From a7e303bba2d596cdeea5109d68d4288ed48a3a0f Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Wed, 27 Jan 2021 13:42:10 +0200 Subject: [PATCH 01/36] added test for domain tech contacts bulk change if domain has server update prohibited --- test/integration/api/domain_contacts_test.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/test/integration/api/domain_contacts_test.rb b/test/integration/api/domain_contacts_test.rb index 6704739d1..efd7032b4 100644 --- a/test/integration/api/domain_contacts_test.rb +++ b/test/integration/api/domain_contacts_test.rb @@ -107,6 +107,24 @@ class APIDomainContactsTest < ApplicationIntegrationTest JSON.parse(response.body, symbolize_names: true) end + def test_tech_bulk_changed_when_domain_update_prohibited + domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) + + shop_tech_contact = Contact.find_by(code: 'william-001') + assert domains(:shop).tech_contacts.include?(shop_tech_contact) + + patch '/repp/v1/domains/contacts', params: { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :ok + assert_equal ({ code: 1000, + message: 'Command completed successfully', + data: { affected_domains: ["airport.test"], + skipped_domains: ["shop.test"] }}), + JSON.parse(response.body, symbolize_names: true) + end + private def http_auth_key From 218bc436e6b7b744179b06c0fd380a45f5e44696 Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Tue, 2 Feb 2021 15:07:31 +0200 Subject: [PATCH 02/36] Added test for bulk transfer and bulk nameservers --- test/integration/api/domain_transfers_test.rb | 14 ++++++++++++++ test/integration/api/nameservers/put_test.rb | 16 ++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/test/integration/api/domain_transfers_test.rb b/test/integration/api/domain_transfers_test.rb index 3e9c10100..2cf12130b 100644 --- a/test/integration/api/domain_transfers_test.rb +++ b/test/integration/api/domain_transfers_test.rb @@ -63,6 +63,20 @@ class APIDomainTransfersTest < ApplicationIntegrationTest assert_equal 1, @new_registrar.contacts.where(name: 'William').size end + def test_bulk_transfer_if_domain_has_update_prohibited_status + domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) + + post '/repp/v1/domains/transfer', params: request_params, as: :json, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :ok + assert_equal ({ code: 1000, + message: 'Command completed successfully', + data: { success: [], + failed: [{ type: "domain_transfer", domain_name: "shop.test" }] }}), + JSON.parse(response.body, symbolize_names: true) + end + private def request_params diff --git a/test/integration/api/nameservers/put_test.rb b/test/integration/api/nameservers/put_test.rb index 77b01a9b1..f1a478da6 100644 --- a/test/integration/api/nameservers/put_test.rb +++ b/test/integration/api/nameservers/put_test.rb @@ -104,6 +104,22 @@ class APINameserversPutTest < ApplicationIntegrationTest JSON.parse(response.body, symbolize_names: true) end + def test_bulk_namesaervers_if_domain_update_prohibited + domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) + + params = { data: { type: 'nameserver', id: domains(:shop).nameservers.hostnames[0], + attributes: { hostname: 'ns55.bestnames.test' } } } + put '/repp/v1/registrar/nameservers', params: params, as: :json, + headers: { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :ok + assert_equal ({ code: 1000, + message: 'Command completed successfully', + data: { affected_domains: ["airport.test"], + skipped_domains: ["shop.test"] }}), + JSON.parse(response.body, symbolize_names: true) + end + def test_unauthenticated put '/repp/v1/registrar/nameservers' assert_response 401 From 1bb975c0ccf79ec63432fdcb6fa950754f4bbc7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Thu, 4 Feb 2021 14:17:26 +0200 Subject: [PATCH 03/36] Exclude tech from default domain query --- .../api/v1/registrant/domains_controller.rb | 2 +- app/models/domain.rb | 15 +++++++++++++-- app/models/registrant_user.rb | 4 +++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/v1/registrant/domains_controller.rb b/app/controllers/api/v1/registrant/domains_controller.rb index 73b534598..c10789d76 100644 --- a/app/controllers/api/v1/registrant/domains_controller.rb +++ b/app/controllers/api/v1/registrant/domains_controller.rb @@ -42,7 +42,7 @@ module Api private def current_user_domains - current_registrant_user.domains + current_registrant_user.domains(admin: params[:tech] != 'true') rescue CompanyRegister::NotAvailableError current_registrant_user.direct_domains end diff --git a/app/models/domain.rb b/app/models/domain.rb index 53f0fa5b6..6837e6905 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -198,6 +198,15 @@ class Domain < ApplicationRecord Setting.nameserver_required end + def registrant_user_admin_registrant_domains(registrant_user) + companies = Contact.registrant_user_company_contacts(registrant_user) + from( + "(#{registrant_user_administered_domains(registrant_user).to_sql} UNION " \ + "#{registrant_user_company_registrant(registrant_user).to_sql} UNION " \ + "#{registrant_user_domains_company(companies, except_tech: true).to_sql}) AS domains" + ) + end + def registrant_user_domains(registrant_user) from( "(#{registrant_user_domains_by_registrant(registrant_user).to_sql} UNION " \ @@ -255,8 +264,10 @@ class Domain < ApplicationRecord where(registrant: companies) end - def registrant_user_domains_company(companies) - joins(:domain_contacts).where(domain_contacts: { contact: companies }) + def registrant_user_domains_company(companies, except_tech: false) + request = { contact: companies } + request[:type] = [AdminDomainContact.name] if except_tech + joins(:domain_contacts).where(domain_contacts: request) end end diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index aa41ccff8..92a9c61ef 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -30,7 +30,9 @@ class RegistrantUser < User Contact.registrant_user_direct_contacts(self) end - def domains + def domains(admin: false) + return Domain.registrant_user_admin_registrant_domains(self) if admin + Domain.registrant_user_domains(self) end From 419396f5b47e17ff12ae986c5db8c679f12ac474 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Thu, 4 Feb 2021 15:59:37 +0200 Subject: [PATCH 04/36] Get admin/registrant domains when company registry is down --- .../api/v1/registrant/domains_controller.rb | 2 +- app/models/domain.rb | 14 ++++++++++++-- app/models/registrant_user.rb | 4 +++- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/v1/registrant/domains_controller.rb b/app/controllers/api/v1/registrant/domains_controller.rb index c10789d76..0e380eb57 100644 --- a/app/controllers/api/v1/registrant/domains_controller.rb +++ b/app/controllers/api/v1/registrant/domains_controller.rb @@ -44,7 +44,7 @@ module Api def current_user_domains current_registrant_user.domains(admin: params[:tech] != 'true') rescue CompanyRegister::NotAvailableError - current_registrant_user.direct_domains + current_registrant_user.direct_domains(admin: params[:tech] != 'true') end end end diff --git a/app/models/domain.rb b/app/models/domain.rb index 6837e6905..f2019dcb2 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -207,6 +207,14 @@ class Domain < ApplicationRecord ) end + def registrant_user_direct_admin_registrant_domains(registrant_user) + from( + "(#{registrant_user_direct_domains_by_registrant(registrant_user).to_sql} UNION " \ + "#{registrant_user_direct_domains_by_contact(registrant_user, + except_tech: true).to_sql}) AS domains" + ) + end + def registrant_user_domains(registrant_user) from( "(#{registrant_user_domains_by_registrant(registrant_user).to_sql} UNION " \ @@ -256,8 +264,10 @@ class Domain < ApplicationRecord where(registrant: registrant_user.direct_contacts) end - def registrant_user_direct_domains_by_contact(registrant_user) - joins(:domain_contacts).where(domain_contacts: { contact_id: registrant_user.direct_contacts }) + def registrant_user_direct_domains_by_contact(registrant_user, except_tech: false) + request = { contact_id: registrant_user.direct_contacts } + request[:type] = [AdminDomainContact.name] if except_tech + joins(:domain_contacts).where(domain_contacts: request) end def registrant_user_company_registrant(companies) diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index 92a9c61ef..efcb08288 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -36,7 +36,9 @@ class RegistrantUser < User Domain.registrant_user_domains(self) end - def direct_domains + def direct_domains(admin: false) + return Domain.registrant_user_direct_admin_registrant_domains(self) if admin + Domain.registrant_user_direct_domains(self) end From 9854f82669e9906136a097ea355817069eb49ebd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 5 Feb 2021 12:00:49 +0200 Subject: [PATCH 05/36] Registrant API: Add registrant org true/false attribute --- lib/serializers/registrant_api/domain.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/serializers/registrant_api/domain.rb b/lib/serializers/registrant_api/domain.rb index 64913a7fb..ed6eb2b9c 100644 --- a/lib/serializers/registrant_api/domain.rb +++ b/lib/serializers/registrant_api/domain.rb @@ -25,6 +25,7 @@ module Serializers registrant: { name: domain.registrant.name, id: domain.registrant.uuid, + org: domain.registrant.org?, }, tech_contacts: contacts(:tech), admin_contacts: contacts(:admin), @@ -60,7 +61,7 @@ module Serializers registrar: { name: domain.registrar.name, website: domain.registrar.website }, registrant: { name: domain.registrant.name, id: domain.registrant.uuid, phone: domain.registrant.phone, email: domain.registrant.email, - ident: domain.registrant.ident } + ident: domain.registrant.ident, org: domain.registrant.org? } } end From 84755226a381367ccb411a1687a51dcef5e855ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 5 Feb 2021 12:06:38 +0200 Subject: [PATCH 06/36] Reflect new keys in registrant API tests --- .../integration/api/registrant/registrant_api_domains_test.rb | 2 +- .../api/registrant/registrant_api_registry_locks_test.rb | 2 +- test/lib/serializers/registrant_api/domain_test.rb | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/integration/api/registrant/registrant_api_domains_test.rb b/test/integration/api/registrant/registrant_api_domains_test.rb index 61d635e5f..a688152c6 100644 --- a/test/integration/api/registrant/registrant_api_domains_test.rb +++ b/test/integration/api/registrant/registrant_api_domains_test.rb @@ -19,7 +19,7 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest assert_equal('hospital.test', domain[:name]) assert_equal('5edda1a5-3548-41ee-8b65-6d60daf85a37', domain[:id]) - assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957'}, domain[:registrant]) + assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957', org: false}, domain[:registrant]) assert_equal([{name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957', email: 'john@inbox.test'}], diff --git a/test/integration/api/registrant/registrant_api_registry_locks_test.rb b/test/integration/api/registrant/registrant_api_registry_locks_test.rb index fb6d13aca..d024bb6c1 100644 --- a/test/integration/api/registrant/registrant_api_registry_locks_test.rb +++ b/test/integration/api/registrant/registrant_api_registry_locks_test.rb @@ -130,7 +130,7 @@ class RegistrantApiRegistryLocksTest < ApplicationIntegrationTest response_json = JSON.parse(response.body, symbolize_names: true) assert_equal({ name: 'Best Names', website: 'https://bestnames.test' }, response_json[:registrar]) - assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957'}, response_json[:registrant]) + assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957', org: false}, response_json[:registrant]) assert_equal([{name: 'Jane', id: '9db3de62-2414-4487-bee2-d5c155567768', email: 'jane@mail.test' diff --git a/test/lib/serializers/registrant_api/domain_test.rb b/test/lib/serializers/registrant_api/domain_test.rb index f2623741f..d30a50ea3 100644 --- a/test/lib/serializers/registrant_api/domain_test.rb +++ b/test/lib/serializers/registrant_api/domain_test.rb @@ -30,8 +30,8 @@ class SerializersRegistrantApiDomainTest < ActiveSupport::TestCase assert_equal({name: 'Best Names', website: 'https://bestnames.test' }, @json[:registrar]) end - def test_returns_registrant_name_and_uuid - assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957'}, + def test_returns_registrant_name_uuid_and_org + assert_equal({name: 'John', id: 'eb2f2766-b44c-4e14-9f16-32ab1a7cb957', org: false}, @json[:registrant]) end From d4312caa91bc64eed1e11a0323cfaa638cdb15de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 5 Feb 2021 16:54:42 +0200 Subject: [PATCH 07/36] Registrant API: Include unscoped domain list size --- app/controllers/api/v1/registrant/domains_controller.rb | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/v1/registrant/domains_controller.rb b/app/controllers/api/v1/registrant/domains_controller.rb index 0e380eb57..12b060e6c 100644 --- a/app/controllers/api/v1/registrant/domains_controller.rb +++ b/app/controllers/api/v1/registrant/domains_controller.rb @@ -25,7 +25,8 @@ module Api serializer.to_json end - render json: { count: domains.count, domains: serialized_domains } + render json: { total: current_user_domains_total_count, count: domains.count, + domains: serialized_domains } end def show @@ -41,6 +42,12 @@ module Api private + def current_user_domains_total_count + current_registrant_user.domains.count + rescue CompanyRegister::NotAvailableError + current_registrant_user.direct_domains.count + end + def current_user_domains current_registrant_user.domains(admin: params[:tech] != 'true') rescue CompanyRegister::NotAvailableError From e488c839dd4dfe26b7844e8c7891313a77d6ec29 Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Tue, 9 Feb 2021 16:59:58 +0200 Subject: [PATCH 08/36] added tests for api endpoint --- .../registrant/registrant_api_domains_test.rb | 34 ++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/test/integration/api/registrant/registrant_api_domains_test.rb b/test/integration/api/registrant/registrant_api_domains_test.rb index a688152c6..a919a318b 100644 --- a/test/integration/api/registrant/registrant_api_domains_test.rb +++ b/test/integration/api/registrant/registrant_api_domains_test.rb @@ -5,9 +5,10 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest def setup super - @domain = domains(:hospital) + @domain = domains(:airport) @registrant = @domain.registrant @user = users(:registrant) + domains(:metro).tech_domain_contacts.update(contact_id: @registrant.id) @auth_headers = { 'HTTP_AUTHORIZATION' => auth_token } end @@ -57,6 +58,37 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest assert(array_of_domain_registrars.include?({name: 'Good Names', website: nil})) end + def test_return_domain_list_with_registrants_and_admins + domains(:hospital).admin_domain_contacts.update(contact_id: contacts(:william).id) + domains(:hospital).update(registrant: contacts(:william).becomes(Registrant)) + + get '/api/v1/registrant/domains', headers: @auth_headers, params: { 'offset' => 0 } + assert_equal(200, response.status) + + response_json = JSON.parse(response.body, symbolize_names: true) + response_json[:domains].each do |x| + if x[:registrant][:org] == false + x[:tech_contacts].each do |s| + assert_not s[:name].include?(@registrant.name) + end + end + end + end + + def test_return_domain_list_with_registrants_and_admins_tech + get '/api/v1/registrant/domains', headers: @auth_headers, params: { 'offset' => 0, 'tech' => true } + assert_equal(200, response.status) + + response_json = JSON.parse(response.body, symbolize_names: true) + response_json[:domains].each do |x| + if x[:name] == 'metro.test' + x[:tech_contacts].each do |s| + assert s[:name].include?(@registrant.name) + end + end + end + end + def test_root_accepts_limit_and_offset_parameters get '/api/v1/registrant/domains', params: { 'limit' => 2, 'offset' => 0 }, headers: @auth_headers From d19bb69342bb29b523b4b73dbe09a471b16b7fa3 Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Wed, 10 Feb 2021 09:58:22 +0200 Subject: [PATCH 09/36] added test for total count --- .../api/registrant/registrant_api_domains_test.rb | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/test/integration/api/registrant/registrant_api_domains_test.rb b/test/integration/api/registrant/registrant_api_domains_test.rb index a919a318b..e8c68638c 100644 --- a/test/integration/api/registrant/registrant_api_domains_test.rb +++ b/test/integration/api/registrant/registrant_api_domains_test.rb @@ -89,6 +89,15 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest end end + def test_domains_total_if_an_incomplete_list_is_returned + get '/api/v1/registrant/domains', headers: @auth_headers, params: { 'offset' => 0 } + assert_equal(200, response.status) + + response_json = JSON.parse(response.body, symbolize_names: true) + assert_equal response_json[:domains].length, 4 + assert_equal response_json[:total], 5 + end + def test_root_accepts_limit_and_offset_parameters get '/api/v1/registrant/domains', params: { 'limit' => 2, 'offset' => 0 }, headers: @auth_headers From 951d95a3e8c4292223ffe227e81489240462525f Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Wed, 10 Feb 2021 10:17:50 +0200 Subject: [PATCH 10/36] added test for total count --- test/integration/api/registrant/registrant_api_domains_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/api/registrant/registrant_api_domains_test.rb b/test/integration/api/registrant/registrant_api_domains_test.rb index e8c68638c..4cfa6bd55 100644 --- a/test/integration/api/registrant/registrant_api_domains_test.rb +++ b/test/integration/api/registrant/registrant_api_domains_test.rb @@ -94,7 +94,7 @@ class RegistrantApiDomainsTest < ApplicationIntegrationTest assert_equal(200, response.status) response_json = JSON.parse(response.body, symbolize_names: true) - assert_equal response_json[:domains].length, 4 + assert_equal response_json[:domains].length, response_json[:count] assert_equal response_json[:total], 5 end From d3525acffef6c147e3378a5340d042c9e88dccef Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Thu, 11 Feb 2021 14:52:02 +0500 Subject: [PATCH 11/36] Add check if UpdateProhibited to nameserver bulk update --- app/models/registrar.rb | 6 ++++- .../repp/v1/registrar/nameservers_test.rb | 27 +++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/app/models/registrar.rb b/app/models/registrar.rb index 168dfdca7..652864fe5 100644 --- a/app/models/registrar.rb +++ b/app/models/registrar.rb @@ -153,7 +153,7 @@ class Registrar < ApplicationRecord puny = origin.domain.name_puny next unless domains.include?(idn) || domains.include?(puny) || domains.empty? - if origin.domain.nameservers.where(hostname: new_attributes[:hostname]).any? + if domain_not_updatable?(hostname: new_attributes[:hostname], domain: origin.domain) failed_list << idn next end @@ -202,6 +202,10 @@ class Registrar < ApplicationRecord private + def domain_not_updatable?(hostname:, domain:) + domain.nameservers.where(hostname: hostname).any? || domain.bulk_update_prohibited? + end + def set_defaults self.language = Setting.default_language unless language end diff --git a/test/integration/repp/v1/registrar/nameservers_test.rb b/test/integration/repp/v1/registrar/nameservers_test.rb index f01769dfb..e2c6f890b 100644 --- a/test/integration/repp/v1/registrar/nameservers_test.rb +++ b/test/integration/repp/v1/registrar/nameservers_test.rb @@ -34,6 +34,33 @@ class ReppV1RegistrarNameserversTest < ActionDispatch::IntegrationTest assert json[:data][:affected_domains].include? 'shop.test' end + def test_fails_to_update_if_prohibited + domain = domains(:shop) + domain.update(statuses: [DomainStatus::CLIENT_UPDATE_PROHIBITED]) + nameserver = nameservers(:shop_ns1) + payload = { + "data": { + "id": nameserver.hostname, + "type": "nameserver", + "attributes": { + "hostname": "#{nameserver.hostname}.test", + "ipv4": ["1.1.1.1"] + } + } + } + + put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes]) + assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes]) + assert json[:data][:affected_domains].include? 'airport.test' + assert json[:data][:skipped_domains].include? 'shop.test' + end + def test_nameserver_with_hostname_must_exist payload = { "data": { From ffde92954057226330799f10e928ae69b8b61663 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Fri, 12 Feb 2021 15:54:04 +0500 Subject: [PATCH 12/36] Set validation to prohibit ManualInzone with any of the *Hold statuses --- app/models/concerns/domain/deletable.rb | 6 ++++++ app/models/concerns/domain/force_delete.rb | 9 +++++++++ app/models/domain.rb | 12 ++++++------ test/models/domain/force_delete_test.rb | 13 +++++++++++++ 4 files changed, 34 insertions(+), 6 deletions(-) diff --git a/app/models/concerns/domain/deletable.rb b/app/models/concerns/domain/deletable.rb index 81518c739..3c63cf96d 100644 --- a/app/models/concerns/domain/deletable.rb +++ b/app/models/concerns/domain/deletable.rb @@ -1,6 +1,12 @@ module Concerns::Domain::Deletable extend ActiveSupport::Concern + DELETE_STATUSES = [ + DomainStatus::PENDING_DELETE_CONFIRMATION, + DomainStatus::PENDING_DELETE, + DomainStatus::FORCE_DELETE, + ].freeze + private def delete_later diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index 87e9a957b..5f09dd9fb 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -11,6 +11,11 @@ module Concerns::Domain::ForceDelete # rubocop:disable Metrics/ModuleLength lambda { where("(force_delete_data->>'contact_notification_sent_date') is null") } + + HOLD_STATUSES = [ + DomainStatus::SERVER_HOLD, + DomainStatus::CLIENT_HOLD, + ].freeze end class_methods do @@ -19,6 +24,10 @@ module Concerns::Domain::ForceDelete # rubocop:disable Metrics/ModuleLength end end + def hold_status? + HOLD_STATUSES.any? { |status| statuses.include? status } + end + def notification_template(explicit: nil) reason = explicit&.downcase return reason if %w[invalid_email invalid_phone].include?(reason) diff --git a/app/models/domain.rb b/app/models/domain.rb index 53f0fa5b6..dc3ce79f5 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -107,13 +107,13 @@ class Domain < ApplicationRecord validate :status_is_consistant def status_is_consistant - has_error = (statuses.include?(DomainStatus::SERVER_HOLD) && statuses.include?(DomainStatus::SERVER_MANUAL_INZONE)) - unless has_error - if (statuses & [DomainStatus::PENDING_DELETE_CONFIRMATION, DomainStatus::PENDING_DELETE, DomainStatus::FORCE_DELETE]).any? - has_error = statuses.include? DomainStatus::SERVER_DELETE_PROHIBITED - end + has_error = (hold_status? && statuses.include?(DomainStatus::SERVER_MANUAL_INZONE)) + unless has_error + if (statuses & DELETE_STATUSES).any? + has_error = statuses.include? DomainStatus::SERVER_DELETE_PROHIBITED end - errors.add(:domains, I18n.t(:object_status_prohibits_operation)) if has_error + end + errors.add(:domains, I18n.t(:object_status_prohibits_operation)) if has_error end attr_accessor :is_admin diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index 2bb1b5b8f..19338f495 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -234,6 +234,19 @@ class ForceDeleteTest < ActionMailer::TestCase assert_includes(@domain.statuses, asserted_status) end + def test_client_hold_prohibits_manual_inzone + @domain.update(valid_to: Time.zone.parse('2012-08-05')) + @domain.update(template_name: 'legal_person') + travel_to Time.zone.parse('2010-07-05') + @domain.schedule_force_delete(type: :soft) + travel_to Time.zone.parse('2010-08-21') + Domains::ClientHold::SetClientHold.run! + @domain.reload + + @domain.statuses << DomainStatus::SERVER_MANUAL_INZONE + assert_not @domain.valid? + end + def test_force_delete_soft_year_ahead_not_sets_client_hold_before_threshold asserted_status = DomainStatus::CLIENT_HOLD From d3287fd73fd737b6a1c73aa6d9c10343ed6764db Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Fri, 12 Feb 2021 14:22:46 +0200 Subject: [PATCH 13/36] Added test for check domain status UpdatePending if registrants have the same ident --- .../epp/domain/update/base_test.rb | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/test/integration/epp/domain/update/base_test.rb b/test/integration/epp/domain/update/base_test.rb index 14e806fca..9a5e79639 100644 --- a/test/integration/epp/domain/update/base_test.rb +++ b/test/integration/epp/domain/update/base_test.rb @@ -123,6 +123,46 @@ class EppDomainUpdateBaseTest < EppTestCase assert_verification_and_notification_emails end + def test_domain_should_doesnt_have_pending_update_when_updated_registrant_with_same_idents_data + assert_not @domain.statuses.include? "pendingUpdate" + + old_registrant = @domain.registrant + new_registrant = contacts(:william).becomes(Registrant) + + new_registrant.update(ident: old_registrant.ident) + new_registrant.update(ident_country_code: old_registrant.ident_country_code) + new_registrant.update(ident_type: old_registrant.ident_type) + + request_xml = <<-XML + + + + + + #{@domain.name} + + #{new_registrant.code} + + + + + + #{'test' * 2000} + + + + + XML + + post epp_update_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + @domain.reload + assert_epp_response :completed_successfully + + assert_equal @domain.registrant, new_registrant + assert_not @domain.statuses.include? "pendingUpdate" + end + def test_requires_verification_from_current_registrant_when_not_yet_verified_by_registrar Setting.request_confirmation_on_registrant_change_enabled = true new_registrant = contacts(:william) From 36d4ea981a46bda0ad68565e84e45c1f5d74f088 Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Fri, 12 Feb 2021 15:21:09 +0200 Subject: [PATCH 14/36] add test for removing contact with server delete prohibited --- .../epp/contact/delete/base_test.rb | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/test/integration/epp/contact/delete/base_test.rb b/test/integration/epp/contact/delete/base_test.rb index 26ba63897..50335edb5 100644 --- a/test/integration/epp/contact/delete/base_test.rb +++ b/test/integration/epp/contact/delete/base_test.rb @@ -27,6 +27,33 @@ class EppContactDeleteBaseTest < EppTestCase assert_epp_response :completed_successfully end + def test_delete_contact_with_server_delete_prohibited + contact = deletable_contact + contact.update(statuses: Contact::SERVER_DELETE_PROHIBITED) + assert contact.statuses.include? Contact::SERVER_DELETE_PROHIBITED + + contact.update_columns(code: contact.code.upcase) + + request_xml = <<-XML + + + + + + #{contact.code.upcase} + + + + + XML + + post epp_delete_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + + assert Contact.exists?(id: contact.id) + assert_epp_response :object_association_prohibits_operation + end + def test_undeletable_cannot_be_deleted contact = contacts(:john) assert_not contact.deletable? From fad739d279bb15a0dd8cb1137905b0b939992439 Mon Sep 17 00:00:00 2001 From: Oleg Hasjanov Date: Fri, 12 Feb 2021 15:22:05 +0200 Subject: [PATCH 15/36] add test for removing contact with client delete prohibited --- .../epp/contact/delete/base_test.rb | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/test/integration/epp/contact/delete/base_test.rb b/test/integration/epp/contact/delete/base_test.rb index 50335edb5..a93b68b6d 100644 --- a/test/integration/epp/contact/delete/base_test.rb +++ b/test/integration/epp/contact/delete/base_test.rb @@ -54,6 +54,33 @@ class EppContactDeleteBaseTest < EppTestCase assert_epp_response :object_association_prohibits_operation end + def test_delete_contact_with_client_delete_prohibited + contact = deletable_contact + contact.update(statuses: Contact::CLIENT_DELETE_PROHIBITED) + assert contact.statuses.include? Contact::CLIENT_DELETE_PROHIBITED + + contact.update_columns(code: contact.code.upcase) + + request_xml = <<-XML + + + + + + #{contact.code.upcase} + + + + + XML + + post epp_delete_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + + assert Contact.exists?(id: contact.id) + assert_epp_response :object_association_prohibits_operation + end + def test_undeletable_cannot_be_deleted contact = contacts(:john) assert_not contact.deletable? From 69562ec2a2d6e05b9c810f306e42a25700aa56fa Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Mon, 15 Feb 2021 17:56:18 +0500 Subject: [PATCH 16/36] Fix checking if verification needed --- app/models/epp/domain.rb | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index ad96adc64..1aec22f7f 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -495,7 +495,7 @@ class Epp::Domain < Domain registrant_verification_needed = false # registrant block may not be present, so we need this to rule out false positives if frame.css('registrant').text.present? - registrant_verification_needed = (registrant.code != frame.css('registrant').text) + registrant_verification_needed = verification_needed?(code: frame.css('registrant').text) end if registrant_verification_needed && disputed? @@ -798,4 +798,13 @@ class Epp::Domain < Domain result end end + + private + + def verification_needed?(code:) + new_registrant = Registrant.find_by(code: code) + return false if new_registrant.try(:identical_to?, registrant) + + registrant.code != code + end end From 340e1820f273fe6bdd4a66eb88000451c7ee86d5 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Mon, 15 Feb 2021 14:51:01 +0500 Subject: [PATCH 17/36] Fix contact deletion if contact *DeleteProhibited --- app/models/actions/contact_delete.rb | 5 +++++ app/models/epp/contact.rb | 3 ++- config/locales/contacts.en.yml | 2 ++ test/integration/epp/contact/delete/base_test.rb | 2 +- 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/app/models/actions/contact_delete.rb b/app/models/actions/contact_delete.rb index 59032d566..d4169e8b3 100644 --- a/app/models/actions/contact_delete.rb +++ b/app/models/actions/contact_delete.rb @@ -19,6 +19,11 @@ module Actions return end + if contact.delete_prohibited? + contact.errors.add(:status, :delete_prohibited) + return + end + commit end diff --git a/app/models/epp/contact.rb b/app/models/epp/contact.rb index 0c0ed3d5f..e7054c8aa 100644 --- a/app/models/epp/contact.rb +++ b/app/models/epp/contact.rb @@ -83,7 +83,8 @@ class Epp::Contact < Contact [:code, :epp_id_taken] ], '2305' => [ # Association exists - [:domains, :exist] + [:domains, :exist], + [:domains, :delete_prohibited], ] } end diff --git a/config/locales/contacts.en.yml b/config/locales/contacts.en.yml index 906bde193..b5f0dd7ed 100644 --- a/config/locales/contacts.en.yml +++ b/config/locales/contacts.en.yml @@ -25,6 +25,8 @@ en: email_regex_check_error: Invalid format domains: exist: 'Object association prohibits operation' + status: + delete_prohibited: Contact delete prohibited by status statuses: not_uniq: 'not uniq' country_code: diff --git a/test/integration/epp/contact/delete/base_test.rb b/test/integration/epp/contact/delete/base_test.rb index a93b68b6d..5bdb7b8cf 100644 --- a/test/integration/epp/contact/delete/base_test.rb +++ b/test/integration/epp/contact/delete/base_test.rb @@ -115,4 +115,4 @@ class EppContactDeleteBaseTest < EppTestCase DomainContact.delete_all contacts(:john) end -end \ No newline at end of file +end From b9d57be6abb90dbbac170ca676633fc0cc2b8b59 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Mon, 15 Feb 2021 19:46:16 +0500 Subject: [PATCH 18/36] Add i18n, change error response code to 2304 --- app/models/actions/contact_delete.rb | 2 +- app/models/epp/contact.rb | 4 +++- config/locales/contacts.en.yml | 2 +- test/integration/epp/contact/delete/base_test.rb | 4 ++-- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/app/models/actions/contact_delete.rb b/app/models/actions/contact_delete.rb index d4169e8b3..60d3252c4 100644 --- a/app/models/actions/contact_delete.rb +++ b/app/models/actions/contact_delete.rb @@ -20,7 +20,7 @@ module Actions end if contact.delete_prohibited? - contact.errors.add(:status, :delete_prohibited) + contact.errors.add(:statuses, :delete_prohibited) return end diff --git a/app/models/epp/contact.rb b/app/models/epp/contact.rb index e7054c8aa..4cd876d5f 100644 --- a/app/models/epp/contact.rb +++ b/app/models/epp/contact.rb @@ -82,9 +82,11 @@ class Epp::Contact < Contact '2302' => [ # Object exists [:code, :epp_id_taken] ], + '2304' => [ # Status prohibits operation + [:statuses, :delete_prohibited], + ], '2305' => [ # Association exists [:domains, :exist], - [:domains, :delete_prohibited], ] } end diff --git a/config/locales/contacts.en.yml b/config/locales/contacts.en.yml index b5f0dd7ed..4b4d099d7 100644 --- a/config/locales/contacts.en.yml +++ b/config/locales/contacts.en.yml @@ -25,10 +25,10 @@ en: email_regex_check_error: Invalid format domains: exist: 'Object association prohibits operation' - status: delete_prohibited: Contact delete prohibited by status statuses: not_uniq: 'not uniq' + delete_prohibited: Contact delete prohibited by status country_code: invalid: Country code is not valid, should be in ISO_3166-1 alpha 2 format (%{value}) disclosed_attributes: diff --git a/test/integration/epp/contact/delete/base_test.rb b/test/integration/epp/contact/delete/base_test.rb index 5bdb7b8cf..e86bea9dd 100644 --- a/test/integration/epp/contact/delete/base_test.rb +++ b/test/integration/epp/contact/delete/base_test.rb @@ -51,7 +51,7 @@ class EppContactDeleteBaseTest < EppTestCase headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } assert Contact.exists?(id: contact.id) - assert_epp_response :object_association_prohibits_operation + assert_epp_response :object_status_prohibits_operation end def test_delete_contact_with_client_delete_prohibited @@ -78,7 +78,7 @@ class EppContactDeleteBaseTest < EppTestCase headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } assert Contact.exists?(id: contact.id) - assert_epp_response :object_association_prohibits_operation + assert_epp_response :object_status_prohibits_operation end def test_undeletable_cannot_be_deleted From 2b7dbba9183bea26b6376ef05719147dba327d4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Fri, 19 Feb 2021 17:34:28 +0200 Subject: [PATCH 19/36] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9afedbf17..25a1402af 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +19.02.2021 +* Fixed clientHold and serverManualInzone status conflict issue [#1845](https://github.com/internetee/registry/issues/1845) + 11.02.2021 * Poll messages on locking and unlocking a domain [#1828](https://github.com/internetee/registry/issues/1828) * Registrar's prefix is now checked and added to contact id for info and check requests [#1832](https://github.com/internetee/registry/issues/1832) From 1d405968c55930eb91529f115abb4e82ad2207f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Fri, 19 Feb 2021 17:47:06 +0200 Subject: [PATCH 20/36] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 25a1402af..03cc6aa58 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,5 @@ 19.02.2021 +* Update prohibited staatus is kept after renew [#1843](https://github.com/internetee/registry/issues/1843) * Fixed clientHold and serverManualInzone status conflict issue [#1845](https://github.com/internetee/registry/issues/1845) 11.02.2021 From 79c5d963daadddaf08417cfe6ac3705c5b98560a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Fri, 19 Feb 2021 18:05:27 +0200 Subject: [PATCH 21/36] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 03cc6aa58..4c9a0facf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ 19.02.2021 * Update prohibited staatus is kept after renew [#1843](https://github.com/internetee/registry/issues/1843) * Fixed clientHold and serverManualInzone status conflict issue [#1845](https://github.com/internetee/registry/issues/1845) +* Replacing registrant object with another that has the same ident data set does not require registrant verification [#1852](https://github.com/internetee/registry/issues/1852) 11.02.2021 * Poll messages on locking and unlocking a domain [#1828](https://github.com/internetee/registry/issues/1828) From 44add87fe24fa96b527f64a9c119437bf4bd6d77 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Mon, 22 Feb 2021 13:54:41 +0500 Subject: [PATCH 22/36] Add tests on domain transfer --- app/models/concerns/domain/transferable.rb | 4 +++- test/integration/api/domain_transfers_test.rb | 7 +++++-- test/integration/api/nameservers/put_test.rb | 11 +++++++---- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/app/models/concerns/domain/transferable.rb b/app/models/concerns/domain/transferable.rb index 5400e9409..649600217 100644 --- a/app/models/concerns/domain/transferable.rb +++ b/app/models/concerns/domain/transferable.rb @@ -31,7 +31,9 @@ module Concerns::Domain::Transferable DomainStatus::PENDING_TRANSFER, DomainStatus::FORCE_DELETE, DomainStatus::SERVER_TRANSFER_PROHIBITED, - DomainStatus::CLIENT_TRANSFER_PROHIBITED + DomainStatus::CLIENT_TRANSFER_PROHIBITED, + DomainStatus::SERVER_UPDATE_PROHIBITED, + DomainStatus::CLIENT_UPDATE_PROHIBITED, ]).empty? end diff --git a/test/integration/api/domain_transfers_test.rb b/test/integration/api/domain_transfers_test.rb index 2cf12130b..3ed5b0fc6 100644 --- a/test/integration/api/domain_transfers_test.rb +++ b/test/integration/api/domain_transfers_test.rb @@ -68,12 +68,15 @@ class APIDomainTransfersTest < ApplicationIntegrationTest post '/repp/v1/domains/transfer', params: request_params, as: :json, headers: { 'HTTP_AUTHORIZATION' => http_auth_key } - + assert_response :ok assert_equal ({ code: 1000, message: 'Command completed successfully', data: { success: [], - failed: [{ type: "domain_transfer", domain_name: "shop.test" }] }}), + failed: [{ type: "domain_transfer", + domain_name: "shop.test", + errors: [{:code=>"2304", :msg=>"Object status prohibits operation"}] }], + }}), JSON.parse(response.body, symbolize_names: true) end diff --git a/test/integration/api/nameservers/put_test.rb b/test/integration/api/nameservers/put_test.rb index f1a478da6..a55014709 100644 --- a/test/integration/api/nameservers/put_test.rb +++ b/test/integration/api/nameservers/put_test.rb @@ -108,15 +108,18 @@ class APINameserversPutTest < ApplicationIntegrationTest domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) params = { data: { type: 'nameserver', id: domains(:shop).nameservers.hostnames[0], - attributes: { hostname: 'ns55.bestnames.test' } } } + attributes: { hostname: 'ns55.bestnames.test' } } } put '/repp/v1/registrar/nameservers', params: params, as: :json, headers: { 'HTTP_AUTHORIZATION' => http_auth_key } - + assert_response :ok assert_equal ({ code: 1000, message: 'Command completed successfully', - data: { affected_domains: ["airport.test"], - skipped_domains: ["shop.test"] }}), + data: { type: "nameserver", + id: "ns55.bestnames.test", + attributes: {hostname: "ns55.bestnames.test"}, + affected_domains: ["airport.test"], + skipped_domains: ["shop.test"]}}), JSON.parse(response.body, symbolize_names: true) end From 36f679a24047cea7b288be9ac6ce68c495221c03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Mon, 22 Feb 2021 13:23:28 +0200 Subject: [PATCH 23/36] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4c9a0facf..f1cfab5b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +22.02.2021 +* serverDeleteProhibited prohibts delete action [#1849](https://github.com/internetee/registry/issues/1849) + 19.02.2021 * Update prohibited staatus is kept after renew [#1843](https://github.com/internetee/registry/issues/1843) * Fixed clientHold and serverManualInzone status conflict issue [#1845](https://github.com/internetee/registry/issues/1845) From d8642657606a05244c51881a138f9ec2be619cbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Tue, 23 Feb 2021 13:41:17 +0200 Subject: [PATCH 24/36] Registrant API: Expose Bearer token internally --- app/controllers/api/v1/registrant/auth_controller.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/controllers/api/v1/registrant/auth_controller.rb b/app/controllers/api/v1/registrant/auth_controller.rb index 03dfa45f3..30f3ed973 100644 --- a/app/controllers/api/v1/registrant/auth_controller.rb +++ b/app/controllers/api/v1/registrant/auth_controller.rb @@ -19,6 +19,8 @@ module Api token = create_token(user) if token + ToStdout.msg("Bearer for #{eid_params[:first_name]} #{eid_params[:last_name]} " \ + "(#{eid_params[:ident]}) - '#{token[:access_token]}'") render json: token else render json: { errors: [{ base: ['Cannot create generate session token'] }] } From 34e71cc2c8ed42bf1dc0acc8ba1f1a0acb97b918 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Tue, 23 Feb 2021 15:09:50 +0200 Subject: [PATCH 25/36] Skip bearer token logging when production env --- app/controllers/api/v1/registrant/auth_controller.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/v1/registrant/auth_controller.rb b/app/controllers/api/v1/registrant/auth_controller.rb index 30f3ed973..8c72106d0 100644 --- a/app/controllers/api/v1/registrant/auth_controller.rb +++ b/app/controllers/api/v1/registrant/auth_controller.rb @@ -19,8 +19,9 @@ module Api token = create_token(user) if token - ToStdout.msg("Bearer for #{eid_params[:first_name]} #{eid_params[:last_name]} " \ - "(#{eid_params[:ident]}) - '#{token[:access_token]}'") + msg = "Bearer for #{eid_params[:first_name]} #{eid_params[:last_name]} " \ + "(#{eid_params[:ident]}) - '#{token[:access_token]}'" + ToStdout.msg(msg) unless Rails.env.production? render json: token else render json: { errors: [{ base: ['Cannot create generate session token'] }] } From 9fddb47310cabceaf4567360ad854de445d947d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Tue, 23 Feb 2021 15:22:32 +0200 Subject: [PATCH 26/36] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f1cfab5b7..5de19b56f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +23.02.2021 +* Registrant api domain request now excludes tech only domains by default [#1836](https://github.com/internetee/registry/pull/1836) + 22.02.2021 * serverDeleteProhibited prohibts delete action [#1849](https://github.com/internetee/registry/issues/1849) From 5bf2bf0ffe0076c13aa4a11a7d548d754a87310c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Tue, 23 Feb 2021 17:04:20 +0200 Subject: [PATCH 27/36] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5de19b56f..fdbece82b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,5 @@ 23.02.2021 +* UpdateProhibited status affects bulk actions in REPP [#1818](https://github.com/internetee/registry/issues/1818) * Registrant api domain request now excludes tech only domains by default [#1836](https://github.com/internetee/registry/pull/1836) 22.02.2021 From 40b7897e4b1811f9dec61a13aaeca26f51ae3e85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 26 Feb 2021 11:30:17 +0200 Subject: [PATCH 28/36] Registrant API: Permit country_code param --- app/controllers/api/v1/registrant/auth_controller.rb | 2 +- app/models/registrant_user.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/v1/registrant/auth_controller.rb b/app/controllers/api/v1/registrant/auth_controller.rb index 8c72106d0..728ef696d 100644 --- a/app/controllers/api/v1/registrant/auth_controller.rb +++ b/app/controllers/api/v1/registrant/auth_controller.rb @@ -40,7 +40,7 @@ module Api obj.require(key) end - params.permit(required_params) + params.permit(required_params + [:country_code]) end def create_token(user) diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index efcb08288..227ae8cbf 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -76,7 +76,7 @@ class RegistrantUser < User return false unless user_data[:last_name] user_data[:country_code] ||= 'EE' - %i[ident country_code].each { |f| user_data[f].upcase! if user_data[f].is_a?(String) } + user_data[:country_code].upcase! if user_data[:country_code].is_a?(String) find_or_create_by_user_data(user_data) end From 1c6af8e9e8ed71f0ccd91c1541f81f46e897e364 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Fri, 26 Feb 2021 12:31:01 +0200 Subject: [PATCH 29/36] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fdbece82b..565cee202 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +26.02.2021 +* Registrant API fix for handling eidas personal identificators [#1864](https://github.com/internetee/registry/pull/1864) + 23.02.2021 * UpdateProhibited status affects bulk actions in REPP [#1818](https://github.com/internetee/registry/issues/1818) * Registrant api domain request now excludes tech only domains by default [#1836](https://github.com/internetee/registry/pull/1836) From ea2f9dcbb6044534388130d8f5e5071562f10f46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 26 Feb 2021 13:50:18 +0200 Subject: [PATCH 30/36] Registrant User: Fix UUID ident parsing --- app/models/registrant_user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index 227ae8cbf..b09970b1e 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -9,7 +9,7 @@ class RegistrantUser < User delegate :can?, :cannot?, to: :ability def ident - registrant_ident.to_s.split('-').last + registrant_ident.to_s.slice(3) end def country From 1999493bac9bfa6fefe359d4585ceddfe7f00b60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 26 Feb 2021 13:53:40 +0200 Subject: [PATCH 31/36] Skip company query if ident is eIDAS UUID --- app/models/registrant_user.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index b09970b1e..f7e85c5af 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -9,7 +9,7 @@ class RegistrantUser < User delegate :can?, :cannot?, to: :ability def ident - registrant_ident.to_s.slice(3) + registrant_ident.to_s[3..] end def country @@ -18,6 +18,8 @@ class RegistrantUser < User end def companies(company_register = CompanyRegister::Client.new) + return [] if ident.include?('-') + company_register.representation_rights(citizen_personal_code: ident, citizen_country_code: country.alpha3) end From 747aa502d0e3f6bac1d917b7669394e088044db9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 26 Feb 2021 15:11:54 +0200 Subject: [PATCH 32/36] Registrant API: Fix company domain query --- app/models/domain.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/domain.rb b/app/models/domain.rb index 819d8e34c..f5fed455d 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -202,7 +202,7 @@ class Domain < ApplicationRecord companies = Contact.registrant_user_company_contacts(registrant_user) from( "(#{registrant_user_administered_domains(registrant_user).to_sql} UNION " \ - "#{registrant_user_company_registrant(registrant_user).to_sql} UNION " \ + "#{registrant_user_company_registrant(companies).to_sql} UNION " \ "#{registrant_user_domains_company(companies, except_tech: true).to_sql}) AS domains" ) end From 89c1bcf693e329d8596826d9707608284ca57319 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Thu, 11 Feb 2021 15:50:06 +0500 Subject: [PATCH 33/36] Allow domain deletion on *UpdateProhibited statuses --- app/models/domain_status.rb | 4 +-- .../epp/domain/delete/base_test.rb | 34 +++++++++++++++++++ 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/app/models/domain_status.rb b/app/models/domain_status.rb index bf0ae2a51..30161c076 100644 --- a/app/models/domain_status.rb +++ b/app/models/domain_status.rb @@ -109,14 +109,12 @@ class DomainStatus < ApplicationRecord DELETE_PROHIBIT_STATES = [ DomainStatus::CLIENT_DELETE_PROHIBITED, DomainStatus::SERVER_DELETE_PROHIBITED, - DomainStatus::CLIENT_UPDATE_PROHIBITED, - DomainStatus::SERVER_UPDATE_PROHIBITED, DomainStatus::PENDING_CREATE, DomainStatus::PENDING_RENEW, DomainStatus::PENDING_TRANSFER, DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_DELETE - ] + ].freeze def epp_code_map { diff --git a/test/integration/epp/domain/delete/base_test.rb b/test/integration/epp/domain/delete/base_test.rb index 56a3cc31e..d32a89f63 100644 --- a/test/integration/epp/domain/delete/base_test.rb +++ b/test/integration/epp/domain/delete/base_test.rb @@ -133,6 +133,40 @@ class EppDomainDeleteBaseTest < EppTestCase assert_epp_response :completed_successfully end + def test_deletes_on_update_prohibited + assert_equal 'shop.test', @domain.name + @domain.update(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) + Setting.request_confirmation_on_domain_deletion_enabled = false + + request_xml = <<-XML + + + + + + shop.test + + + + + #{'test' * 2000} + + + + + XML + + perform_enqueued_jobs do + post epp_delete_path, params: { frame: request_xml }, headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + end + @domain.reload + + assert_not @domain.registrant_verification_asked? + assert_not @domain.pending_delete_confirmation? + assert_no_emails + assert_epp_response :completed_successfully + end + def test_skips_registrant_confirmation_when_required_but_already_verified_by_registrar assert_equal 'shop.test', @domain.name Setting.request_confirmation_on_domain_deletion_enabled = true From aae9e39d352b9d243390b0f57a8805e609acb224 Mon Sep 17 00:00:00 2001 From: Alex Sherman Date: Mon, 22 Feb 2021 17:04:02 +0500 Subject: [PATCH 34/36] Add check if UpdateProhibited for domain update --- app/models/epp/domain.rb | 2 +- .../epp/domain/update/base_test.rb | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index 31716de7d..f3da8d533 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -465,7 +465,7 @@ class Epp::Domain < Domain def update(frame, current_user, verify = true) return super if frame.blank? - if discarded? + if discarded? || statuses_blocks_update? add_epp_error('2304', nil, nil, 'Object status prohibits operation') return end diff --git a/test/integration/epp/domain/update/base_test.rb b/test/integration/epp/domain/update/base_test.rb index 9a5e79639..53531e8b5 100644 --- a/test/integration/epp/domain/update/base_test.rb +++ b/test/integration/epp/domain/update/base_test.rb @@ -62,6 +62,27 @@ class EppDomainUpdateBaseTest < EppTestCase assert_epp_response :object_status_prohibits_operation end + def test_prohibited_domain_cannot_be_updated + @domain.update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED]) + + request_xml = <<-XML + + + + + + shop.test + + + + + XML + + post epp_update_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + assert_epp_response :object_status_prohibits_operation + end + def test_does_not_return_server_delete_prohibited_status_when_pending_update_status_is_set @domain.update!(statuses: [DomainStatus::SERVER_DELETE_PROHIBITED, DomainStatus::PENDING_UPDATE]) From 63a15154cba437314ff8c99e85bcdb1b840d2731 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= Date: Fri, 26 Feb 2021 17:18:52 +0200 Subject: [PATCH 35/36] Registrant API: Allow tech domain query without tech flag --- app/controllers/api/v1/registrant/domains_controller.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/controllers/api/v1/registrant/domains_controller.rb b/app/controllers/api/v1/registrant/domains_controller.rb index 12b060e6c..94d2c865a 100644 --- a/app/controllers/api/v1/registrant/domains_controller.rb +++ b/app/controllers/api/v1/registrant/domains_controller.rb @@ -4,6 +4,8 @@ module Api module V1 module Registrant class DomainsController < ::Api::V1::Registrant::BaseController + before_action :set_tech_flag, only: [:show] + def index limit = params[:limit] || 200 offset = params[:offset] || 0 @@ -42,6 +44,12 @@ module Api private + def set_tech_flag + # current_user_domains scope depends on tech flag + # However, if it's not present, tech contact can not see specific domain entry at all. + params.merge!(tech: 'true') + end + def current_user_domains_total_count current_registrant_user.domains.count rescue CompanyRegister::NotAvailableError From a17497936bb619ca6fcef78751d8deced933b8c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20V=C3=B5hmar?= Date: Fri, 26 Feb 2021 17:46:48 +0200 Subject: [PATCH 36/36] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 565cee202..6470a9471 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,5 @@ 26.02.2021 +* Domain delete is not affected by updateProhibited [#1844](https://github.com/internetee/registry/issues/1844) * Registrant API fix for handling eidas personal identificators [#1864](https://github.com/internetee/registry/pull/1864) 23.02.2021