Merge branch 'master' of github.com:internetee/registry

Conflicts: app/views/layouts/application.haml config/locales/en.yml
2025-08-06 01:35:10 +02:00 · 2014-11-26 15:06:44 +02:00 · 2014-11-26 15:06:44 +02:00 · 3bb80b20d2
commit 3bb80b20d2
parent e695a6e628 623fd25134
26 changed files with 328 additions and 409 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -3,7 +3,10 @@ class SessionsController < Devise::SessionsController
    # TODO: Create ID Card login here:
    # this is just testing config
    # if Rails.env.development? || Rails.env.test?
-    @user = User.find_by(username: 'gitlab') if params[:gitlab]
+    @user = User.first if params[:user1]
+    @user = User.second if params[:user2]
+
+    return redirect_to :back, alert: 'No user' if @user.blank?

    session[:current_user_registrar_id] = Registrar.first.id if @user.admin?

--- a/app/helpers/epp/contacts_helper.rb
+++ b/app/helpers/epp/contacts_helper.rb
@ -10,7 +10,7 @@ module Epp::ContactsHelper
    # FIXME: Update returns 2303 update multiple times
    code = params_hash['epp']['command']['update']['update'][:id]
    @contact = Contact.where(code: code).first
-    if owner? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
+    if update_rights? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
      render 'epp/contacts/update'
    else
      contact_exists?(code)
@ -21,7 +21,7 @@ module Epp::ContactsHelper
  # rubocop:disable Metrics/CyclomaticComplexity
  def delete_contact
    @contact = find_contact
-    handle_errors(@contact) and return unless owner?
+    handle_errors(@contact) and return unless rights? # owner?
    handle_errors(@contact) and return unless @contact
    handle_errors(@contact) and return unless @contact.destroy_and_clean

@ -36,9 +36,8 @@ module Epp::ContactsHelper
  end

  def info_contact
-    # handle_errors and return unless rights?
-    @contact = find_contact
    handle_errors(@contact) and return unless @contact
+    handle_errors(@contact) and return unless rights?
    render 'epp/contacts/info'
  end

@ -54,19 +53,22 @@ module Epp::ContactsHelper
  ## CREATE
  def validate_contact_create_request
    @ph = params_hash['epp']['command']['create']['create']
-    xml_attrs_present?(@ph, [%w(postalInfo)])
+    return false unless validate_params
+    # xml_attrs_present?(@ph, [%w(postalInfo)])
+    xml_attrs_present?(@ph, [%w(postalInfo name), %w(postalInfo addr city), %w(postalInfo addr cc),
+                             %w(ident), %w(voice), %w(email)])

-    return epp_errors.empty? unless @ph['postalInfo'].is_a?(Hash) || @ph['postalInfo'].is_a?(Array)
+    epp_errors.empty? # unless @ph['postalInfo'].is_a?(Hash) || @ph['postalInfo'].is_a?(Array)

    # (epp_errors << Address.validate_postal_info_types(parsed_frame)).flatten!
-    xml_attrs_array_present?(@ph['postalInfo'], [%w(name), %w(addr city), %w(addr cc)])
+    # xml_attrs_array_present?(@ph['postalInfo'], [%w(name), %w(addr city), %w(addr cc)])
  end

  ## UPDATE
  def validate_contact_update_request
    @ph = params_hash['epp']['command']['update']['update']
    update_attrs_present?
-    xml_attrs_present?(@ph, [['id']])
+    xml_attrs_present?(@ph, [['id'], %w(authInfo pw)])
  end

  def contact_exists?(code)
@ -88,16 +90,20 @@ module Epp::ContactsHelper
    xml_attrs_present?(@ph, [['id']])
  end

-  ## CHECK
+  ## check
  def validate_contact_check_request
    @ph = params_hash['epp']['command']['check']['check']
    xml_attrs_present?(@ph, [['id']])
  end

-  ## INFO
-  def validate_contact_info_request
+  ## info
+  def validate_contact_info_request # and process
    @ph = params_hash['epp']['command']['info']['info']
-    xml_attrs_present?(@ph, [['id']])
+    return false unless xml_attrs_present?(@ph, [['id']])
+    @contact = find_contact
+    return false unless @contact
+    return true if current_epp_user.registrar == @contact.registrar || xml_attrs_present?(@ph, [%w(authInfo pw)])
+    false
  end

  ## SHARED
@ -123,15 +129,24 @@ module Epp::ContactsHelper
  def rights?
    pw = @ph.try(:[], :authInfo).try(:[], :pw)

-    return true if  !find_contact.nil? && find_contact.auth_info_matches(pw)
+    return true if current_epp_user.try(:registrar) == @contact.try(:registrar)
+    return true if pw && @contact.auth_info_matches(pw) # @contact.try(:auth_info_matches, pw)

    epp_errors << { code: '2201', msg: t('errors.messages.epp_authorization_error'), value: { obj: 'pw', val: pw } }
    false
  end

+  def update_rights?
+    pw = @ph.try(:[], :authInfo).try(:[], :pw)
+    return true if pw && @contact.auth_info_matches(pw)
+    epp_errors << { code: '2201', msg: t('errors.messages.epp_authorization_error'), value: { obj: 'pw', val: pw } }
+    false
+  end
+
  def contact_and_address_attributes(type = :create)
    case type
    when :update
+      # TODO: support for rem/add
      contact_hash = merge_attribute_hash(@ph[:chg], type)
    else
      contact_hash = merge_attribute_hash(@ph, type)
@ -159,4 +174,10 @@ module Epp::ContactsHelper
    Contact::IDENT_TYPES.any? { |type| return type if result.include?(type) }
    nil
  end
+
+  def validate_params
+    return true if @ph
+    epp_errors << { code: '2001', msg: t(:'errors.messages.epp_command_syntax_error') }
+    false
+  end
 end
--- a/app/models/contact.rb
+++ b/app/models/contact.rb
@ -1,7 +1,6 @@
 class Contact < ActiveRecord::Base
  # TODO: Foreign contact will get email with activation link/username/temp password
  # TODO: Phone number validation, in first phase very minimam in order to support current registries
-  # TODO: Validate presence of name

  include EppErrors

@ -18,7 +17,7 @@ class Contact < ActiveRecord::Base

  accepts_nested_attributes_for :address, :disclosure

-  validates :phone, :email, :ident, :address, :registrar, presence: true
+  validates :name, :phone, :email, :ident, :address, :registrar, presence: true

  validate :ident_must_be_valid

--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@ -99,7 +99,12 @@ class Domain < ActiveRecord::Base
  def make_snapshot
    {
      name: name,
-      status: status
+      status: status,
+      period: period,
+      period_unit: period_unit,
+      registrar_id: registrar.try(:id),
+      valid_to: valid_to,
+      valid_from: valid_from
    }
  end

--- a/app/views/admin/domain_versions/_history.haml
+++ b/app/views/admin/domain_versions/_history.haml
@ -1,56 +0,0 @@
-%tr.clickable{"data-target" => "#accordion-#{index}", "data-toggle" => "collapse"}
-  %td=version.whodunnit #contact.name if contact
-  %td=version.event #contact.ident if contact
-  %td=version.created_at #contact.email if contact
-
-%tr
-  %td{colspan: "3"}
-    .collapse{ id: "accordion-#{index}" }
-      .row
-        .col-md-6
-          %dl.dl-horizontal
-            %dt= t('shared.name')
-            %dd= domain.name
-            %dt= t('shared.status')
-            %dd= domain.status
-            %dt= t('shared.valid_from')
-            %dd= domain.valid_from
-            %dt= t('shared.valid_to')
-            %dd= domain.valid_to
-            %dt= t('shared.period')
-            %dd= domain.period
-            %dt= t('shared.period_unit')
-            %dd= domain.period_unit
-            %dt= t('shared.status')
-            %dd= domain.status
-        .col-md-6
-          %dl.dl-horizontal
-            - if domain.nameservers
-              - domain.nameservers.each do |ns|
-                %dt= t('shared.hostname')
-                %dd= ns.hostname
-                %dt= t('shared.ipv4')
-                %dd= ns.ipv4
-            - if domain.domain_statuses
-              - domain.domain_statuses.each do |ds|
-                %dt= t('shared.value')
-                %dd= ds.value
-                %dt= t('shared.description')
-                %dd= ds.description
-
-      .row
-        .col-md-12
-          - if domain.owner_contact
-            %h2= t('shared.contacts')
-            = render 'admin/contact_versions/history', contact: domain.owner_contact
-
-      .row
-        .col-md-12
-          - if domain.domain_contacts
-            .row
-              - if domain.tech_contacts
-                - domain.tech_contacts.each do |contact|
-                  = render 'admin/contact_versions/history', contact: contact
-              - if domain.admin_contacts
-                - domain.admin_contacts.each do |contact|
-                  = render 'admin/contact_versions/history', contact: contact
--- a/app/views/admin/domain_versions/_version.haml
+++ b/app/views/admin/domain_versions/_version.haml
@ -1,3 +1,18 @@
+%td{ class: changes.include?(:domain) ? 'edit-highlight' : 'no-highlight' }
+  - if children[:domain]
+    %p{:style => "font-size:x-small;"}
+      = children[:domain][:period]
+      = children[:domain][:period_unit] if children[:domain][:period]
+      - if children[:domain][:valid_to] && children[:domain][:valid_from]
+        = ","
+        = l(children[:domain][:valid_from], format: :date) + '-' + l(children[:domain][:valid_to], format: :date)
+      - if children[:domain].try(:[], :registrar_id)
+        = ","
+        = Registrar.find(children[:domain][:registrar_id]).try(:name)
+      - if children[:domain][:status]
+        = ',' + children[:domain][:status]
+
+
 %td{ class: changes.include?(:owner_contact) ? 'edit-highlight' : 'no-highlight' }
  - if children[:owner_contact]
    %p{:style => "font-size:x-small;"}
--- a/app/views/admin/domain_versions/show.haml
+++ b/app/views/admin/domain_versions/show.haml
@ -1,7 +1,7 @@
 .row
  .col-sm-6
    %h2.text-center-xs
-      = "#{t('shared.domain_history')} for " + @name.to_s
+      = "#{t(:domain_history)} for " + @name.to_s
  .col-sm-6
    %h2.text-right.text-center-xs

@ -12,6 +12,7 @@
      %table.table-hover.table-bordered.table-condensed
        %thead
          %tr
+            %th{class: 'col-xs-2'}= t(:'shared.domain_info')
            %th{class: 'col-xs-2'}= t(:'shared.owner_contact')
            %th{class: 'col-xs-2'}= t(:'shared.admin_contacts')
            %th{class: 'col-xs-2'}= t(:'shared.tech_contacts')
--- a/app/views/admin/domains/index.haml
+++ b/app/views/admin/domains/index.haml
@ -29,7 +29,6 @@
              = sort_link(@q, 'owner_contact_name', t('shared.owner'))
            %th{class: 'col-xs-2'}
              = sort_link(@q, 'valid_to', t('shared.valid_to'))
-            %th{class: 'col-xs-1'}= t('shared.history')
        %tbody
          - @domains.each do |x|
            %tr
@ -37,7 +36,6 @@
              %td= link_to(x.registrar, root_path) if x.registrar
              %td= link_to(x.owner_contact, [:admin, x.owner_contact])
              %td= l(x.valid_to, format: :short)
-              %td= button_to(t(:'shared.history'), admin_domain_version_path(x.id), method: :get)
 .row
  .col-md-12
    = paginate @domains
--- a/app/views/admin/domains/show.haml
+++ b/app/views/admin/domains/show.haml
@ -5,6 +5,8 @@
  .col-sm-6
    %h2.text-right.text-center-xs
      = link_to(t('shared.edit_statuses'), edit_admin_domain_path(@domain), class: 'btn btn-primary')
+      = link_to(t(:'shared.history'), admin_domain_version_path(@domain.id), method: :get, class: 'btn btn-primary')
+
      /= link_to(t('generate_zonefile'), zonefile_admin_domain_path(@domain), class: 'btn btn-primary')

 %hr
--- a/app/views/epp/contacts/_postal_info.xml.builder
+++ b/app/views/epp/contacts/_postal_info.xml.builder
@ -4,11 +4,11 @@ xml.tag!('contact:postalInfo', type: 'int') do
  xml.tag!('contact:org', @contact.org_name)# if @contact.disclosure.try(:int_org_name)
  #if @contact.disclosure.try(:int_addr)
  xml.tag!('contact:addr') do
-    xml.tag!('contact:street', address.street) if address.street
+    xml.tag!('contact:street', address.street) if address
    #xml.tag!('contact:street', address.street2) if address.street2
    #xml.tag!('contact:street', address.street3) if address.street3
    xml.tag!('contact:cc', address.try(:country).try(:iso)) unless address.try(:country).nil?
-    xml.tag!('contact:city', address.city)
+    xml.tag!('contact:city', address.city) if address
  end
  #end
 end
--- a/app/views/layouts/application.haml
+++ b/app/views/layouts/application.haml
@ -23,38 +23,28 @@
          = link_to APP_CONFIG['app_name'], root_path, class: 'navbar-brand'
        .navbar-collapse.collapse
          %ul.nav.navbar-nav
-            %li
-              = link_to t('shared.domains'), admin_domains_path
-            %li
-              = link_to t('shared.contacts'), admin_contacts_path
-            %li
-              = link_to t('shared.registrars'), admin_registrars_path
+            %li= link_to t('shared.domains'), admin_domains_path
+            %li= link_to t('shared.contacts'), admin_contacts_path
+            %li= link_to t('shared.registrars'), admin_registrars_path
            %li.dropdown
              %a.dropdown-toggle{"data-toggle" => "dropdown", href: "#"}
                = t('shared.settings')
                %span.caret
              %ul.dropdown-menu{role: "menu"}
                %li.dropdown-header= t('shared.system')
-                %li
-                  = link_to t('shared.settings'), admin_settings_path
-                %li
-                  = link_to t('zonefile'), admin_zonefile_settings_path
+                %li= link_to t('shared.settings'), admin_settings_path
+                %li= link_to t('zonefile'), admin_zonefile_settings_path
+                %li= link_to t(:domains_history), admin_domain_versions_path
+                %li= link_to t(:background_jobs), admin_delayed_jobs_path
+
                %li.divider
                %li.dropdown-header= t('shared.users')
-                %li
-                  = link_to t('shared.epp_users'), admin_epp_users_path
-                %li
-                  = link_to t('shared.users'), admin_users_path
-
-            %li
-              = link_to t('shared.domains_history'), admin_domain_versions_path
-
-            %li
-              = link_to t('shared.jobs'), admin_delayed_jobs_path
-
+                %li= link_to t(:admin_users), admin_users_path
+                %li= link_to t(:epp_users), admin_epp_users_path

          %ul.nav.navbar-nav.navbar-right
            %li= link_to t('shared.log_out', user: current_user), '/logout'
+
        / /.nav-collapse
    .container
      - display = (flash.empty?) ? 'none' : 'block'
--- a/app/views/layouts/client.haml
+++ b/app/views/layouts/client.haml
@ -57,7 +57,7 @@
                %span.caret
              %ul.dropdown-menu{role: "menu"}
                %li
-                  = link_to t('shared.domains_history'), client_domain_versions_path
+                  = link_to t(:domains_history'), client_domain_versions_path
                %li
                  = link_to t('shared.contacts_history'), client_contact_versions_path

--- a/app/views/layouts/login.haml
+++ b/app/views/layouts/login.haml
@ -5,7 +5,7 @@
    %meta{:content => "IE=edge", "http-equiv" => "X-UA-Compatible"}/
    %meta{:content => "width=device-width, initial-scale=1", :name => "viewport"}/
    %meta{:content => "Full stack top-level domain (TLD) management.", :name => "description"}/
-    %meta{:content => "Gitlab LTD", :name => "author"}/
+    %meta{:content => "Gitlab Ltd", :name => "author"}/
    = csrf_meta_tags
    = stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true
    = stylesheet_link_tag 'login', media: 'all', 'data-turbolinks-track' => true
@ -22,5 +22,8 @@
        %hr
        / TODO: Refactor this when ID card login is done
        - if can? :create, :admin_session
-          = button_to 'ID card (gitlab)', 'sessions',
-            class: 'btn btn-lg btn-primary btn-block', name: 'gitlab'
+          = button_to 'ID card (user1)', 'sessions',
+            class: 'btn btn-lg btn-primary btn-block', name: 'user1'
+          = button_to 'ID card (user2)', 'sessions',
+            class: 'btn btn-lg btn-primary btn-block', name: 'user2'
+