Rename users.password to users.plain_text_password

Otherwise it conflicts with Devise

app/api/repp/api.rb

@@ -4,7 +4,7 @@ module Repp
     prefix :repp
 
     http_basic do |username, password|
-      @current_user ||= ApiUser.find_by(username: username, password: password)
+      @current_user ||= ApiUser.find_by(username: username, plain_text_password: password)
       if @current_user
         true
       else

app/controllers/admin/api_users_controller.rb

@@ -32,7 +32,7 @@ module Admin
     end
 
     def update
-      params[:api_user].delete(:password) if params[:api_user][:password].blank?
+      params[:api_user].delete(:plain_text_password) if params[:api_user][:plain_text_password].blank?
       if @api_user.update(api_user_params)
         flash[:notice] = I18n.t('record_updated')
         redirect_to [:admin, @api_user]
@@ -59,7 +59,7 @@ module Admin
     end
 
     def api_user_params
-      params.require(:api_user).permit(:username, :password, :active,
+      params.require(:api_user).permit(:username, :plain_text_password, :active,
                                        :registrar_id, :registrar_typeahead,
                                        :identity_code, { roles: [] })
     end

app/controllers/epp/sessions_controller.rb

@@ -81,7 +81,7 @@ class Epp::SessionsController < EppController
 
     if success
       if params[:parsed_frame].css('newPW').first
-        unless @api_user.update(password: params[:parsed_frame].css('newPW').first.text)
+        unless @api_user.update(plain_text_password: params[:parsed_frame].css('newPW').first.text)
           response.headers['X-EPP-Returncode'] = '2500'
           handle_errors(@api_user) and return
         end
@@ -128,7 +128,7 @@ class Epp::SessionsController < EppController
   def login_params
     user = params[:parsed_frame].css('clID').first.text
     pw = params[:parsed_frame].css('pw').first.text
-    { username: user, password: pw }
+    { username: user, plain_text_password: pw }
   end
 
   private

app/controllers/registrar/depp_controller.rb

@@ -22,7 +22,7 @@ class Registrar
       return nil unless current_registrar_user
       @depp_current_user ||= Depp::User.new(
         tag: current_registrar_user.username,
-        password: current_registrar_user.password
+        password: current_registrar_user.plain_text_password
       )
     end
 

app/controllers/registrar/domain_transfers_controller.rb

@@ -21,7 +21,7 @@ class Registrar
         uri = URI.parse("#{ENV['repp_url']}domain_transfers")
         request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
         request.body = { data: { domainTransfers: domain_transfers } }.to_json
-        request.basic_auth(current_registrar_user.username, current_registrar_user.password)
+        request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password)
 
 
         if Rails.env.test?

app/controllers/registrar/nameservers_controller.rb

@@ -12,7 +12,7 @@ class Registrar
                                attributes: { hostname: params[:new_hostname],
                                              ipv4: ipv4,
                                              ipv6: ipv6 } } }.to_json
-      request.basic_auth(current_registrar_user.username, current_registrar_user.password)
+      request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password)
 
       if Rails.env.test?
         response = Net::HTTP.start(uri.hostname, uri.port,

app/controllers/registrar/sessions_controller.rb

@@ -26,7 +26,8 @@ class Registrar
         @depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required)
       end
 
-      @api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password])
+      @api_user = ApiUser.find_by(username: params[:depp_user][:tag],
+                                  plain_text_password: params[:depp_user][:password])
 
       unless @api_user
         @depp_user.errors.add(:base, t(:no_such_user))

app/controllers/registrar/tech_contacts_controller.rb

@@ -8,7 +8,7 @@ class Registrar
       request = Net::HTTP::Patch.new(uri)
       request.set_form_data(current_contact_id: params[:current_contact_id],
                             new_contact_id: params[:new_contact_id])
-      request.basic_auth(current_registrar_user.username, current_registrar_user.password)
+      request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password)
 
       if Rails.env.test?
         response = Net::HTTP.start(uri.hostname, uri.port,

app/models/api_user.rb

@@ -7,7 +7,7 @@ class ApiUser < User
   def epp_code_map
     {
       '2306' => [ # Parameter policy error
-        [:password, :blank]
+        [:plain_text_password, :blank]
       ]
     }
   end
@@ -20,8 +20,8 @@ class ApiUser < User
   belongs_to :registrar
   has_many :certificates
 
-  validates :username, :password, :registrar, :roles, presence: true
-  validates :password, length: { minimum: min_password_length }
+  validates :username, :plain_text_password, :registrar, :roles, presence: true
+  validates :plain_text_password, length: { minimum: min_password_length }
   validates :username, uniqueness: true
 
   delegate :code, :name, to: :registrar, prefix: true

app/views/admin/api_users/_form.haml

@@ -13,7 +13,7 @@
         .col-md-4.control-label
           = f.label :password, nil, class: 'required'
         .col-md-7
-          = f.text_field :password, required: true, class: 'form-control'
+          = f.text_field :plain_text_password, required: true, class: 'form-control'
 
       .form-group
         .col-md-4.control-label

app/views/admin/api_users/show.haml

@@ -21,7 +21,7 @@
           %dd= @api_user.username
 
           %dt= t(:password)
-          %dd= @api_user.password
+          %dd= @api_user.plain_text_password
 
           %dt= t(:registrar_name)
           %dd= link_to(@api_user.registrar, admin_registrar_path(@api_user.registrar))

db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb

@@ -0,0 +1,5 @@
+class RenameUsersPasswordToPlainTextPassword < ActiveRecord::Migration
+  def change
+    rename_column :users, :password, :plain_text_password
+  end
+end

db/structure.sql

@@ -2282,7 +2282,7 @@ ALTER SEQUENCE public.settings_id_seq OWNED BY public.settings.id;
 CREATE TABLE public.users (
     id integer NOT NULL,
     username character varying,
-    password character varying,
+    plain_text_password character varying,
     created_at timestamp without time zone,
     updated_at timestamp without time zone,
     email character varying,
@@ -4757,3 +4757,5 @@ INSERT INTO schema_migrations (version) VALUES ('20180613030330');
 
 INSERT INTO schema_migrations (version) VALUES ('20180613045614');
 
+INSERT INTO schema_migrations (version) VALUES ('20180713154915');
+

lib/tasks/import.rake

@@ -145,7 +145,7 @@ namespace :import do
           if y.try(:cert) == 'idkaart'
             id_users << ApiUser.new({
               username: y.try(:password) ? y.try(:password) : y.try(:password),
-              password: ('a'..'z').to_a.shuffle.first(8).join,
+              plain_text_password: ('a'..'z').to_a.shuffle.first(8).join,
               identity_code: y.try(:password) ? y.try(:password) : y.try(:password),
               registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id),
               roles: ['billing'],
@@ -154,7 +154,7 @@ namespace :import do
           else
             temp << ApiUser.new({
               username: x.handle.try(:strip),
-              password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join,
+              plain_text_password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join,
               registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id),
               roles: ['epp'],
               legacy_id: y.try(:id)

spec/api/repp/contact_v1_spec.rb

@@ -45,6 +45,6 @@ RSpec.describe Repp::ContactV1, db: true do
   end
 
   def http_auth_key
-    ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.password)
+    ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.plain_text_password)
   end
 end

spec/factories/api_user.rb

@@ -1,7 +1,7 @@
 FactoryBot.define do
   factory :api_user do
     sequence(:username) { |n| "test#{n}" }
-    password 'a' * ApiUser.min_password_length
+    plain_text_password 'a' * ApiUser.min_password_length
     roles ['super']
     registrar
 

spec/support/features/session_helpers.rb

@@ -13,7 +13,7 @@ module Features
       visit new_registrar_user_session_url
 
       fill_in 'depp_user_tag', with: user.username
-      fill_in 'depp_user_password', with: user.password
+      fill_in 'depp_user_password', with: user.plain_text_password
 
       click_button 'Login'
     end

spec/support/requests/session_helpers.rb

@@ -5,7 +5,7 @@ module Requests
     end
 
     def sign_in_to_registrar_area(user: create(:api_user))
-      post registrar_user_session_path, { depp_user: { tag: user.username, password: user.password } }
+      post registrar_user_session_path, { depp_user: { tag: user.username, password: user.plain_text_password } }
     end
   end
 end

test/fixtures/users.yml

@@ -1,6 +1,6 @@
 api_bestnames:
   username: test_bestnames
-  password: testtest
+  plain_text_password: testtest
   type: ApiUser
   registrar: bestnames
   active: true
@@ -9,7 +9,7 @@ api_bestnames:
 
 api_goodnames:
   username: test_goodnames
-  password: testtest
+  plain_text_password: testtest
   type: ApiUser
   registrar: goodnames
   active: true