Merge pull request #1694 from internetee/1693-renewprohibited-does-not-block-renewing-domains

Disallow domain renew for renewProhibited domains

app/models/domain.rb

@@ -306,11 +306,7 @@ class Domain < ApplicationRecord
   end
 
   def renewable?
-    blocking_statuses = [DomainStatus::DELETE_CANDIDATE, DomainStatus::PENDING_RENEW,
-                         DomainStatus::PENDING_TRANSFER, DomainStatus::DISPUTED,
-                         DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_DELETE,
-                         DomainStatus::PENDING_DELETE_CONFIRMATION]
-    return false if statuses.include_any? blocking_statuses
+    return false unless renew_blocking_statuses.empty?
     return true unless Setting.days_to_renew_domain_before_expire != 0
 
     # if you can renew domain at days_to_renew before domain expiration
@@ -321,6 +317,15 @@ class Domain < ApplicationRecord
     true
   end
 
+  def renew_blocking_statuses
+    disallowed = [DomainStatus::DELETE_CANDIDATE, DomainStatus::PENDING_RENEW,
+                  DomainStatus::PENDING_TRANSFER, DomainStatus::CLIENT_RENEW_PROHIBITED,
+                  DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_DELETE,
+                  DomainStatus::PENDING_DELETE_CONFIRMATION, DomainStatus::SERVER_RENEW_PROHIBITED]
+
+    (statuses & disallowed)
+  end
+
   def notify_registrar(message_key)
     registrar.notifications.create!(
       text: "#{I18n.t(message_key)}: #{name}",

app/models/epp/domain.rb

@@ -581,11 +581,14 @@ class Epp::Domain < Domain
     save(validate: false)
   end
 
+  ### RENEW ###
+
   def renew(cur_exp_date, period, unit = 'y')
     @is_renewal = true
     validate_exp_dates(cur_exp_date)
 
-    add_epp_error('2105', nil, nil, I18n.t('object_is_not_eligible_for_renewal')) unless renewable?
+    add_renew_epp_errors unless renewable?
+
     return false if errors.any?
 
     period = period.to_i
@@ -613,6 +616,13 @@ class Epp::Domain < Domain
     save
   end
 
+  def add_renew_epp_errors
+    if renew_blocking_statuses.any? && !renewable?
+      add_epp_error('2304', 'status', renew_blocking_statuses,
+                    I18n.t('object_status_prohibits_operation'))
+    end
+  end
+
   ### TRANSFER ###
 
   def transfer(frame, action, current_user)

test/integration/epp/domain/renew/base_test.rb

@@ -167,4 +167,36 @@ class EppDomainRenewBaseTest < EppTestCase
     end
     assert_epp_response :parameter_value_policy_error
   end
+
+  def test_fails_if_domain_has_renewal_prohibited_statuses
+    travel_to Time.zone.parse('2010-07-05')
+    domain = domains(:shop)
+    domain.statuses << DomainStatus::SERVER_RENEW_PROHIBITED
+    domain.save
+
+    original_valid_to = domain.valid_to
+    default_renewal_period = 1.year
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <renew>
+            <domain:renew xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{domain.name}</domain:name>
+              <domain:curExpDate>#{domain.expire_time.to_date}</domain:curExpDate>
+              <domain:period unit="y">1</domain:period>
+            </domain:renew>
+          </renew>
+        </command>
+      </epp>
+    XML
+
+    post epp_renew_path, params: { frame: request_xml },
+         headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    domain.reload
+
+    assert_epp_response :object_status_prohibits_operation
+    assert_equal original_valid_to, domain.valid_to
+  end
 end

test/models/domain_test.rb

@@ -431,6 +431,19 @@ class DomainTest < ActiveSupport::TestCase
     assert_equal created_at, domain.registered_at
   end
 
+  def test_not_renewable_if_renew_prohibited
+    assert @domain.renewable?
+
+    @domain.statuses << DomainStatus::SERVER_RENEW_PROHIBITED
+    assert_not @domain.renewable?
+
+    @domain.statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED)
+    assert @domain.renewable?
+
+    @domain.statuses << DomainStatus::CLIENT_RENEW_PROHIBITED
+    assert_not @domain.renewable?
+  end
+
   private
 
   def valid_domain