Merge remote-tracking branch 'origin/master' into repp-domains

2025-07-25 12:08:27 +02:00 · 2021-02-11 10:29:01 +02:00 · 2021-02-11 10:29:01 +02:00 · 42adaa7159
commit 42adaa7159
parent fdef27c45e 7063aa1210
41 changed files with 803 additions and 143 deletions
--- a/test/fixtures/contact_requests.yml
+++ b/test/fixtures/contact_requests.yml
@ -0,0 +1,8 @@
+new:
+  whois_record_id: 1
+  email: aaa@bbb.com
+  name: Testname
+  status: new
+  secret: somesecret
+  valid_to: 2010-07-05
+
--- a/test/integration/api/domain_admin_contacts_test.rb
+++ b/test/integration/api/domain_admin_contacts_test.rb
@ -0,0 +1,153 @@
+require 'test_helper'
+
+class APIDomainAdminContactsTest < ApplicationIntegrationTest
+  setup do
+    @admin_current = domains(:shop).admin_contacts.find_by(code: 'jane-001')
+    domain = domains(:airport)
+    domain.admin_contacts << @admin_current
+    @admin_new = contacts(:william)
+
+    @admin_new.update(ident: @admin_current.ident,
+                      ident_type: @admin_current.ident_type,
+                      ident_country_code: @admin_current.ident_country_code)
+  end
+
+  def test_replace_all_admin_contacts_when_ident_data_doesnt_match
+    @admin_new.update(ident: '777' ,
+                      ident_type: 'priv',
+                      ident_country_code: 'LV')
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :bad_request
+    assert_equal ({ code: 2304, message: 'Admin contacts must be identical', data: {} }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_replace_all_admin_contacts_of_the_current_registrar
+    assert @admin_new.identical_to?(@admin_current)
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_nil domains(:shop).admin_contacts.find_by(code: @admin_current.code)
+    assert domains(:shop).admin_contacts.find_by(code: @admin_new.code)
+    assert domains(:airport).admin_contacts.find_by(code: @admin_new.code)
+  end
+
+  def test_skip_discarded_domains
+    domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).admin_contacts.find_by(code: @admin_current.code)
+  end
+
+  def test_return_affected_domains_in_alphabetical_order
+    domain = domains(:airport)
+    domain.admin_contacts = [@admin_current]
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000, message: 'Command completed successfully', data: { affected_domains: %w[airport.test shop.test],
+                    skipped_domains: [] }}),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_return_skipped_domains_in_alphabetical_order
+    domains(:shop).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+    domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal %w[airport.test shop.test], JSON.parse(response.body,
+                                                        symbolize_names: true)[:data][:skipped_domains]
+  end
+
+  def test_keep_other_admin_contacts_intact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).admin_contacts.find_by(code: 'john-001')
+  end
+
+  def test_keep_tech_contacts_intact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).tech_contacts.find_by(code: 'william-001')
+  end
+
+  def test_restrict_contacts_to_the_current_registrar
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'william-002' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_non_existent_current_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: 'non-existent',
+                                                 new_contact_id: @admin_new.code},
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_non_existent_new_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'non-existent' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :not_found
+    assert_equal ({code: 2303, message: 'Object does not exist'}),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_disallow_invalid_new_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'invalid' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :bad_request
+    assert_equal ({ code: 2304, message: 'New contact must be valid', data: {} }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_admin_bulk_changed_when_domain_update_prohibited
+    domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED])
+    domains(:airport).admin_contacts = [@admin_current]
+
+    shop_admin_contact = Contact.find_by(code: 'jane-001')
+    assert domains(:shop).admin_contacts.include?(shop_admin_contact)
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+                                                 headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { affected_domains: ["airport.test"],
+                    skipped_domains: ["shop.test"] }}),
+            JSON.parse(response.body, symbolize_names: true)
+  end
+
+  private
+
+  def http_auth_key
+    ActionController::HttpAuthentication::Basic.encode_credentials('test_bestnames', 'testtest')
+  end
+end
--- a/test/integration/api/domain_contacts_test.rb
+++ b/test/integration/api/domain_contacts_test.rb
@ -107,6 +107,24 @@ class APIDomainContactsTest < ApplicationIntegrationTest
                 JSON.parse(response.body, symbolize_names: true)
  end

+  def test_tech_bulk_changed_when_domain_update_prohibited
+    domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED])
+
+    shop_tech_contact = Contact.find_by(code: 'william-001')
+    assert domains(:shop).tech_contacts.include?(shop_tech_contact)
+
+    patch '/repp/v1/domains/contacts', params: { current_contact_id: 'william-001',
+                                                 new_contact_id: 'john-001' },
+                                                 headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { affected_domains: ["airport.test"],
+                    skipped_domains: ["shop.test"] }}),
+            JSON.parse(response.body, symbolize_names: true)
+  end
+
  private

  def http_auth_key
--- a/test/integration/api/v1/bounces/create_test.rb
+++ b/test/integration/api/v1/bounces/create_test.rb
@ -2,7 +2,7 @@ require 'test_helper'

 class BouncesApiV1CreateTest < ActionDispatch::IntegrationTest
  def setup
-    @api_key = "Basic #{ENV['api_shared_key']}"
+    @api_key = "Basic #{ENV['rwhois_bounces_api_shared_key']}"
    @headers = { "Authorization": "#{@api_key}" }
    @json_body = { "data": valid_bounce_request }.as_json
  end
--- a/test/integration/api/v1/contact_requests_test.rb
+++ b/test/integration/api/v1/contact_requests_test.rb
@ -0,0 +1,68 @@
+require 'test_helper'
+
+class ApiV1ContactRequestTest < ActionDispatch::IntegrationTest
+  def setup
+    @api_key = "Basic #{ENV['rwhois_internal_api_shared_key']}"
+    @headers = { "Authorization": "#{@api_key}" }
+    @json_create = { "contact_request": valid_contact_request_create }.as_json
+    @json_update = { "contact_request": valid_contact_request_update }.as_json
+    @contact_request = contact_requests(:new)
+  end
+
+  def test_authorizes_api_request
+    post api_v1_contact_requests_path, params: @json_create, headers: @headers
+    assert_response :created
+
+    invalid_headers = { "Authorization": "Basic invalid_api_key" }
+    post api_v1_contact_requests_path, params: @json_create, headers: invalid_headers
+    assert_response :unauthorized
+  end
+
+  def test_saves_new_contact_request
+    request_body = @json_create.dup
+    random_mail = "#{rand(10000..99999)}@registry.test"
+    request_body['contact_request']['email'] = random_mail
+
+    post api_v1_contact_requests_path, params: request_body, headers: @headers
+    assert_response :created
+
+    contact_request = ContactRequest.last
+    assert_equal contact_request.email, random_mail
+    assert ContactRequest::STATUS_NEW, contact_request.status
+  end
+
+  def test_updates_existing_contact_request
+    request_body = @json_update.dup
+
+    put api_v1_contact_request_path(@contact_request.id), params: request_body, headers: @headers
+    assert_response :ok
+
+    @contact_request.reload
+    assert ContactRequest::STATUS_CONFIRMED, @contact_request.status
+  end
+
+  def test_not_updates_if_status_error
+    request_body = @json_update.dup
+    request_body['contact_request']['status'] = 'some_error_status'
+
+    put api_v1_contact_request_path(@contact_request.id), params: request_body, headers: @headers
+    assert_response 400
+
+    @contact_request.reload
+    assert ContactRequest::STATUS_NEW, @contact_request.status
+  end
+
+  def valid_contact_request_create
+    {
+      "email": "aaa@bbb.com",
+      "whois_record_id": "1",
+      "name": "test"
+    }.as_json
+  end
+
+  def valid_contact_request_update
+    {
+      "status": "#{ContactRequest::STATUS_CONFIRMED}",
+    }.as_json
+  end
+end
--- a/test/models/white_ip_test.rb
+++ b/test/models/white_ip_test.rb
@ -38,6 +38,20 @@ class WhiteIpTest < ActiveSupport::TestCase
    assert white_ip.valid?
  end

+  def test_validates_include_empty_ipv4
+    white_ip = WhiteIp.new
+
+    white_ip.ipv4 = nil
+    white_ip.ipv6 = '001:0db8:85a3:0000:0000:8a2e:0370:7334'
+    white_ip.registrar = registrars(:bestnames)
+
+    assert_nothing_raised { white_ip.save }
+    assert white_ip.valid?
+    
+    assert WhiteIp.include_ip?(white_ip.ipv6)
+    assert_not WhiteIp.include_ip?('192.168.1.1')
+  end
+
  private

  def valid_white_ip
--- a/test/system/registrar_area/bulk_change/admin_contact_test.rb
+++ b/test/system/registrar_area/bulk_change/admin_contact_test.rb
@ -0,0 +1,49 @@
+require 'application_system_test_case'
+
+class RegistrarAreaAdminContactBulkChangeTest < ApplicationSystemTestCase
+  setup do
+    sign_in users(:api_bestnames)
+  end
+
+  def test_replace_domain_contacts_of_current_registrar
+    request_stub = stub_request(:patch, /domains\/admin_contacts/)
+                     .with(body: { current_contact_id: 'william-001', new_contact_id: 'john-001' },
+                           basic_auth: ['test_bestnames', 'testtest'])
+                     .to_return(body: { data: { affected_domains: %w[foo.test bar.test],
+                                                skipped_domains: %w[baz.test qux.test] } }.to_json,
+                                status: 200)
+
+    visit registrar_domains_url
+    click_link 'Bulk change'
+    click_link 'Admin contact'
+
+    find('.current_admin_contact').fill_in 'Current contact ID', with: 'william-001'
+    find('.new_admin_contact').fill_in 'New contact ID', with: 'john-001'
+    click_on 'Replace admin contacts'
+
+    assert_requested request_stub
+    assert_current_path registrar_domains_path
+    assert_text 'Admin contacts have been successfully replaced'
+    assert_text 'Affected domains: foo.test, bar.test'
+    assert_text 'Skipped domains: baz.test, qux.test'
+  end
+
+  def test_fails_gracefully
+    stub_request(:patch, /domains\/admin_contacts/)
+      .to_return(status: 400,
+                 body: { message: 'epic fail' }.to_json,
+                 headers: { 'Content-type' => Mime[:json] })
+
+    visit registrar_domains_url
+    click_link 'Bulk change'
+    click_link 'Admin contact'
+
+    find('.current_admin_contact').fill_in 'Current contact ID', with: 'william-001'
+    find('.new_admin_contact').fill_in 'New contact ID', with: 'john-001'
+    click_on 'Replace admin contacts'
+
+    assert_text 'epic fail'
+    assert_field 'Current contact ID', with: 'william-001'
+    assert_field 'New contact ID', with: 'john-001'
+  end
+end
--- a/test/system/registrar_area/bulk_change/tech_contact_test.rb
+++ b/test/system/registrar_area/bulk_change/tech_contact_test.rb
@ -16,8 +16,8 @@ class RegistrarAreaTechContactBulkChangeTest < ApplicationSystemTestCase
    visit registrar_domains_url
    click_link 'Bulk change'

-    fill_in 'Current contact ID', with: 'william-001'
-    fill_in 'New contact ID', with: 'john-001'
+    find('.current_tech_contact').fill_in 'Current contact ID', with: 'william-001'
+    find('.new_tech_contact').fill_in 'New contact ID', with: 'john-001'
    click_on 'Replace technical contacts'

    assert_requested request_stub
@ -36,8 +36,8 @@ class RegistrarAreaTechContactBulkChangeTest < ApplicationSystemTestCase
    visit registrar_domains_url
    click_link 'Bulk change'

-    fill_in 'Current contact ID', with: 'william-001'
-    fill_in 'New contact ID', with: 'john-001'
+    find('.current_tech_contact').fill_in 'Current contact ID', with: 'william-001'
+    find('.new_tech_contact').fill_in 'New contact ID', with: 'john-001'
    click_on 'Replace technical contacts'

    assert_text 'epic fail'