Merge branch 'master' of github.com:domify/registry

app/controllers/epp/domains_controller.rb

@@ -91,17 +91,12 @@ class Epp::DomainsController < EppController
     render_epp_response '/epp/domains/check'
   end
 
-  # rubocop: disable Metrics/MethodLength
   def renew
     authorize! :renew, @domain
 
-    period = params[:parsed_frame].css('period').text.presence || 1
-    period_unit = 'y'
-    period_element = params[:parsed_frame].css('period').first
-
-    if period_element.present? && period_element['unit'].present?
-      period_unit = period_element['unit']
-    end
+    period_element = params[:parsed_frame].css('period').text
+    period = (period_element.to_i == 0) ? 1 : period_element.to_i
+    period_unit = Epp::Domain.parse_period_unit_from_frame(params[:parsed_frame]) || 'y'
 
     ActiveRecord::Base.transaction do
       success = @domain.renew(
@@ -128,7 +123,6 @@ class Epp::DomainsController < EppController
       end
     end
   end
-  # rubocop: enable Metrics/MethodLength
 
   def transfer
     authorize! :transfer, @domain, @password
@@ -161,6 +155,8 @@ class Epp::DomainsController < EppController
     @prefix = nil
     requires 'extension > extdata > legalDocument'
 
+    optional_attribute 'period', 'unit', values: %w(d m y)
+
     status_editing_disabled
   end
 

app/controllers/epp/sessions_controller.rb

@@ -13,7 +13,8 @@ class Epp::SessionsController < EppController
     success = true
     @api_user = ApiUser.find_by(login_params)
 
-    if request.ip == ENV['webclient_ip'] && !Rails.env.test? && !Rails.env.development?
+    webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
+    if webclient_request && !Rails.env.test? && !Rails.env.development?
       client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
       server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
       if client_md5 != server_md5
@@ -26,7 +27,7 @@ class Epp::SessionsController < EppController
       end
     end
 
-    if request.ip != ENV['webclient_ip'] && @api_user
+    if !webclient_request && @api_user
       unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
         epp_errors << {
           msg: 'Authentication error; server closing connection (certificate is not valid)',
@@ -76,7 +77,7 @@ class Epp::SessionsController < EppController
     if success
       if parsed_frame.css('newPW').first
         unless @api_user.update(password: parsed_frame.css('newPW').first.text)
-          response.headers['X-EPP-Returncode'] = '2200'
+          response.headers['X-EPP-Returncode'] = '2500'
           handle_errors(@api_user) and return
         end
       end
@@ -85,7 +86,7 @@ class Epp::SessionsController < EppController
       epp_session.update_column(:registrar_id, @api_user.registrar_id)
       render_epp_response('login_success')
     else
-      response.headers['X-EPP-Returncode'] = '2200'
+      response.headers['X-EPP-Returncode'] = '2500'
       handle_errors
     end
   end
@@ -95,7 +96,8 @@ class Epp::SessionsController < EppController
   # rubocop: enable Metrics/CyclomaticComplexity
 
   def ip_white?
-    return true if request.ip == ENV['webclient_ip']
+    webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
+    return true if webclient_request
     if @api_user
       return false unless @api_user.registrar.api_ip_white?(request.ip)
     end