Turn off settings by default

- `registrar_ip_whitelist_enabled`
- `api_ip_whitelist_enabled`

config/initializers/initial_settings.rb

@@ -51,8 +51,8 @@ if con.present? && con.table_exists?('settings')
   Setting.save_default(:redemption_grace_period, 30)
   Setting.save_default(:expiration_reminder_mail, 2)
 
-  Setting.save_default(:registrar_ip_whitelist_enabled, true)
-  Setting.save_default(:api_ip_whitelist_enabled, true)
+  Setting.save_default(:registrar_ip_whitelist_enabled, false)
+  Setting.save_default(:api_ip_whitelist_enabled, false)
 
   Setting.save_default(:registry_juridical_name, 'Eesti Interneti SA')
   Setting.save_default(:registry_reg_no, '90010019')

lib/tasks/dev.rake

@@ -171,9 +171,7 @@ namespace :dev do
       end
     end
 
-    Setting.api_ip_whitelist_enabled = false
     Setting.address_processing = false
-    Setting.registrar_ip_whitelist_enabled = false
 
     ActiveRecord::Base.transaction do
       generate_default_data

spec/features/registrar/contacts/delete_spec.rb

@@ -31,8 +31,6 @@ RSpec.feature 'Contact deletion in registrar area' do
   background do
     allow(Depp::Contact).to receive(:find_by_id).and_return(FakeDeppContact.new)
     allow(Depp::Contact).to receive(:new).and_return(FakeDeppContact.new)
-    Setting.api_ip_whitelist_enabled = false
-    Setting.registrar_ip_whitelist_enabled = false
     sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance, registrar: registrar))
   end
 

spec/features/registrar/ip_restriction_spec.rb

@@ -1,11 +1,16 @@
 require 'rails_helper'
 
 RSpec.feature 'Registrar area IP restriction', settings: false do
-  background do
-    Setting.registrar_ip_whitelist_enabled = true
+  before do
+    @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled
+  end
+
+  after do
+    Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled
   end
 
   scenario 'notifies the user if his IP is not allowed' do
+    Setting.registrar_ip_whitelist_enabled = true
     visit registrar_root_path
     expect(page).to have_text('Access denied from IP 127.0.0.1')
   end

spec/features/registrar/linked_users_spec.rb

@@ -6,7 +6,6 @@ RSpec.feature 'Registrar area linked users', settings: false do
                                 username: 'new-user-name') }
 
   background do
-    Setting.registrar_ip_whitelist_enabled = false
     sign_in_to_registrar_area(user: current_user)
   end
 

spec/features/registrar/profile_spec.rb

@@ -2,7 +2,6 @@ require 'rails_helper'
 
 RSpec.feature 'Registrar area profile', settings: false do
   background do
-    Setting.registrar_ip_whitelist_enabled = false
     sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance))
   end
 

spec/features/registrar/sign_in/mobile_id_spec.rb

@@ -4,7 +4,6 @@ RSpec.feature 'Mobile ID login', db: true do
   given!(:api_user) { create(:api_user, identity_code: 1234) }
 
   background do
-    Setting.registrar_ip_whitelist_enabled = false
     digidoc_client = instance_double(Digidoc::Client, authenticate: OpenStruct.new(user_id_code: 1234), session_code: 1234)
     allow(Digidoc::Client).to receive(:new).and_return(digidoc_client)
   end

spec/features/registrar/sign_in/password_spec.rb

@@ -1,10 +1,6 @@
 require 'rails_helper'
 
 RSpec.feature 'Registrar area password sign-in' do
-  background do
-    Setting.registrar_ip_whitelist_enabled = false
-  end
-
   scenario 'signs in the user with valid credentials' do
     create(:api_user_with_unlimited_balance,
            active: true,

spec/features/registrar/sign_out_spec.rb

@@ -2,7 +2,6 @@ require 'rails_helper'
 
 RSpec.feature 'Registrar area sign-out', settings: false do
   background do
-    Setting.registrar_ip_whitelist_enabled = false
     sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance))
   end
 

spec/models/authorization/restricted_ip_spec.rb

@@ -2,6 +2,14 @@ require 'rails_helper'
 
 RSpec.describe Authorization::RestrictedIP do
   describe '::enabled?', db: true, settings: false do
+    before do
+      @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled
+    end
+
+    after do
+      Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled
+    end
+
     context 'when "registrar_ip_whitelist_enabled" is true' do
       before do
         Setting.registrar_ip_whitelist_enabled = true
@@ -13,10 +21,6 @@ RSpec.describe Authorization::RestrictedIP do
     end
 
     context 'when "registrar_ip_whitelist_enabled" is false' do
-      before do
-        Setting.registrar_ip_whitelist_enabled = false
-      end
-
       specify do
         expect(described_class).to_not be_enabled
       end

spec/requests/registrar/ip_restriction_spec.rb

@@ -1,6 +1,14 @@
 require 'rails_helper'
 
 RSpec.describe 'Registrar area IP restriction', settings: false do
+  before do
+    @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled
+  end
+
+  after do
+    Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled
+  end
+
   context 'when authenticated' do
     before do
       sign_in_to_registrar_area
@@ -39,10 +47,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do
     end
 
     context 'when IP restriction is disabled' do
-      before do
-        Setting.registrar_ip_whitelist_enabled = false
-      end
-
       specify do
         get registrar_root_url
         follow_redirect!
@@ -77,10 +81,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do
     end
 
     context 'when IP restriction is disabled' do
-      before do
-        Setting.registrar_ip_whitelist_enabled = false
-      end
-
       specify do
         get registrar_login_path
         expect(response).to be_success

spec/requests/registrar/sign_in/password_spec.rb

@@ -3,10 +3,6 @@ require 'rails_helper'
 RSpec.describe 'Registrar area password sign-in', settings: false do
   let!(:user) { create(:api_user, active: true, login: 'test', password: 'testtest') }
 
-  before do
-    Setting.registrar_ip_whitelist_enabled = false
-  end
-
   it 'signs the user in' do
     post registrar_sessions_path, depp_user: { tag: 'test', password: 'testtest' }
     follow_redirect!

spec/requests/registrar/sign_out_spec.rb

@@ -2,7 +2,6 @@ require 'rails_helper'
 
 RSpec.describe 'Registrar area sign-out', settings: false do
   before do
-    Setting.registrar_ip_whitelist_enabled = false
     sign_in_to_registrar_area
   end