From 60ad331903a603c20c6f41b5e53368808e7fd50c Mon Sep 17 00:00:00 2001
From: Alex Sherman <yul.golem@gmail.com>
Date: Wed, 1 Jul 2020 13:59:10 +0500
Subject: [PATCH] Add non-mandatory legal docs to domain transfer/delete

---
 app/controllers/epp/domains_controller.rb     |  5 +-
 .../epp/domain/delete/base_test.rb            | 33 +++++++++-
 .../epp/domain/update/base_test.rb            | 62 +++++++++++++++++++
 3 files changed, 95 insertions(+), 5 deletions(-)

diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb
index dbf61ed9d..4249c1db6 100644
--- a/app/controllers/epp/domains_controller.rb
+++ b/app/controllers/epp/domains_controller.rb
@@ -246,7 +246,7 @@ module Epp
 
     def validate_update
       if element_count('update > chg > registrant') > 0
-        requires 'extension > extdata > legalDocument'
+        requires 'extension > extdata > legalDocument' if current_user.legaldoc_mandatory?
       end
 
       @prefix = 'update > update >'
@@ -256,7 +256,8 @@ module Epp
     end
 
     def validate_delete
-      requires 'extension > extdata > legalDocument'
+      # binding.pry
+      requires 'extension > extdata > legalDocument' if current_user.legaldoc_mandatory?
 
       @prefix = 'delete > delete >'
       requires 'name'
diff --git a/test/integration/epp/domain/delete/base_test.rb b/test/integration/epp/domain/delete/base_test.rb
index 4a0992f5b..d71e9890f 100644
--- a/test/integration/epp/domain/delete/base_test.rb
+++ b/test/integration/epp/domain/delete/base_test.rb
@@ -160,10 +160,8 @@ class EppDomainDeleteBaseTest < EppTestCase
     assert_epp_response :completed_successfully
   end
 
-  def test_legal_document_is_required
+  def test_legal_document_is_required_if_mandatory
     assert_equal 'shop.test', @domain.name
-    @domain.registrar.legaldoc_optout = true
-    @domain.registrar.save(validate: false)
 
     request_xml = <<-XML
       <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@@ -183,6 +181,35 @@ class EppDomainDeleteBaseTest < EppTestCase
     assert_epp_response :required_parameter_missing
   end
 
+  def test_legal_document_is_not_required_if_not_mandatory
+    assert_equal 'shop.test', @domain.name
+    Setting.request_confirmation_on_domain_deletion_enabled = true
+    @domain.registrar.legaldoc_optout = true
+    @domain.registrar.save(validate: false)
+    @domain.registrar.reload
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <delete>
+            <domain:delete verified="yes" xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>shop.test</domain:name>
+            </domain:delete>
+          </delete>
+        </command>
+      </epp>
+    XML
+
+    post epp_delete_path, params: { frame: request_xml }, headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    @domain.reload
+
+    assert_not @domain.registrant_verification_asked?
+    assert_not @domain.pending_delete_confirmation?
+    assert_no_emails
+    assert_epp_response :completed_successfully
+  end
+
   def test_domain_cannot_be_deleted_when_explicitly_prohibited_by_registrar
     assert_equal 'shop.test', @domain.name
     @domain.update!(statuses: [DomainStatus::CLIENT_DELETE_PROHIBITED])
diff --git a/test/integration/epp/domain/update/base_test.rb b/test/integration/epp/domain/update/base_test.rb
index 0e435030a..593d7951c 100644
--- a/test/integration/epp/domain/update/base_test.rb
+++ b/test/integration/epp/domain/update/base_test.rb
@@ -160,6 +160,68 @@ class EppDomainUpdateBaseTest < EppTestCase
     assert_verification_and_notification_emails
   end
 
+  def test_updates_registrant_when_legaldoc_is_not_mandatory
+    Setting.request_confrimation_on_registrant_change_enabled = true
+    new_registrant = contacts(:william)
+    assert_not_equal new_registrant, @domain.registrant
+
+    @domain.registrar.legaldoc_optout = true
+    @domain.registrar.save(validate: false)
+    @domain.registrar.reload
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <update>
+            <domain:update xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{@domain.name}</domain:name>
+                <domain:chg>
+                  <domain:registrant verified="no">#{new_registrant.code}</domain:registrant>
+                </domain:chg>
+            </domain:update>
+          </update>
+        </command>
+      </epp>
+    XML
+
+    post epp_update_path, params: { frame: request_xml },
+         headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    @domain.reload
+
+    assert_epp_response :completed_successfully_action_pending
+    assert_not_equal new_registrant, @domain.registrant
+    assert @domain.registrant_verification_asked?
+    assert_includes @domain.statuses, DomainStatus::PENDING_UPDATE
+    assert_verification_and_notification_emails
+  end
+
+  def test_dows_not_update_registrant_when_legaldoc_is_mandatory
+    Setting.request_confrimation_on_registrant_change_enabled = true
+    new_registrant = contacts(:william)
+    assert_not_equal new_registrant, @domain.registrant
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <update>
+            <domain:update xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{@domain.name}</domain:name>
+                <domain:chg>
+                  <domain:registrant verified="no">#{new_registrant.code}</domain:registrant>
+                </domain:chg>
+            </domain:update>
+          </update>
+        </command>
+      </epp>
+    XML
+
+    post epp_update_path, params: { frame: request_xml },
+         headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    assert_epp_response :required_parameter_missing
+  end
+
   def test_skips_verification_when_provided_registrant_is_the_same_as_current_one
     Setting.request_confrimation_on_registrant_change_enabled = true