diff --git a/app/api/repp/domain_contacts_v1.rb b/app/api/repp/domain_contacts_v1.rb index a5f337139..7f3e323ac 100644 --- a/app/api/repp/domain_contacts_v1.rb +++ b/app/api/repp/domain_contacts_v1.rb @@ -23,6 +23,13 @@ module Repp :bad_request) end + if new_contact.invalid? + error!({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: 'New contact must be valid' } }, + :bad_request) + end + if current_contact == new_contact error!({ error: { type: 'invalid_request_error', message: 'New contact ID must be different from current' \ diff --git a/test/fixtures/contacts.yml b/test/fixtures/contacts.yml index 50befdcf8..b64dce039 100644 --- a/test/fixtures/contacts.yml +++ b/test/fixtures/contacts.yml @@ -76,7 +76,7 @@ not_in_use: invalid: name: any - code: any + code: invalid email: invalid@invalid.test auth_info: any registrar: bestnames diff --git a/test/integration/api/domain_contacts_test.rb b/test/integration/api/domain_contacts_test.rb index 8d619f969..a6d6376f7 100644 --- a/test/integration/api/domain_contacts_test.rb +++ b/test/integration/api/domain_contacts_test.rb @@ -95,6 +95,17 @@ class APIDomainContactsTest < ActionDispatch::IntegrationTest JSON.parse(response.body, symbolize_names: true) end + def test_disallow_invalid_new_contact + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'invalid' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: 'New contact must be valid' } }), + JSON.parse(response.body, symbolize_names: true) + end + def test_disallow_self_replacement patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', new_contact_id: 'william-001' },