From e50cf7d2001b0d96a3a01af894b1601e20220fe6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Wed, 12 Feb 2020 15:33:22 +0200 Subject: [PATCH 1/8] Registrar: Allow to view other contacts of domain --- app/controllers/registrant/contacts_controller.rb | 3 ++- app/models/contact.rb | 11 ++++++++--- app/views/registrant/contacts/show/_domains.html.erb | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/app/controllers/registrant/contacts_controller.rb b/app/controllers/registrant/contacts_controller.rb index af7136ce9..e690b50f4 100644 --- a/app/controllers/registrant/contacts_controller.rb +++ b/app/controllers/registrant/contacts_controller.rb @@ -5,7 +5,8 @@ class Registrant::ContactsController < RegistrantController skip_authorization_check only: %i[edit update] def show - @contact = current_user_contacts.find(params[:id]) + @contact = domain.contacts.find(params[:id]) + @requester_contact = domain.contacts.find_by(ident: current_registrant_user.ident).id authorize! :read, @contact end diff --git a/app/models/contact.rb b/app/models/contact.rb index 558292dbd..ddf39c9bb 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -415,7 +415,7 @@ class Contact < ApplicationRecord # if total is smaller than needed, the load more # we also need to sort by valid_to # todo: extract to drapper. Then we can remove Domain#roles - def all_domains(page: nil, per: nil, params:) + def all_domains(page: nil, per: nil, params:, requester:) # compose filter sql filter_sql = case params[:domain_filter] when "Registrant".freeze @@ -431,9 +431,14 @@ class Contact < ApplicationRecord sort = Domain.column_names.include?(sorts.first) ? sorts.first : "valid_to" order = {"asc"=>"desc", "desc"=>"asc"}[sorts.second] || "desc" - # fetch domains - domains = Domain.where("domains.id IN (#{filter_sql})") + if requester + requester_domains = Contact.find(requester).domains + domains = requester_domains.where("domains.id IN (#{filter_sql})") + else + domains = Domain.where("domains.id IN (#{filter_sql})") + end + domains = domains.includes(:registrar).page(page).per(per) if sorts.first == "registrar_name".freeze diff --git a/app/views/registrant/contacts/show/_domains.html.erb b/app/views/registrant/contacts/show/_domains.html.erb index 167ab1240..d783b55b2 100644 --- a/app/views/registrant/contacts/show/_domains.html.erb +++ b/app/views/registrant/contacts/show/_domains.html.erb @@ -1,5 +1,5 @@ <% domains = contact.all_domains(page: params[:domain_page], per: 20, - params: domain_filter_params.to_h) %> + params: domain_filter_params.to_h, requester: @requester_contact) %>
From 53c466e6e5dd95d1d29503d2b88b4b41c0917cfc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Mon, 4 May 2020 14:53:50 +0300 Subject: [PATCH 2/8] Default fixture for business addr --- app/models/contact.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/models/contact.rb b/app/models/contact.rb index ac6facbe8..aa2f32140 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -260,8 +260,8 @@ class Contact < ApplicationRecord private def registrant_user_indirect_contacts(registrant_user) - ident = registrant_user.companies.collect(&:registration_number) - + # ident = registrant_user.companies.collect(&:registration_number) + ident = [1234] where(ident_type: ORG, ident: ident, ident_country_code: registrant_user.country.alpha2) From 7930c4d8b69392578dfd95ccc0f01f4bb216773d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Mon, 4 May 2020 15:38:48 +0300 Subject: [PATCH 3/8] Show only domains for contact that requester contact has access to --- app/models/contact.rb | 76 +++++++++++++++++++++++++------------------ 1 file changed, 45 insertions(+), 31 deletions(-) diff --git a/app/models/contact.rb b/app/models/contact.rb index aa2f32140..488e72335 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -260,8 +260,8 @@ class Contact < ApplicationRecord private def registrant_user_indirect_contacts(registrant_user) - # ident = registrant_user.companies.collect(&:registration_number) - ident = [1234] + ident = registrant_user.companies.collect(&:registration_number) + where(ident_type: ORG, ident: ident, ident_country_code: registrant_user.country.alpha2) @@ -416,49 +416,63 @@ class Contact < ApplicationRecord # we also need to sort by valid_to # todo: extract to drapper. Then we can remove Domain#roles def all_domains(page: nil, per: nil, params:, requester:) - # compose filter sql - filter_sql = case params[:domain_filter] - when "Registrant".freeze - %Q{select id from domains where registrant_id=#{id}} - when AdminDomainContact.to_s, TechDomainContact.to_s - %Q{select domain_id from domain_contacts where contact_id=#{id} AND type='#{params[:domain_filter]}'} - else - %Q{select domain_id from domain_contacts where contact_id=#{id} UNION select id from domains where registrant_id=#{id}} - end + filter_sql = qualified_domain_ids(params[:domain_filter]) # get sorting rules sorts = params.fetch(:sort, {}).first || [] - sort = Domain.column_names.include?(sorts.first) ? sorts.first : "valid_to" - order = {"asc"=>"desc", "desc"=>"asc"}[sorts.second] || "desc" + sort = %w[name registrar_name valid_to].include?(sorts.first) ? sorts.first : 'valid_to' + order = %w[asc desc].include?(sorts.second) ? sorts.second : 'desc' # fetch domains - if requester - requester_domains = Contact.find(requester).domains - domains = requester_domains.where("domains.id IN (#{filter_sql})") - else - domains = Domain.where("domains.id IN (#{filter_sql})") - end - + domains = qualified_domain_name_list(requester, filter_sql) domains = domains.includes(:registrar).page(page).per(per) - if sorts.first == "registrar_name".freeze - # using small rails hack to generate outer join - domains = domains.includes(:registrar).where.not(registrars: {id: nil}).order("registrars.name #{order} NULLS LAST") - else - domains = domains.order("#{sort} #{order} NULLS LAST") - end - - + # using small rails hack to generate outer join + domains = if sorts.first == 'registrar_name'.freeze + domains.includes(:registrar).where.not(registrars: { id: nil }) + .order("registrars.name #{order} NULLS LAST") + else + domains.order("#{sort} #{order} NULLS LAST") + end # adding roles. Need here to make faster sqls domain_c = Hash.new([]) - registrant_domains.where(id: domains.map(&:id)).each{|d| domain_c[d.id] |= ["Registrant".freeze] } - DomainContact.where(contact_id: id, domain_id: domains.map(&:id)).each{|d| domain_c[d.domain_id] |= [d.type] } - domains.each{|d| d.roles = domain_c[d.id].uniq} + registrant_domains.where(id: domains.map(&:id)).each do |d| + domain_c[d.id] |= ['Registrant'.freeze] + end + + DomainContact.where(contact_id: id, domain_id: domains.map(&:id)).each do |d| + domain_c[d.domain_id] |= [d.type] + end + + domains.each { |d| d.roles = domain_c[d.id].uniq } domains end + def qualified_domain_name_list(requester, filter_sql) + if requester + requester_domains = Contact.find(requester).domains + domains = requester_domains.where('domains.id IN (?)', filter_sql) + else + domains = Domain.where('domains.id IN (?)', filter_sql) + end + + domains + end + + def qualified_domain_ids(domain_filter) + registrant_ids = Domain.select('id').where(registrant: id).pluck(:id) + return registrant_ids if domain_filter == 'Registrant' + + if %w[AdminDomainContact TechDomainContact].include? domain_filter + DomainContact.select('domain_id').where(contact_id: id, type: domain_filter) + else + (DomainContact.select('domain_id').where(contact_id: id).pluck(:id) + + registrant_ids).uniq + end + end + def update_prohibited? (statuses & [ CLIENT_UPDATE_PROHIBITED, From d0053def99d84429a46fc9e682b7cc547c2ac1c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Tue, 5 May 2020 12:35:27 +0300 Subject: [PATCH 4/8] Find requester contact id solely by ident --- app/controllers/registrant/contacts_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/registrant/contacts_controller.rb b/app/controllers/registrant/contacts_controller.rb index e690b50f4..1ad403248 100644 --- a/app/controllers/registrant/contacts_controller.rb +++ b/app/controllers/registrant/contacts_controller.rb @@ -6,7 +6,7 @@ class Registrant::ContactsController < RegistrantController def show @contact = domain.contacts.find(params[:id]) - @requester_contact = domain.contacts.find_by(ident: current_registrant_user.ident).id + @requester_contact = Contact.find_by(ident: current_registrant_user.ident).id authorize! :read, @contact end From bd7b6ddb73d372841b0f7dae02708f3be034ceaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Tue, 5 May 2020 12:36:04 +0300 Subject: [PATCH 5/8] Create test for viewing other domain contacts --- .../registrant_area/contacts_test.rb | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 test/integration/registrant_area/contacts_test.rb diff --git a/test/integration/registrant_area/contacts_test.rb b/test/integration/registrant_area/contacts_test.rb new file mode 100644 index 000000000..c906cd026 --- /dev/null +++ b/test/integration/registrant_area/contacts_test.rb @@ -0,0 +1,19 @@ +require 'test_helper' + +class RegistrantAreaContactsIntegrationTest < ApplicationIntegrationTest + setup do + @domain = domains(:shop) + @registrant = users(:registrant) + sign_in @registrant + end + + def test_can_view_other_domain_contacts + secondary_contact = contacts(:jane) + + visit registrant_domain_path(@domain) + assert_text secondary_contact.name + click_link secondary_contact.name + assert_text @domain.name + assert_text secondary_contact.email + end +end From 572510d7b00e4cfb9796e7619f070b5fbe27b106 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 15 May 2020 13:27:33 +0300 Subject: [PATCH 6/8] Find contact/registrar directly via domain or via relations --- app/controllers/registrant/contacts_controller.rb | 9 ++++++++- app/models/contact.rb | 15 +++++++++------ app/models/registrant_user.rb | 2 +- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/app/controllers/registrant/contacts_controller.rb b/app/controllers/registrant/contacts_controller.rb index 1ad403248..136596ede 100644 --- a/app/controllers/registrant/contacts_controller.rb +++ b/app/controllers/registrant/contacts_controller.rb @@ -3,9 +3,9 @@ class Registrant::ContactsController < RegistrantController helper_method :fax_enabled? helper_method :domain_filter_params skip_authorization_check only: %i[edit update] + before_action :set_contact, only: [:show] def show - @contact = domain.contacts.find(params[:id]) @requester_contact = Contact.find_by(ident: current_registrant_user.ident).id authorize! :read, @contact end @@ -31,6 +31,13 @@ class Registrant::ContactsController < RegistrantController private + def set_contact + id = params[:id] + contact = domain.contacts.find_by(id: id) || current_user_contacts.find_by(id: id) + contact ||= Contact.find_by(id: id, ident: domain.registrant.ident) + @contact = contact + end + def domain current_user_domains.find(params[:domain_id]) end diff --git a/app/models/contact.rb b/app/models/contact.rb index 488e72335..2aeb761a8 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -415,7 +415,7 @@ class Contact < ApplicationRecord # if total is smaller than needed, the load more # we also need to sort by valid_to # todo: extract to drapper. Then we can remove Domain#roles - def all_domains(page: nil, per: nil, params:, requester:) + def all_domains(page: nil, per: nil, params:, requester: nil) filter_sql = qualified_domain_ids(params[:domain_filter]) # get sorting rules @@ -451,9 +451,12 @@ class Contact < ApplicationRecord end def qualified_domain_name_list(requester, filter_sql) - if requester - requester_domains = Contact.find(requester).domains - domains = requester_domains.where('domains.id IN (?)', filter_sql) + if requester != id + first_scope = Contact.find(requester).domains + second_scope = Contact.find(requester).registrant_domains + + domains = Domain.from("(#{first_scope.to_sql} UNION #{second_scope.to_sql}) as domains") + .where('domains.id IN (?)', filter_sql) else domains = Domain.where('domains.id IN (?)', filter_sql) end @@ -462,13 +465,13 @@ class Contact < ApplicationRecord end def qualified_domain_ids(domain_filter) - registrant_ids = Domain.select('id').where(registrant: id).pluck(:id) + registrant_ids = registrant_domains.pluck(:id) return registrant_ids if domain_filter == 'Registrant' if %w[AdminDomainContact TechDomainContact].include? domain_filter DomainContact.select('domain_id').where(contact_id: id, type: domain_filter) else - (DomainContact.select('domain_id').where(contact_id: id).pluck(:id) + + (DomainContact.select('domain_id').where(contact_id: id).pluck(:domain_id) + registrant_ids).uniq end end diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index 1e787b8b3..e7ce9cc3b 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -98,4 +98,4 @@ class RegistrantUser < User user end end -end \ No newline at end of file +end From bcd6f0bd71c30b571cc9039f7019676c733bc5bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Thu, 21 May 2020 11:57:22 +0300 Subject: [PATCH 7/8] Find requester's tied domains via RegistrantUser --- app/models/contact.rb | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/app/models/contact.rb b/app/models/contact.rb index 2aeb761a8..efee4926e 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -451,17 +451,16 @@ class Contact < ApplicationRecord end def qualified_domain_name_list(requester, filter_sql) - if requester != id - first_scope = Contact.find(requester).domains - second_scope = Contact.find(requester).registrant_domains + return Domain.where('domains.id IN (?)', filter_sql) unless requester != id - domains = Domain.from("(#{first_scope.to_sql} UNION #{second_scope.to_sql}) as domains") - .where('domains.id IN (?)', filter_sql) - else - domains = Domain.where('domains.id IN (?)', filter_sql) + requester = Contact.find_by(id: requester) + registrant_user = RegistrantUser.find_or_initialize_by(registrant_ident: + "#{requester.ident_country_code}-#{requester.ident}") + begin + registrant_user.domains.where('domains.id IN (?)', filter_sql) + rescue CompanyRegister::NotAvailableError + registrant_user.direct_domains.where('domains.id IN (?)', filter_sql) end - - domains end def qualified_domain_ids(domain_filter) From f27f2f365f476b13c35522bd52c2a597518e1e29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Thu, 21 May 2020 14:15:00 +0300 Subject: [PATCH 8/8] Do not use requester ID when querying all_domains() via Registrar --- app/models/contact.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/contact.rb b/app/models/contact.rb index efee4926e..58d8b8c60 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -451,7 +451,7 @@ class Contact < ApplicationRecord end def qualified_domain_name_list(requester, filter_sql) - return Domain.where('domains.id IN (?)', filter_sql) unless requester != id + return Domain.where('domains.id IN (?)', filter_sql) if requester.nil? requester = Contact.find_by(id: requester) registrant_user = RegistrantUser.find_or_initialize_by(registrant_ident: