Merge pull request #2768 from internetee/2594-fix-update-disputed-domains

Modified validate dispute case
2025-07-28 13:36:15 +02:00 · 2025-03-20 16:12:01 +02:00 · 2025-03-20 16:12:01 +02:00 · 39af1f75a1
commit 39af1f75a1
parent ad05aa0d36 10738995b6
2 changed files with 47 additions and 11 deletions
--- a/app/interactions/actions/domain_update.rb
+++ b/app/interactions/actions/domain_update.rb
@ -261,26 +261,26 @@ module Actions
    end

    def verify_registrant_change?
-      return validate_dispute_case if domain.disputed? && params[:reserved_pw].present?
+      return validate_dispute_case if domain.disputed?
      return false if !@changes_registrant || true?(params[:registrant][:verified])
-      return true unless domain.disputed?
-
-      domain.add_epp_error('2304', nil, nil, 'Required parameter missing; reservedpw element ' \
-                           'required for dispute domains')

      true
    end

    def validate_dispute_case
      dispute = Dispute.active.find_by(domain_name: domain.name, password: params[:reserved_pw])
-      if dispute
-        Dispute.close_by_domain(domain.name)
-        false
+      Dispute.close_by_domain(domain.name) and return false if dispute
+
+      if params[:reserved_pw].present?
+        domain.add_epp_error(
+          '2202', nil, nil, 'Invalid authorization information; invalid reserved>pw value'
+        )
      else
-        domain.add_epp_error('2202', nil, nil,
-                             'Invalid authorization information; invalid reserved>pw value')
-        true
+        domain.add_epp_error(
+          '2304', nil, nil, 'Required parameter missing; reservedpw element required for dispute domains'
+        )
      end
+      true
    end

    def commit
--- a/test/integration/repp/v1/domains/update_test.rb
+++ b/test/integration/repp/v1/domains/update_test.rb
@ -85,4 +85,40 @@ class ReppV1DomainsUpdateTest < ActionDispatch::IntegrationTest
    assert @domain.registrant.code == new_registrant.code
    refute @domain.statuses.include? DomainStatus::PENDING_UPDATE
  end
+
+  def test_adds_epp_error_when_reserved_pw_is_missing_for_disputed_domain
+    Dispute.create!(domain_name: @domain.name, password: '1234567890', starts_at: Time.zone.now, expires_at: Time.zone.now + 5.days)
+
+    @auth_headers['Content-Type'] = 'application/json'
+    payload = {
+      domain: {
+        reserved_pw: nil,
+      },
+    }
+
+    put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+    assert_equal 'Required parameter missing; reservedpw element required for dispute domains', json[:message]
+  end
+
+  def test_adds_epp_error_when_reserved_pw_is_invalid_for_disputed_domain
+    Dispute.create!(domain_name: @domain.name, password: '1234567890', starts_at: Time.zone.now, expires_at: Time.zone.now + 5.days)
+
+    @auth_headers['Content-Type'] = 'application/json'
+    payload = {
+      domain: {
+        reserved_pw: 'invalid',
+      },
+    }
+
+    put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2202, json[:code]
+    assert_equal 'Invalid authorization information; invalid reserved>pw value', json[:message]
+  end
 end