zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-08-05 17:28:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Introduce BaseController for registrar area

Browse source
This commit is contained in:
Artur Beljajev 2017-04-06 19:05:14 +03:00
parent 955c7bcd6e
commit 92d8008c15
14 changed files with 785 additions and 746 deletions
Download patch file Download diff file Expand all files Collapse all files

46
app/controllers/registrar/account_activities_controller.rb
View file

@ -1,28 +1,30 @@
class Registrar::AccountActivitiesController < RegistrarController
load_and_authorize_resource
class Registrar
class AccountActivitiesController < BaseController
load_and_authorize_resource
def index # rubocop: disable Metrics/AbcSize
params[:q] ||= {}
account = current_user.registrar.cash_account
def index # rubocop: disable Metrics/AbcSize
params[:q] ||= {}
account = current_user.registrar.cash_account
ca_cache = params[:q][:created_at_lteq]
begin
end_time = params[:q][:created_at_lteq].try(:to_date)
params[:q][:created_at_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
@q = account.activities.includes(:invoice).search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
respond_to do |format|
format.html { @account_activities = @q.result.page(params[:page]) }
format.csv do
send_data @q.result.to_csv, filename: "account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"
ca_cache = params[:q][:created_at_lteq]
begin
end_time = params[:q][:created_at_lteq].try(:to_date)
params[:q][:created_at_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
end
params[:q][:created_at_lteq] = ca_cache
@q = account.activities.includes(:invoice).search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
respond_to do |format|
format.html { @account_activities = @q.result.page(params[:page]) }
format.csv do
send_data @q.result.to_csv, filename: "account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"
end
end
params[:q][:created_at_lteq] = ca_cache
end
end
end

41
app/controllers/registrar/base_controller.rb Normal file
View file

@ -0,0 +1,41 @@
class Registrar
class BaseController < ApplicationController
before_action :authenticate_user!, :check_ip
layout 'registrar/application'
include Registrar::ApplicationHelper
helper_method :depp_controller?
def depp_controller?
false
end
def check_ip
return unless current_user
unless current_user.is_a? ApiUser
sign_out(current_user)
return
end
return if Rails.env.development?
registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
return if registrar_ip_whitelisted
flash[:alert] = t('ip_is_not_whitelisted')
sign_out(current_user)
redirect_to registrar_login_path and return
end
helper_method :head_title_sufix
def head_title_sufix
t(:registrar_head_title_sufix)
end
protected
def current_ability
@current_ability ||= Ability.new(current_user, request.remote_ip)
end
end
end

240
app/controllers/registrar/contacts_controller.rb
View file

@ -1,142 +1,144 @@
class Registrar::ContactsController < Registrar::DeppController # EPP controller
before_action :init_epp_contact
helper_method :address_processing?
class Registrar
class ContactsController < DeppController
before_action :init_epp_contact
helper_method :address_processing?
def index
authorize! :view, Depp::Contact
def index
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
search_params = params[:q].deep_dup
search_params = params[:q].deep_dup
if search_params[:domain_contacts_type_in].is_a?(Array) && search_params[:domain_contacts_type_in].delete('registrant')
search_params[:registrant_domains_id_not_null] = 1
end
if search_params[:domain_contacts_type_in].is_a?(Array) && search_params[:domain_contacts_type_in].delete('registrant')
search_params[:registrant_domains_id_not_null] = 1
end
if search_params.length == 1 && search_params[:name_matches].present?
@contacts = Contact.find_by(name: search_params[:name_matches])
end
if search_params.length == 1 && search_params[:name_matches].present?
@contacts = Contact.find_by(name: search_params[:name_matches])
end
if params[:statuses_contains]
contacts = current_user.registrar.contacts.includes(:registrar).where(
if params[:statuses_contains]
contacts = current_user.registrar.contacts.includes(:registrar).where(
"contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
)
else
)
else
contacts = current_user.registrar.contacts.includes(:registrar)
end
normalize_search_parameters do
@q = contacts.search(search_params)
@contacts = @q.result(distinct: :true).page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
end
def download_list
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@contacts = Contact.find_by(name: params[:q][:name_matches])
end
contacts = current_user.registrar.contacts.includes(:registrar)
end
contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains]
normalize_search_parameters do
@q = contacts.search(search_params)
@contacts = @q.result(distinct: :true).page(params[:page])
end
normalize_search_parameters do
@q = contacts.search(params[:q])
@contacts = @q.result.page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
def download_list
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@contacts = Contact.find_by(name: params[:q][:name_matches])
end
contacts = current_user.registrar.contacts.includes(:registrar)
contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains]
normalize_search_parameters do
@q = contacts.search(params[:q])
@contacts = @q.result.page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
respond_to do |format|
respond_to do |format|
format.csv { render text: @contacts.to_csv }
format.pdf do
pdf = @contacts.pdf(render_to_string('registrar/contacts/download_list', layout: false))
send_data pdf, filename: 'contacts.pdf'
pdf = @contacts.pdf(render_to_string('registrar/contacts/download_list', layout: false))
send_data pdf, filename: 'contacts.pdf'
end
end
end
def new
authorize! :create, Depp::Contact
@contact = Depp::Contact.new
end
def show
authorize! :view, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def edit
authorize! :edit, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def create
authorize! :create, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.save
redirect_to registrar_contact_url(@contact.id)
else
render 'new'
end
end
end
def update
authorize! :edit, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
def new
authorize! :create, Depp::Contact
@contact = Depp::Contact.new
end
def show
authorize! :view, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def edit
authorize! :edit, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def create
authorize! :create, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.save
redirect_to registrar_contact_url(@contact.id)
else
render 'new'
end
end
def update
authorize! :edit, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.update_attributes(params[:depp_contact])
redirect_to registrar_contact_url(@contact.id)
else
render 'edit'
end
end
def delete
authorize! :delete, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def destroy
authorize! :delete, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.delete
redirect_to registrar_contacts_url, notice: t(:destroyed)
else
render 'delete'
end
end
private
def init_epp_contact
Depp::Contact.user = depp_current_user
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
if @contact.update_attributes(params[:depp_contact])
redirect_to registrar_contact_url(@contact.id)
else
render 'edit'
end
end
yield
def delete
authorize! :delete, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
params[:q][:valid_to_lteq] = ca_cache
end
def destroy
authorize! :delete, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
def address_processing?
Contact.address_processing?
if @contact.delete
redirect_to registrar_contacts_url, notice: t(:destroyed)
else
render 'delete'
end
end
private
def init_epp_contact
Depp::Contact.user = depp_current_user
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
end
def address_processing?
Contact.address_processing?
end
end
end

16
app/controllers/registrar/dashboard_controller.rb
View file

@ -1,11 +1,13 @@
class Registrar::DashboardController < RegistrarController
authorize_resource class: false
class Registrar
class DashboardController < BaseController
authorize_resource class: false
def show
if can?(:show, :poll)
redirect_to registrar_poll_url and return
elsif can?(:show, Invoice)
redirect_to registrar_invoices_url and return
def show
if can?(:show, :poll)
redirect_to registrar_poll_url and return
elsif can?(:show, Invoice)
redirect_to registrar_invoices_url and return
end
end
end
end

42
app/controllers/registrar/deposits_controller.rb
View file

@ -1,26 +1,28 @@
class Registrar::DepositsController < RegistrarController
authorize_resource class: false
class Registrar
class DepositsController < BaseController
authorize_resource class: false
def new
@deposit = Deposit.new
end
def new
@deposit = Deposit.new
end
def create
@deposit = Deposit.new(deposit_params.merge(registrar: current_user.registrar))
@invoice = @deposit.issue_prepayment_invoice
def create
@deposit = Deposit.new(deposit_params.merge(registrar: current_user.registrar))
@invoice = @deposit.issue_prepayment_invoice
if @invoice && @invoice.persisted?
flash[:notice] = t(:please_pay_the_following_invoice)
redirect_to [:registrar, @invoice]
else
flash.now[:alert] = t(:failed_to_create_record)
render 'new'
if @invoice && @invoice.persisted?
flash[:notice] = t(:please_pay_the_following_invoice)
redirect_to [:registrar, @invoice]
else
flash.now[:alert] = t(:failed_to_create_record)
render 'new'
end
end
private
def deposit_params
params.require(:deposit).permit(:amount, :description)
end
end
private
def deposit_params
params.require(:deposit).permit(:amount, :description)
end
end

63
app/controllers/registrar/depp_controller.rb
View file

@ -1,34 +1,37 @@
class Registrar::DeppController < RegistrarController # EPP controller
helper_method :depp_current_user
class Registrar
class DeppController < BaseController
helper_method :depp_current_user
rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |exception|
logger.error 'COULD NOT CONNECT TO REGISTRY'
logger.error exception.backtrace.join("\n")
redirect_to registrar_login_url, alert: t(:no_connection_to_registry)
end
before_action :authenticate_user
def authenticate_user
redirect_to registrar_login_url and return unless depp_current_user
end
def depp_controller?
true
end
def depp_current_user
return nil unless current_user
@depp_current_user ||= Depp::User.new(
tag: current_user.username,
password: current_user.password
)
end
def response_ok?
@data.css('result').each do |x|
success_codes = %(1000, 1001, 1300, 1301)
return false unless success_codes.include?(x['code'])
rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |exception|
logger.error 'COULD NOT CONNECT TO REGISTRY'
logger.error exception.backtrace.join("\n")
redirect_to registrar_login_url, alert: t(:no_connection_to_registry)
end
before_action :authenticate_user
def authenticate_user
redirect_to registrar_login_url and return unless depp_current_user
end
def depp_controller?
true
end
def depp_current_user
return nil unless current_user
@depp_current_user ||= Depp::User.new(
tag: current_user.username,
password: current_user.password
)
end
def response_ok?
@data.css('result').each do |x|
success_codes = %(1000, 1001, 1300, 1301)
return false unless success_codes.include?(x['code'])
end
true
end
true
end
end

345
app/controllers/registrar/domains_controller.rb
View file

@ -1,191 +1,194 @@
class Registrar::DomainsController < Registrar::DeppController # EPP controller
before_action :init_domain, except: :new
helper_method :contacts
class Registrar
class DomainsController < DeppController
before_action :init_domain, except: :new
helper_method :contacts
# rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/AbcSize
# rubocop: disable Metrics/MethodLength
def index
authorize! :view, Depp::Domain
# rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/AbcSize
# rubocop: disable Metrics/MethodLength
def index
authorize! :view, Depp::Domain
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@domain = Domain.find_by(name: params[:q][:name_matches])
if @domain
redirect_to info_registrar_domains_url(domain_name: @domain.name) and return
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@domain = Domain.find_by(name: params[:q][:name_matches])
if @domain
redirect_to info_registrar_domains_url(domain_name: @domain.name) and return
end
end
end
if params[:statuses_contains]
domains = current_user.registrar.domains.includes(:registrar, :registrant).where(
"statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
)
else
domains = current_user.registrar.domains.includes(:registrar, :registrant)
end
if params[:statuses_contains]
domains = current_user.registrar.domains.includes(:registrar, :registrant).where(
"statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
)
else
domains = current_user.registrar.domains.includes(:registrar, :registrant)
end
normalize_search_parameters do
@q = domains.search(params[:q])
@domains = @q.result.page(params[:page])
if @domains.count == 0 && params[:q][:name_matches] !~ /^%.+%$/
# if we do not get any results, add wildcards to the name field and search again
n_cache = params[:q][:name_matches]
params[:q][:name_matches] = "%#{params[:q][:name_matches]}%"
normalize_search_parameters do
@q = domains.search(params[:q])
@domains = @q.result.page(params[:page])
params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form
end
end
@domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
respond_to do |format|
format.html
format.csv do
domain_presenters = []
@domains.find_each do |domain|
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
if @domains.count == 0 && params[:q][:name_matches] !~ /^%.+%$/
# if we do not get any results, add wildcards to the name field and search again
n_cache = params[:q][:name_matches]
params[:q][:name_matches] = "%#{params[:q][:name_matches]}%"
@q = domains.search(params[:q])
@domains = @q.result.page(params[:page])
params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form
end
end
csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters, view: view_context).to_s
send_data(csv)
@domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
respond_to do |format|
format.html
format.csv do
domain_presenters = []
@domains.find_each do |domain|
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
end
csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters, view: view_context).to_s
send_data(csv)
end
end
end
end
# rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/AbcSize
def info
authorize! :info, Depp::Domain
@data = @domain.info(params[:domain_name]) if params[:domain_name]
if response_ok?
render 'info'
else
flash[:alert] = @data.css('msg').text
redirect_to registrar_domains_url and return
end
end
# rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/AbcSize
def check
authorize! :check, Depp::Domain
if params[:domain_name]
@data = @domain.check(params[:domain_name])
render 'check_index' and return unless response_ok?
else
render 'check_index'
end
end
def new
authorize! :create, Depp::Domain
@domain_params = Depp::Domain.default_params
end
def create
authorize! :create, Depp::Domain
@domain_params = params[:domain]
@data = @domain.create(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
render 'new'
end
end
def edit
authorize! :update, Depp::Domain
@data = @domain.info(params[:domain_name])
@domain_params = Depp::Domain.construct_params_from_server_data(@data)
end
def update
authorize! :update, Depp::Domain
@domain_params = params[:domain]
@data = @domain.update(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
params[:domain_name] = @domain_params[:name]
render 'new'
end
end
def delete
authorize! :delete, Depp::Domain
end
def destroy
authorize! :delete, Depp::Domain
@data = @domain.delete(params[:domain])
@results = @data.css('result')
if response_ok?
redirect_to info_registrar_domains_url(domain_name: params[:domain][:name])
else
params[:domain_name] = params[:domain][:name]
render 'delete'
end
end
def renew
authorize! :renew, Depp::Domain
if params[:domain_name] && params[:cur_exp_date]
@data = @domain.renew(params)
render 'renew_index' and return unless response_ok?
else
render 'renew_index'
end
end
def transfer
authorize! :transfer, Depp::Domain
if request.post? && params[:domain_name]
@data = @domain.transfer(params)
render 'transfer_index' and return unless response_ok?
else
render 'transfer_index'
end
end
def search_contacts
authorize! :create, Depp::Domain
scope = current_user.registrar.contacts.limit(10)
if params[:query].present?
escaped_str = ActiveRecord::Base.connection.quote_string params[:query]
scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' ")
def info
authorize! :info, Depp::Domain
@data = @domain.info(params[:domain_name]) if params[:domain_name]
if response_ok?
render 'info'
else
flash[:alert] = @data.css('msg').text
redirect_to registrar_domains_url and return
end
end
render json: scope.pluck(:name, :code).map { |c| {display_key: "#{c.second} #{c.first}", value: c.second} }
end
private
def init_domain
@domain = Depp::Domain.new(current_user: depp_current_user)
end
def contacts
current_user.registrar.contacts
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
def check
authorize! :check, Depp::Domain
if params[:domain_name]
@data = @domain.check(params[:domain_name])
render 'check_index' and return unless response_ok?
else
render 'check_index'
end
end
yield
def new
authorize! :create, Depp::Domain
@domain_params = Depp::Domain.default_params
end
params[:q][:valid_to_lteq] = ca_cache
def create
authorize! :create, Depp::Domain
@domain_params = params[:domain]
@data = @domain.create(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
render 'new'
end
end
def edit
authorize! :update, Depp::Domain
@data = @domain.info(params[:domain_name])
@domain_params = Depp::Domain.construct_params_from_server_data(@data)
end
def update
authorize! :update, Depp::Domain
@domain_params = params[:domain]
@data = @domain.update(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
params[:domain_name] = @domain_params[:name]
render 'new'
end
end
def delete
authorize! :delete, Depp::Domain
end
def destroy
authorize! :delete, Depp::Domain
@data = @domain.delete(params[:domain])
@results = @data.css('result')
if response_ok?
redirect_to info_registrar_domains_url(domain_name: params[:domain][:name])
else
params[:domain_name] = params[:domain][:name]
render 'delete'
end
end
def renew
authorize! :renew, Depp::Domain
if params[:domain_name] && params[:cur_exp_date]
@data = @domain.renew(params)
render 'renew_index' and return unless response_ok?
else
render 'renew_index'
end
end
def transfer
authorize! :transfer, Depp::Domain
if request.post? && params[:domain_name]
@data = @domain.transfer(params)
render 'transfer_index' and return unless response_ok?
else
render 'transfer_index'
end
end
def search_contacts
authorize! :create, Depp::Domain
scope = current_user.registrar.contacts.limit(10)
if params[:query].present?
escaped_str = ActiveRecord::Base.connection.quote_string params[:query]
scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' ")
end
render json: scope.pluck(:name, :code).map { |c| { display_key: "#{c.second} #{c.first}", value: c.second } }
end
private
def init_domain
@domain = Depp::Domain.new(current_user: depp_current_user)
end
def contacts
current_user.registrar.contacts
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
end
end
end

129
app/controllers/registrar/invoices_controller.rb
View file

@ -1,71 +1,74 @@
class Registrar::InvoicesController < RegistrarController
load_and_authorize_resource
class Registrar
class InvoicesController < BaseController
load_and_authorize_resource
before_action :set_invoice, only: [:show, :forward, :download_pdf]
before_action :set_invoice, only: [:show, :forward, :download_pdf]
def index
params[:q] ||= {}
invoices = current_user.registrar.invoices.includes(:invoice_items, :account_activity)
def index
params[:q] ||= {}
invoices = current_user.registrar.invoices.includes(:invoice_items, :account_activity)
normalize_search_parameters do
@q = invoices.search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
@invoices = @q.result.page(params[:page])
end
end
def show; end
def forward
@invoice.billing_email = @invoice.buyer.billing_email
return unless request.post?
@invoice.billing_email = params[:invoice][:billing_email]
if @invoice.forward(render_to_string('pdf', layout: false))
flash[:notice] = t(:invoice_forwared)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_forward_invoice)
end
end
def cancel
if @invoice.cancel
flash[:notice] = t(:record_updated)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_update_record)
render :show
end
end
def download_pdf
pdf = @invoice.pdf(render_to_string('pdf', layout: false))
send_data pdf, filename: @invoice.pdf_name
end
private
def set_invoice
@invoice = Invoice.find(params[:id])
end
def normalize_search_parameters
params[:q][:sum_cache_gteq].gsub!(',', '.') if params[:q][:sum_cache_gteq]
params[:q][:sum_cache_lteq].gsub!(',', '.') if params[:q][:sum_cache_lteq]
ca_cache = params[:q][:due_date_lteq]
begin
end_time = params[:q][:due_date_lteq].try(:to_date)
params[:q][:due_date_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
normalize_search_parameters do
@q = invoices.search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
@invoices = @q.result.page(params[:page])
end
end
yield
def show;
end
params[:q][:due_date_lteq] = ca_cache
def forward
@invoice.billing_email = @invoice.buyer.billing_email
return unless request.post?
@invoice.billing_email = params[:invoice][:billing_email]
if @invoice.forward(render_to_string('pdf', layout: false))
flash[:notice] = t(:invoice_forwared)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_forward_invoice)
end
end
def cancel
if @invoice.cancel
flash[:notice] = t(:record_updated)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_update_record)
render :show
end
end
def download_pdf
pdf = @invoice.pdf(render_to_string('pdf', layout: false))
send_data pdf, filename: @invoice.pdf_name
end
private
def set_invoice
@invoice = Invoice.find(params[:id])
end
def normalize_search_parameters
params[:q][:sum_cache_gteq].gsub!(',', '.') if params[:q][:sum_cache_gteq]
params[:q][:sum_cache_lteq].gsub!(',', '.') if params[:q][:sum_cache_lteq]
ca_cache = params[:q][:due_date_lteq]
begin
end_time = params[:q][:due_date_lteq].try(:to_date)
params[:q][:due_date_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:due_date_lteq] = ca_cache
end
end
end

28
app/controllers/registrar/keyrelays_controller.rb
View file

@ -1,18 +1,20 @@
class Registrar::KeyrelaysController < Registrar::DeppController # EPP controller
def show
authorize! :view, Depp::Keyrelay
end
class Registrar
class KeyrelaysController < DeppController
def show
authorize! :view, Depp::Keyrelay
end
def create
authorize! :create, Depp::Keyrelay
keyrelay = Depp::Keyrelay.new(current_user: depp_current_user)
@data = keyrelay.keyrelay(params)
def create
authorize! :create, Depp::Keyrelay
keyrelay = Depp::Keyrelay.new(current_user: depp_current_user)
@data = keyrelay.keyrelay(params)
if response_ok?
flash[:epp_results] = [{ 'code' => '1000', 'msg' => 'Command completed successfully', 'show' => true }]
redirect_to registrar_keyrelay_path
else
render 'show'
if response_ok?
flash[:epp_results] = [{ 'code' => '1000', 'msg' => 'Command completed successfully', 'show' => true }]
redirect_to registrar_keyrelay_path
else
render 'show'
end
end
end
end

80
app/controllers/registrar/payments_controller.rb
View file

@ -1,46 +1,48 @@
class Registrar::PaymentsController < RegistrarController
protect_from_forgery except: :back
class Registrar
class PaymentsController < BaseController
protect_from_forgery except: :back
skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_user!, :check_ip, only: [:back]
before_action :check_bank
skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_user!, :check_ip, only: [:back]
before_action :check_bank
# to handle existing model we should
# get invoice_id and then get number
# build BankTransaction without connection with right reference number
# do not connect transaction and invoice
def pay
invoice = Invoice.find(params[:invoice_id])
@bank_link = BankLink::Request.new(params[:bank], invoice, self)
@bank_link.make_transaction
end
# connect invoice and transaction
# both back and IPN
def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid? && @bank_link.ok?
@bank_link.complete_payment
if @bank_link.invoice.binded?
flash[:notice] = t(:pending_applied)
else
flash[:alert] = t(:something_wrong)
end
else
flash[:alert] = t(:something_wrong)
# to handle existing model we should
# get invoice_id and then get number
# build BankTransaction without connection with right reference number
# do not connect transaction and invoice
def pay
invoice = Invoice.find(params[:invoice_id])
@bank_link = BankLink::Request.new(params[:bank], invoice, self)
@bank_link.make_transaction
end
redirect_to registrar_invoice_path(@bank_link.invoice)
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
end
def check_bank
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank])
end
# connect invoice and transaction
# both back and IPN
def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid? && @bank_link.ok?
@bank_link.complete_payment
if @bank_link.invoice.binded?
flash[:notice] = t(:pending_applied)
else
flash[:alert] = t(:something_wrong)
end
else
flash[:alert] = t(:something_wrong)
end
redirect_to registrar_invoice_path(@bank_link.invoice)
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
end
def check_bank
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank])
end
end
end

107
app/controllers/registrar/polls_controller.rb
View file

@ -1,56 +1,61 @@
class Registrar::PollsController < Registrar::DeppController # EPP controller
authorize_resource class: false
before_action :init_epp_xml
class Registrar
class PollsController < DeppController
authorize_resource class: false
before_action :init_epp_xml
def show
if Rails.env.test? # Stub for depp server request
@data = Object.new
def @data.css(key)
; [];
end
else
@data = depp_current_user.request(@ex.poll)
end
end
def destroy
@data = depp_current_user.request(@ex.poll(poll: {
value: '', attrs: { op: 'ack', msgID: params[:id] }
}))
@results = @data.css('result')
def show
if Rails.env.test? # Stub for depp server request
@data = Object.new
def @data.css(key); []; end
else
@data = depp_current_user.request(@ex.poll)
render 'show'
end
# TODO: Keyrelay is disabled for now
# def confirm_keyrelay
# authorize! :confirm, :keyrelay
# domain_params = params[:domain]
# @data = @domain.confirm_keyrelay(domain_params)
# if response_ok?
# redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
# else
# @results = @data.css('result')
# @data = depp_current_user.request(@ex.poll)
# render 'show'
# end
# end
def confirm_transfer
domain_params = params[:domain]
@data = @domain.confirm_transfer(domain_params)
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
private
def init_epp_xml
@ex = EppXml::Session.new(cl_trid_prefix: depp_current_user.tag)
@domain = Depp::Domain.new(current_user: depp_current_user)
end
end
def destroy
@data = depp_current_user.request(@ex.poll(poll: {
value: '', attrs: { op: 'ack', msgID: params[:id] }
}))
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
# TODO: Keyrelay is disabled for now
# def confirm_keyrelay
# authorize! :confirm, :keyrelay
# domain_params = params[:domain]
# @data = @domain.confirm_keyrelay(domain_params)
# if response_ok?
# redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
# else
# @results = @data.css('result')
# @data = depp_current_user.request(@ex.poll)
# render 'show'
# end
# end
def confirm_transfer
domain_params = params[:domain]
@data = @domain.confirm_transfer(domain_params)
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
private
def init_epp_xml
@ex = EppXml::Session.new(cl_trid_prefix: depp_current_user.tag)
@domain = Depp::Domain.new(current_user: depp_current_user)
end
end

319
app/controllers/registrar/sessions_controller.rb
View file

@ -1,186 +1,193 @@
class Registrar::SessionsController < Devise::SessionsController
layout 'registrar/application'
helper_method :depp_controller?
def depp_controller?
false
end
class Registrar
class SessionsController < Devise::SessionsController
layout 'registrar/application'
helper_method :depp_controller?
before_action :check_ip
def login
@depp_user = Depp::User.new
end
# rubocop:disable Metrics/PerceivedComplexity
# rubocop:disable Metrics/CyclomaticComplexity
# rubocop:disable Metrics/MethodLength
# rubocop:disable Metrics/AbcSize
def create
@depp_user = Depp::User.new(params[:depp_user].merge(pki: !(Rails.env.development? || Rails.env.test?)))
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'].blank?
@depp_user.errors.add(:base, :webserver_missing_user_name_directive)
def depp_controller?
false
end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'].blank?
@depp_user.errors.add(:base, :webserver_missing_client_cert_directive)
before_action :check_ip
def login
@depp_user = Depp::User.new
end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] == '(null)'
@depp_user.errors.add(:base, :webserver_user_name_directive_should_be_required)
end
# rubocop:disable Metrics/PerceivedComplexity
# rubocop:disable Metrics/CyclomaticComplexity
# rubocop:disable Metrics/MethodLength
# rubocop:disable Metrics/AbcSize
def create
@depp_user = Depp::User.new(params[:depp_user].merge(pki: !(Rails.env.development? || Rails.env.test?)))
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'] == '(null)'
@depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required)
end
@api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password])
unless @api_user
@depp_user.errors.add(:base, t(:no_such_user))
render 'login' and return
end
if @depp_user.pki
unless @api_user.registrar_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
@depp_user.errors.add(:base, :invalid_cert)
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'].blank?
@depp_user.errors.add(:base, :webserver_missing_user_name_directive)
end
end
if @depp_user.errors.none?
if @api_user.active?
sign_in @api_user
redirect_to registrar_root_url
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'].blank?
@depp_user.errors.add(:base, :webserver_missing_client_cert_directive)
end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] == '(null)'
@depp_user.errors.add(:base, :webserver_user_name_directive_should_be_required)
end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'] == '(null)'
@depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required)
end
@api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password])
unless @api_user
@depp_user.errors.add(:base, t(:no_such_user))
render 'login' and return
end
if @depp_user.pki
unless @api_user.registrar_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
@depp_user.errors.add(:base, :invalid_cert)
end
end
if @depp_user.errors.none?
if @api_user.active?
sign_in @api_user
redirect_to registrar_root_url
else
@depp_user.errors.add(:base, :not_active)
render 'login'
end
else
@depp_user.errors.add(:base, :not_active)
render 'login'
end
else
render 'login'
end
end
# rubocop:enable Metrics/MethodLength
# rubocop:enable Metrics/AbcSize
def switch_user
@api_user = ApiUser.find(params[:id])
# rubocop:enable Metrics/MethodLength
# rubocop:enable Metrics/AbcSize
unless Rails.env.development?
unless @api_user.registrar.registrar_ip_white?(request.ip)
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return
def switch_user
@api_user = ApiUser.find(params[:id])
unless Rails.env.development?
unless @api_user.registrar.registrar_ip_white?(request.ip)
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return
end
end
sign_in @api_user if @api_user.identity_code == current_user.identity_code
redirect_to registrar_root_url
end
# rubocop:enable Metrics/CyclomaticComplexity
# rubocop:enable Metrics/PerceivedComplexity
def id
@user = ApiUser.find_by_idc_data(request.env['SSL_CLIENT_S_DN'])
if @user
sign_in(@user, event: :authentication)
redirect_to registrar_root_url
else
flash[:alert] = t('no_such_user')
redirect_to registrar_login_url
end
end
sign_in @api_user if @api_user.identity_code == current_user.identity_code
redirect_to registrar_root_url
end
# rubocop:enable Metrics/CyclomaticComplexity
# rubocop:enable Metrics/PerceivedComplexity
def id
@user = ApiUser.find_by_idc_data(request.env['SSL_CLIENT_S_DN'])
if @user
sign_in(@user, event: :authentication)
redirect_to registrar_root_url
else
flash[:alert] = t('no_such_user')
redirect_to registrar_login_url
end
end
def login_mid
@user = User.new
end
# rubocop:disable Metrics/MethodLength
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
# country_codes = {'+372' => 'EST'}
phone.gsub!('+372', '')
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
def login_mid
@user = User.new
end
@user = find_user_by_idc(response.user_id_code)
# rubocop:disable Metrics/MethodLength
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
if @user.persisted?
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
# country_codes = {'+372' => 'EST'}
phone.gsub!('+372', '')
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end
@user = find_user_by_idc(response.user_id_code)
if @user.persisted?
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end
end
# rubocop:enable Metrics/MethodLength
# rubocop: disable Metrics/AbcSize
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/MethodLength
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
# rubocop:enable Metrics/MethodLength
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = find_user_by_idc(session[:user_id_code])
sign_in @user
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{registrar_root_url}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
# rubocop: disable Metrics/AbcSize
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/MethodLength
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = find_user_by_idc(session[:user_id_code])
sign_in @user
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{registrar_root_url}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end
end
# rubocop: enable Metrics/AbcSize
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/MethodLength
def find_user_by_idc(idc)
return User.new unless idc
ApiUser.find_by(identity_code: idc) || User.new
end
# rubocop: enable Metrics/AbcSize
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/MethodLength
private
def find_user_by_idc(idc)
return User.new unless idc
ApiUser.find_by(identity_code: idc) || User.new
end
def check_ip
return if Rails.env.development?
return if WhiteIp.registrar_ip_white?(request.ip)
render text: t('access_denied') and return
private
def check_ip
return if Rails.env.development?
return if WhiteIp.registrar_ip_white?(request.ip)
render text: t('access_denied') and return
end
end
end

38
app/controllers/registrar/xml_consoles_controller.rb
View file

@ -1,23 +1,25 @@
class Registrar::XmlConsolesController < Registrar::DeppController # EPP controller
authorize_resource class: false
class Registrar
class XmlConsolesController < DeppController
authorize_resource class: false
def show
end
def create
begin
@result = depp_current_user.server.request(params[:payload])
rescue
@result = 'CONNECTION ERROR - Is the EPP server running?'
def show
end
render :show
end
def load_xml
cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}"
xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")
xml.gsub!('<clTRID>ABC-12345</clTRID>', "<clTRID>#{cl_trid}</clTRID>")
render text: xml
def create
begin
@result = depp_current_user.server.request(params[:payload])
rescue
@result = 'CONNECTION ERROR - Is the EPP server running?'
end
render :show
end
def load_xml
cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}"
xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")
xml.gsub!('<clTRID>ABC-12345</clTRID>', "<clTRID>#{cl_trid}</clTRID>")
render text: xml
end
end
end

37
app/controllers/registrar_controller.rb
View file

@ -1,37 +0,0 @@
class RegistrarController < ApplicationController
before_action :authenticate_user!, :check_ip
layout 'registrar/application'
include Registrar::ApplicationHelper
helper_method :depp_controller?
def depp_controller?
false
end
def check_ip
return unless current_user
unless current_user.is_a? ApiUser
sign_out(current_user)
return
end
return if Rails.env.development?
registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
return if registrar_ip_whitelisted
flash[:alert] = t('ip_is_not_whitelisted')
sign_out(current_user)
redirect_to registrar_login_path and return
end
helper_method :head_title_sufix
def head_title_sufix
t(:registrar_head_title_sufix)
end
private
def current_ability
@current_ability ||= Ability.new(current_user, request.remote_ip)
end
end