Merge branch 'master' of github.com:domify/registry

This commit is contained in:
Priit Tark 2015-07-20 17:23:14 +03:00
commit 5f32c1cfd4
11 changed files with 1231 additions and 882 deletions

View file

@ -91,17 +91,12 @@ class Epp::DomainsController < EppController
render_epp_response '/epp/domains/check'
end
# rubocop: disable Metrics/MethodLength
def renew
authorize! :renew, @domain
period = params[:parsed_frame].css('period').text.presence || 1
period_unit = 'y'
period_element = params[:parsed_frame].css('period').first
if period_element.present? && period_element['unit'].present?
period_unit = period_element['unit']
end
period_element = params[:parsed_frame].css('period').text
period = (period_element.to_i == 0) ? 1 : period_element.to_i
period_unit = Epp::Domain.parse_period_unit_from_frame(params[:parsed_frame]) || 'y'
ActiveRecord::Base.transaction do
success = @domain.renew(
@ -128,7 +123,6 @@ class Epp::DomainsController < EppController
end
end
end
# rubocop: enable Metrics/MethodLength
def transfer
authorize! :transfer, @domain, @password
@ -161,6 +155,8 @@ class Epp::DomainsController < EppController
@prefix = nil
requires 'extension > extdata > legalDocument'
optional_attribute 'period', 'unit', values: %w(d m y)
status_editing_disabled
end

View file

@ -13,7 +13,8 @@ class Epp::SessionsController < EppController
success = true
@api_user = ApiUser.find_by(login_params)
if request.ip == ENV['webclient_ip'] && !Rails.env.test? && !Rails.env.development?
webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
if webclient_request && !Rails.env.test? && !Rails.env.development?
client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
if client_md5 != server_md5
@ -26,7 +27,7 @@ class Epp::SessionsController < EppController
end
end
if request.ip != ENV['webclient_ip'] && @api_user
if !webclient_request && @api_user
unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
epp_errors << {
msg: 'Authentication error; server closing connection (certificate is not valid)',
@ -76,7 +77,7 @@ class Epp::SessionsController < EppController
if success
if parsed_frame.css('newPW').first
unless @api_user.update(password: parsed_frame.css('newPW').first.text)
response.headers['X-EPP-Returncode'] = '2200'
response.headers['X-EPP-Returncode'] = '2500'
handle_errors(@api_user) and return
end
end
@ -85,7 +86,7 @@ class Epp::SessionsController < EppController
epp_session.update_column(:registrar_id, @api_user.registrar_id)
render_epp_response('login_success')
else
response.headers['X-EPP-Returncode'] = '2200'
response.headers['X-EPP-Returncode'] = '2500'
handle_errors
end
end
@ -95,7 +96,8 @@ class Epp::SessionsController < EppController
# rubocop: enable Metrics/CyclomaticComplexity
def ip_white?
return true if request.ip == ENV['webclient_ip']
webclient_request = ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
return true if webclient_request
if @api_user
return false unless @api_user.registrar.api_ip_white?(request.ip)
end