From e11607cdc40aff93ba91c0daf8b9c911b384d799 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Tue, 10 Mar 2015 17:36:44 +0200 Subject: [PATCH 1/4] contact info should always return something --- app/models/ability.rb | 7 +++++-- app/views/epp/contacts/info.xml.builder | 26 ++++++++++++++----------- spec/epp/contact_spec.rb | 16 ++++++++++++--- 3 files changed, 33 insertions(+), 16 deletions(-) diff --git a/app/models/ability.rb b/app/models/ability.rb index d8915dc40..3e7105692 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -16,15 +16,17 @@ class Ability can :show, :dashboard end + # rubocop: disable Metrics/CyclomaticComplexity def epp # Epp::Contact - can(:info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } + can(:info, Epp::Contact) + can(:view_full_info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } can(:check, Epp::Contact) can(:create, Epp::Contact) can(:update, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id && c.auth_info == pw } can(:delete, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id && c.auth_info == pw } can(:renew, Epp::Contact) - can(:view_password, Epp::Contact) { |c| c.registrar_id == @user.registrar_id } + can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw } # Epp::Domain can(:info, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw } @@ -34,6 +36,7 @@ class Ability can(:update, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw } can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw } end + # rubocop: enabled Metrics/CyclomaticComplexity def user can :show, :dashboard diff --git a/app/views/epp/contacts/info.xml.builder b/app/views/epp/contacts/info.xml.builder index 2cd7114c5..8d86c51b8 100644 --- a/app/views/epp/contacts/info.xml.builder +++ b/app/views/epp/contacts/info.xml.builder @@ -7,19 +7,23 @@ xml.epp_head do xml.resData do xml.tag!('contact:infData', 'xmlns:contact' => 'urn:ietf:params:xml:ns:contact-1.0') do xml.tag!('contact:id', @contact.code) - xml.tag!('contact:voice', @contact.phone) - xml.tag!('contact:email', @contact.email) - xml.tag!('contact:fax', @contact.fax) if @contact.fax.present? + if can? :view_full_info, @contact, @password + xml.tag!('contact:voice', @contact.phone) + xml.tag!('contact:email', @contact.email) + xml.tag!('contact:fax', @contact.fax) if @contact.fax.present? + end xml.tag!('contact:postalInfo', type: 'int') do xml.tag!('contact:name', @contact.name) - xml.tag!('contact:org', @contact.org_name) if @contact.org_name.present? - xml.tag!('contact:addr') do - xml.tag!('contact:street', @contact.street) - xml.tag!('contact:city', @contact.city) - xml.tag!('contact:pc', @contact.zip) - xml.tag!('contact:sp', @contact.state) - xml.tag!('contact:cc', @contact.country_code) + if can? :view_full_info, @contact, @password + xml.tag!('contact:org', @contact.org_name) if @contact.org_name.present? + xml.tag!('contact:addr') do + xml.tag!('contact:street', @contact.street) + xml.tag!('contact:city', @contact.city) + xml.tag!('contact:pc', @contact.zip) + xml.tag!('contact:sp', @contact.state) + xml.tag!('contact:cc', @contact.country_code) + end end end @@ -32,7 +36,7 @@ xml.epp_head do end xml.tag!('contact:ident', @contact.ident, type: @contact.ident_type, cc: @contact.ident_country_code) # xml.tag!('contact:trDate', '123') if false - if can? :view_password, @contact + if can? :view_password, @contact, @password xml.tag!('contact:authInfo') do xml.tag!('contact:pw', @contact.auth_info) end diff --git a/spec/epp/contact_spec.rb b/spec/epp/contact_spec.rb index 8042e5d60..1e6ab1be5 100644 --- a/spec/epp/contact_spec.rb +++ b/spec/epp/contact_spec.rb @@ -444,15 +444,25 @@ describe 'EPP Contact', epp: true do response[:msg].should == 'Command completed successfully' response[:result_code].should == '1000' response[:results].count.should == 1 + + contact = response[:parsed].css('resData infData') + contact.css('postalInfo addr city').first.try(:text).present?.should == true + contact.css('email').first.try(:text).present?.should == true + contact.css('voice').first.try(:text).should == '+372.12345678' end end - it 'returns authorization error for wrong user and wrong pw' do + it 'returns no authorization error for wrong user and wrong pw' do login_as :registrar2 do response = info_request({ authInfo: { pw: { value: 'wrong-pw' } } }) - response[:msg].should == 'Authorization error' - response[:result_code].should == '2201' + response[:msg].should == 'Command completed successfully' + response[:result_code].should == '1000' response[:results].count.should == 1 + + contact = response[:parsed].css('resData infData') + contact.css('postalInfo addr city').first.try(:text).should == nil + contact.css('email').first.try(:text).should == nil + contact.css('voice').first.try(:text).should == nil end end end From ba62629ebfd359ef70b2c0ad9fccc90fb8207892 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Tue, 10 Mar 2015 17:43:11 +0200 Subject: [PATCH 2/4] Update contact epp doc --- doc/epp/contact.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/epp/contact.md b/doc/epp/contact.md index 381844997..8bea1b6b6 100644 --- a/doc/epp/contact.md +++ b/doc/epp/contact.md @@ -114,4 +114,4 @@ Contact Mapping protocol short version: 1 Contact password. Attribute: roid="String" 0-1 Client transaction id -[EXAMPLE REQUEST AND RESPONSE](/doc/epp-examples.md#epp-contact-with-valid-user-info-command-discloses-items-to-owner) +[EXAMPLE REQUEST AND RESPONSE](/doc/epp-examples.md##epp-contact-with-valid-user-info-command-return-info-about-contact) From b2488c7ebe372d88a9a63f4989db16e7035a3fa9 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Tue, 10 Mar 2015 17:44:18 +0200 Subject: [PATCH 3/4] typo fix --- doc/epp/contact.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/epp/contact.md b/doc/epp/contact.md index 8bea1b6b6..7d3a8251e 100644 --- a/doc/epp/contact.md +++ b/doc/epp/contact.md @@ -114,4 +114,4 @@ Contact Mapping protocol short version: 1 Contact password. Attribute: roid="String" 0-1 Client transaction id -[EXAMPLE REQUEST AND RESPONSE](/doc/epp-examples.md##epp-contact-with-valid-user-info-command-return-info-about-contact) +[EXAMPLE REQUEST AND RESPONSE](/doc/epp-examples.md#epp-contact-with-valid-user-info-command-return-info-about-contact) From 5341a42a4395f3e312878048757fe1d497b48f78 Mon Sep 17 00:00:00 2001 From: Priit Tark Date: Tue, 10 Mar 2015 18:08:41 +0200 Subject: [PATCH 4/4] Contact status ok by default --- app/models/contact.rb | 8 ++++++++ spec/models/contact_spec.rb | 5 +++++ 2 files changed, 13 insertions(+) diff --git a/app/models/contact.rb b/app/models/contact.rb index da8a3f651..520d55982 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -40,6 +40,14 @@ class Contact < ActiveRecord::Base before_create :generate_code before_create :generate_auth_info after_create :ensure_disclosure + after_save :manage_automatic_statuses + def manage_automatic_statuses + if statuses.empty? && valid? + statuses.create(value: ContactStatus::OK) + elsif statuses.length > 1 || !valid? + statuses.find_by(value: ContactStatus::OK).try(:destroy) + end + end scope :current_registrars, ->(id) { where(registrar_id: id) } diff --git a/spec/models/contact_spec.rb b/spec/models/contact_spec.rb index dbf7bc3dc..5c45c56a0 100644 --- a/spec/models/contact_spec.rb +++ b/spec/models/contact_spec.rb @@ -147,6 +147,11 @@ describe Contact do @contact.auth_info.should == 'password' end + it 'should have ok status by default' do + @contact.statuses.size.should == 1 + @contact.statuses.first.value.should == 'ok' + end + context 'as birthday' do before :all do @contact.ident_type = 'birthday'