From 3ed2cddad47d04178b5b04b22099f15ebed37a63 Mon Sep 17 00:00:00 2001
From: Martin Lensment <mlensment@gmail.com>
Date: Fri, 16 Jan 2015 16:21:31 +0200
Subject: [PATCH] Parsed frame accessible from only params

---
 app/controllers/concerns/epp/common.rb     |  6 +-----
 app/controllers/epp/contacts_controller.rb | 10 +++++-----
 app/controllers/epp/domains_controller.rb  |  4 ++--
 app/controllers/epp/polls_controller.rb    | 10 +++++-----
 4 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/app/controllers/concerns/epp/common.rb b/app/controllers/concerns/epp/common.rb
index 9448b3884..63de4a1c6 100644
--- a/app/controllers/concerns/epp/common.rb
+++ b/app/controllers/concerns/epp/common.rb
@@ -24,10 +24,6 @@ module Epp::Common
     @params_hash ||= Hash.from_xml(params[:frame]).with_indifferent_access
   end
 
-  def parsed_frame
-    @parsed_frame ||= Nokogiri::XML(params[:frame]).remove_namespaces!
-  end
-
   def epp_session
     cookie = env['rack.request.cookie_hash'] || {}
     EppSession.find_or_initialize_by(session_id: cookie['session'])
@@ -66,7 +62,7 @@ module Epp::Common
 
   def epp_request_valid?(*selectors)
     selectors.each do |selector|
-      el = parsed_frame.css(selector).first
+      el = params[:parsed_frame].css(selector).first
       epp_errors << {
         code: '2003',
         msg: I18n.t('errors.messages.required_parameter_missing', key: el.try(:name) || selector)
diff --git a/app/controllers/epp/contacts_controller.rb b/app/controllers/epp/contacts_controller.rb
index 0d0d3df34..83108a3d1 100644
--- a/app/controllers/epp/contacts_controller.rb
+++ b/app/controllers/epp/contacts_controller.rb
@@ -89,9 +89,9 @@ class Epp::ContactsController < ApplicationController
   end
 
   def update_attrs_present?
-    return true if parsed_frame.css('add').present?
-    return true if parsed_frame.css('rem').present?
-    return true if parsed_frame.css('chg').present?
+    return true if params[:parsed_frame].css('add').present?
+    return true if params[:parsed_frame].css('rem').present?
+    return true if params[:parsed_frame].css('chg').present?
     epp_errors << { code: '2003', msg: I18n.t('errors.messages.required_parameter_missing', key: 'add, rem or chg') }
   end
 
@@ -176,13 +176,13 @@ class Epp::ContactsController < ApplicationController
       Address.extract_attributes((prms.try(:[], :postalInfo) || []))
     )
     contact_hash[:disclosure_attributes] =
-      ContactDisclosure.extract_attributes(parsed_frame)
+      ContactDisclosure.extract_attributes(params[:parsed_frame])
 
     contact_hash
   end
 
   def ident_type
-    result = parsed_frame.css('ident').first.try(:attributes).try(:[], 'type').try(:value)
+    result = params[:parsed_frame].css('ident').first.try(:attributes).try(:[], 'type').try(:value)
     return nil unless result
 
     Contact::IDENT_TYPES.any? { |type| return type if result.include?(type) }
diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb
index 02c84bb42..35cf74476 100644
--- a/app/controllers/epp/domains_controller.rb
+++ b/app/controllers/epp/domains_controller.rb
@@ -192,8 +192,8 @@ class Epp::DomainsController < ApplicationController
 
   def domain_transfer_params
     res = {}
-    res[:pw] = parsed_frame.css('pw').first.try(:text)
-    res[:action] = parsed_frame.css('transfer').first[:op]
+    res[:pw] = params[:parsed_frame].css('pw').first.try(:text)
+    res[:action] = params[:parsed_frame].css('transfer').first[:op]
     res[:current_user] = current_epp_user
     res
   end
diff --git a/app/controllers/epp/polls_controller.rb b/app/controllers/epp/polls_controller.rb
index c0a8383d1..62e45abbc 100644
--- a/app/controllers/epp/polls_controller.rb
+++ b/app/controllers/epp/polls_controller.rb
@@ -2,8 +2,8 @@ class Epp::PollsController < ApplicationController
   include Epp::Common
 
   def poll
-    req_poll if parsed_frame.css('poll').first['op'] == 'req'
-    ack_poll if parsed_frame.css('poll').first['op'] == 'ack'
+    req_poll if params[:parsed_frame].css('poll').first['op'] == 'req'
+    ack_poll if params[:parsed_frame].css('poll').first['op'] == 'ack'
   end
 
   def req_poll
@@ -22,13 +22,13 @@ class Epp::PollsController < ApplicationController
   end
 
   def ack_poll
-    @message = current_epp_user.queued_messages.find_by(id: parsed_frame.css('poll').first['msgID'])
+    @message = current_epp_user.queued_messages.find_by(id: params[:parsed_frame].css('poll').first['msgID'])
 
     unless @message
       epp_errors << {
         code: '2303',
         msg: I18n.t('message_was_not_found'),
-        value: { obj: 'msgID', val: parsed_frame.css('poll').first['msgID'] }
+        value: { obj: 'msgID', val: params[:parsed_frame].css('poll').first['msgID'] }
       }
       handle_errors and return
     end
@@ -40,7 +40,7 @@ class Epp::PollsController < ApplicationController
   private
 
   def validate_poll
-    op = parsed_frame.css('poll').first[:op]
+    op = params[:parsed_frame].css('poll').first[:op]
     return true if %w(ack req).include?(op)
     epp_errors << { code: '2306', msg: I18n.t('errors.messages.attribute_op_is_invalid') }
     false