zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-16 17:37:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Secure update and transfer

Browse source
This commit is contained in:
Martin Lensment 2015-03-10 11:29:11 +02:00
parent 6352c23cf1
commit 8a8da67d38
2 changed files with 8 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

11
app/controllers/epp/domains_controller.rb
View file

@ -1,8 +1,8 @@
class Epp::DomainsController < EppController
skip_authorization_check # TODO: remove it
before_action :find_domain, only: [:info]
before_action :find_password, only: [:info]
before_action :find_domain, only: [:info, :renew, :update]
before_action :find_password, only: [:info, :update]
def create
authorize! :create, Epp::EppDomain
@ -29,9 +29,8 @@ class Epp::DomainsController < EppController
end
def renew
@domain = find_domain
authorize! :renew, Epp::EppDomain
handle_errors(@domain) and return unless @domain
handle_errors(@domain) and return unless @domain.renew(
params[:parsed_frame].css('curExpDate').text,
params[:parsed_frame].css('period').text,
@ -43,9 +42,7 @@ class Epp::DomainsController < EppController
# rubocop:disable Metrics/CyclomaticComplexity
def update
@domain = find_domain
handle_errors(@domain) and return unless @domain
authorize! :update, @domain, @password
if @domain.update(params[:parsed_frame], current_user)
render_epp_response '/epp/domains/success'