Merge remote-tracking branch 'origin/master' into repp-domains

app/models/actions/domain_create.rb

@@ -22,6 +22,22 @@ module Actions
       commit
     end
 
+    def check_contact_duplications
+      if check_for_same_contacts(@admin_contacts, 'admin') &&
+         check_for_same_contacts(@tech_contacts, 'tech')
+        true
+      else
+        false
+      end
+    end
+
+    def check_for_same_contacts(contacts, contact_type)
+      return true unless contacts.uniq.count != contacts.count
+
+      domain.add_epp_error('2306', contact_type, nil, %i[domain_contacts invalid])
+      false
+    end
+
     # Check if domain is eligible for new registration
     def validate_domain_integrity
       return unless Domain.release_to_auction
@@ -118,6 +134,7 @@ module Actions
 
       domain.admin_domain_contacts_attributes = @admin_contacts
       domain.tech_domain_contacts_attributes = @tech_contacts
+      check_contact_duplications
     end
 
     def assign_expiry_time
@@ -174,7 +191,7 @@ module Actions
     end
 
     def commit
-      return false if validation_process_errored?
+      return false if domain.errors[:epp_errors].any? || validation_process_errored?
 
       debit_registrar
       return false if domain.errors.any?

app/models/actions/domain_update.rb

@@ -28,6 +28,12 @@ module Actions
       assign_tech_contact_changes
     end
 
+    def check_for_same_contacts(contacts, contact_type)
+      return unless contacts.uniq.count != contacts.count
+
+      domain.add_epp_error('2306', contact_type, nil, %i[domain_contacts invalid])
+    end
+
     def validate_domain_integrity
       domain.auth_info = params[:auth_info] if params[:auth_info]
 
@@ -97,13 +103,11 @@ module Actions
     def validate_dnskey_integrity(key)
       if key[:public_key] && !Setting.key_data_allowed
         domain.add_epp_error('2306', nil, nil, %i[dnskeys key_data_not_allowed])
-      elsif key[:ds_digest] && !Setting.ds_data_allowed
-        domain.add_epp_error('2306', nil, nil, %i[dnskeys ds_data_not_allowed])
+      elsif Dnskey.pub_key_base64?(key[:public_key])
+        @dnskeys << key.except(:action)
+      else
+        domain.add_epp_error(2005, nil, nil, %i[dnskeys invalid])
       end
-
-      verify_public_key_integrity(key[:public_key])
-
-      @dnskeys << key.except(:action)
     end
 
     def assign_removable_dnskey(key)
@@ -121,6 +125,7 @@ module Actions
                              I18n.t(:object_status_prohibits_operation))
       elsif props.present?
         domain.admin_domain_contacts_attributes = props
+        check_for_same_contacts(props, 'admin')
       end
     end
 
@@ -133,6 +138,7 @@ module Actions
                              I18n.t(:object_status_prohibits_operation))
       elsif props.present?
         domain.tech_domain_contacts_attributes = props
+        check_for_same_contacts(props, 'tech')
       end
     end
 
@@ -241,11 +247,5 @@ module Actions
 
       false
     end
-
-    def verify_public_key_integrity(pub)
-      return if Dnskey.pub_key_base64?(pub)
-
-      domain.add_epp_error(2005, nil, nil, %i[dnskeys invalid])
-    end
   end
 end

app/models/dnskey.rb

@@ -8,6 +8,7 @@ class Dnskey < ApplicationRecord
   validate :validate_algorithm
   validate :validate_protocol
   validate :validate_flags
+  validate :validate_public_key
 
   before_save lambda {
     generate_digest if will_save_change_to_public_key? && !will_save_change_to_ds_digest?
@@ -115,6 +116,12 @@ class Dnskey < ApplicationRecord
     self.ds_key_tag = ((c & 0xFFFF) + (c >> 16)) & 0xFFFF
   end
 
+  def validate_public_key
+    return if Dnskey.pub_key_base64?(public_key)
+
+    errors.add(:public_key, :invalid)
+  end
+
   class << self
     def int_to_hex(s)
       s = s.to_s(16)