zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-08-14 13:33:55 +02:00
Code Issues Projects Releases Packages Wiki Activity

Introduce BaseController for registrar area

Browse source
This commit is contained in:
Artur Beljajev 2017-04-06 19:05:14 +03:00
parent 955c7bcd6e
commit 92d8008c15
14 changed files with 785 additions and 746 deletions
Download patch file Download diff file Expand all files Collapse all files

46
app/controllers/registrar/account_activities_controller.rb
View file

@ -1,28 +1,30 @@
class Registrar::AccountActivitiesController < RegistrarController class Registrar
load_and_authorize_resource class AccountActivitiesController < BaseController
load_and_authorize_resource
def index # rubocop: disable Metrics/AbcSize def index # rubocop: disable Metrics/AbcSize
params[:q] ||= {} params[:q] ||= {}
account = current_user.registrar.cash_account account = current_user.registrar.cash_account
ca_cache = params[:q][:created_at_lteq] ca_cache = params[:q][:created_at_lteq]
begin begin
end_time = params[:q][:created_at_lteq].try(:to_date) end_time = params[:q][:created_at_lteq].try(:to_date)
params[:q][:created_at_lteq] = end_time.try(:end_of_day) params[:q][:created_at_lteq] = end_time.try(:end_of_day)
rescue rescue
logger.warn('Invalid date') logger.warn('Invalid date')
end
@q = account.activities.includes(:invoice).search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
respond_to do |format|
format.html { @account_activities = @q.result.page(params[:page]) }
format.csv do
send_data @q.result.to_csv, filename: "account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"
end end
end
params[:q][:created_at_lteq] = ca_cache @q = account.activities.includes(:invoice).search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty?
respond_to do |format|
format.html { @account_activities = @q.result.page(params[:page]) }
format.csv do
send_data @q.result.to_csv, filename: "account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"
end
end
params[:q][:created_at_lteq] = ca_cache
end
end end
end end

41
app/controllers/registrar/base_controller.rb Normal file
View file

@ -0,0 +1,41 @@
class Registrar
class BaseController < ApplicationController
before_action :authenticate_user!, :check_ip
layout 'registrar/application'
include Registrar::ApplicationHelper
helper_method :depp_controller?
def depp_controller?
false
end
def check_ip
return unless current_user
unless current_user.is_a? ApiUser
sign_out(current_user)
return
end
return if Rails.env.development?
registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
return if registrar_ip_whitelisted
flash[:alert] = t('ip_is_not_whitelisted')
sign_out(current_user)
redirect_to registrar_login_path and return
end
helper_method :head_title_sufix
def head_title_sufix
t(:registrar_head_title_sufix)
end
protected
def current_ability
@current_ability ||= Ability.new(current_user, request.remote_ip)
end
end
end

240
app/controllers/registrar/contacts_controller.rb
View file

@ -1,142 +1,144 @@
class Registrar::ContactsController < Registrar::DeppController # EPP controller class Registrar
before_action :init_epp_contact class ContactsController < DeppController
helper_method :address_processing? before_action :init_epp_contact
helper_method :address_processing?
def index def index
authorize! :view, Depp::Contact authorize! :view, Depp::Contact
params[:q] ||= {} params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? } params[:q].delete_if { |_k, v| v.blank? }
search_params = params[:q].deep_dup search_params = params[:q].deep_dup
if search_params[:domain_contacts_type_in].is_a?(Array) && search_params[:domain_contacts_type_in].delete('registrant') if search_params[:domain_contacts_type_in].is_a?(Array) && search_params[:domain_contacts_type_in].delete('registrant')
search_params[:registrant_domains_id_not_null] = 1 search_params[:registrant_domains_id_not_null] = 1
end end
if search_params.length == 1 && search_params[:name_matches].present? if search_params.length == 1 && search_params[:name_matches].present?
@contacts = Contact.find_by(name: search_params[:name_matches]) @contacts = Contact.find_by(name: search_params[:name_matches])
end end
if params[:statuses_contains] if params[:statuses_contains]
contacts = current_user.registrar.contacts.includes(:registrar).where( contacts = current_user.registrar.contacts.includes(:registrar).where(
"contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}" "contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
) )
else else
contacts = current_user.registrar.contacts.includes(:registrar)
end
normalize_search_parameters do
@q = contacts.search(search_params)
@contacts = @q.result(distinct: :true).page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
end
def download_list
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@contacts = Contact.find_by(name: params[:q][:name_matches])
end
contacts = current_user.registrar.contacts.includes(:registrar) contacts = current_user.registrar.contacts.includes(:registrar)
end contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains]
normalize_search_parameters do normalize_search_parameters do
@q = contacts.search(search_params) @q = contacts.search(params[:q])
@contacts = @q.result(distinct: :true).page(params[:page]) @contacts = @q.result.page(params[:page])
end end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0 @contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
end
def download_list respond_to do |format|
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@contacts = Contact.find_by(name: params[:q][:name_matches])
end
contacts = current_user.registrar.contacts.includes(:registrar)
contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains]
normalize_search_parameters do
@q = contacts.search(params[:q])
@contacts = @q.result.page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
respond_to do |format|
format.csv { render text: @contacts.to_csv } format.csv { render text: @contacts.to_csv }
format.pdf do format.pdf do
pdf = @contacts.pdf(render_to_string('registrar/contacts/download_list', layout: false)) pdf = @contacts.pdf(render_to_string('registrar/contacts/download_list', layout: false))
send_data pdf, filename: 'contacts.pdf' send_data pdf, filename: 'contacts.pdf'
end
end
end
def new
authorize! :create, Depp::Contact
@contact = Depp::Contact.new
end
def show
authorize! :view, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def edit
authorize! :edit, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def create
authorize! :create, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.save
redirect_to registrar_contact_url(@contact.id)
else
render 'new'
end end
end end
end def update
authorize! :edit, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
def new if @contact.update_attributes(params[:depp_contact])
authorize! :create, Depp::Contact redirect_to registrar_contact_url(@contact.id)
@contact = Depp::Contact.new else
end render 'edit'
end
def show
authorize! :view, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def edit
authorize! :edit, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def create
authorize! :create, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.save
redirect_to registrar_contact_url(@contact.id)
else
render 'new'
end
end
def update
authorize! :edit, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.update_attributes(params[:depp_contact])
redirect_to registrar_contact_url(@contact.id)
else
render 'edit'
end
end
def delete
authorize! :delete, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
def destroy
authorize! :delete, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
if @contact.delete
redirect_to registrar_contacts_url, notice: t(:destroyed)
else
render 'delete'
end
end
private
def init_epp_contact
Depp::Contact.user = depp_current_user
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end end
yield def delete
authorize! :delete, Depp::Contact
@contact = Depp::Contact.find_by_id(params[:id])
end
params[:q][:valid_to_lteq] = ca_cache def destroy
end authorize! :delete, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
def address_processing? if @contact.delete
Contact.address_processing? redirect_to registrar_contacts_url, notice: t(:destroyed)
else
render 'delete'
end
end
private
def init_epp_contact
Depp::Contact.user = depp_current_user
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
end
def address_processing?
Contact.address_processing?
end
end end
end end

16
app/controllers/registrar/dashboard_controller.rb
View file

@ -1,11 +1,13 @@
class Registrar::DashboardController < RegistrarController class Registrar
authorize_resource class: false class DashboardController < BaseController
authorize_resource class: false
def show def show
if can?(:show, :poll) if can?(:show, :poll)
redirect_to registrar_poll_url and return redirect_to registrar_poll_url and return
elsif can?(:show, Invoice) elsif can?(:show, Invoice)
redirect_to registrar_invoices_url and return redirect_to registrar_invoices_url and return
end
end end
end end
end end

42
app/controllers/registrar/deposits_controller.rb
View file

@ -1,26 +1,28 @@
class Registrar::DepositsController < RegistrarController class Registrar
authorize_resource class: false class DepositsController < BaseController
authorize_resource class: false
def new def new
@deposit = Deposit.new @deposit = Deposit.new
end end
def create def create
@deposit = Deposit.new(deposit_params.merge(registrar: current_user.registrar)) @deposit = Deposit.new(deposit_params.merge(registrar: current_user.registrar))
@invoice = @deposit.issue_prepayment_invoice @invoice = @deposit.issue_prepayment_invoice
if @invoice && @invoice.persisted? if @invoice && @invoice.persisted?
flash[:notice] = t(:please_pay_the_following_invoice) flash[:notice] = t(:please_pay_the_following_invoice)
redirect_to [:registrar, @invoice] redirect_to [:registrar, @invoice]
else else
flash.now[:alert] = t(:failed_to_create_record) flash.now[:alert] = t(:failed_to_create_record)
render 'new' render 'new'
end
end
private
def deposit_params
params.require(:deposit).permit(:amount, :description)
end end
end end
private
def deposit_params
params.require(:deposit).permit(:amount, :description)
end
end end

63
app/controllers/registrar/depp_controller.rb
View file

@ -1,34 +1,37 @@
class Registrar::DeppController < RegistrarController # EPP controller class Registrar
helper_method :depp_current_user class DeppController < BaseController
helper_method :depp_current_user
rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |exception| rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |exception|
logger.error 'COULD NOT CONNECT TO REGISTRY' logger.error 'COULD NOT CONNECT TO REGISTRY'
logger.error exception.backtrace.join("\n") logger.error exception.backtrace.join("\n")
redirect_to registrar_login_url, alert: t(:no_connection_to_registry) redirect_to registrar_login_url, alert: t(:no_connection_to_registry)
end end
before_action :authenticate_user before_action :authenticate_user
def authenticate_user
redirect_to registrar_login_url and return unless depp_current_user def authenticate_user
end redirect_to registrar_login_url and return unless depp_current_user
end
def depp_controller?
true def depp_controller?
end true
end
def depp_current_user
return nil unless current_user def depp_current_user
@depp_current_user ||= Depp::User.new( return nil unless current_user
tag: current_user.username, @depp_current_user ||= Depp::User.new(
password: current_user.password tag: current_user.username,
) password: current_user.password
end )
end
def response_ok?
@data.css('result').each do |x| def response_ok?
success_codes = %(1000, 1001, 1300, 1301) @data.css('result').each do |x|
return false unless success_codes.include?(x['code']) success_codes = %(1000, 1001, 1300, 1301)
return false unless success_codes.include?(x['code'])
end
true
end end
true
end end
end end

345
app/controllers/registrar/domains_controller.rb
View file

@ -1,191 +1,194 @@
class Registrar::DomainsController < Registrar::DeppController # EPP controller class Registrar
before_action :init_domain, except: :new class DomainsController < DeppController
helper_method :contacts before_action :init_domain, except: :new
helper_method :contacts
# rubocop: disable Metrics/PerceivedComplexity # rubocop: disable Metrics/PerceivedComplexity
# rubocop: disable Metrics/CyclomaticComplexity # rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/AbcSize # rubocop: disable Metrics/AbcSize
# rubocop: disable Metrics/MethodLength # rubocop: disable Metrics/MethodLength
def index def index
authorize! :view, Depp::Domain authorize! :view, Depp::Domain
params[:q] ||= {} params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? } params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present? if params[:q].length == 1 && params[:q][:name_matches].present?
@domain = Domain.find_by(name: params[:q][:name_matches]) @domain = Domain.find_by(name: params[:q][:name_matches])
if @domain if @domain
redirect_to info_registrar_domains_url(domain_name: @domain.name) and return redirect_to info_registrar_domains_url(domain_name: @domain.name) and return
end
end end
end
if params[:statuses_contains] if params[:statuses_contains]
domains = current_user.registrar.domains.includes(:registrar, :registrant).where( domains = current_user.registrar.domains.includes(:registrar, :registrant).where(
"statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}" "statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
) )
else else
domains = current_user.registrar.domains.includes(:registrar, :registrant) domains = current_user.registrar.domains.includes(:registrar, :registrant)
end end
normalize_search_parameters do normalize_search_parameters do
@q = domains.search(params[:q])
@domains = @q.result.page(params[:page])
if @domains.count == 0 && params[:q][:name_matches] !~ /^%.+%$/
# if we do not get any results, add wildcards to the name field and search again
n_cache = params[:q][:name_matches]
params[:q][:name_matches] = "%#{params[:q][:name_matches]}%"
@q = domains.search(params[:q]) @q = domains.search(params[:q])
@domains = @q.result.page(params[:page]) @domains = @q.result.page(params[:page])
params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form if @domains.count == 0 && params[:q][:name_matches] !~ /^%.+%$/
end # if we do not get any results, add wildcards to the name field and search again
end n_cache = params[:q][:name_matches]
params[:q][:name_matches] = "%#{params[:q][:name_matches]}%"
@domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i > 0 @q = domains.search(params[:q])
@domains = @q.result.page(params[:page])
respond_to do |format| params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form
format.html
format.csv do
domain_presenters = []
@domains.find_each do |domain|
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
end end
end
csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters, view: view_context).to_s @domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i > 0
send_data(csv)
respond_to do |format|
format.html
format.csv do
domain_presenters = []
@domains.find_each do |domain|
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
end
csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters, view: view_context).to_s
send_data(csv)
end
end end
end end
end
# rubocop: enable Metrics/PerceivedComplexity
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/AbcSize
def info # rubocop: enable Metrics/PerceivedComplexity
authorize! :info, Depp::Domain # rubocop: enable Metrics/CyclomaticComplexity
@data = @domain.info(params[:domain_name]) if params[:domain_name] # rubocop: enable Metrics/AbcSize
if response_ok?
render 'info'
else
flash[:alert] = @data.css('msg').text
redirect_to registrar_domains_url and return
end
end
def check def info
authorize! :check, Depp::Domain authorize! :info, Depp::Domain
if params[:domain_name] @data = @domain.info(params[:domain_name]) if params[:domain_name]
@data = @domain.check(params[:domain_name]) if response_ok?
render 'check_index' and return unless response_ok? render 'info'
else else
render 'check_index' flash[:alert] = @data.css('msg').text
end redirect_to registrar_domains_url and return
end end
def new
authorize! :create, Depp::Domain
@domain_params = Depp::Domain.default_params
end
def create
authorize! :create, Depp::Domain
@domain_params = params[:domain]
@data = @domain.create(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
render 'new'
end
end
def edit
authorize! :update, Depp::Domain
@data = @domain.info(params[:domain_name])
@domain_params = Depp::Domain.construct_params_from_server_data(@data)
end
def update
authorize! :update, Depp::Domain
@domain_params = params[:domain]
@data = @domain.update(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
params[:domain_name] = @domain_params[:name]
render 'new'
end
end
def delete
authorize! :delete, Depp::Domain
end
def destroy
authorize! :delete, Depp::Domain
@data = @domain.delete(params[:domain])
@results = @data.css('result')
if response_ok?
redirect_to info_registrar_domains_url(domain_name: params[:domain][:name])
else
params[:domain_name] = params[:domain][:name]
render 'delete'
end
end
def renew
authorize! :renew, Depp::Domain
if params[:domain_name] && params[:cur_exp_date]
@data = @domain.renew(params)
render 'renew_index' and return unless response_ok?
else
render 'renew_index'
end
end
def transfer
authorize! :transfer, Depp::Domain
if request.post? && params[:domain_name]
@data = @domain.transfer(params)
render 'transfer_index' and return unless response_ok?
else
render 'transfer_index'
end
end
def search_contacts
authorize! :create, Depp::Domain
scope = current_user.registrar.contacts.limit(10)
if params[:query].present?
escaped_str = ActiveRecord::Base.connection.quote_string params[:query]
scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' ")
end end
render json: scope.pluck(:name, :code).map { |c| {display_key: "#{c.second} #{c.first}", value: c.second} } def check
end authorize! :check, Depp::Domain
if params[:domain_name]
private @data = @domain.check(params[:domain_name])
render 'check_index' and return unless response_ok?
def init_domain else
@domain = Depp::Domain.new(current_user: depp_current_user) render 'check_index'
end end
def contacts
current_user.registrar.contacts
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end end
yield def new
authorize! :create, Depp::Domain
@domain_params = Depp::Domain.default_params
end
params[:q][:valid_to_lteq] = ca_cache def create
authorize! :create, Depp::Domain
@domain_params = params[:domain]
@data = @domain.create(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
render 'new'
end
end
def edit
authorize! :update, Depp::Domain
@data = @domain.info(params[:domain_name])
@domain_params = Depp::Domain.construct_params_from_server_data(@data)
end
def update
authorize! :update, Depp::Domain
@domain_params = params[:domain]
@data = @domain.update(@domain_params)
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
else
params[:domain_name] = @domain_params[:name]
render 'new'
end
end
def delete
authorize! :delete, Depp::Domain
end
def destroy
authorize! :delete, Depp::Domain
@data = @domain.delete(params[:domain])
@results = @data.css('result')
if response_ok?
redirect_to info_registrar_domains_url(domain_name: params[:domain][:name])
else
params[:domain_name] = params[:domain][:name]
render 'delete'
end
end
def renew
authorize! :renew, Depp::Domain
if params[:domain_name] && params[:cur_exp_date]
@data = @domain.renew(params)
render 'renew_index' and return unless response_ok?
else
render 'renew_index'
end
end
def transfer
authorize! :transfer, Depp::Domain
if request.post? && params[:domain_name]
@data = @domain.transfer(params)
render 'transfer_index' and return unless response_ok?
else
render 'transfer_index'
end
end
def search_contacts
authorize! :create, Depp::Domain
scope = current_user.registrar.contacts.limit(10)
if params[:query].present?
escaped_str = ActiveRecord::Base.connection.quote_string params[:query]
scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' ")
end
render json: scope.pluck(:name, :code).map { |c| { display_key: "#{c.second} #{c.first}", value: c.second } }
end
private
def init_domain
@domain = Depp::Domain.new(current_user: depp_current_user)
end
def contacts
current_user.registrar.contacts
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
end
end end
end end

129
app/controllers/registrar/invoices_controller.rb
View file

@ -1,71 +1,74 @@
class Registrar::InvoicesController < RegistrarController class Registrar
load_and_authorize_resource class InvoicesController < BaseController
load_and_authorize_resource
before_action :set_invoice, only: [:show, :forward, :download_pdf] before_action :set_invoice, only: [:show, :forward, :download_pdf]
def index def index
params[:q] ||= {} params[:q] ||= {}
invoices = current_user.registrar.invoices.includes(:invoice_items, :account_activity) invoices = current_user.registrar.invoices.includes(:invoice_items, :account_activity)
normalize_search_parameters do normalize_search_parameters do
@q = invoices.search(params[:q]) @q = invoices.search(params[:q])
@q.sorts = 'id desc' if @q.sorts.empty? @q.sorts = 'id desc' if @q.sorts.empty?
@invoices = @q.result.page(params[:page]) @invoices = @q.result.page(params[:page])
end end
end
def show; end
def forward
@invoice.billing_email = @invoice.buyer.billing_email
return unless request.post?
@invoice.billing_email = params[:invoice][:billing_email]
if @invoice.forward(render_to_string('pdf', layout: false))
flash[:notice] = t(:invoice_forwared)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_forward_invoice)
end
end
def cancel
if @invoice.cancel
flash[:notice] = t(:record_updated)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_update_record)
render :show
end
end
def download_pdf
pdf = @invoice.pdf(render_to_string('pdf', layout: false))
send_data pdf, filename: @invoice.pdf_name
end
private
def set_invoice
@invoice = Invoice.find(params[:id])
end
def normalize_search_parameters
params[:q][:sum_cache_gteq].gsub!(',', '.') if params[:q][:sum_cache_gteq]
params[:q][:sum_cache_lteq].gsub!(',', '.') if params[:q][:sum_cache_lteq]
ca_cache = params[:q][:due_date_lteq]
begin
end_time = params[:q][:due_date_lteq].try(:to_date)
params[:q][:due_date_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end end
yield def show;
end
params[:q][:due_date_lteq] = ca_cache def forward
@invoice.billing_email = @invoice.buyer.billing_email
return unless request.post?
@invoice.billing_email = params[:invoice][:billing_email]
if @invoice.forward(render_to_string('pdf', layout: false))
flash[:notice] = t(:invoice_forwared)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_forward_invoice)
end
end
def cancel
if @invoice.cancel
flash[:notice] = t(:record_updated)
redirect_to([:registrar, @invoice])
else
flash.now[:alert] = t(:failed_to_update_record)
render :show
end
end
def download_pdf
pdf = @invoice.pdf(render_to_string('pdf', layout: false))
send_data pdf, filename: @invoice.pdf_name
end
private
def set_invoice
@invoice = Invoice.find(params[:id])
end
def normalize_search_parameters
params[:q][:sum_cache_gteq].gsub!(',', '.') if params[:q][:sum_cache_gteq]
params[:q][:sum_cache_lteq].gsub!(',', '.') if params[:q][:sum_cache_lteq]
ca_cache = params[:q][:due_date_lteq]
begin
end_time = params[:q][:due_date_lteq].try(:to_date)
params[:q][:due_date_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:due_date_lteq] = ca_cache
end
end end
end end

28
app/controllers/registrar/keyrelays_controller.rb
View file

@ -1,18 +1,20 @@
class Registrar::KeyrelaysController < Registrar::DeppController # EPP controller class Registrar
def show class KeyrelaysController < DeppController
authorize! :view, Depp::Keyrelay def show
end authorize! :view, Depp::Keyrelay
end
def create def create
authorize! :create, Depp::Keyrelay authorize! :create, Depp::Keyrelay
keyrelay = Depp::Keyrelay.new(current_user: depp_current_user) keyrelay = Depp::Keyrelay.new(current_user: depp_current_user)
@data = keyrelay.keyrelay(params) @data = keyrelay.keyrelay(params)
if response_ok? if response_ok?
flash[:epp_results] = [{ 'code' => '1000', 'msg' => 'Command completed successfully', 'show' => true }] flash[:epp_results] = [{ 'code' => '1000', 'msg' => 'Command completed successfully', 'show' => true }]
redirect_to registrar_keyrelay_path redirect_to registrar_keyrelay_path
else else
render 'show' render 'show'
end
end end
end end
end end

80
app/controllers/registrar/payments_controller.rb
View file

@ -1,46 +1,48 @@
class Registrar::PaymentsController < RegistrarController class Registrar
protect_from_forgery except: :back class PaymentsController < BaseController
protect_from_forgery except: :back
skip_authorization_check # actually anyone can pay, no problems at all skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_user!, :check_ip, only: [:back] skip_before_action :authenticate_user!, :check_ip, only: [:back]
before_action :check_bank before_action :check_bank
# to handle existing model we should # to handle existing model we should
# get invoice_id and then get number # get invoice_id and then get number
# build BankTransaction without connection with right reference number # build BankTransaction without connection with right reference number
# do not connect transaction and invoice # do not connect transaction and invoice
def pay def pay
invoice = Invoice.find(params[:invoice_id]) invoice = Invoice.find(params[:invoice_id])
@bank_link = BankLink::Request.new(params[:bank], invoice, self) @bank_link = BankLink::Request.new(params[:bank], invoice, self)
@bank_link.make_transaction @bank_link.make_transaction
end
# connect invoice and transaction
# both back and IPN
def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid? && @bank_link.ok?
@bank_link.complete_payment
if @bank_link.invoice.binded?
flash[:notice] = t(:pending_applied)
else
flash[:alert] = t(:something_wrong)
end
else
flash[:alert] = t(:something_wrong)
end end
redirect_to registrar_invoice_path(@bank_link.invoice)
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
end
def check_bank # connect invoice and transaction
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank]) # both back and IPN
end def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid? && @bank_link.ok?
@bank_link.complete_payment
if @bank_link.invoice.binded?
flash[:notice] = t(:pending_applied)
else
flash[:alert] = t(:something_wrong)
end
else
flash[:alert] = t(:something_wrong)
end
redirect_to registrar_invoice_path(@bank_link.invoice)
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
end
def check_bank
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank])
end
end
end end

107
app/controllers/registrar/polls_controller.rb
View file

@ -1,56 +1,61 @@
class Registrar::PollsController < Registrar::DeppController # EPP controller class Registrar
authorize_resource class: false class PollsController < DeppController
before_action :init_epp_xml authorize_resource class: false
before_action :init_epp_xml
def show
if Rails.env.test? # Stub for depp server request
@data = Object.new
def @data.css(key)
; [];
end
else
@data = depp_current_user.request(@ex.poll)
end
end
def destroy
@data = depp_current_user.request(@ex.poll(poll: {
value: '', attrs: { op: 'ack', msgID: params[:id] }
}))
@results = @data.css('result')
def show
if Rails.env.test? # Stub for depp server request
@data = Object.new
def @data.css(key); []; end
else
@data = depp_current_user.request(@ex.poll) @data = depp_current_user.request(@ex.poll)
render 'show'
end
# TODO: Keyrelay is disabled for now
# def confirm_keyrelay
# authorize! :confirm, :keyrelay
# domain_params = params[:domain]
# @data = @domain.confirm_keyrelay(domain_params)
# if response_ok?
# redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
# else
# @results = @data.css('result')
# @data = depp_current_user.request(@ex.poll)
# render 'show'
# end
# end
def confirm_transfer
domain_params = params[:domain]
@data = @domain.confirm_transfer(domain_params)
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
private
def init_epp_xml
@ex = EppXml::Session.new(cl_trid_prefix: depp_current_user.tag)
@domain = Depp::Domain.new(current_user: depp_current_user)
end end
end end
def destroy
@data = depp_current_user.request(@ex.poll(poll: {
value: '', attrs: { op: 'ack', msgID: params[:id] }
}))
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
# TODO: Keyrelay is disabled for now
# def confirm_keyrelay
# authorize! :confirm, :keyrelay
# domain_params = params[:domain]
# @data = @domain.confirm_keyrelay(domain_params)
# if response_ok?
# redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
# else
# @results = @data.css('result')
# @data = depp_current_user.request(@ex.poll)
# render 'show'
# end
# end
def confirm_transfer
domain_params = params[:domain]
@data = @domain.confirm_transfer(domain_params)
@results = @data.css('result')
@data = depp_current_user.request(@ex.poll)
render 'show'
end
private
def init_epp_xml
@ex = EppXml::Session.new(cl_trid_prefix: depp_current_user.tag)
@domain = Depp::Domain.new(current_user: depp_current_user)
end
end end

319
app/controllers/registrar/sessions_controller.rb
View file

@ -1,186 +1,193 @@
class Registrar::SessionsController < Devise::SessionsController class Registrar
layout 'registrar/application' class SessionsController < Devise::SessionsController
helper_method :depp_controller? layout 'registrar/application'
def depp_controller? helper_method :depp_controller?
false
end
before_action :check_ip def depp_controller?
false
def login
@depp_user = Depp::User.new
end
# rubocop:disable Metrics/PerceivedComplexity
# rubocop:disable Metrics/CyclomaticComplexity
# rubocop:disable Metrics/MethodLength
# rubocop:disable Metrics/AbcSize
def create
@depp_user = Depp::User.new(params[:depp_user].merge(pki: !(Rails.env.development? || Rails.env.test?)))
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'].blank?
@depp_user.errors.add(:base, :webserver_missing_user_name_directive)
end end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'].blank? before_action :check_ip
@depp_user.errors.add(:base, :webserver_missing_client_cert_directive)
def login
@depp_user = Depp::User.new
end end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] == '(null)' # rubocop:disable Metrics/PerceivedComplexity
@depp_user.errors.add(:base, :webserver_user_name_directive_should_be_required) # rubocop:disable Metrics/CyclomaticComplexity
end # rubocop:disable Metrics/MethodLength
# rubocop:disable Metrics/AbcSize
def create
@depp_user = Depp::User.new(params[:depp_user].merge(pki: !(Rails.env.development? || Rails.env.test?)))
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'] == '(null)' if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'].blank?
@depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required) @depp_user.errors.add(:base, :webserver_missing_user_name_directive)
end
@api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password])
unless @api_user
@depp_user.errors.add(:base, t(:no_such_user))
render 'login' and return
end
if @depp_user.pki
unless @api_user.registrar_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
@depp_user.errors.add(:base, :invalid_cert)
end end
end
if @depp_user.errors.none? if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'].blank?
if @api_user.active? @depp_user.errors.add(:base, :webserver_missing_client_cert_directive)
sign_in @api_user end
redirect_to registrar_root_url
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_S_DN_CN'] == '(null)'
@depp_user.errors.add(:base, :webserver_user_name_directive_should_be_required)
end
if @depp_user.pki && request.env['HTTP_SSL_CLIENT_CERT'] == '(null)'
@depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required)
end
@api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password])
unless @api_user
@depp_user.errors.add(:base, t(:no_such_user))
render 'login' and return
end
if @depp_user.pki
unless @api_user.registrar_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
@depp_user.errors.add(:base, :invalid_cert)
end
end
if @depp_user.errors.none?
if @api_user.active?
sign_in @api_user
redirect_to registrar_root_url
else
@depp_user.errors.add(:base, :not_active)
render 'login'
end
else else
@depp_user.errors.add(:base, :not_active)
render 'login' render 'login'
end end
else
render 'login'
end end
end
# rubocop:enable Metrics/MethodLength
# rubocop:enable Metrics/AbcSize
def switch_user # rubocop:enable Metrics/MethodLength
@api_user = ApiUser.find(params[:id]) # rubocop:enable Metrics/AbcSize
unless Rails.env.development? def switch_user
unless @api_user.registrar.registrar_ip_white?(request.ip) @api_user = ApiUser.find(params[:id])
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return unless Rails.env.development?
unless @api_user.registrar.registrar_ip_white?(request.ip)
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
redirect_to :back and return
end
end
sign_in @api_user if @api_user.identity_code == current_user.identity_code
redirect_to registrar_root_url
end
# rubocop:enable Metrics/CyclomaticComplexity
# rubocop:enable Metrics/PerceivedComplexity
def id
@user = ApiUser.find_by_idc_data(request.env['SSL_CLIENT_S_DN'])
if @user
sign_in(@user, event: :authentication)
redirect_to registrar_root_url
else
flash[:alert] = t('no_such_user')
redirect_to registrar_login_url
end end
end end
sign_in @api_user if @api_user.identity_code == current_user.identity_code def login_mid
@user = User.new
redirect_to registrar_root_url
end
# rubocop:enable Metrics/CyclomaticComplexity
# rubocop:enable Metrics/PerceivedComplexity
def id
@user = ApiUser.find_by_idc_data(request.env['SSL_CLIENT_S_DN'])
if @user
sign_in(@user, event: :authentication)
redirect_to registrar_root_url
else
flash[:alert] = t('no_such_user')
redirect_to registrar_login_url
end
end
def login_mid
@user = User.new
end
# rubocop:disable Metrics/MethodLength
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
# country_codes = {'+372' => 'EST'}
phone.gsub!('+372', '')
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end end
@user = find_user_by_idc(response.user_id_code) # rubocop:disable Metrics/MethodLength
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
if @user.persisted? # country_codes = {'+372' => 'EST'}
session[:user_id_code] = response.user_id_code phone.gsub!('+372', '')
session[:mid_session_code] = client.session_code response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
render json: { if response.faultcode
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id }) render json: { message: response.detail.message }, status: :unauthorized
}, status: :ok return
else end
render json: { message: t(:no_such_user) }, status: :unauthorized
@user = find_user_by_idc(response.user_id_code)
if @user.persisted?
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end end
end
# rubocop:enable Metrics/MethodLength
# rubocop: disable Metrics/AbcSize # rubocop:enable Metrics/MethodLength
# rubocop: disable Metrics/CyclomaticComplexity
# rubocop: disable Metrics/MethodLength
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status # rubocop: disable Metrics/AbcSize
when 'OUTSTANDING_TRANSACTION' # rubocop: disable Metrics/CyclomaticComplexity
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok # rubocop: disable Metrics/MethodLength
when 'USER_AUTHENTICATED' def mid_status
@user = find_user_by_idc(session[:user_id_code]) endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
sign_in @user client = Digidoc::Client.new(endpoint)
flash[:notice] = t(:welcome) client.session_code = session[:mid_session_code]
flash.keep(:notice) auth_status = client.authentication_status
render js: "window.location = '#{registrar_root_url}'"
when 'NOT_VALID' case auth_status.status
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request when 'OUTSTANDING_TRANSACTION'
when 'EXPIRED_TRANSACTION' render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
render json: { message: t(:session_timeout) }, status: :bad_request when 'USER_AUTHENTICATED'
when 'USER_CANCEL' @user = find_user_by_idc(session[:user_id_code])
render json: { message: t(:user_cancelled) }, status: :bad_request sign_in @user
when 'MID_NOT_READY' flash[:notice] = t(:welcome)
render json: { message: t(:mid_not_ready) }, status: :bad_request flash.keep(:notice)
when 'PHONE_ABSENT' render js: "window.location = '#{registrar_root_url}'"
render json: { message: t(:phone_absent) }, status: :bad_request when 'NOT_VALID'
when 'SENDING_ERROR' render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
render json: { message: t(:sending_error) }, status: :bad_request when 'EXPIRED_TRANSACTION'
when 'SIM_ERROR' render json: { message: t(:session_timeout) }, status: :bad_request
render json: { message: t(:sim_error) }, status: :bad_request when 'USER_CANCEL'
when 'INTERNAL_ERROR' render json: { message: t(:user_cancelled) }, status: :bad_request
render json: { message: t(:internal_error) }, status: :bad_request when 'MID_NOT_READY'
else render json: { message: t(:mid_not_ready) }, status: :bad_request
render json: { message: t(:internal_error) }, status: :bad_request when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end end
end
# rubocop: enable Metrics/AbcSize
# rubocop: enable Metrics/CyclomaticComplexity
# rubocop: enable Metrics/MethodLength
def find_user_by_idc(idc) # rubocop: enable Metrics/AbcSize
return User.new unless idc # rubocop: enable Metrics/CyclomaticComplexity
ApiUser.find_by(identity_code: idc) || User.new # rubocop: enable Metrics/MethodLength
end
private def find_user_by_idc(idc)
return User.new unless idc
ApiUser.find_by(identity_code: idc) || User.new
end
def check_ip private
return if Rails.env.development?
return if WhiteIp.registrar_ip_white?(request.ip) def check_ip
render text: t('access_denied') and return return if Rails.env.development?
return if WhiteIp.registrar_ip_white?(request.ip)
render text: t('access_denied') and return
end
end end
end end

38
app/controllers/registrar/xml_consoles_controller.rb
View file

@ -1,23 +1,25 @@
class Registrar::XmlConsolesController < Registrar::DeppController # EPP controller class Registrar
authorize_resource class: false class XmlConsolesController < DeppController
authorize_resource class: false
def show def show
end
def create
begin
@result = depp_current_user.server.request(params[:payload])
rescue
@result = 'CONNECTION ERROR - Is the EPP server running?'
end end
render :show
end
def load_xml def create
cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}" begin
xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests' @result = depp_current_user.server.request(params[:payload])
xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml") rescue
xml.gsub!('<clTRID>ABC-12345</clTRID>', "<clTRID>#{cl_trid}</clTRID>") @result = 'CONNECTION ERROR - Is the EPP server running?'
render text: xml end
render :show
end
def load_xml
cl_trid = "#{depp_current_user.tag}-#{Time.zone.now.to_i}"
xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")
xml.gsub!('<clTRID>ABC-12345</clTRID>', "<clTRID>#{cl_trid}</clTRID>")
render text: xml
end
end end
end end

37
app/controllers/registrar_controller.rb
View file

@ -1,37 +0,0 @@
class RegistrarController < ApplicationController
before_action :authenticate_user!, :check_ip
layout 'registrar/application'
include Registrar::ApplicationHelper
helper_method :depp_controller?
def depp_controller?
false
end
def check_ip
return unless current_user
unless current_user.is_a? ApiUser
sign_out(current_user)
return
end
return if Rails.env.development?
registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
return if registrar_ip_whitelisted
flash[:alert] = t('ip_is_not_whitelisted')
sign_out(current_user)
redirect_to registrar_login_path and return
end
helper_method :head_title_sufix
def head_title_sufix
t(:registrar_head_title_sufix)
end
private
def current_ability
@current_ability ||= Ability.new(current_user, request.remote_ip)
end
end