mirror of
https://github.com/internetee/registry.git
synced 2025-05-29 17:10:08 +02:00
Check reserved domain on create #2565
This commit is contained in:
Martin Lensment
parent
8ef8147b06
commit
647d074b8b
5 changed files with 35 additions and 4 deletions
|
|
@ -78,12 +78,26 @@ class Domain < ActiveRecord::Base
|
||||||
|
|
||||||
after_initialize -> { self.statuses = [] if statuses.nil? }
|
after_initialize -> { self.statuses = [] if statuses.nil? }
|
||||||
|
|
||||||
|
after_create :update_reserved_domains
|
||||||
|
def update_reserved_domains
|
||||||
|
return unless reserved?
|
||||||
|
rd = ReservedDomain.first
|
||||||
|
rd.names[name] = SecureRandom.hex
|
||||||
|
rd.save
|
||||||
|
end
|
||||||
|
|
||||||
validates :name_dirty, domain_name: true, uniqueness: true
|
validates :name_dirty, domain_name: true, uniqueness: true
|
||||||
validates :puny_label, length: { maximum: 63 }
|
validates :puny_label, length: { maximum: 63 }
|
||||||
validates :period, numericality: { only_integer: true }
|
validates :period, numericality: { only_integer: true }
|
||||||
validates :registrant, :registrar, presence: true
|
validates :registrant, :registrar, presence: true
|
||||||
|
|
||||||
validate :validate_period
|
validate :validate_period
|
||||||
|
validate :validate_reservation
|
||||||
|
def validate_reservation
|
||||||
|
return if persisted?
|
||||||
|
return if !reserved? || reserved_pw == auth_info
|
||||||
|
errors.add(:base, :domain_is_reserved_and_requires_correct_auth_info)
|
||||||
|
end
|
||||||
|
|
||||||
validates :nameservers, object_count: {
|
validates :nameservers, object_count: {
|
||||||
min: -> { Setting.ns_min_count },
|
min: -> { Setting.ns_min_count },
|
||||||
|
|
@ -247,6 +261,14 @@ class Domain < ActiveRecord::Base
|
||||||
@registrant_typeahead || registrant.try(:name) || nil
|
@registrant_typeahead || registrant.try(:name) || nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def reserved?
|
||||||
|
reserved_pw.present?
|
||||||
|
end
|
||||||
|
|
||||||
|
def reserved_pw
|
||||||
|
ReservedDomain.select("names -> '#{name}' AS pw").first.pw
|
||||||
|
end
|
||||||
|
|
||||||
def pending_transfer
|
def pending_transfer
|
||||||
domain_transfers.find_by(status: DomainTransfer::PENDING)
|
domain_transfers.find_by(status: DomainTransfer::PENDING)
|
||||||
end
|
end
|
||||||
|
|
@ -452,6 +474,7 @@ class Domain < ActiveRecord::Base
|
||||||
|
|
||||||
# rubocop:disable Lint/Loop
|
# rubocop:disable Lint/Loop
|
||||||
def generate_auth_info
|
def generate_auth_info
|
||||||
|
return if auth_info.present?
|
||||||
begin
|
begin
|
||||||
self.auth_info = SecureRandom.hex
|
self.auth_info = SecureRandom.hex
|
||||||
end while self.class.exists?(auth_info: auth_info)
|
end while self.class.exists?(auth_info: auth_info)
|
||||||
|
|
@ -493,6 +516,8 @@ class Domain < ActiveRecord::Base
|
||||||
end
|
end
|
||||||
|
|
||||||
def manage_automatic_statuses
|
def manage_automatic_statuses
|
||||||
|
statuses << DomainStatus::RESERVED if new_record? && reserved?
|
||||||
|
|
||||||
# domain_statuses.create(value: DomainStatus::DELETE_CANDIDATE) if delete_candidateable?
|
# domain_statuses.create(value: DomainStatus::DELETE_CANDIDATE) if delete_candidateable?
|
||||||
if statuses.empty? && valid?
|
if statuses.empty? && valid?
|
||||||
statuses << DomainStatus::OK
|
statuses << DomainStatus::OK
|
||||||
|
|
|
||||||
|
|
@ -71,6 +71,7 @@ class DomainStatus < ActiveRecord::Base
|
||||||
FORCE_DELETE = 'forceDelete'
|
FORCE_DELETE = 'forceDelete'
|
||||||
DELETE_CANDIDATE = 'deleteCandidate'
|
DELETE_CANDIDATE = 'deleteCandidate'
|
||||||
EXPIRED = 'expired'
|
EXPIRED = 'expired'
|
||||||
|
RESERVED = 'reserved'
|
||||||
|
|
||||||
STATUSES = [
|
STATUSES = [
|
||||||
CLIENT_DELETE_PROHIBITED, SERVER_DELETE_PROHIBITED, CLIENT_HOLD, SERVER_HOLD,
|
CLIENT_DELETE_PROHIBITED, SERVER_DELETE_PROHIBITED, CLIENT_HOLD, SERVER_HOLD,
|
||||||
|
|
|
||||||
|
|
@ -66,7 +66,8 @@ class Epp::Domain < Domain
|
||||||
[:name_dirty, :blocked, { value: { obj: 'name', val: name_dirty } }]
|
[:name_dirty, :blocked, { value: { obj: 'name', val: name_dirty } }]
|
||||||
],
|
],
|
||||||
'2304' => [ # Object status prohibits operation
|
'2304' => [ # Object status prohibits operation
|
||||||
[:base, :domain_status_prohibits_operation]
|
[:base, :domain_status_prohibits_operation],
|
||||||
|
[:base, :domain_is_reserved_and_requires_correct_auth_info]
|
||||||
],
|
],
|
||||||
'2306' => [ # Parameter policy error
|
'2306' => [ # Parameter policy error
|
||||||
[:period, :out_of_range, { value: { obj: 'period', val: period } }],
|
[:period, :out_of_range, { value: { obj: 'period', val: period } }],
|
||||||
|
|
@ -112,6 +113,8 @@ class Epp::Domain < Domain
|
||||||
|
|
||||||
at[:period_unit] = Epp::Domain.parse_period_unit_from_frame(frame) || 'y'
|
at[:period_unit] = Epp::Domain.parse_period_unit_from_frame(frame) || 'y'
|
||||||
|
|
||||||
|
at[:auth_info] = frame.css('pw').text if new_record?
|
||||||
|
|
||||||
# at[:statuses] = domain_statuses_attrs(frame, action)
|
# at[:statuses] = domain_statuses_attrs(frame, action)
|
||||||
# binding.pry
|
# binding.pry
|
||||||
at[:nameservers_attributes] = nameservers_attrs(frame, action)
|
at[:nameservers_attributes] = nameservers_attrs(frame, action)
|
||||||
|
|
|
||||||
|
|
@ -6,8 +6,8 @@ class DomainNameValidator < ActiveModel::EachValidator
|
||||||
record.errors[attribute] << (options[:message] || record.errors.generate_message(attribute, :invalid))
|
record.errors[attribute] << (options[:message] || record.errors.generate_message(attribute, :invalid))
|
||||||
elsif !self.class.validate_blocked(value)
|
elsif !self.class.validate_blocked(value)
|
||||||
record.errors.add(attribute, (options[:message] || record.errors.generate_message(attribute, :blocked)))
|
record.errors.add(attribute, (options[:message] || record.errors.generate_message(attribute, :blocked)))
|
||||||
elsif !self.class.validate_reservation(value)
|
# elsif !self.class.validate_reservation(value)
|
||||||
record.errors.add(attribute, (options[:message] || record.errors.generate_message(attribute, :reserved)))
|
# record.errors.add(attribute, (options[:message] || record.errors.generate_message(attribute, :reserved)))
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
# rubocop: enable Metrics/PerceivedComplexity
|
# rubocop: enable Metrics/PerceivedComplexity
|
||||||
|
|
@ -42,8 +42,9 @@ class DomainNameValidator < ActiveModel::EachValidator
|
||||||
BlockedDomain.where("names @> ?::varchar[]", "{#{value}}").count == 0
|
BlockedDomain.where("names @> ?::varchar[]", "{#{value}}").count == 0
|
||||||
end
|
end
|
||||||
|
|
||||||
def validate_reservation(value)
|
def validate_reservation(record, value)
|
||||||
return true unless value
|
return true unless value
|
||||||
|
return true if record.reserved_pw == record.auth_info
|
||||||
!ReservedDomain.exists?(name: value.mb_chars.downcase.strip)
|
!ReservedDomain.exists?(name: value.mb_chars.downcase.strip)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -60,6 +60,7 @@ en:
|
||||||
ds_data_not_allowed: 'dsData object is not allowed'
|
ds_data_not_allowed: 'dsData object is not allowed'
|
||||||
ds_data_with_key_not_allowed: 'dsData object with key data is not allowed'
|
ds_data_with_key_not_allowed: 'dsData object with key data is not allowed'
|
||||||
key_data_not_allowed: 'keyData object is not allowed'
|
key_data_not_allowed: 'keyData object is not allowed'
|
||||||
|
domain_is_reserved_and_requires_correct_auth_info: 'Domain is reserved and requires correct auth info'
|
||||||
name_dirty:
|
name_dirty:
|
||||||
invalid: 'Domain name is invalid'
|
invalid: 'Domain name is invalid'
|
||||||
reserved: 'Domain name is reserved'
|
reserved: 'Domain name is reserved'
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue