From ec70d1ab218548f6051a773650461df591bbab5a Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 11:15:21 +0300 Subject: [PATCH 01/16] Updated smtp env variables --- CHANGELOG.md | 4 ++++ config/application-example.yml | 12 +++++++----- config/application.rb | 13 +++++++------ 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d0f35a3d4..e51465b4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +14.05.2015 + +* Changed and added some new smtp enviroment variables. More info at application-example.yml + 12.05.2015 * Ruby version updated to 2.2.2 diff --git a/config/application-example.yml b/config/application-example.yml index ad4941eb2..b7ce232ac 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -37,11 +37,13 @@ epp_hostname: 'registry.gitlab.eu' repp_url: 'https://repp.gitlab.eu/repp/v1/' # SMTP configuration -address: 'server-hostname' -port: '000' -user_name: 'login' -password: 'pw/key' -domain: 'domain for HELO checking' +smtp_address: 'server-hostname' +smtp_port: '000' +smtp_user_name: 'login' +smtp_password: 'pw/key' +smtp_domain: 'domain for HELO checking' +# Use "none" only when for a self-signed and/or wildcard certificate +smtp_openssl_verify_mode: 'peer' # 'none', 'peer', 'client_once','fail_if_no_peer_cert' # autotest config overwrites test: diff --git a/config/application.rb b/config/application.rb index 58ab0c753..f03614d96 100644 --- a/config/application.rb +++ b/config/application.rb @@ -59,13 +59,14 @@ module Registry config.action_mailer.raise_delivery_errors = true config.action_mailer.smtp_settings = { - address: ENV['address'], - port: ENV['port'], + address: ENV['smtp_address'], + port: ENV['smtp_port'], enable_starttls_auto: true, - user_name: ENV['user_name'], - password: ENV['password'], - authentication: 'login', - domain: ENV['domain'] + user_name: ENV['smtp_user_name'], + password: ENV['smtp_password'], + authentication: 'smtp_login', + domain: ENV['smtp_domain'] + openssl_verify_mode: ENV['smtp_openssl_verify_mode'] } end end From 2ec7e09ba56e4a35fc8827dd0fbda96b36504b26 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 12:45:19 +0300 Subject: [PATCH 02/16] typo fix --- config/application.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/application.rb b/config/application.rb index f03614d96..84bfb61f3 100644 --- a/config/application.rb +++ b/config/application.rb @@ -65,7 +65,7 @@ module Registry user_name: ENV['smtp_user_name'], password: ENV['smtp_password'], authentication: 'smtp_login', - domain: ENV['smtp_domain'] + domain: ENV['smtp_domain'], openssl_verify_mode: ENV['smtp_openssl_verify_mode'] } end From beb921d94a8d4b0cbb827a47a522d9e425c49234 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 14:35:44 +0300 Subject: [PATCH 03/16] Added new smtp attribute for STARTTLS --- config/application-example.yml | 2 ++ config/application.rb | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/config/application-example.yml b/config/application-example.yml index b7ce232ac..dfd9d4047 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -44,6 +44,8 @@ smtp_password: 'pw/key' smtp_domain: 'domain for HELO checking' # Use "none" only when for a self-signed and/or wildcard certificate smtp_openssl_verify_mode: 'peer' # 'none', 'peer', 'client_once','fail_if_no_peer_cert' +# Detects if STARTTLS is enabled in your SMTP server and starts to use it. Defaults to true. +smtp_enable_starttls_auto: 'true' # 'false' # autotest config overwrites test: diff --git a/config/application.rb b/config/application.rb index 84bfb61f3..f597fd890 100644 --- a/config/application.rb +++ b/config/application.rb @@ -61,12 +61,12 @@ module Registry config.action_mailer.smtp_settings = { address: ENV['smtp_address'], port: ENV['smtp_port'], - enable_starttls_auto: true, + enable_starttls_auto: ENV['smtp_enable_starttls_auto'], user_name: ENV['smtp_user_name'], password: ENV['smtp_password'], authentication: 'smtp_login', domain: ENV['smtp_domain'], - openssl_verify_mode: ENV['smtp_openssl_verify_mode'] + openssl_verify_mode: ENV['smtp_openssl_verify_mode'], } end end From 762054e5f16f72e4b943f2dc2c16f59ae58faaeb Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 14:53:43 +0300 Subject: [PATCH 04/16] Added more smtp settings into application-example.yml --- config/application-example.yml | 8 ++++++-- config/application.rb | 16 ++++++++-------- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/config/application-example.yml b/config/application-example.yml index dfd9d4047..38acf4f23 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -38,14 +38,18 @@ repp_url: 'https://repp.gitlab.eu/repp/v1/' # SMTP configuration smtp_address: 'server-hostname' -smtp_port: '000' +smtp_port: '25' # 587, 465 smtp_user_name: 'login' smtp_password: 'pw/key' -smtp_domain: 'domain for HELO checking' +# If you need to specify a HELO domain, you can do it here. +smtp_domain: '' # 'domain for HELO checking' # Use "none" only when for a self-signed and/or wildcard certificate smtp_openssl_verify_mode: 'peer' # 'none', 'peer', 'client_once','fail_if_no_peer_cert' # Detects if STARTTLS is enabled in your SMTP server and starts to use it. Defaults to true. +# Set this to false if there is a problem with your server certificate that you cannot resolve. smtp_enable_starttls_auto: 'true' # 'false' +# If your mail server requires authentication, please change. +smtp_authentication: 'plain' # 'plain', 'login', 'cram_md5' # autotest config overwrites test: diff --git a/config/application.rb b/config/application.rb index f597fd890..dae53708d 100644 --- a/config/application.rb +++ b/config/application.rb @@ -59,14 +59,14 @@ module Registry config.action_mailer.raise_delivery_errors = true config.action_mailer.smtp_settings = { - address: ENV['smtp_address'], - port: ENV['smtp_port'], - enable_starttls_auto: ENV['smtp_enable_starttls_auto'], - user_name: ENV['smtp_user_name'], - password: ENV['smtp_password'], - authentication: 'smtp_login', - domain: ENV['smtp_domain'], - openssl_verify_mode: ENV['smtp_openssl_verify_mode'], + address: ENV['smtp_address'], + port: ENV['smtp_port'], + enable_starttls_auto: ENV['smtp_enable_starttls_auto'] == 'true', + user_name: ENV['smtp_user_name'], + password: ENV['smtp_password'], + authentication: ENV['smtp_authentication'], + domain: ENV['smtp_domain'], + openssl_verify_mode: ENV['smtp_openssl_verify_mode'], } end end From 6c47124a28b4a88b39fcb4f94130bef13db0a93c Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 10:00:52 +0300 Subject: [PATCH 05/16] Registrant change confirmation logic --- app/controllers/epp/domains_controller.rb | 6 +- app/mailers/domain_mailer.rb | 13 ++++ app/mailers/invoice_mailer.rb | 2 +- app/models/domain.rb | 35 +++++++--- app/models/epp/domain.rb | 11 +++- .../contact_mailer/email_updated.html.erb | 4 +- .../domain_mailer/registrant_updated.html.erb | 47 ++++++++++++++ .../domain_mailer/registrant_updated.text.erb | 47 ++++++++++++++ .../epp/domains/success_pending.xml.builder | 9 +++ config/locales/en.yml | 2 + ...938_add_registrant_changed_at_to_domain.rb | 6 ++ db/schema.rb | 6 +- doc/epp/domain.md | 2 + spec/epp/domain_spec.rb | 65 ++++++++++++++++++- spec/mailers/domain_mailer_spec.rb | 54 +++++++++++++++ 15 files changed, 292 insertions(+), 17 deletions(-) create mode 100644 app/mailers/domain_mailer.rb create mode 100644 app/views/domain_mailer/registrant_updated.html.erb create mode 100644 app/views/domain_mailer/registrant_updated.text.erb create mode 100644 app/views/epp/domains/success_pending.xml.builder create mode 100644 db/migrate/20150512160938_add_registrant_changed_at_to_domain.rb create mode 100644 spec/mailers/domain_mailer_spec.rb diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb index 0abd219f5..840a80e6e 100644 --- a/app/controllers/epp/domains_controller.rb +++ b/app/controllers/epp/domains_controller.rb @@ -34,7 +34,11 @@ class Epp::DomainsController < EppController authorize! :update, @domain, @password if @domain.update(params[:parsed_frame], current_user) - render_epp_response '/epp/domains/success' + if @domain.pending_update? + render_epp_response '/epp/domains/success_pending' + else + render_epp_response '/epp/domains/success' + end else handle_errors(@domain) end diff --git a/app/mailers/domain_mailer.rb b/app/mailers/domain_mailer.rb new file mode 100644 index 000000000..9335cc99b --- /dev/null +++ b/app/mailers/domain_mailer.rb @@ -0,0 +1,13 @@ +class DomainMailer < ApplicationMailer + def registrant_updated(domain) + return if Rails.env.production? ? false : !TEST_EMAILS.include?(domain.registrant_email) + # turn on delivery on specific request only, thus rake tasks does not deliver anything + return if domain.deliver_emails != true + + @old_registrant = Registrant.find(domain.registrant_id_was) + + @domain = domain + mail(to: @old_registrant.email, + subject: "#{I18n.t(:domain_registrant_update_subject, name: @domain.name)} [#{@domain.name}]") + end +end diff --git a/app/mailers/invoice_mailer.rb b/app/mailers/invoice_mailer.rb index ea30783be..eb6168d30 100644 --- a/app/mailers/invoice_mailer.rb +++ b/app/mailers/invoice_mailer.rb @@ -1,6 +1,6 @@ class InvoiceMailer < ApplicationMailer def invoice_email(invoice, pdf) - return if Rails.env.production? ? false : TEST_EMAILS.include?(invoice.billing_email) + return if Rails.env.production? ? false : !TEST_EMAILS.include?(invoice.billing_email) @invoice = invoice attachments[invoice.pdf_name] = pdf diff --git a/app/models/domain.rb b/app/models/domain.rb index 87d5f3d73..7c2a29929 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -40,14 +40,28 @@ class Domain < ActiveRecord::Base has_many :legal_documents, as: :documentable accepts_nested_attributes_for :legal_documents, reject_if: proc { |attrs| attrs[:body].blank? } - delegate :code, to: :registrant, prefix: true - delegate :email, to: :registrant, prefix: true - delegate :ident, to: :registrant, prefix: true - delegate :phone, to: :registrant, prefix: true - delegate :name, to: :registrar, prefix: true + delegate :name, to: :registrant, prefix: true + delegate :code, to: :registrant, prefix: true + delegate :ident, to: :registrant, prefix: true + delegate :email, to: :registrant, prefix: true + delegate :phone, to: :registrant, prefix: true + delegate :street, to: :registrant, prefix: true + delegate :city, to: :registrant, prefix: true + delegate :zip, to: :registrant, prefix: true + delegate :state, to: :registrant, prefix: true + delegate :country, to: :registrant, prefix: true + + delegate :name, to: :registrar, prefix: true + delegate :street, to: :registrar, prefix: true before_create :generate_auth_info before_create :set_validity_dates + before_update :manage_statuses + def manage_statuses + return unless registrant_id_changed? + domain_statuses.build(value: DomainStatus::PENDING_UPDATE) if registrant_verification_asked_at.present? + end + before_save :touch_always_version def touch_always_version self.updated_at = Time.zone.now @@ -103,7 +117,7 @@ class Domain < ActiveRecord::Base validate :validate_nameserver_ips - attr_accessor :registrant_typeahead, :update_me + attr_accessor :registrant_typeahead, :update_me, :deliver_emails def subordinate_nameservers nameservers.select { |x| x.hostname.end_with?(name) } @@ -154,6 +168,13 @@ class Domain < ActiveRecord::Base )).empty? end + def pending_update? + (domain_statuses.pluck(:value) & %W( + #{DomainStatus::PENDING_UPDATE} + )).present? + end + alias_method :update_pending?, :pending_update? + ### VALIDATIONS ### def validate_nameserver_ips @@ -230,8 +251,6 @@ class Domain < ActiveRecord::Base # otherwise domain_statuses are in old state for domain object domain_statuses.reload - - # contacts.includes(:address).each(&:manage_statuses) end def children_log diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index 8698857b3..f9ee8c988 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -2,6 +2,13 @@ class Epp::Domain < Domain include EppErrors + before_update :manage_permissions + def manage_permissions + return unless update_pending? + add_epp_error('2304', nil, nil, I18n.t(:object_status_prohibits_operation)) + false + end + class << self def new_from_epp(frame, current_user) domain = Epp::Domain.new @@ -88,6 +95,8 @@ class Epp::Domain < Domain regt = Registrant.find_by(code: code) if regt at[:registrant_id] = regt.id + delivery_date = frame.css('registrant').attr('verified').to_s.downcase == 'yes' ? nil : Time.zone.now + at[:registrant_verification_asked_at] = delivery_date else add_epp_error('2303', 'registrant', code, [:registrant, :not_found]) end @@ -115,7 +124,6 @@ class Epp::Domain < Domain at[:dnskeys_attributes] = dnskeys_attrs(dnskey_frame, action) at[:legal_documents_attributes] = legal_document_from(frame) - at end # rubocop: enable Metrics/PerceivedComplexity @@ -386,6 +394,7 @@ class Epp::Domain < Domain at[:tech_domain_contacts_attributes] += at_add[:tech_domain_contacts_attributes] at[:dnskeys_attributes] += at_add[:dnskeys_attributes] at[:domain_statuses_attributes] += at_add[:domain_statuses_attributes] + self.deliver_emails = true # turn on email delivery for epp errors.empty? && super(at) end diff --git a/app/views/contact_mailer/email_updated.html.erb b/app/views/contact_mailer/email_updated.html.erb index b5fe51ec7..c461659b1 100644 --- a/app/views/contact_mailer/email_updated.html.erb +++ b/app/views/contact_mailer/email_updated.html.erb @@ -22,7 +22,7 @@ Tänav: <%= @contact.street %>
Linn: <%= @contact.city %>
Riik: <%= @contact.country %>

-Lugupidamisega +Lugupidamisega
Eesti Interneti SA

@@ -49,5 +49,5 @@ Street: <%= @contact.street %>
City: <%= @contact.city %>
Country: <%= @contact.country %>

-Best Regards, +Best Regards,
Eesti Interneti SA diff --git a/app/views/domain_mailer/registrant_updated.html.erb b/app/views/domain_mailer/registrant_updated.html.erb new file mode 100644 index 000000000..b992d0fe5 --- /dev/null +++ b/app/views/domain_mailer/registrant_updated.html.erb @@ -0,0 +1,47 @@ +Tere, +

+Registrisse laekus taotlus domeeni <%= @domain.name %> registreerija vahetuseks. Palun veenduge, et muudatus on korrektne ning probleemide korral pöörduge oma registripidaja poole. Teie registripidaja on <%= @domain.registrar_name %> +

+Uued registreerija andmed:
+Nimi: <%= @domain.registrant_name %>
+<% if @domain.registrant.priv? %> +Isikukood: <%= @domain.registrant_ident %>
+<% else %> +Äriregistrikood: <%= @domain.registrant_ident %>
+<% end %> +Epost: <%= @domain.registrant_email %>
+Tel: <%= @domain.registrant_phone %>
+Tänav: <%= @domain.registrant_street %>
+Linn: <%= @domain.registrant_city %>
+Riik: <%= @domain.registrant_country %> +

+Muudatuse kinnitamiseks külastage palun allolevat võrgulehekülge, kontrollige uuesti üle muudatuse andmed ning vajutage nuppu kinnitan:
+https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +

+Lugupidamisega
+Eesti Interneti SA +

+
+

+Hi, +

+Application for changing registrant of your domain <%= @domain.name %> has been filed. Please make sure that the update and information are correct. Incase of problems please turn to your registrar. Your registrar is <%= @domain.registrar_name %> +

+New registrant:
+Name: <%= @domain.registrant_name %>
+<% if @domain.registrant.priv? %> +Personal code: <%= @domain.registrant_ident %>
+<% else %> +Business Registry code: <%= @domain.registrant_ident %>
+<% end %> +E-mail: <%= @domain.registrant_email %>
+Tel: <%= @domain.registrant_phone %>
+Street: <%= @domain.registrant_street %>
+City: <%= @domain.registrant_city %>
+Country: <%= @domain.registrant_country %> +

+To confirm the update please visit this website, once again review the data and press approve:
+https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +

+Best Regards,
+Estonian Internet Foundation diff --git a/app/views/domain_mailer/registrant_updated.text.erb b/app/views/domain_mailer/registrant_updated.text.erb new file mode 100644 index 000000000..c4d6d6507 --- /dev/null +++ b/app/views/domain_mailer/registrant_updated.text.erb @@ -0,0 +1,47 @@ +Tere, + +Registrisse laekus taotlus domeeni <%= @domain.name %> registreerija vahetuseks. Palun veenduge, et muudatus on korrektne ning probleemide korral pöörduge oma registripidaja poole. Teie registripidaja on <%= @domain.registrar_name %> + +Uued registreerija andmed: +Nimi: <%= @domain.registrant_name %> +<% if @domain.registrant.priv? %> +Isikukood: <%= @domain.registrant_ident %> +<% else %> +Äriregistrikood: <%= @domain.registrant_ident %> +<% end %> +Epost: <%= @domain.registrant_email %> +Tel: <%= @domain.registrant_phone %> +Tänav: <%= @domain.registrant_street %> +Linn: <%= @domain.registrant_city %> +Riik: <%= @domain.registrant_country %> + +Muudatuse kinnitamiseks külastage palun allolevat võrgulehekülge, kontrollige uuesti üle muudatuse andmed ning vajutage nuppu kinnitan: +https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg + +Lugupidamisega +Eesti Interneti SA + +--------------------------------------------------------------------------------- + +Hi, + +Application for changing registrant of your domain <%= @domain.name %> has been filed. Please make sure that the update and information are correct. Incase of problems please turn to your registrar. Your registrar is <%= @domain.registrar_name %> + +New registrant: +Name: <%= @domain.registrant_name %> +<% if @domain.registrant.priv? %> +Personal code: <%= @domain.registrant_ident %> +<% else %> +Business Registry code: <%= @domain.registrant_ident %> +<% end %> +E-mail: <%= @domain.registrant_email %> +Tel: <%= @domain.registrant_phone %> +Street: <%= @domain.registrant_street %> +City: <%= @domain.registrant_city %> +Country: <%= @domain.registrant_country %> + +To confirm the update please visit this website, once again review the data and press approve: +https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg + +Best Regards, +Estonian Internet Foundation diff --git a/app/views/epp/domains/success_pending.xml.builder b/app/views/epp/domains/success_pending.xml.builder new file mode 100644 index 000000000..3d1783009 --- /dev/null +++ b/app/views/epp/domains/success_pending.xml.builder @@ -0,0 +1,9 @@ +xml.epp_head do + xml.response do + xml.result('code' => '1001') do + xml.msg 'Command completed successfully; action pending' + end + end + + xml << render('/epp/shared/trID') +end diff --git a/config/locales/en.yml b/config/locales/en.yml index b7fa7a05d..789e71fa3 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -762,3 +762,5 @@ en: forbidden_code: 'is forbidden to use' unimplemented_object_service: 'Unimplemented object service' contact_email_update_subject: 'Teie domeenide kontakt epostiaadress on muutunud / Contact e-mail addresses of your domains have changed' + object_status_prohibits_operation: 'Object status prohibits operation' + domain_registrant_update_subject: "Kinnitustaotlus domeeni %{name} registreerija vahetuseks / Application for approval for registrant chache of %{name}" diff --git a/db/migrate/20150512160938_add_registrant_changed_at_to_domain.rb b/db/migrate/20150512160938_add_registrant_changed_at_to_domain.rb new file mode 100644 index 000000000..b92b68298 --- /dev/null +++ b/db/migrate/20150512160938_add_registrant_changed_at_to_domain.rb @@ -0,0 +1,6 @@ +class AddRegistrantChangedAtToDomain < ActiveRecord::Migration + def change + add_column :domains, :registrant_verification_asked_at, :datetime + add_index :domains, :registrant_verification_asked_at + end +end diff --git a/db/schema.rb b/db/schema.rb index fc41c9a95..b2e3316fe 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150511120755) do +ActiveRecord::Schema.define(version: 20150512160938) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -292,7 +292,7 @@ ActiveRecord::Schema.define(version: 20150511120755) do t.string "name_dirty" t.string "name_puny" t.integer "period" - t.string "period_unit", limit: 1 + t.string "period_unit", limit: 1 t.string "creator_str" t.string "updator_str" t.integer "legacy_id" @@ -300,11 +300,13 @@ ActiveRecord::Schema.define(version: 20150511120755) do t.integer "legacy_registrant_id" t.datetime "outzone_at" t.datetime "delete_at" + t.datetime "registrant_verification_asked_at" end add_index "domains", ["delete_at"], name: "index_domains_on_delete_at", using: :btree add_index "domains", ["outzone_at"], name: "index_domains_on_outzone_at", using: :btree add_index "domains", ["registrant_id"], name: "index_domains_on_registrant_id", using: :btree + add_index "domains", ["registrant_verification_asked_at"], name: "index_domains_on_registrant_verification_asked_at", using: :btree add_index "domains", ["registrar_id"], name: "index_domains_on_registrar_id", using: :btree create_table "epp_sessions", force: :cascade do |t| diff --git a/doc/epp/domain.md b/doc/epp/domain.md index 3fa49754a..9d13f8df3 100644 --- a/doc/epp/domain.md +++ b/doc/epp/domain.md @@ -19,6 +19,8 @@ Domain name mapping protocol short version: Must add up to 1 / 2 / 3 years. Attribute: unit="y/m/d" 1 Contact reference to the registrant + Attribute: + "verified" # optional, allowed values 'yes', 'no' 0-n Contact reference. Admin contact is required if registrant is a juridical person. Attribute: type="admin / tech" 1 diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb index f8b0aed99..c1eed789d 100644 --- a/spec/epp/domain_spec.rb +++ b/spec/epp/domain_spec.rb @@ -1353,13 +1353,13 @@ describe 'EPP Domain', epp: true do end ### UPDATE ### - it 'updates a domain' do + it 'should update right away without update pending status' do existing_pw = domain.auth_info xml_params = { name: { value: domain.name }, chg: [ - registrant: { value: 'FIXED:CITIZEN_1234' } + registrant: { value: 'FIXED:CITIZEN_1234', attrs: { verified: 'yes' } } ] } @@ -1379,6 +1379,67 @@ describe 'EPP Domain', epp: true do d.registrant_code.should == 'FIXED:CITIZEN_1234' d.auth_info.should == existing_pw + d.update_pending?.should == false + end + + it 'updates a domain' do + existing_pw = domain.auth_info + + xml_params = { + name: { value: domain.name }, + chg: [ + registrant: { value: 'FIXED:CITIZEN_1234' } + ] + } + + response = epp_plain_request(domain_update_xml(xml_params, {}, { + _anonymus: [ + legalDocument: { + value: 'JVBERi0xLjQKJcOkw7zDtsOfCjIgMCBvYmoKPDwvTGVuZ3RoIDMgMCBSL0Zp==', + attrs: { type: 'pdf' } + } + ] + }), :xml) + + response[:results][0][:msg].should == 'Command completed successfully; action pending' + response[:results][0][:result_code].should == '1001' + + d = Domain.last + + d.registrant_code.should == 'FIXED:CITIZEN_1234' + d.auth_info.should == existing_pw + d.update_pending?.should == true + end + + it 'should not allow any update when status update_pending' do + domain.domain_statuses.create(value: DomainStatus::PENDING_UPDATE) + + existing_pw = domain.auth_info + + xml_params = { + name: { value: domain.name }, + chg: [ + registrant: { value: 'FIXED:CITIZEN_1234' } + ] + } + + response = epp_plain_request(domain_update_xml(xml_params, {}, { + _anonymus: [ + legalDocument: { + value: 'JVBERi0xLjQKJcOkw7zDtsOfCjIgMCBvYmoKPDwvTGVuZ3RoIDMgMCBSL0Zp==', + attrs: { type: 'pdf' } + } + ] + }), :xml) + + response[:results][0][:msg].should == 'Object status prohibits operation' + response[:results][0][:result_code].should == '2304' + + d = Domain.last + + d.registrant_code.should_not == 'FIXED:CITIZEN_1234' + d.auth_info.should == existing_pw + d.update_pending?.should == true end it 'updates domain and adds objects' do diff --git a/spec/mailers/domain_mailer_spec.rb b/spec/mailers/domain_mailer_spec.rb new file mode 100644 index 000000000..ac83b0732 --- /dev/null +++ b/spec/mailers/domain_mailer_spec.rb @@ -0,0 +1,54 @@ +require 'rails_helper' + +describe DomainMailer do + describe 'registrant changed notification when delivery turned off' do + before :all do + @registrant = Fabricate(:registrant, email: 'test@example.com') + @domain = Fabricate(:domain, registrant: @registrant) + @mail = DomainMailer.registrant_updated(@domain) + end + + it 'should not render email subject' do + @mail.subject.should == nil + end + + it 'should not have sender email' do + @mail.from.should == nil + end + + it 'should not have reveiver email' do + @mail.to.should == nil + end + + it 'should not render body' do + @mail.body.should == '' + end + end + + describe 'email changed notification' do + before :all do + @registrant = Fabricate(:registrant, email: 'test@example.com') + @new_registrant = Fabricate(:registrant, email: 'test@example.org') + @domain = Fabricate(:domain, registrant: @registrant) + @domain.deliver_emails = true + @domain.registrant = @new_registrant + @mail = DomainMailer.registrant_updated(@domain) + end + + it 'should render email subject' do + @mail.subject.should =~ /Kinnitustaotlus domeeni/ + end + + it 'should have sender email' do + @mail.from.should == ["noreply@internet.ee"] + end + + it 'should send confirm email to old registrant email' do + @mail.to.should == ["test@example.com"] + end + + it 'should render body' do + @mail.body.encoded.should =~ /Registrisse laekus taotlus domeeni/ + end + end +end From f946239822722ec59a8267cd44fe1717e163ce6f Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 10:16:02 +0300 Subject: [PATCH 06/16] added new success code 1001 --- app/controllers/registrar/depp_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/registrar/depp_controller.rb b/app/controllers/registrar/depp_controller.rb index d7ef823ec..753a8a6e0 100644 --- a/app/controllers/registrar/depp_controller.rb +++ b/app/controllers/registrar/depp_controller.rb @@ -24,7 +24,7 @@ class Registrar::DeppController < RegistrarController # EPP controller def response_ok? @data.css('result').each do |x| - success_codes = %(1000, 1300, 1301) + success_codes = %(1000, 1001, 1300, 1301) return false unless success_codes.include?(x['code']) end true From 90633160c05684e69140f2874d4f223a6ecd873c Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 10:32:14 +0300 Subject: [PATCH 07/16] Turn on DomainMailer --- app/models/domain.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/models/domain.rb b/app/models/domain.rb index 7c2a29929..f1af1213f 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -59,7 +59,10 @@ class Domain < ActiveRecord::Base before_update :manage_statuses def manage_statuses return unless registrant_id_changed? - domain_statuses.build(value: DomainStatus::PENDING_UPDATE) if registrant_verification_asked_at.present? + if registrant_verification_asked_at.present? + domain_statuses.build(value: DomainStatus::PENDING_UPDATE) + DomainMailer.registrant_updated(self).deliver_now + end end before_save :touch_always_version From fdcad95683313f301baf8fcd399691dff7c7ff29 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:02:08 +0300 Subject: [PATCH 08/16] Added basic Registrant portal --- CHANGELOG.md | 5 + README.md | 76 +++++++++- .../javascripts/registrant-manifest.coffee | 14 ++ .../stylesheets/registrant-manifest.sass | 13 ++ .../registrant/registrant-bootstrap.sass | 19 +++ .../stylesheets/registrant/registrant.sass | 34 +++++ app/controllers/application_controller.rb | 26 ++-- app/controllers/registrant/depp_controller.rb | 32 +++++ .../registrant/domains_controller.rb | 119 ++++++++++++++++ .../registrant/sessions_controller.rb | 130 ++++++++++++++++++ app/controllers/registrant_controller.rb | 16 +++ app/helpers/registrant/application_helper.rb | 13 ++ app/mailers/domain_mailer.rb | 5 + app/models/epp/domain.rb | 1 + app/models/registrant_user.rb | 46 +++++++ .../domain_mailer/registrant_updated.html.erb | 4 +- .../domain_mailer/registrant_updated.text.erb | 4 +- app/views/layouts/registrant/application.haml | 56 ++++++++ app/views/registrant/domains/index.haml | 46 +++++++ app/views/registrant/domains/info.haml | 26 ++++ app/views/registrant/sessions/login.haml | 21 +++ app/views/registrant/sessions/login_mid.haml | 40 ++++++ config/application-example.yml | 18 +-- config/application.rb | 1 + config/locales/en.yml | 2 + config/routes.rb | 59 +++++++- ...80013_add_registrant_verification_token.rb | 6 + db/schema.rb | 4 +- 28 files changed, 810 insertions(+), 26 deletions(-) create mode 100644 app/assets/javascripts/registrant-manifest.coffee create mode 100644 app/assets/stylesheets/registrant-manifest.sass create mode 100644 app/assets/stylesheets/registrant/registrant-bootstrap.sass create mode 100644 app/assets/stylesheets/registrant/registrant.sass create mode 100644 app/controllers/registrant/depp_controller.rb create mode 100644 app/controllers/registrant/domains_controller.rb create mode 100644 app/controllers/registrant/sessions_controller.rb create mode 100644 app/controllers/registrant_controller.rb create mode 100644 app/helpers/registrant/application_helper.rb create mode 100644 app/models/registrant_user.rb create mode 100644 app/views/layouts/registrant/application.haml create mode 100644 app/views/registrant/domains/index.haml create mode 100644 app/views/registrant/domains/info.haml create mode 100644 app/views/registrant/sessions/login.haml create mode 100644 app/views/registrant/sessions/login_mid.haml create mode 100644 db/migrate/20150513080013_add_registrant_verification_token.rb diff --git a/CHANGELOG.md b/CHANGELOG.md index e51465b4b..343a1601e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,11 @@ * Changed and added some new smtp enviroment variables. More info at application-example.yml +13.05.2015 + +* Added new environment for EPP server: 'registrant_url' +* Added Registrant portal and apache config example + 12.05.2015 * Ruby version updated to 2.2.2 diff --git a/README.md b/README.md index 2274ea172..040cce724 100644 --- a/README.md +++ b/README.md @@ -149,8 +149,8 @@ Registrar configuration (/etc/apache2/sites-enabled/registrar.conf) is as follow # Possible values include: debug, info, notice, warn, error, crit, LogLevel info - ErrorLog /var/log/apache2/registry.error.log - CustomLog /var/log/apache2/registry.access.log combined + ErrorLog /var/log/apache2/registrar.error.log + CustomLog /var/log/apache2/registrar.access.log combined SSLEngine On SSLCertificateFile /etc/ssl/certs/your.crt @@ -163,7 +163,7 @@ Registrar configuration (/etc/apache2/sites-enabled/registrar.conf) is as follow SSLCipherSuite RC4-SHA:HIGH:!ADH - # for Apache verison 2.4 or newer + # for Apache older than version 2.4 Allow from all # for Apache verison 2.4 or newer @@ -195,6 +195,76 @@ Registrar configuration (/etc/apache2/sites-enabled/registrar.conf) is as follow ``` +Registrant configuration (/etc/apache2/sites-enabled/registrant.conf) is as follows: +``` + + ServerName your-registrant-domain + ServerAdmin your@example.com + + # Rewrite /login to /registrant/login + RewriteEngine on + RewriteCond %{REQUEST_URI} ^/login [NC] + RewriteRule ^/(.*) /registrant/$1 [PT,L,QSA] + + PassengerRoot /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini + PassengerRuby /home/registry/.rbenv/shims/ruby + PassengerEnabled on + PassengerMinInstances 10 + PassengerMaxPoolSize 10 + PassengerPoolIdleTime 0 + PassengerMaxRequests 1000 + + RailsEnv production # or staging + DocumentRoot /home/registry/registrant/current/public + + # Possible values include: debug, info, notice, warn, error, crit, + LogLevel info + ErrorLog /var/log/apache2/registrant.error.log + CustomLog /var/log/apache2/registrant.access.log combined + + SSLEngine On + SSLCertificateFile /etc/ssl/certs/your.crt + SSLCertificateKeyFile /etc/ssl/private/your.key + SSLCertificateChainFile /etc/ssl/certs/your-chain-fail.pem + SSLCACertificateFile /etc/ssl/certs/ca.pem + + SSLProtocol TLSv1 + SSLHonorCipherOrder On + SSLCipherSuite RC4-SHA:HIGH:!ADH + + + # for Apache older than version 2.4 + Allow from all + + # for Apache verison 2.4 or newer + # Require all granted + + Options -MultiViews + + + + Deny from all + + + + Allow from all + + + SSLVerifyClient none + SSLVerifyDepth 1 + SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.cert.pem + SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem + # Uncomment in Apache 2.4 + # SSLCARevocationCheck chain + + RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s" + + SSLVerifyClient require + RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s" + + +``` + For Apache, REPP goes to port 443 in production, /etc/apache2/sites-enabled/repp.conf short example: ``` diff --git a/app/assets/javascripts/registrant-manifest.coffee b/app/assets/javascripts/registrant-manifest.coffee new file mode 100644 index 000000000..50d127bc5 --- /dev/null +++ b/app/assets/javascripts/registrant-manifest.coffee @@ -0,0 +1,14 @@ +#= require jquery +#= require jquery_ujs +#= require jquery.validate +#= require jquery.validate.additional-methods +#= require turbolinks +#= require bootstrap-sprockets +#= require jquery.nested_attributes +#= require shared/jquery.validate.bootstrap +#= require jquery-ui/datepicker +#= require select2 + +#= require shared/general + +#= require registrar/application diff --git a/app/assets/stylesheets/registrant-manifest.sass b/app/assets/stylesheets/registrant-manifest.sass new file mode 100644 index 000000000..154645065 --- /dev/null +++ b/app/assets/stylesheets/registrant-manifest.sass @@ -0,0 +1,13 @@ +//= require 'shared/general-manifest' +//= require 'registrant/registrant-bootstrap' +//= require 'jquery-ui/datepicker' +//= require 'select2' +//= require 'select2-bootstrap' +@import shared/fonts +@import shared/general +@import nprogress +@import nprogress-bootstrap +@import typeaheadjs +@import selectize +@import selectize.bootstrap3 +@import registrant/registrant diff --git a/app/assets/stylesheets/registrant/registrant-bootstrap.sass b/app/assets/stylesheets/registrant/registrant-bootstrap.sass new file mode 100644 index 000000000..08f6eb984 --- /dev/null +++ b/app/assets/stylesheets/registrant/registrant-bootstrap.sass @@ -0,0 +1,19 @@ +$brand-primary: #7EA82F +$navbar-default-bg: #7EA82F +$navbar-default-brand-color: #fff +$navbar-default-link-color: #fff +$border-radius-base: 2px +$body-bg: #F8F8F8 +$container-large-desktop: 1040px +$font-family-sans-serif: 'EtelkaLightProRegular', Arial, Helvetica, sans-serif +$font-family-serif: 'EtelkaLightProBold', Georgia, "Times New Roman", Times, serif +$font-size-h1: 26px +$navbar-default-link-active-color: #333 + +@import 'bootstrap-sprockets' +@import 'bootstrap' +@import 'shared/general-bootstrap' + +// Support rails error element +.field_with_errors + @extend .has-error diff --git a/app/assets/stylesheets/registrant/registrant.sass b/app/assets/stylesheets/registrant/registrant.sass new file mode 100644 index 000000000..9f046237b --- /dev/null +++ b/app/assets/stylesheets/registrant/registrant.sass @@ -0,0 +1,34 @@ +html + position: relative + min-height: 100% + +body + padding-bottom: 130px + +body > .container + height: 100% + background: #fff + padding: 60px 30px 30px 30px + +h1, h2, h3, h4 + margin-bottom: 0px !important + +// Commented out, default 20px is needed on forms +// hr + // margin-top: 10px !important + // margin-bottom: 10px !important + +.navbar li + font-weight: bold + +.footer + position: absolute + bottom: 0 + width: 100% + height: 130px + background: image_url('bg.jpg') + color: white !important + background-size: 100% + +.semifooter + padding: 42px 0 80px 0 diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 73bb1dcf7..ae462b4ba 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,11 +12,14 @@ class ApplicationController < ActionController::Base end rescue_from CanCan::AccessDenied do |exception| - redirect_to admin_root_path, alert: exception.message if current_user.is_a?(AdminUser) - redirect_to registrar_root_path, alert: exception.message if current_user.is_a?(ApiUser) + redirect_to current_root_url, alert: exception.message + end + + helper_method :registrant_request?, :registrar_request?, :admin_request?, :current_root_url + def registrant_request? + request.path.match(/^\/registrant/) end - helper_method :registrar_request?, :admin_request? def registrar_request? request.path.match(/^\/registrar/) end @@ -25,21 +28,28 @@ class ApplicationController < ActionController::Base request.path.match(/^\/admin/) end - def after_sign_in_path_for(_resource) - rt = session[:user_return_to].to_s.presence - login_paths = [admin_login_path, registrar_login_path, '/login'] - return rt if rt && !login_paths.include?(rt) - + def current_root_url if registrar_request? registrar_root_url + elsif registrant_request? + registrar_root_url elsif admin_request? admin_root_url end end + def after_sign_in_path_for(_resource) + rt = session[:user_return_to].to_s.presence + login_paths = [admin_login_path, registrar_login_path, '/login'] + return rt if rt && !login_paths.include?(rt) + current_root_url + end + def after_sign_out_path_for(_resource) if registrar_request? registrar_login_url + elsif registrant_request? + registrant_login_url elsif admin_request? admin_login_url end diff --git a/app/controllers/registrant/depp_controller.rb b/app/controllers/registrant/depp_controller.rb new file mode 100644 index 000000000..17379b4e8 --- /dev/null +++ b/app/controllers/registrant/depp_controller.rb @@ -0,0 +1,32 @@ +class Registrant::DeppController < RegistrantController # EPP controller + helper_method :depp_current_user + + rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |_exception| + redirect_to registrant_login_url, alert: t(:no_connection_to_registry) + end + + before_action :authenticate_user + def authenticate_user + redirect_to registrant_login_url and return unless depp_current_user + end + + def depp_controller? + true + end + + def depp_current_user + return nil unless current_user + @depp_current_user ||= Depp::User.new( + tag: current_user.username, + password: current_user.password + ) + end + + def response_ok? + @data.css('result').each do |x| + success_codes = %(1000, 1001, 1300, 1301) + return false unless success_codes.include?(x['code']) + end + true + end +end diff --git a/app/controllers/registrant/domains_controller.rb b/app/controllers/registrant/domains_controller.rb new file mode 100644 index 000000000..65f3e86e6 --- /dev/null +++ b/app/controllers/registrant/domains_controller.rb @@ -0,0 +1,119 @@ +class Registrant::DomainsController < Registrant::DeppController # EPP controller + before_action :init_domain, except: :new + + def index + authorize! :view, Depp::Domain + limit, offset = pagination_details + + res = depp_current_user.repp_request('domains', { details: true, limit: limit, offset: offset }) + if res.code == '200' + @response = res.parsed_body.with_indifferent_access + @contacts = @response ? @response[:contacts] : [] + + @paginatable_array = Kaminari.paginate_array( + [], total_count: @response[:total_number_of_records] + ).page(params[:page]).per(limit) + end + flash.now[:epp_results] = [{ 'code' => res.code, 'msg' => res.message }] + end + + def info + authorize! :view, Depp::Domain + @data = @domain.info(params[:domain_name]) if params[:domain_name] + if response_ok? + render 'info' + else + flash[:alert] = t(:domain_not_found) + redirect_to registrant_domains_url and return + end + end + + def check + authorize! :view, Depp::Domain + if params[:domain_name] + @data = @domain.check(params[:domain_name]) + render 'check_index' and return unless response_ok? + else + render 'check_index' + end + end + + def new + authorize! :create, Depp::Domain + @domain_params = Depp::Domain.default_params + end + + def create + authorize! :create, Depp::Domain + @domain_params = params[:domain] + @data = @domain.create(@domain_params) + + if response_ok? + redirect_to info_registrant_domains_url(domain_name: @domain_params[:name]) + else + render 'new' + end + end + + def edit + authorize! :update, Depp::Domain + @data = @domain.info(params[:domain_name]) + @domain_params = Depp::Domain.construct_params_from_server_data(@data) + end + + def update + authorize! :update, Depp::Domain + @domain_params = params[:domain] + @data = @domain.update(@domain_params) + + if response_ok? + redirect_to info_registrant_domains_url(domain_name: @domain_params[:name]) + else + params[:domain_name] = @domain_params[:name] + render 'new' + end + end + + def delete + authorize! :delete, Depp::Domain + end + + def destroy + authorize! :delete, Depp::Domain + @data = @domain.delete(params[:domain]) + @results = @data.css('result') + if response_ok? + params[:domain_name] = nil + render 'info_index' + else + params[:domain_name] = params[:domain][:name] + render 'delete' + end + end + + def renew + authorize! :renew, Depp::Domain + if params[:domain_name] && params[:cur_exp_date] + @data = @domain.renew(params) + render 'renew_index' and return unless response_ok? + else + render 'renew_index' + end + end + + def transfer + authorize! :transfer, Depp::Domain + if params[:domain_name] + @data = @domain.transfer(params) + render 'transfer_index' and return unless response_ok? + else + render 'transfer_index' + end + end + + private + + def init_domain + @domain = Depp::Domain.new(current_user: depp_current_user) + end +end diff --git a/app/controllers/registrant/sessions_controller.rb b/app/controllers/registrant/sessions_controller.rb new file mode 100644 index 000000000..859028bb3 --- /dev/null +++ b/app/controllers/registrant/sessions_controller.rb @@ -0,0 +1,130 @@ +class Registrant::SessionsController < ::SessionsController + layout 'registrant/application' + helper_method :depp_controller? + def depp_controller? + false + end + + def login + @depp_user = Depp::User.new + end + + # rubocop:disable Metrics/PerceivedComplexity + # rubocop:disable Metrics/CyclomaticComplexity + def create + @depp_user = Depp::User.new(params[:depp_user].merge( + pki: !Rails.env.development? + ) + ) + + if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'].blank? + @depp_user.errors.add(:base, :webserver_missing_user_name_directive) + end + + if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] == '(null)' + @depp_user.errors.add(:base, :webserver_user_name_directive_should_be_required) + end + + if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] != params[:depp_user][:tag] + @depp_user.errors.add(:base, :invalid_cert) + end + + if @depp_user.errors.none? && @depp_user.valid? + @api_user = ApiUser.find_by(username: params[:depp_user][:tag]) + if @api_user.active? + sign_in @api_user + redirect_to registrant_root_url + else + @depp_user.errors.add(:base, :not_active) + render 'login' + end + else + render 'login' + end + end + # rubocop:enable Metrics/CyclomaticComplexity + # rubocop:enable Metrics/PerceivedComplexity + + def login_mid + @user = User.new + end + + def mid + phone = params[:user][:phone] + client = Digidoc::Client.new + + if Rails.env.test? && phone == "123" + @user = ApiUser.find_by(identity_code: "14212128025") + sign_in(@user, event: :authentication) + return redirect_to registrant_root_url + end + + # country_codes = {'+372' => 'EST'} + response = client.authenticate( + phone: "+372#{phone}", + message_to_display: 'Authenticating', + service_name: 'Testing' + ) + + if response.faultcode + render json: { message: response.detail.message }, status: :unauthorized + return + end + + @user = find_user_by_idc(response.user_id_code) + + if @user.persisted? + session[:user_id_code] = response.user_id_code + session[:mid_session_code] = client.session_code + render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok + else + render json: { message: t(:no_such_user) }, status: :unauthorized + end + end + + # rubocop: disable Metrics/PerceivedComplexity + # rubocop: disable Metrics/CyclomaticComplexity + # rubocop: disable Metrics/MethodLength + def mid_status + client = Digidoc::Client.new + client.session_code = session[:mid_session_code] + auth_status = client.authentication_status + + case auth_status.status + when 'OUTSTANDING_TRANSACTION' + render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok + when 'USER_AUTHENTICATED' + @user = find_user_by_idc(session[:user_id_code]) + sign_in @user + flash[:notice] = t(:welcome) + flash.keep(:notice) + render js: "window.location = '#{registrant_root_path}'" + when 'NOT_VALID' + render json: { message: t(:user_signature_is_invalid) }, status: :bad_request + when 'EXPIRED_TRANSACTION' + render json: { message: t(:session_timeout) }, status: :bad_request + when 'USER_CANCEL' + render json: { message: t(:user_cancelled) }, status: :bad_request + when 'MID_NOT_READY' + render json: { message: t(:mid_not_ready) }, status: :bad_request + when 'PHONE_ABSENT' + render json: { message: t(:phone_absent) }, status: :bad_request + when 'SENDING_ERROR' + render json: { message: t(:sending_error) }, status: :bad_request + when 'SIM_ERROR' + render json: { message: t(:sim_error) }, status: :bad_request + when 'INTERNAL_ERROR' + render json: { message: t(:internal_error) }, status: :bad_request + else + render json: { message: t(:internal_error) }, status: :bad_request + end + end + # rubocop: enable Metrics/PerceivedComplexity + # rubocop: enable Metrics/CyclomaticComplexity + # rubocop: enable Metrics/MethodLength + + def find_user_by_idc(idc) + return User.new unless idc + ApiUser.find_by(identity_code: idc) || User.new + end +end diff --git a/app/controllers/registrant_controller.rb b/app/controllers/registrant_controller.rb new file mode 100644 index 000000000..747634372 --- /dev/null +++ b/app/controllers/registrant_controller.rb @@ -0,0 +1,16 @@ +class RegistrantController < ApplicationController + before_action :authenticate_user! + layout 'registrant/application' + + include Registrant::ApplicationHelper + + helper_method :depp_controller? + def depp_controller? + false + end + + helper_method :head_title_sufix + def head_title_sufix + t(:registrant_head_title_sufix) + end +end diff --git a/app/helpers/registrant/application_helper.rb b/app/helpers/registrant/application_helper.rb new file mode 100644 index 000000000..c1b1de6fb --- /dev/null +++ b/app/helpers/registrant/application_helper.rb @@ -0,0 +1,13 @@ +module Registrant::ApplicationHelper + def env_style + return '' if unstable_env.nil? + "background-image: url(#{image_path("registrar/bg-#{unstable_env}.png")});" + end + + def pagination_details + params[:page] ||= 1 + limit = ENV['depp_records_on_page'] || 20 + offset = ((params[:page].to_i - 1) * limit.to_i) + [limit, offset] + end +end diff --git a/app/mailers/domain_mailer.rb b/app/mailers/domain_mailer.rb index 9335cc99b..395537d8f 100644 --- a/app/mailers/domain_mailer.rb +++ b/app/mailers/domain_mailer.rb @@ -3,8 +3,13 @@ class DomainMailer < ApplicationMailer return if Rails.env.production? ? false : !TEST_EMAILS.include?(domain.registrant_email) # turn on delivery on specific request only, thus rake tasks does not deliver anything return if domain.deliver_emails != true + if domain.registrant_verification_token.blank? + logger.warn "EMAIL DID NOT DELIVERED: registrant_verification_token is missing for #{@domain.name}" + return + end @old_registrant = Registrant.find(domain.registrant_id_was) + @verification_url = "#{ENV['registrant_url']}/etc/" @domain = domain mail(to: @old_registrant.email, diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index f9ee8c988..d6471309f 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -97,6 +97,7 @@ class Epp::Domain < Domain at[:registrant_id] = regt.id delivery_date = frame.css('registrant').attr('verified').to_s.downcase == 'yes' ? nil : Time.zone.now at[:registrant_verification_asked_at] = delivery_date + at[:registrant_verification_token] = SecureRandom.hex(42) else add_epp_error('2303', 'registrant', code, [:registrant, :not_found]) end diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb new file mode 100644 index 000000000..ca3f9a07a --- /dev/null +++ b/app/models/registrant_user.rb @@ -0,0 +1,46 @@ +require 'open3' + +# rubocop: disable Metrics/ClassLength +class ApiUser < User + include EppErrors + def epp_code_map # rubocop:disable Metrics/MethodLength + { + '2306' => [ # Parameter policy error + [:password, :blank] + ] + } + end + + # TODO: should have max request limit per day + belongs_to :registrar + has_many :certificates + + validates :username, :password, :registrar, presence: true + validates :username, uniqueness: true + + attr_accessor :registrar_typeahead + + def ability + @ability ||= Ability.new(self) + end + delegate :can?, :cannot?, to: :ability + + after_initialize :set_defaults + def set_defaults + return unless new_record? + self.active = true unless active_changed? + end + + def registrar_typeahead + @registrar_typeahead || registrar || nil + end + + def to_s + username + end + + def queued_messages + registrar.messages.queued + end +end +# rubocop: enable Metrics/ClassLength diff --git a/app/views/domain_mailer/registrant_updated.html.erb b/app/views/domain_mailer/registrant_updated.html.erb index b992d0fe5..72115fddb 100644 --- a/app/views/domain_mailer/registrant_updated.html.erb +++ b/app/views/domain_mailer/registrant_updated.html.erb @@ -16,7 +16,7 @@ Linn: <%= @domain.registrant_city %>
Riik: <%= @domain.registrant_country %>

Muudatuse kinnitamiseks külastage palun allolevat võrgulehekülge, kontrollige uuesti üle muudatuse andmed ning vajutage nuppu kinnitan:
-https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +<%= @verification_url %>

Lugupidamisega
Eesti Interneti SA @@ -41,7 +41,7 @@ City: <%= @domain.registrant_city %>
Country: <%= @domain.registrant_country %>

To confirm the update please visit this website, once again review the data and press approve:
-https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +<%= @verification_url %>

Best Regards,
Estonian Internet Foundation diff --git a/app/views/domain_mailer/registrant_updated.text.erb b/app/views/domain_mailer/registrant_updated.text.erb index c4d6d6507..9b1dfd535 100644 --- a/app/views/domain_mailer/registrant_updated.text.erb +++ b/app/views/domain_mailer/registrant_updated.text.erb @@ -16,7 +16,7 @@ Linn: <%= @domain.registrant_city %> Riik: <%= @domain.registrant_country %> Muudatuse kinnitamiseks külastage palun allolevat võrgulehekülge, kontrollige uuesti üle muudatuse andmed ning vajutage nuppu kinnitan: -https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +<%= @verification_url %> Lugupidamisega Eesti Interneti SA @@ -41,7 +41,7 @@ City: <%= @domain.registrant_city %> Country: <%= @domain.registrant_country %> To confirm the update please visit this website, once again review the data and press approve: -https://testrar.internet.ee/app/owpieruaofaksj298317498324rquhetoiqhepoijfqperyfq9384yuqpohewg +<%= @verification_url %> Best Regards, Estonian Internet Foundation diff --git a/app/views/layouts/registrant/application.haml b/app/views/layouts/registrant/application.haml new file mode 100644 index 000000000..beb6e4336 --- /dev/null +++ b/app/views/layouts/registrant/application.haml @@ -0,0 +1,56 @@ +!!! 5 +%html{lang: I18n.locale.to_s} + %head + %meta{charset: "utf-8"}/ + %meta{content: "IE=edge", "http-equiv" => "X-UA-Compatible"}/ + %meta{content: "width=device-width, initial-scale=1", name: "viewport"}/ + %meta{content: "Full stack top-level domain (TLD) management.", name: "description"}/ + %meta{content: "Gitlab LTD", name: "author"}/ + - if content_for? :head_title + = yield :head_title + - else + %title= t(:registrant_head_title) + = csrf_meta_tags + = stylesheet_link_tag 'registrant-manifest', media: 'all', 'data-turbolinks-track' => true + = javascript_include_tag 'registrant-manifest', 'data-turbolinks-track' => true + = favicon_link_tag 'favicon.ico' + %body + / Fixed navbar + %nav.navbar.navbar-default.navbar-fixed-top + .container + .navbar-header + %button.navbar-toggle.collapsed{"aria-controls" => "navbar", "aria-expanded" => "false", "data-target" => "#navbar", "data-toggle" => "collapse", :type => "button"} + %span.sr-only Toggle navigation + %span.icon-bar + %span.icon-bar + %span.icon-bar + = link_to registrant_root_path, class: 'navbar-brand' do + = t(:registrant_head_title) + - if unstable_env.present? + .text-center + %small{style: 'color: #0074B3;'}= unstable_env + - if current_user + .navbar-collapse.collapse + %ul.nav.navbar-nav.public-nav + - if can? :view, Depp::Domain + - active_class = %w(registrant/domains registrant/check registrant/renew registrant/tranfer registrant/keyrelays).include?(params[:controller]) ? 'active' :nil + %li{class: active_class}= link_to t(:domains), registrant_domains_path + + %ul.nav.navbar-nav.navbar-right + - if user_signed_in? + %li= link_to t(:log_out, user: current_user), '/registrant/logout' + + .container + = render 'shared/flash' + - if depp_controller? + = render 'registrar/shared/epp_results' + = yield + + %footer.footer + .container + %row + .col-md-6 + = image_tag 'eis-logo-et.png' + .col-md-6.text-right + Version + = CURRENT_COMMIT_HASH diff --git a/app/views/registrant/domains/index.haml b/app/views/registrant/domains/index.haml new file mode 100644 index 000000000..ef09b9802 --- /dev/null +++ b/app/views/registrant/domains/index.haml @@ -0,0 +1,46 @@ +- content_for :actions do + -# = link_to(t(:new), new_registrant_domain_path, class: 'btn btn-primary') += render 'shared/title', name: t(:domains) + +.row + .col-md-12{style: 'margin-bottom: -15px;'} + = form_tag info_registrant_domains_path, class: 'form-horizontal', method: :get do + .col-md-11 + .form-group + = text_field_tag :domain_name, params[:domain_name], class: 'form-control', placeholder: t(:domain_name), autocomplete: 'off', autofocus: true + .col-md-1.text-right.text-center-xs + .form-group + %button.btn.btn-default +   + %span.glyphicon.glyphicon-search +   + +%hr + +- if @response + .table-responsive + %table.table.table-hover.table-condensed + %thead + %tr + %th{class: 'col-xs-3'}= t(:name) + %th{class: 'col-xs-6'}= t(:valid) + %th{class: 'col-xs-3'}= t(:actions) + %tbody + - @response['domains'].each do |x| + %tr + %td= link_to(x['name'], info_registrant_domains_path(domain_name: x['name'])) + %td + = Time.zone.parse(x['valid_from']).try(:to_date) + \- + = Time.zone.parse(x['valid_to']).try(:to_date) + %td + = link_to(t(:view), info_registrant_domains_path(domain_name: x['name']), + class: 'btn btn-primary btn-xs') + -# = link_to(t(:edit), edit_registrant_domains_path(domain_name: x['name']), + -# class: 'btn btn-primary btn-xs') + -# = link_to(t(:renew), renew_registrant_domains_path(domain_name: x['name']), + -# class: 'btn btn-default btn-xs') + -# = link_to(t(:delete), delete_registrant_domains_path(domain_name: x['name']), + -# class: 'btn btn-default btn-xs') + + = paginate @paginatable_array diff --git a/app/views/registrant/domains/info.haml b/app/views/registrant/domains/info.haml new file mode 100644 index 000000000..30a4060d0 --- /dev/null +++ b/app/views/registrant/domains/info.haml @@ -0,0 +1,26 @@ +- content_for :actions do + -# = link_to(t(:edit), edit_registrar_domains_path(domain_name: params[:domain_name]), + -# class: 'btn btn-default') + -# = link_to(t(:renew), renew_registrar_domains_path(domain_name: params[:domain_name]), + -# class: 'btn btn-default') + -# = link_to(t(:delete), delete_registrar_domains_path(domain_name: params[:domain_name]), + -# class: 'btn btn-default') += render 'shared/title', name: truncate(@data.css('name').text) + +.row + .col-sm-12 + - if @data.css('result').first['code'] == '1000' + .row + .col-md-12= render 'registrar/domains/partials/general' + .row + .col-md-12= render 'registrar/domains/partials/contacts' + .row + .col-md-12= render 'registrar/domains/partials/statuses' + .row + .col-md-12= render 'registrar/domains/partials/nameservers' + .row + .col-md-12= render 'registrar/domains/partials/dnskeys' + - else + .row + .col-sm-6 + %h1= t(:not_found) diff --git a/app/views/registrant/sessions/login.haml b/app/views/registrant/sessions/login.haml new file mode 100644 index 000000000..74dca112a --- /dev/null +++ b/app/views/registrant/sessions/login.haml @@ -0,0 +1,21 @@ +.row + .form-signin.col-md-6.center-block.text-center + %h2.form-signin-heading.text-center= t(:log_in) + %hr + = form_for @depp_user, url: registrant_sessions_path, html: {class: 'form-signin'} do |f| + = render 'registrar/shared/errors', object: f.object + + - error_class = f.object.errors.any? ? 'has-error' : '' + %div{class: error_class} + = f.text_field :tag, class: 'form-control', placeholder: t(:username), required: true + = f.password_field :password, class: 'form-control', placeholder: t(:password), required: true + + %button.btn.btn-lg.btn-primary.btn-block{:type => 'submit'}= t(:log_in) + + %hr + = link_to '/regisrant/login/mid' do + = image_tag 'mid.gif' + -# = link_to '/registrant/login/id' do + -# = image_tag 'id_card.gif' + + diff --git a/app/views/registrant/sessions/login_mid.haml b/app/views/registrant/sessions/login_mid.haml new file mode 100644 index 000000000..ad088dafd --- /dev/null +++ b/app/views/registrant/sessions/login_mid.haml @@ -0,0 +1,40 @@ +.row + .form-signin.col-md-4.center-block.text-center + %h2.form-signin-heading.text-center= t(:log_in_with_mid) + %hr + = form_for @user, url: registrant_mid_path, auto_html5_validation: false, + html: {class: 'form-signin'} do |f| + = f.text_field :phone, class: 'form-control', + placeholder: t(:phone_no), autocomplete: 'off', required: true + %button.btn.btn-lg.btn-primary.btn-block.js-login{:type => 'submit'}= t(:log_in) + + - if ['development', 'alpha'].include?(Rails.env) + %div.text-center + 00007, 60000007, 00000766 + + :coffee + $('.js-login').attr('disabled', false) + + status_interval = null + mid_status = () -> + status_interval = setInterval((-> + $.post('/registrant/login/mid_status').fail((data) -> + clearInterval(status_interval) + flash_alert(data.responseJSON.message) + $('.js-login').attr('disabled', false) + ) + ), 1000) + + $('.js-login').on 'click', (e) -> + e.preventDefault(); + $(this).attr('disabled', true) + + $.post($('form').attr('action'), $('form').serialize()).done((data) -> + if data.message + flash_notice(data.message) + mid_status() + ).fail((data) -> + flash_alert(data.responseJSON.message) + $('.js-login').attr('disabled', false) + ) + diff --git a/config/application-example.yml b/config/application-example.yml index 38acf4f23..2c64fd4de 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -5,28 +5,27 @@ zonefile_export_dir: 'export/zonefiles' bank_statement_import_dir: 'import/bank_statements' legal_documents_dir: 'import/legal_documents' -# Contact epp will not accept org value by default -# and returns 2306 "Parameter value policy error" -contact_org_enabled: 'false' - # You can use `rake secret` to generate a secure secret key. # Your secret key is used for verifying the integrity of signed cookies. # If you change this key, all old signed cookies will become invalid! secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret' devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret' -# Used by admin server, you can leave those empty for when running EPP server: +# Admin server configuration: openssl_config_path: '/etc/ssl/openssl.cnf' crl_path: '/home/registry/registry/shared/ca/crl/crl.pem' ca_cert_path: '/home/registry/registry/shared/ca/certs/ca.crt.pem' ca_key_path: '/home/registry/registry/shared/ca/private/ca.key.pem' ca_key_password: 'your-root-key-password' -# Used only by EPP server, you can leave it empty when running admin server: +# EPP server configuration webclient_ip: '127.0.0.1' webclient_cert_common_name: 'webclient' +# Contact epp will not accept org value by default +# and returns 2306 "Parameter value policy error" +contact_org_enabled: 'false' -# DEPP configuration +# DEPP server configuration (both for Registrar/Registrant servers) show_ds_data_fields: 'false' default_nameservers_count: '2' default_admin_contacts_count: '1' @@ -36,7 +35,7 @@ key_path: '/home/registry/registry/shared/ca/private/webclient.key.pem' epp_hostname: 'registry.gitlab.eu' repp_url: 'https://repp.gitlab.eu/repp/v1/' -# SMTP configuration +# SMTP configuration (for Admin/EPP/Registrar/Registrant servers) smtp_address: 'server-hostname' smtp_port: '25' # 587, 465 smtp_user_name: 'login' @@ -50,8 +49,9 @@ smtp_openssl_verify_mode: 'peer' # 'none', 'peer', 'client_once','fail_if_no_pee smtp_enable_starttls_auto: 'true' # 'false' # If your mail server requires authentication, please change. smtp_authentication: 'plain' # 'plain', 'login', 'cram_md5' +registrant_url: 'https:/registrant.example.com' # for valid email body registrant links -# autotest config overwrites +# Autotest config overwrites test: webclient_ip: '127.0.0.1' # it should match to localhost ip address crl_path: '/var/lib/jenkins/workspace/registry/ca/crl/crl.pem' diff --git a/config/application.rb b/config/application.rb index dae53708d..1fdc700f0 100644 --- a/config/application.rb +++ b/config/application.rb @@ -41,6 +41,7 @@ module Registry config.assets.precompile += %w(*.svg *.eot *.woff *.ttf) config.assets.precompile += %w(admin-manifest.css admin-manifest.js) config.assets.precompile += %w(registrar-manifest.css registrar-manifest.js) + config.assets.precompile += %w(registrant-manifest.css registrant-manifest.js) # Active Record used to suppresses errors raised within # `after_rollback`/`after_commit` callbacks and only printed them to the logs. diff --git a/config/locales/en.yml b/config/locales/en.yml index 789e71fa3..8b9963538 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -725,6 +725,8 @@ en: admin_head_title_sufix: ' - Estonian Internet Foundation' registrar_head_title: 'EIS Registrar' admin_head_title: 'Estonian Internet Foundation' + registrant_head_title: 'EIS Registrant' + registrant_head_title_sufix: ' - EIS Registrant' bind_manually: 'Bind manually' forward_invoice: 'Forward invoice' forward: 'Forward' diff --git a/config/routes.rb b/config/routes.rb index 9ac5cb152..2c784e514 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -17,6 +17,7 @@ Rails.application.routes.draw do mount Repp::API => '/' + # ADMIN ROUTES namespace :registrar do root 'polls#show' @@ -87,7 +88,63 @@ Rails.application.routes.draw do end end - # ## ADMIN ROUTES + # REGISTRANT ROUTES + namespace :registrant do + root 'domains#index' + + # resources :invoices do + # member do + # get 'download_pdf' + # match 'forward', via: [:post, :get] + # patch 'cancel' + # end + # end + + # resources :deposits + # resources :account_activities + + devise_scope :user do + get 'login' => 'sessions#login' + get 'login/mid' => 'sessions#login_mid' + post 'login/mid' => 'sessions#mid' + post 'login/mid_status' => 'sessions#mid_status' + + post 'sessions' => 'sessions#create' + post 'mid' => 'sessions#mid' + get 'logout' => '/devise/sessions#destroy' + end + + resources :domains do + resources :registrant_verifications + collection do + post 'update', as: 'update' + post 'destroy', as: 'destroy' + get 'renew' + get 'edit' + get 'info' + get 'delete' + end + end + + # resources :contacts do + # member do + # get 'delete' + # end + + # collection do + # get 'check' + # end + # end + + # resource :poll do + # collection do + # post 'confirm_keyrelay' + # post 'confirm_transfer' + # end + # end + end + + # ADMIN ROUTES namespace :admin do resources :keyrelays diff --git a/db/migrate/20150513080013_add_registrant_verification_token.rb b/db/migrate/20150513080013_add_registrant_verification_token.rb new file mode 100644 index 000000000..87d73dcdd --- /dev/null +++ b/db/migrate/20150513080013_add_registrant_verification_token.rb @@ -0,0 +1,6 @@ +class AddRegistrantVerificationToken < ActiveRecord::Migration + def change + add_column :domains, :registrant_verification_token, :string + add_index :domains, :registrant_verification_token + end +end diff --git a/db/schema.rb b/db/schema.rb index b2e3316fe..d158abd78 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150512160938) do +ActiveRecord::Schema.define(version: 20150513080013) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -301,12 +301,14 @@ ActiveRecord::Schema.define(version: 20150512160938) do t.datetime "outzone_at" t.datetime "delete_at" t.datetime "registrant_verification_asked_at" + t.string "registrant_verification_token" end add_index "domains", ["delete_at"], name: "index_domains_on_delete_at", using: :btree add_index "domains", ["outzone_at"], name: "index_domains_on_outzone_at", using: :btree add_index "domains", ["registrant_id"], name: "index_domains_on_registrant_id", using: :btree add_index "domains", ["registrant_verification_asked_at"], name: "index_domains_on_registrant_verification_asked_at", using: :btree + add_index "domains", ["registrant_verification_token"], name: "index_domains_on_registrant_verification_token", using: :btree add_index "domains", ["registrar_id"], name: "index_domains_on_registrar_id", using: :btree create_table "epp_sessions", force: :cascade do |t| From 4a0544e808bbceae81448e1e6fa43486a5ada7d5 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:24:36 +0300 Subject: [PATCH 09/16] Update route comment --- config/routes.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/routes.rb b/config/routes.rb index 2c784e514..032368f00 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -17,7 +17,7 @@ Rails.application.routes.draw do mount Repp::API => '/' - # ADMIN ROUTES + # REGISTRAR ROUTES namespace :registrar do root 'polls#show' From 0d7d21e0c3fe25c4488d444950eb72dfae84aec1 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:25:47 +0300 Subject: [PATCH 10/16] fixed current_root_url --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ae462b4ba..5aa6c40f1 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -32,7 +32,7 @@ class ApplicationController < ActionController::Base if registrar_request? registrar_root_url elsif registrant_request? - registrar_root_url + registrant_root_url elsif admin_request? admin_root_url end From a5fe870cc021ffe118f4bf3081a7b3ef45cd69bc Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:28:40 +0300 Subject: [PATCH 11/16] Redirect device failure request to registrant --- lib/devise_custom_failure.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/devise_custom_failure.rb b/lib/devise_custom_failure.rb index 3af67b01d..870da5f7b 100644 --- a/lib/devise_custom_failure.rb +++ b/lib/devise_custom_failure.rb @@ -1,7 +1,8 @@ class DeviseCustomFailure < Devise::FailureApp def redirect_url - return registrar_login_url if request.original_fullpath.to_s.match(/^\/registrar/) - return admin_login_url if request.original_fullpath.to_s.match(/^\/admin/) + return registrant_login_url if request.original_fullpath.to_s.match(/^\/regisrant/) + return registrar_login_url if request.original_fullpath.to_s.match(/^\/registrar/) + return admin_login_url if request.original_fullpath.to_s.match(/^\/admin/) root_url end From ec62f9ccb44900be59e521a700ebfdd005eb68c0 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:33:53 +0300 Subject: [PATCH 12/16] Fixed devise typo --- app/views/registrant/sessions/login.haml | 4 ++-- lib/devise_custom_failure.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/registrant/sessions/login.haml b/app/views/registrant/sessions/login.haml index 74dca112a..404781d56 100644 --- a/app/views/registrant/sessions/login.haml +++ b/app/views/registrant/sessions/login.haml @@ -13,8 +13,8 @@ %button.btn.btn-lg.btn-primary.btn-block{:type => 'submit'}= t(:log_in) %hr - = link_to '/regisrant/login/mid' do - = image_tag 'mid.gif' + -# = link_to '/regisrant/login/mid' do + -# = image_tag 'mid.gif' -# = link_to '/registrant/login/id' do -# = image_tag 'id_card.gif' diff --git a/lib/devise_custom_failure.rb b/lib/devise_custom_failure.rb index 870da5f7b..ae7f6ba74 100644 --- a/lib/devise_custom_failure.rb +++ b/lib/devise_custom_failure.rb @@ -1,6 +1,6 @@ class DeviseCustomFailure < Devise::FailureApp def redirect_url - return registrant_login_url if request.original_fullpath.to_s.match(/^\/regisrant/) + return registrant_login_url if request.original_fullpath.to_s.match(/^\/registrant/) return registrar_login_url if request.original_fullpath.to_s.match(/^\/registrar/) return admin_login_url if request.original_fullpath.to_s.match(/^\/admin/) root_url From 14675f5bb7c5c336246058203a8dcd0ec8056f4c Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Wed, 13 May 2015 13:38:55 +0300 Subject: [PATCH 13/16] Added registrant deploy --- CHANGELOG.md | 3 ++- config/deploy.rb | 27 +++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 343a1601e..31d09adbc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,9 @@ 13.05.2015 -* Added new environment for EPP server: 'registrant_url' * Added Registrant portal and apache config example +* Added mina deploy script for registrant +* Added new environment for EPP server: 'registrant_url' 12.05.2015 diff --git a/config/deploy.rb b/config/deploy.rb index 74e13e372..13ccc50fe 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -35,6 +35,15 @@ task :registrar do set :rails_env, 'alpha' end +# alpha branch, only use for heavy debugging +task :registrant do + set :domain, 'registry-st' + set :deploy_to, '$HOME/registrant' + set :repository, 'https://github.com/domify/registry' # dev repo + set :branch, 'master' + set :rails_env, 'alpha' +end + # staging task :st do set :domain, 'registry-st' @@ -62,6 +71,15 @@ task :registrarst do set :rails_env, 'staging' end +# staging +task :registrantst do + set :domain, 'registrant-st' + set :deploy_to, '$HOME/registrant' + set :repository, 'https://github.com/internetee/registry' # production repo + set :branch, 'master' + set :rails_env, 'staging' +end + # production task :pr do set :domain, 'registry' @@ -89,6 +107,15 @@ task :registrarpr do set :rails_env, 'production' end +# production +task :registrantpr do + set :domain, 'registrant' + set :deploy_to, '$HOME/registrant' + set :repository, 'https://github.com/internetee/registry' # production repo + set :branch, 'master' + set :rails_env, 'production' +end + # Manually create these paths in shared/ (eg: shared/config/database.yml) in your server. # They will be linked in the 'deploy:link_shared_paths' step. set :shared_paths, [ From ab6f59c09e47d59e0d5105f5eeebe9ca2ef0998f Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 11:02:26 +0300 Subject: [PATCH 14/16] TEMP --- .../registrant/whois_controller.rb | 11 ++++++++++ app/models/ability.rb | 5 +++++ app/views/layouts/registrant/application.haml | 3 +++ app/views/registrant/whois/index.haml | 21 +++++++++++++++++++ config/application-example.yml | 3 +++ config/locales/en.yml | 1 + config/newrelic.yml | 4 ++-- config/routes.rb | 2 ++ 8 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 app/controllers/registrant/whois_controller.rb create mode 100644 app/views/registrant/whois/index.haml diff --git a/app/controllers/registrant/whois_controller.rb b/app/controllers/registrant/whois_controller.rb new file mode 100644 index 000000000..2ffd1bb19 --- /dev/null +++ b/app/controllers/registrant/whois_controller.rb @@ -0,0 +1,11 @@ +class Registrant::WhoisController < RegistrantController + def index + authorize! :view, Registrant::Whois + if params[:domain_name].present? + whois_url = "#{ENV['restful_whois_url']}/v1/#{params[:domain_name]}" + binding.pry + page = Nokogiri::HTML(open(whois_url)) + @results = 'ee' + end + end +end diff --git a/app/models/ability.rb b/app/models/ability.rb index 38d50e9df..38ddd5893 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -13,6 +13,7 @@ class Ability when 'ApiUser' epp registrar + registrant # refactor end can :show, :dashboard @@ -63,6 +64,10 @@ class Ability can :manage, :deposit end + def registrant + can :manage, Registrant::Whois + end + def user can :show, :dashboard end diff --git a/app/views/layouts/registrant/application.haml b/app/views/layouts/registrant/application.haml index beb6e4336..0269f3714 100644 --- a/app/views/layouts/registrant/application.haml +++ b/app/views/layouts/registrant/application.haml @@ -36,6 +36,9 @@ - active_class = %w(registrant/domains registrant/check registrant/renew registrant/tranfer registrant/keyrelays).include?(params[:controller]) ? 'active' :nil %li{class: active_class}= link_to t(:domains), registrant_domains_path + - active_class = %w(registrant/whois).include?(params[:controller]) ? 'active' :nil + %li{class: active_class}= link_to t(:whois), registrant_whois_path + %ul.nav.navbar-nav.navbar-right - if user_signed_in? %li= link_to t(:log_out, user: current_user), '/registrant/logout' diff --git a/app/views/registrant/whois/index.haml b/app/views/registrant/whois/index.haml new file mode 100644 index 000000000..3e390eaf3 --- /dev/null +++ b/app/views/registrant/whois/index.haml @@ -0,0 +1,21 @@ += render 'shared/title', name: t(:whois) + +- if ENV['restful_whois_url'].blank? + %p + Registrant configuration issue: missing restful_whois_url +- else + .row + .col-md-12{style: 'margin-bottom: -15px;'} + = form_tag registrant_whois_path, class: 'form-horizontal', method: :get do + .col-md-11 + .form-group + = text_field_tag :domain_name, params[:domain_name], class: 'form-control', placeholder: t(:domain_name), autocomplete: 'off', autofocus: true + .col-md-1.text-right.text-center-xs + .form-group + %button.btn.btn-default +   + %span.glyphicon.glyphicon-search +   + %hr + - if @results + = @results diff --git a/config/application-example.yml b/config/application-example.yml index 2c64fd4de..22760ee47 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -35,6 +35,9 @@ key_path: '/home/registry/registry/shared/ca/private/webclient.key.pem' epp_hostname: 'registry.gitlab.eu' repp_url: 'https://repp.gitlab.eu/repp/v1/' +# Registrant server configuration +restful_whois_url: 'https://restful-whois.example.com' + # SMTP configuration (for Admin/EPP/Registrar/Registrant servers) smtp_address: 'server-hostname' smtp_port: '25' # 587, 465 diff --git a/config/locales/en.yml b/config/locales/en.yml index 8b9963538..1da48fa9f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -766,3 +766,4 @@ en: contact_email_update_subject: 'Teie domeenide kontakt epostiaadress on muutunud / Contact e-mail addresses of your domains have changed' object_status_prohibits_operation: 'Object status prohibits operation' domain_registrant_update_subject: "Kinnitustaotlus domeeni %{name} registreerija vahetuseks / Application for approval for registrant chache of %{name}" + whois: WHOIS diff --git a/config/newrelic.yml b/config/newrelic.yml index b99409dc9..6dc617a9d 100644 --- a/config/newrelic.yml +++ b/config/newrelic.yml @@ -191,7 +191,7 @@ common: &default_settings development: <<: *default_settings # Turn on communication to New Relic service in development mode - monitor_mode: true + monitor_mode: false app_name: Registry (Development) # Rails Only - when running in Developer Mode, the New Relic Agent will @@ -199,7 +199,7 @@ development: # executed since starting the mongrel. # NOTE: There is substantial overhead when running in developer mode. # Do not use for production or load testing. - developer_mode: true + developer_mode: false test: <<: *default_settings diff --git a/config/routes.rb b/config/routes.rb index 032368f00..280643b1d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -126,6 +126,8 @@ Rails.application.routes.draw do end end + resources :whois + # resources :contacts do # member do # get 'delete' From 99eeeae89f20b81d523b07bf607123886319190a Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 15:32:27 +0300 Subject: [PATCH 15/16] Updated domain registrant updater mailer spec --- app/mailers/domain_mailer.rb | 10 +++++----- app/models/domain.rb | 1 + spec/mailers/domain_mailer_spec.rb | 1 + 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/app/mailers/domain_mailer.rb b/app/mailers/domain_mailer.rb index 395537d8f..41a48ade7 100644 --- a/app/mailers/domain_mailer.rb +++ b/app/mailers/domain_mailer.rb @@ -1,17 +1,17 @@ class DomainMailer < ApplicationMailer def registrant_updated(domain) - return if Rails.env.production? ? false : !TEST_EMAILS.include?(domain.registrant_email) + @domain = domain + return if Rails.env.production? ? false : !TEST_EMAILS.include?(@domain.registrant_email) # turn on delivery on specific request only, thus rake tasks does not deliver anything - return if domain.deliver_emails != true - if domain.registrant_verification_token.blank? + return if @domain.deliver_emails != true + if @domain.registrant_verification_token.blank? logger.warn "EMAIL DID NOT DELIVERED: registrant_verification_token is missing for #{@domain.name}" return end - @old_registrant = Registrant.find(domain.registrant_id_was) + @old_registrant = Registrant.find(@domain.registrant_id_was) @verification_url = "#{ENV['registrant_url']}/etc/" - @domain = domain mail(to: @old_registrant.email, subject: "#{I18n.t(:domain_registrant_update_subject, name: @domain.name)} [#{@domain.name}]") end diff --git a/app/models/domain.rb b/app/models/domain.rb index f1af1213f..181ec9cee 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -63,6 +63,7 @@ class Domain < ActiveRecord::Base domain_statuses.build(value: DomainStatus::PENDING_UPDATE) DomainMailer.registrant_updated(self).deliver_now end + true end before_save :touch_always_version diff --git a/spec/mailers/domain_mailer_spec.rb b/spec/mailers/domain_mailer_spec.rb index ac83b0732..062314f85 100644 --- a/spec/mailers/domain_mailer_spec.rb +++ b/spec/mailers/domain_mailer_spec.rb @@ -31,6 +31,7 @@ describe DomainMailer do @new_registrant = Fabricate(:registrant, email: 'test@example.org') @domain = Fabricate(:domain, registrant: @registrant) @domain.deliver_emails = true + @domain.registrant_verification_token = '123' @domain.registrant = @new_registrant @mail = DomainMailer.registrant_updated(@domain) end From 0ddd2b6f32fa7e9abec8b2e7c88173585a78f3dd Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Thu, 14 May 2015 16:29:51 +0300 Subject: [PATCH 16/16] Update registrant --- app/controllers/registrant/whois_controller.rb | 6 ------ config/application.rb | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/app/controllers/registrant/whois_controller.rb b/app/controllers/registrant/whois_controller.rb index 2ffd1bb19..3e437fe5d 100644 --- a/app/controllers/registrant/whois_controller.rb +++ b/app/controllers/registrant/whois_controller.rb @@ -1,11 +1,5 @@ class Registrant::WhoisController < RegistrantController def index authorize! :view, Registrant::Whois - if params[:domain_name].present? - whois_url = "#{ENV['restful_whois_url']}/v1/#{params[:domain_name]}" - binding.pry - page = Nokogiri::HTML(open(whois_url)) - @results = 'ee' - end end end diff --git a/config/application.rb b/config/application.rb index 1fdc700f0..4685fc1b7 100644 --- a/config/application.rb +++ b/config/application.rb @@ -67,7 +67,7 @@ module Registry password: ENV['smtp_password'], authentication: ENV['smtp_authentication'], domain: ENV['smtp_domain'], - openssl_verify_mode: ENV['smtp_openssl_verify_mode'], + openssl_verify_mode: ENV['smtp_openssl_verify_mode'] } end end