zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-24 11:38:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

Improve EPP error handling

Browse source 
Fixes #539
This commit is contained in:
Artur Beljajev 2019-09-11 18:42:13 +03:00
parent 0a1405ae52
commit 77678681a6
18 changed files with 263 additions and 272 deletions
Download patch file Download diff file Expand all files Collapse all files

105
app/controllers/epp/base_controller.rb
View file

@ -1,7 +1,10 @@
module Epp
class BaseController < ApplicationController
layout false
class BaseController < ActionController::Base
class AuthorizationError < StandardError; end
check_authorization
skip_before_action :verify_authenticity_token
layout false
before_action :ensure_session_id_passed
before_action :generate_svtrid
@ -10,13 +13,50 @@ module Epp
before_action :validate_request
before_action :update_epp_session, if: 'signed_in?'
around_action :catch_epp_errors
around_action :wrap_exceptions
helper_method :current_user
helper_method :resource
rescue_from StandardError, with: :respond_with_command_failed_error
rescue_from AuthorizationError, with: :respond_with_authorization_error
rescue_from ActiveRecord::RecordNotFound, with: :respond_with_object_does_not_exist_error
protected
def respond_with_command_failed_error(exception)
epp_errors << {
code: '2400',
msg: 'Command failed',
}
handle_errors
log_exception(exception)
end
def respond_with_object_does_not_exist_error
epp_errors << {
code: '2303',
msg: 'Object does not exist',
}
handle_errors
end
def respond_with_authorization_error
epp_errors << {
code: '2201',
msg: 'Authorization error',
}
handle_errors
end
private
def wrap_exceptions
yield
rescue CanCan::AccessDenied
raise AuthorizationError
end
def validate_against_schema
return if ['hello', 'error', 'keyrelay'].include?(params[:action])
schema.validate(params[:nokogiri_frame]).each do |error|
@ -28,47 +68,6 @@ module Epp
handle_errors and return if epp_errors.any?
end
def catch_epp_errors
err = catch(:epp_error) do
yield
nil
end
return unless err
@errors = [err]
handle_errors
end
rescue_from StandardError do |e|
@errors ||= []
if e.class == CanCan::AccessDenied
if @errors.blank?
@errors = [{
msg: t('errors.messages.epp_authorization_error'),
code: '2201'
}]
end
else
if @errors.blank?
@errors = [{
msg: 'Internal error.',
code: '2400'
}]
end
if Rails.env.test? || Rails.env.development?
puts e.backtrace.reverse.join("\n")
puts "\n BACKTRACE REVERSED!\n"
puts "\n FROM-EPP-RESCUE: #{e.message}\n\n\n"
else
logger.error "FROM-EPP-RESCUE: #{e.message}"
logger.error e.backtrace.join("\n")
end
end
render_epp_response '/epp/error'
end
def schema
EPP_ALL_SCHEMA
end
@ -114,25 +113,13 @@ module Epp
end
end
# for debugging
if @errors.blank?
@errors << {
code: '1',
msg: 'handle_errors was executed when there were actually no errors'
}
end
@errors.uniq!
logger.error "\nFOLLOWING ERRORS OCCURRED ON EPP QUERY:"
logger.error @errors.inspect
logger.error "\n"
render_epp_response '/epp/error'
end
def render_epp_response(*args)
@response = render_to_string(*args)
@response = render_to_string(*args, formats: 'xml')
render xml: @response
write_to_epp_log
end
@ -406,5 +393,9 @@ module Epp
logger.error "IPTABLES COUNTER UPDATE: cannot write #{ip} to #{counter_proc}: #{e}"
end
end
def log_exception(exception)
notify_airbrake(exception)
end
end
end

13
app/controllers/epp/contacts_controller.rb
View file

@ -84,18 +84,7 @@ module Epp
def find_contact
code = params[:parsed_frame].css('id').text.strip.upcase
@contact = Epp::Contact.find_by_epp_code(code)
if @contact.blank?
epp_errors << {
code: '2303',
msg: t('errors.messages.epp_obj_does_not_exist'),
value: { obj: 'id', val: code }
}
fail CanCan::AccessDenied
end
@contact
@contact = Epp::Contact.find_by!(code: code)
end
#

87
app/controllers/epp/domains_controller.rb
View file

@ -4,10 +4,14 @@ module Epp
before_action :find_password, only: %i[info update transfer delete]
def info
authorize! :info, @domain, @password
authorize! :info, @domain
@hosts = params[:parsed_frame].css('name').first['hosts'] || 'all'
sponsoring_registrar = (@domain.registrar == current_user.registrar)
correct_transfer_code_provided = (@domain.transfer_code == @password)
@reveal_full_details = (sponsoring_registrar || correct_transfer_code_provided)
case @hosts
when 'del'
@nameservers = @domain.delegated_nameservers.sort
@ -28,26 +32,38 @@ module Epp
domain_name = DNS::DomainName.new(SimpleIDN.to_unicode(request_domain_name))
if domain_name.at_auction?
throw :epp_error,
code: '2306',
msg: 'Parameter value policy error: domain is at auction'
epp_errors << {
code: '2306',
msg: 'Parameter value policy error: domain is at auction',
}
handle_errors
return
elsif domain_name.awaiting_payment?
throw :epp_error,
code: '2003',
msg: 'Required parameter missing; reserved>pw element required for reserved domains'
epp_errors << {
code: '2003',
msg: 'Required parameter missing; reserved>pw element required for reserved domains',
}
handle_errors
return
elsif domain_name.pending_registration?
registration_code = params[:parsed_frame].css('reserved > pw').text
if registration_code.empty?
throw :epp_error,
code: '2003',
msg: 'Required parameter missing; reserved>pw element is required'
epp_errors << {
code: '2003',
msg: 'Required parameter missing; reserved>pw element is required',
}
handle_errors
return
end
unless domain_name.available_with_code?(registration_code)
throw :epp_error,
code: '2202',
msg: 'Invalid authorization information; invalid reserved>pw value'
epp_errors << {
code: '2202',
msg: 'Invalid authorization information; invalid reserved>pw value',
}
handle_errors
return
end
end
end
@ -85,22 +101,15 @@ module Epp
def update
authorize! :update, @domain, @password
begin
if @domain.update(params[:parsed_frame], current_user)
if @domain.epp_pending_update.present?
render_epp_response '/epp/domains/success_pending'
else
render_epp_response '/epp/domains/success'
end
if @domain.update(params[:parsed_frame], current_user)
if @domain.epp_pending_update.present?
render_epp_response '/epp/domains/success_pending'
else
handle_errors(@domain)
end
rescue => e
if @domain.errors.any?
handle_errors(@domain)
else
throw e
render_epp_response '/epp/domains/success'
end
else
handle_errors(@domain)
end
end
@ -177,14 +186,21 @@ module Epp
action = params[:parsed_frame].css('transfer').first[:op]
if @domain.non_transferable?
throw :epp_error, {
epp_errors << {
code: '2304',
msg: I18n.t(:object_status_prohibits_operation)
msg: I18n.t(:object_status_prohibits_operation),
}
handle_errors
return
end
@domain_transfer = @domain.transfer(params[:parsed_frame], action, current_user)
if @domain.errors[:epp_errors].any?
handle_errors(@domain)
return
end
if @domain_transfer
render_epp_response '/epp/domains/transfer'
else
@ -272,18 +288,11 @@ module Epp
def find_domain
domain_name = params[:parsed_frame].css('name').text.strip.downcase
@domain = Epp::Domain.find_by_idn domain_name
unless @domain
epp_errors << {
code: '2303',
msg: I18n.t('errors.messages.epp_domain_not_found'),
value: { obj: 'name', val: domain_name }
}
fail CanCan::AccessDenied
end
domain = Epp::Domain.find_by_idn(domain_name)
raise ActiveRecord::RecordNotFound unless domain
@domain
@domain = domain
end
def find_password