zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-08-11 20:19:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Refacterd ability for epp+repp #2713

Browse source
This commit is contained in:
Priit Tark 2015-08-19 11:39:56 +03:00
parent 30454cc196
commit 9867309467
2 changed files with 33 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/registrar_controller.rb
View file

@ -18,14 +18,14 @@ class RegistrarController < ApplicationController
return return
end end
return if Rails.env.development? return if Rails.env.development?
riw = current_user.registrar.registrar_ip_white?(request.ip) registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
aiw = true api_ip_whitelisted = true
if current_user.can?(:create, :epp_request) if current_user.can?(:create, :epp_request)
aiw = current_user.registrar.api_ip_white?(request.ip) api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
end end
return if riw && aiw return if registrar_ip_whitelisted && api_ip_whitelisted
flash[:alert] = t('ip_is_not_whitelisted') flash[:alert] = t('ip_is_not_whitelisted')
sign_out(current_user) sign_out(current_user)
redirect_to registrar_login_path and return redirect_to registrar_login_path and return

65
app/models/ability.rb
View file

@ -30,13 +30,39 @@ class Ability
def super # Registrar/api_user dynamic role def super # Registrar/api_user dynamic role
static_registrar static_registrar
static_epp epp
billing billing
end end
def epp # Registrar/api_user dynamic role def epp # Registrar/api_user dynamic role
static_registrar static_registrar
static_epp
# REPP
can(:manage, :repp)
# EPP
can(:create, :epp_login) # billing can establis epp connection in order to login
can(:create, :epp_requests)
# Epp::Domain
can(:info, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || pw.blank? ? true : d.auth_info == pw }
can(:check, Epp::Domain)
can(:create, Epp::Domain)
can(:renew, Epp::Domain) { |d| d.registrar_id == @user.registrar_id }
can(:update, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw }
can(:view_password, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
can(:delete, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
# Epp::Contact
can(:info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || pw.blank? ? true : c.auth_info == pw }
can(:view_full_info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:check, Epp::Contact)
can(:create, Epp::Contact)
can(:update, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:delete, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:renew, Epp::Contact)
can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
end end
def billing # Registrar/api_user dynamic role def billing # Registrar/api_user dynamic role
@ -44,7 +70,7 @@ class Ability
can(:manage, Invoice) { |i| i.buyer_id == @user.registrar_id } can(:manage, Invoice) { |i| i.buyer_id == @user.registrar_id }
can :manage, :deposit can :manage, :deposit
can :read, AccountActivity can :read, AccountActivity
static_epp_login # billing can establis epp connection in order to login can(:create, :epp_login) # billing can establis epp connection in order to login
end end
def customer_service # Admin/admin_user dynamic role def customer_service # Admin/admin_user dynamic role
@ -83,39 +109,6 @@ class Ability
# #
# Static roles, linked from dynamic roles # Static roles, linked from dynamic roles
# #
def static_epp_login
can(:create, :epp_login)
end
def static_epp
# REPP
can(:manage, :repp)
# EPP
static_epp_login
can(:create, :epp_requests)
# Epp::Domain
can(:info, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || pw.blank? ? true : d.auth_info == pw }
can(:check, Epp::Domain)
can(:create, Epp::Domain)
can(:renew, Epp::Domain) { |d| d.registrar_id == @user.registrar_id }
can(:update, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw }
can(:view_password, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
can(:delete, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
# Epp::Contact
can(:info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || pw.blank? ? true : c.auth_info == pw }
can(:view_full_info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:check, Epp::Contact)
can(:create, Epp::Contact)
can(:update, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:delete, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:renew, Epp::Contact)
can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
end
def static_registrar def static_registrar
can :manage, Nameserver can :manage, Nameserver
can :view, :registrar_dashboard can :view, :registrar_dashboard