diff --git a/Gemfile b/Gemfile index b52a299cd..10c680786 100644 --- a/Gemfile +++ b/Gemfile @@ -94,6 +94,9 @@ gem 'uuidtools', '2.1.5' # For unique IDs (used by the epp gem) gem 'que', '0.10.0' gem 'que-web', '0.4.0' gem 'daemons-rails', '1.2.1' +gem 'que_mailer', + github: 'prehnRA/que-mailer', + branch: 'master' # for importing legacy db gem 'activerecord-import', '0.7.0' # for inserting dummy data diff --git a/Gemfile.lock b/Gemfile.lock index 844000672..b92d6dc1b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -24,6 +24,18 @@ GIT hpricot libxml-ruby +GIT + remote: https://github.com/prehnRA/que-mailer.git + revision: 32156f258993348b50a7db2a41eed1bdb0bf4fab + branch: master + specs: + que_mailer (0.0.2) + actionmailer (>= 4.0) + activesupport (>= 4.0) + pg (~> 0) + que (~> 0.6) + rails (>= 4.0) + GIT remote: https://github.com/rubysec/bundler-audit.git revision: f89ef7fae1090bbad825ea76812d56d72b417055 @@ -599,6 +611,7 @@ DEPENDENCIES pry (= 0.10.1) que (= 0.10.0) que-web (= 0.4.0) + que_mailer! railroady (= 1.3.0) rails (= 4.2.4) rails-settings-cached (= 0.4.1) diff --git a/app/api/repp/domain_v1.rb b/app/api/repp/domain_v1.rb index 4260c59b6..95dbb5af5 100644 --- a/app/api/repp/domain_v1.rb +++ b/app/api/repp/domain_v1.rb @@ -25,6 +25,24 @@ module Repp total_number_of_records: current_user.registrar.domains.count } end + + # example: curl -u registrar1:password localhost:3000/repp/v1/domains/1/transfer_info -H "Auth-Code: authinfopw1" + get '/:id/transfer_info' do + + domain = Domain.where("name = ? OR id=?", params[:id], params[:id]).where(auth_info: request.headers['Auth-Code']).first + error! I18n.t('errors.messages.epp_domain_not_found'), 401 unless domain + + contact_repp_json = proc{|contact| + contact.attributes.slice("code", "ident_type", "ident_country_code", "phone", "email", "street", "city", "zip","country_code", "statuses") + } + + @response = { + domain: domain.name, + registrant: contact_repp_json.call(domain.registrant), + admin_contacts: domain.admin_contacts.map{|e| contact_repp_json.call(e)}, + tech_contacts: domain.tech_contacts.map{|e| contact_repp_json.call(e)} + } + end end end end diff --git a/app/controllers/admin/domains_controller.rb b/app/controllers/admin/domains_controller.rb index 562505dc1..377912bad 100644 --- a/app/controllers/admin/domains_controller.rb +++ b/app/controllers/admin/domains_controller.rb @@ -47,6 +47,7 @@ class Admin::DomainsController < AdminController def update dp = ignore_empty_statuses @domain.is_admin = true + @domain.admin_status_update dp[:statuses] if @domain.update(dp) flash[:notice] = I18n.t('domain_updated') diff --git a/app/controllers/admin/pending_deletes_controller.rb b/app/controllers/admin/pending_deletes_controller.rb index 4866d65c9..a64a34714 100644 --- a/app/controllers/admin/pending_deletes_controller.rb +++ b/app/controllers/admin/pending_deletes_controller.rb @@ -17,7 +17,6 @@ class Admin::PendingDeletesController < AdminController def destroy authorize! :destroy, :pending - @epp_domain.is_admin= true if @domain.clean_pendings! redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed) else diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index 6a0c5c033..4014cd7fc 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -7,12 +7,18 @@ class Admin::SettingsController < AdminController end def create - casted_settings.each do |k, v| - Setting[k] = v - end + @errors = Setting.params_errors(casted_settings) + if @errors.empty? + casted_settings.each do |k, v| + Setting[k] = v + end - flash[:notice] = I18n.t('records_updated') - redirect_to [:admin, :settings] + flash[:notice] = I18n.t('records_updated') + redirect_to [:admin, :settings] + else + flash[:alert] = @errors.values.uniq.join(", ") + render "admin/settings/index" + end end def show; end diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb index 8426c8ccb..f8cb2b752 100644 --- a/app/controllers/epp/domains_controller.rb +++ b/app/controllers/epp/domains_controller.rb @@ -64,8 +64,12 @@ class Epp::DomainsController < EppController else handle_errors(@domain) end - rescue - handle_errors(@domain) + rescue => e + if @domain.errors.any? + handle_errors(@domain) + else + throw e + end end end @@ -225,7 +229,7 @@ class Epp::DomainsController < EppController def find_domain domain_name = params[:parsed_frame].css('name').text.strip.downcase - @domain = Epp::Domain.where(name: domain_name).includes(registrant: :registrar).first + @domain = Epp::Domain.find_by_idn domain_name unless @domain epp_errors << { diff --git a/app/controllers/epp/polls_controller.rb b/app/controllers/epp/polls_controller.rb index 26df210c1..531509a6c 100644 --- a/app/controllers/epp/polls_controller.rb +++ b/app/controllers/epp/polls_controller.rb @@ -11,7 +11,19 @@ class Epp::PollsController < EppController render_epp_response 'epp/poll/poll_no_messages' and return unless @message if @message.attached_obj_type && @message.attached_obj_id - @object = Object.const_get(@message.attached_obj_type).find(@message.attached_obj_id) + begin + @object = Object.const_get(@message.attached_obj_type).find(@message.attached_obj_id) + rescue => problem + # the data model might be inconsistent; or ... + # this could happen if the registrar does not dequeue messages, and then the domain was deleted + + # SELECT messages.id, domains.name, messages.body FROM messages LEFT OUTER + # JOIN domains ON attached_obj_id::INTEGER = domains.id + # WHERE attached_obj_type = 'Epp::Domain' AND name IS NULL; + + Rails.logger.error 'orphan message, error ignored: ' + problem.to_s + # now we should dequeue or delete the messages avoid duplicate log alarms + end end if @message.attached_obj_type == 'Keyrelay' diff --git a/app/controllers/epp_controller.rb b/app/controllers/epp_controller.rb index e4ebcf66f..15f6c6a49 100644 --- a/app/controllers/epp_controller.rb +++ b/app/controllers/epp_controller.rb @@ -382,6 +382,6 @@ class EppController < ApplicationController def iptables_counter_update return if ENV['iptables_counter_enabled'].blank? && ENV['iptables_counter_enabled'] != 'true' return if current_user.blank? - counter_update(current_user.registrar_code, request.ip) + counter_update(current_user.registrar_code, ENV['iptables_server_ip']) end end diff --git a/app/jobs/domain_delete_confirm_job.rb b/app/jobs/domain_delete_confirm_job.rb index 7d890ef16..0429bc390 100644 --- a/app/jobs/domain_delete_confirm_job.rb +++ b/app/jobs/domain_delete_confirm_job.rb @@ -7,12 +7,10 @@ class DomainDeleteConfirmJob < Que::Job when RegistrantVerification::CONFIRMED domain.poll_message!(:poll_pending_delete_confirmed_by_registrant) domain.apply_pending_delete! - domain.clean_pendings! when RegistrantVerification::REJECTED - DomainMailer.pending_delete_rejected_notification(domain).deliver_now - domain.statuses.delete(DomainStatus::PENDING_DELETE_CONFIRMATION) + DomainMailer.pending_delete_rejected_notification(domain_id, deliver_emails).deliver domain.poll_message!(:poll_pending_delete_rejected_by_registrant) - domain.clean_pendings! + domain.cancel_pending_delete end destroy # it's best to destroy the job in the same transaction end diff --git a/app/jobs/domain_update_confirm_job.rb b/app/jobs/domain_update_confirm_job.rb index f6e28e2c3..28294ef25 100644 --- a/app/jobs/domain_update_confirm_job.rb +++ b/app/jobs/domain_update_confirm_job.rb @@ -11,7 +11,7 @@ class DomainUpdateConfirmJob < Que::Job end domain.clean_pendings! when RegistrantVerification::REJECTED - DomainMailer.pending_update_rejected_notification_for_new_registrant(domain).deliver_now + DomainMailer.pending_update_rejected_notification_for_new_registrant(domain_id).deliver domain.poll_message!(:poll_pending_update_rejected_by_registrant) domain.clean_pendings! domain.instance_variable_set("@changed_attributes", domain.changed_attributes.merge("statuses"=>[])) diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb index 339638d80..b5b46e6f2 100644 --- a/app/mailers/application_mailer.rb +++ b/app/mailers/application_mailer.rb @@ -17,8 +17,8 @@ class ApplicationMailer < ActionMailer::Base end # turn on delivery on specific (epp) request only, thus rake tasks does not deliver anything - def delivery_off?(model) - return false if model.deliver_emails == true + def delivery_off?(model, deliver_email= false) + return false if deliver_emails == true logger.info "EMAIL SENDING WAS NOT ACTIVATED " \ "BY MODEL OBJECT: id ##{model.try(:id)} deliver_emails returned false" true diff --git a/app/mailers/contact_mailer.rb b/app/mailers/contact_mailer.rb index 2f8de7248..71e635540 100644 --- a/app/mailers/contact_mailer.rb +++ b/app/mailers/contact_mailer.rb @@ -1,10 +1,12 @@ class ContactMailer < ApplicationMailer - def email_updated(email, contact) - return if delivery_off?(contact) - - @contact = contact + include Que::Mailer + def email_updated(email, contact_id, should_deliver) + @contact = Contact.find_by(id: contact_id) + return unless email || @contact + return if delivery_off?(contact, should_deliver) return if whitelist_blocked?(email) + begin mail(to: format(email), subject: "#{I18n.t(:contact_email_update_subject)} [#{@contact.code}]") rescue EOFError, diff --git a/app/mailers/domain_mailer.rb b/app/mailers/domain_mailer.rb index a8c79f66d..a149ff2ed 100644 --- a/app/mailers/domain_mailer.rb +++ b/app/mailers/domain_mailer.rb @@ -1,7 +1,10 @@ class DomainMailer < ApplicationMailer - def pending_update_request_for_old_registrant(domain) - @domain = domain - return if delivery_off?(@domain) + include Que::Mailer + + def pending_update_request_for_old_registrant(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) if @domain.registrant_verification_token.blank? logger.warn "EMAIL NOT DELIVERED: registrant_verification_token is missing for #{@domain.name}" @@ -24,9 +27,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_update_notification_for_new_registrant(domain) - @domain = domain - return if delivery_off?(@domain) + def pending_update_notification_for_new_registrant(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) if @domain.registrant_verification_token.blank? logger.warn "EMAIL NOT DELIVERED: registrant_verification_token is missing for #{@domain.name}" @@ -47,9 +51,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def registrant_updated_notification_for_new_registrant(domain) - @domain = domain - return if delivery_off?(@domain) + def registrant_updated_notification_for_new_registrant(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) return if whitelist_blocked?(@domain.registrant_email) mail(to: format(@domain.registrant_email), @@ -57,9 +62,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def registrant_updated_notification_for_old_registrant(domain) - @domain = domain - return if delivery_off?(@domain) + def registrant_updated_notification_for_old_registrant(domain_id, should_deliver) + domain = Domain.find_by(id: domain_id) + return unless domain + return if delivery_off?(@domain, should_deliver) @old_registrant_email = domain.registrant_email # Nb! before applying pending updates @@ -69,8 +75,9 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_update_rejected_notification_for_new_registrant(domain) - @domain = domain + def pending_update_rejected_notification_for_new_registrant(domain_id) + @domain = Domain.find_by(id: domain_id) + return unless @domain # no delivery off control, driggered by que, no epp request @new_registrant_email = @domain.pending_json['new_registrant_email'] @@ -82,8 +89,9 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_update_expired_notification_for_new_registrant(domain) - @domain = domain + def pending_update_expired_notification_for_new_registrant(domain_id) + @domain = Domain.find_by(id: domain_id) + return unless @domain # no delivery off control, driggered by cron, no epp request @new_registrant_email = @domain.pending_json['new_registrant_email'] @@ -99,9 +107,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_deleted(domain) - @domain = domain - return if delivery_off?(@domain) + def pending_deleted(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) if @domain.registrant_verification_token.blank? logger.warn "EMAIL NOT DELIVERED: registrant_verification_token is missing for #{@domain.name}" @@ -124,8 +133,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_delete_rejected_notification(domain) - @domain = domain + def pending_delete_rejected_notification(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) # no delivery off control, driggered by que, no epp request if @domain.registrant_verification_token.blank? @@ -144,8 +155,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def pending_delete_expired_notification(domain) - @domain = domain + def pending_delete_expired_notification(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) # no delivery off control, driggered by cron, no epp request return if whitelist_blocked?(@domain.registrant.email) @@ -154,8 +167,10 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def delete_confirmation(domain) - @domain = domain + def delete_confirmation(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return unless @domain + return if delivery_off?(@domain, should_deliver) return if whitelist_blocked?(@domain.registrant.email) mail(to: format(@domain.registrant.email), @@ -163,8 +178,9 @@ class DomainMailer < ApplicationMailer name: @domain.name)} [#{@domain.name}]") end - def force_delete(domain) - @domain = domain + def force_delete(domain_id, should_deliver) + @domain = Domain.find_by(id: domain_id) + return if delivery_off?(@domain, should_deliver) emails = ([@domain.registrant.email] + @domain.admin_contacts.map { |x| format(x.email) }).uniq return if whitelist_blocked?(emails) diff --git a/app/mailers/invoice_mailer.rb b/app/mailers/invoice_mailer.rb index e78795b66..54c6a8605 100644 --- a/app/mailers/invoice_mailer.rb +++ b/app/mailers/invoice_mailer.rb @@ -1,8 +1,15 @@ class InvoiceMailer < ApplicationMailer - def invoice_email(invoice, pdf) - return if whitelist_blocked?(invoice.billing_email) + include Que::Mailer + + def invoice_email(invoice_id, html) + @invoice = Invoice.find_by(id: invoice_id) + return unless @invoice + return if whitelist_blocked?(@invoice.billing_email) + + kit = PDFKit.new(html) + pdf = kit.to_pdf + invoice = @invoice - @invoice = invoice attachments[invoice.pdf_name] = pdf mail(to: format(invoice.billing_email), subject: invoice) end diff --git a/app/models/contact.rb b/app/models/contact.rb index f332dc2c4..20c11ae80 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -50,7 +50,7 @@ class Contact < ActiveRecord::Base emails << domains.map(&:registrant_email) if domains.present? emails = emails.flatten.uniq emails.each do |e| - ContactMailer.email_updated(e, self).deliver_now + ContactMailer.email_updated(e, id, deliver_emails).deliver end end diff --git a/app/models/depp/dnskey.rb b/app/models/depp/dnskey.rb index 895dca74b..cd98bb70e 100644 --- a/app/models/depp/dnskey.rb +++ b/app/models/depp/dnskey.rb @@ -12,10 +12,9 @@ module Depp ['6 - DSA-NSEC3-SHA1', 6], ['7 - RSASHA1-NSEC3-SHA1', 7], ['8 - RSA/SHA-256', 8], - ['252 - Reserved for Indirect Keys', 252], - ['253 - Private algorithm', 253], - ['254 - Private algorithm OID', 254], - ['255 - Reserved', 255] + ['10 - RSA/SHA-512', 10], + ['13 - ECDSA Curve P-256 with SHA-256', 13], + ['14 - ECDSA Curve P-384 with SHA-384', 14] ] PROTOCOLS = [3] diff --git a/app/models/dnskey.rb b/app/models/dnskey.rb index 0c426978c..26f5a0afd 100644 --- a/app/models/dnskey.rb +++ b/app/models/dnskey.rb @@ -17,7 +17,7 @@ class Dnskey < ActiveRecord::Base end } - ALGORITHMS = %w(3 5 6 7 8 252 253 254 255) + ALGORITHMS = %w(3 5 6 7 8 10 13 14) PROTOCOLS = %w(3) FLAGS = %w(0 256 257) # 256 = ZSK, 257 = KSK diff --git a/app/models/domain.rb b/app/models/domain.rb index 9845e8ac8..18918906a 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -238,10 +238,10 @@ class Domain < ActiveRecord::Base end count += 1 if domain.pending_update? - DomainMailer.pending_update_expired_notification_for_new_registrant(domain).deliver_now + DomainMailer.pending_update_expired_notification_for_new_registrant(id).deliver end if domain.pending_delete? || domain.pending_delete_confirmation? - DomainMailer.pending_delete_expired_notification(domain).deliver_now + DomainMailer.pending_delete_expired_notification(id, deliver_emails).deliver end domain.clean_pendings! unless Rails.env.test? @@ -307,14 +307,15 @@ class Domain < ActiveRecord::Base c = 0 Domain.where("statuses @> '{deleteCandidate}'::varchar[]").each do |x| Whois::Record.where('domain_id = ?', x.id).try(':destroy') - x.destroy + destroy_with_message x STDOUT << "#{Time.zone.now.utc} Domain.destroy_delete_candidates: by deleteCandidate ##{x.id} (#{x.name})\n" unless Rails.env.test? + c += 1 end Domain.where('force_delete_at <= ?', Time.zone.now).each do |x| Whois::Record.where('domain_id = ?', x.id).try(':destroy') - x.destroy + destroy_with_message x STDOUT << "#{Time.zone.now.utc} Domain.destroy_delete_candidates: by force delete time ##{x.id} (#{x.name})\n" unless Rails.env.test? c += 1 end @@ -324,6 +325,15 @@ class Domain < ActiveRecord::Base # rubocop: enable Metrics/AbcSize # rubocop:enable Rails/FindEach # rubocop: enable Metrics/LineLength + def destroy_with_message(domain) + domain.destroy + bye_bye = domain.versions.last + domain.registrar.messages.create!( + body: I18n.t(:domain_deleted), + attached_obj_id: bye_bye.id, + attached_obj_type: bye_bye.class.to_s # DomainVersion + ) + end end def name=(value) @@ -334,6 +344,17 @@ class Domain < ActiveRecord::Base self[:name_dirty] = value end + # find by internationalized domain name + # internet domain name => ascii or puny, but db::domains.name is unicode + def self.find_by_idn(name) + domain = self.find_by_name name + if domain.blank? && name.include?('-') + unicode = SimpleIDN.to_unicode name # we have no index on domains.name_puny + domain = self.find_by_name unicode + end + domain + end + def roid "EIS-#{id}" end @@ -428,8 +449,8 @@ class Domain < ActiveRecord::Base new_registrant_email = registrant.email new_registrant_name = registrant.name - DomainMailer.pending_update_request_for_old_registrant(self).deliver_now - DomainMailer.pending_update_notification_for_new_registrant(self).deliver_now + DomainMailer.pending_update_request_for_old_registrant(id, deliver_emails).deliver + DomainMailer.pending_update_notification_for_new_registrant(id, deliver_emails).deliver reload # revert back to original @@ -489,7 +510,13 @@ class Domain < ActiveRecord::Base pending_delete_confirmation! save(validate: false) # should check if this did succeed - DomainMailer.pending_deleted(self).deliver_now + DomainMailer.pending_deleted(id, deliver_emails).deliver + end + + def cancel_pending_delete + statuses.delete DomainStatus::PENDING_DELETE_CONFIRMATION + statuses.delete DomainStatus::PENDING_DELETE + self.delete_at = nil end def pricelist(operation, period_i = nil, unit = nil) @@ -619,7 +646,7 @@ class Domain < ActiveRecord::Base registrar.messages.create!( body: I18n.t('force_delete_set_on_domain', domain: name) ) - DomainMailer.force_delete(self).deliver_now + DomainMailer.force_delete(id, deliver_emails).deliver return true end false @@ -673,16 +700,31 @@ class Domain < ActiveRecord::Base statuses.include?(DomainStatus::FORCE_DELETE) end + # special handling for admin changing status + def admin_status_update(update) + # check for deleted status + statuses.each do |s| + unless update.include? s + case s + when DomainStatus::PENDING_DELETE + self.delete_at = nil + # Handle any other special remove cases? + # when DomainStatus::FORCE_DELETE unset_force_delete + end + end + end + end + def pending_update_prohibited? (statuses_was & [ DomainStatus::PENDING_DELETE_CONFIRMATION, - DomainStatus::CLIENT_UPDATE_PROHIBITED, - DomainStatus::SERVER_UPDATE_PROHIBITED, - DomainStatus::PENDING_CREATE, - DomainStatus::PENDING_UPDATE, - DomainStatus::PENDING_DELETE, - DomainStatus::PENDING_RENEW, - DomainStatus::PENDING_TRANSFER + DomainStatus::CLIENT_UPDATE_PROHIBITED, + DomainStatus::SERVER_UPDATE_PROHIBITED, + DomainStatus::PENDING_CREATE, + DomainStatus::PENDING_UPDATE, + DomainStatus::PENDING_DELETE, + DomainStatus::PENDING_RENEW, + DomainStatus::PENDING_TRANSFER ]).present? end diff --git a/app/models/domain_status.rb b/app/models/domain_status.rb index 543ba0ff4..c784a86e3 100644 --- a/app/models/domain_status.rb +++ b/app/models/domain_status.rb @@ -148,7 +148,7 @@ class DomainStatus < ActiveRecord::Base INACTIVE, FORCE_DELETE, PENDING_CREATE, - PENDING_DELETE, + #PENDING_DELETE, PENDING_RENEW, PENDING_TRANSFER, PENDING_UPDATE, diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index ffd525d9d..66ea0768f 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -236,7 +236,7 @@ class Epp::Domain < Domain def admin_domain_contacts_attrs(frame, action) admin_attrs = domain_contact_attrs_from(frame, action, 'admin') - if action && !admin_attrs.empty? && admin_change_prohibited? + if admin_attrs.present? && admin_change_prohibited? add_epp_error('2304', 'admin', DomainStatus::SERVER_ADMIN_CHANGE_PROHIBITED, I18n.t(:object_status_prohibits_operation)) return [] end @@ -252,7 +252,7 @@ class Epp::Domain < Domain def tech_domain_contacts_attrs(frame, action) tech_attrs = domain_contact_attrs_from(frame, action, 'tech') - if action && !tech_attrs.empty? && tech_change_prohibited? + if tech_attrs.present? && tech_change_prohibited? add_epp_error('2304', 'tech', DomainStatus::SERVER_TECH_CHANGE_PROHIBITED, I18n.t(:object_status_prohibits_operation)) return [] end @@ -314,80 +314,113 @@ class Epp::Domain < Domain # rubocop: disable Metrics/PerceivedComplexity # rubocop: disable Metrics/CyclomaticComplexity def dnskeys_attrs(frame, action) - if frame.css('dsData').any? && !Setting.ds_data_allowed - errors.add(:base, :ds_data_not_allowed) - end + keys = [] + return keys if frame.blank? + inf_data = DnsSecKeys.new(frame) - if frame.xpath('keyData').any? && !Setting.key_data_allowed - errors.add(:base, :key_data_not_allowed) - end - - res = ds_data_from(frame) - dnskeys_list = key_data_from(frame, res) - - if action == 'rem' - to_destroy = [] - dnskeys_list.each do |x| - dk = dnskeys.find_by(public_key: x[:public_key]) - - unless dk - add_epp_error('2303', 'publicKey', x[:public_key], [:dnskeys, :not_found]) - next - end - - to_destroy << { - id: dk.id, - _destroy: 1 - } - end - - return to_destroy + if action == 'rem' && + frame.css('rem > all').first.try(:text) == 'true' + keys = inf_data.mark_destroy_all dnskeys else - return dnskeys_list + if Setting.key_data_allowed + errors.add(:base, :ds_data_not_allowed) if inf_data.ds_data.present? + keys = inf_data.key_data + end + if Setting.ds_data_allowed + errors.add(:base, :key_data_not_allowed) if inf_data.key_data.present? + keys = inf_data.ds_data + end + if action == 'rem' + keys = inf_data.mark_destroy(dnskeys) + add_epp_error('2303', nil, nil, [:dnskeys, :not_found]) if keys.include? nil + end end + errors.any? ? [] : keys end # rubocop: enable Metrics/PerceivedComplexity # rubocop: enable Metrics/CyclomaticComplexity - def key_data_from(frame, res) - frame.xpath('keyData').each do |x| - res << { - flags: x.css('flags').first.try(:text), - protocol: x.css('protocol').first.try(:text), - alg: x.css('alg').first.try(:text), - public_key: x.css('pubKey').first.try(:text), - ds_alg: 3, - ds_digest_type: Setting.ds_algorithm - } + class DnsSecKeys + def initialize(frame) + @key_data = [] + @ds_data = [] + # schema validation prevents both in the same parent node + if frame.css('dsData').present? + ds_data_from frame + else + frame.css('keyData').each do |key| + @key_data.append key_data_from(key) + end + end end - res - end + attr_reader :key_data + attr_reader :ds_data - def ds_data_from(frame) - res = [] - frame.css('dsData').each do |x| - data = { - ds_key_tag: x.css('keyTag').first.try(:text), - ds_alg: x.css('alg').first.try(:text), - ds_digest_type: x.css('digestType').first.try(:text), - ds_digest: x.css('digest').first.try(:text) - } - - kd = x.css('keyData').first - data.merge!({ - flags: kd.css('flags').first.try(:text), - protocol: kd.css('protocol').first.try(:text), - alg: kd.css('alg').first.try(:text), - public_key: kd.css('pubKey').first.try(:text) - }) if kd - - res << data + def mark_destroy_all(dns_keys) + # if transition support required mark_destroy dns_keys when has ds/key values otherwise ... + dns_keys.map { |inf_data| mark inf_data } end - res - end + def mark_destroy(dns_keys) + (ds_data.present? ? ds_filter(dns_keys) : kd_filter(dns_keys)).map do |inf_data| + inf_data.blank? ? nil : mark(inf_data) + end + end + private + + KEY_INTERFACE = {flags: 'flags', protocol: 'protocol', alg: 'alg', public_key: 'pubKey' } + DS_INTERFACE = + { ds_key_tag: 'keyTag', + ds_alg: 'alg', + ds_digest_type: 'digestType', + ds_digest: 'digest' + } + + def xm_copy(frame, map) + result = {} + map.each do |key, elem| + result[key] = frame.css(elem).first.try(:text) + end + result + end + + def key_data_from(frame) + result = xm_copy frame, KEY_INTERFACE + # TODO: can these defaults go where they belong? + result.merge({ + ds_alg: 3, # DSA/SHA-1 [DSA] RFC2536 + ds_digest_type: Setting.ds_algorithm # only 1 + }) + end + + def ds_data_from(frame) + frame.css('dsData').each do |ds_data| + key = ds_data.css('keyData') + ds = xm_copy ds_data, DS_INTERFACE + ds.merge(key_data_from key) if key.present? + @ds_data << ds + end + end + + def ds_filter(dns_keys) + @ds_data.map do |ds| + dns_keys.find_by(ds.slice(*DS_INTERFACE.keys)) + end + end + + def kd_filter(dns_keys) + @key_data.map do |key| + dns_keys.find_by(key) + end + end + + def mark(inf_data) + { id: inf_data.id, _destroy: 1 } + end + end + def domain_statuses_attrs(frame, action) status_list = domain_status_list_from(frame) if action == 'rem' @@ -443,21 +476,10 @@ class Epp::Domain < Domain frame.css("legalDocument").first.content = doc.path if doc && doc.persisted? end - at_add = attrs_from(frame.css('add'), current_user) + at_add = attrs_from(frame.css('add'), current_user, 'add') at[:nameservers_attributes] += at_add[:nameservers_attributes] - - if !at[:admin_domain_contacts_attributes].empty? && admin_change_prohibited? - add_epp_error('2304', 'admin', DomainStatus::SERVER_ADMIN_CHANGE_PROHIBITED, I18n.t(:object_status_prohibits_operation)) - else - at[:admin_domain_contacts_attributes] += at_add[:admin_domain_contacts_attributes] - end - - if !at[:tech_domain_contacts_attributes].empty? && tech_change_prohibited? - add_epp_error('2304', 'tech', DomainStatus::SERVER_TECH_CHANGE_PROHIBITED, I18n.t(:object_status_prohibits_operation)) - else - at[:tech_domain_contacts_attributes] += at_add[:tech_domain_contacts_attributes] - end - + at[:admin_domain_contacts_attributes] += at_add[:admin_domain_contacts_attributes] + at[:tech_domain_contacts_attributes] += at_add[:tech_domain_contacts_attributes] at[:dnskeys_attributes] += at_add[:dnskeys_attributes] at[:statuses] = statuses - domain_statuses_attrs(frame.css('rem'), 'rem') + domain_statuses_attrs(frame.css('add'), 'add') @@ -478,7 +500,7 @@ class Epp::Domain < Domain # rubocop: enable Metrics/CyclomaticComplexity def apply_pending_update! - old_registrant_email = DomainMailer.registrant_updated_notification_for_old_registrant(self) + old_registrant_email = DomainMailer.registrant_updated_notification_for_old_registrant(id, deliver_emails) preclean_pendings user = ApiUser.find(pending_json['current_user_id']) frame = Nokogiri::XML(pending_json['frame']) @@ -488,8 +510,8 @@ class Epp::Domain < Domain return unless update(frame, user, false) clean_pendings! self.deliver_emails = true # turn on email delivery - DomainMailer.registrant_updated_notification_for_new_registrant(self).deliver_now - old_registrant_email.deliver_now + DomainMailer.registrant_updated_notification_for_new_registrant(id, deliver_emails).deliver + old_registrant_email.deliver true end @@ -497,7 +519,7 @@ class Epp::Domain < Domain preclean_pendings statuses.delete(DomainStatus::PENDING_DELETE_CONFIRMATION) statuses.delete(DomainStatus::PENDING_DELETE) - DomainMailer.delete_confirmation(self).deliver_now + DomainMailer.delete_confirmation(id, deliver_emails).deliver # TODO: confirm that this actually makes sense clean_pendings! if valid? && set_pending_delete! @@ -797,14 +819,14 @@ class Epp::Domain < Domain def transferrable? (statuses & [ DomainStatus::PENDING_DELETE_CONFIRMATION, - DomainStatus::PENDING_CREATE, - DomainStatus::PENDING_UPDATE, - DomainStatus::PENDING_DELETE, - DomainStatus::PENDING_RENEW, - DomainStatus::PENDING_TRANSFER, - DomainStatus::FORCE_DELETE, - DomainStatus::SERVER_TRANSFER_PROHIBITED, - DomainStatus::CLIENT_TRANSFER_PROHIBITED + DomainStatus::PENDING_CREATE, + DomainStatus::PENDING_UPDATE, + DomainStatus::PENDING_DELETE, + DomainStatus::PENDING_RENEW, + DomainStatus::PENDING_TRANSFER, + DomainStatus::FORCE_DELETE, + DomainStatus::SERVER_TRANSFER_PROHIBITED, + DomainStatus::CLIENT_TRANSFER_PROHIBITED ]).empty? end @@ -850,7 +872,7 @@ class Epp::Domain < Domain next end - if Domain.find_by(name: x) + if Domain.find_by_idn x res << { name: x, avail: 0, reason: 'in use' } else res << { name: x, avail: 1 } diff --git a/app/models/invoice.rb b/app/models/invoice.rb index 583f26825..0c4e23a08 100644 --- a/app/models/invoice.rb +++ b/app/models/invoice.rb @@ -117,7 +117,7 @@ class Invoice < ActiveRecord::Base return false unless valid? return false unless billing_email.present? - InvoiceMailer.invoice_email(self, pdf(html)).deliver_now + InvoiceMailer.invoice_email(id, html).deliver true end diff --git a/app/models/setting.rb b/app/models/setting.rb index 122bfc99a..cb52fd1b7 100644 --- a/app/models/setting.rb +++ b/app/models/setting.rb @@ -6,4 +6,18 @@ class Setting < RailsSettings::CachedSettings Rails.cache.delete_matched('settings:.*') STDOUT << "#{Time.zone.now.utc} - Settings cache cleared\n" end + + + # cannot do instance validation because CachedSetting use save! + def self.params_errors(params) + errors = {} + # DS data allowed and Allow key data cannot be both true + if !!params["key_data_allowed"] && params["key_data_allowed"] == params["ds_data_allowed"] + msg = "#{I18n.t(:key_data_allowed)} and #{I18n.t(:ds_data_with_key_allowed)} cannot be both true" + errors["key_data_allowed"] = msg + errors["ds_data_allowed"] = msg + end + + return errors + end end diff --git a/app/models/whois_record.rb b/app/models/whois_record.rb index 9a725b013..ac5f17c7b 100644 --- a/app/models/whois_record.rb +++ b/app/models/whois_record.rb @@ -7,6 +7,7 @@ class WhoisRecord < ActiveRecord::Base before_validation :populate after_save :update_whois_server + after_destroy :destroy_whois_record class << self def included @@ -48,6 +49,7 @@ class WhoisRecord < ActiveRecord::Base h[:registrant] = domain.registrant.name h[:registrant_email] = domain.registrant.email + @disclosed << [:email, domain.registrant.email] h[:changed] = domain.registrant.updated_at.try(:to_s, :iso8601) h[:admin_contacts] = [] @@ -83,7 +85,7 @@ class WhoisRecord < ActiveRecord::Base h[:dnssec_changed] = domain.dnskeys.pluck(:updated_at).max.try(:to_s, :iso8601) rescue nil - h[:disclosed] = @disclosed + h[:disclosed] = @disclosed # later we can replace h end @@ -109,4 +111,8 @@ class WhoisRecord < ActiveRecord::Base wd.json = json wd.save end + + def destroy_whois_record + Whois::Record.where(name: name).delete_all() + end end diff --git a/app/views/admin/domain_versions/_version.haml b/app/views/admin/domain_versions/_version.haml index 6f0d7dd24..fd449b4b0 100644 --- a/app/views/admin/domain_versions/_version.haml +++ b/app/views/admin/domain_versions/_version.haml @@ -6,10 +6,10 @@ - if domain.present? - if version # normal history - children = HashWithIndifferentAccess.new(version.children) - - nameservers = children[:nameservers] || [] - - tech_contacts = children[:tech_contacts] || [] - - admin_contacts = children[:admin_contacts] || [] - - registrant = children[:registrant] || [] + - nameservers = Nameserver.where(id: children[:nameservers]) + - tech_contacts = Contact.where(id: children[:tech_contacts]) + - admin_contacts = Contact.where(id: children[:admin_contacts]) + - registrant = Contact.where(id: children[:registrant]) - event = version.event - creator = plain_username(version.terminator) - else # pending history diff --git a/app/views/admin/domains/form/_pending_delete.haml b/app/views/admin/domains/form/_pending_delete.haml index 2e199d0b7..e3d71f3f4 100644 --- a/app/views/admin/domains/form/_pending_delete.haml +++ b/app/views/admin/domains/form/_pending_delete.haml @@ -1,4 +1,4 @@ -- if (status == DomainStatus::PENDING_DELETE || status == DomainStatus::PENDING_DELETE_CONFIRMATION) +- if status == DomainStatus::PENDING_DELETE_CONFIRMATION = link_to(t(:accept_delete), admin_domain_pending_delete_path(f.object.id, f.object.id), method: :patch, data: { confirm: t(:are_you_sure) }, class: 'btn btn-danger btn-xs') diff --git a/app/views/admin/settings/_setting_row.haml b/app/views/admin/settings/_setting_row.haml index 632effc74..ab0d8d991 100644 --- a/app/views/admin/settings/_setting_row.haml +++ b/app/views/admin/settings/_setting_row.haml @@ -1,5 +1,5 @@ - value = Setting.send(var) -%tr +%tr{class: (@errors && @errors.has_key?(var.to_s) && "danger")} %td= t(var) - if [TrueClass, FalseClass].include?(value.class) %td diff --git a/app/views/epp/domains/info.xml.builder b/app/views/epp/domains/info.xml.builder index e7962002c..f89fcd168 100644 --- a/app/views/epp/domains/info.xml.builder +++ b/app/views/epp/domains/info.xml.builder @@ -60,40 +60,44 @@ xml.epp_head do end end - xml.extension do - def tag_key_data(xml, key) - xml.tag!('secDNS:keyData') do - xml.tag!('secDNS:flags', key.flags) - xml.tag!('secDNS:protocol', key.protocol) - xml.tag!('secDNS:alg', key.alg) - xml.tag!('secDNS:pubKey', key.public_key) - end - end + if @domain.dnskeys.any? + ds_data = Setting.ds_data_allowed ? @domain.dnskeys.find_all { |key| key.ds_digest.present? } : [] + key_data = Setting.key_data_allowed ? @domain.dnskeys.find_all { |key| key.public_key.present? } : [] - def tag_ds_data(xml, key) - xml.tag!('secDNS:dsData') do - xml.tag!('secDNS:keyTag', key.ds_key_tag) - xml.tag!('secDNS:alg', key.ds_alg) - xml.tag!('secDNS:digestType', key.ds_digest_type) - xml.tag!('secDNS:digest', key.ds_digest) - tag_key_data(xml, key) if key.public_key.present? - end - end - - xml.tag!('secDNS:infData', 'xmlns:secDNS' => 'urn:ietf:params:xml:ns:secDNS-1.1') do - # might not have ds in first key? maybe check any? k.ds_digest if requirements change (DS not accepted by EIS) - if @domain.dnskeys[0].ds_digest.blank? - @domain.dnskeys.sort.each do |key| - tag_key_data(xml, key) - end - else - @domain.dnskeys.sort.each do |key| - tag_ds_data(xml, key) + # is there any reason to include without + xml.extension do + def tag_key_data(xml, key) + xml.tag!('secDNS:keyData') do + xml.tag!('secDNS:flags', key.flags) + xml.tag!('secDNS:protocol', key.protocol) + xml.tag!('secDNS:alg', key.alg) + xml.tag!('secDNS:pubKey', key.public_key) end end - end - end if @domain.dnskeys.any? + def tag_ds_data(xml, key) + xml.tag!('secDNS:dsData') do + xml.tag!('secDNS:keyTag', key.ds_key_tag) + xml.tag!('secDNS:alg', key.ds_alg) + xml.tag!('secDNS:digestType', key.ds_digest_type) + xml.tag!('secDNS:digest', key.ds_digest) + tag_key_data(xml, key) if key.public_key.present? + end + end + + xml.tag!('secDNS:infData', 'xmlns:secDNS' => 'urn:ietf:params:xml:ns:secDNS-1.1') do + if Setting.ds_data_allowed + ds_data.sort.each do |key| + tag_ds_data(xml, key) + end + else + key_data.sort.each do |key| + tag_key_data(xml, key) + end + end + end + end if key_data.present? || ds_data.present? + end render('epp/shared/trID', builder: xml) end end diff --git a/app/views/epp/domains/partials/_delete_complete.xml.builder b/app/views/epp/domains/partials/_delete_complete.xml.builder new file mode 100644 index 000000000..509ac6953 --- /dev/null +++ b/app/views/epp/domains/partials/_delete_complete.xml.builder @@ -0,0 +1,4 @@ +builder.tag!('domain:delData', 'xmlns:domain' => 'https://epp.tld.ee/schema/domain-eis-1.0.xsd') do + builder.tag!('domain:name', bye_bye.object['name']) + builder.tag!('domain:exDate', bye_bye.created_at) +end diff --git a/app/views/epp/poll/poll_req.xml.builder b/app/views/epp/poll/poll_req.xml.builder index 347f0a632..605ca496e 100644 --- a/app/views/epp/poll/poll_req.xml.builder +++ b/app/views/epp/poll/poll_req.xml.builder @@ -10,8 +10,11 @@ xml.epp_head do end xml.resData do - if @message.attached_obj_type == 'DomainTransfer' - xml << render('epp/domains/partials/transfer', builder: xml, dt: @object) + case @message.attached_obj_type + when 'DomainTransfer' + xml << render('epp/domains/partials/transfer', builder: xml, dt: @object) + when 'DomainVersion' + xml << render('epp/domains/partials/delete_complete', builder: xml, bye_bye: @object) end end if @object diff --git a/app/views/for_models/whois.erb b/app/views/for_models/whois.erb index 385368b4a..cb6adac75 100644 --- a/app/views/for_models/whois.erb +++ b/app/views/for_models/whois.erb @@ -27,7 +27,7 @@ changed: <%= contact['changed'].to_s.tr('T',' ').sub('+', ' +') %> <%- end -%> <% if json['tech_contacts'].present? %> Technical contact: -<%- for contact in json['admin_contacts'] -%> +<%- for contact in json['tech_contacts'] -%> name: <%= contact['name'] %> email: Not Disclosed - Visit www.internet.ee for webbased WHOIS changed: <%= contact['changed'].to_s.tr('T',' ').sub('+', ' +') %> diff --git a/app/views/registrar/contacts/partials/_domains.haml b/app/views/registrar/contacts/partials/_domains.haml new file mode 100644 index 000000000..efdf78504 --- /dev/null +++ b/app/views/registrar/contacts/partials/_domains.haml @@ -0,0 +1,30 @@ +- domains = contact.all_domains(page: params[:domain_page], per: 20, params: params) +#contacts.panel.panel-default + .panel-heading + .pull-left + = t(:domains) + .pull-right + = form_tag request.path, method: :get do + = select_tag :domain_filter, options_for_select(%w(Registrant AdminDomainContact TechDomainContact), selected: params[:domain_filter]), + include_blank: true, class: 'form-control2 selectize2' + %button.btn.btn-primary + %span.glyphicon.glyphicon-search + .clearfix + + .table-responsive + %table.table.table-hover.table-bordered.table-condensed + %thead + %tr + %th{class: 'col-xs-3'}=custom_sort_link t(:domain_name), :name + %th{class: 'col-xs-3'}=custom_sort_link t(:registrar), :registrar_name + %th{class: 'col-xs-3'}=custom_sort_link t(:valid_to), :valid_to + %th{class: 'col-xs-3'}= t(:roles) + %tbody + - domains.each do |x| + %tr + %td= link_to(x.name, info_registrar_domains_path(domain_name: x.name)) + %td= x.registrar.name + %td= l(x.valid_to, format: :short) + %td= x.roles.join(", ") + += paginate domains, param_name: :domain_page \ No newline at end of file diff --git a/app/views/registrar/contacts/show.haml b/app/views/registrar/contacts/show.haml index 96faa4ecc..f12e22b84 100644 --- a/app/views/registrar/contacts/show.haml +++ b/app/views/registrar/contacts/show.haml @@ -10,7 +10,8 @@ .row .col-md-12= render 'registrar/contacts/partials/statuses', statuses: @contact.statuses .row - .col-md-12= render 'admin/contacts/partials/domains', contact: Contact.find_by(code: params[:id]) + - if @contact.ident.present? + .col-md-12= render 'registrar/contacts/partials/domains', contact: Contact.find_by(code: params[:id]) - else .row diff --git a/app/views/registrar/domains/partials/_dnskeys.haml b/app/views/registrar/domains/partials/_dnskeys.haml index 46dcd0fce..5b8a95ade 100644 --- a/app/views/registrar/domains/partials/_dnskeys.haml +++ b/app/views/registrar/domains/partials/_dnskeys.haml @@ -4,23 +4,17 @@ .panel-body{style: 'word-wrap: break-word;'} - @data.css('dsData').each do |x| %dl.dl-horizontal - - if x.css('keyTag').text.present? + - if x.css('digest').text.present? %dt= t(:ds_key_tag) %dd= x.css('keyTag').text - - - if x.css('alg').first.text.present? %dt= t(:ds_algorithm) %dd= x.css('alg').first.text - - - if x.css('digestType').text.present? %dt= t(:ds_digest_type) %dd= x.css('digestType').text - - - if x.css('digest').text.present? %dt= t(:ds_digest) %dd= x.css('digest').text - - @data.css('keyData').each do |x| - %dl.dl-horizontal + - @data.css('keyData').each do |x| + %dl.dl-horizontal %dt= t(:flag) %dd= x.css('flags').text @@ -32,9 +26,9 @@ %dt= t(:public_key) %dd= x.css('pubKey').text - - - @data.css('keyData').each do |x| + - if @data.css('dsData').empty? %dl.dl-horizontal + - @data.css('keyData').each do |x| %dt= t(:flag) %dd= x.css('flags').text diff --git a/config/application-example.yml b/config/application-example.yml index cce71e3a4..b08a1b007 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -61,6 +61,7 @@ contact_org_enabled: 'false' # Enable iptables counter updater # iptables_counter_enabled: 'true' +# iptables_server_ip: '127.0.0.1' # Custom legal document types. Changing this requires updating EPP extension schema for allowed legalDocEnumType values. # System default for legal document types is: pdf,bdoc,ddoc,zip,rar,gz,tar,7z,odt,doc,docx diff --git a/config/initializers/initial_settings.rb b/config/initializers/initial_settings.rb index bcee95150..35c3eebb3 100644 --- a/config/initializers/initial_settings.rb +++ b/config/initializers/initial_settings.rb @@ -13,7 +13,7 @@ if con.present? && con.table_exists?('settings') Setting.save_default(:expire_pending_confirmation, 48) Setting.save_default(:ds_algorithm, 2) - Setting.save_default(:ds_data_allowed, true) + Setting.save_default(:ds_data_allowed, false) Setting.save_default(:key_data_allowed, true) Setting.save_default(:dnskeys_min_count, 0) diff --git a/db/migrate/20151120090455_index_domains_on_name.rb b/db/migrate/20151120090455_index_domains_on_name.rb new file mode 100644 index 000000000..a429b6fbf --- /dev/null +++ b/db/migrate/20151120090455_index_domains_on_name.rb @@ -0,0 +1,5 @@ +class IndexDomainsOnName < ActiveRecord::Migration + def change + add_index :domains, :name, unique: true + end +end diff --git a/doc/debian_build_doc.md b/doc/debian_build_doc.md index e14992994..084619b26 100644 --- a/doc/debian_build_doc.md +++ b/doc/debian_build_doc.md @@ -83,11 +83,14 @@ Iptables hitcounter is updated by application. For every registrar there is one ```` #!/bin/bash +iptables -A INPUT -p tcp --dport 700 -j CHKLIMITS -iptables -A INPUT -p tcp --dport 700 -s $REGISTRAR_SOURCE -m recent --name $REGISTRAR_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP -iptables -A INPUT -p tcp --dport 700 -s $REGISTRAR_SOURCE2 -m recent --name $REGISTRAR_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP -iptables -A INPUT -p tcp --dport 700 -s $REGISTRAR2_SOURCE -m recent --name $REGISTRAR2_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP -iptables -A INPUT -p tcp --dport 700 -s $REGISTRAR2_SOURCE2 -m recent --name $REGISTRAR2_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP +iptables -N CHKLIMITS + +iptables -A CHKLIMITS -p tcp --dport 700 -s $REGISTRAR_SOURCE -m recent --name $REGISTRAR_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP +iptables -A CHKLIMITS -p tcp --dport 700 -s $REGISTRAR_SOURCE2 -m recent --name $REGISTRAR_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP +iptables -A CHKLIMITS -p tcp --dport 700 -s $REGISTRAR2_SOURCE -m recent --name $REGISTRAR2_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP +iptables -A CHKLIMITS -p tcp --dport 700 -s $REGISTRAR2_SOURCE2 -m recent --name $REGISTRAR2_CODE --rdest --rcheck --hitcount 100 --seconds 60 -j DROP ```` diff --git a/doc/epp/domain.md b/doc/epp/domain.md index 79b3f8ed5..fb03e40a4 100644 --- a/doc/epp/domain.md +++ b/doc/epp/domain.md @@ -50,9 +50,6 @@ Domain name mapping protocol short version: 1 1 Attribute: xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd" 1 Domain name. Can contain unicode characters. - 0-1 Attributes to change - 0-1 Contact reference to the registrant - Optional attribute: verified="yes/no" 0-1 Objects to add 0-n Contact reference. Attribute: type="admin / tech" 0-n Status description. @@ -72,6 +69,9 @@ Domain name mapping protocol short version: 0-1 1 1 Hostname of the nameserver + 0-1 Attributes to change + 0-1 Contact reference to the registrant + Optional attribute: verified="yes/no" 0-1 Required if registrant is changing 0-1 Attribute: xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" 0-1 diff --git a/spec/mailers/contact_mailer_spec.rb b/spec/mailers/contact_mailer_spec.rb index 033843b50..2cb8fe344 100644 --- a/spec/mailers/contact_mailer_spec.rb +++ b/spec/mailers/contact_mailer_spec.rb @@ -8,7 +8,7 @@ describe ContactMailer do describe 'email changed notification when delivery turned off' do before :all do @contact = Fabricate(:contact, email: 'test@example.ee') - @mail = ContactMailer.email_updated('test@example.com', @contact) + @mail = ContactMailer.email_updated('test@example.com', @contact.id, deliver_emails) end it 'should not render email subject' do @@ -34,7 +34,7 @@ describe ContactMailer do @contact = @domain.registrant @contact.reload # until figured out why registrant_domains not loaded @contact.deliver_emails = true - @mail = ContactMailer.email_updated('info@example.org', @contact) + @mail = ContactMailer.email_updated('info@example.org', @contact.id, deliver_emails) end it 'should render email subject' do @@ -60,7 +60,7 @@ describe ContactMailer do @contact = @domain.registrant @contact.reload # until figured out why registrant_domains not loaded @contact.deliver_emails = true - @mail = ContactMailer.email_updated('info@ääöü.org', @contact) + @mail = ContactMailer.email_updated('info@ääöü.org', @contact.id, deliver_emails) end it 'should render email subject' do diff --git a/spec/mailers/domain_mailer_spec.rb b/spec/mailers/domain_mailer_spec.rb index 71ed183ce..37605a668 100644 --- a/spec/mailers/domain_mailer_spec.rb +++ b/spec/mailers/domain_mailer_spec.rb @@ -9,7 +9,7 @@ describe DomainMailer do before :all do @registrant = Fabricate(:registrant, email: 'test@example.com') @domain = Fabricate(:domain, registrant: @registrant) - @mail = DomainMailer.pending_update_request_for_old_registrant(@domain) + @mail = DomainMailer.pending_update_request_for_old_registrant(@domain.id, deliver_emails) end it 'should not render email subject' do @@ -38,7 +38,7 @@ describe DomainMailer do @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now @domain.registrant = @new_registrant - @mail = DomainMailer.pending_update_request_for_old_registrant(@domain) + @mail = DomainMailer.pending_update_request_for_old_registrant(@domain.id, deliver_emails) end it 'should render email subject' do @@ -71,7 +71,7 @@ describe DomainMailer do @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now @domain.registrant = @new_registrant - @mail = DomainMailer.pending_update_notification_for_new_registrant(@domain) + @mail = DomainMailer.pending_update_notification_for_new_registrant(@domain.id, deliver_emails) end it 'should render email subject' do @@ -100,7 +100,7 @@ describe DomainMailer do @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now @domain.registrant = @new_registrant - @mail = DomainMailer.pending_update_notification_for_new_registrant(@domain) + @mail = DomainMailer.pending_update_notification_for_new_registrant(@domain.id, deliver_emails) end it 'should render email subject' do @@ -128,7 +128,7 @@ describe DomainMailer do @domain.deliver_emails = true @domain.pending_json['new_registrant_email'] = 'new@example.org' @domain.pending_json['new_registrant_name'] = 'test name' - @mail = DomainMailer.pending_update_rejected_notification_for_new_registrant(@domain) + @mail = DomainMailer.pending_update_rejected_notification_for_new_registrant(@domain.id) end it 'should render email subject' do @@ -153,7 +153,7 @@ describe DomainMailer do @registrant = Fabricate(:registrant, email: 'test@example.com') @domain = Fabricate(:domain, registrant: @registrant) @domain.deliver_emails = true - @mail = DomainMailer.registrant_updated_notification_for_new_registrant(@domain) + @mail = DomainMailer.registrant_updated_notification_for_new_registrant(@domain.id, deliver_emails) end it 'should render email subject' do @@ -178,7 +178,7 @@ describe DomainMailer do @registrant = Fabricate(:registrant, email: 'test@example.com') @domain = Fabricate(:domain, registrant: @registrant) @domain.deliver_emails = true - @mail = DomainMailer.registrant_updated_notification_for_old_registrant(@domain) + @mail = DomainMailer.registrant_updated_notification_for_old_registrant(@domain.id, deliver_emails) end it 'should render email subject' do @@ -202,7 +202,7 @@ describe DomainMailer do before :all do @registrant = Fabricate(:registrant, email: 'test@example.com') @domain = Fabricate(:domain, registrant: @registrant) - @mail = DomainMailer.pending_deleted(@domain) + @mail = DomainMailer.pending_deleted(@domain.id, deliver_emails) end it 'should not render email subject' do @@ -229,7 +229,7 @@ describe DomainMailer do @domain.deliver_emails = true @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now - @mail = DomainMailer.pending_deleted(@domain) + @mail = DomainMailer.pending_deleted(@domain.id, deliver_emails) end it 'should render email subject' do @@ -260,7 +260,7 @@ describe DomainMailer do @domain.deliver_emails = true @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now - @mail = DomainMailer.pending_delete_rejected_notification(@domain) + @mail = DomainMailer.pending_delete_rejected_notification(@domain.id, deliver_emails) end it 'should render email subject' do @@ -287,7 +287,7 @@ describe DomainMailer do @domain.deliver_emails = true @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now - @mail = DomainMailer.pending_delete_expired_notification(@domain) + @mail = DomainMailer.pending_delete_expired_notification(@domain.id, deliver_emails) end it 'should render email subject' do @@ -314,7 +314,7 @@ describe DomainMailer do @domain.deliver_emails = true @domain.registrant_verification_token = '123' @domain.registrant_verification_asked_at = Time.zone.now - @mail = DomainMailer.delete_confirmation(@domain) + @mail = DomainMailer.delete_confirmation(@domain.id, deliver_emails) end it 'should render email subject' do