Merge branch 'master' into improve-registrant-area

# Conflicts:
#	test/fixtures/contacts.yml

test/fixtures/contacts.yml

@@ -17,7 +17,7 @@ william: &william
   email: william@inbox.test
   phone: '+555.555'
   fax: '+666.6'
-  ident: 1234
+  ident: 12345
   ident_type: priv
   ident_country_code: US
   registrar: bestnames
@@ -36,7 +36,7 @@ jane:
   name: Jane
   email: jane@mail.test
   phone: '+555.555'
-  ident: 1234
+  ident: 123456
   ident_type: priv
   ident_country_code: US
   registrar: bestnames
@@ -48,7 +48,7 @@ acme_ltd:
   name: Acme Ltd
   email: acme@outlook.test
   phone: '+555.555'
-  ident: 1234
+  ident: 1234567
   ident_type: org
   registrar: bestnames
   ident_country_code: US
@@ -60,7 +60,7 @@ jack:
   name: Jack
   email: jack@inbox.test
   phone: '+555.555'
-  ident: 12345
+  ident: 12345678
   ident_type: org
   registrar: goodnames
   ident_country_code: US
@@ -89,4 +89,4 @@ invalid:
   email: invalid@invalid.test
   auth_info: any
   registrar: bestnames
-  uuid: bd80c0f9-26ee-49e0-a2cb-2311d931c433
+  uuid: bd80c0f9-26ee-49e0-a2cb-2311d931c433

test/fixtures/domain_contacts.yml

@@ -28,11 +28,36 @@ airport_william_tech:
   contact: william
   type: TechDomainContact
 
-library_john:
+library_acme_admin:
+  domain: library
+  contact: acme_ltd
+  type: AdminDomainContact
+
+library_john_tech:
   domain: library
   contact: john
+  type: TechDomainContact
+
+metro_jack_admin:
+  domain: metro
+  contact: jack
   type: AdminDomainContact
 
+metro_jack_tech:
+  domain: metro
+  contact: jack
+  type: TechDomainContact
+
+hospital_john_admin:
+  domain: hospital
+  contact: john
+  type: AdminDomainContact
+
+hospital_john_tech:
+  domain: hospital
+  contact: john
+  type: TechDomainContact
+
 invalid_invalid_admin:
   domain: invalid
   contact: invalid

test/integration/api/registrant/registrant_api_registry_locks_test.rb

@@ -0,0 +1,131 @@
+require 'test_helper'
+require 'auth_token/auth_token_creator'
+
+class RegistrantApiRegistryLocksTest < ApplicationIntegrationTest
+  def setup
+    super
+
+    @original_registry_time = Setting.days_to_keep_business_registry_cache
+    Setting.days_to_keep_business_registry_cache = 1
+    travel_to Time.zone.parse('2010-07-05')
+
+    @user = users(:registrant)
+    @domain = domains(:airport)
+    @auth_headers = { 'HTTP_AUTHORIZATION' => auth_token }
+  end
+
+  def teardown
+    super
+
+    Setting.days_to_keep_business_registry_cache = @original_registry_time
+    travel_back
+  end
+
+  def test_can_lock_a_not_locked_domain
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+
+    @domain.reload
+    assert(@domain.locked_by_registrant?)
+  end
+
+  def test_locking_a_domain_creates_a_version_record
+    assert_difference '@domain.versions.count', 1 do
+      post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+           {}, @auth_headers
+    end
+
+    @domain.reload
+    assert_equal(@domain.updator, @user)
+  end
+
+  def test_cannot_lock_a_domain_in_pending_state
+    @domain.statuses << DomainStatus::PENDING_UPDATE
+    @domain.save
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_cannot_lock_an_already_locked_domain
+    @domain.apply_registry_lock
+    assert(@domain.locked_by_registrant?)
+
+    post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json)
+  end
+
+  def test_can_unlock_a_locked_domain
+    @domain.apply_registry_lock
+
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert(response_json[:statuses].include?(DomainStatus::OK))
+    @domain.reload
+    refute(@domain.locked_by_registrant?)
+  end
+
+  def test_cannot_unlock_a_not_locked_domain
+    delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(422, response.status)
+    assert_equal({ errors: [{ base: ['Domain is not locked'] }] }, response_json)
+  end
+
+  def test_returns_404_when_domain_is_not_found
+    post '/api/v1/registrant/domains/random-uuid/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(404, response.status)
+    assert_equal({ errors: [{ base: ['Domain not found'] }] }, response_json)
+  end
+
+  def test_technical_contact_cannot_lock_a_domain
+    post '/api/v1/registrant/domains/647bcc48-8d5e-4a04-8ce5-2a3cd17b6eab/registry_lock',
+         {}, @auth_headers
+
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal(401, response.status)
+    assert_equal({ errors: [{ base: ['Only administrative contacts can manage registry locks'] }] },
+                 response_json)
+  end
+
+  def test_registrant_can_lock_a_domain
+    post '/api/v1/registrant/domains/1b3ee442-e8fe-4922-9492-8fcb9dccc69c/registry_lock',
+         {}, @auth_headers
+
+    assert_equal(200, response.status)
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED))
+    assert(response_json[:statuses].include?(DomainStatus::SERVER_UPDATE_PROHIBITED))
+  end
+
+  private
+
+  def auth_token
+    token_creator = AuthTokenCreator.create_with_defaults(@user)
+    hash = token_creator.token_in_hash
+    "Bearer #{hash[:access_token]}"
+  end
+end

test/integration/epp/domain/domain_delete_test.rb

@@ -1,6 +1,10 @@
 require 'test_helper'
 
 class EppDomainDeleteTest < ApplicationIntegrationTest
+  def setup
+    @domain = domains(:shop)
+  end
+
   def test_bypasses_domain_and_registrant_and_contacts_validation
     request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@@ -27,7 +31,9 @@ class EppDomainDeleteTest < ApplicationIntegrationTest
   end
 
   def test_discarded_domain_cannot_be_deleted
-    domains(:shop).discard
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    @domain.discard
 
     request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@@ -51,5 +57,6 @@ class EppDomainDeleteTest < ApplicationIntegrationTest
       post '/epp/command/delete', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
     end
     assert_equal '2105', Nokogiri::XML(response.body).at_css('result')[:code]
+    travel_back
   end
 end

test/integration/epp/domain/domain_update_test.rb

@@ -1,6 +1,10 @@
 require 'test_helper'
 
 class EppDomainUpdateTest < ApplicationIntegrationTest
+  def setup
+    @domain = domains(:shop)
+  end
+
   def test_update_domain
     request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@@ -21,13 +25,16 @@ class EppDomainUpdateTest < ApplicationIntegrationTest
     XML
 
     post '/epp/command/update', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
-    assert_equal 'f0ff7d17b0', domains(:shop).transfer_code
+    @domain.reload
+    assert_equal 'f0ff7d17b0', @domain.transfer_code
     assert_equal '1000', Nokogiri::XML(response.body).at_css('result')[:code]
     assert_equal 1, Nokogiri::XML(response.body).css('result').size
   end
 
   def test_discarded_domain_cannot_be_updated
-    domains(:shop).discard
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    @domain.discard
 
     request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@@ -44,5 +51,6 @@ class EppDomainUpdateTest < ApplicationIntegrationTest
 
     post '/epp/command/update', { frame: request_xml }, 'HTTP_COOKIE' => 'session=api_bestnames'
     assert_equal '2105', Nokogiri::XML(response.body).at_css('result')[:code]
+    travel_back
   end
 end

test/integration/epp/domain/transfer/request_test.rb

@@ -1,12 +1,17 @@
 require 'test_helper'
 
 class EppDomainTransferRequestTest < ApplicationIntegrationTest
-  setup do
+  def setup
     @domain = domains(:shop)
     @new_registrar = registrars(:goodnames)
+    @original_transfer_wait_time = Setting.transfer_wait_time
     Setting.transfer_wait_time = 0
   end
 
+  def teardown
+    Setting.transfer_wait_time = @original_transfer_wait_time
+  end
+
   def test_transfers_domain_at_once
     post '/epp/command/transfer', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_goodnames' }
     assert_equal '1000', Nokogiri::XML(response.body).at_css('result')[:code]
@@ -75,14 +80,17 @@ class EppDomainTransferRequestTest < ApplicationIntegrationTest
     assert_equal '2304', Nokogiri::XML(response.body).at_css('result')[:code]
   end
 
-  def test_discarded_domain
-    @domain.update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+  def test_discarded_domain_cannot_be_transferred
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    @domain.discard
 
     post '/epp/command/transfer', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_goodnames' }
     @domain.reload
 
     assert_equal registrars(:bestnames), @domain.registrar
     assert_equal '2105', Nokogiri::XML(response.body).at_css('result')[:code]
+    travel_back
   end
 
   def test_same_registrar

test/integration/tasks/discard_domain_test.rb

@@ -0,0 +1,51 @@
+require 'test_helper'
+
+class DiscardDomainTaskTest < TaskTestCase
+  setup do
+    travel_to Time.zone.parse('2010-07-05 08:00')
+    @domain = domains(:shop)
+  end
+
+  def test_discard_domains_with_past_delete_at
+    @domain.update!(delete_at: Time.zone.parse('2010-07-05 07:59'))
+    Rake::Task['domain:discard'].execute
+    @domain.reload
+    assert @domain.discarded?
+  end
+
+  def test_ignore_domains_with_delete_at_in_the_future_or_now
+    @domain.update!(delete_at: Time.zone.parse('2010-07-05 08:00'))
+    Rake::Task['domain:discard'].execute
+    @domain.reload
+    refute @domain.discarded?
+  end
+
+  def test_ignore_already_discarded_domains
+    @domain.update!(delete_at: Time.zone.parse('2010-07-05 07:59'))
+    @domain.discard
+
+    job_count = lambda do
+      QueJob.where("args->>0 = '#{@domain.id}'", job_class: DomainDeleteJob.name).count
+    end
+
+    assert_no_difference job_count, 'A domain should not be discarded again' do
+      Rake::Task['domain:discard'].execute
+    end
+  end
+
+  def test_ignore_domains_with_server_delete_prohibited_status
+    @domain.update!(delete_at: Time.zone.parse('2010-07-05 07:59'),
+                    statuses: [DomainStatus::SERVER_DELETE_PROHIBITED])
+    Rake::Task['domain:discard'].execute
+    @domain.reload
+    refute @domain.discarded?
+  end
+
+  def test_show_results
+    @domain.update!(delete_at: Time.zone.parse('2010-07-05 07:59'))
+    $stdout = StringIO.new
+
+    Rake::Task['domain:discard'].execute
+    assert_equal "shop.test is discarded\nDiscarded total: 1\n", $stdout.string
+  end
+end

test/models/domain/deletable_test.rb

@@ -1,14 +0,0 @@
-require 'test_helper'
-
-class DomainDeletableTest < ActiveSupport::TestCase
-  setup do
-    @domain = domains(:shop)
-  end
-
-  def test_discard
-    refute @domain.discarded?
-    @domain.discard
-    @domain.reload
-    assert @domain.discarded?
-  end
-end

test/models/domain/discardable_test.rb

@@ -0,0 +1,63 @@
+require 'test_helper'
+
+class DomainDiscardableTest < ActiveSupport::TestCase
+  setup do
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    @domain = domains(:shop)
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+  end
+
+  teardown do
+    travel_back
+  end
+
+  def test_discarding_a_domain_persists_the_state
+    @domain.discard
+    @domain.reload
+    assert @domain.discarded?
+  end
+
+  def test_discarding_a_domain_schedules_deletion_at_random_time
+    @domain.discard
+    other_domain = domains(:airport)
+    other_domain.delete_at = Time.zone.parse('2010-07-04')
+    other_domain.discard
+
+    background_job = QueJob.find_by("args->>0 = '#{@domain.id}'", job_class: DomainDeleteJob.name)
+    other_background_job = QueJob.find_by("args->>0 = '#{other_domain.id}'",
+                                          job_class: DomainDeleteJob.name)
+    assert_not_equal background_job.run_at, other_background_job.run_at
+  end
+
+  def test_discarding_a_domain_bypasses_validation
+    domain = domains(:invalid)
+    domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    domain.discard
+    domain.reload
+    assert domain.discarded?
+  end
+
+  def test_domain_cannot_be_discarded_repeatedly
+    @domain.discard
+
+    exception = assert_raises do
+      @domain.discard
+    end
+    assert_equal 'Domain is already discarded', exception.message
+  end
+
+  def test_keeping_a_domain_bypasses_validation
+    domain = domains(:invalid)
+    domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    domain.discard
+    domain.keep
+    domain.reload
+    assert_not domain.discarded?
+  end
+
+  def test_keeping_a_domain_cancels_domain_deletion
+    @domain.discard
+    @domain.keep
+    assert_nil QueJob.find_by("args->>0 = '#{@domain.id}'", job_class: DomainDeleteJob.name)
+  end
+end

test/models/domain/domain_version_test.rb

@@ -0,0 +1,52 @@
+require 'test_helper'
+
+class DomainVersionTest < ActiveSupport::TestCase
+  def setup
+    super
+
+    @domain = domains(:shop)
+    @contacts = @domain.contacts
+    @user = users(:registrant)
+  end
+
+  def teardown
+    super
+  end
+
+  def test_assigns_creator_to_paper_trail_whodunnit
+    duplicate_domain = prepare_duplicate_domain
+
+    PaperTrail.whodunnit = @user.id_role_username
+    assert_difference 'duplicate_domain.versions.count', 1 do
+      duplicate_domain.save!
+    end
+
+    assert_equal(duplicate_domain.creator, @user)
+    assert_equal(duplicate_domain.updator, @user)
+    assert_equal(duplicate_domain.creator_str, @user.id_role_username)
+    assert_equal(duplicate_domain.updator_str, @user.id_role_username)
+  end
+
+  def test_assigns_updator_to_paper_trail_whodunnit
+    PaperTrail.whodunnit = @user.id_role_username
+
+    assert_difference '@domain.versions.count', 1 do
+      @domain.apply_registry_lock
+    end
+
+    assert_equal(@domain.updator, @user)
+    assert_equal(@domain.updator_str, @user.id_role_username)
+  end
+
+  private
+
+  def prepare_duplicate_domain
+    duplicate_domain = @domain.dup
+    duplicate_domain.tech_contacts << @contacts
+    duplicate_domain.admin_contacts << @contacts
+    duplicate_domain.name = 'duplicate.test'
+    duplicate_domain.uuid = nil
+
+    duplicate_domain
+  end
+end

test/models/domain/force_delete_test.rb

@@ -1,7 +1,7 @@
 require 'test_helper'
 
 class DomainForceDeleteTest < ActiveSupport::TestCase
-  def setup
+  setup do
     @domain = domains(:shop)
   end
 
@@ -74,7 +74,7 @@ class DomainForceDeleteTest < ActiveSupport::TestCase
   end
 
   def test_force_delete_cannot_be_scheduled_when_a_domain_is_discarded
-    @domain.discard
+    @domain.update!(statuses: [DomainStatus::DELETE_CANDIDATE])
     assert_raises StandardError do
       @domain.schedule_force_delete
     end

test/models/domain/registry_lockable_test.rb

@@ -0,0 +1,72 @@
+require 'test_helper'
+
+class DomainRegistryLockableTest < ActiveSupport::TestCase
+  def setup
+    super
+
+    @domain = domains(:airport)
+  end
+
+  def test_registry_lock_on_lockable_domain
+    refute(@domain.locked_by_registrant?)
+    @domain.apply_registry_lock
+
+    assert_equal(
+      [DomainStatus::SERVER_UPDATE_PROHIBITED,
+       DomainStatus::SERVER_DELETE_PROHIBITED,
+       DomainStatus::SERVER_TRANSFER_PROHIBITED],
+      @domain.statuses
+    )
+
+    assert(@domain.locked_by_registrant?)
+    assert(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_applied_twice
+    @domain.apply_registry_lock
+    refute(@domain.apply_registry_lock)
+    assert(@domain.locked_by_registrant?)
+    assert(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_applied_on_pending_statuses
+    @domain.statuses << DomainStatus::PENDING_RENEW
+    refute(@domain.apply_registry_lock)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_remove_registry_lock_on_locked_domain
+    @domain.apply_registry_lock
+
+    assert_equal(
+      [DomainStatus::SERVER_UPDATE_PROHIBITED,
+       DomainStatus::SERVER_DELETE_PROHIBITED,
+       DomainStatus::SERVER_TRANSFER_PROHIBITED],
+      @domain.statuses
+    )
+
+    @domain.remove_registry_lock
+
+    assert_equal(["ok"], @domain.statuses)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_remove_registry_lock_on_non_locked_domain
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.remove_registry_lock)
+
+    assert_equal([], @domain.statuses)
+    refute(@domain.locked_by_registrant?)
+    refute(@domain.locked_by_registrant_at)
+  end
+
+  def test_registry_lock_cannot_be_removed_if_statuses_were_set_by_admin
+    @domain.statuses << DomainStatus::SERVER_UPDATE_PROHIBITED
+    @domain.statuses << DomainStatus::SERVER_DELETE_PROHIBITED
+    @domain.statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED
+
+    refute(@domain.remove_registry_lock)
+  end
+end

test/models/registrant_user/registrant_user_creation_test.rb

@@ -0,0 +1,56 @@
+require 'test_helper'
+
+class RegistrantUserCreationTest < ActiveSupport::TestCase
+  def test_find_or_create_by_api_data_creates_a_user
+    user_data = {
+      ident: '37710100070',
+      first_name: 'JOHN',
+      last_name: 'SMITH'
+    }
+
+    RegistrantUser.find_or_create_by_api_data(user_data)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_api_data_creates_a_user_after_upcasing_input
+    user_data = {
+      ident: '37710100070',
+      first_name: 'John',
+      last_name: 'Smith'
+    }
+
+    RegistrantUser.find_or_create_by_api_data(user_data)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_mid_data_creates_a_user
+    user_data = OpenStruct.new(user_country: 'EE', user_id_code: '37710100070',
+                               user_givenname: 'JOHN', user_surname: 'SMITH')
+
+    RegistrantUser.find_or_create_by_mid_data(user_data)
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_idc_with_legacy_header_creates_a_user
+    header = '/C=EE/O=ESTEID/OU=authentication/CN=SMITH,JOHN,37710100070/SN=SMITH/GN=JOHN/serialNumber=37710100070'
+
+    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
+  def test_find_or_create_by_idc_with_rfc2253_header_creates_a_user
+    header = 'serialNumber=37710100070,GN=JOHN,SN=SMITH,CN=SMITH\\,JOHN\\,37710100070,OU=authentication,O=ESTEID,C=EE'
+
+    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+end

test/models/registrant_user_test.rb

@@ -1,62 +1,38 @@
+require 'test_helper'
+
 class RegistrantUserTest < ActiveSupport::TestCase
   def setup
     super
+
+    @user = users(:registrant)
   end
 
   def teardown
     super
   end
 
-  def test_find_or_create_by_api_data_creates_a_user
-    user_data = {
-      ident: '37710100070',
-      first_name: 'JOHN',
-      last_name: 'SMITH'
-    }
+  def test_domains_returns_an_list_of_distinct_domains_associated_with_a_specific_id_code
+    domain_names = @user.domains.pluck(:name)
+    assert_equal(4, domain_names.length)
 
-    RegistrantUser.find_or_create_by_api_data(user_data)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+    # User is a registrant, but not a contact for the domain. Should be included in the list.
+    assert(domain_names.include?('shop.test'))
   end
 
-  def test_find_or_create_by_api_data_creates_a_user_after_upcasing_input
-    user_data = {
-      ident: '37710100070',
-      first_name: 'John',
-      last_name: 'Smith'
-    }
+  def test_administered_domains_returns_a_list_of_domains
+    domain_names = @user.administered_domains.pluck(:name)
+    assert_equal(3, domain_names.length)
 
-    RegistrantUser.find_or_create_by_api_data(user_data)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+    # User is a tech contact for the domain.
+    refute(domain_names.include?('library.test'))
   end
 
-  def test_find_or_create_by_mid_data_creates_a_user
-    user_data = OpenStruct.new(user_country: 'EE', user_id_code: '37710100070',
-                              user_givenname: 'JOHN', user_surname: 'SMITH')
-
-    RegistrantUser.find_or_create_by_mid_data(user_data)
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+  def test_contacts_returns_an_list_of_contacts_associated_with_a_specific_id_code
+    assert_equal(1, @user.contacts.count)
   end
 
-  def test_find_or_create_by_idc_with_legacy_header_creates_a_user
-    header = '/C=EE/O=ESTEID/OU=authentication/CN=SMITH,JOHN,37710100070/SN=SMITH/GN=JOHN/serialNumber=37710100070'
-
-    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
-  end
-
-  def test_find_or_create_by_idc_with_rfc2253_header_creates_a_user
-    header = 'serialNumber=37710100070,GN=JOHN,SN=SMITH,CN=SMITH\\,JOHN\\,37710100070,OU=authentication,O=ESTEID,C=EE'
-
-    RegistrantUser.find_or_create_by_idc_data(header, RegistrantUser::ACCEPTED_ISSUER)
-
-    user = User.find_by(registrant_ident: 'EE-37710100070')
-    assert_equal('JOHN SMITH', user.username)
+  def test_ident_and_country_code_helper_methods
+    assert_equal('1234', @user.ident)
+    assert_equal('US', @user.country_code)
   end
 end

test/system/admin_area/contact_versions_test.rb

@@ -21,8 +21,8 @@ class ContactVersionsTest < ApplicationSystemTestCase
       VALUES (75, 'test_registrar', 'test123', 'test@test.com', 'EE', 'TEST123',
       'test123', 'en');
 
-      INSERT INTO contacts (id, code, auth_info, registrar_id)
-      VALUES (75, 'test_code', '8b4d462aa04194ca78840a', 75);
+      INSERT INTO contacts (id, code, email, auth_info, registrar_id)
+      VALUES (75, 'test_code', 'test@inbox.test', '8b4d462aa04194ca78840a', 75);
 
       INSERT INTO log_contacts (item_type, item_id, event, whodunnit, object,
       object_changes, created_at, session, children, ident_updated_at, uuid)

test/system/admin_area/domain_versions_test.rb

@@ -21,8 +21,8 @@ class DomainVersionsTest < ApplicationSystemTestCase
       VALUES (54, 'test_registrar', 'test123', 'test@test.com', 'EE', 'TEST123',
       'test123', 'en');
 
-      INSERT INTO contacts (id, code, auth_info, registrar_id)
-      VALUES (54, 'test_code', '8b4d462aa04194ca78840a', 54);
+      INSERT INTO contacts (id, code, email, auth_info, registrar_id)
+      VALUES (54, 'test_code', 'test@inbox.test', '8b4d462aa04194ca78840a', 54);
 
       INSERT INTO domains (id, registrar_id, valid_to, registrant_id,
       transfer_code)

test/system/admin_area/domains/details_test.rb

@@ -7,9 +7,14 @@ class AdminAreaDomainDetailsTest < ApplicationSystemTestCase
   end
 
   def test_discarded_domain_has_corresponding_label
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+
     visit admin_domain_url(@domain)
     assert_no_css 'span.label.label-warning', text: 'deleteCandidate'
+
     @domain.discard
+
     visit admin_domain_url(@domain)
     assert_css 'span.label.label-warning', text: 'deleteCandidate'
   end

test/system/admin_area/domains/force_delete_test.rb

@@ -56,7 +56,7 @@ class AdminAreaDomainForceDeleteTest < ApplicationSystemTestCase
   end
 
   def test_force_delete_procedure_cannot_be_scheduled_on_a_discarded_domain
-    @domain.discard
+    @domain.update!(statuses: [DomainStatus::DELETE_CANDIDATE])
 
     visit edit_admin_domain_url(@domain)
     assert_no_button 'Schedule force delete'

test/system/admin_area/domains/registry_lock_test.rb

@@ -0,0 +1,57 @@
+require 'test_helper'
+
+class AdminAreaRegistryLockTest < JavaScriptApplicationSystemTestCase
+  def setup
+    super
+    WebMock.allow_net_connect!
+
+    sign_in users(:admin)
+    travel_to Time.zone.parse('2010-07-05 00:30:00')
+    @domain = domains(:airport)
+  end
+
+  def teardown
+    travel_back
+  end
+
+  def test_does_not_have_link_when_domain_is_not_locked
+    visit edit_admin_domain_path(@domain)
+    click_link_or_button('Actions')
+    refute(page.has_link?('Remove registry lock'))
+  end
+
+  def test_can_remove_registry_lock_from_a_domain
+    @domain.apply_registry_lock
+
+    visit edit_admin_domain_path(@domain)
+    click_link_or_button('Actions')
+    assert(page.has_link?('Remove registry lock'))
+
+    accept_confirm('Are you sure you want to remove the registry lock?') do
+      click_link_or_button('Remove registry lock')
+    end
+
+    assert_text('Registry lock removed')
+
+    @domain.reload
+    refute @domain.locked_by_registrant?
+  end
+
+  def test_cannot_remove_registry_lock_from_not_locked_domain
+    @domain.apply_registry_lock
+    visit edit_admin_domain_path(@domain)
+    @domain.remove_registry_lock
+
+    refute @domain.locked_by_registrant?
+
+    click_link_or_button('Actions')
+    assert(page.has_link?('Remove registry lock'))
+
+    accept_confirm('Are you sure you want to remove the registry lock?') do
+      click_link_or_button('Remove registry lock')
+    end
+
+    assert_text('Registry lock could not be removed')
+    refute @domain.locked_by_registrant?
+  end
+end

test/system/admin_area/domains_test.rb

@@ -3,11 +3,41 @@ require 'test_helper'
 class AdminDomainsTestTest < ApplicationSystemTestCase
   setup do
     sign_in users(:admin)
+    travel_to Time.zone.parse('2010-07-05 00:30:00')
+    @domain = domains(:shop)
+  end
+
+  teardown do
+    travel_back
   end
 
   def test_shows_details
-    domain = domains(:shop)
-    visit admin_domain_path(domain)
-    assert_field nil, with: domain.transfer_code
+    visit admin_domain_path(@domain)
+    assert_field nil, with: @domain.transfer_code
+  end
+
+  def test_admin_registry_lock_date
+    visit admin_domain_path(@domain)
+    refute_text 'Registry lock time 2010-07-05 00:30'
+
+    lockable_domain = domains(:airport)
+    lockable_domain.apply_registry_lock
+
+    visit admin_domain_path(lockable_domain)
+    assert_text 'Registry lock time 2010-07-05 00:30'
+    assert_text 'registryLock'
+  end
+
+  def test_keep_a_domain
+    @domain.delete_at = Time.zone.parse('2010-07-05 10:00')
+    @domain.discard
+
+    visit edit_admin_domain_url(@domain)
+    click_link_or_button 'Remove deleteCandidate status'
+    @domain.reload
+
+    assert_not @domain.discarded?
+    assert_text 'deleteCandidate status has been removed'
+    assert_no_link 'Remove deleteCandidate status'
   end
 end