From 76d10b94c545fbb1fd356442e4df8c86a3695d82 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 6 Jun 2018 04:55:36 +0300 Subject: [PATCH] Turn off settings by default - `registrar_ip_whitelist_enabled` - `api_ip_whitelist_enabled` --- config/initializers/initial_settings.rb | 4 ++-- lib/tasks/dev.rake | 2 -- spec/features/registrar/contacts/delete_spec.rb | 2 -- spec/features/registrar/ip_restriction_spec.rb | 9 +++++++-- spec/features/registrar/linked_users_spec.rb | 1 - spec/features/registrar/profile_spec.rb | 1 - .../features/registrar/sign_in/mobile_id_spec.rb | 1 - spec/features/registrar/sign_in/password_spec.rb | 4 ---- spec/features/registrar/sign_out_spec.rb | 1 - spec/models/authorization/restricted_ip_spec.rb | 12 ++++++++---- spec/requests/registrar/ip_restriction_spec.rb | 16 ++++++++-------- spec/requests/registrar/sign_in/password_spec.rb | 4 ---- spec/requests/registrar/sign_out_spec.rb | 1 - 13 files changed, 25 insertions(+), 33 deletions(-) diff --git a/config/initializers/initial_settings.rb b/config/initializers/initial_settings.rb index b6efea6eb..4f4e30057 100644 --- a/config/initializers/initial_settings.rb +++ b/config/initializers/initial_settings.rb @@ -51,8 +51,8 @@ if con.present? && con.table_exists?('settings') Setting.save_default(:redemption_grace_period, 30) Setting.save_default(:expiration_reminder_mail, 2) - Setting.save_default(:registrar_ip_whitelist_enabled, true) - Setting.save_default(:api_ip_whitelist_enabled, true) + Setting.save_default(:registrar_ip_whitelist_enabled, false) + Setting.save_default(:api_ip_whitelist_enabled, false) Setting.save_default(:registry_juridical_name, 'Eesti Interneti SA') Setting.save_default(:registry_reg_no, '90010019') diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake index e4c120a8d..163e3ad1f 100644 --- a/lib/tasks/dev.rake +++ b/lib/tasks/dev.rake @@ -171,9 +171,7 @@ namespace :dev do end end - Setting.api_ip_whitelist_enabled = false Setting.address_processing = false - Setting.registrar_ip_whitelist_enabled = false ActiveRecord::Base.transaction do generate_default_data diff --git a/spec/features/registrar/contacts/delete_spec.rb b/spec/features/registrar/contacts/delete_spec.rb index dd6305a10..d0169ad54 100644 --- a/spec/features/registrar/contacts/delete_spec.rb +++ b/spec/features/registrar/contacts/delete_spec.rb @@ -31,8 +31,6 @@ RSpec.feature 'Contact deletion in registrar area' do background do allow(Depp::Contact).to receive(:find_by_id).and_return(FakeDeppContact.new) allow(Depp::Contact).to receive(:new).and_return(FakeDeppContact.new) - Setting.api_ip_whitelist_enabled = false - Setting.registrar_ip_whitelist_enabled = false sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance, registrar: registrar)) end diff --git a/spec/features/registrar/ip_restriction_spec.rb b/spec/features/registrar/ip_restriction_spec.rb index dc9631057..264c45283 100644 --- a/spec/features/registrar/ip_restriction_spec.rb +++ b/spec/features/registrar/ip_restriction_spec.rb @@ -1,11 +1,16 @@ require 'rails_helper' RSpec.feature 'Registrar area IP restriction', settings: false do - background do - Setting.registrar_ip_whitelist_enabled = true + before do + @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled + end + + after do + Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled end scenario 'notifies the user if his IP is not allowed' do + Setting.registrar_ip_whitelist_enabled = true visit registrar_root_path expect(page).to have_text('Access denied from IP 127.0.0.1') end diff --git a/spec/features/registrar/linked_users_spec.rb b/spec/features/registrar/linked_users_spec.rb index 2f5fbbd28..f7731a168 100644 --- a/spec/features/registrar/linked_users_spec.rb +++ b/spec/features/registrar/linked_users_spec.rb @@ -6,7 +6,6 @@ RSpec.feature 'Registrar area linked users', settings: false do username: 'new-user-name') } background do - Setting.registrar_ip_whitelist_enabled = false sign_in_to_registrar_area(user: current_user) end diff --git a/spec/features/registrar/profile_spec.rb b/spec/features/registrar/profile_spec.rb index 195458576..745542b58 100644 --- a/spec/features/registrar/profile_spec.rb +++ b/spec/features/registrar/profile_spec.rb @@ -2,7 +2,6 @@ require 'rails_helper' RSpec.feature 'Registrar area profile', settings: false do background do - Setting.registrar_ip_whitelist_enabled = false sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance)) end diff --git a/spec/features/registrar/sign_in/mobile_id_spec.rb b/spec/features/registrar/sign_in/mobile_id_spec.rb index 5373be4ec..bc26daff5 100644 --- a/spec/features/registrar/sign_in/mobile_id_spec.rb +++ b/spec/features/registrar/sign_in/mobile_id_spec.rb @@ -4,7 +4,6 @@ RSpec.feature 'Mobile ID login', db: true do given!(:api_user) { create(:api_user, identity_code: 1234) } background do - Setting.registrar_ip_whitelist_enabled = false digidoc_client = instance_double(Digidoc::Client, authenticate: OpenStruct.new(user_id_code: 1234), session_code: 1234) allow(Digidoc::Client).to receive(:new).and_return(digidoc_client) end diff --git a/spec/features/registrar/sign_in/password_spec.rb b/spec/features/registrar/sign_in/password_spec.rb index f0cc3ed49..64e22b8f4 100644 --- a/spec/features/registrar/sign_in/password_spec.rb +++ b/spec/features/registrar/sign_in/password_spec.rb @@ -1,10 +1,6 @@ require 'rails_helper' RSpec.feature 'Registrar area password sign-in' do - background do - Setting.registrar_ip_whitelist_enabled = false - end - scenario 'signs in the user with valid credentials' do create(:api_user_with_unlimited_balance, active: true, diff --git a/spec/features/registrar/sign_out_spec.rb b/spec/features/registrar/sign_out_spec.rb index 33acc52ab..09ae011cd 100644 --- a/spec/features/registrar/sign_out_spec.rb +++ b/spec/features/registrar/sign_out_spec.rb @@ -2,7 +2,6 @@ require 'rails_helper' RSpec.feature 'Registrar area sign-out', settings: false do background do - Setting.registrar_ip_whitelist_enabled = false sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance)) end diff --git a/spec/models/authorization/restricted_ip_spec.rb b/spec/models/authorization/restricted_ip_spec.rb index e64a1739f..b432d46e4 100644 --- a/spec/models/authorization/restricted_ip_spec.rb +++ b/spec/models/authorization/restricted_ip_spec.rb @@ -2,6 +2,14 @@ require 'rails_helper' RSpec.describe Authorization::RestrictedIP do describe '::enabled?', db: true, settings: false do + before do + @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled + end + + after do + Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled + end + context 'when "registrar_ip_whitelist_enabled" is true' do before do Setting.registrar_ip_whitelist_enabled = true @@ -13,10 +21,6 @@ RSpec.describe Authorization::RestrictedIP do end context 'when "registrar_ip_whitelist_enabled" is false' do - before do - Setting.registrar_ip_whitelist_enabled = false - end - specify do expect(described_class).to_not be_enabled end diff --git a/spec/requests/registrar/ip_restriction_spec.rb b/spec/requests/registrar/ip_restriction_spec.rb index 3effb72a6..69ba33602 100644 --- a/spec/requests/registrar/ip_restriction_spec.rb +++ b/spec/requests/registrar/ip_restriction_spec.rb @@ -1,6 +1,14 @@ require 'rails_helper' RSpec.describe 'Registrar area IP restriction', settings: false do + before do + @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled + end + + after do + Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled + end + context 'when authenticated' do before do sign_in_to_registrar_area @@ -39,10 +47,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do end context 'when IP restriction is disabled' do - before do - Setting.registrar_ip_whitelist_enabled = false - end - specify do get registrar_root_url follow_redirect! @@ -77,10 +81,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do end context 'when IP restriction is disabled' do - before do - Setting.registrar_ip_whitelist_enabled = false - end - specify do get registrar_login_path expect(response).to be_success diff --git a/spec/requests/registrar/sign_in/password_spec.rb b/spec/requests/registrar/sign_in/password_spec.rb index f419ffa01..b875de98a 100644 --- a/spec/requests/registrar/sign_in/password_spec.rb +++ b/spec/requests/registrar/sign_in/password_spec.rb @@ -3,10 +3,6 @@ require 'rails_helper' RSpec.describe 'Registrar area password sign-in', settings: false do let!(:user) { create(:api_user, active: true, login: 'test', password: 'testtest') } - before do - Setting.registrar_ip_whitelist_enabled = false - end - it 'signs the user in' do post registrar_sessions_path, depp_user: { tag: 'test', password: 'testtest' } follow_redirect! diff --git a/spec/requests/registrar/sign_out_spec.rb b/spec/requests/registrar/sign_out_spec.rb index 086b95f64..4f5b099c0 100644 --- a/spec/requests/registrar/sign_out_spec.rb +++ b/spec/requests/registrar/sign_out_spec.rb @@ -2,7 +2,6 @@ require 'rails_helper' RSpec.describe 'Registrar area sign-out', settings: false do before do - Setting.registrar_ip_whitelist_enabled = false sign_in_to_registrar_area end