 8 +- app/models/invoice.rb | 7 + app/models/notification.rb | 1 + app/models/registrar.rb | 12 +- app/models/tech_domain_contact.rb | 2 +- app/models/user.rb | 2 +- .../registrar/domain_list_csv_presenter.rb | 5 +- app/views/epp/poll/poll_req.xml.builder | 2 +- .../registrar/domains/_search_form.html.erb | 4 +- app/views/registrar/polls/show.haml | 9 +- config/initializers/arel.rb | 25 +++ config/initializers/omniauth.rb | 91 ++++----- config/initializers/ransack.rb | 7 + config/locales/en.yml | 5 + config/routes.rb | 32 +++- lib/serializers/repp/contact.rb | 52 +++++- lib/serializers/repp/domain.rb | 74 ++++++-- lib/serializers/repp/invoice.rb | 85 +++++++++ test/integration/epp/poll_test.rb | 2 +- .../v1/{accounts => account}/balance_test.rb | 8 +- .../repp/v1/contacts/create_test.rb | 80 ++++---- .../integration/repp/v1/contacts/list_test.rb | 18 +- .../integration/repp/v1/contacts/show_test.rb | 2 +- .../repp/v1/contacts/update_test.rb | 28 +-- .../v1/domains/contact_replacement_test.rb | 7 +- .../repp/v1/domains/delete_test.rb | 16 +- test/integration/repp/v1/domains/list_test.rb | 4 +- .../repp/v1/domains/renews_test.rb | 6 +- .../repp/v1/domains/update_test.rb | 17 +- test/models/registrant_user_test.rb | 10 +- 61 files changed, 1269 insertions(+), 408 deletions(-) create mode 100644 app/controllers/repp/v1/account_controller.rb delete mode 100644 app/controllers/repp/v1/accounts_controller.rb create mode 100644 app/controllers/repp/v1/invoices_controller.rb create mode 100644 app/controllers/repp/v1/registrar/auth_controller.rb create mode 100644 app/controllers/repp/v1/registrar/summary_controller.rb create mode 100644 app/interactions/actions/invoice_cancel.rb delete mode 100644 app/models/bulk_action.rb create mode 100644 app/models/contact_update_action.rb create mode 100644 config/initializers/arel.rb create mode 100644 config/initializers/ransack.rb create mode 100644 lib/serializers/repp/invoice.rb rename test/integration/repp/v1/{accounts => account}/balance_test.rb (88%) diff --git a/.gitignore b/.gitignore index 08606ba47..a8499459f 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ /coverage/ /.bundle /vendor/bundle +/vendor/gems /config/database.yml /config/application.yml /config/environments/development.rb diff --git a/Dockerfile b/Dockerfile index 9c46182a3..3d065e5bb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,7 @@ FROM internetee/ruby:3.0-buster RUN mkdir -p /opt/webapps/app/tmp/pids WORKDIR /opt/webapps/app COPY Gemfile Gemfile.lock ./ +# ADD vendor/gems/omniauth-tara ./vendor/gems/omniauth-tara RUN gem install bundler && bundle install --jobs 20 --retry 5 EXPOSE 3000 diff --git a/Gemfile b/Gemfile index 08c2d0bb5..3761831d0 100644 --- a/Gemfile +++ b/Gemfile @@ -57,10 +57,9 @@ gem 'digidoc_client', ref: '1645e83a5a548addce383f75703b0275c5310c32' # TARA -gem 'omniauth' gem 'omniauth-rails_csrf_protection' gem 'omniauth-tara', github: 'internetee/omniauth-tara' - +# gem 'omniauth-tara', path: 'vendor/gems/omniauth-tara' gem 'airbrake' gem 'daemons-rails', '1.2.1' @@ -81,6 +80,7 @@ gem 'lhv', github: 'internetee/lhv', branch: 'master' gem 'rexml' gem 'wkhtmltopdf-binary', '~> 0.12.5.1' + gem 'directo', github: 'internetee/directo', branch: 'master' group :development, :test do diff --git a/Gemfile.lock b/Gemfile.lock index a53651e1b..8f1d86c23 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -338,7 +338,7 @@ GEM omniauth-rails_csrf_protection (0.1.2) actionpack (>= 4.2) omniauth (>= 1.3.1) - openid_connect (1.2.0) + openid_connect (1.3.0) activemodel attr_required (>= 1.0.0) json-jwt (>= 1.5.0) @@ -477,7 +477,7 @@ GEM activesupport (>= 4.0) sprockets (>= 3.0.0) spy (1.0.1) - swd (1.2.0) + swd (1.3.0) activesupport (>= 3) attr_required (>= 0.0.5) httpclient (>= 2.4) @@ -496,7 +496,7 @@ GEM validate_email (0.1.6) activemodel (>= 3.0) mail (>= 2.2.5) - validate_url (1.0.13) + validate_url (1.0.15) activemodel (>= 3.0.0) public_suffix validates_email_format_of (1.6.3) @@ -511,7 +511,7 @@ GEM nokogiri (~> 1.6) rubyzip (>= 1.3.0) selenium-webdriver (>= 3.0, < 4.0) - webfinger (1.1.0) + webfinger (1.2.0) activesupport httpclient (>= 2.4) webmock (3.14.0) @@ -572,7 +572,6 @@ DEPENDENCIES newrelic-infinite_tracing newrelic_rpm nokogiri (~> 1.13.0) - omniauth omniauth-rails_csrf_protection omniauth-tara! paper_trail (~> 12.1) diff --git a/app/controllers/repp/v1/account_controller.rb b/app/controllers/repp/v1/account_controller.rb new file mode 100644 index 000000000..e412b784d --- /dev/null +++ b/app/controllers/repp/v1/account_controller.rb @@ -0,0 +1,149 @@ +module Repp + module V1 + class AccountController < BaseController + load_and_authorize_resource + + api :get, '/repp/v1/account' + desc 'Get all activities' + def index + records = current_user.registrar.cash_account.activities + + q = records.ransack(search_params) + q.sorts = 'created_at desc' if q.sorts.empty? + activities = q.result(distinct: true) + + limited_activities = activities.limit(limit).offset(offset) + .includes(:invoice) + + render_success(data: { activities: serialized_activities(limited_activities), + count: activities.count, + types_for_select: AccountActivity.types_for_select }) + end + + api :get, '/repp/v1/account/details' + desc 'Get current registrar account details' + def details + registrar = current_user.registrar + type = registrar.settings['balance_auto_reload']&.dig('type') + resp = { account: { billing_email: registrar.billing_email, + iban: registrar.iban, + iban_max_length: Iban.max_length, + linked_users: serialized_users(current_user.linked_users), + balance_auto_reload: type, + min_deposit: Setting.minimum_deposit } } + render_success(data: resp) + end + + api :put, '/repp/v1/account' + desc 'Update current registrar account details' + def update + registrar = current_user.registrar + unless registrar.update(account_params) + handle_non_epp_errors(registrar) + return + end + + render_success(data: { account: account_params }, + message: I18n.t('registrar.account.update.saved')) + end + + api :post, '/repp/v1/account/update_auto_reload_balance' + desc 'Enable current registrar balance auto reload' + def update_auto_reload_balance + type = BalanceAutoReloadTypes::Threshold.new(type_params) + unless type.valid? + handle_non_epp_errors(type) + return + end + + settings = { balance_auto_reload: { type: type.as_json } } + current_user.registrar.update!(settings: settings) + render_success(data: { settings: settings }, + message: I18n.t('registrar.settings.balance_auto_reload.update.saved')) + end + + api :get, '/repp/v1/account/disable_auto_reload_balance' + desc 'Disable current registrar balance auto reload' + def disable_auto_reload_balance + registrar = current_user.registrar + registrar.settings.delete('balance_auto_reload') + registrar.save! + + render_success(data: { settings: registrar.settings }, + message: I18n.t('registrar.settings.balance_auto_reload.destroy.disabled')) + end + + api :get, '/repp/v1/account/balance' + desc "Get account's balance" + def balance + resp = { balance: current_user.registrar.cash_account.balance, + currency: current_user.registrar.cash_account.currency } + if params[:detailed] == 'true' + activities = current_user.registrar.cash_account.activities.order(created_at: :desc) + activities = activities.where('created_at >= ?', params[:from]) if params[:from] + activities = activities.where('created_at <= ?', params[:until]) if params[:until] + resp[:transactions] = serialized_activities(activities) + end + render_success(data: resp) + end + + private + + def account_params + params.require(:account).permit(:billing_email, :iban) + end + + def index_params + params.permit(:id, :limit, :offset, :q, + :page, :per_page, + q: [:description_matches, :created_at_gteq, + :created_at_lteq, :s, { s: [] }, { activity_type_in: [] }]) + end + + def type_params + permitted_params = params.require(:type).permit(:amount, :threshold) + normalize_params(permitted_params) + end + + def normalize_params(params) + params[:amount] = params[:amount].to_f + params[:threshold] = params[:threshold].to_f + params + end + + def search_params + index_params.fetch(:q, {}) + end + + def limit + index_params[:limit] || 200 + end + + def offset + index_params[:offset] || 0 + end + + def serialized_users(users) + arr = [] + users.each do |u| + arr << { id: u.id, username: u.username, + role: u.roles.first } + end + + arr + end + + def serialized_activities(activities) + arr = [] + activities.each do |a| + arr << { created_at: a.created_at, description: a.description, + type: a.activity_type == 'add_credit' ? 'credit' : 'debit', + sum: a.sum, balance: a.new_balance, currency: a.currency, + updator: a.updator_str } + end + + arr + end + end + end +end diff --git a/app/controllers/repp/v1/accounts_controller.rb b/app/controllers/repp/v1/accounts_controller.rb deleted file mode 100644 index 388bc9a94..000000000 --- a/app/controllers/repp/v1/accounts_controller.rb +++ /dev/null @@ -1,33 +0,0 @@ -module Repp - module V1 - class AccountsController < BaseController - api :GET, '/repp/v1/accounts/balance' - desc "Get account's balance" - def balance - resp = { balance: current_user.registrar.cash_account.balance, - currency: current_user.registrar.cash_account.currency } - resp[:transactions] = activities if params[:detailed] == 'true' - render_success(data: resp) - end - - def activities - arr = [] - registrar_activities.each do |a| - arr << { created_at: a.created_at, description: a.description, - type: a.activity_type == 'add_credit' ? 'credit' : 'debit', - sum: a.sum, balance: a.new_balance } - end - - arr - end - - def registrar_activities - activities = current_user.registrar.cash_account.activities.order(created_at: :desc) - activities = activities.where('created_at >= ?', params[:from]) if params[:from] - activities = activities.where('created_at <= ?', params[:until]) if params[:until] - - activities - end - end - end -end diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index 3e9ab5715..5ab910278 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -1,12 +1,12 @@ module Repp module V1 class BaseController < ActionController::API # rubocop:disable Metrics/ClassLength + attr_reader :current_user + around_action :log_request before_action :authenticate_user before_action :validate_webclient_ca before_action :check_ip_restriction - attr_reader :current_user - before_action :set_paper_trail_whodunnit private @@ -22,6 +22,10 @@ module Repp rescue Apipie::ParamInvalid => e @response = { code: 2005, message: e.message.gsub(/\n/, '. ') } render(json: @response, status: :bad_request) + rescue CanCan::AccessDenied => e + @response = { code: 2201, message: 'Authorization error' } + logger.error e.to_s + render(json: @response, status: :unauthorized) ensure create_repp_log end @@ -65,7 +69,6 @@ module Repp def handle_errors(obj = nil) @epp_errors ||= ActiveModel::Errors.new(self) - if obj obj.construct_epp_errors obj.errors.each { |error| @epp_errors.import error } @@ -85,6 +88,12 @@ module Repp render(json: @response, status: status) end + def handle_non_epp_errors(obj, message = nil) + @response = { message: message || obj.errors.full_messages.join(', '), + data: {} } + render(json: @response, status: :bad_request) + end + def basic_token pattern = /^Basic / header = request.headers['Authorization'] @@ -94,7 +103,8 @@ module Repp def authenticate_user username, password = Base64.urlsafe_decode64(basic_token).split(':') - @current_user ||= ApiUser.find_by(username: username, plain_text_password: password) + @current_user ||= ApiUser.find_by(username: username, plain_text_password: password, + active: true) return if @current_user @@ -123,6 +133,7 @@ module Repp return unless webclient_request? request_name = request.env['HTTP_SSL_CLIENT_S_DN_CN'] + webclient_cn = ENV['webclient_cert_common_name'] || 'webclient' return if request_name == webclient_cn @@ -135,6 +146,16 @@ module Repp def logger Rails.logger end + + def auth_values_to_data(registrar:) + data = current_user.as_json(only: %i[id username roles]) + data[:registrar_name] = registrar.name + data[:legaldoc_mandatory] = registrar.legaldoc_mandatory? + data[:balance] = { amount: registrar.cash_account&.balance, + currency: registrar.cash_account&.currency } + data[:abilities] = Ability.new(current_user).permissions + data + end end end end diff --git a/app/controllers/repp/v1/contacts_controller.rb b/app/controllers/repp/v1/contacts_controller.rb index c19ca3967..01230c7fe 100644 --- a/app/controllers/repp/v1/contacts_controller.rb +++ b/app/controllers/repp/v1/contacts_controller.rb @@ -3,23 +3,61 @@ module Repp module V1 class ContactsController < BaseController # rubocop:disable Metrics/ClassLength before_action :find_contact, only: %i[show update destroy] + skip_around_action :log_request, only: :search api :get, '/repp/v1/contacts' desc 'Get all existing contacts' def index - record_count = current_user.registrar.contacts.count - contacts = showable_contacts(params[:details], params[:limit] || 200, - params[:offset] || 0) - @response = { contacts: contacts, total_number_of_records: record_count } - render(json: @response, status: :ok) + authorize! :check, Epp::Contact + records = current_user.registrar.contacts.order(created_at: :desc) + + q = records.ransack(search_params) + q.sorts = 'created_at desc' if q.sorts.empty? + contacts = q.result(distinct: true) + + limited_contacts = contacts.limit(limit).offset(offset) + .includes(:domain_contacts, :registrant_domains, :registrar) + + render_success(data: { contacts: serialized_contacts(limited_contacts), + count: contacts.count, + statuses: Contact::STATUSES, + ident_types: Contact::Ident.types }) end + # rubocop:disable Metrics/MethodLength + api :get, '/repp/v1/contacts/search(/:id)' + desc 'Search all existing contacts by optional id or query param' + def search + scope = current_user.registrar.contacts + if params[:query] + escaped_str = ActiveRecord::Base.connection.quote_string params[:query] + scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' + OR ident ilike '%#{escaped_str}%'") + elsif params[:id] + scope = scope.where(code: params[:id]) + end + + render_success(data: scope.limit(10) + .map do |c| + { value: c.code, + label: "#{c.code} #{c.name}", + selected: scope.size == 1 } + end) + end + # rubocop:enable Metrics/MethodLength + api :get, '/repp/v1/contacts/:contact_code' desc 'Get a specific contact' def show - serializer = ::Serializers::Repp::Contact.new(@contact, - show_address: Contact.address_processing?) - render_success(data: serializer.to_json) + authorize! :check, Epp::Contact + + simple = params[:simple] == 'true' || false + serializer = Serializers::Repp::Contact.new(@contact, + show_address: Contact.address_processing?, + domain_params: domain_filter_params, + simplify: simple) + + render_success(data: { contact: serializer.to_json }) end api :get, '/repp/v1/contacts/check/:contact_code' @@ -35,7 +73,7 @@ module Repp desc 'Create a new contact' def create @contact = Epp::Contact.new(contact_params_with_address, current_user.registrar, epp: false) - action = Actions::ContactCreate.new(@contact, params[:legal_document], + action = Actions::ContactCreate.new(@contact, contact_params[:legal_document], contact_ident_params) unless action.call @@ -50,7 +88,7 @@ module Repp desc 'Update existing contact' def update action = Actions::ContactUpdate.new(@contact, contact_params_with_address(required: false), - params[:legal_document], + contact_params[:legal_document], contact_ident_params(required: false), current_user) unless action.call @@ -73,29 +111,71 @@ module Repp render_success end - def contact_addr_present? - return false unless contact_addr_params.key?(:addr) + private - contact_addr_params[:addr].keys.any? + def index_params + params.permit(:id, :limit, :offset, :details, :q, :simple, + :page, :per_page, :domain_filter, + domain_filter: [], + q: %i[s name_matches code_eq ident_matches ident_type_eq + email_matches country_code_eq types_contains_array + updated_at_gteq created_at_gteq created_at_lteq + statuses_contains_array] + [s: []]) + end + + def search_params + index_params.fetch(:q, {}) + end + + def domain_filter_params + filter_params = index_params.slice(:id, :page, :per_page, :domain_filter).to_h + filter_params.merge!({ sort: hashify(index_params[:q].fetch(:s)) }) if index_params[:q] + filter_params + end + + def hashify(sort) + return unless sort + + sort_hash = {} + if sort.is_a?(Array) + sort.each do |s| + sort_hash.merge!(Hash[*s.split(' ')]) + end + else + sort_hash.merge!(Hash[*sort.split(' ')]) + end + sort_hash + end + + def limit + index_params[:limit] || 200 + end + + def offset + index_params[:offset] || 0 + end + + def serialized_contacts(contacts) + return contacts.map {|c| c.code } unless index_params[:details] == 'true' + + address_processing = Contact.address_processing? + contacts.map do |c| + Serializers::Repp::Contact.new(c, show_address: address_processing).to_json + end + end + + def contact_addr_present? + return false unless contact_addr_params + + contact_addr_params.keys.any? end def create_update_success_body - { code: opt_addr? ? 1100 : nil, data: { contact: { id: @contact.code } }, + { code: opt_addr? ? 1100 : nil, + data: { contact: { code: @contact.code } }, message: opt_addr? ? I18n.t('epp.contacts.completed_without_address') : nil } end - def showable_contacts(details, limit, offset) - contacts = current_user.registrar.contacts.limit(limit).offset(offset) - - return contacts.pluck(:code) unless details - - contacts.map do |contact| - serializer = ::Serializers::Repp::Contact.new(contact, - show_address: Contact.address_processing?) - serializer.to_json - end - end - def opt_addr? !Contact.address_processing? && contact_addr_present? end @@ -106,36 +186,36 @@ module Repp end def contact_params_with_address(required: true) - return contact_create_params(required: required) unless contact_addr_params.key?(:addr) + return contact_create_params(required: required) unless contact_addr_present? - addr = {} - contact_addr_params[:addr].each_key { |k| addr[k] = contact_addr_params[:addr][k] } - contact_create_params(required: required).merge(addr) + contact_create_params(required: required).merge(contact_addr_params) end def contact_create_params(required: true) - params.require(:contact).require(%i[name email phone]) if required - params.require(:contact).permit(:name, :email, :phone, :id) + create_params = %i[name email phone] + contact_params.require(create_params) if required + contact_params.slice(*create_params) end def contact_ident_params(required: true) - if required - params.require(:contact).require(:ident).require(%i[ident ident_type ident_country_code]) - params.require(:contact).require(:ident).permit(:ident, :ident_type, :ident_country_code) - else - params.permit(contact: { ident: %i[ident ident_type ident_country_code] }) - end - - params[:contact][:ident] + ident_params = %i[ident ident_type ident_country_code] + contact_params.require(:ident).require(ident_params) if required + contact_params[:ident].to_h end def contact_addr_params - if Contact.address_processing? - params.require(:contact).require(:addr).require(%i[country_code city street zip]) - params.require(:contact).require(:addr).permit(:country_code, :city, :street, :zip) - else - params.require(:contact).permit(addr: %i[country_code city street zip]) - end + return contact_params[:addr] unless Contact.address_processing? + + addr_params = %i[country_code city street zip] + contact_params.require(:addr).require(addr_params) + contact_params[:addr] + end + + def contact_params + params.require(:contact).permit(:name, :email, :phone, :legal_document, + legal_document: %i[body type], + ident: [%i[ident ident_type ident_country_code]], + addr: [%i[country_code city street zip state]]) end end end diff --git a/app/controllers/repp/v1/domains/base_contacts_controller.rb b/app/controllers/repp/v1/domains/base_contacts_controller.rb index 65dbea9ac..225b14b58 100644 --- a/app/controllers/repp/v1/domains/base_contacts_controller.rb +++ b/app/controllers/repp/v1/domains/base_contacts_controller.rb @@ -2,19 +2,16 @@ module Repp module V1 module Domains class BaseContactsController < BaseController - before_action :set_current_contact, only: [:update] - before_action :set_new_contact, only: [:update] + before_action :set_contacts, only: [:update] - def set_current_contact - @current_contact = current_user.registrar.contacts - .find_by!(code: contact_params[:current_contact_id]) - end - - def set_new_contact - @new_contact = current_user.registrar.contacts.find_by!(code: params[:new_contact_id]) + def set_contacts + contacts = current_user.registrar.contacts + @current_contact = contacts.find_by!(code: contact_params[:current_contact_id]) + @new_contact = contacts.find_by!(code: contact_params[:new_contact_id]) end def update + authorize! :manage, :repp @epp_errors ||= ActiveModel::Errors.new(self) return unless @new_contact.invalid? @@ -26,8 +23,11 @@ module Repp private def contact_params - params.require(%i[current_contact_id new_contact_id]) - params.permit(:current_contact_id, :new_contact_id) + param_list = %i[current_contact_id new_contact_id] + params.require(param_list) + params.permit(:current_contact_id, :new_contact_id, + contact: {}, + admin_contact: [param_list]) end end end diff --git a/app/controllers/repp/v1/domains/renews_controller.rb b/app/controllers/repp/v1/domains/renews_controller.rb index af40e17b1..f963cd3a7 100644 --- a/app/controllers/repp/v1/domains/renews_controller.rb +++ b/app/controllers/repp/v1/domains/renews_controller.rb @@ -8,28 +8,29 @@ module Repp api :POST, 'repp/v1/domains/:domain_name/renew' desc 'Renew domain' - param :renew, Hash, required: true, desc: 'Renew parameters' do + param :renews, Hash, required: true, desc: 'Renew parameters' do param :period, Integer, required: true, desc: 'Renew period. Month (m) or year (y)' param :period_unit, String, required: true, desc: 'For how many months or years to renew' param :exp_date, String, required: true, desc: 'Current expiry date for domain' end def create authorize!(:renew, @domain) - action = Actions::DomainRenew.new(@domain, renew_params[:renew], current_user.registrar) + action = Actions::DomainRenew.new(@domain, renew_params[:renews], current_user.registrar) unless action.call handle_errors(@domain) return end - render_success(data: { domain: { name: @domain.name } }) + render_success(data: { domain: { name: @domain.name, id: @domain.uuid } }) end def bulk_renew + authorize! :manage, :repp renew = run_bulk_renew_task(@domains, bulk_renew_params[:renew_period]) return render_success(data: { updated_domains: @domains.map(&:name) }) if renew.valid? - msg = renew.errors.keys.map { |k, _v| renew.errors[k] }.join(', ') + msg = renew.errors.attribute_names.map { |k, _v| renew.errors[k] }.join(', ') @epp_errors.add(:epp_errors, msg: msg, code: '2002') handle_errors end @@ -37,7 +38,7 @@ module Repp private def renew_params - params.permit(:domain_id, renew: %i[period period_unit exp_date]) + params.permit(:domain_id, renews: %i[period period_unit exp_date]) end def validate_renew_period @@ -53,6 +54,7 @@ module Repp if bulk_renew_params[:domains].instance_of?(Array) @domains = bulk_renew_domains + @epp_errors.add(:epp_errors, msg: 'Domains cannot be empty', code: '2005') if @domains.empty? else @epp_errors.add(:epp_errors, msg: 'Domains attribute must be an array', code: '2005') end diff --git a/app/controllers/repp/v1/domains_controller.rb b/app/controllers/repp/v1/domains_controller.rb index 06d4a0330..37f735b69 100644 --- a/app/controllers/repp/v1/domains_controller.rb +++ b/app/controllers/repp/v1/domains_controller.rb @@ -3,6 +3,7 @@ module Repp module V1 class DomainsController < BaseController # rubocop:disable Metrics/ClassLength before_action :set_authorized_domain, only: %i[transfer_info destroy] + before_action :find_password, only: %i[update destroy] before_action :validate_registrar_authorization, only: %i[transfer_info destroy] before_action :forward_registrar_id, only: %i[create update destroy] before_action :set_domain, only: %i[update] @@ -10,20 +11,31 @@ module Repp api :GET, '/repp/v1/domains' desc 'Get all existing domains' def index + authorize! :info, Epp::Domain records = current_user.registrar.domains - domains = records.limit(limit).offset(offset) + q = records.ransack(search_params) + q.sorts = ['valid_to asc', 'created_at desc'] if q.sorts.empty? + # use distinct: false here due to ransack bug: + # https://github.com/activerecord-hackery/ransack/issues/429 + domains = q.result(distinct: false) - render_success(data: { domains: serialized_domains(domains), - total_number_of_records: records.count }) + limited_domains = domains.limit(limit).offset(offset).includes(:registrar, :registrant) + + render_success(data: { new_domain: records.any? ? serialized_domains([records.last]) : [], + domains: serialized_domains(limited_domains.to_a.uniq), + count: domains.count, + statuses: DomainStatus::STATUSES }) end api :GET, '/repp/v1/domains/:domain_name' desc 'Get a specific domain' def show - @domain = Epp::Domain.find_by!(name: params[:id]) + @domain = Epp::Domain.find_by_name(params[:id]) + authorize! :info, @domain + sponsor = @domain.registrar == current_user.registrar - render_success(data: { domain: Serializers::Repp::Domain.new(@domain, - sponsored: sponsor).to_json }) + serializer = Serializers::Repp::Domain.new(@domain, sponsored: sponsor) + render_success(data: { domain: serializer.to_json }) end api :POST, '/repp/v1/domains' @@ -33,7 +45,7 @@ module Repp param :registrant, String, required: true, desc: 'Registrant contact code' param :reserved_pw, String, required: false, desc: 'Reserved password for domain' param :transfer_code, String, required: false, desc: 'Desired transfer code for domain' - # param :period, String, required: true, desc: 'Registration period in months or years' + param :period, Integer, required: true, desc: 'Registration period in months or years' param :period_unit, String, required: true, desc: 'Period type (month m) or (year y)' param :nameservers_attributes, Array, required: false, desc: 'Domain nameservers' do param :hostname, String, required: true, desc: 'Nameserver hostname' @@ -56,15 +68,18 @@ module Repp end end def create - authorize!(:create, Epp::Domain) + authorize! :create, Epp::Domain @domain = Epp::Domain.new - action = Actions::DomainCreate.new(@domain, domain_create_params) + + action = Actions::DomainCreate.new(@domain, domain_params) # rubocop:disable Style/AndOr handle_errors(@domain) and return unless action.call # rubocop:enable Style/AndOr - render_success(data: { domain: { name: @domain.name, transfer_code: @domain.transfer_code } }) + render_success(data: { domain: { name: @domain.name, + transfer_code: @domain.transfer_code, + id: @domain.reload.uuid } }) end api :PUT, '/repp/v1/domains/:domain_name' @@ -73,20 +88,20 @@ module Repp param :domain, Hash, required: true, desc: 'Changes of domain object' do param :registrant, Hash, required: false, desc: 'New registrant object' do param :code, String, required: true, desc: 'New registrant contact code' - param :verified, [true, false], required: false, - desc: 'Registrant change is already verified' + param :verified, [true, false, 'true', 'false'], required: false, + desc: 'Registrant change is already verified' end param :transfer_code, String, required: false, desc: 'New authorization code' end def update - action = Actions::DomainUpdate.new(@domain, params[:domain], false) - + authorize!(:update, @domain, @password) + action = Actions::DomainUpdate.new(@domain, update_params, false) unless action.call handle_errors(@domain) return end - render_success(data: { domain: { name: @domain.name } }) + render_success(data: { domain: { name: @domain.name, id: @domain.uuid } }) end api :GET, '/repp/v1/domains/:domain_name/transfer_info' @@ -108,23 +123,28 @@ module Repp api :POST, '/repp/v1/domains/transfer' desc 'Transfer multiple domains' def transfer + authorize! :transfer, Epp::Domain @errors ||= [] @successful = [] - transfer_params[:domain_transfers].each do |transfer| initiate_transfer(transfer) end + render_success(data: { success: @successful, failed: @errors }) end api :DELETE, '/repp/v1/domains/:domain_name' desc 'Delete specific domain' - param :delete, Hash, required: true, desc: 'Object holding verified key' do - param :verified, [true, false], required: true, - desc: 'Whether to ask registrant verification or not' + param :id, String, desc: 'Domain name in IDN / Puny format' + param :domain, Hash, required: true, desc: 'Changes of domain object' do + param :delete, Hash, required: true, desc: 'Object holding verified key' do + param :verified, [true, false, 'true', 'false'], required: true, + desc: 'Whether to ask registrant verification or not' + end end def destroy - action = Actions::DomainDelete.new(@domain, params, current_user.registrar) + authorize!(:delete, @domain, @password) + action = Actions::DomainDelete.new(@domain, domain_params, current_user.registrar) # rubocop:disable Style/AndOr handle_errors(@domain) and return unless action.call @@ -138,7 +158,8 @@ module Repp def serialized_domains(domains) return domains.pluck(:name) unless index_params[:details] == 'true' - domains.map { |d| Serializers::Repp::Domain.new(d).to_json } + simple = index_params[:simple] == 'true' || false + domains.map { |d| Serializers::Repp::Domain.new(d, simplify: simple).to_json } end def initiate_transfer(transfer) @@ -155,18 +176,13 @@ module Repp end def transfer_params - params.require(:data).require(:domain_transfers).each do |t| - t.require(:domain_name) - t.permit(:domain_name) - t.require(:transfer_code) - t.permit(:transfer_code) - end - params.require(:data).permit(domain_transfers: %i[domain_name transfer_code]) + params.require(:data).require(:domain_transfers) + params.require(:data).permit(domain_transfers: [%i[domain_name transfer_code]]) end def transfer_info_params params.require(:id) - params.permit(:id) + params.permit(:id, :legal_document, delete: [:verified]) end def forward_registrar_id @@ -177,6 +193,7 @@ module Repp def set_domain registrar = current_user.registrar + @domain = Epp::Domain.find_by(registrar: registrar, name: params[:id]) @domain ||= Epp::Domain.find_by!(registrar: registrar, name_puny: params[:id]) @@ -185,6 +202,10 @@ module Repp raise ActiveRecord::RecordNotFound end + def find_password + @password = domain_params[:transfer_code] + end + def set_authorized_domain @epp_errors ||= ActiveModel::Errors.new(self) @domain = domain_from_url_hash @@ -201,7 +222,7 @@ module Repp end def domain_from_url_hash - entry = transfer_info_params[:id] + entry = params[:id] return Epp::Domain.find(entry) if entry.match?(/\A[0-9]+\z/) Epp::Domain.find_by!('name = ? OR name_puny = ?', entry, entry) @@ -216,15 +237,48 @@ module Repp end def index_params - params.permit(:limit, :offset, :details) + params.permit(:limit, :offset, :details, :simple, :q, + q: %i[s name_matches registrant_id_eq contacts_ident_eq + nameservers_hostname_eq valid_to_gteq valid_to_lteq + statuses_contains_array] + [s: []]) end - def domain_create_params - params.require(:domain).permit(:name, :registrant, :period, :period_unit, :registrar, - :transfer_code, :reserved_pw, - dnskeys_attributes: [%i[flags alg protocol public_key]], - nameservers_attributes: [[:hostname, { ipv4: [], ipv6: [] }]], - admin_contacts: [], tech_contacts: []) + def search_params + index_params.fetch(:q, {}) + end + + def update_params + dup_params = domain_params.to_h.dup + return dup_params unless dup_params[:contacts] + + new_contact_params = dup_params[:contacts].map do |c| + c.to_h.symbolize_keys + end + + old_contact_params = @domain.domain_contacts.map do |c| + { code: c.contact_code_cache, type: c.name.downcase } + end + dup_params[:contacts] = (new_contact_params - old_contact_params).map { |c| c.merge(action: 'add') } + dup_params[:contacts].concat((old_contact_params - new_contact_params) + .map { |c| c.merge(action: 'rem') }) + + dup_params + end + + def domain_params + params.require(:domain) + .permit(:name, :period, :period_unit, :registrar, + :transfer_code, :reserved_pw, :legal_document, + :registrant, legal_document: %i[body type], + registrant: [%i[code verified]], + dns_keys: [%i[id flags alg protocol public_key action]], + nameservers: [[:id, :hostname, + :action, { ipv4: [], ipv6: [] }]], + contacts: [%i[code type action]], + nameservers_attributes: [[:hostname, { ipv4: [], ipv6: [] }]], + admin_contacts: [], tech_contacts: [], + dnskeys_attributes: [%i[flags alg protocol public_key]], + delete: [:verified]) end end end diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb new file mode 100644 index 000000000..c8c6676ec --- /dev/null +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -0,0 +1,118 @@ +require 'serializers/repp/invoice' +module Repp + module V1 + class InvoicesController < BaseController + load_and_authorize_resource + + api :get, '/repp/v1/invoices' + desc 'Get all invoices' + def index + records = current_user.registrar.invoices + + q = records.ransack(search_params) + q.sorts = 'created_at desc' if q.sorts.empty? + invoices = q.result(distinct: true) + + limited_invoices = invoices.limit(limit).offset(offset) + .includes(:items, :account_activity, :buyer) + + render_success(data: { invoices: serialized_invoices(limited_invoices), + count: invoices.count }) + end + + api :get, '/repp/v1/invoices/:id' + desc 'Get a specific invoice' + def show + serializer = Serializers::Repp::Invoice.new(@invoice) + render_success(data: { invoice: serializer.to_json }) + end + + api :get, '/repp/v1/invoices/:id/download' + desc 'Download a specific invoice as pdf file' + def download + filename = "Invoice-#{@invoice.number}.pdf" + @response = { code: 1000, message: 'Command completed successfully', + data: filename } + send_data @invoice.as_pdf, filename: filename + end + + api :post, '/repp/v1/invoices/:id/send_to_recipient' + desc 'Send invoice pdf to recipient' + def send_to_recipient + recipient = invoice_params[:recipient] + InvoiceMailer.invoice_email(invoice: @invoice, recipient: recipient) + .deliver_now + serializer = Serializers::Repp::Invoice.new(@invoice, simplify: true) + render_success(data: { invoice: serializer.to_json + .merge!(recipient: recipient) }) + end + + api :post, '/repp/v1/invoices/:id/cancel' + desc 'Cancel a specific invoice' + def cancel + action = Actions::InvoiceCancel.new(@invoice) + if action.call + EisBilling::SendInvoiceStatus.send_info(invoice_number: @invoice.number, + status: 'cancelled') + else + handle_non_epp_errors(@invoice) + return + end + + serializer = Serializers::Repp::Invoice.new(@invoice, simplify: true) + render_success(data: { invoice: serializer.to_json }) + end + + api :post, '/repp/v1/invoices/add_credit' + desc 'Generate add credit invoice' + def add_credit + deposit = Deposit.new(invoice_params.merge(registrar: current_user.registrar)) + invoice = deposit.issue_prepayment_invoice + if invoice + serializer = Serializers::Repp::Invoice.new(invoice, simplify: true) + render_success(data: { invoice: serializer.to_json }) + else + handle_errors(deposit) + end + end + + private + + def index_params + params.permit(:id, :limit, :offset, :details, :q, :simple, + :page, :per_page, + q: %i[number_str_matches due_date_gteq due_date_lteq + account_activity_created_at_gteq + account_activity_created_at_lteq + account_activity_id_not_null + account_activity_id_null + cancelled_at_not_null + number_gteq number_lteq + total_gteq total_lteq s] + [s: []]) + end + + def search_params + index_params.fetch(:q, {}) + end + + def invoice_params + params.require(:invoice).permit(:id, :recipient, :amount, :description) + end + + def limit + index_params[:limit] || 200 + end + + def offset + index_params[:offset] || 0 + end + + def serialized_invoices(invoices) + return invoices.pluck(:number) unless index_params[:details] == 'true' + + simple = index_params[:simple] == 'true' || false + invoices.map { |i| Serializers::Repp::Invoice.new(i, simplify: simple).to_json } + end + end + end +end \ No newline at end of file diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb new file mode 100644 index 000000000..8fba9eefb --- /dev/null +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -0,0 +1,49 @@ +module Repp + module V1 + module Registrar + class AuthController < BaseController + skip_before_action :authenticate_user, only: :tara_callback + skip_before_action :check_ip_restriction, only: :tara_callback + + api :GET, 'repp/v1/registrar/auth' + desc 'check user auth info and return data' + def index + registrar = current_user.registrar + render_success(data: auth_values_to_data(registrar: registrar)) + end + + api :POST, 'repp/v1/registrar/auth/tara_callback' + desc 'check tara callback omniauth user info and return token' + def tara_callback + user = ApiUser.from_omniauth(auth_params) + handle_non_epp_errors(user, I18n.t(:no_such_user)) and return unless user && user&.active + + token = Base64.urlsafe_encode64("#{user.username}:#{user.plain_text_password}") + render_success(data: { token: token, username: user.username }) + end + + api :put, '/repp/v1/registrar/auth/switch_user/:new_user_id' + desc 'Switch session to another api user' + def switch_user + new_user = ApiUser.find(auth_params[:new_user_id]) + unless current_user.linked_with?(new_user) + handle_non_epp_errors(new_user, 'Cannot switch to unlinked user') + return + end + + @current_user = new_user + data = auth_values_to_data(registrar: current_user.registrar) + message = I18n.t('registrar.current_user.switch.switched', new_user: new_user) + token = Base64.urlsafe_encode64("#{new_user.username}:#{new_user.plain_text_password}") + render_success(data: { token: token, registrar: data }, message: message) + end + + private + + def auth_params + params.require(:auth).permit(:uid, :new_user_id) + end + end + end + end +end \ No newline at end of file diff --git a/app/controllers/repp/v1/registrar/nameservers_controller.rb b/app/controllers/repp/v1/registrar/nameservers_controller.rb index 174193350..fbd4c03ec 100644 --- a/app/controllers/repp/v1/registrar/nameservers_controller.rb +++ b/app/controllers/repp/v1/registrar/nameservers_controller.rb @@ -19,13 +19,16 @@ module Repp end def update # rubocop:disable Metrics/MethodLength + authorize! :manage, :repp affected, errored = if hostname.present? - current_user.registrar.replace_nameservers(hostname, - hostname_params[:data][:attributes], - domains: domains_from_params) + current_user.registrar + .replace_nameservers(hostname, + hostname_params[:attributes], + domains: domains_from_params) else - current_user.registrar.add_nameservers(hostname_params[:data][:attributes], - domains: domains_from_params) + current_user.registrar + .add_nameservers(hostname_params[:attributes], + domains: domains_from_params) end render_success(data: data_format_for_success(affected, errored)) @@ -36,34 +39,32 @@ module Repp private def domains_from_params - return [] unless params[:data][:domains] + return [] unless hostname_params[:domains] - params[:data][:domains].map(&:downcase) + hostname_params[:domains].map(&:downcase) end def data_format_for_success(affected_domains, errored_domains) { type: 'nameserver', - id: params[:data][:attributes][:hostname], - attributes: params[:data][:attributes], + id: hostname_params[:attributes][:hostname], + attributes: hostname_params[:attributes], affected_domains: affected_domains, skipped_domains: errored_domains, } end def hostname_params - params.require(:data).require(%i[type]) - params.require(:data).require(:attributes).require([:hostname]) - - params.permit(data: [ - :type, :id, - { domains: [], - attributes: [:hostname, { ipv4: [], ipv6: [] }] } - ]) + params.require(:data).permit(:type, :id, nameserver: [], domains: [], + attributes: [:hostname, { ipv4: [], ipv6: [] }]) + .tap do |data| + data.require(:type) + data.require(:attributes).require([:hostname]) + end end def hostname - hostname_params[:data][:id] || nil + hostname_params[:id] || nil end def verify_nameserver_existance diff --git a/app/controllers/repp/v1/registrar/notifications_controller.rb b/app/controllers/repp/v1/registrar/notifications_controller.rb index 815ee85b9..6b1d342cc 100644 --- a/app/controllers/repp/v1/registrar/notifications_controller.rb +++ b/app/controllers/repp/v1/registrar/notifications_controller.rb @@ -2,7 +2,7 @@ module Repp module V1 module Registrar class NotificationsController < BaseController - before_action :set_notification, only: [:update] + before_action :set_notification, only: %i[update show] api :GET, '/repp/v1/registrar/notifications' desc 'Get the latest unread poll message' @@ -39,7 +39,6 @@ module Repp api :GET, '/repp/v1/registrar/notifications/:notification_id' desc 'Get a specific poll message' def show - @notification = current_user.registrar.notifications.find(params[:id]) data = @notification.as_json(only: %i[id text attached_obj_id attached_obj_type read]) render_success(data: data) @@ -51,6 +50,7 @@ module Repp param :read, [true, 'true'], required: true, desc: 'Set as true to mark as read' end def update + authorize! :manage, :poll # rubocop:disable Style/AndOr handle_errors(@notification) and return unless @notification.mark_as_read # rubocop:enable Style/AndOr diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb new file mode 100644 index 000000000..15f7d0164 --- /dev/null +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -0,0 +1,111 @@ +module Repp + module V1 + module Registrar + class SummaryController < BaseController + api :GET, 'repp/v1/registrar/summary' + desc 'check user summary info and return data' + + def index + user = current_user + registrar = user.registrar + if can?(:manage, :poll) + user_notifications = user.unread_notifications + notification = user_notifications.order('created_at DESC').take + notifications_count = user_notifications.count + if notification&.attached_obj_type && notification&.attached_obj_id + begin + object = object_by_type(notification.attached_obj_type) + .find(notification.attached_obj_id) + rescue => e + # the data model might be inconsistent; or ... + # this could happen if the registrar does not dequeue messages, and then the domain was deleted + # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER + # JOIN domains ON attached_obj_id::INTEGER = domains.id + # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; + message = 'orphan message, domain deleted, registrar should dequeue: ' + Rails.logger.error message + e.to_s + end + end + end + + data = serialize_data(registrar: registrar, + notification: notification, + notifications_count: notifications_count, + object: object) + + render_success(data: data) + end + + private + + def object_by_type(object_type) + Object.const_get(object_type) + rescue NameError + Object.const_get("Version::#{object_type}") + end + + # rubocop:disable Metrics/MethodLength + def serialize_data(registrar:, notification:, notifications_count:, object: nil) + data = current_user.as_json(only: %i[id username]) + data[:registrar_name] = registrar.name + data[:registrar_reg_no] = registrar.reg_no + data[:last_login_date] = last_login_date + data[:domains] = registrar.domains.count if can? :view, Depp::Domain + data[:contacts] = registrar.contacts.count if can? :view, Depp::Contact + data[:phone] = registrar.phone + data[:email] = registrar.email + data[:billing_email] = registrar.billing_email + data[:billing_address] = registrar.address + data[:notification] = serialized_notification(notification, object) + data[:notifications_count] = notifications_count + data + end + # rubocop:enable Metrics/MethodLength + + def last_login_date + q = ApiLog::ReppLog.ransack({ request_path_eq: '/repp/v1/registrar/auth', + response_code_eq: '200', + api_user_name_cont: current_user.username, + request_method_eq: 'GET' }) + q.sorts = 'id desc' + q.result.offset(1).first&.created_at + end + + def serialized_notification(notification, object) + return unless notification + + notification.created_at = notification.created_at.utc.xmlschema + obj_data = serialized_object(object, notification.attached_obj_type) + notification.as_json(only: %i[id text created_at attached_obj_id attached_obj_type]) + .merge({ attached_obj_data: obj_data }) + end + + def serialized_object(object, obj_type) + return unless object + + case obj_type + when 'DomainTransfer' + { + name: object.domain_name, + trStatus: object.status, + reID: object.new_registrar.code, + reDate: object.transfer_requested_at.try(:iso8601), + acID: object.old_registrar.code, + acDate: object.transferred_at.try(:iso8601) || object.wait_until.try(:iso8601), + exDate: object.domain_valid_to.iso8601, + } + when 'ContactUpdateAction' + { + contacts: object.to_non_available_contact_codes, + operation: object.operation, + opDate: object.created_at.utc.xmlschema, + svTrid: object.id, + who: object.user.username, + reason: 'Auto-update according to official data', + } + end + end + end + end + end +end \ No newline at end of file diff --git a/app/interactions/actions/domain_delete.rb b/app/interactions/actions/domain_delete.rb index 7790c25a9..750f0abac 100644 --- a/app/interactions/actions/domain_delete.rb +++ b/app/interactions/actions/domain_delete.rb @@ -32,7 +32,7 @@ module Actions def verify? return false unless Setting.request_confirmation_on_domain_deletion_enabled - return false if params[:delete][:verified] == true + return false if true?(params[:delete][:verified]) true end @@ -51,5 +51,9 @@ module Actions end true end + + def true?(obj) + obj.to_s.downcase == 'true' + end end end diff --git a/app/interactions/actions/domain_update.rb b/app/interactions/actions/domain_update.rb index a86b038ff..377f90e40 100644 --- a/app/interactions/actions/domain_update.rb +++ b/app/interactions/actions/domain_update.rb @@ -14,6 +14,7 @@ module Actions assign_new_registrant if params[:registrant] assign_relational_modifications assign_requested_statuses + ::Actions::BaseAction.maybe_attach_legal_doc(domain, params[:legal_document]) commit @@ -240,7 +241,7 @@ module Actions def verify_registrant_change? return validate_dispute_case if params[:reserved_pw] - return false if !@changes_registrant || params[:registrant][:verified] == true + return false if !@changes_registrant || true?(params[:registrant][:verified]) return true unless domain.disputed? domain.add_epp_error('2304', nil, nil, 'Required parameter missing; reservedpw element ' \ @@ -282,5 +283,9 @@ module Actions false end + + def true?(obj) + obj.to_s.downcase == 'true' + end end end diff --git a/app/interactions/actions/invoice_cancel.rb b/app/interactions/actions/invoice_cancel.rb new file mode 100644 index 000000000..2f0a77894 --- /dev/null +++ b/app/interactions/actions/invoice_cancel.rb @@ -0,0 +1,15 @@ +module Actions + class InvoiceCancel + attr_reader :invoice + + def initialize(invoice) + @invoice = invoice + end + + def call + return false unless @invoice.can_be_cancelled? + + @invoice.update(cancelled_at: Time.zone.now) + end + end +end diff --git a/app/models/ability.rb b/app/models/ability.rb index bc2caa6ba..31543a586 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -34,9 +34,11 @@ class Ability if @user.registrar.api_ip_white?(@ip) can :manage, Depp::Contact can :manage, :xml_console - can :manage, Depp::Domain + can :manage, Depp::Domain end + can :manage, Account + # Poll can :manage, :poll @@ -65,12 +67,13 @@ class Ability can(:update, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } can(:delete, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } can(:renew, Epp::Contact) - can(:transfer, Epp::Contact) + can(:transfer, Epp::Contact) can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } end def billing # Registrar/api_user dynamic role can(:manage, Invoice) { |i| i.buyer_id == @user.registrar_id } + can :manage, Account can :manage, :deposit can :read, AccountActivity can :manage, :balance_auto_reload diff --git a/app/models/action.rb b/app/models/action.rb index 8a822f867..03c8e9fe8 100644 --- a/app/models/action.rb +++ b/app/models/action.rb @@ -28,14 +28,20 @@ class Action < ApplicationRecord end def to_non_available_contact_codes - return [] unless bulk_action? + return [serialized_contact(contact)] unless bulk_action? subactions.map do |a| - { - code: a.contact.code, - avail: 0, - reason: 'in use', - } + serialized_contact(a.contact) end end + + private + + def serialized_contact(contact) + { + code: contact.code, + avail: 0, + reason: 'in use', + } + end end diff --git a/app/models/admin_domain_contact.rb b/app/models/admin_domain_contact.rb index 7ccf3efcb..9003afb0f 100644 --- a/app/models/admin_domain_contact.rb +++ b/app/models/admin_domain_contact.rb @@ -6,7 +6,7 @@ class AdminDomainContact < DomainContact skipped_domains = [] admin_contacts = where(contact: current_contact) - admin_contacts.each do |admin_contact| + admin_contacts.includes(:domain).each do |admin_contact| if admin_contact.domain.bulk_update_prohibited? skipped_domains << admin_contact.domain.name next diff --git a/app/models/api_user.rb b/app/models/api_user.rb index 8ae131a6e..d357a2e75 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -30,11 +30,11 @@ class ApiUser < User alias_attribute :login, :username - SUPER = 'super' - EPP = 'epp' - BILLING = 'billing' + SUPER = 'super'.freeze + EPP = 'epp'.freeze + BILLING = 'billing'.freeze - ROLES = %w(super epp billing) # should not match to admin roles + ROLES = %w[super epp billing].freeze # should not match to admin roles def ability @ability ||= Ability.new(self) @@ -72,8 +72,8 @@ class ApiUser < User def linked_users self.class.where(identity_code: identity_code) - .where("identity_code IS NOT NULL AND identity_code != ''") - .where.not(id: id) + .where("identity_code IS NOT NULL AND identity_code != ''") + .where.not(id: id) end def linked_with?(another_api_user) diff --git a/app/models/balance_auto_reload_types/threshold.rb b/app/models/balance_auto_reload_types/threshold.rb index d55cb977a..8bb494ae5 100644 --- a/app/models/balance_auto_reload_types/threshold.rb +++ b/app/models/balance_auto_reload_types/threshold.rb @@ -1,6 +1,7 @@ module BalanceAutoReloadTypes class Threshold include ActiveModel::Model + include ActiveModel::Validations attr_accessor :amount, :threshold @@ -11,8 +12,9 @@ module BalanceAutoReloadTypes Setting.minimum_deposit end - def as_json(options) + def as_json(options = nil) { name: name }.merge(super) + .except('errors', 'validation_context') end private diff --git a/app/models/bulk_action.rb b/app/models/bulk_action.rb deleted file mode 100644 index 9c98ee2db..000000000 --- a/app/models/bulk_action.rb +++ /dev/null @@ -1 +0,0 @@ -class BulkAction < Action; end diff --git a/app/models/concerns/invoice/cancellable.rb b/app/models/concerns/invoice/cancellable.rb index 8c9e142a8..9b1c6435b 100644 --- a/app/models/concerns/invoice/cancellable.rb +++ b/app/models/concerns/invoice/cancellable.rb @@ -5,12 +5,22 @@ module Invoice::Cancellable scope :non_cancelled, -> { where(cancelled_at: nil) } end + def can_be_cancelled? + unless cancellable? + errors.add(:base, :invoice_status_prohibits_operation) + return false + end + + true + end + def cancellable? unpaid? && not_cancelled? end def cancel raise 'Invoice cannot be cancelled' unless cancellable? + update!(cancelled_at: Time.zone.now) end diff --git a/app/models/concerns/invoice/payable.rb b/app/models/concerns/invoice/payable.rb index 6e2cc19b4..855ea8f41 100644 --- a/app/models/concerns/invoice/payable.rb +++ b/app/models/concerns/invoice/payable.rb @@ -15,6 +15,8 @@ module Invoice::Payable end def receipt_date + return unless paid? + account_activity.created_at.to_date end diff --git a/app/models/contact.rb b/app/models/contact.rb index 2be404997..58c25f777 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -80,41 +80,41 @@ class Contact < ApplicationRecord self.ignored_columns = %w[legacy_id legacy_history_id] - ORG = 'org' - PRIV = 'priv' + ORG = 'org'.freeze + PRIV = 'priv'.freeze # For foreign private persons who has no national identification number BIRTHDAY = 'birthday'.freeze # From old registry software ("Fred"). No new contact can be created with this status - PASSPORT = 'passport' + PASSPORT = 'passport'.freeze # # STATUSES # # Requests to delete the object MUST be rejected. - CLIENT_DELETE_PROHIBITED = 'clientDeleteProhibited' - SERVER_DELETE_PROHIBITED = 'serverDeleteProhibited' + CLIENT_DELETE_PROHIBITED = 'clientDeleteProhibited'.freeze + SERVER_DELETE_PROHIBITED = 'serverDeleteProhibited'.freeze # Requests to transfer the object MUST be rejected. - CLIENT_TRANSFER_PROHIBITED = 'clientTransferProhibited' - SERVER_TRANSFER_PROHIBITED = 'serverTransferProhibited' + CLIENT_TRANSFER_PROHIBITED = 'clientTransferProhibited'.freeze + SERVER_TRANSFER_PROHIBITED = 'serverTransferProhibited'.freeze # The contact object has at least one active association with # another object, such as a domain object. Servers SHOULD provide # services to determine existing object associations. # "linked" status MAY be combined with any status. - LINKED = 'linked' + LINKED = 'linked'.freeze # This is the normal status value for an object that has no pending # operations or prohibitions. This value is set and removed by the # server as other status values are added or removed. # "ok" status MAY only be combined with "linked" status. - OK = 'ok' + OK = 'ok'.freeze # Requests to update the object (other than to remove this status) MUST be rejected. - CLIENT_UPDATE_PROHIBITED = 'clientUpdateProhibited' - SERVER_UPDATE_PROHIBITED = 'serverUpdateProhibited' + CLIENT_UPDATE_PROHIBITED = 'clientUpdateProhibited'.freeze + SERVER_UPDATE_PROHIBITED = 'serverUpdateProhibited'.freeze # A transform command has been processed for the object, but the # action has not been completed by the server. Server operators can @@ -129,16 +129,16 @@ class Contact < ApplicationRecord # the status of the object has changed. # The pendingCreate, pendingDelete, pendingTransfer, and pendingUpdate # status values MUST NOT be combined with each other. - PENDING_CREATE = 'pendingCreate' + PENDING_CREATE = 'pendingCreate'.freeze # "pendingTransfer" status MUST NOT be combined with either # "clientTransferProhibited" or "serverTransferProhibited" status. - PENDING_TRANSFER = 'pendingTransfer' + PENDING_TRANSFER = 'pendingTransfer'.freeze # "pendingUpdate" status MUST NOT be combined with either # "clientUpdateProhibited" or "serverUpdateProhibited" status. - PENDING_UPDATE = 'pendingUpdate' + PENDING_UPDATE = 'pendingUpdate'.freeze # "pendingDelete" MUST NOT be combined with either # "clientDeleteProhibited" or "serverDeleteProhibited" status. - PENDING_DELETE = 'pendingDelete' + PENDING_DELETE = 'pendingDelete'.freeze STATUSES = [ CLIENT_DELETE_PROHIBITED, SERVER_DELETE_PROHIBITED, @@ -146,18 +146,18 @@ class Contact < ApplicationRecord SERVER_TRANSFER_PROHIBITED, CLIENT_UPDATE_PROHIBITED, SERVER_UPDATE_PROHIBITED, OK, PENDING_CREATE, PENDING_DELETE, PENDING_TRANSFER, PENDING_UPDATE, LINKED - ] + ].freeze CLIENT_STATUSES = [ CLIENT_DELETE_PROHIBITED, CLIENT_TRANSFER_PROHIBITED, CLIENT_UPDATE_PROHIBITED - ] + ].freeze SERVER_STATUSES = [ SERVER_UPDATE_PROHIBITED, SERVER_DELETE_PROHIBITED, - SERVER_TRANSFER_PROHIBITED - ] + SERVER_TRANSFER_PROHIBITED, + ].freeze # # END OF STATUSES # @@ -355,7 +355,7 @@ class Contact < ApplicationRecord @desc[dom.name][:roles] << :registrant end - domain_contacts.each do |dc| + domain_contacts.includes(:domain).each do |dc| @desc[dc.domain.name] ||= { id: dc.domain.uuid, roles: [] } @desc[dc.domain.name][:roles] << dc.name.downcase.to_sym @desc[dc.domain.name] = @desc[dc.domain.name].compact @@ -383,6 +383,10 @@ class Contact < ApplicationRecord "#{code} #{name}" end + def name_disclosed_by_registrar(reg_id) + registrar_id == reg_id ? name : 'N/A' + end + def strip_email self.email = email.to_s.strip end @@ -405,7 +409,7 @@ class Contact < ApplicationRecord # using small rails hack to generate outer join domains = if sorts.first == 'registrar_name'.freeze - domains.includes(:registrar).where.not(registrars: { id: nil }) + domains.where.not(registrars: { id: nil }) .order("registrars.name #{order} NULLS LAST") else domains.order("#{sort} #{order} NULLS LAST") @@ -422,7 +426,6 @@ class Contact < ApplicationRecord end domains.each { |d| d.roles = domain_c[d.id].uniq } - domains end @@ -438,18 +441,28 @@ class Contact < ApplicationRecord end end - def qualified_domain_ids(domain_filter) - registrant_ids = registrant_domains.pluck(:id) - return registrant_ids if domain_filter == 'Registrant' + def qualified_domain_ids(filters) + rant_domains = registrant_domains.map { |d| { id: d.id, type: ['Registrant'] } } + contact_domains = domain_contacts.map { |dc| { id: dc.domain_id, type: [dc.type] } } + grouped_domains = group_by_id_and_type(rant_domains + contact_domains) + return grouped_domains.keys if filters.nil? || filters == '' - if %w[AdminDomainContact TechDomainContact].include? domain_filter - DomainContact.select('domain_id').where(contact_id: id, type: domain_filter) - else - (DomainContact.select('domain_id').where(contact_id: id).pluck(:domain_id) + - registrant_ids).uniq - end + # use domain_filters.sort == v.sort if should be exact match + grouped_domains.reject { |_, v| ([].push(filters).flatten & v).empty? }.keys end + # def qualified_domain_ids(domain_filter) + # registrant_ids = registrant_domains.pluck(:id) + # return registrant_ids if domain_filter == 'Registrant' + + # if %w[AdminDomainContact TechDomainContact].include? domain_filter + # DomainContact.where(contact_id: id, type: domain_filter).pluck(:domain_id) + # else + # (DomainContact.where(contact_id: id).pluck(:domain_id) + + # registrant_ids).uniq + # end + # end + def update_prohibited? (statuses & [ CLIENT_UPDATE_PROHIBITED, @@ -459,7 +472,7 @@ class Contact < ApplicationRecord PENDING_CREATE, PENDING_TRANSFER, PENDING_UPDATE, - PENDING_DELETE + PENDING_DELETE, ]).present? end @@ -590,4 +603,14 @@ class Contact < ApplicationRecord def self.csv_header ['Name', 'ID', 'Ident', 'E-mail', 'Created at', 'Registrar', 'Phone'] end + + private + + def group_by_id_and_type(domains_hash_array) + domains_hash_array.group_by { |d| d[:id] } + .transform_values do |v| + v.each.with_object(:type) + .map(&:[]).flatten + end + end end diff --git a/app/models/contact_update_action.rb b/app/models/contact_update_action.rb new file mode 100644 index 000000000..4e7444948 --- /dev/null +++ b/app/models/contact_update_action.rb @@ -0,0 +1 @@ +class ContactUpdateAction < Action; end diff --git a/app/models/deposit.rb b/app/models/deposit.rb index 5943f1540..711d59d72 100644 --- a/app/models/deposit.rb +++ b/app/models/deposit.rb @@ -33,6 +33,7 @@ class Deposit def issue_prepayment_invoice return unless valid? + registrar.issue_prepayment_invoice(amount, description) end end diff --git a/app/models/depp/user.rb b/app/models/depp/user.rb index 60c6f6c3d..36fc48fdc 100644 --- a/app/models/depp/user.rb +++ b/app/models/depp/user.rb @@ -31,8 +31,8 @@ module Depp def request(xml) Nokogiri::XML(server.request(xml)).remove_namespaces! - rescue EppErrorResponse => e - Nokogiri::XML(e.response_xml.to_s).remove_namespaces! + rescue EppErrorResponse => e + Nokogiri::XML(e.response_xml.to_s).remove_namespaces! end private diff --git a/app/models/domain_transfer.rb b/app/models/domain_transfer.rb index 02ab2bc88..ff9e55276 100644 --- a/app/models/domain_transfer.rb +++ b/app/models/domain_transfer.rb @@ -4,10 +4,10 @@ class DomainTransfer < ApplicationRecord belongs_to :old_registrar, class_name: 'Registrar' belongs_to :new_registrar, class_name: 'Registrar' - PENDING = 'pending' - CLIENT_APPROVED = 'clientApproved' - CLIENT_REJECTED = 'clientRejected' - SERVER_APPROVED = 'serverApproved' + PENDING = 'pending'.freeze + CLIENT_APPROVED = 'clientApproved'.freeze + CLIENT_REJECTED = 'clientRejected'.freeze + SERVER_APPROVED = 'serverApproved'.freeze before_create :set_wait_until diff --git a/app/models/invoice.rb b/app/models/invoice.rb index 66d3faf86..b7e60abfb 100644 --- a/app/models/invoice.rb +++ b/app/models/invoice.rb @@ -180,6 +180,13 @@ class Invoice < ApplicationRecord private + ransacker :number_str do + Arel.sql( + "regexp_replace( + to_char(\"#{table_name}\".\"number\", '999999999999'), ' ', '', 'g')" + ) + end + def receipt_date_status if paid? receipt_date diff --git a/app/models/notification.rb b/app/models/notification.rb index c9af66c56..8cb4335a2 100644 --- a/app/models/notification.rb +++ b/app/models/notification.rb @@ -1,5 +1,6 @@ class Notification < ApplicationRecord include Versions # version/notification_version.rb + include EppErrors belongs_to :registrar belongs_to :action, optional: true diff --git a/app/models/registrar.rb b/app/models/registrar.rb index caefaddd6..1eba314dc 100644 --- a/app/models/registrar.rb +++ b/app/models/registrar.rb @@ -97,7 +97,7 @@ class Registrar < ApplicationRecord description: 'prepayment', unit: 'piece', quantity: 1, - price: amount + price: amount, } ] ) @@ -233,13 +233,9 @@ class Registrar < ApplicationRecord def notify(action) text = I18n.t("notifications.texts.#{action.notification_key}", contact: action.contact&.code, count: action.subactions&.count) - if action.bulk_action? - notifications.create!(text: text, action_id: action.id, - attached_obj_type: 'BulkAction', - attached_obj_id: action.id) - else - notifications.create!(text: text) - end + notifications.create!(text: text, action_id: action.id, + attached_obj_type: 'ContactUpdateAction', + attached_obj_id: action.id) end def e_invoice_iban diff --git a/app/models/tech_domain_contact.rb b/app/models/tech_domain_contact.rb index eff815350..30db6dec7 100644 --- a/app/models/tech_domain_contact.rb +++ b/app/models/tech_domain_contact.rb @@ -5,7 +5,7 @@ class TechDomainContact < DomainContact skipped_domains = [] tech_contacts = where(contact: current_contact) - tech_contacts.each do |tech_contact| + tech_contacts.includes(:domain).each do |tech_contact| if irreplaceable?(tech_contact) skipped_domains << tech_contact.domain.name next diff --git a/app/models/user.rb b/app/models/user.rb index cca07ca14..3bb8318c3 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -16,6 +16,6 @@ class User < ApplicationRecord identity_code = uid.slice(2..-1) # country_code = uid.slice(0..1) - find_by(identity_code: identity_code) + find_by(identity_code: identity_code, active: true) end end diff --git a/app/presenters/registrar/domain_list_csv_presenter.rb b/app/presenters/registrar/domain_list_csv_presenter.rb index e38f3f54e..a216d9561 100644 --- a/app/presenters/registrar/domain_list_csv_presenter.rb +++ b/app/presenters/registrar/domain_list_csv_presenter.rb @@ -17,13 +17,13 @@ class Registrar::DomainListCsvPresenter private def header - columns = %w( + columns = %w[ domain_name transfer_code registrant_name registrant_code expire_time - ) + ] columns.map! { |column| view.t("registrar.domains.index.csv.#{column}") } @@ -37,7 +37,6 @@ class Registrar::DomainListCsvPresenter row[2] = domain.registrant.name row[3] = domain.registrant.code row[4] = domain.expire_date - row CSV::Row.new([], row) end diff --git a/app/views/epp/poll/poll_req.xml.builder b/app/views/epp/poll/poll_req.xml.builder index 0a916e6ad..373b8194b 100644 --- a/app/views/epp/poll/poll_req.xml.builder +++ b/app/views/epp/poll/poll_req.xml.builder @@ -15,7 +15,7 @@ xml.epp_head do xml.resData do xml << render('epp/domains/partials/transfer', builder: xml, dt: @object) end - when 'BulkAction' + when 'ContactUpdateAction' xml.resData do xml << render( 'epp/contacts/partials/check', diff --git a/app/views/registrar/domains/_search_form.html.erb b/app/views/registrar/domains/_search_form.html.erb index e9e5b5e1a..584b15ba1 100644 --- a/app/views/registrar/domains/_search_form.html.erb +++ b/app/views/registrar/domains/_search_form.html.erb @@ -44,7 +44,7 @@
- <%= f.label :valid_to_from, for: nil %> + <%= f.label :valid_to_gteq, for: nil %> <%= f.search_field :valid_to_gteq, value: search_params[:valid_to_gteq], class: 'form-control js-datepicker', placeholder: t(:valid_to_from) %> @@ -53,7 +53,7 @@
- <%= f.label :valid_to_until, for: nil %> + <%= f.label :valid_to_lteq, for: nil %> <%= f.search_field :valid_to_lteq, value: search_params[:valid_to_lteq], class: 'form-control js-datepicker', placeholder: t(:valid_to_until) %> diff --git a/app/views/registrar/polls/show.haml b/app/views/registrar/polls/show.haml index 4ff116b81..c97d7a5d5 100644 --- a/app/views/registrar/polls/show.haml +++ b/app/views/registrar/polls/show.haml @@ -27,10 +27,11 @@ = form_tag confirm_transfer_registrar_poll_path, class: 'js-transfer-form' do = hidden_field_tag 'domain[name]', @data.css('name').text - - @data.css('trnData').children.each do |x| - - next if x.blank? - %dt= t(x.name) - %dd= x.text + - @data.css('trnData').children.each do |x| + - next if x.blank? + %dt= t(x.name) + %dd= x.text + - else .row .col-sm-12 diff --git a/config/initializers/arel.rb b/config/initializers/arel.rb new file mode 100644 index 000000000..9db1facf3 --- /dev/null +++ b/config/initializers/arel.rb @@ -0,0 +1,25 @@ +require 'arel/nodes/binary' +require 'arel/predications' +require 'arel/visitors/postgresql' + +module Arel + class Nodes::ContainsArray < Arel::Nodes::Binary + def operator + :"@>" + end + end + + class Visitors::PostgreSQL + private + + def visit_Arel_Nodes_ContainsArray(o, collector) + infix_value o, collector, ' @> ' + end + end + + module Predications + def contains_array(other) + Nodes::ContainsArray.new self, Nodes.build_quoted(other, self) + end + end +end \ No newline at end of file diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index e3e0d644b..2690160ef 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -15,62 +15,67 @@ host = ENV['tara_host'] identifier = ENV['tara_identifier'] secret = ENV['tara_secret'] redirect_uri = ENV['tara_redirect_uri'] +authorization_endpoint = ENV['tara_authorization_endpoint'] +token_endpoint = ENV['tara_token_endpoint'] +jwks_uri = ENV['tara_jwks_uri'] +scope = ENV['tara_scope'] registrant_identifier = ENV['tara_rant_identifier'] registrant_secret = ENV['tara_rant_secret'] registrant_redirect_uri = ENV['tara_rant_redirect_uri'] Rails.application.config.middleware.use OmniAuth::Builder do - provider "tara", { - callback_path: '/registrar/open_id/callback', - name: 'tara', - scope: ['openid'], - state: Proc.new{ SecureRandom.hex(10) }, - client_signing_alg: :RS256, - client_jwk_signing_key: signing_keys, - send_scope_to_token_endpoint: false, - send_nonce: true, - issuer: issuer, + provider 'tara', { + callback_path: '/registrar/open_id/callback', + name: 'tara', + scope: scope, + # state: Proc.new{ SecureRandom.hex(10) }, + client_signing_alg: :RS256, + client_jwk_signing_key: signing_keys, + send_scope_to_token_endpoint: false, + send_nonce: true, + issuer: issuer, + discovery: true, - client_options: { - scheme: 'https', - host: host, + client_options: { + scheme: 'https', + host: host, - authorization_endpoint: '/oidc/authorize', - token_endpoint: '/oidc/token', - userinfo_endpoint: nil, # Not implemented - jwks_uri: '/oidc/jwks', + authorization_endpoint: authorization_endpoint, + token_endpoint: token_endpoint, + userinfo_endpoint: nil, # Not implemented + jwks_uri: jwks_uri, - # Registry - identifier: identifier, - secret: secret, - redirect_uri: redirect_uri, - }, + # Registry + identifier: identifier, + secret: secret, + redirect_uri: redirect_uri, + }, } - provider "tara", { - callback_path: '/registrant/open_id/callback', - name: 'rant_tara', - scope: ['openid'], - client_signing_alg: :RS256, - client_jwk_signing_key: signing_keys, - send_scope_to_token_endpoint: false, - send_nonce: true, - issuer: issuer, + provider 'tara', { + callback_path: '/registrant/open_id/callback', + name: 'rant_tara', + scope: ['openid'], + client_signing_alg: :RS256, + client_jwk_signing_key: signing_keys, + send_scope_to_token_endpoint: false, + send_nonce: true, + issuer: issuer, - client_options: { - scheme: 'https', - host: host, + client_options: { + scheme: 'https', + host: host, - authorization_endpoint: '/oidc/authorize', - token_endpoint: '/oidc/token', - userinfo_endpoint: nil, # Not implemented - jwks_uri: '/oidc/jwks', + authorization_endpoint: '/oidc/authorize', + token_endpoint: '/oidc/token', + userinfo_endpoint: nil, # Not implemented + jwks_uri: '/oidc/jwks', - # Registry - identifier: registrant_identifier, - secret: registrant_secret, - redirect_uri: registrant_redirect_uri, - }, + # Registry + identifier: registrant_identifier, + secret: registrant_secret, + redirect_uri: registrant_redirect_uri, + }, } end diff --git a/config/initializers/ransack.rb b/config/initializers/ransack.rb new file mode 100644 index 000000000..d26360672 --- /dev/null +++ b/config/initializers/ransack.rb @@ -0,0 +1,7 @@ +Ransack.configure do |config| + config.add_predicate 'contains_array', + arel_predicate: 'contains_array', + formatter: proc { |v| "{#{v}}" }, + validator: proc { |v| v.present? }, + type: :string +end \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 9c396cbde..ec8953a84 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -101,6 +101,11 @@ en: attributes: value: taken: 'Status already exists on this domain' + + invoice: + attributes: + base: + invoice_status_prohibits_operation: 'Invoice status prohibits operation' user: attributes: diff --git a/config/routes.rb b/config/routes.rb index 8fd80f923..6f336f4d4 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -71,12 +71,27 @@ Rails.application.routes.draw do resources :contacts do collection do get 'check/:id', to: 'contacts#check' + get 'search(/:id)', to: 'contacts#search' end end - resources :accounts do + resource :account, controller: :account, only: %i[index update] do collection do + get '/', to: 'account#index' get 'balance' + get 'details' + post 'update_auto_reload_balance' + get 'disable_auto_reload_balance' + end + end + resources :invoices, only: %i[index show] do + collection do + get ':id/download', to: 'invoices#download' + get ':id/cancel', to: 'invoices#cancel' + post 'add_credit' + end + member do + post 'send_to_recipient', to: 'invoices#send_to_recipient' end end resources :auctions, only: %i[index] @@ -98,6 +113,13 @@ Rails.application.routes.draw do put '/', to: 'nameservers#update' end end + resources :summary, only: %i[index] + resources :auth, only: %i[index] do + collection do + post '/tara_callback', to: 'auth#tara_callback' + put '/switch_user', to: 'auth#switch_user' + end + end end resources :domains, constraints: { id: /.*/ } do resources :nameservers, only: %i[index create destroy], constraints: { id: /.*/ }, controller: 'domains/nameservers' @@ -146,9 +168,9 @@ Rails.application.routes.draw do namespace :accreditation_center do # At the moment invoice_status endpoint returns only cancelled invoices. But in future logic of this enpoint can change. # And it will need to return invoices of different statuses. I decided to leave the name of the endpoint "invoice_status" - resources :invoice_status, only: [ :index ] - resource :domains, only: [ :show ], param: :name - resource :contacts, only: [ :show ], param: :id + resources :invoice_status, only: [:index] + resource :domains, only: [:show], param: :name + resource :contacts, only: [:show], param: :id # resource :auth, only: [ :index ] get 'auth', to: 'auth#index' end @@ -159,7 +181,7 @@ Rails.application.routes.draw do end match '*all', controller: 'cors', action: 'cors_preflight_check', via: [:options], - as: 'cors_preflight_check' + as: 'cors_preflight_check' end # REGISTRAR ROUTES diff --git a/lib/serializers/repp/contact.rb b/lib/serializers/repp/contact.rb index b5d03b5cd..c36fa3258 100644 --- a/lib/serializers/repp/contact.rb +++ b/lib/serializers/repp/contact.rb @@ -3,22 +3,32 @@ module Serializers class Contact attr_reader :contact - def initialize(contact, show_address:) + def initialize(contact, options = {}) @contact = contact - @show_address = show_address + @show_address = options[:show_address] + @domain_params = options[:domain_params] || nil + @simplify = options[:simplify] || false end def to_json(obj = contact) - json = { id: obj.code, name: obj.name, ident: ident, - email: obj.email, phone: obj.phone, - auth_info: obj.auth_info, statuses: obj.statuses, - disclosed_attributes: obj.disclosed_attributes } + return simple_object if @simplify + json = { id: obj.uuid, code: obj.code, name: obj.name, ident: ident, + email: obj.email, phone: obj.phone, created_at: obj.created_at, + auth_info: obj.auth_info, statuses: statuses, + disclosed_attributes: obj.disclosed_attributes, registrar: registrar } json[:address] = address if @show_address - + if @domain_params + json[:domains] = domains + json[:domains_count] = obj.qualified_domain_ids(@domain_params[:domain_filter]).size + end json end + def registrar + contact.registrar.as_json(only: %i[name website]) + end + def ident { code: contact.ident, @@ -31,6 +41,34 @@ module Serializers { street: contact.street, zip: contact.zip, city: contact.city, state: contact.state, country_code: contact.country_code } end + + def domains + contact.all_domains(page: @domain_params[:page], + per: @domain_params[:per_page], + params: @domain_params) + .map do |d| + { id: d.uuid, name: d.name, registrar: { name: d.registrar.name }, + valid_to: d.valid_to, roles: d.roles } + end + end + + def statuses + statuses_with_notes = contact.status_notes + contact.statuses.each do |status| + statuses_with_notes.merge!({ "#{status}": '' }) unless statuses_with_notes.key?(status) + end + statuses_with_notes + end + + private + + def simple_object + { + id: contact.uuid, + code: contact.code, + name: contact.name, + } + end end end end diff --git a/lib/serializers/repp/domain.rb b/lib/serializers/repp/domain.rb index d365859c1..07bb95e36 100644 --- a/lib/serializers/repp/domain.rb +++ b/lib/serializers/repp/domain.rb @@ -3,19 +3,25 @@ module Serializers class Domain attr_reader :domain - def initialize(domain, sponsored: true) + def initialize(domain, sponsored: true, simplify: false) @domain = domain @sponsored = sponsored + @simplify = simplify end # rubocop:disable Metrics/AbcSize def to_json(obj = domain) + return simple_object if @simplify + json = { - name: obj.name, registrant: obj.registrant.code, created_at: obj.created_at, - updated_at: obj.updated_at, expire_time: obj.expire_time, outzone_at: obj.outzone_at, - delete_date: obj.delete_date, force_delete_date: obj.force_delete_date, - contacts: contacts, nameservers: nameservers, dnssec_keys: dnssec_keys, - statuses: obj.status_notes, registrar: registrar + id: obj.uuid, name: obj.name, registrant: registrant, + created_at: obj.created_at, updated_at: obj.updated_at, + expire_time: obj.expire_time, + outzone_at: obj.outzone_at, delete_date: obj.delete_date, + force_delete_date: obj.force_delete_date, contacts: contacts, + nameservers: nameservers, dnssec_keys: dnssec_keys, + statuses: statuses, registrar: registrar, + dispute: Dispute.active.exists?(domain_name: obj.name) } json[:transfer_code] = obj.auth_info if @sponsored json @@ -23,22 +29,54 @@ module Serializers # rubocop:enable Metrics/AbcSize def contacts - domain.domain_contacts.map { |c| { code: c.contact.code, type: c.type } } - end - - def nameservers - domain.nameservers.map { |ns| { hostname: ns.hostname, ipv4: ns.ipv4, ipv6: ns.ipv6 } } - end - - def dnssec_keys - domain.dnskeys.map do |nssec| - { flags: nssec.flags, protocol: nssec.protocol, alg: nssec.alg, - public_key: nssec.public_key } + domain.domain_contacts.includes(:contact).map do |dc| + contact = dc.contact + { code: contact.code, type: dc.type, + name: contact.name_disclosed_by_registrar(domain.registrar_id) } end end + def nameservers + domain.nameservers.order(:created_at).as_json(only: %i[id hostname ipv4 ipv6]) + end + + def dnssec_keys + domain.dnskeys.order(:updated_at).as_json(only: %i[id flags protocol alg public_key]) + end + def registrar - { name: domain.registrar.name, website: domain.registrar.website } + domain.registrar.as_json(only: %i[name website]) + end + + def registrant + rant = domain.registrant + { + id: rant.uuid, + name: rant.name, + code: rant.code, + } + end + + def statuses + statuses_with_notes = domain.status_notes + domain.statuses.each do |status| + statuses_with_notes.merge!({ "#{status}": '' }) unless statuses_with_notes.key?(status) + end + statuses_with_notes + end + + private + + def simple_object + json = { + id: domain.uuid, + name: domain.name, + expire_time: domain.expire_time, + registrant: registrant, + statuses: statuses, + } + json[:transfer_code] = domain.auth_info if @sponsored + json end end end diff --git a/lib/serializers/repp/invoice.rb b/lib/serializers/repp/invoice.rb new file mode 100644 index 000000000..9bc7431b2 --- /dev/null +++ b/lib/serializers/repp/invoice.rb @@ -0,0 +1,85 @@ +module Serializers + module Repp + class Invoice + attr_reader :invoice + + def initialize(invoice, simplify: false) + @invoice = invoice + @simplify = simplify + end + + def to_json(obj = invoice) + return simple_object if @simplify + + { + id: obj.id, issue_date: obj.issue_date, cancelled_at: obj.cancelled_at, + paid: obj.paid?, payable: obj.payable?, cancellable: invoice.cancellable?, + receipt_date: obj.receipt_date, payment_link: obj.payment_link, + number: obj.number, subtotal: obj.subtotal, vat_amount: obj.vat_amount, + vat_rate: obj.vat_rate, total: obj.total, + description: obj.description, reference_no: obj.reference_no, + created_at: obj.created_at, updated_at: obj.updated_at, + due_date: obj.due_date, currency: obj.currency, + seller: seller, buyer: buyer, items: items, + recipient: obj.buyer.billing_email + } + end + + private + + def seller + { + name: invoice.seller_name, + reg_no: invoice.seller_reg_no, + iban: invoice.seller_iban, + bank: invoice.seller_bank, + swift: invoice.seller_swift, + vat_no: invoice.seller_vat_no, + address: invoice.seller_address, + country: invoice.seller_country.name, + phone: invoice.seller_phone, + url: invoice.seller_url, + email: invoice.seller_email, + contact_name: invoice.seller_contact_name, + } + end + + def buyer + { + name: invoice.buyer_name, + reg_no: invoice.buyer_reg_no, + address: invoice.buyer_address, + country: invoice.buyer_country.name, + phone: invoice.buyer_phone, + url: invoice.buyer_url, + email: invoice.buyer_email, + } + end + + def items + invoice.items.map do |item| + { description: item.description, unit: item.unit, + quantity: item.quantity, price: item.price, + sum_without_vat: item.item_sum_without_vat, + vat_amount: item.vat_amount, total: item.total } + end + end + + def simple_object + { + id: invoice.id, + number: invoice.number, + paid: invoice.paid?, + payable: invoice.payable?, + payment_link: invoice.payment_link, + receipt_date: invoice.receipt_date, + cancelled: invoice.cancelled?, + cancellable: invoice.cancellable?, + due_date: invoice.due_date, + total: invoice.total, + recipient: invoice.buyer.billing_email, + } + end + end + end +end diff --git a/test/integration/epp/poll_test.rb b/test/integration/epp/poll_test.rb index 29c24af26..7b114f7c0 100644 --- a/test/integration/epp/poll_test.rb +++ b/test/integration/epp/poll_test.rb @@ -56,7 +56,7 @@ class EppPollTest < EppTestCase bulk_action = actions(:contacts_update_bulk_action) @notification.update!(action: bulk_action, attached_obj_id: bulk_action.id, - attached_obj_type: 'BulkAction') + attached_obj_type: 'ContactUpdateAction') post epp_poll_path, params: { frame: request_req_xml }, headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } diff --git a/test/integration/repp/v1/accounts/balance_test.rb b/test/integration/repp/v1/account/balance_test.rb similarity index 88% rename from test/integration/repp/v1/accounts/balance_test.rb rename to test/integration/repp/v1/account/balance_test.rb index 4b711bd05..a8416be0a 100644 --- a/test/integration/repp/v1/accounts/balance_test.rb +++ b/test/integration/repp/v1/account/balance_test.rb @@ -11,7 +11,7 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest end def test_can_query_balance - get '/repp/v1/accounts/balance', headers: @auth_headers + get '/repp/v1/account/balance', headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -28,7 +28,7 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest started_from = "2010-07-05" end_to = DateTime.current.to_date.to_s(:db) - get "/repp/v1/accounts/balance?detailed=true", headers: @auth_headers + get "/repp/v1/account/balance?detailed=true", headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -44,8 +44,8 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest assert_equal @registrar.registrar.cash_account.account_activities.last.new_balance.to_s, entry[:balance] json[:data][:transactions].map do |trans| - assert trans[:created_at].to_date.to_s(:db) >= started_from - assert trans[:created_at].to_date.to_s(:db) >= end_to + assert trans[:created_at].to_date.to_s(:db) >= started_from + assert trans[:created_at].to_date.to_s(:db) >= end_to end end end diff --git a/test/integration/repp/v1/contacts/create_test.rb b/test/integration/repp/v1/contacts/create_test.rb index f30bc368f..af1ca0fbf 100644 --- a/test/integration/repp/v1/contacts/create_test.rb +++ b/test/integration/repp/v1/contacts/create_test.rb @@ -11,16 +11,16 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest def test_creates_new_contact request_body = { - "contact": { - "name": "Donald Trump", - "phone": "+372.51111112", - "email": "donald@trumptower.com", - "ident": { - "ident_type": "priv", - "ident_country_code": "EE", - "ident": "39708290069" - } - } + contact: { + name: 'Donald Trump', + phone: '+372.51111112', + email: 'donald@trumptower.com', + ident: { + ident_type: 'priv', + ident_country_code: 'EE', + ident: '39708290069', + }, + }, } post '/repp/v1/contacts', headers: @auth_headers, params: request_body @@ -30,7 +30,7 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest assert_equal 1000, json[:code] assert_equal 'Command completed successfully', json[:message] - contact = Contact.find_by(code: json[:data][:contact][:id]) + contact = Contact.find_by(code: json[:data][:contact][:code]) assert contact.present? assert_equal(request_body[:contact][:name], contact.name) @@ -42,21 +42,21 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest end def test_removes_postal_info_when_contact_created - request_body = { - "contact": { - "name": "Donald Trump", - "phone": "+372.51111111", - "email": "donald@trump.com", - "ident": { - "ident_type": "priv", - "ident_country_code": "EE", - "ident": "39708290069" + request_body = { + contact: { + name: 'Donald Trump', + phone: '+372.51111111', + email: 'donald@trump.com', + ident: { + ident_type: 'priv', + ident_country_code: 'EE', + ident: '39708290069', }, - "addr": { - "city": "Tallinn", - "street": "Wismari 13", - "zip": "12345", - "country_code": "EE" + addr: { + city: 'Tallinn', + street: 'Wismari 13', + zip: '12345', + country_code: 'EE', } } } @@ -68,7 +68,7 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest assert_equal 1100, json[:code] assert_equal 'Command completed successfully; Postal address data discarded', json[:message] - contact = Contact.find_by(code: json[:data][:contact][:id]) + contact = Contact.find_by(code: json[:data][:contact][:code]) assert contact.present? assert_nil contact.city @@ -126,21 +126,21 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest end def test_attaches_legaldoc_if_present - request_body = { - "contact": { - "name": "Donald Trump", - "phone": "+372.51111112", - "email": "donald@trumptower.com", - "ident": { - "ident_type": "priv", - "ident_country_code": "EE", - "ident": "39708290069" + request_body = { + contact: { + name: 'Donald Trump', + phone: '+372.51111112', + email: 'donald@trumptower.com', + ident: { + ident_type: 'priv', + ident_country_code: 'EE', + ident: '39708290069', + }, + legal_document: { + type: 'pdf', + body: ('test' * 2000).to_s, }, }, - "legal_document": { - "type": "pdf", - "body": "#{'test' * 2000}" - } } post '/repp/v1/contacts', headers: @auth_headers, params: request_body @@ -150,7 +150,7 @@ class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest assert_equal 1000, json[:code] assert_equal 'Command completed successfully', json[:message] - contact = Contact.find_by(code: json[:data][:contact][:id]) + contact = Contact.find_by(code: json[:data][:contact][:code]) assert contact.legal_documents.any? end end diff --git a/test/integration/repp/v1/contacts/list_test.rb b/test/integration/repp/v1/contacts/list_test.rb index 31c4baaf9..6cc3e4669 100644 --- a/test/integration/repp/v1/contacts/list_test.rb +++ b/test/integration/repp/v1/contacts/list_test.rb @@ -12,13 +12,13 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest def test_returns_registrar_contacts get repp_v1_contacts_path, headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) - + assert_response :ok - assert_equal @user.registrar.contacts.count, json[:total_number_of_records] - assert_equal @user.registrar.contacts.count, json[:contacts].length + assert_equal @user.registrar.contacts.count, json[:data][:count] + assert_equal @user.registrar.contacts.count, json[:data][:contacts].length - assert json[:contacts][0].is_a? String + assert json[:data][:contacts][0].is_a? String end @@ -28,10 +28,10 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest assert_response :ok - assert_equal @user.registrar.contacts.count, json[:total_number_of_records] - assert_equal @user.registrar.contacts.count, json[:contacts].length + assert_equal @user.registrar.contacts.count, json[:data][:count] + assert_equal @user.registrar.contacts.count, json[:data][:contacts].length - assert json[:contacts][0].is_a? Hash + assert json[:data][:contacts][0].is_a? Hash end def test_respects_limit @@ -40,7 +40,7 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest assert_response :ok - assert_equal 2, json[:contacts].length + assert_equal 2, json[:data][:contacts].length end def test_respects_offset @@ -50,6 +50,6 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest assert_response :ok - assert_equal (@user.registrar.contacts.count - offset), json[:contacts].length + assert_equal (@user.registrar.contacts.count - offset), json[:data][:contacts].length end end diff --git a/test/integration/repp/v1/contacts/show_test.rb b/test/integration/repp/v1/contacts/show_test.rb index 4a6f5b615..496935ab6 100644 --- a/test/integration/repp/v1/contacts/show_test.rb +++ b/test/integration/repp/v1/contacts/show_test.rb @@ -28,7 +28,7 @@ class ReppV1ContactsShowTest < ActionDispatch::IntegrationTest assert_equal 1000, json[:code] assert_equal 'Command completed successfully', json[:message] - assert_equal contact.code, json[:data][:id] + assert_equal contact.code, json[:data][:contact][:code] end def test_can_not_access_out_of_scope_contacts diff --git a/test/integration/repp/v1/contacts/update_test.rb b/test/integration/repp/v1/contacts/update_test.rb index cf27f98da..e75ce4188 100644 --- a/test/integration/repp/v1/contacts/update_test.rb +++ b/test/integration/repp/v1/contacts/update_test.rb @@ -24,14 +24,14 @@ class ReppV1ContactsUpdateTest < ActionDispatch::IntegrationTest assert_equal 1000, json[:code] assert_equal 'Command completed successfully', json[:message] - contact = Contact.find_by(code: json[:data][:contact][:id]) + contact = Contact.find_by(code: json[:data][:contact][:code]) assert contact.present? assert_equal(request_body[:contact][:email], contact.email) end def test_removes_postal_info_when_updated - request_body = { + request_body = { "contact": { "addr": { "city": "Tallinn", @@ -49,7 +49,7 @@ class ReppV1ContactsUpdateTest < ActionDispatch::IntegrationTest assert_equal 1100, json[:code] assert_equal 'Command completed successfully; Postal address data discarded', json[:message] - contact = Contact.find_by(code: json[:data][:contact][:id]) + contact = Contact.find_by(code: json[:data][:contact][:code]) assert contact.present? assert_nil contact.city @@ -81,14 +81,14 @@ class ReppV1ContactsUpdateTest < ActionDispatch::IntegrationTest end def test_attaches_legaldoc_if_present - request_body = { - "contact": { - "email": "donaldtrump@yandex.ru" + request_body = { + contact: { + email: 'donaldtrump@yandex.ru', + legal_document: { + type: 'pdf', + body: ('test' * 2000).to_s, + }, }, - "legal_document": { - "type": "pdf", - "body": "#{'test' * 2000}" - } } put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body @@ -103,9 +103,11 @@ class ReppV1ContactsUpdateTest < ActionDispatch::IntegrationTest end def test_returns_error_if_ident_wrong_format - request_body = { - "contact": { - "ident": "123" + request_body = { + contact: { + ident: { + ident: '123', + } } } diff --git a/test/integration/repp/v1/domains/contact_replacement_test.rb b/test/integration/repp/v1/domains/contact_replacement_test.rb index 3cbd9eb8e..65ddb4c9d 100644 --- a/test/integration/repp/v1/domains/contact_replacement_test.rb +++ b/test/integration/repp/v1/domains/contact_replacement_test.rb @@ -15,7 +15,7 @@ class ReppV1DomainsContactReplacementTest < ActionDispatch::IntegrationTest payload = { "current_contact_id": replaceable_contact.code, - "new_contact_id": replacing_contact.code + "new_contact_id": replacing_contact.code, } patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload @@ -37,7 +37,7 @@ class ReppV1DomainsContactReplacementTest < ActionDispatch::IntegrationTest payload = { "current_contact_id": replaceable_contact.code, - "new_contact_id": replacing_contact.code + "new_contact_id": replacing_contact.code, } patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload @@ -51,7 +51,7 @@ class ReppV1DomainsContactReplacementTest < ActionDispatch::IntegrationTest def test_contact_codes_must_be_valid payload = { "current_contact_id": 'dfgsdfg', - "new_contact_id": 'vvv' + "new_contact_id": 'vvv', } patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload @@ -61,5 +61,4 @@ class ReppV1DomainsContactReplacementTest < ActionDispatch::IntegrationTest assert_equal 2303, json[:code] assert_equal 'Object does not exist', json[:message] end - end diff --git a/test/integration/repp/v1/domains/delete_test.rb b/test/integration/repp/v1/domains/delete_test.rb index 08b73e832..818815473 100644 --- a/test/integration/repp/v1/domains/delete_test.rb +++ b/test/integration/repp/v1/domains/delete_test.rb @@ -15,9 +15,11 @@ class ReppV1DomainsDeleteTest < ActionDispatch::IntegrationTest @auth_headers['Content-Type'] = 'application/json' payload = { - delete: { - verified: false - } + domain: { + delete: { + verified: false, + }, + }, } delete "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json @@ -36,9 +38,11 @@ class ReppV1DomainsDeleteTest < ActionDispatch::IntegrationTest @auth_headers['Content-Type'] = 'application/json' payload = { - delete: { - verified: true - } + domain: { + delete: { + verified: true, + }, + }, } delete "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json diff --git a/test/integration/repp/v1/domains/list_test.rb b/test/integration/repp/v1/domains/list_test.rb index 366ac4d26..645947b57 100644 --- a/test/integration/repp/v1/domains/list_test.rb +++ b/test/integration/repp/v1/domains/list_test.rb @@ -15,7 +15,7 @@ class ReppV1DomainsListTest < ActionDispatch::IntegrationTest assert_response :ok - assert_equal @user.registrar.domains.count, json[:data][:total_number_of_records] + assert_equal @user.registrar.domains.count, json[:data][:count] assert_equal @user.registrar.domains.count, json[:data][:domains].length assert json[:data][:domains][0].is_a? String @@ -27,7 +27,7 @@ class ReppV1DomainsListTest < ActionDispatch::IntegrationTest assert_response :ok - assert_equal @user.registrar.domains.count, json[:data][:total_number_of_records] + assert_equal @user.registrar.domains.count, json[:data][:count] assert_equal @user.registrar.domains.count, json[:data][:domains].length assert json[:data][:domains][0].is_a? Hash diff --git a/test/integration/repp/v1/domains/renews_test.rb b/test/integration/repp/v1/domains/renews_test.rb index 3949f49dd..2fc1b7590 100644 --- a/test/integration/repp/v1/domains/renews_test.rb +++ b/test/integration/repp/v1/domains/renews_test.rb @@ -18,7 +18,7 @@ class ReppV1DomainsRenewsTest < ActionDispatch::IntegrationTest :prepare_renewed_expire_time).and_call_through @auth_headers['Content-Type'] = 'application/json' - payload = { renew: { period: 1, period_unit: 'y', exp_date: original_valid_to } } + payload = { renews: { period: 1, period_unit: 'y', exp_date: original_valid_to } } post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json json = JSON.parse(response.body, symbolize_names: true) @@ -36,7 +36,7 @@ class ReppV1DomainsRenewsTest < ActionDispatch::IntegrationTest travel_to Time.zone.parse('2010-07-05') @auth_headers['Content-Type'] = 'application/json' - payload = { renew: { period: 10, period_unit: 'y', exp_date: original_valid_to } } + payload = { renews: { period: 10, period_unit: 'y', exp_date: original_valid_to } } post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json json = JSON.parse(response.body, symbolize_names: true) @@ -60,7 +60,7 @@ class ReppV1DomainsRenewsTest < ActionDispatch::IntegrationTest one_year.reload @auth_headers['Content-Type'] = 'application/json' - payload = { renew: { period: 1, period_unit: 'y', exp_date: original_valid_to } } + payload = { renews: { period: 1, period_unit: 'y', exp_date: original_valid_to } } post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json json = JSON.parse(response.body, symbolize_names: true) diff --git a/test/integration/repp/v1/domains/update_test.rb b/test/integration/repp/v1/domains/update_test.rb index d924fe7a3..59fb00d34 100644 --- a/test/integration/repp/v1/domains/update_test.rb +++ b/test/integration/repp/v1/domains/update_test.rb @@ -16,8 +16,8 @@ class ReppV1DomainsUpdateTest < ActionDispatch::IntegrationTest payload = { domain: { - auth_code: new_auth_code - } + auth_code: new_auth_code, + }, } put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json @@ -40,9 +40,9 @@ class ReppV1DomainsUpdateTest < ActionDispatch::IntegrationTest payload = { domain: { registrant: { - code: new_registrant.code - } - } + code: new_registrant.code, + }, + }, } put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json @@ -67,13 +67,14 @@ class ReppV1DomainsUpdateTest < ActionDispatch::IntegrationTest domain: { registrant: { code: new_registrant.code, - verified: true - } - } + verified: true, + }, + }, } put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json @domain.reload + json = JSON.parse(response.body, symbolize_names: true) assert_response :ok assert_equal 1000, json[:code] diff --git a/test/models/registrant_user_test.rb b/test/models/registrant_user_test.rb index 81e57fa72..4059720c9 100644 --- a/test/models/registrant_user_test.rb +++ b/test/models/registrant_user_test.rb @@ -60,6 +60,8 @@ class RegistrantUserTest < ActiveSupport::TestCase end bulk_action = @user.actions.where(operation: :bulk_update).last + single_action = @user.actions.find_by(operation: :update, + contact_id: contacts(:identical_to_william).id) assert_equal 4, bulk_action.subactions.size @@ -67,14 +69,14 @@ class RegistrantUserTest < ActiveSupport::TestCase notification = r.notifications.unread.order('created_at DESC').take if r == registrars(:bestnames) assert_equal '4 contacts have been updated by registrant', notification.text - assert_equal 'BulkAction', notification.attached_obj_type + assert_equal 'ContactUpdateAction', notification.attached_obj_type assert_equal bulk_action.id, notification.attached_obj_id assert_equal bulk_action.id, notification.action_id else assert_equal 'Contact william-002 has been updated by registrant', notification.text - refute notification.action_id - refute notification.attached_obj_id - refute notification.attached_obj_type + assert_equal 'ContactUpdateAction', notification.attached_obj_type + assert_equal single_action.id, notification.attached_obj_id + assert_equal single_action.id, notification.action_id end end end From 7c570e2916de3cbc105d3c8274d856d3ba4f4660 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 6 Jun 2022 16:12:16 +0300 Subject: [PATCH 02/27] Fixed codeclimate errors --- app/controllers/repp/v1/account_controller.rb | 2 +- .../repp/v1/contacts_controller.rb | 7 +- .../repp/v1/domains/renews_controller.rb | 29 +++--- app/controllers/repp/v1/domains_controller.rb | 47 +++++----- .../repp/v1/invoices_controller.rb | 2 +- .../repp/v1/registrar/auth_controller.rb | 2 +- .../repp/v1/registrar/summary_controller.rb | 91 ++++++++++--------- app/models/admin_domain_contact.rb | 2 +- app/models/tech_domain_contact.rb | 2 +- lib/serializers/repp/contact.rb | 12 ++- lib/serializers/repp/domain.rb | 2 + lib/serializers/repp/invoice.rb | 19 ++-- 12 files changed, 114 insertions(+), 103 deletions(-) diff --git a/app/controllers/repp/v1/account_controller.rb b/app/controllers/repp/v1/account_controller.rb index e412b784d..85d79fe68 100644 --- a/app/controllers/repp/v1/account_controller.rb +++ b/app/controllers/repp/v1/account_controller.rb @@ -1,6 +1,6 @@ module Repp module V1 - class AccountController < BaseController + class AccountController < BaseController # rubocop:disable Metrics/ClassLength load_and_authorize_resource api :get, '/repp/v1/account' diff --git a/app/controllers/repp/v1/contacts_controller.rb b/app/controllers/repp/v1/contacts_controller.rb index 01230c7fe..309a53a36 100644 --- a/app/controllers/repp/v1/contacts_controller.rb +++ b/app/controllers/repp/v1/contacts_controller.rb @@ -9,7 +9,7 @@ module Repp desc 'Get all existing contacts' def index authorize! :check, Epp::Contact - records = current_user.registrar.contacts.order(created_at: :desc) + records = current_user.registrar.contacts q = records.ransack(search_params) q.sorts = 'created_at desc' if q.sorts.empty? @@ -19,8 +19,7 @@ module Repp .includes(:domain_contacts, :registrant_domains, :registrar) render_success(data: { contacts: serialized_contacts(limited_contacts), - count: contacts.count, - statuses: Contact::STATUSES, + count: contacts.count, statuses: Contact::STATUSES, ident_types: Contact::Ident.types }) end @@ -156,7 +155,7 @@ module Repp end def serialized_contacts(contacts) - return contacts.map {|c| c.code } unless index_params[:details] == 'true' + return contacts.map(&code) unless index_params[:details] == 'true' address_processing = Contact.address_processing? contacts.map do |c| diff --git a/app/controllers/repp/v1/domains/renews_controller.rb b/app/controllers/repp/v1/domains/renews_controller.rb index f963cd3a7..26365dffc 100644 --- a/app/controllers/repp/v1/domains/renews_controller.rb +++ b/app/controllers/repp/v1/domains/renews_controller.rb @@ -51,14 +51,11 @@ module Repp def select_renewable_domains @epp_errors ||= ActiveModel::Errors.new(self) - - if bulk_renew_params[:domains].instance_of?(Array) - @domains = bulk_renew_domains - @epp_errors.add(:epp_errors, msg: 'Domains cannot be empty', code: '2005') if @domains.empty? - else - @epp_errors.add(:epp_errors, msg: 'Domains attribute must be an array', code: '2005') + @domains = bulk_renew_domains + if @domains.empty? + @epp_errors.add(:epp_errors, msg: 'Domains cannot be empty', + code: '2005') end - return handle_errors if @epp_errors.any? end @@ -77,14 +74,18 @@ module Repp def bulk_renew_domains @epp_errors ||= ActiveModel::Errors.new(self) domains = [] - bulk_renew_params[:domains].each do |idn| - domain = Epp::Domain.find_by(name: idn) - domains << domain if domain - next if domain + if bulk_renew_params[:domains].instance_of?(Array) + bulk_renew_params[:domains].each do |idn| + domain = Epp::Domain.find_by(name: idn) + domains << domain if domain + next if domain - @epp_errors.add(:epp_errors, - msg: "Object does not exist: #{idn}", - code: '2304') + @epp_errors.add(:epp_errors, + msg: "Object does not exist: #{idn}", + code: '2304') + end + else + @epp_errors.add(:epp_errors, msg: 'Domains attribute must be an array', code: '2005') end domains diff --git a/app/controllers/repp/v1/domains_controller.rb b/app/controllers/repp/v1/domains_controller.rb index 37f735b69..00005e84d 100644 --- a/app/controllers/repp/v1/domains_controller.rb +++ b/app/controllers/repp/v1/domains_controller.rb @@ -30,7 +30,7 @@ module Repp api :GET, '/repp/v1/domains/:domain_name' desc 'Get a specific domain' def show - @domain = Epp::Domain.find_by_name(params[:id]) + @domain = Epp::Domain.find_by(name: params[:id]) authorize! :info, @domain sponsor = @domain.registrar == current_user.registrar @@ -251,34 +251,33 @@ module Repp dup_params = domain_params.to_h.dup return dup_params unless dup_params[:contacts] - new_contact_params = dup_params[:contacts].map do |c| - c.to_h.symbolize_keys - end + modify_contact_params(dup_params) + end - old_contact_params = @domain.domain_contacts.map do |c| - { code: c.contact_code_cache, type: c.name.downcase } + def modify_contact_params(params) + new_contact_params = params[:contacts].map { |c| c.to_h.symbolize_keys } + old_contact_params = @domain.domain_contacts.includes(:contact).map do |c| + { code: c.contact.code, type: c.name.downcase } end - dup_params[:contacts] = (new_contact_params - old_contact_params).map { |c| c.merge(action: 'add') } - dup_params[:contacts].concat((old_contact_params - new_contact_params) - .map { |c| c.merge(action: 'rem') }) - - dup_params + params[:contacts] = (new_contact_params - old_contact_params).map do |c| + c.merge(action: 'add') + end + params[:contacts].concat((old_contact_params - new_contact_params) + .map { |c| c.merge(action: 'rem') }) + params end def domain_params - params.require(:domain) - .permit(:name, :period, :period_unit, :registrar, - :transfer_code, :reserved_pw, :legal_document, - :registrant, legal_document: %i[body type], - registrant: [%i[code verified]], - dns_keys: [%i[id flags alg protocol public_key action]], - nameservers: [[:id, :hostname, - :action, { ipv4: [], ipv6: [] }]], - contacts: [%i[code type action]], - nameservers_attributes: [[:hostname, { ipv4: [], ipv6: [] }]], - admin_contacts: [], tech_contacts: [], - dnskeys_attributes: [%i[flags alg protocol public_key]], - delete: [:verified]) + params.require(:domain).permit(:name, :period, :period_unit, :registrar, :transfer_code, + :reserved_pw, :legal_document, :registrant, + legal_document: %i[body type], registrant: [%i[code verified]], + dns_keys: [%i[id flags alg protocol public_key action]], + nameservers: [[:id, :hostname, :action, { ipv4: [], ipv6: [] }]], + contacts: [%i[code type action]], + nameservers_attributes: [[:hostname, { ipv4: [], ipv6: [] }]], + admin_contacts: [], tech_contacts: [], + dnskeys_attributes: [%i[flags alg protocol public_key]], + delete: [:verified]) end end end diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index c8c6676ec..34c04ff72 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -115,4 +115,4 @@ module Repp end end end -end \ No newline at end of file +end diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index 8fba9eefb..f91cc8637 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -46,4 +46,4 @@ module Repp end end end -end \ No newline at end of file +end diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb index 15f7d0164..0885d822a 100644 --- a/app/controllers/repp/v1/registrar/summary_controller.rb +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -11,33 +11,60 @@ module Repp if can?(:manage, :poll) user_notifications = user.unread_notifications notification = user_notifications.order('created_at DESC').take - notifications_count = user_notifications.count - if notification&.attached_obj_type && notification&.attached_obj_id - begin - object = object_by_type(notification.attached_obj_type) - .find(notification.attached_obj_id) - rescue => e - # the data model might be inconsistent; or ... - # this could happen if the registrar does not dequeue messages, and then the domain was deleted - # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER - # JOIN domains ON attached_obj_id::INTEGER = domains.id - # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; - message = 'orphan message, domain deleted, registrar should dequeue: ' - Rails.logger.error message + e.to_s - end - end end - data = serialize_data(registrar: registrar, - notification: notification, - notifications_count: notifications_count, - object: object) + render_success(data: serialize_data(registrar: registrar, + notification: notification, + notifications_count: user_notifications&.count, + object: notification_object(notification))) + end - render_success(data: data) + def serialized_domain_transfer(object) + { + name: object.domain_name, trStatus: object.status, + reID: object.new_registrar.code, + reDate: object.transfer_requested_at.try(:iso8601), + acID: object.old_registrar.code, + acDate: object.transferred_at.try(:iso8601) || object.wait_until.try(:iso8601), + exDate: object.domain_valid_to.iso8601 + } + end + + def serialized_contact_update_action(object) + { + contacts: object.to_non_available_contact_codes, + operation: object.operation, + opDate: object.created_at.utc.xmlschema, + svTrid: object.id, + who: object.user.username, + reason: 'Auto-update according to official data', + } end private + # rubocop:disable Style/RescueStandardError + def notification_object(notification) + return unless notification + + return unless notification.attached_obj_type || notification.attached_obj_id + + begin + object_by_type(notification.attached_obj_type) + .find(notification.attached_obj_id) + rescue => e + # the data model might be inconsistent; or ... + # this could happen if the registrar does not dequeue messages, + # and then the domain was deleted + # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER + # JOIN domains ON attached_obj_id::INTEGER = domains.id + # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; + message = 'orphan message, domain deleted, registrar should dequeue: ' + Rails.logger.error message + e.to_s + end + end + # rubocop:enable Style/RescueStandardError + def object_by_type(object_type) Object.const_get(object_type) rescue NameError @@ -83,29 +110,9 @@ module Repp def serialized_object(object, obj_type) return unless object - case obj_type - when 'DomainTransfer' - { - name: object.domain_name, - trStatus: object.status, - reID: object.new_registrar.code, - reDate: object.transfer_requested_at.try(:iso8601), - acID: object.old_registrar.code, - acDate: object.transferred_at.try(:iso8601) || object.wait_until.try(:iso8601), - exDate: object.domain_valid_to.iso8601, - } - when 'ContactUpdateAction' - { - contacts: object.to_non_available_contact_codes, - operation: object.operation, - opDate: object.created_at.utc.xmlschema, - svTrid: object.id, - who: object.user.username, - reason: 'Auto-update according to official data', - } - end + try("serialized_#{obj_type.underscore}", object) end end end end -end \ No newline at end of file +end diff --git a/app/models/admin_domain_contact.rb b/app/models/admin_domain_contact.rb index 9003afb0f..99f0d02da 100644 --- a/app/models/admin_domain_contact.rb +++ b/app/models/admin_domain_contact.rb @@ -6,7 +6,7 @@ class AdminDomainContact < DomainContact skipped_domains = [] admin_contacts = where(contact: current_contact) - admin_contacts.includes(:domain).each do |admin_contact| + admin_contacts.includes(:domain).find_each do |admin_contact| if admin_contact.domain.bulk_update_prohibited? skipped_domains << admin_contact.domain.name next diff --git a/app/models/tech_domain_contact.rb b/app/models/tech_domain_contact.rb index 30db6dec7..7c3d22bfd 100644 --- a/app/models/tech_domain_contact.rb +++ b/app/models/tech_domain_contact.rb @@ -5,7 +5,7 @@ class TechDomainContact < DomainContact skipped_domains = [] tech_contacts = where(contact: current_contact) - tech_contacts.includes(:domain).each do |tech_contact| + tech_contacts.includes(:domain).find_each do |tech_contact| if irreplaceable?(tech_contact) skipped_domains << tech_contact.domain.name next diff --git a/lib/serializers/repp/contact.rb b/lib/serializers/repp/contact.rb index c36fa3258..11d5457ae 100644 --- a/lib/serializers/repp/contact.rb +++ b/lib/serializers/repp/contact.rb @@ -10,13 +10,15 @@ module Serializers @simplify = options[:simplify] || false end + # rubocop:disable Metrics/MethodLength + # rubocop:disable Metrics/AbcSize def to_json(obj = contact) return simple_object if @simplify - json = { id: obj.uuid, code: obj.code, name: obj.name, ident: ident, - email: obj.email, phone: obj.phone, created_at: obj.created_at, - auth_info: obj.auth_info, statuses: statuses, - disclosed_attributes: obj.disclosed_attributes, registrar: registrar } + json = { id: obj.uuid, code: obj.code, name: obj.name, ident: ident, phone: obj.phone, + created_at: obj.created_at, auth_info: obj.auth_info, email: obj.email, + statuses: statuses, disclosed_attributes: obj.disclosed_attributes, + registrar: registrar } json[:address] = address if @show_address if @domain_params json[:domains] = domains @@ -24,6 +26,8 @@ module Serializers end json end + # rubocop:enable Metrics/MethodLength + # rubocop:enable Metrics/AbcSize def registrar contact.registrar.as_json(only: %i[name website]) diff --git a/lib/serializers/repp/domain.rb b/lib/serializers/repp/domain.rb index 07bb95e36..cd0be8e25 100644 --- a/lib/serializers/repp/domain.rb +++ b/lib/serializers/repp/domain.rb @@ -9,6 +9,7 @@ module Serializers @simplify = simplify end + # rubocop:disable Metrics/MethodLength # rubocop:disable Metrics/AbcSize def to_json(obj = domain) return simple_object if @simplify @@ -26,6 +27,7 @@ module Serializers json[:transfer_code] = obj.auth_info if @sponsored json end + # rubocop:enable Metrics/MethodLength # rubocop:enable Metrics/AbcSize def contacts diff --git a/lib/serializers/repp/invoice.rb b/lib/serializers/repp/invoice.rb index 9bc7431b2..f4ab4a1db 100644 --- a/lib/serializers/repp/invoice.rb +++ b/lib/serializers/repp/invoice.rb @@ -8,6 +8,8 @@ module Serializers @simplify = simplify end + # rubocop:disable Metrics/MethodLength + # rubocop:disable Metrics/AbcSize def to_json(obj = invoice) return simple_object if @simplify @@ -29,16 +31,11 @@ module Serializers def seller { - name: invoice.seller_name, - reg_no: invoice.seller_reg_no, - iban: invoice.seller_iban, - bank: invoice.seller_bank, - swift: invoice.seller_swift, - vat_no: invoice.seller_vat_no, - address: invoice.seller_address, - country: invoice.seller_country.name, - phone: invoice.seller_phone, - url: invoice.seller_url, + name: invoice.seller_name, reg_no: invoice.seller_reg_no, + iban: invoice.seller_iban, bank: invoice.seller_bank, + swift: invoice.seller_swift, vat_no: invoice.seller_vat_no, + address: invoice.seller_address, country: invoice.seller_country.name, + phone: invoice.seller_phone, url: invoice.seller_url, email: invoice.seller_email, contact_name: invoice.seller_contact_name, } @@ -80,6 +77,8 @@ module Serializers recipient: invoice.buyer.billing_email, } end + # rubocop:enable Metrics/MethodLength + # rubocop:enable Metrics/AbcSize end end end From 3812e398bfb8b3052604cba0146a35d1713d1f34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 6 Jun 2022 16:24:38 +0300 Subject: [PATCH 03/27] Fixed codeclimate errors --- .../repp/v1/registrar/summary_controller.rb | 28 ++++++++----------- lib/serializers/repp/invoice.rb | 2 +- 2 files changed, 12 insertions(+), 18 deletions(-) diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb index 0885d822a..d3865bed2 100644 --- a/app/controllers/repp/v1/registrar/summary_controller.rb +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -12,7 +12,6 @@ module Repp user_notifications = user.unread_notifications notification = user_notifications.order('created_at DESC').take end - render_success(data: serialize_data(registrar: registrar, notification: notification, notifications_count: user_notifications&.count, @@ -45,23 +44,18 @@ module Repp # rubocop:disable Style/RescueStandardError def notification_object(notification) - return unless notification + return unless notification&.attached_obj_type || notification&.attached_obj_id - return unless notification.attached_obj_type || notification.attached_obj_id - - begin - object_by_type(notification.attached_obj_type) - .find(notification.attached_obj_id) - rescue => e - # the data model might be inconsistent; or ... - # this could happen if the registrar does not dequeue messages, - # and then the domain was deleted - # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER - # JOIN domains ON attached_obj_id::INTEGER = domains.id - # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; - message = 'orphan message, domain deleted, registrar should dequeue: ' - Rails.logger.error message + e.to_s - end + object_by_type(notification.attached_obj_type).find(notification.attached_obj_id) + rescue => e + # the data model might be inconsistent; or ... + # this could happen if the registrar does not dequeue messages, + # and then the domain was deleted + # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER + # JOIN domains ON attached_obj_id::INTEGER = domains.id + # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; + message = 'orphan message, domain deleted, registrar should dequeue: ' + Rails.logger.error message + e.to_s end # rubocop:enable Style/RescueStandardError diff --git a/lib/serializers/repp/invoice.rb b/lib/serializers/repp/invoice.rb index f4ab4a1db..3b8efbd58 100644 --- a/lib/serializers/repp/invoice.rb +++ b/lib/serializers/repp/invoice.rb @@ -37,7 +37,7 @@ module Serializers address: invoice.seller_address, country: invoice.seller_country.name, phone: invoice.seller_phone, url: invoice.seller_url, email: invoice.seller_email, - contact_name: invoice.seller_contact_name, + contact_name: invoice.seller_contact_name } end From b505de2f0f3f6837e0e62f7f72e8392bea5dfe69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 6 Jun 2022 16:30:57 +0300 Subject: [PATCH 04/27] Fixed test errors --- app/controllers/repp/v1/contacts_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/repp/v1/contacts_controller.rb b/app/controllers/repp/v1/contacts_controller.rb index 309a53a36..d6c4439c5 100644 --- a/app/controllers/repp/v1/contacts_controller.rb +++ b/app/controllers/repp/v1/contacts_controller.rb @@ -155,7 +155,7 @@ module Repp end def serialized_contacts(contacts) - return contacts.map(&code) unless index_params[:details] == 'true' + return contacts.map(&:code) unless index_params[:details] == 'true' address_processing = Contact.address_processing? contacts.map do |c| From b502c2779e17394c9bf5d0af864c39cb9f3847da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Wed, 8 Jun 2022 12:07:21 +0300 Subject: [PATCH 05/27] Added additional tests to REPP API --- .../repp/v1/invoices_controller.rb | 6 +- .../repp/v1/registrar/auth_controller.rb | 2 +- config/routes.rb | 2 +- .../repp/v1/account/activities_list_test.rb | 70 ++++++++++++++ .../repp/v1/account/balance_test.rb | 2 + .../repp/v1/account/details_test.rb | 22 +++++ .../update_auto_reload_balance_test.rb | 69 ++++++++++++++ .../repp/v1/account/update_details_test.rb | 30 ++++++ .../integration/repp/v1/contacts/list_test.rb | 31 +++++- .../repp/v1/contacts/search_test.rb | 43 +++++++++ test/integration/repp/v1/domains/list_test.rb | 28 ++++++ .../repp/v1/invoices/add_credit_test.rb | 94 +++++++++++++++++++ .../repp/v1/invoices/cancel_test.rb | 44 +++++++++ .../repp/v1/invoices/download_test.rb | 22 +++++ .../integration/repp/v1/invoices/list_test.rb | 85 +++++++++++++++++ .../integration/repp/v1/invoices/send_test.rb | 39 ++++++++ .../integration/repp/v1/invoices/show_test.rb | 33 +++++++ .../repp/v1/registrar/auth/check_info_test.rb | 39 ++++++++ .../v1/registrar/auth/switch_user_test.rb | 52 ++++++++++ .../v1/registrar/auth/tara_callback_test.rb | 46 +++++++++ .../repp/v1/registrar/summary_test.rb | 44 +++++++++ 21 files changed, 796 insertions(+), 7 deletions(-) create mode 100644 test/integration/repp/v1/account/activities_list_test.rb create mode 100644 test/integration/repp/v1/account/details_test.rb create mode 100644 test/integration/repp/v1/account/update_auto_reload_balance_test.rb create mode 100644 test/integration/repp/v1/account/update_details_test.rb create mode 100644 test/integration/repp/v1/contacts/search_test.rb create mode 100644 test/integration/repp/v1/invoices/add_credit_test.rb create mode 100644 test/integration/repp/v1/invoices/cancel_test.rb create mode 100644 test/integration/repp/v1/invoices/download_test.rb create mode 100644 test/integration/repp/v1/invoices/list_test.rb create mode 100644 test/integration/repp/v1/invoices/send_test.rb create mode 100644 test/integration/repp/v1/invoices/show_test.rb create mode 100644 test/integration/repp/v1/registrar/auth/check_info_test.rb create mode 100644 test/integration/repp/v1/registrar/auth/switch_user_test.rb create mode 100644 test/integration/repp/v1/registrar/auth/tara_callback_test.rb create mode 100644 test/integration/repp/v1/registrar/summary_test.rb diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 34c04ff72..5d37d6881 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -47,7 +47,7 @@ module Repp .merge!(recipient: recipient) }) end - api :post, '/repp/v1/invoices/:id/cancel' + api :put, '/repp/v1/invoices/:id/cancel' desc 'Cancel a specific invoice' def cancel action = Actions::InvoiceCancel.new(@invoice) @@ -72,7 +72,7 @@ module Repp serializer = Serializers::Repp::Invoice.new(invoice, simplify: true) render_success(data: { invoice: serializer.to_json }) else - handle_errors(deposit) + handle_non_epp_errors(deposit) end end @@ -108,7 +108,7 @@ module Repp end def serialized_invoices(invoices) - return invoices.pluck(:number) unless index_params[:details] == 'true' + return invoices.map(&:number) unless index_params[:details] == 'true' simple = index_params[:simple] == 'true' || false invoices.map { |i| Serializers::Repp::Invoice.new(i, simplify: simple).to_json } diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index f91cc8637..ccc7d2e66 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -22,7 +22,7 @@ module Repp render_success(data: { token: token, username: user.username }) end - api :put, '/repp/v1/registrar/auth/switch_user/:new_user_id' + api :put, '/repp/v1/registrar/auth/switch_user' desc 'Switch session to another api user' def switch_user new_user = ApiUser.find(auth_params[:new_user_id]) diff --git a/config/routes.rb b/config/routes.rb index 6f336f4d4..2ea79e1c0 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -87,11 +87,11 @@ Rails.application.routes.draw do resources :invoices, only: %i[index show] do collection do get ':id/download', to: 'invoices#download' - get ':id/cancel', to: 'invoices#cancel' post 'add_credit' end member do post 'send_to_recipient', to: 'invoices#send_to_recipient' + put 'cancel', to: 'invoices#cancel' end end resources :auctions, only: %i[index] diff --git a/test/integration/repp/v1/account/activities_list_test.rb b/test/integration/repp/v1/account/activities_list_test.rb new file mode 100644 index 000000000..b492cc098 --- /dev/null +++ b/test/integration/repp/v1/account/activities_list_test.rb @@ -0,0 +1,70 @@ +require 'test_helper' + +class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_account_activities + get repp_v1_account_path, headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.cash_account.activities.count, json[:data][:count] + assert_equal @user.registrar.cash_account.activities.count, json[:data][:activities].length + + assert json[:data][:activities][0].is_a? Hash + end + + def test_respects_limit + get repp_v1_account_path(limit: 1), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal 1, json[:data][:activities].length + end + + def test_respects_offset + offset = 1 + get repp_v1_account_path(offset: offset), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal (@user.registrar.cash_account.activities.count - offset), json[:data][:activities].length + end + + def test_returns_account_activities_by_search_query + search_params = { + description_matches: '%renew%', + } + get repp_v1_account_path(q: search_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal json[:data][:activities].length, 1 + assert json[:data][:activities][0].is_a? Hash + end + + def test_returns_account_activities_by_sort_query + activity = account_activities(:renew_cash) + sort_params = { + s: 'activity_type asc', + } + get repp_v1_account_path(q: sort_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.cash_account.activities.count, json[:data][:count] + assert_equal @user.registrar.cash_account.activities.count, json[:data][:activities].length + assert_equal json[:data][:activities][0][:description], activity.description + end +end diff --git a/test/integration/repp/v1/account/balance_test.rb b/test/integration/repp/v1/account/balance_test.rb index a8416be0a..a4d41ed53 100644 --- a/test/integration/repp/v1/account/balance_test.rb +++ b/test/integration/repp/v1/account/balance_test.rb @@ -10,6 +10,8 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest @auth_headers = { 'Authorization' => token } end + + def test_can_query_balance get '/repp/v1/account/balance', headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) diff --git a/test/integration/repp/v1/account/details_test.rb b/test/integration/repp/v1/account/details_test.rb new file mode 100644 index 000000000..b0d359d74 --- /dev/null +++ b/test/integration/repp/v1/account/details_test.rb @@ -0,0 +1,22 @@ +require 'test_helper' + +class ReppV1AccountDetailsTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_account_details + get '/repp/v1/account/details', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal @user.registrar.billing_email, json[:data][:account][:billing_email] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/account/update_auto_reload_balance_test.rb b/test/integration/repp/v1/account/update_auto_reload_balance_test.rb new file mode 100644 index 000000000..6201750c3 --- /dev/null +++ b/test/integration/repp/v1/account/update_auto_reload_balance_test.rb @@ -0,0 +1,69 @@ +require 'test_helper' + +class ReppV1AccountUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_updates_auto_reload_balance + amount = 100 + threshold = 10 + request_body = { + type: { + amount: amount, + threshold: threshold, + }, + } + + assert_nil @user.registrar.settings['balance_auto_reload'] + + post '/repp/v1/account/update_auto_reload_balance', headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Balance Auto-Reload setting has been updated', json[:message] + + @user.registrar.reload + + assert_equal amount, @user.registrar.settings['balance_auto_reload']['type']['amount'] + assert_equal threshold, @user.registrar.settings['balance_auto_reload']['type']['threshold'] + end + + def test_returns_error_if_type_has_wrong_attributes + min_deposit = 10 + request_body = { + type: { + amount: 5, + threshold: -1, + }, + } + Setting.minimum_deposit = min_deposit + + post '/repp/v1/account/update_auto_reload_balance', headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + amount_error = "Amount must be greater than or equal to #{min_deposit.to_f}" + threshold = 'Threshold must be greater than or equal to 0' + assert_equal "#{amount_error}, #{threshold}", json[:message] + end + + def test_disables_auto_reload_balance + get '/repp/v1/account/disable_auto_reload_balance', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Balance Auto-Reload setting has been disabled', json[:message] + + @user.registrar.reload + + assert_nil @user.registrar.settings['balance_auto_reload'] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/account/update_details_test.rb b/test/integration/repp/v1/account/update_details_test.rb new file mode 100644 index 000000000..3ab415cd8 --- /dev/null +++ b/test/integration/repp/v1/account/update_details_test.rb @@ -0,0 +1,30 @@ +require 'test_helper' + +class ReppV1AccountUpdateDetailsTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_updates_details + request_body = { + account: { + billing_email: 'donaldtrump@yandex.ru', + iban: 'GB331111111111111111', + }, + } + + put '/repp/v1/account', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Your account has been updated', json[:message] + + assert_equal(request_body[:account][:billing_email], @user.registrar.billing_email) + assert_equal(request_body[:account][:iban], @user.registrar.iban) + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/contacts/list_test.rb b/test/integration/repp/v1/contacts/list_test.rb index 6cc3e4669..979d3ea40 100644 --- a/test/integration/repp/v1/contacts/list_test.rb +++ b/test/integration/repp/v1/contacts/list_test.rb @@ -12,7 +12,7 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest def test_returns_registrar_contacts get repp_v1_contacts_path, headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) - + assert_response :ok assert_equal @user.registrar.contacts.count, json[:data][:count] @@ -21,7 +21,6 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest assert json[:data][:contacts][0].is_a? String end - def test_returns_detailed_registrar_contacts get repp_v1_contacts_path(details: true), headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) @@ -52,4 +51,32 @@ class ReppV1ContactsListTest < ActionDispatch::IntegrationTest assert_equal (@user.registrar.contacts.count - offset), json[:data][:contacts].length end + + def test_returns_detailed_registrar_contacts_by_search_query + search_params = { + ident_type_eq: 'priv', + } + get repp_v1_contacts_path(details: true, q: search_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal json[:data][:contacts].length, 3 + assert json[:data][:contacts][0].is_a? Hash + end + + def test_returns_detailed_registrar_contacts_by_sort_query + contact = contacts(:william) + sort_params = { + s: 'name desc', + } + get repp_v1_contacts_path(details: true, q: sort_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.contacts.count, json[:data][:count] + assert_equal @user.registrar.contacts.count, json[:data][:contacts].length + assert_equal json[:data][:contacts][0][:code], contact.code + end end diff --git a/test/integration/repp/v1/contacts/search_test.rb b/test/integration/repp/v1/contacts/search_test.rb new file mode 100644 index 000000000..ceeefc7be --- /dev/null +++ b/test/integration/repp/v1/contacts/search_test.rb @@ -0,0 +1,43 @@ +require 'test_helper' + +class ReppV1ContactsSearchTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_searches_all_contacts_by_id + contact = contacts(:john) + get "/repp/v1/contacts/search/#{contact.code}", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert json[:data].is_a? Array + assert_equal json[:data][0][:value], contact.code + assert_equal json[:data][0][:label], "#{contact.code} #{contact.name}" + assert_equal json[:data][0][:selected], true + end + + def test_searches_all_contacts_by_query + get '/repp/v1/contacts/search', headers: @auth_headers, params: { query: 'j' } + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert json[:data].is_a? Array + assert_equal json[:data].length, 2 + assert_equal json[:data][0][:selected], false + assert_equal json[:data][1][:selected], false + end + + def test_searches_all_contacts_by_wrong_query + get '/repp/v1/contacts/search', headers: @auth_headers, params: { query: '000' } + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert json[:data].is_a? Array + assert_equal json[:data].length, 0 + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/domains/list_test.rb b/test/integration/repp/v1/domains/list_test.rb index 645947b57..205017a6c 100644 --- a/test/integration/repp/v1/domains/list_test.rb +++ b/test/integration/repp/v1/domains/list_test.rb @@ -64,4 +64,32 @@ class ReppV1DomainsListTest < ActionDispatch::IntegrationTest serialized_domain = Serializers::Repp::Domain.new(domain).to_json assert_equal serialized_domain.as_json, json[:data][:domain].as_json end + + def test_returns_detailed_registrar_domains_by_search_query + search_params = { + name_matches: '%library%', + } + get repp_v1_domains_path(details: true, q: search_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal json[:data][:domains].length, 1 + assert json[:data][:domains][0].is_a? Hash + end + + def test_returns_detailed_registrar_domains_by_sort_query + domain = domains(:shop) + sort_params = { + s: 'name desc', + } + get repp_v1_domains_path(details: true, q: sort_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.domains.count, json[:data][:count] + assert_equal @user.registrar.domains.count, json[:data][:domains].length + assert_equal json[:data][:domains][0][:name], domain.name + end end diff --git a/test/integration/repp/v1/invoices/add_credit_test.rb b/test/integration/repp/v1/invoices/add_credit_test.rb new file mode 100644 index 000000000..71f2c77d3 --- /dev/null +++ b/test/integration/repp/v1/invoices/add_credit_test.rb @@ -0,0 +1,94 @@ +require 'test_helper' + +class ReppV1InvoicesAddCreditTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + @original_registry_vat_rate = Setting.registry_vat_prc + eis_response = OpenStruct.new(body: '{"everypay_link":"https://link.test"}') + Spy.on_instance_method(EisBilling::AddDeposits, :send_invoice).and_return(eis_response) + Spy.on_instance_method(EisBilling::BaseController, :authorized).and_return(true) + end + + teardown do + Setting.registry_vat_prc = @original_registry_vat_rate + end + + def test_generates_add_credit_invoice_with_billing_system + request_body = { + invoice: { + amount: 100, + description: 'Add credit', + }, + } + Setting.registry_vat_prc = 0.1 + ENV['billing_system_integrated'] = 'true' + + if Feature.billing_system_integrated? + invoice_n = Invoice.order(number: :desc).last.number + stub_request(:post, 'https://eis_billing_system:3000/api/v1/invoice_generator/invoice_number_generator') + .to_return(status: 200, body: "{\"invoice_number\":\"#{invoice_n + 3}\"}", headers: {}) + stub_request(:post, 'https://eis_billing_system:3000/api/v1/e_invoice/e_invoice') + .to_return(status: 200, body: '', headers: {}) + end + + post '/repp/v1/invoices/add_credit', headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_not json[:data][:invoice][:paid] + assert json[:data][:invoice][:payable] + assert json[:data][:invoice][:cancellable] + assert_equal json[:data][:invoice][:payment_link], 'https://link.test' + assert_equal json[:data][:invoice][:total], 110.to_f.to_s + end + + def test_generates_add_credit_invoice_without_billing_system + request_body = { + invoice: { + amount: 100, + description: 'Add credit', + }, + } + Setting.registry_vat_prc = 0.1 + ENV['billing_system_integrated'] = 'false' + + post '/repp/v1/invoices/add_credit', headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_not json[:data][:invoice][:paid] + assert json[:data][:invoice][:payable] + assert json[:data][:invoice][:cancellable] + assert_equal json[:data][:invoice][:total], 110.to_f.to_s + end + + def test_generates_add_credit_invoice_with_invalid_amount + request_body = { + invoice: { + amount: 0.4, + description: 'Add credit', + }, + } + Setting.minimum_deposit = 0.5 + + post '/repp/v1/invoices/add_credit', headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal "Amount is too small. Minimum deposit is #{Setting.minimum_deposit} EUR", json[:message] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/invoices/cancel_test.rb b/test/integration/repp/v1/invoices/cancel_test.rb new file mode 100644 index 000000000..1041d1d1f --- /dev/null +++ b/test/integration/repp/v1/invoices/cancel_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ReppV1InvoicesCancelTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_cancels_invoice + invoice = invoices(:one) + invoice.account_activity = nil + assert invoice.cancellable? + stub_request(:post, 'https://eis_billing_system:3000/api/v1/invoice_generator/invoice_status') + .to_return(status: :ok, headers: {}) + + put "/repp/v1/invoices/#{invoice.id}/cancel", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + invoice.reload + assert invoice.cancelled? + assert json[:data][:invoice].is_a? Hash + end + + def test_cancels_uncancellable_invoice + invoice = invoices(:one) + assert_not invoice.cancellable? + + put "/repp/v1/invoices/#{invoice.id}/cancel", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal 'Invoice status prohibits operation', json[:message] + + invoice.reload + assert_not invoice.cancelled? + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/invoices/download_test.rb b/test/integration/repp/v1/invoices/download_test.rb new file mode 100644 index 000000000..cbb9de585 --- /dev/null +++ b/test/integration/repp/v1/invoices/download_test.rb @@ -0,0 +1,22 @@ +require 'test_helper' + +class ReppV1InvoicesDownloadTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_invoice_as_pdf + invoice = @user.registrar.invoices.first + + get "/repp/v1/invoices/#{invoice.id}/download", headers: @auth_headers + + assert_response :ok + assert_equal 'application/pdf', response.headers['Content-Type'] + assert_equal "attachment; filename=\"Invoice-2.pdf\"; filename*=UTF-8''Invoice-2.pdf", response.headers['Content-Disposition'] + assert_not_empty response.body + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/invoices/list_test.rb b/test/integration/repp/v1/invoices/list_test.rb new file mode 100644 index 000000000..5dfe2d53f --- /dev/null +++ b/test/integration/repp/v1/invoices/list_test.rb @@ -0,0 +1,85 @@ +require 'test_helper' + +class ReppV1InvoicesListTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_registrar_invoices + get repp_v1_invoices_path, headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.invoices.count, json[:data][:count] + assert_equal @user.registrar.invoices.count, json[:data][:invoices].length + + assert json[:data][:invoices][0].is_a? Integer + end + + def test_returns_detailed_registrar_invoices + get repp_v1_invoices_path(details: true), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.invoices.count, json[:data][:count] + assert_equal @user.registrar.invoices.count, json[:data][:invoices].length + + assert json[:data][:invoices][0].is_a? Hash + end + + def test_returns_detailed_registrar_invoices_by_search_query + invoice = @user.registrar.invoices.last + invoice.update(number: 15_008) + search_params = { + number_gteq: 15_000, + } + get repp_v1_invoices_path(details: true, q: search_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal json[:data][:invoices].length, 1 + assert json[:data][:invoices][0].is_a? Hash + assert_equal json[:data][:invoices][0][:id], invoice.id + end + + def test_returns_detailed_registrar_invoices_by_sort_query + invoice = invoices(:unpaid) + sort_params = { + s: 'number desc', + } + get repp_v1_invoices_path(details: true, q: sort_params), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal @user.registrar.invoices.count, json[:data][:count] + assert_equal @user.registrar.invoices.count, json[:data][:invoices].length + assert_equal json[:data][:invoices][0][:id], invoice.id + end + + def test_respects_limit + get repp_v1_invoices_path(details: true, limit: 1), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal 1, json[:data][:invoices].length + end + + def test_respects_offset + offset = 1 + get repp_v1_invoices_path(details: true, offset: offset), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + + assert_equal (@user.registrar.invoices.count - offset), json[:data][:invoices].length + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/invoices/send_test.rb b/test/integration/repp/v1/invoices/send_test.rb new file mode 100644 index 000000000..77fe9997f --- /dev/null +++ b/test/integration/repp/v1/invoices/send_test.rb @@ -0,0 +1,39 @@ +require 'test_helper' + +class ReppV1InvoicesSendTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_sends_invoice_to_recipient + invoice = invoices(:one) + recipient = 'donaldtrump@yandex.ru' + request_body = { + invoice: { + id: invoice.id, + recipient: recipient, + }, + } + post "/repp/v1/invoices/#{invoice.id}/send_to_recipient", headers: @auth_headers, + params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_equal 1, invoice.number + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal json[:data][:invoice][:id], invoice.id + assert_equal json[:data][:invoice][:recipient], recipient + email = ActionMailer::Base.deliveries.last + assert_emails 1 + assert_equal [recipient], email.to + assert_equal 'Invoice no. 1', email.subject + assert email.attachments['invoice-1.pdf'] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/invoices/show_test.rb b/test/integration/repp/v1/invoices/show_test.rb new file mode 100644 index 000000000..74feb42ac --- /dev/null +++ b/test/integration/repp/v1/invoices/show_test.rb @@ -0,0 +1,33 @@ +require 'test_helper' + +class ReppV1InvoicesShowTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_error_when_not_found + get repp_v1_invoice_path(id: 'definitelynotexistant'), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :not_found + assert_equal 2303, json[:code] + assert_equal 'Object does not exist', json[:message] + end + + def test_shows_existing_invoice + invoice = @user.registrar.invoices.first + + get repp_v1_invoice_path(id: invoice.id), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal invoice.id, json[:data][:invoice][:id] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/registrar/auth/check_info_test.rb b/test/integration/repp/v1/registrar/auth/check_info_test.rb new file mode 100644 index 000000000..65b2cf5f4 --- /dev/null +++ b/test/integration/repp/v1/registrar/auth/check_info_test.rb @@ -0,0 +1,39 @@ +require 'test_helper' + +class ReppV1RegistrarAuthCheckInfoTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_returns_valid_user_auth_values + get '/repp/v1/registrar/auth', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal json[:data][:username], @user.username + assert json[:data][:roles].include? 'super' + assert_equal json[:data][:registrar_name], 'Best Names' + assert_equal json[:data][:balance][:amount].to_f, @user.registrar.cash_account.balance + assert json[:data][:abilities].is_a? Hash + end + + def test_invalid_user_login + token = Base64.encode64("#{@user.username}:0066600") + token = "Basic #{token}" + + auth_headers = { 'Authorization' => token } + + get '/repp/v1/registrar/auth', headers: auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :unauthorized + assert_equal json[:message], 'Invalid authorization information' + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/registrar/auth/switch_user_test.rb b/test/integration/repp/v1/registrar/auth/switch_user_test.rb new file mode 100644 index 000000000..beb5c0727 --- /dev/null +++ b/test/integration/repp/v1/registrar/auth/switch_user_test.rb @@ -0,0 +1,52 @@ +require 'test_helper' + +class ReppV1RegistrarSwitchUserTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_switches_to_linked_api_user + new_user = users(:api_goodnames) + new_user.update(identity_code: '1234') + request_body = { + auth: { + new_user_id: new_user.id, + }, + } + + put '/repp/v1/registrar/auth/switch_user', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal "You are now signed in as a user \"#{new_user.username}\"", json[:message] + + user_token = Base64.urlsafe_encode64("#{new_user.username}:#{new_user.plain_text_password}") + assert_equal json[:data][:token], user_token + assert_equal json[:data][:registrar][:username], new_user.username + assert json[:data][:registrar][:roles].include? 'super' + assert_equal json[:data][:registrar][:registrar_name], 'Good Names' + assert_equal json[:data][:registrar][:balance][:amount].to_f, new_user.registrar.cash_account.balance + assert json[:data][:registrar][:abilities].is_a? Hash + end + + def test_switches_to_unlinked_api_user + new_user = users(:api_goodnames) + new_user.update(identity_code: '4444') + request_body = { + auth: { + new_user_id: new_user.id, + }, + } + + put '/repp/v1/registrar/auth/switch_user', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal 'Cannot switch to unlinked user', json[:message] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/registrar/auth/tara_callback_test.rb b/test/integration/repp/v1/registrar/auth/tara_callback_test.rb new file mode 100644 index 000000000..56d881c87 --- /dev/null +++ b/test/integration/repp/v1/registrar/auth/tara_callback_test.rb @@ -0,0 +1,46 @@ +require 'test_helper' + +class ReppV1RegistrarAuthTaraCallbackTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + username = nil + password = nil + token = Base64.encode64("#{username}:#{password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_validates_user_from_omniauth_params + request_body = { + auth: { + uid: 'EE1234', + }, + } + + post '/repp/v1/registrar/auth/tara_callback', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + user_token = Base64.urlsafe_encode64("#{@user.username}:#{@user.plain_text_password}") + assert_equal json[:data][:username], @user.username + assert_equal json[:data][:token], user_token + end + + def test_invalidates_user_with_wrong_omniauth_params + request_body = { + auth: { + uid: '33333', + }, + } + + post '/repp/v1/registrar/auth/tara_callback', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal 'No such user', json[:message] + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/registrar/summary_test.rb b/test/integration/repp/v1/registrar/summary_test.rb new file mode 100644 index 000000000..257eb067f --- /dev/null +++ b/test/integration/repp/v1/registrar/summary_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ReppV1RegistrarSummaryTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + end + + def test_checks_user_summary_info + get '/repp/v1/registrar/summary', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal json[:data][:username], @user.username + assert_equal json[:data][:registrar_name], 'Best Names' + assert_equal json[:data][:domains], @user.registrar.domains.count + assert_equal json[:data][:contacts], @user.registrar.contacts.count + assert json[:data][:notification].is_a? Hash + assert_equal json[:data][:notifications_count], @user.unread_notifications.count + end + + def test_checks_limited_user_summary_info + @user.update(roles: ['billing']) + get '/repp/v1/registrar/summary', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal json[:data][:username], @user.username + assert_equal json[:data][:registrar_name], 'Best Names' + assert_nil json[:data][:domains] + assert_nil json[:data][:contacts] + assert_nil json[:data][:notification] + assert_nil json[:data][:notifications_count] + end +end \ No newline at end of file From eecd35a4c378396339878e838f59f0a742a928eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Fri, 10 Jun 2022 09:49:52 +0300 Subject: [PATCH 06/27] Fixed summary info response --- app/controllers/repp/v1/registrar/summary_controller.rb | 4 ++-- app/models/registrar.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb index d3865bed2..ae3bfa579 100644 --- a/app/controllers/repp/v1/registrar/summary_controller.rb +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -71,8 +71,8 @@ module Repp data[:registrar_name] = registrar.name data[:registrar_reg_no] = registrar.reg_no data[:last_login_date] = last_login_date - data[:domains] = registrar.domains.count if can? :view, Depp::Domain - data[:contacts] = registrar.contacts.count if can? :view, Depp::Contact + data[:domains] = registrar.domains.count if can? :info, Depp::Domain + data[:contacts] = registrar.contacts.count if can? :check, Depp::Contact data[:phone] = registrar.phone data[:email] = registrar.email data[:billing_email] = registrar.billing_email diff --git a/app/models/registrar.rb b/app/models/registrar.rb index 1eba314dc..3cd2da760 100644 --- a/app/models/registrar.rb +++ b/app/models/registrar.rb @@ -98,7 +98,7 @@ class Registrar < ApplicationRecord unit: 'piece', quantity: 1, price: amount, - } + }, ] ) From 3eec835316dda9e63b1d3a57c9aeee608f08a52e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Fri, 10 Jun 2022 13:33:20 +0300 Subject: [PATCH 07/27] Fixed summary controller --- app/controllers/repp/v1/registrar/summary_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb index ae3bfa579..a5cda278f 100644 --- a/app/controllers/repp/v1/registrar/summary_controller.rb +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -71,8 +71,8 @@ module Repp data[:registrar_name] = registrar.name data[:registrar_reg_no] = registrar.reg_no data[:last_login_date] = last_login_date - data[:domains] = registrar.domains.count if can? :info, Depp::Domain - data[:contacts] = registrar.contacts.count if can? :check, Depp::Contact + data[:domains] = registrar.domains.count + data[:contacts] = registrar.contacts.count data[:phone] = registrar.phone data[:email] = registrar.email data[:billing_email] = registrar.billing_email From 2cdf9f8b959aeef93b4d63a6fc0fab68f7ae7d21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Fri, 10 Jun 2022 13:44:19 +0300 Subject: [PATCH 08/27] Fixed summary controller --- test/integration/repp/v1/registrar/summary_test.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/integration/repp/v1/registrar/summary_test.rb b/test/integration/repp/v1/registrar/summary_test.rb index 257eb067f..d8c179f9a 100644 --- a/test/integration/repp/v1/registrar/summary_test.rb +++ b/test/integration/repp/v1/registrar/summary_test.rb @@ -36,8 +36,6 @@ class ReppV1RegistrarSummaryTest < ActionDispatch::IntegrationTest assert_equal json[:data][:username], @user.username assert_equal json[:data][:registrar_name], 'Best Names' - assert_nil json[:data][:domains] - assert_nil json[:data][:contacts] assert_nil json[:data][:notification] assert_nil json[:data][:notifications_count] end From d84867555782f47aad224d1505481606bf33ff2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Fri, 10 Jun 2022 16:55:52 +0300 Subject: [PATCH 09/27] Fixed invoice status search --- app/controllers/repp/v1/invoices_controller.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 5d37d6881..32ea74bc2 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -86,6 +86,7 @@ module Repp account_activity_created_at_lteq account_activity_id_not_null account_activity_id_null + cancelled_at_null cancelled_at_not_null number_gteq number_lteq total_gteq total_lteq s] + [s: []]) From 7ec5c914bc30f8c89ccbf856fb71ce8582d02dd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 13 Jun 2022 15:33:37 +0300 Subject: [PATCH 10/27] Add certs control --- app/controllers/repp/v1/base_controller.rb | 9 +++++---- app/controllers/repp/v1/registrar/auth_controller.rb | 10 ++++++++++ app/models/api_user.rb | 2 ++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index 5ab910278..8e0414352 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -103,14 +103,15 @@ module Repp def authenticate_user username, password = Base64.urlsafe_decode64(basic_token).split(':') - @current_user ||= ApiUser.find_by(username: username, plain_text_password: password, - active: true) + @current_user ||= ApiUser.find_by(username: username, plain_text_password: password) + user_active = @current_user.active? - return if @current_user + return if @current_user && user_active raise(ArgumentError) rescue NoMethodError, ArgumentError - @response = { code: 2202, message: 'Invalid authorization information' } + @response = { code: 2202, message: 'Invalid authorization information', + data: { username: username, password: password, active: user_active } } render(json: @response, status: :unauthorized) end diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index ccc7d2e66..06dc9092f 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -9,6 +9,11 @@ module Repp desc 'check user auth info and return data' def index registrar = current_user.registrar + unless client_certs_ok + handle_non_epp_errors(current_user, 'Invalid certificate') + return + end + render_success(data: auth_values_to_data(registrar: registrar)) end @@ -43,6 +48,11 @@ module Repp def auth_params params.require(:auth).permit(:uid, :new_user_id) end + + def client_certs_ok + current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], + request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false) + end end end end diff --git a/app/models/api_user.rb b/app/models/api_user.rb index d357a2e75..f73fe616a 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -61,6 +61,8 @@ class ApiUser < User end def pki_ok?(crt, com, api: true) + p crt + p com return false if crt.blank? || com.blank? origin = api ? certificates.api : certificates.registrar From 9f6c628453561674d7df215f145b7f568414c043 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 13 Jun 2022 16:26:42 +0300 Subject: [PATCH 11/27] Added client cert control to every REPP APi request --- app/controllers/repp/v1/base_controller.rb | 10 ++++++++++ app/controllers/repp/v1/registrar/auth_controller.rb | 11 +---------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index 8e0414352..da906383c 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -7,6 +7,7 @@ module Repp before_action :authenticate_user before_action :validate_webclient_ca before_action :check_ip_restriction + before_action :validate_client_certs before_action :set_paper_trail_whodunnit private @@ -144,6 +145,15 @@ module Repp render(json: @response, status: :unauthorized) end + def validate_client_certs + return if Rails.env.development? || Rails.env.test? + return if @current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], + request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false) + + @response = { code: 2202, message: 'Invalid certificate' } + render(json: @response, status: :unauthorized) + end + def logger Rails.logger end diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index 06dc9092f..a93d75c36 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -4,16 +4,12 @@ module Repp class AuthController < BaseController skip_before_action :authenticate_user, only: :tara_callback skip_before_action :check_ip_restriction, only: :tara_callback + skip_before_action :validate_client_certs, only: :tara_callback api :GET, 'repp/v1/registrar/auth' desc 'check user auth info and return data' def index registrar = current_user.registrar - unless client_certs_ok - handle_non_epp_errors(current_user, 'Invalid certificate') - return - end - render_success(data: auth_values_to_data(registrar: registrar)) end @@ -48,11 +44,6 @@ module Repp def auth_params params.require(:auth).permit(:uid, :new_user_id) end - - def client_certs_ok - current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], - request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false) - end end end end From a44ac5359db975139820a08aace40ec57d003cd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 14 Jun 2022 11:14:27 +0300 Subject: [PATCH 12/27] Renamed back accounts controller & modified auth validations --- ...ccount_controller.rb => accounts_controller.rb} | 14 +++++++------- app/controllers/repp/v1/base_controller.rb | 7 ++++--- app/models/api_user.rb | 2 -- config/routes.rb | 4 ++-- 4 files changed, 13 insertions(+), 14 deletions(-) rename app/controllers/repp/v1/{account_controller.rb => accounts_controller.rb} (92%) diff --git a/app/controllers/repp/v1/account_controller.rb b/app/controllers/repp/v1/accounts_controller.rb similarity index 92% rename from app/controllers/repp/v1/account_controller.rb rename to app/controllers/repp/v1/accounts_controller.rb index 85d79fe68..0204e7943 100644 --- a/app/controllers/repp/v1/account_controller.rb +++ b/app/controllers/repp/v1/accounts_controller.rb @@ -1,9 +1,9 @@ module Repp module V1 - class AccountController < BaseController # rubocop:disable Metrics/ClassLength + class AccountsController < BaseController # rubocop:disable Metrics/ClassLength load_and_authorize_resource - api :get, '/repp/v1/account' + api :get, '/repp/v1/accounts' desc 'Get all activities' def index records = current_user.registrar.cash_account.activities @@ -20,7 +20,7 @@ module Repp types_for_select: AccountActivity.types_for_select }) end - api :get, '/repp/v1/account/details' + api :get, '/repp/v1/accounts/details' desc 'Get current registrar account details' def details registrar = current_user.registrar @@ -34,7 +34,7 @@ module Repp render_success(data: resp) end - api :put, '/repp/v1/account' + api :put, '/repp/v1/accounts' desc 'Update current registrar account details' def update registrar = current_user.registrar @@ -47,7 +47,7 @@ module Repp message: I18n.t('registrar.account.update.saved')) end - api :post, '/repp/v1/account/update_auto_reload_balance' + api :post, '/repp/v1/accounts/update_auto_reload_balance' desc 'Enable current registrar balance auto reload' def update_auto_reload_balance type = BalanceAutoReloadTypes::Threshold.new(type_params) @@ -62,7 +62,7 @@ module Repp message: I18n.t('registrar.settings.balance_auto_reload.update.saved')) end - api :get, '/repp/v1/account/disable_auto_reload_balance' + api :get, '/repp/v1/accounts/disable_auto_reload_balance' desc 'Disable current registrar balance auto reload' def disable_auto_reload_balance registrar = current_user.registrar @@ -73,7 +73,7 @@ module Repp message: I18n.t('registrar.settings.balance_auto_reload.destroy.disabled')) end - api :get, '/repp/v1/account/balance' + api :get, '/repp/v1/accounts/balance' desc "Get account's balance" def balance resp = { balance: current_user.registrar.cash_account.balance, diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index da906383c..977df0323 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -6,8 +6,8 @@ module Repp around_action :log_request before_action :authenticate_user before_action :validate_webclient_ca - before_action :check_ip_restriction before_action :validate_client_certs + before_action :check_ip_restriction before_action :set_paper_trail_whodunnit private @@ -126,7 +126,7 @@ module Repp end def webclient_request? - return if Rails.env.test? + return false if Rails.env.test? || Rails.env.development? ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip) end @@ -147,8 +147,9 @@ module Repp def validate_client_certs return if Rails.env.development? || Rails.env.test? + return if webclient_request? return if @current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], - request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false) + request.env['HTTP_SSL_CLIENT_S_DN_CN']) @response = { code: 2202, message: 'Invalid certificate' } render(json: @response, status: :unauthorized) diff --git a/app/models/api_user.rb b/app/models/api_user.rb index f73fe616a..d357a2e75 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -61,8 +61,6 @@ class ApiUser < User end def pki_ok?(crt, com, api: true) - p crt - p com return false if crt.blank? || com.blank? origin = api ? certificates.api : certificates.registrar diff --git a/config/routes.rb b/config/routes.rb index 2ea79e1c0..81b6dc95c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -75,9 +75,9 @@ Rails.application.routes.draw do end end - resource :account, controller: :account, only: %i[index update] do + resource :accounts, only: %i[index update] do collection do - get '/', to: 'account#index' + get '/', to: 'accounts#index' get 'balance' get 'details' post 'update_auto_reload_balance' From 1b14a9d012f90b642ae72a1d1ae48dfbfa6fbcf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 14 Jun 2022 11:27:37 +0300 Subject: [PATCH 13/27] Updated tests after renaming REPP API accounts controller --- .../v1/{account => accounts}/activities_list_test.rb | 12 ++++++------ .../repp/v1/{account => accounts}/balance_test.rb | 4 ++-- .../repp/v1/{account => accounts}/details_test.rb | 4 ++-- .../update_auto_reload_balance_test.rb | 8 ++++---- .../v1/{account => accounts}/update_details_test.rb | 4 ++-- 5 files changed, 16 insertions(+), 16 deletions(-) rename test/integration/repp/v1/{account => accounts}/activities_list_test.rb (81%) rename test/integration/repp/v1/{account => accounts}/balance_test.rb (93%) rename test/integration/repp/v1/{account => accounts}/details_test.rb (81%) rename test/integration/repp/v1/{account => accounts}/update_auto_reload_balance_test.rb (85%) rename test/integration/repp/v1/{account => accounts}/update_details_test.rb (83%) diff --git a/test/integration/repp/v1/account/activities_list_test.rb b/test/integration/repp/v1/accounts/activities_list_test.rb similarity index 81% rename from test/integration/repp/v1/account/activities_list_test.rb rename to test/integration/repp/v1/accounts/activities_list_test.rb index b492cc098..2038815a1 100644 --- a/test/integration/repp/v1/account/activities_list_test.rb +++ b/test/integration/repp/v1/accounts/activities_list_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest +class ReppV1AccountsActivitiesListTest < ActionDispatch::IntegrationTest def setup @user = users(:api_bestnames) token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") @@ -10,7 +10,7 @@ class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest end def test_returns_account_activities - get repp_v1_account_path, headers: @auth_headers + get repp_v1_accounts_path, headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -22,7 +22,7 @@ class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest end def test_respects_limit - get repp_v1_account_path(limit: 1), headers: @auth_headers + get repp_v1_accounts_path(limit: 1), headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -32,7 +32,7 @@ class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest def test_respects_offset offset = 1 - get repp_v1_account_path(offset: offset), headers: @auth_headers + get repp_v1_accounts_path(offset: offset), headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -44,7 +44,7 @@ class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest search_params = { description_matches: '%renew%', } - get repp_v1_account_path(q: search_params), headers: @auth_headers + get repp_v1_accounts_path(q: search_params), headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -58,7 +58,7 @@ class ReppV1AccountActivitiesListTest < ActionDispatch::IntegrationTest sort_params = { s: 'activity_type asc', } - get repp_v1_account_path(q: sort_params), headers: @auth_headers + get repp_v1_accounts_path(q: sort_params), headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok diff --git a/test/integration/repp/v1/account/balance_test.rb b/test/integration/repp/v1/accounts/balance_test.rb similarity index 93% rename from test/integration/repp/v1/account/balance_test.rb rename to test/integration/repp/v1/accounts/balance_test.rb index a4d41ed53..3fd25f3e7 100644 --- a/test/integration/repp/v1/account/balance_test.rb +++ b/test/integration/repp/v1/accounts/balance_test.rb @@ -13,7 +13,7 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest def test_can_query_balance - get '/repp/v1/account/balance', headers: @auth_headers + get '/repp/v1/accounts/balance', headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -30,7 +30,7 @@ class ReppV1BalanceTest < ActionDispatch::IntegrationTest started_from = "2010-07-05" end_to = DateTime.current.to_date.to_s(:db) - get "/repp/v1/account/balance?detailed=true", headers: @auth_headers + get "/repp/v1/accounts/balance?detailed=true", headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok diff --git a/test/integration/repp/v1/account/details_test.rb b/test/integration/repp/v1/accounts/details_test.rb similarity index 81% rename from test/integration/repp/v1/account/details_test.rb rename to test/integration/repp/v1/accounts/details_test.rb index b0d359d74..30acb5eb6 100644 --- a/test/integration/repp/v1/account/details_test.rb +++ b/test/integration/repp/v1/accounts/details_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class ReppV1AccountDetailsTest < ActionDispatch::IntegrationTest +class ReppV1AccountsDetailsTest < ActionDispatch::IntegrationTest def setup @user = users(:api_bestnames) token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") @@ -10,7 +10,7 @@ class ReppV1AccountDetailsTest < ActionDispatch::IntegrationTest end def test_returns_account_details - get '/repp/v1/account/details', headers: @auth_headers + get '/repp/v1/accounts/details', headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok diff --git a/test/integration/repp/v1/account/update_auto_reload_balance_test.rb b/test/integration/repp/v1/accounts/update_auto_reload_balance_test.rb similarity index 85% rename from test/integration/repp/v1/account/update_auto_reload_balance_test.rb rename to test/integration/repp/v1/accounts/update_auto_reload_balance_test.rb index 6201750c3..11a8d08ba 100644 --- a/test/integration/repp/v1/account/update_auto_reload_balance_test.rb +++ b/test/integration/repp/v1/accounts/update_auto_reload_balance_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class ReppV1AccountUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest +class ReppV1AccountsUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest def setup @user = users(:api_bestnames) token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") @@ -21,7 +21,7 @@ class ReppV1AccountUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest assert_nil @user.registrar.settings['balance_auto_reload'] - post '/repp/v1/account/update_auto_reload_balance', headers: @auth_headers, + post '/repp/v1/accounts/update_auto_reload_balance', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -44,7 +44,7 @@ class ReppV1AccountUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest } Setting.minimum_deposit = min_deposit - post '/repp/v1/account/update_auto_reload_balance', headers: @auth_headers, + post '/repp/v1/accounts/update_auto_reload_balance', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) @@ -55,7 +55,7 @@ class ReppV1AccountUpdateAutoReloadBalanceTest < ActionDispatch::IntegrationTest end def test_disables_auto_reload_balance - get '/repp/v1/account/disable_auto_reload_balance', headers: @auth_headers + get '/repp/v1/accounts/disable_auto_reload_balance', headers: @auth_headers json = JSON.parse(response.body, symbolize_names: true) assert_response :ok diff --git a/test/integration/repp/v1/account/update_details_test.rb b/test/integration/repp/v1/accounts/update_details_test.rb similarity index 83% rename from test/integration/repp/v1/account/update_details_test.rb rename to test/integration/repp/v1/accounts/update_details_test.rb index 3ab415cd8..c1275ddeb 100644 --- a/test/integration/repp/v1/account/update_details_test.rb +++ b/test/integration/repp/v1/accounts/update_details_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class ReppV1AccountUpdateDetailsTest < ActionDispatch::IntegrationTest +class ReppV1AccountsUpdateDetailsTest < ActionDispatch::IntegrationTest def setup @user = users(:api_bestnames) token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") @@ -17,7 +17,7 @@ class ReppV1AccountUpdateDetailsTest < ActionDispatch::IntegrationTest }, } - put '/repp/v1/account', headers: @auth_headers, params: request_body + put '/repp/v1/accounts', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) assert_response :ok From 6c9fb2b025d5d376dc3f2498bff36c545ec1ff28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 14 Jun 2022 11:33:59 +0300 Subject: [PATCH 14/27] Fixed codeclimate issue --- app/controllers/repp/v1/invoices_controller.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 32ea74bc2..8add1920b 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -8,11 +8,9 @@ module Repp desc 'Get all invoices' def index records = current_user.registrar.invoices - q = records.ransack(search_params) q.sorts = 'created_at desc' if q.sorts.empty? invoices = q.result(distinct: true) - limited_invoices = invoices.limit(limit).offset(offset) .includes(:items, :account_activity, :buyer) From de5872fb40b1338e26bfd9d669b6ba783ad1caaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Wed, 15 Jun 2022 12:56:54 +0300 Subject: [PATCH 15/27] Moved switch user method to accounts --- app/controllers/repp/v1/accounts_controller.rb | 18 +++++++++++++++++- app/controllers/repp/v1/invoices_controller.rb | 1 + .../repp/v1/registrar/auth_controller.rb | 16 ---------------- config/routes.rb | 4 +++- .../auth => accounts}/switch_user_test.rb | 10 +++++----- 5 files changed, 26 insertions(+), 23 deletions(-) rename test/integration/repp/v1/{registrar/auth => accounts}/switch_user_test.rb (84%) diff --git a/app/controllers/repp/v1/accounts_controller.rb b/app/controllers/repp/v1/accounts_controller.rb index 0204e7943..301bed95f 100644 --- a/app/controllers/repp/v1/accounts_controller.rb +++ b/app/controllers/repp/v1/accounts_controller.rb @@ -73,6 +73,22 @@ module Repp message: I18n.t('registrar.settings.balance_auto_reload.destroy.disabled')) end + api :put, '/repp/v1/accounts/switch_user' + desc 'Switch user to another api user' + def switch_user + new_user = ApiUser.find(account_params[:new_user_id]) + unless current_user.linked_with?(new_user) + handle_non_epp_errors(new_user, 'Cannot switch to unlinked user') + return + end + + @current_user = new_user + data = auth_values_to_data(registrar: current_user.registrar) + message = I18n.t('registrar.current_user.switch.switched', new_user: new_user) + token = Base64.urlsafe_encode64("#{new_user.username}:#{new_user.plain_text_password}") + render_success(data: { token: token, registrar: data }, message: message) + end + api :get, '/repp/v1/accounts/balance' desc "Get account's balance" def balance @@ -90,7 +106,7 @@ module Repp private def account_params - params.require(:account).permit(:billing_email, :iban) + params.require(:account).permit(:billing_email, :iban, :new_user_id) end def index_params diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 8add1920b..bd807e7b8 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -11,6 +11,7 @@ module Repp q = records.ransack(search_params) q.sorts = 'created_at desc' if q.sorts.empty? invoices = q.result(distinct: true) + limited_invoices = invoices.limit(limit).offset(offset) .includes(:items, :account_activity, :buyer) diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index a93d75c36..a15230c78 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -23,22 +23,6 @@ module Repp render_success(data: { token: token, username: user.username }) end - api :put, '/repp/v1/registrar/auth/switch_user' - desc 'Switch session to another api user' - def switch_user - new_user = ApiUser.find(auth_params[:new_user_id]) - unless current_user.linked_with?(new_user) - handle_non_epp_errors(new_user, 'Cannot switch to unlinked user') - return - end - - @current_user = new_user - data = auth_values_to_data(registrar: current_user.registrar) - message = I18n.t('registrar.current_user.switch.switched', new_user: new_user) - token = Base64.urlsafe_encode64("#{new_user.username}:#{new_user.plain_text_password}") - render_success(data: { token: token, registrar: data }, message: message) - end - private def auth_params diff --git a/config/routes.rb b/config/routes.rb index 81b6dc95c..180a4687d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -83,6 +83,9 @@ Rails.application.routes.draw do post 'update_auto_reload_balance' get 'disable_auto_reload_balance' end + member do + put 'switch_user' + end end resources :invoices, only: %i[index show] do collection do @@ -117,7 +120,6 @@ Rails.application.routes.draw do resources :auth, only: %i[index] do collection do post '/tara_callback', to: 'auth#tara_callback' - put '/switch_user', to: 'auth#switch_user' end end end diff --git a/test/integration/repp/v1/registrar/auth/switch_user_test.rb b/test/integration/repp/v1/accounts/switch_user_test.rb similarity index 84% rename from test/integration/repp/v1/registrar/auth/switch_user_test.rb rename to test/integration/repp/v1/accounts/switch_user_test.rb index beb5c0727..c8935d038 100644 --- a/test/integration/repp/v1/registrar/auth/switch_user_test.rb +++ b/test/integration/repp/v1/accounts/switch_user_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class ReppV1RegistrarSwitchUserTest < ActionDispatch::IntegrationTest +class ReppV1AccountsSwitchUserTest < ActionDispatch::IntegrationTest def setup @user = users(:api_bestnames) token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") @@ -13,12 +13,12 @@ class ReppV1RegistrarSwitchUserTest < ActionDispatch::IntegrationTest new_user = users(:api_goodnames) new_user.update(identity_code: '1234') request_body = { - auth: { + account: { new_user_id: new_user.id, }, } - put '/repp/v1/registrar/auth/switch_user', headers: @auth_headers, params: request_body + put '/repp/v1/accounts/switch_user', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) assert_response :ok @@ -38,12 +38,12 @@ class ReppV1RegistrarSwitchUserTest < ActionDispatch::IntegrationTest new_user = users(:api_goodnames) new_user.update(identity_code: '4444') request_body = { - auth: { + account: { new_user_id: new_user.id, }, } - put '/repp/v1/registrar/auth/switch_user', headers: @auth_headers, params: request_body + put '/repp/v1/accounts/switch_user', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) assert_response :bad_request From 885206d075c77098e6c58e22915fe2be1243a189 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 20 Jun 2022 16:22:18 +0300 Subject: [PATCH 16/27] Added invoice recipient validation --- app/controllers/repp/v1/invoices_controller.rb | 9 +++++++++ app/models/registrar.rb | 2 +- app/models/user.rb | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index bd807e7b8..aff8e5841 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -37,8 +37,17 @@ module Repp api :post, '/repp/v1/invoices/:id/send_to_recipient' desc 'Send invoice pdf to recipient' + param :invoice, Hash, required: true, desc: 'Invoice data for sending to recipient' do + param :id, String, required: true, desc: 'Invoice id' + param :recipient, String, required: true, desc: 'Invoice receipient email' + end def send_to_recipient recipient = invoice_params[:recipient] + unless recipient.present? + handle_non_epp_errors(@invoice, 'Invoice recipient cannot be empty') + return + end + InvoiceMailer.invoice_email(invoice: @invoice, recipient: recipient) .deliver_now serializer = Serializers::Repp::Invoice.new(@invoice, simplify: true) diff --git a/app/models/registrar.rb b/app/models/registrar.rb index 3cd2da760..0ea0bfb13 100644 --- a/app/models/registrar.rb +++ b/app/models/registrar.rb @@ -39,7 +39,7 @@ class Registrar < ApplicationRecord alias_attribute :contact_email, :email - WHOIS_TRIGGERS = %w(name email phone street city state zip) + WHOIS_TRIGGERS = %w[name email phone street city state zip].freeze after_commit :update_whois_records def update_whois_records diff --git a/app/models/user.rb b/app/models/user.rb index 3bb8318c3..8ee0ea05c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -13,7 +13,7 @@ class User < ApplicationRecord def self.from_omniauth(omniauth_hash) uid = omniauth_hash['uid'] - identity_code = uid.slice(2..-1) + identity_code = uid&.slice(2..-1) # country_code = uid.slice(0..1) find_by(identity_code: identity_code, active: true) From f8ef0502a52831a38f388929d00c7f9384d6f2ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Mon, 20 Jun 2022 16:28:10 +0300 Subject: [PATCH 17/27] Fixed codeclimate issues --- app/controllers/repp/v1/invoices_controller.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index aff8e5841..29fd916a9 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -1,9 +1,10 @@ require 'serializers/repp/invoice' module Repp module V1 - class InvoicesController < BaseController + class InvoicesController < BaseController # rubocop:disable Metrics/ClassLength load_and_authorize_resource + # rubocop:disable Metrics/MethodLength api :get, '/repp/v1/invoices' desc 'Get all invoices' def index @@ -18,6 +19,7 @@ module Repp render_success(data: { invoices: serialized_invoices(limited_invoices), count: invoices.count }) end + # rubocop:enable Metrics/MethodLength api :get, '/repp/v1/invoices/:id' desc 'Get a specific invoice' @@ -43,7 +45,7 @@ module Repp end def send_to_recipient recipient = invoice_params[:recipient] - unless recipient.present? + if recipient.blank? handle_non_epp_errors(@invoice, 'Invoice recipient cannot be empty') return end From 87b503ec799a4201c43b6c60de78177e1524ffe1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 21 Jun 2022 12:40:34 +0300 Subject: [PATCH 18/27] Updated tara callback endpoint --- app/controllers/repp/v1/registrar/auth_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/repp/v1/registrar/auth_controller.rb b/app/controllers/repp/v1/registrar/auth_controller.rb index a15230c78..46c21459e 100644 --- a/app/controllers/repp/v1/registrar/auth_controller.rb +++ b/app/controllers/repp/v1/registrar/auth_controller.rb @@ -17,7 +17,8 @@ module Repp desc 'check tara callback omniauth user info and return token' def tara_callback user = ApiUser.from_omniauth(auth_params) - handle_non_epp_errors(user, I18n.t(:no_such_user)) and return unless user && user&.active + response = { code: 401, message: I18n.t(:no_such_user), data: {} } + render(json: response, status: :unauthorized) and return unless user && user&.active token = Base64.urlsafe_encode64("#{user.username}:#{user.plain_text_password}") render_success(data: { token: token, username: user.username }) From 54b96b05e8c436a1a44c1627c6d668c1f0d79136 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 21 Jun 2022 12:47:07 +0300 Subject: [PATCH 19/27] Updated tara callback endpoint --- test/integration/repp/v1/registrar/auth/tara_callback_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/repp/v1/registrar/auth/tara_callback_test.rb b/test/integration/repp/v1/registrar/auth/tara_callback_test.rb index 56d881c87..e39e24078 100644 --- a/test/integration/repp/v1/registrar/auth/tara_callback_test.rb +++ b/test/integration/repp/v1/registrar/auth/tara_callback_test.rb @@ -40,7 +40,7 @@ class ReppV1RegistrarAuthTaraCallbackTest < ActionDispatch::IntegrationTest post '/repp/v1/registrar/auth/tara_callback', headers: @auth_headers, params: request_body json = JSON.parse(response.body, symbolize_names: true) - assert_response :bad_request + assert_response :unauthorized assert_equal 'No such user', json[:message] end end \ No newline at end of file From 900492f38f0bbb99d3745695194a0af016591a55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 21 Jun 2022 16:02:19 +0300 Subject: [PATCH 20/27] Updated summary endpoint --- app/controllers/repp/v1/base_controller.rb | 2 -- app/controllers/repp/v1/registrar/summary_controller.rb | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/repp/v1/base_controller.rb b/app/controllers/repp/v1/base_controller.rb index 977df0323..10c3c6026 100644 --- a/app/controllers/repp/v1/base_controller.rb +++ b/app/controllers/repp/v1/base_controller.rb @@ -163,8 +163,6 @@ module Repp data = current_user.as_json(only: %i[id username roles]) data[:registrar_name] = registrar.name data[:legaldoc_mandatory] = registrar.legaldoc_mandatory? - data[:balance] = { amount: registrar.cash_account&.balance, - currency: registrar.cash_account&.currency } data[:abilities] = Ability.new(current_user).permissions data end diff --git a/app/controllers/repp/v1/registrar/summary_controller.rb b/app/controllers/repp/v1/registrar/summary_controller.rb index a5cda278f..a0e266e93 100644 --- a/app/controllers/repp/v1/registrar/summary_controller.rb +++ b/app/controllers/repp/v1/registrar/summary_controller.rb @@ -70,6 +70,8 @@ module Repp data = current_user.as_json(only: %i[id username]) data[:registrar_name] = registrar.name data[:registrar_reg_no] = registrar.reg_no + data[:balance] = { amount: registrar.cash_account&.balance, + currency: registrar.cash_account&.currency } data[:last_login_date] = last_login_date data[:domains] = registrar.domains.count data[:contacts] = registrar.contacts.count From 872c650ef7a477b05a91af02ba9b61ce020d46ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 21 Jun 2022 16:18:24 +0300 Subject: [PATCH 21/27] Updated tests after summary endpoint update --- test/integration/repp/v1/accounts/switch_user_test.rb | 1 - test/integration/repp/v1/registrar/summary_test.rb | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/repp/v1/accounts/switch_user_test.rb b/test/integration/repp/v1/accounts/switch_user_test.rb index c8935d038..a860fb162 100644 --- a/test/integration/repp/v1/accounts/switch_user_test.rb +++ b/test/integration/repp/v1/accounts/switch_user_test.rb @@ -30,7 +30,6 @@ class ReppV1AccountsSwitchUserTest < ActionDispatch::IntegrationTest assert_equal json[:data][:registrar][:username], new_user.username assert json[:data][:registrar][:roles].include? 'super' assert_equal json[:data][:registrar][:registrar_name], 'Good Names' - assert_equal json[:data][:registrar][:balance][:amount].to_f, new_user.registrar.cash_account.balance assert json[:data][:registrar][:abilities].is_a? Hash end diff --git a/test/integration/repp/v1/registrar/summary_test.rb b/test/integration/repp/v1/registrar/summary_test.rb index d8c179f9a..97797990a 100644 --- a/test/integration/repp/v1/registrar/summary_test.rb +++ b/test/integration/repp/v1/registrar/summary_test.rb @@ -21,6 +21,7 @@ class ReppV1RegistrarSummaryTest < ActionDispatch::IntegrationTest assert_equal json[:data][:registrar_name], 'Best Names' assert_equal json[:data][:domains], @user.registrar.domains.count assert_equal json[:data][:contacts], @user.registrar.contacts.count + assert_equal json[:data][:balance][:amount].to_f, @user.registrar.cash_account.balance assert json[:data][:notification].is_a? Hash assert_equal json[:data][:notifications_count], @user.unread_notifications.count end From 363a9a7357f816be60f75ff818c0c40fac13dc20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 21 Jun 2022 16:25:16 +0300 Subject: [PATCH 22/27] Updated tests after summary endpoint update --- test/integration/repp/v1/registrar/auth/check_info_test.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/test/integration/repp/v1/registrar/auth/check_info_test.rb b/test/integration/repp/v1/registrar/auth/check_info_test.rb index 65b2cf5f4..03563d273 100644 --- a/test/integration/repp/v1/registrar/auth/check_info_test.rb +++ b/test/integration/repp/v1/registrar/auth/check_info_test.rb @@ -20,7 +20,6 @@ class ReppV1RegistrarAuthCheckInfoTest < ActionDispatch::IntegrationTest assert_equal json[:data][:username], @user.username assert json[:data][:roles].include? 'super' assert_equal json[:data][:registrar_name], 'Best Names' - assert_equal json[:data][:balance][:amount].to_f, @user.registrar.cash_account.balance assert json[:data][:abilities].is_a? Hash end From 7939c5065dfe8234897af96ed3bc274f824d0b3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Thu, 7 Jul 2022 13:45:20 +0300 Subject: [PATCH 23/27] Updaded api user return data --- app/controllers/repp/v1/accounts_controller.rb | 2 +- app/controllers/repp/v1/domains/admin_contacts_controller.rb | 2 +- app/models/api_user.rb | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/app/controllers/repp/v1/accounts_controller.rb b/app/controllers/repp/v1/accounts_controller.rb index 301bed95f..7db2a3275 100644 --- a/app/controllers/repp/v1/accounts_controller.rb +++ b/app/controllers/repp/v1/accounts_controller.rb @@ -143,7 +143,7 @@ module Repp arr = [] users.each do |u| arr << { id: u.id, username: u.username, - role: u.roles.first } + role: u.roles.first, registrar_name: u.registrar.name } end arr diff --git a/app/controllers/repp/v1/domains/admin_contacts_controller.rb b/app/controllers/repp/v1/domains/admin_contacts_controller.rb index 6ec0e129b..5db865199 100644 --- a/app/controllers/repp/v1/domains/admin_contacts_controller.rb +++ b/app/controllers/repp/v1/domains/admin_contacts_controller.rb @@ -7,7 +7,7 @@ module Repp unless @new_contact.identical_to?(@current_contact) @epp_errors.add(:epp_errors, - msg: 'Admin contacts must be identical', + msg: 'New and current admin contacts ident data must be identical', code: '2304') end diff --git a/app/models/api_user.rb b/app/models/api_user.rb index d357a2e75..dc5cff0cc 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -74,6 +74,7 @@ class ApiUser < User self.class.where(identity_code: identity_code) .where("identity_code IS NOT NULL AND identity_code != ''") .where.not(id: id) + .includes(:registrar) end def linked_with?(another_api_user) From c1c2feae089a170d3df7538b9c9b613df2471cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Thu, 7 Jul 2022 13:52:21 +0300 Subject: [PATCH 24/27] Fixed codeclimate issue --- app/controllers/repp/v1/invoices_controller.rb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 29fd916a9..1c14df329 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -95,10 +95,8 @@ module Repp account_activity_created_at_gteq account_activity_created_at_lteq account_activity_id_not_null - account_activity_id_null - cancelled_at_null - cancelled_at_not_null - number_gteq number_lteq + account_activity_id_null cancelled_at_null + cancelled_at_not_null number_gteq number_lteq total_gteq total_lteq s] + [s: []]) end From c7701ce1b1fe5b167601f57acd209adb27f5eb04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Thu, 7 Jul 2022 14:02:11 +0300 Subject: [PATCH 25/27] Updated integration test --- .../api/domain_admin_contacts_test.rb | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/test/integration/api/domain_admin_contacts_test.rb b/test/integration/api/domain_admin_contacts_test.rb index ce61cffd1..6aa412c23 100644 --- a/test/integration/api/domain_admin_contacts_test.rb +++ b/test/integration/api/domain_admin_contacts_test.rb @@ -18,19 +18,21 @@ class APIDomainAdminContactsTest < ApplicationIntegrationTest ident_country_code: 'LV') patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code, - new_contact_id: @admin_new.code }, - headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + new_contact_id: @admin_new.code }, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } assert_response :bad_request - assert_equal ({ code: 2304, message: 'Admin contacts must be identical', data: {} }), + assert_equal ({ code: 2304, + message: 'New and current admin contacts ident data must be identical', + data: {} }), JSON.parse(response.body, symbolize_names: true) end def test_replace_all_admin_contacts_of_the_current_registrar assert @admin_new.identical_to?(@admin_current) patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code, - new_contact_id: @admin_new.code }, - headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + new_contact_id: @admin_new.code }, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } assert_nil domains(:shop).admin_contacts.find_by(code: @admin_current.code) assert domains(:shop).admin_contacts.find_by(code: @admin_new.code) @@ -41,8 +43,8 @@ class APIDomainAdminContactsTest < ApplicationIntegrationTest domains(:airport).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code, - new_contact_id: @admin_new.code }, - headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + new_contact_id: @admin_new.code }, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } assert domains(:airport).admin_contacts.find_by(code: @admin_current.code) end @@ -51,12 +53,13 @@ class APIDomainAdminContactsTest < ApplicationIntegrationTest domain = domains(:airport) domain.admin_contacts = [@admin_current] patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code, - new_contact_id: @admin_new.code }, - headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + new_contact_id: @admin_new.code }, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } assert_response :ok - assert_equal ({ code: 1000, message: 'Command completed successfully', data: { affected_domains: %w[airport.test shop.test], - skipped_domains: [] }}), + assert_equal ({ code: 1000, message: 'Command completed successfully', + data: { affected_domains: %w[airport.test shop.test], + skipped_domains: [] } }), JSON.parse(response.body, symbolize_names: true) end From 26cb791586d2a29247dd7f2240beea445b99c2be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Tue, 12 Jul 2022 15:42:49 +0300 Subject: [PATCH 26/27] Fixes after repp-apidoc update --- .../repp/v1/contacts_controller.rb | 2 +- .../repp/v1/domains/renews_controller.rb | 2 +- .../repp/v1/domains/statuses_controller.rb | 2 -- app/controllers/repp/v1/domains_controller.rb | 2 +- .../v1/registrar/nameservers_controller.rb | 10 +++---- app/interactions/actions/domain_update.rb | 2 +- app/models/registrar.rb | 4 +-- lib/serializers/repp/contact.rb | 2 +- lib/serializers/repp/domain.rb | 4 +-- .../repp/v1/contacts/check_test.rb | 4 +-- test/interactions/do_request_test.rb | 29 +++++++------------ 11 files changed, 25 insertions(+), 38 deletions(-) diff --git a/app/controllers/repp/v1/contacts_controller.rb b/app/controllers/repp/v1/contacts_controller.rb index d6c4439c5..f9c58303c 100644 --- a/app/controllers/repp/v1/contacts_controller.rb +++ b/app/controllers/repp/v1/contacts_controller.rb @@ -63,7 +63,7 @@ module Repp desc 'Check contact code availability' def check contact = Epp::Contact.find_by(code: params[:id]) - data = { contact: { id: params[:id], available: contact.nil? } } + data = { contact: { code: params[:id], available: contact.nil? } } render_success(data: data) end diff --git a/app/controllers/repp/v1/domains/renews_controller.rb b/app/controllers/repp/v1/domains/renews_controller.rb index 26365dffc..9aba3e41b 100644 --- a/app/controllers/repp/v1/domains/renews_controller.rb +++ b/app/controllers/repp/v1/domains/renews_controller.rb @@ -22,7 +22,7 @@ module Repp return end - render_success(data: { domain: { name: @domain.name, id: @domain.uuid } }) + render_success(data: { domain: { name: @domain.name } }) end def bulk_renew diff --git a/app/controllers/repp/v1/domains/statuses_controller.rb b/app/controllers/repp/v1/domains/statuses_controller.rb index ee15655df..d46725c46 100644 --- a/app/controllers/repp/v1/domains/statuses_controller.rb +++ b/app/controllers/repp/v1/domains/statuses_controller.rb @@ -7,7 +7,6 @@ module Repp api :DELETE, '/repp/v1/domains/:domain_name/statuses/:status' param :domain_name, String, desc: 'Domain name' - param :status, String, desc: 'Status to be removed' desc 'Remove status from specific domain' def destroy return editing_failed unless domain_with_status?(params[:id]) @@ -22,7 +21,6 @@ module Repp api :PUT, '/repp/v1/domains/:domain_name/statuses/:status' param :domain_name, String, desc: 'Domain name' - param :status, String, desc: 'Status to be added' desc 'Add status to specific domain' def update return editing_failed if domain_with_status?(params[:id]) diff --git a/app/controllers/repp/v1/domains_controller.rb b/app/controllers/repp/v1/domains_controller.rb index 00005e84d..ba40b13e2 100644 --- a/app/controllers/repp/v1/domains_controller.rb +++ b/app/controllers/repp/v1/domains_controller.rb @@ -101,7 +101,7 @@ module Repp return end - render_success(data: { domain: { name: @domain.name, id: @domain.uuid } }) + render_success(data: { domain: { name: @domain.name } }) end api :GET, '/repp/v1/domains/:domain_name/transfer_info' diff --git a/app/controllers/repp/v1/registrar/nameservers_controller.rb b/app/controllers/repp/v1/registrar/nameservers_controller.rb index fbd4c03ec..b3c6d8412 100644 --- a/app/controllers/repp/v1/registrar/nameservers_controller.rb +++ b/app/controllers/repp/v1/registrar/nameservers_controller.rb @@ -30,7 +30,6 @@ module Repp .add_nameservers(hostname_params[:attributes], domains: domains_from_params) end - render_success(data: data_format_for_success(affected, errored)) rescue ActiveRecord::RecordInvalid => e handle_errors(e.record) @@ -49,14 +48,15 @@ module Repp type: 'nameserver', id: hostname_params[:attributes][:hostname], attributes: hostname_params[:attributes], - affected_domains: affected_domains, - skipped_domains: errored_domains, + affected_domains: affected_domains || [], + skipped_domains: errored_domains || [], } end def hostname_params - params.require(:data).permit(:type, :id, nameserver: [], domains: [], - attributes: [:hostname, { ipv4: [], ipv6: [] }]) + params.require(:data).permit(:type, :id, + :domains, nameserver: [], domains: [], + attributes: [:hostname, { ipv4: [], ipv6: [] }]) .tap do |data| data.require(:type) data.require(:attributes).require([:hostname]) diff --git a/app/interactions/actions/domain_update.rb b/app/interactions/actions/domain_update.rb index 377f90e40..ff6eccce2 100644 --- a/app/interactions/actions/domain_update.rb +++ b/app/interactions/actions/domain_update.rb @@ -48,7 +48,7 @@ module Actions contact_code = params[:registrant][:code] contact = Contact.find_by(code: contact_code) - validate_email(contact.email) + validate_email(contact.email) if contact regt = Registrant.find_by(code: params[:registrant][:code]) unless regt diff --git a/app/models/registrar.rb b/app/models/registrar.rb index 0ea0bfb13..4c0098de0 100644 --- a/app/models/registrar.rb +++ b/app/models/registrar.rb @@ -188,9 +188,9 @@ class Registrar < ApplicationRecord end def add_nameservers(new_attributes, domains: []) - transaction do - return if domains.empty? + return [] if domains.empty? + transaction do approved_list = domain_list_processing(domains: domains, new_attributes: new_attributes) self.domains.where(name: approved_list).find_each(&:update_whois_record) if approved_list.any? diff --git a/lib/serializers/repp/contact.rb b/lib/serializers/repp/contact.rb index 11d5457ae..5afab98f0 100644 --- a/lib/serializers/repp/contact.rb +++ b/lib/serializers/repp/contact.rb @@ -15,7 +15,7 @@ module Serializers def to_json(obj = contact) return simple_object if @simplify - json = { id: obj.uuid, code: obj.code, name: obj.name, ident: ident, phone: obj.phone, + json = { code: obj.code, name: obj.name, ident: ident, phone: obj.phone, created_at: obj.created_at, auth_info: obj.auth_info, email: obj.email, statuses: statuses, disclosed_attributes: obj.disclosed_attributes, registrar: registrar } diff --git a/lib/serializers/repp/domain.rb b/lib/serializers/repp/domain.rb index cd0be8e25..c851a1f0d 100644 --- a/lib/serializers/repp/domain.rb +++ b/lib/serializers/repp/domain.rb @@ -15,7 +15,7 @@ module Serializers return simple_object if @simplify json = { - id: obj.uuid, name: obj.name, registrant: registrant, + name: obj.name, registrant: registrant, created_at: obj.created_at, updated_at: obj.updated_at, expire_time: obj.expire_time, outzone_at: obj.outzone_at, delete_date: obj.delete_date, @@ -53,7 +53,6 @@ module Serializers def registrant rant = domain.registrant { - id: rant.uuid, name: rant.name, code: rant.code, } @@ -71,7 +70,6 @@ module Serializers def simple_object json = { - id: domain.uuid, name: domain.name, expire_time: domain.expire_time, registrant: registrant, diff --git a/test/integration/repp/v1/contacts/check_test.rb b/test/integration/repp/v1/contacts/check_test.rb index be0d979b1..6fc716638 100644 --- a/test/integration/repp/v1/contacts/check_test.rb +++ b/test/integration/repp/v1/contacts/check_test.rb @@ -14,7 +14,7 @@ class ReppV1ContactsCheckTest < ActionDispatch::IntegrationTest json = JSON.parse(response.body, symbolize_names: true) assert_response :ok - assert_equal 'nonexistant:code', json[:data][:contact][:id] + assert_equal 'nonexistant:code', json[:data][:contact][:code] assert_equal true, json[:data][:contact][:available] end @@ -24,7 +24,7 @@ class ReppV1ContactsCheckTest < ActionDispatch::IntegrationTest json = JSON.parse(response.body, symbolize_names: true) assert_response :ok - assert_equal contact.code, json[:data][:contact][:id] + assert_equal contact.code, json[:data][:contact][:code] assert_equal false, json[:data][:contact][:available] end end diff --git a/test/interactions/do_request_test.rb b/test/interactions/do_request_test.rb index a26eb0451..f73f71ad6 100644 --- a/test/interactions/do_request_test.rb +++ b/test/interactions/do_request_test.rb @@ -11,32 +11,23 @@ class DoRequestTest < ActiveSupport::TestCase @domain = domains(:shop) @user = users(:api_bestnames) - @request.body = { data: { type: 'nameserver', id: @nameserver.hostname, - domains: ["shop.test"], - attributes: { hostname: 'new-ns.bestnames.test', - ipv4: '192.0.2.55', - ipv6: '2001:db8::55' } } }.to_json + @request.body = { data: { type: 'nameserver', + id: @nameserver.hostname, + domains: ['shop.test'], + attributes: { hostname: 'new-ns.bestnames.test', + ipv4: '192.0.2.55', + ipv6: '2001:db8::55' } } }.to_json @request.basic_auth(@user.username, @user.plain_text_password) end def test_request_occurs - stub_request(:put, "http://epp:3000/repp/v1/registrar/nameservers"). - with( - body: "{\"data\":{\"type\":\"nameserver\",\"id\":\"ns1.bestnames.test\",\"domains\":[\"shop.test\"],\"attributes\":{\"hostname\":\"new-ns.bestnames.test\",\"ipv4\":\"192.0.2.55\",\"ipv6\":\"2001:db8::55\"}}}", - headers: { - 'Accept'=>'*/*', - 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', - 'Authorization'=>'Basic dGVzdF9iZXN0bmFtZXM6dGVzdHRlc3Q=', - 'Content-Type'=>'application/json', - 'Host'=>'epp:3000', - 'User-Agent'=>'Ruby' - }). - to_return(status: 200, body: ["shop.test"], headers: {}) + stub_request(:put, "#{ENV['repp_url']}registrar/nameservers") + .to_return(status: 200, body: ['shop.test'], headers: {}) action = Actions::DoRequest.new(@request, @uri) response = action.call - assert_equal response.body, ["shop.test"] - assert_equal response.code, "200" + assert_equal response.body, ['shop.test'] + assert_equal response.code, '200' end end \ No newline at end of file From ee1117021b09cec604486520fc7849677cd3e962 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergei=20Ts=C3=B5ganov?= Date: Thu, 14 Jul 2022 15:48:38 +0300 Subject: [PATCH 27/27] Enabled partial search --- app/controllers/repp/v1/accounts_controller.rb | 4 ++-- app/controllers/repp/v1/contacts_controller.rb | 4 ++-- app/controllers/repp/v1/domains_controller.rb | 4 ++-- app/controllers/repp/v1/invoices_controller.rb | 4 ++-- app/services/partial_search_formatter.rb | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/app/controllers/repp/v1/accounts_controller.rb b/app/controllers/repp/v1/accounts_controller.rb index 7db2a3275..0bd75a302 100644 --- a/app/controllers/repp/v1/accounts_controller.rb +++ b/app/controllers/repp/v1/accounts_controller.rb @@ -8,7 +8,7 @@ module Repp def index records = current_user.registrar.cash_account.activities - q = records.ransack(search_params) + q = records.ransack(PartialSearchFormatter.format(search_params)) q.sorts = 'created_at desc' if q.sorts.empty? activities = q.result(distinct: true) @@ -128,7 +128,7 @@ module Repp end def search_params - index_params.fetch(:q, {}) + index_params.fetch(:q, {}) || {} end def limit diff --git a/app/controllers/repp/v1/contacts_controller.rb b/app/controllers/repp/v1/contacts_controller.rb index f9c58303c..31be5e09b 100644 --- a/app/controllers/repp/v1/contacts_controller.rb +++ b/app/controllers/repp/v1/contacts_controller.rb @@ -11,7 +11,7 @@ module Repp authorize! :check, Epp::Contact records = current_user.registrar.contacts - q = records.ransack(search_params) + q = records.ransack(PartialSearchFormatter.format(search_params)) q.sorts = 'created_at desc' if q.sorts.empty? contacts = q.result(distinct: true) @@ -123,7 +123,7 @@ module Repp end def search_params - index_params.fetch(:q, {}) + index_params.fetch(:q, {}) || {} end def domain_filter_params diff --git a/app/controllers/repp/v1/domains_controller.rb b/app/controllers/repp/v1/domains_controller.rb index ba40b13e2..29b259a67 100644 --- a/app/controllers/repp/v1/domains_controller.rb +++ b/app/controllers/repp/v1/domains_controller.rb @@ -13,7 +13,7 @@ module Repp def index authorize! :info, Epp::Domain records = current_user.registrar.domains - q = records.ransack(search_params) + q = records.ransack(PartialSearchFormatter.format(search_params)) q.sorts = ['valid_to asc', 'created_at desc'] if q.sorts.empty? # use distinct: false here due to ransack bug: # https://github.com/activerecord-hackery/ransack/issues/429 @@ -244,7 +244,7 @@ module Repp end def search_params - index_params.fetch(:q, {}) + index_params.fetch(:q, {}) || {} end def update_params diff --git a/app/controllers/repp/v1/invoices_controller.rb b/app/controllers/repp/v1/invoices_controller.rb index 1c14df329..204aba096 100644 --- a/app/controllers/repp/v1/invoices_controller.rb +++ b/app/controllers/repp/v1/invoices_controller.rb @@ -9,7 +9,7 @@ module Repp desc 'Get all invoices' def index records = current_user.registrar.invoices - q = records.ransack(search_params) + q = records.ransack(PartialSearchFormatter.format(search_params)) q.sorts = 'created_at desc' if q.sorts.empty? invoices = q.result(distinct: true) @@ -101,7 +101,7 @@ module Repp end def search_params - index_params.fetch(:q, {}) + index_params.fetch(:q, {}) || {} end def invoice_params diff --git a/app/services/partial_search_formatter.rb b/app/services/partial_search_formatter.rb index af0c7978d..268cd75fb 100644 --- a/app/services/partial_search_formatter.rb +++ b/app/services/partial_search_formatter.rb @@ -5,7 +5,7 @@ class PartialSearchFormatter search_params.each do |key, value| next unless key.include?('matches') && value.present? - value << '%' + search_params[key] = "%#{value}%" end search_params