diff --git a/app/api/repp/domain_v1.rb b/app/api/repp/domain_v1.rb
index 859cb14da..9275e611f 100644
--- a/app/api/repp/domain_v1.rb
+++ b/app/api/repp/domain_v1.rb
@@ -35,7 +35,7 @@ module Repp
error! I18n.t('errors.messages.epp_authorization_error'), 401 unless domain.auth_info.eql? request.headers['Auth-Code']
contact_repp_json = proc{|contact|
- contact.attributes.slice("code", "ident_type", "ident_country_code", "phone", "email", "street", "city", "zip","country_code", "statuses")
+ contact.attributes.slice("code", "name", "ident", "ident_type", "ident_country_code", "phone", "email", "street", "city", "zip","country_code", "statuses")
}
@response = {
diff --git a/app/controllers/admin/domain_versions_controller.rb b/app/controllers/admin/domain_versions_controller.rb
index 3af20bfb0..44a2087cd 100644
--- a/app/controllers/admin/domain_versions_controller.rb
+++ b/app/controllers/admin/domain_versions_controller.rb
@@ -6,12 +6,13 @@ class Admin::DomainVersionsController < AdminController
@domain = Domain.where(id: params[:domain_id]).includes({versions: :item}).first
@versions = @domain.versions
- if @domain.pending_json.present?
- frame = Nokogiri::XML(@domain.pending_json['frame'])
- @pending_user = User.find(@domain.pending_json['current_user_id'])
- @pending_domain = Epp::Domain.find(@domain.id)
- @pending_domain.update(frame, @pending_user, false)
- end
+ # Depricated it had to load legal document. We may do it by parsing and adding link.
+ # if @domain.pending_json.present?
+ # frame = Nokogiri::XML(@domain.pending_json['frame'])
+ # @pending_user = User.find(@domain.pending_json['current_user_id'])
+ # @pending_domain = Epp::Domain.find(@domain.id)
+ # @pending_domain.update(frame, @pending_user, false)
+ # end
end
# rubocop:enable Style/GuardClause
end
diff --git a/app/controllers/admin/pending_updates_controller.rb b/app/controllers/admin/pending_updates_controller.rb
index 960b65ee5..4d08297d7 100644
--- a/app/controllers/admin/pending_updates_controller.rb
+++ b/app/controllers/admin/pending_updates_controller.rb
@@ -9,7 +9,7 @@ class Admin::PendingUpdatesController < AdminController
if @epp_domain.apply_pending_update!
redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied)
else
- redirect_to admin_edit_domain_path(@domain.id), alert: t(:failure)
+ redirect_to edit_admin_domain_path(@domain.id), alert: t(:failure)
end
end
diff --git a/app/controllers/epp_controller.rb b/app/controllers/epp_controller.rb
index 15f6c6a49..a0e7d7dce 100644
--- a/app/controllers/epp_controller.rb
+++ b/app/controllers/epp_controller.rb
@@ -73,10 +73,7 @@ class EppController < ApplicationController
end
def schema
- # TODO: Support multiple schemas
- return DOMAIN_SCHEMA if params[:epp_object_type] == :domain
- return CONTACT_SCHEMA if params[:epp_object_type] == :contact
- EPP_SCHEMA
+ EPP_ALL_SCHEMA
end
def generate_svtrid
diff --git a/app/models/contact.rb b/app/models/contact.rb
index 20c11ae80..5181d722f 100644
--- a/app/models/contact.rb
+++ b/app/models/contact.rb
@@ -30,6 +30,7 @@ class Contact < ActiveRecord::Base
length: { maximum: 100, message: :too_long_contact_code }
validate :ident_valid_format?
validate :uniq_statuses?
+ validate :validate_html
after_initialize do
self.statuses = [] if statuses.nil?
@@ -221,6 +222,19 @@ class Contact < ActiveRecord::Base
end
end
+ def validate_html
+ self.class.columns.each do |column|
+ next unless column.type == :string
+
+ c_name = column.name
+ val = read_attribute(c_name)
+ if val && (val.include?('<') || val.include?('>') || val.include?('%3C') || val.include?('%3E'))
+ errors.add(c_name, :invalid)
+ return # want to run code faster
+ end
+ end
+ end
+
def uniq_statuses?
return true unless statuses.detect { |s| statuses.count(s) > 1 }
errors.add(:statuses, :not_uniq)
diff --git a/app/models/domain.rb b/app/models/domain.rb
index 48188065e..bba0c5ba9 100644
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@@ -590,7 +590,7 @@ class Domain < ActiveRecord::Base
def pending_registrant
return '' if pending_json.blank?
return '' if pending_json['new_registrant_id'].blank?
- Registrant.find_by(id: pending_json['new_registrant_id'].last)
+ Registrant.find_by(id: pending_json['new_registrant_id'])
end
def generate_auth_info
diff --git a/app/models/epp/contact.rb b/app/models/epp/contact.rb
index 57bf9192a..435a63dee 100644
--- a/app/models/epp/contact.rb
+++ b/app/models/epp/contact.rb
@@ -21,7 +21,7 @@ class Epp::Contact < Contact
# rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/AbcSize
- def attrs_from(frame)
+ def attrs_from(frame, new_record: false)
f = frame
at = {}.with_indifferent_access
at[:name] = f.css('postalInfo name').text if f.css('postalInfo name').present?
@@ -40,7 +40,7 @@ class Epp::Contact < Contact
if legal_frame.present?
at[:legal_documents_attributes] = legal_document_attrs(legal_frame)
end
- at.merge!(ident_attrs(f.css('ident').first))
+ at.merge!(ident_attrs(f.css('ident').first)) if new_record
at
end
# rubocop: enable Metrics/PerceivedComplexity
@@ -51,7 +51,7 @@ class Epp::Contact < Contact
return super if frame.blank?
super(
- attrs_from(frame).merge(
+ attrs_from(frame, new_record: true).merge(
code: frame.css('id').text,
registrar: registrar
)
@@ -59,10 +59,7 @@ class Epp::Contact < Contact
end
def ident_attrs(ident_frame)
- return {} if ident_frame.blank?
- return {} if ident_frame.try('text').blank?
- return {} if ident_frame.attr('type').blank?
- return {} if ident_frame.attr('cc').blank?
+ return {} unless ident_attr_valid?(ident_frame)
{
ident: ident_frame.text,
@@ -71,6 +68,15 @@ class Epp::Contact < Contact
}
end
+ def ident_attr_valid?(ident_frame)
+ return false if ident_frame.blank?
+ return false if ident_frame.try('text').blank?
+ return false if ident_frame.attr('type').blank?
+ return false if ident_frame.attr('cc').blank?
+
+ true
+ end
+
def legal_document_attrs(legal_frame)
return [] if legal_frame.blank?
return [] if legal_frame.try('text').blank?
@@ -137,7 +143,7 @@ class Epp::Contact < Contact
def update_attributes(frame)
return super if frame.blank?
at = {}.with_indifferent_access
- at.deep_merge!(self.class.attrs_from(frame.css('chg')))
+ at.deep_merge!(self.class.attrs_from(frame.css('chg'), new_record: false))
if Setting.client_status_editing_enabled
at[:statuses] = statuses - statuses_attrs(frame.css('rem'), 'rem') + statuses_attrs(frame.css('add'), 'add')
@@ -147,17 +153,26 @@ class Epp::Contact < Contact
at[:legal_documents_attributes] = self.class.legal_document_attrs(legal_frame)
self.deliver_emails = true # turn on email delivery for epp
+
# allow to update ident code for legacy contacts
- if frame.css('ident').first.present?
- if ident_updated_at.present?
- throw :epp_error, {
- code: '2306',
- msg: I18n.t(:ident_update_error)
- }
- else
- at.merge!(self.class.ident_attrs(frame.css('ident').first))
- self.ident_updated_at = Time.zone.now
+ if frame.css('ident').first
+ self.ident_updated_at ||= Time.zone.now # not in use
+ ident_frame = frame.css('ident').first
+
+ if ident_frame && ident_attr_valid?(ident_frame) && ident_country_code.blank? && ident_type.in?(%w(org priv).freeze)
+ at.merge!(ident_country_code: ident_frame.attr('cc'))
end
+
+ # Deprecated
+ # if ident_updated_at.present?
+ # throw :epp_error, {
+ # code: '2306',
+ # msg: I18n.t(:ident_update_error)
+ # }
+ # else
+ # at.merge!(self.class.ident_attrs(frame.css('ident').first))
+ # self.ident_updated_at = Time.zone.now
+ # end
end
super(at)
diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb
index afdc8e085..17bb5915d 100644
--- a/app/models/epp/domain.rb
+++ b/app/models/epp/domain.rb
@@ -515,9 +515,8 @@ class Epp::Domain < Domain
statuses.delete(DomainStatus::PENDING_DELETE_CONFIRMATION)
statuses.delete(DomainStatus::PENDING_DELETE)
DomainMailer.delete_confirmation(id, deliver_emails).deliver
-
- # TODO: confirm that this actually makes sense
- clean_pendings! if valid? && set_pending_delete!
+ clean_pendings!
+ set_pending_delete!
true
end
@@ -843,6 +842,7 @@ class Epp::Domain < Domain
def parse_legal_document_from_frame(parsed_frame)
ld = parsed_frame.css('legalDocument').first
return nil unless ld
+ return nil if ld.text.starts_with?(ENV['legal_documents_dir']) # escape reloading
{
body: ld.text,
diff --git a/config/initializers/load_schemas.rb b/config/initializers/load_schemas.rb
index 617022179..91ca113cc 100644
--- a/config/initializers/load_schemas.rb
+++ b/config/initializers/load_schemas.rb
@@ -1,3 +1 @@
-EPP_SCHEMA = Nokogiri::XML::Schema(File.read("lib/schemas/epp-1.0.xsd"))
-DOMAIN_SCHEMA = Nokogiri::XML::Schema(File.read("lib/schemas/domain-eis-1.0.xsd"))
-CONTACT_SCHEMA = Nokogiri::XML::Schema(File.read("lib/schemas/contact-eis-1.0.xsd"))
+EPP_ALL_SCHEMA = Nokogiri::XML::Schema(File.read("lib/schemas/all-ee-1.0.xsd"))
diff --git a/db/migrate/20151127091716_restore_ttl_to_zonefile2.rb b/db/migrate/20151127091716_restore_ttl_to_zonefile2.rb
new file mode 100644
index 000000000..7fbeaade2
--- /dev/null
+++ b/db/migrate/20151127091716_restore_ttl_to_zonefile2.rb
@@ -0,0 +1,168 @@
+class RestoreTtlToZonefile2 < ActiveRecord::Migration
+ # rubocop:disable Metrics/MethodLength
+ def up
+ execute <<-SQL
+ CREATE OR REPLACE FUNCTION generate_zonefile(i_origin varchar)
+ RETURNS text AS $$
+ DECLARE
+ zone_header text := concat('$ORIGIN ', i_origin, '.');
+ serial_num varchar;
+ include_filter varchar := '';
+ exclude_filter varchar := '';
+ tmp_var text;
+ ret text;
+ BEGIN
+ -- define filters
+ include_filter = '%' || i_origin;
+
+ -- for %.%.%
+ IF i_origin ~ '\\.' THEN
+ exclude_filter := '';
+ -- for %.%
+ ELSE
+ exclude_filter := '%.%.' || i_origin;
+ END IF;
+
+ SELECT ROUND(extract(epoch from now() at time zone 'utc')) INTO serial_num;
+
+ -- zonefile header
+ SELECT concat(
+ format('%-10s', '$ORIGIN .'), chr(10),
+ format('%-10s', '$TTL'), zf.ttl, chr(10), chr(10),
+ format('%-10s', i_origin || '.'), 'IN SOA ', zf.master_nameserver, '. ', zf.email, '. (', chr(10),
+ format('%-17s', ''), format('%-12s', serial_num), '; serial number', chr(10),
+ format('%-17s', ''), format('%-12s', zf.refresh), '; refresh, seconds', chr(10),
+ format('%-17s', ''), format('%-12s', zf.retry), '; retry, seconds', chr(10),
+ format('%-17s', ''), format('%-12s', zf.expire), '; expire, seconds', chr(10),
+ format('%-17s', ''), format('%-12s', zf.minimum_ttl), '; minimum TTL, seconds', chr(10),
+ format('%-17s', ''), ')'
+ ) FROM zonefile_settings zf WHERE i_origin = zf.origin INTO tmp_var;
+
+ ret = concat(tmp_var, chr(10), chr(10));
+
+ -- ns records
+ SELECT array_to_string(
+ array(
+ SELECT concat(d.name_puny, '. IN NS ', ns.hostname, '.')
+ FROM domains d
+ JOIN nameservers ns ON ns.domain_id = d.id
+ WHERE d.name LIKE include_filter AND d.name NOT LIKE exclude_filter
+ ORDER BY d.name
+ ),
+ chr(10)
+ ) INTO tmp_var;
+
+ ret := concat(ret, '; Zone NS Records', chr(10), tmp_var, chr(10), chr(10));
+
+ -- a glue records for origin nameservers
+ SELECT array_to_string(
+ array(
+ SELECT concat(ns.hostname, '. IN A ', ns.ipv4)
+ FROM nameservers ns
+ JOIN domains d ON d.id = ns.domain_id
+ WHERE d.name = i_origin
+ AND ns.hostname LIKE '%.' || d.name
+ AND ns.ipv4 IS NOT NULL AND ns.ipv4 <> ''
+ ), chr(10)
+ ) INTO tmp_var;
+
+ ret := concat(ret, '; Zone A Records', chr(10), tmp_var);
+
+ -- a glue records for other nameservers
+ SELECT array_to_string(
+ array(
+ SELECT concat(ns.hostname, '. IN A ', ns.ipv4)
+ FROM nameservers ns
+ JOIN domains d ON d.id = ns.domain_id
+ WHERE d.name LIKE include_filter AND d.name NOT LIKE exclude_filter
+ AND ns.hostname LIKE '%.' || d.name
+ AND d.name <> i_origin
+ AND ns.ipv4 IS NOT NULL AND ns.ipv4 <> ''
+ AND NOT EXISTS ( -- filter out glue records that already appeared in origin glue recrods
+ SELECT 1 FROM nameservers nsi
+ JOIN domains di ON nsi.domain_id = di.id
+ WHERE di.name = i_origin
+ AND nsi.hostname = ns.hostname
+ )
+ ), chr(10)
+ ) INTO tmp_var;
+
+ -- TODO This is a possible subtitition to the previous query, stress testing is needed to see which is faster
+
+ -- SELECT ns.*
+ -- FROM nameservers ns
+ -- JOIN domains d ON d.id = ns.domain_id
+ -- WHERE d.name LIKE '%ee' AND d.name NOT LIKE '%pri.ee'
+ -- AND ns.hostname LIKE '%.' || d.name
+ -- AND d.name <> 'ee'
+ -- AND ns.ipv4 IS NOT NULL AND ns.ipv4 <> ''
+ -- AND ns.hostname NOT IN (
+ -- SELECT ns.hostname FROM domains d JOIN nameservers ns ON d.id = ns.domain_id WHERE d.name = 'ee'
+ -- )
+
+ ret := concat(ret, chr(10), tmp_var, chr(10), chr(10));
+
+ -- aaaa glue records for origin nameservers
+ SELECT array_to_string(
+ array(
+ SELECT concat(ns.hostname, '. IN AAAA ', ns.ipv6)
+ FROM nameservers ns
+ JOIN domains d ON d.id = ns.domain_id
+ WHERE d.name = i_origin
+ AND ns.hostname LIKE '%.' || d.name
+ AND ns.ipv6 IS NOT NULL AND ns.ipv6 <> ''
+ ), chr(10)
+ ) INTO tmp_var;
+
+ ret := concat(ret, '; Zone AAAA Records', chr(10), tmp_var);
+
+ -- aaaa glue records for other nameservers
+ SELECT array_to_string(
+ array(
+ SELECT concat(ns.hostname, '. IN AAAA ', ns.ipv6)
+ FROM nameservers ns
+ JOIN domains d ON d.id = ns.domain_id
+ WHERE d.name LIKE include_filter AND d.name NOT LIKE exclude_filter
+ AND ns.hostname LIKE '%.' || d.name
+ AND d.name <> i_origin
+ AND ns.ipv6 IS NOT NULL AND ns.ipv6 <> ''
+ AND NOT EXISTS ( -- filter out glue records that already appeared in origin glue recrods
+ SELECT 1 FROM nameservers nsi
+ JOIN domains di ON nsi.domain_id = di.id
+ WHERE di.name = i_origin
+ AND nsi.hostname = ns.hostname
+ )
+ ), chr(10)
+ ) INTO tmp_var;
+
+ ret := concat(ret, chr(10), tmp_var, chr(10), chr(10));
+
+ -- ds records
+ SELECT array_to_string(
+ array(
+ SELECT concat(
+ d.name_puny, '. 3600 IN DS ', dk.ds_key_tag, ' ',
+ dk.ds_alg, ' ', dk.ds_digest_type, ' ', dk.ds_digest
+ )
+ FROM domains d
+ JOIN dnskeys dk ON dk.domain_id = d.id
+ WHERE d.name LIKE include_filter AND d.name NOT LIKE exclude_filter
+ ),
+ chr(10)
+ ) INTO tmp_var;
+
+ ret := concat(ret, '; Zone DS Records', chr(10), tmp_var, chr(10));
+
+ RETURN ret;
+ END;
+ $$
+ LANGUAGE plpgsql;
+ SQL
+ end
+
+ def down
+ execute <<-SQL
+ DROP FUNCTION generate_zonefile(i_origin varchar);
+ SQL
+ end
+end
diff --git a/doc/repp/v1/domain.md b/doc/repp/v1/domain.md
index fc417b47f..319713660 100644
--- a/doc/repp/v1/domain.md
+++ b/doc/repp/v1/domain.md
@@ -131,6 +131,8 @@ Content-Type: application/json
"domain":"ee-test.ee",
"registrant":{
"code":"EE:R1",
+ "name":"Registrant",
+ "ident":"17612535",
"ident_type":"org",
"ident_country_code":"EE",
"phone":"+372.1234567",
@@ -147,6 +149,8 @@ Content-Type: application/json
"admin_contacts":[
{
"code":"EE:A1",
+ "name":"Admin Contact",
+ "ident":"17612535376",
"ident_type":"priv",
"ident_country_code":"EE",
"phone":"+372.7654321",
@@ -164,6 +168,8 @@ Content-Type: application/json
"tech_contacts":[
{
"code":"EE:T1",
+ "name":"Tech Contact",
+ "ident":"17612536",
"ident_type":"org",
"ident_country_code":"EE",
"phone":"+372.7654321",
diff --git a/doc/schemas/all-ee-1.0.xsd b/doc/schemas/all-ee-1.0.xsd
index bd4aeba0c..5ad285c98 100644
--- a/doc/schemas/all-ee-1.0.xsd
+++ b/doc/schemas/all-ee-1.0.xsd
@@ -22,7 +22,10 @@
schemaLocation="epp-1.0.xsd"/>
+ schemaLocation="secDNS-1.1.xsd"/>
+
+
diff --git a/doc/schemas/domain-eis-1.0.xsd b/doc/schemas/domain-eis-1.0.xsd
index 3fe1188ea..b38abf9d4 100644
--- a/doc/schemas/domain-eis-1.0.xsd
+++ b/doc/schemas/domain-eis-1.0.xsd
@@ -1,447 +1,458 @@
-
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
- Extensible Provisioning Protocol v1.0
- domain provisioning schema.
-
-
+
+
+ Extensible Provisioning Protocol v1.0
+ domain provisioning schema.
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
-
-
-
+
+
+
@@ -450,9 +461,10 @@
-
-
-
-
+
+
+
+
+
diff --git a/doc/schemas/eppcom-1.0.xsd b/doc/schemas/eppcom-1.0.xsd
index d6ef94b24..3b7d5d65c 100644
--- a/doc/schemas/eppcom-1.0.xsd
+++ b/doc/schemas/eppcom-1.0.xsd
@@ -53,7 +53,7 @@ Abstract client and object identifier type.
-
+
@@ -102,4 +102,4 @@ Transfer status identifiers.
-
\ No newline at end of file
+
diff --git a/doc/schemas/keyrelay-1.0.xsd b/doc/schemas/keyrelay-1.0.xsd
new file mode 100644
index 000000000..2239754e7
--- /dev/null
+++ b/doc/schemas/keyrelay-1.0.xsd
@@ -0,0 +1,63 @@
+
+
+
+
+
+
+ Extensible Provisioning Protocol v1.0 protocol
+ extension schema for relaying DNSSEC key material.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/lib/schemas/all-ee-1.0.xsd b/lib/schemas/all-ee-1.0.xsd
new file mode 100644
index 000000000..3013daf48
--- /dev/null
+++ b/lib/schemas/all-ee-1.0.xsd
@@ -0,0 +1,46 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Extensible Provisioning Protocol v1.0
+ all schema's grouped together
+
+
+
+
diff --git a/lib/schemas/contact-1.0.xsd b/lib/schemas/contact-1.0.xsd
new file mode 100644
index 000000000..9b4c244cd
--- /dev/null
+++ b/lib/schemas/contact-1.0.xsd
@@ -0,0 +1,388 @@
+
+
+
+
+
+
+
+
+
+
+ Extensible Provisioning Protocol v1.0
+ contact provisioning schema.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/lib/schemas/contact-eis-1.0.xsd b/lib/schemas/contact-eis-1.0.xsd
index ed0596c96..cec571cec 100644
--- a/lib/schemas/contact-eis-1.0.xsd
+++ b/lib/schemas/contact-eis-1.0.xsd
@@ -10,9 +10,9 @@
-
-
-
+
+
+
diff --git a/lib/schemas/domain-1.0.xsd b/lib/schemas/domain-1.0.xsd
new file mode 100644
index 000000000..46859859e
--- /dev/null
+++ b/lib/schemas/domain-1.0.xsd
@@ -0,0 +1,432 @@
+
+
+
+
+
+
+
+
+
+
+
+ Extensible Provisioning Protocol v1.0
+ domain provisioning schema.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/lib/schemas/domain-eis-1.0.xsd b/lib/schemas/domain-eis-1.0.xsd
index eb2b420da..b38abf9d4 100644
--- a/lib/schemas/domain-eis-1.0.xsd
+++ b/lib/schemas/domain-eis-1.0.xsd
@@ -1,460 +1,458 @@
-
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
- Extensible Provisioning Protocol v1.0
- domain provisioning schema.
-
-
+
+
+ Extensible Provisioning Protocol v1.0
+ domain provisioning schema.
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
+
+
+
+
+
+
- minOccurs="0" maxOccurs="unbounded"/>
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
+
+
+
-
-
+
+
-
-
-
+
+
+
@@ -463,9 +461,10 @@
-
-
-
-
+
+
+
+
+
diff --git a/lib/schemas/eis-1.0.xsd b/lib/schemas/eis-1.0.xsd
index 8093c832d..0b2ad8f89 100644
--- a/lib/schemas/eis-1.0.xsd
+++ b/lib/schemas/eis-1.0.xsd
@@ -83,7 +83,7 @@
-
+
diff --git a/lib/schemas/epp-1.0.xsd b/lib/schemas/epp-1.0.xsd
index 448b9ae25..3609ad55d 100644
--- a/lib/schemas/epp-1.0.xsd
+++ b/lib/schemas/epp-1.0.xsd
@@ -1,443 +1,446 @@
-
+
-
-
+
-
-
- Extensible Provisioning Protocol v1.0 schema.
-
-
+
-
-
+
+
+ Extensible Provisioning Protocol v1.0 schema.
+
+
-
-
-
-
-
-
-
-
-
-
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/lib/schemas/eppcom-1.0.xsd b/lib/schemas/eppcom-1.0.xsd
index 3d1c44e44..3b7d5d65c 100644
--- a/lib/schemas/eppcom-1.0.xsd
+++ b/lib/schemas/eppcom-1.0.xsd
@@ -53,6 +53,7 @@ Abstract client and object identifier type.
+
diff --git a/lib/schemas/host-1.0.xsd b/lib/schemas/host-1.0.xsd
index 47015ec83..d4bbc043e 100644
--- a/lib/schemas/host-1.0.xsd
+++ b/lib/schemas/host-1.0.xsd
@@ -1,244 +1,238 @@
-
+ xmlns:host="urn:ietf:params:xml:ns:host-1.0"
+ xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"
+ xmlns:eppcom="urn:ietf:params:xml:ns:eppcom-1.0"
+ xmlns="http://www.w3.org/2001/XMLSchema"
+ elementFormDefault="qualified">
-
-
+
+
-
-
- Extensible Provisioning Protocol v1.0
- host provisioning schema.
-
-
+
+
+ Extensible Provisioning Protocol v1.0
+ host provisioning schema.
+
+
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
-
-
-
-
+
+
+
+
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
\ No newline at end of file
diff --git a/lib/schemas/keyrelay-1.0.xsd b/lib/schemas/keyrelay-1.0.xsd
new file mode 100644
index 000000000..2239754e7
--- /dev/null
+++ b/lib/schemas/keyrelay-1.0.xsd
@@ -0,0 +1,63 @@
+
+
+
+
+
+
+ Extensible Provisioning Protocol v1.0 protocol
+ extension schema for relaying DNSSEC key material.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/lib/schemas/secDNS-1.1.xsd b/lib/schemas/secDNS-1.1.xsd
index e9fe3f65a..a47c07a23 100644
--- a/lib/schemas/secDNS-1.1.xsd
+++ b/lib/schemas/secDNS-1.1.xsd
@@ -1,130 +1,134 @@
+ targetNamespace="urn:ietf:params:xml:ns:secDNS-1.1"
+ xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1"
+ xmlns="http://www.w3.org/2001/XMLSchema"
+ elementFormDefault="qualified">
- Extensible Provisioning Protocol v1.0
- domain name extension schema
- for provisioning DNS security (DNSSEC) extensions.
+ Extensible Provisioning Protocol v1.0
+ domain name extension schema
+ for provisioning DNS security (DNSSEC) extensions.
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/lib/tasks/import.rake b/lib/tasks/import.rake
index de9c17a44..64aa9688c 100644
--- a/lib/tasks/import.rake
+++ b/lib/tasks/import.rake
@@ -57,6 +57,7 @@ namespace :import do
Rake::Task['import:reserved'].invoke
Rake::Task['import:domains'].invoke
Rake::Task['import:zones'].invoke
+ Rake::Task['zonefile:replace_procedure'].invoke
end
desc 'Import registrars'
@@ -172,11 +173,15 @@ namespace :import do
x.acl.all.each do |y|
next if existing_ips.include?(y.ipaddr)
if !y.ipaddr.nil? && y.ipaddr != ''
- ips << WhiteIp.new({
- registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id),
- ipv4: y.ipaddr,
- interfaces: ['api', 'registrar']
- })
+
+ y.ipaddr.split(',').each do |ip|
+ ips << WhiteIp.new({
+ registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id),
+ ipv4: ip,
+ interfaces: ['api', 'registrar']
+ })
+
+ end
end
end
end
diff --git a/lib/tasks/zonefile.rake b/lib/tasks/zonefile.rake
index 510bb60c1..5cec28cc3 100644
--- a/lib/tasks/zonefile.rake
+++ b/lib/tasks/zonefile.rake
@@ -103,8 +103,8 @@ namespace :zonefile do
SELECT array_to_string(
array(
SELECT concat(
- d.name_puny, '. IN DS ', dk.ds_key_tag, ' ',
- dk.ds_alg, ' ', dk.ds_digest_type, ' ( ', dk.ds_digest, ' )'
+ d.name_puny, '. 3600 IN DS ', dk.ds_key_tag, ' ',
+ dk.ds_alg, ' ', dk.ds_digest_type, ' ', dk.ds_digest
)
FROM domains d
JOIN dnskeys dk ON dk.domain_id = d.id