Merge branch 'master' of https://github.com/internetee/registry into 1818-bulk-change-when-client-has-status-update-prohibited

.codeclimate.yml

@@ -7,6 +7,9 @@ prepare:
 plugins:
   brakeman:
     enabled: true
+    checks:
+      mass_assign_permit!:
+        enabled: false
   bundler-audit:
     enabled: true
   duplication:

CHANGELOG.md

@@ -1,3 +1,21 @@
+02.02.2021
+* Fixed updateProhibited status not affecting bulk tech contact change operation [#1820](https://github.com/internetee/registry/pull/1820)
+
+01.02.2021
+* Improved tests for admin interface [#1805](https://github.com/internetee/registry/pull/1805)
+
+28.01.2021
+* Fixed transfer with shared admin and tech contacts [#1808](https://github.com/internetee/registry/issues/1808)
+* Improved error handling with double admin/tech contacts [#1758](https://github.com/internetee/registry/issues/1758)
+* Added CSV export option to admin [#1775](https://github.com/internetee/registry/issues/1775)
+* Improved DNSSEC key validation for illegal characters [#1790](https://github.com/internetee/registry/issues/1790)
+* Fix for whois record creation issue on releasing domain to auction [#1139](https://github.com/internetee/registry/issues/1139)
+* Fix for handling malformed request frames [#1825](https://github.com/internetee/registry/issues/1825)
+* Improved registrar account activity tests [#1824](https://github.com/internetee/registry/pull/1824)
+
+27.01.2021
+* Figaro update to 1.2.0 [#1823](https://github.com/internetee/registry/pull/1823)
+
 26.01.2021
 * Ruby update to 2.7 [#1791](https://github.com/internetee/registry/issues/1791)
 

Gemfile

@@ -9,7 +9,7 @@ gem 'rest-client'
 gem 'uglifier'
 
 # load env
-gem 'figaro', '1.1.1'
+gem 'figaro', '~> 1.2'
 
 # model related
 gem 'activerecord-import'

Gemfile.lock

@@ -202,8 +202,8 @@ GEM
     erubis (2.7.0)
     execjs (2.7.0)
     ffi (1.13.1)
-    figaro (1.1.1)
+    figaro (1.2.0)
-      thor (~> 0.14)
+      thor (>= 0.14.0, < 2)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
     gyoku (1.3.1)
@@ -502,7 +502,7 @@ DEPENDENCIES
   e_invoice!
   epp!
   epp-xml (= 1.1.0)!
-  figaro (= 1.1.1)
+  figaro (~> 1.2)
   haml (~> 5.0)
   isikukood
   iso8601 (= 0.12.1)

app/assets/javascripts/admin/application.coffee

@@ -8,6 +8,8 @@ $(window).load ->
 
   $('[data-toggle="popover"]').popover()
 
+  $('[data-toggle="tooltip"]').tooltip()
+
   # doublescroll
   $('[data-doublescroll]').doubleScroll({
     onlyIfScroll: false,

app/controllers/admin/domains_controller.rb

@@ -27,8 +27,17 @@ module Admin
           params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form
         end
       end
-
       @domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
+
+      respond_to do |format|
+        format.html do
+          @domains
+        end
+        format.csv do
+          raw_csv = @domains.to_csv
+          send_data raw_csv, filename: 'domains.csv', type: "#{Mime[:csv]}; charset=utf-8"
+        end
+      end
     end
 
     def show

app/lib/to_stdout.rb

@@ -0,0 +1,6 @@
+class ToStdout
+  def self.msg(message)
+    time = Time.zone.now.utc
+    STDOUT << "#{time} - #{message}\n" unless Rails.env.test?
+  end
+end

app/models/concerns/domain/bulk_updatable.rb

@@ -0,0 +1,17 @@
+module Concerns
+  module Domain
+    module BulkUpdatable
+      extend ActiveSupport::Concern
+
+      def bulk_update_prohibited?
+        discarded? || statuses_blocks_update?
+      end
+
+      def statuses_blocks_update?
+        prohibited_array = [DomainStatus::SERVER_UPDATE_PROHIBITED,
+                            DomainStatus::CLIENT_UPDATE_PROHIBITED]
+        prohibited_array.any? { |block_status| statuses.include?(block_status) }
+      end
+    end
+  end
+end

app/models/concerns/domain/releasable.rb

@@ -39,13 +39,15 @@ module Concerns
 
       def release
         if release_to_auction
-          transaction do
+          ToStdout.msg 'Destroying domain'
-            domain_name.sell_at_auction if domain_name.auctionable?
+          destroy!
-            destroy!
+          ToStdout.msg "Checking if domain_name is auctionable: #{domain_name.auctionable?}"
-            registrar.notifications.create!(text: "#{I18n.t(:domain_deleted)}: #{name}",
+          domain_name.sell_at_auction if domain_name.auctionable?
-                                            attached_obj_id: id,
+
-                                            attached_obj_type: self.class)
+          ToStdout.msg 'Sending registrar notification'
-          end
+          registrar.notifications.create!(text: "#{I18n.t(:domain_deleted)}: #{name}",
+                                          attached_obj_id: id,
+                                          attached_obj_type: self.class)
         else
           discard
         end

app/models/concerns/domain/transferable.rb

@@ -59,7 +59,7 @@ module Concerns::Domain::Transferable
     copied_ids = []
     domain_contacts.each do |dc|
       contact = Contact.find(dc.contact_id)
-      next if copied_ids.include?(contact.id) || contact.registrar == new_registrar
+      next if copied_ids.include?(uniq_contact_hash(dc)) || contact.registrar == new_registrar
 
       if registrant_id_was == contact.id # registrant was copied previously, do not copy it again
         oc = OpenStruct.new(id: registrant_id)
@@ -72,7 +72,11 @@ module Concerns::Domain::Transferable
       else
         dc.update(contact_id: oc.id)
       end
-      copied_ids << contact.id
+      copied_ids << uniq_contact_hash(dc)
     end
   end
+
+  def uniq_contact_hash(contact)
+    Digest::SHA1.hexdigest(contact.contact_id.to_s + contact.type)
+  end
 end

app/models/dns/domain_name.rb

@@ -36,6 +36,7 @@ module DNS
       auction = Auction.new
       auction.domain = name
       auction.start
+      ToStdout.msg "Created the auction: #{auction.inspect}"
       update_whois_from_auction(auction)
     end
 
@@ -100,7 +101,8 @@ module DNS
       whois_record = Whois::Record.find_or_create_by!(name: name) do |record|
         record.json = {}
       end
-
+      ToStdout.msg "Starting to update WHOIS record #{whois_record.inspect}\n\n"\
+                   "from auction #{auction.inspect}"
       whois_record.update_from_auction(auction)
     end
   end

app/models/domain.rb

@@ -10,6 +10,7 @@ class Domain < ApplicationRecord
   include Concerns::Domain::RegistryLockable
   include Concerns::Domain::Releasable
   include Concerns::Domain::Disputable
+  include Concerns::Domain::BulkUpdatable
 
   attr_accessor :roles
 
@@ -78,7 +79,7 @@ class Domain < ApplicationRecord
     true
   end
 
-  after_commit :update_whois_record, unless: -> { domain_name.at_auction? }
+  after_commit :update_whois_record
 
   after_create :update_reserved_domains
   def update_reserved_domains

app/models/epp/domain.rb

@@ -162,6 +162,9 @@ class Epp::Domain < Domain
     at[:admin_domain_contacts_attributes] = admin_domain_contacts_attrs(frame, action)
     at[:tech_domain_contacts_attributes] = tech_domain_contacts_attrs(frame, action)
 
+    check_for_same_contacts(at[:admin_domain_contacts_attributes], 'admin')
+    check_for_same_contacts(at[:tech_domain_contacts_attributes], 'tech')
+
     pw = frame.css('authInfo > pw').text
     at[:transfer_code] = pw if pw.present?
 
@@ -176,6 +179,11 @@ class Epp::Domain < Domain
     at
   end
 
+  def check_for_same_contacts(contacts, contact_type)
+    return unless contacts.uniq.count != contacts.count
+
+    add_epp_error('2306', contact_type, nil, %i[domain_contacts invalid])
+  end
 
   # Adding legal doc to domain and
   # if something goes wrong - raise Rollback error
@@ -312,6 +320,7 @@ class Epp::Domain < Domain
     keys = []
     return keys if frame.blank?
     inf_data = DnsSecKeys.new(frame)
+    add_epp_error('2005', nil, nil, %i[dnskeys invalid]) if not_base64?(inf_data)
 
     if  action == 'rem' &&
         frame.css('rem > all').first.try(:text) == 'true'
@@ -333,6 +342,16 @@ class Epp::Domain < Domain
     errors.any? ? [] : keys
   end
 
+  def not_base64?(inf_data)
+    inf_data.key_data.any? do |key|
+      value = key[:public_key]
+
+      !value.is_a?(String) || Base64.strict_encode64(Base64.strict_decode64(value)) != value
+    end
+  rescue ArgumentError
+    true
+  end
+
   class DnsSecKeys
     def initialize(frame)
       @key_data = []
@@ -381,7 +400,7 @@ class Epp::Domain < Domain
 
     def key_data_from(frame)
       xm_copy frame, KEY_INTERFACE
-   end
+    end
 
     def ds_data_from(frame)
       frame.css('dsData').each do |ds_data|

app/models/tech_domain_contact.rb

@@ -6,7 +6,7 @@ class TechDomainContact < DomainContact
     tech_contacts = where(contact: current_contact)
 
     tech_contacts.each do |tech_contact|
-      if tech_contact.domain.discarded?
+      if tech_contact.domain.bulk_update_prohibited?
         skipped_domains << tech_contact.domain.name
         next
       end
@@ -18,7 +18,6 @@ class TechDomainContact < DomainContact
         skipped_domains << tech_contact.domain.name
       end
     end
-
     [affected_domains.sort, skipped_domains.sort]
   end
 end

app/models/whois/record.rb

@@ -2,23 +2,34 @@ module Whois
   class Record < Whois::Server
     self.table_name = 'whois_records'
 
+    def self.without_auctions
+      ids = Whois::Record.all.select { |record| Auction.where(domain: record.name).blank? }
+                         .pluck(:id)
+      Whois::Record.where(id: ids)
+    end
+
     def self.disclaimer
       Setting.registry_whois_disclaimer
     end
 
+    # rubocop:disable Metrics/AbcSize
     def update_from_auction(auction)
       if auction.started?
         update!(json: { name: auction.domain,
                         status: ['AtAuction'],
                         disclaimer: self.class.disclaimer })
+        ToStdout.msg "Updated from auction WHOIS record #{inspect}"
       elsif auction.no_bids?
+        ToStdout.msg "Destroying WHOIS record #{inspect}"
         destroy!
       elsif auction.awaiting_payment? || auction.payment_received?
         update!(json: { name: auction.domain,
                         status: ['PendingRegistration'],
                         disclaimer: self.class.disclaimer,
                         registration_deadline: auction.whois_deadline })
+        ToStdout.msg "Updated from auction WHOIS record #{inspect}"
       end
     end
+    # rubocop:enable Metrics/AbcSize
   end
 end

app/models/whois_record.rb

@@ -97,7 +97,7 @@ class WhoisRecord < ApplicationRecord
   end
 
   def destroy_whois_record
-    Whois::Record.where(name: name).delete_all
+    Whois::Record.without_auctions.where(name: name).delete_all
   end
 
   private

app/views/admin/domains/_search_form.html.erb

@@ -6,7 +6,7 @@
                 <%= f.search_field :name_matches, value: params[:q][:name_matches], class: 'form-control', placeholder: t(:name) %>
             </div>
         </div>
-        <div class="col-md-3">
+        <div class="col-md-2">
             <div class="form-group">
                 <%= f.label :registrant_ident, for: nil %>
                 <%= f.search_field :registrant_ident_eq, class: 'form-control', placeholder: t(:registrant_ident) %>
@@ -18,7 +18,7 @@
                 <%= f.search_field :contacts_ident_eq, class: 'form-control', placeholder: t(:contact_ident) %>
             </div>
         </div>
-        <div class="col-md-3">
+        <div class="col-md-4">
             <div class="form-group">
                 <%= f.label :nameserver_hostname, for: nil %>
                 <%= f.search_field :nameservers_hostname_eq, class: 'form-control', placeholder: t(:nameserver_hostname) %>
@@ -26,7 +26,7 @@
         </div>
     </div>
     <div class="row">
-        <div class="col-md-6">
+        <div class="col-md-5">
             <div class="form-group">
                 <%= f.label :registrar_name, for: nil %>
                 <%= f.select :registrar_id_eq, Registrar.all.map { |x| [x, x.id] }, { include_blank: true }, class: 'form-control selectize' %>
@@ -38,7 +38,7 @@
                 <%= f.search_field :valid_to_gteq, value: params[:q][:valid_to_gteq], class: 'form-control js-datepicker', placeholder: t(:valid_to_from) %>
             </div>
         </div>
-        <div class="col-md-3">
+        <div class="col-md-4">
             <div class="form-group">
                 <%= f.label :valid_to_until, for: nil %>
                 <%= f.search_field :valid_to_lteq, value: params[:q][:valid_to_lteq], class: 'form-control js-datepicker', placeholder: t(:valid_to_until) %>
@@ -46,7 +46,7 @@
         </div>
     </div>
     <div class="row">
-        <div class="col-md-6">
+        <div class="col-md-5">
             <div class="form-group">
                 <%= label_tag :status, nil, for: nil %>
                 <%= select_tag :statuses_contains, options_for_select(DomainStatus::STATUSES, params[:statuses_contains]), { multiple: true, class: 'form-control js-combobox' } %>
@@ -58,13 +58,17 @@
                 <%= text_field_tag :results_per_page, params[:results_per_page], class: 'form-control', placeholder: t(:results_per_page) %>
             </div>
         </div>
-        <div class="col-md-3 actions">
+        <div class="col-md-4 actions">
             <button class="btn btn-primary">
                 &nbsp;
                 <span class="glyphicon glyphicon-search"></span>
                 &nbsp;
             </button>
+            <%= link_to t('.download_csv_btn'), admin_domains_path(format: :csv, params: params.permit!),
+                        "data-toggle" => "tooltip", "data-placement" => "bottom", "title" => t('.download_csv_btn'),
+                        class: 'btn btn-default' %>
             <%= link_to t('.reset_btn'), admin_domains_path, class: 'btn btn-default' %>
+
         </div>
     </div>
 <% end %>

app/views/admin/repp_logs/show.haml

@@ -1,6 +1,6 @@
 - content_for :actions do
   = link_to(t(:back), :back, class: 'btn btn-primary')
-= render 'shared/title', name: t(:repp_log)
+= render 'shared/title', name: t('.title')
 
 .row
   .col-md-12

config/application.rb

@@ -36,8 +36,10 @@ module DomainNameRegistry
 
     # Autoload all model subdirs
     config.autoload_paths += Dir[Rails.root.join('app', 'models', '**/')]
+    config.autoload_paths += Dir[Rails.root.join('app', 'lib', '**/')]
     config.autoload_paths += Dir[Rails.root.join('app', 'interactions', '**/')]
     config.eager_load_paths << config.root.join('lib', 'validators')
+    config.eager_load_paths << config.root.join('app', 'lib')
     config.watchable_dirs['lib'] = %i[rb]
 
     config.active_record.schema_format = :sql

config/initializers/filter_parameter_logging.rb

@@ -1,9 +1,9 @@
 Rails.application.configure do
   config.filter_parameters += [:password, /^frame$/, /^nokogiri_frame$/, /^parsed_frame$/]
   config.filter_parameters << lambda do |key, value|
-    if key == 'raw_frame'
+    if key == 'raw_frame' && value.respond_to?(:gsub!)
-      value.to_s.gsub!(/pw>.+<\//, 'pw>[FILTERED]</')
+      value.gsub!(/pw>.+<\//, 'pw>[FILTERED]</')
-      value.to_s.gsub!(/<eis:legalDocument([^>]+)>([^<])+<\/eis:legalDocument>/,
+      value.gsub!(/<eis:legalDocument([^>]+)>([^<])+<\/eis:legalDocument>/,
                        "<eis:legalDocument>[FILTERED]</eis:legalDocument>")
     end
   end

config/locales/admin/domains.en.yml

@@ -11,6 +11,7 @@ en:
 
       search_form:
         reset_btn: Reset
+        download_csv_btn: CSV
 
       form:
         pending_delete: &pending_delete

config/locales/admin/repp_logs.en.yml

@@ -4,3 +4,6 @@ en:
       index:
         title: REPP log
         reset_btn: Reset
+      show:
+        title: REPP log
+

test/application_system_test_case.rb

@@ -35,7 +35,6 @@ class JavaScriptApplicationSystemTestCase < ApplicationSystemTestCase
 
   def setup
     DatabaseCleaner.start
-
     super
 
     Capybara.current_driver = :chrome

test/integration/admin_area/account_activities_test.rb

@@ -0,0 +1,39 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaAccountActivitiesIntegrationTest < ApplicationSystemTestCase
+  # /admin/account_activities
+  setup do
+    sign_in users(:admin)
+    @original_default_language = Setting.default_language
+  end
+  
+  def test_show_account_activities_page
+    account_activities(:one).update(sum: "123.00")
+    visit admin_account_activities_path
+    assert_text 'Account activities'
+  end
+
+  def test_default_url_params
+    account_activities(:one).update(sum: "123.00")
+    visit admin_root_path
+    click_link_or_button 'Settings', match: :first
+    find(:xpath, "//ul/li/a[text()='Account activities']").click
+    
+    assert has_current_path?(admin_account_activities_path(created_after: 'today'))
+  end
+
+  def test_download_account_activity
+    now = Time.zone.parse('2010-07-05 08:00')
+    travel_to now
+    account_activities(:one).update(sum: "123.00")
+
+    get admin_account_activities_path(format: :csv)
+
+    assert_response :ok
+    assert_equal "text/csv", response.headers['Content-Type']
+    assert_equal %(attachment; filename="account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"; filename*=UTF-8''account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv),
+                  response.headers['Content-Disposition']
+    assert_not_empty response.body
+  end
+end

test/integration/admin_area/admin_users_test.rb

@@ -0,0 +1,101 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaAdminUsersIntegrationTest < JavaScriptApplicationSystemTestCase
+  include Devise::Test::IntegrationHelpers
+  include ActionView::Helpers::NumberHelper
+
+  setup do
+    WebMock.allow_net_connect!
+    @original_default_language = Setting.default_language
+    sign_in users(:admin)
+  end
+
+  def test_create_new_admin_user
+    createNewAdminUser(true)
+  end
+
+  def test_create_with_invalid_data_new_admin_user
+    createNewAdminUser(false)
+  end
+
+  def test_edit_successfully_exist_record
+    createNewAdminUser(true)
+
+    visit admin_admin_users_path
+    click_on 'test_user_name'
+
+    assert_text 'General'
+    click_on 'Edit'
+
+    fill_in 'Password', with: 'test_password'
+    fill_in 'Password confirmation', with: 'test_password'
+
+    click_on 'Save'
+    assert_text 'Record updated'
+  end
+
+  def test_edit_exist_record_with_invalid_data
+    createNewAdminUser(true)
+
+    visit admin_admin_users_path
+    click_on 'test_user_name'
+
+    assert_text 'General'
+    click_on 'Edit'
+
+    fill_in 'Password', with: 'test_password'
+    fill_in 'Password confirmation', with: 'test_password2'
+
+    click_on 'Save'
+    assert_text 'Failed to update record'
+  end
+
+  def test_delete_exist_record
+    createNewAdminUser(true)
+
+    visit admin_admin_users_path
+    click_on 'test_user_name'
+    assert_text 'General'
+    click_on 'Delete'
+
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Record deleted'
+  end
+
+  private
+
+  def createNewAdminUser(valid)
+    visit admin_admin_users_path
+    click_on 'New admin user'
+
+    fill_in 'Username', with: 'test_user_name'
+    # If valid=true creating valid user, if else, then with invalid data
+    if valid
+      fill_in 'Password', with: 'test_password'
+      fill_in 'Password confirmation', with: 'test_password'
+    else
+      fill_in 'Password', with: 'test_password'
+      fill_in 'Password confirmation', with: 'test_password2'
+    end
+    fill_in 'Identity code', with: '38903110313'
+    fill_in 'Email', with: 'oleg@tester.ee'
+
+    select 'Estonia', from: 'admin_user_country_code', match: :first
+
+    select_element = find(:xpath, "/html/body/div[2]/form/div[2]/div/div[7]/div[2]/div/div[1]")
+    select_element.click
+
+    option_element = find(:xpath, "/html/body/div[2]/form/div[2]/div/div[7]/div[2]/div/div[2]/div/div[1]")
+    option_element.click
+
+    click_on 'Save'
+
+    if valid
+      assert_text 'Record created'
+    else
+      assert_text 'Failed to create record'
+    end
+  end
+end

test/integration/admin_area/blocked_domains_test.rb

@@ -0,0 +1,68 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+
+# /admin/blocked_domains
+class AdminAreaBlockedDomainsIntegrationTest < JavaScriptApplicationSystemTestCase  
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+    @domain = domains(:shop)
+    @blocked_domain = blocked_domains(:one)
+  end
+
+  def test_page_successfully_loaded
+    visit_admin_blocked_domains_path
+  end
+
+  def test_add_into_blocked_list
+    visit_admin_blocked_domains_path
+    add_domain_into_blocked_list(true)
+  end
+
+  def test_add_into_blocked_list_same_domain
+    visit_admin_blocked_domains_path
+    add_domain_into_blocked_list(true)
+    add_domain_into_blocked_list(false)
+  end
+
+  def test_delete_domain_from_blocked_list
+    visit_admin_blocked_domains_path
+    add_domain_into_blocked_list(true)
+
+    click_link_or_button 'Delete', match: :first
+
+     # Accept to delete in modal window
+     page.driver.browser.switch_to.alert.accept
+
+     assert_text 'Domain deleted!'
+  end
+
+  def test_find_blocked_domain_from_blocked_list
+    visit_admin_blocked_domains_path
+    add_domain_into_blocked_list(true)
+
+    fill_in 'Name', with: @domain.name
+    find(:xpath, "//span[@class='glyphicon glyphicon-search']").click
+
+    assert_text @domain.name
+  end
+
+  private
+
+  def visit_admin_blocked_domains_path
+    visit admin_blocked_domains_path
+    assert_text 'Blocked domains'
+  end
+
+  def add_domain_into_blocked_list(value)
+    click_on 'New blocked domain'
+    assert_text 'Add domain to blocked list'
+
+    fill_in 'Name', with: @domain.name
+    click_on 'Save'
+
+    return assert_text 'Domain added!' if value
+    return assert_text 'Failed to add domain!'
+  end
+end

test/integration/admin_area/certificates_test.rb

@@ -0,0 +1,71 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaCertificatesIntegrationTest < JavaScriptApplicationSystemTestCase
+
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+
+    @apiuser = users(:api_bestnames)
+    @certificate = certificates(:api)
+    @certificate.update!(csr: "-----BEGIN CERTIFICATE REQUEST-----\nMIICszCCAZsCAQAwbjELMAkGA1UEBhMCRUUxFDASBgNVBAMMC2ZyZXNoYm94LmVl\nMRAwDgYDVQQHDAdUYWxsaW5uMREwDwYDVQQKDAhGcmVzaGJveDERMA8GA1UECAwI\nSGFyanVtYWExETAPBgNVBAsMCEZyZXNoYm94MIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEA1VVESynZoZhIbe8s9zHkELZ/ZDCGiM2Q8IIGb1IOieT5U2mx\nIsVXz85USYsSQY9+4YdEXnupq9fShArT8pstS/VN6BnxdfAiYXc3UWWAuaYAdNGJ\nDr5Jf6uMt1wVnCgoDL7eJq9tWMwARC/viT81o92fgqHFHW0wEolfCmnpik9o0ACD\nFiWZ9IBIevmFqXtq25v9CY2cT9+eZW127WtJmOY/PKJhzh0QaEYHqXTHWOLZWpnp\nHH4elyJ2CrFulOZbHPkPNB9Nf4XQjzk1ffoH6e5IVys2VV5xwcTkF0jY5XTROVxX\nlR2FWqic8Q2pIhSks48+J6o1GtXGnTxv94lSDwIDAQABoAAwDQYJKoZIhvcNAQEL\nBQADggEBAEFcYmQvcAC8773eRTWBJJNoA4kRgoXDMYiiEHih5iJPVSxfidRwYDTF\nsP+ttNTUg3JocFHY75kuM9T2USh+gu/trRF0o4WWa+AbK3JbbdjdT1xOMn7XtfUU\nZ/f1XCS9YdHQFCA6nk4Z+TLWwYsgk7n490AQOiB213fa1UIe83qIfw/3GRqRUZ7U\nwIWEGsHED5WT69GyxjyKHcqGoV7uFnqFN0sQVKVTy/NFRVQvtBUspCbsOirdDRie\nAB2KbGHL+t1QrRF10szwCJDyk5aYlVhxvdI8zn010nrxHkiyQpDFFldDMLJl10BW\n2w9PGO061z+tntdRcKQGuEpnIr9U5Vs=\n-----END CERTIFICATE REQUEST-----\n")
+  end
+
+  def test_show_certificate_info
+    show_certificate_info
+  end
+
+  def test_destroy_certificate
+    show_certificate_info
+    find(:xpath, "//a[text()='Delete']").click
+
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Record deleted'        
+  end
+
+  def test_download_csr
+    get download_csr_admin_api_user_certificate_path(api_user_id: @apiuser.id, id: @certificate.id)
+
+    assert_response :ok
+    assert_equal 'application/octet-stream', response.headers['Content-Type']
+    assert_equal "attachment; filename=\"test_bestnames.csr.pem\"; filename*=UTF-8''test_bestnames.csr.pem", response.headers['Content-Disposition']
+    assert_not_empty response.body
+  end
+
+  def test_download_crt
+    get download_crt_admin_api_user_certificate_path(api_user_id: @apiuser.id, id: @certificate.id)
+
+    assert_response :ok
+    assert_equal 'application/octet-stream', response.headers['Content-Type']
+    assert_equal "attachment; filename=\"test_bestnames.crt.pem\"; filename*=UTF-8''test_bestnames.crt.pem", response.headers['Content-Disposition']
+    assert_not_empty response.body
+  end
+
+  def test_failed_to_revoke_certificate
+    show_certificate_info
+
+    find(:xpath, "//a[text()='Revoke this certificate']").click
+    assert_text 'Failed to update record'
+  end
+
+  def test_new_api_user
+    visit new_admin_registrar_api_user_path(registrar_id: registrars(:bestnames).id)
+
+    fill_in 'Username', with: 'testapiuser'
+    fill_in 'Password', with: 'secretpassword'
+    fill_in 'Identity code', with: '60305062718'
+
+    click_on 'Create API user'
+
+    assert_text 'API user has been successfully created'
+  end
+
+  private
+
+  def show_certificate_info
+    visit admin_api_user_certificate_path(api_user_id: @apiuser.id, id: @certificate.id)
+    assert_text 'Certificates'
+  end
+end

test/integration/admin_area/epp_logs_test.rb

@@ -0,0 +1,52 @@
+# admin_epp_logs_path
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminEppLogsIntegrationTest < ApplicationSystemTestCase
+  setup do
+    sign_in users(:admin)
+  end
+
+  def test_visit_epp_logs_page
+    visit admin_epp_logs_path
+    assert_text 'EPP log'
+  end
+
+  def test_show_epp_log_page
+    visit admin_epp_logs_path
+    send_epp_request_hello
+    visit admin_epp_logs_path
+      
+    find(:xpath, "//tbody/tr/td/a", match: :first).click
+    assert_text 'Details'
+  end
+
+  def test_dates_sort
+    Capybara.exact = true
+    visit admin_epp_logs_path
+    send_epp_request_hello
+    visit admin_epp_logs_path
+
+    find(:xpath, "//a[contains(text(), 'Created at')]", match: :first).click
+    find(:xpath, "//a[contains(text(), 'Created at')]", match: :first).click
+
+    epp_log_date = find(:xpath, "//table/tbody/tr/td[6]", match: :first).text(:all)
+    date_now = Date.today.to_s(:db)
+
+    assert_match /#{date_now}/, epp_log_date
+  end    
+
+  private
+
+  def send_epp_request_hello
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <hello/>
+      </epp>
+      XML
+
+    get epp_hello_path, params: { frame: request_xml },
+        headers: { 'HTTP_COOKIE' => 'session=non-existent' }
+  end
+end

test/integration/admin_area/invoices_test.rb

@@ -6,6 +6,27 @@ class AdminAreaInvoicesIntegrationTest < ApplicationIntegrationTest
     sign_in users(:admin)
   end
 
+  def test_create_new_invoice
+    visit new_admin_invoice_path
+
+    assert_text 'Create new invoice'
+    select 'Best Names', from: 'deposit_registrar_id', match: :first
+    fill_in 'Amount', with: '1000'
+    click_on 'Save'
+
+    assert_equal page.status_code, 200
+  end
+
+  def test_visit_list_of_invoices_pages
+    visit admin_invoices_path
+    assert_text 'Invoices'
+  end
+
+  def test_visit_invoice_page
+    visit admin_invoices_path(id: @invoice.id)
+    assert_text "Invoice no. #{@invoice.number}"
+  end
+
   def test_downloads_invoice
     assert_equal 1, @invoice.number
 

test/integration/admin_area/pending_delete_test.rb

@@ -0,0 +1,60 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaPendingDeleteIntegrationTest < JavaScriptApplicationSystemTestCase
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+
+    @domain = domains(:shop)
+    @token = '123456'
+
+    @domain.update!(statuses: [DomainStatus::PENDING_DELETE_CONFIRMATION],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: @token)
+  end
+
+  def test_accept_pending_delete
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Accept'
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Pending was successfully applied.'
+  end
+
+  def test_accept_pending_delete_no_success
+    @domain.update!(statuses: [DomainStatus::PENDING_DELETE_CONFIRMATION],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: nil)
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Accept'
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Not success'
+  end
+
+  def test_reject_panding_delete
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Reject'
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Pending was successfully removed.'
+  end
+
+  def test_accept_pending_delete_no_success
+    @domain.update!(statuses: [DomainStatus::PENDING_DELETE_CONFIRMATION],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: nil)
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Reject'
+    page.driver.browser.switch_to.alert.accept
+    
+    assert_text 'Not success'
+  end
+end

test/integration/admin_area/pending_update_test.rb

@@ -0,0 +1,96 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaPendingUpdateIntegrationTest < JavaScriptApplicationSystemTestCase
+
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+
+    @domain = domains(:hospital)
+
+    @new_registrant = contacts(:jack)
+    @user = users(:api_bestnames)
+    @token = '123456'
+
+    @domain.update!(statuses: [DomainStatus::PENDING_UPDATE],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: @token)
+  end
+
+  def test_accept_pending_update
+    pending_json = { new_registrant_id: @new_registrant.id,
+                    new_registrant_name: @new_registrant.name,
+                    new_registrant_email: @new_registrant.email,
+                    current_user_id: @user.id }
+
+    @domain.update(pending_json: pending_json)
+    @domain.reload
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Accept'
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Pending was successfully applied.'
+  end
+
+  def test_accept_pending_update_no_success
+    @domain.update!(statuses: [DomainStatus::PENDING_UPDATE],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: nil)
+
+    pending_json = { new_registrant_id: @new_registrant.id,
+                    new_registrant_name: @new_registrant.name,
+                    new_registrant_email: @new_registrant.email,
+                    current_user_id: @user.id,
+                      }
+
+    @domain.update(pending_json: pending_json)
+    @domain.reload
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Accept'
+    page.driver.browser.switch_to.alert.accept
+    assert_text 'Not success'
+  end
+
+  def test_reject_panding_update
+    pending_json = { new_registrant_id: @new_registrant.id,
+    new_registrant_name: @new_registrant.name,
+    new_registrant_email: @new_registrant.email,
+    current_user_id: @user.id,
+      }
+
+    @domain.update(pending_json: pending_json)
+    @domain.reload
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Reject'
+    page.driver.browser.switch_to.alert.accept
+    assert_text 'Pending was successfully removed.'
+  end
+
+  def test_accept_pending_update_no_success
+    @domain.update!(statuses: [DomainStatus::PENDING_UPDATE],
+    registrant_verification_asked_at: Time.zone.now - 1.day,
+    registrant_verification_token: nil)
+
+    pending_json = { new_registrant_id: @new_registrant.id,
+                    new_registrant_name: @new_registrant.name,
+                    new_registrant_email: @new_registrant.email,
+                    current_user_id: @user.id,
+                      }
+
+    @domain.update(pending_json: pending_json)
+    @domain.reload
+
+    visit edit_admin_domain_path(id: @domain.id)
+
+    click_on 'Reject'
+    page.driver.browser.switch_to.alert.accept
+    assert_text 'Not success'
+  end
+end

test/integration/admin_area/registrars_test.rb

@@ -17,4 +17,4 @@ class AdminAreaRegistrarsIntegrationTest < ActionDispatch::IntegrationTest
 
     assert_equal new_iban, @registrar.iban
   end
-end
+end

test/integration/admin_area/repp_logs_test.rb

@@ -0,0 +1,23 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaReppLogsIntegrationTest < ApplicationSystemTestCase
+  setup do
+    sign_in users(:admin)
+  end
+
+  def test_repp_logs_page
+    visit admin_repp_logs_path
+    assert_text 'REPP log'
+  end
+
+  def test_show_repp_log_page
+    visit admin_repp_logs_path
+    get repp_v1_contacts_path
+    visit admin_repp_logs_path
+    
+    find(:xpath, "//tbody/tr/td/a", match: :first).click
+
+    assert_text 'REPP log'
+  end
+end

test/integration/admin_area/reserved_domains_test.rb

@@ -0,0 +1,39 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaReservedDomainsIntegrationTest < JavaScriptApplicationSystemTestCase
+
+  setup do
+    WebMock.allow_net_connect!
+    @original_default_language = Setting.default_language
+    sign_in users(:admin)
+
+    @reserved_domain = reserved_domains(:one)
+  end
+
+  def test_remove_reserved_domain
+    visit admin_reserved_domains_path  
+    click_link_or_button 'Delete', match: :first
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Domain deleted!'
+  end
+
+  def test_add_invalid_domain
+    visit admin_reserved_domains_path
+    click_on 'New reserved domain'
+    fill_in "Name", with: "@##@$"
+    click_on 'Save'
+
+    assert_text 'Failed to add domain!'
+  end
+
+  def test_update_reserved_domain
+    visit admin_reserved_domains_path
+    click_link_or_button 'Edit Pw', match: :first
+    fill_in 'Password', with: '12345678'
+    click_on 'Save'
+
+    assert_text 'Domain updated!'
+  end
+end

test/integration/admin_area/white_ips_test.rb

@@ -0,0 +1,94 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaWhiteIpsIntegrationTest < JavaScriptApplicationSystemTestCase
+
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+
+    @registrar = registrars(:bestnames)
+    @white_ip = white_ips(:one)
+  end
+
+  def test_visit_new_whitelisted_ip_page
+    visit_new_whitelisted_ip_page
+  end
+
+  def test_create_new_whitelisted_ip
+    visit_new_whitelisted_ip_page
+    fill_in 'IPv4', with: "127.0.0.1"
+    fill_in 'IPv6', with: "::ffff:192.0.2.1"
+
+    find(:css, "#white_ip_interfaces_api").set(true)
+    find(:css, "#white_ip_interfaces_registrar").set(true)
+
+    click_on 'Save'
+
+    assert_text 'Record created'
+  end
+
+  def test_failed_to_create_new_whitelisted_ip
+    visit_new_whitelisted_ip_page
+    fill_in 'IPv4', with: "asdadadad.asd"
+
+    click_on 'Save'
+
+    assert_text 'Failed to create record'
+  end
+
+  def test_visit_edit_whitelisted_ip_page
+    visit_edit_whitelisted_ip_page
+  end
+
+  def test_update_whitelisted_ip
+    visit_info_whitelisted_ip_page
+    click_on 'Edit'
+
+    fill_in 'IPv4', with: "127.0.0.2"
+    find(:css, "#white_ip_interfaces_api").set(false)
+    click_on 'Save'
+
+    assert_text 'Record updated'
+  end
+
+  def test_failed_to_update_whitelisted_ip
+    visit_info_whitelisted_ip_page
+    click_on 'Edit'
+    fill_in 'IPv4', with: "asdadad#"
+
+    click_on 'Save'
+
+    assert_text 'Failed to update record'
+  end
+
+  def test_visit_info_whitelisted_ip_page
+    visit_info_whitelisted_ip_page
+  end
+
+  def test_delete_whitelisted_ip
+    visit_info_whitelisted_ip_page
+    click_on 'Delete'
+
+    page.driver.browser.switch_to.alert.accept
+
+    assert_text 'Record deleted'
+  end
+
+  private
+
+  def visit_new_whitelisted_ip_page
+    visit new_admin_registrar_white_ip_path(registrar_id: @registrar.id)
+    assert_text 'New whitelisted IP'
+  end
+
+  def visit_edit_whitelisted_ip_page
+    visit edit_admin_registrar_white_ip_path(registrar_id: @registrar.id, id: @white_ip.id)
+    assert_text 'Edit white IP'
+  end
+
+  def visit_info_whitelisted_ip_page
+    visit admin_registrar_white_ip_path(registrar_id: @registrar.id, id: @white_ip.id)
+    assert_text 'White IP'
+  end
+end

test/integration/api/v1/registrant/contacts/list_test.rb

@@ -1,5 +1,6 @@
 require 'test_helper'
 require 'auth_token/auth_token_creator'
+require 'json'
 
 CompanyRegisterClientStub = Struct.new(:any_method) do
   def representation_rights(citizen_personal_code:, citizen_country_code:)
@@ -55,6 +56,42 @@ class RegistrantApiV1ContactListTest < ActionDispatch::IntegrationTest
     assert_equal '1234', response_json.first[:ident][:code]
   end
 
+  def test_out_of_range_limit
+    get api_v1_registrant_contacts_path + "?limit=300", as: :json, headers: { 'HTTP_AUTHORIZATION' => auth_token }
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    text_response = JSON.pretty_generate(response_json[:errors][0][:limit][0])
+
+    assert_equal text_response, '"parameter is out of range"'
+  end
+
+  def test_negative_offset
+    get api_v1_registrant_contacts_path + "?offset=-300", as: :json, headers: { 'HTTP_AUTHORIZATION' => auth_token }
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    text_response = JSON.pretty_generate(response_json[:errors][0][:offset][0])
+
+    assert_equal text_response, '"parameter is out of range"'
+  end
+
+  def test_show_valid_contact
+    get api_v1_registrant_contacts_path + "/eb2f2766-b44c-4e14-9f16-32ab1a7cb957", as: :json, headers: { 'HTTP_AUTHORIZATION' => auth_token }
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    text_response = response_json[:name]
+
+    assert_equal @contact[:name], text_response
+  end
+
+  def test_show_invalid_contact
+    get api_v1_registrant_contacts_path + "/435", as: :json, headers: { 'HTTP_AUTHORIZATION' => auth_token }
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    text_response = response_json[:errors][0][:base][0]
+
+    assert_equal text_response, 'Contact not found'
+  end
+
   private
 
   def delete_direct_contact

test/integration/api/v1/registrant/contacts/update_test.rb

@@ -4,11 +4,12 @@ require 'auth_token/auth_token_creator'
 class RegistrantApiV1ContactUpdateTest < ActionDispatch::IntegrationTest
   setup do
     @contact = contacts(:john)
+    @contact_org = contacts(:acme_ltd)
 
     @original_address_processing = Setting.address_processing
     @original_fax_enabled_setting = ENV['fax_enabled']
-
     @user = users(:registrant)
+    
   end
 
   teardown do
@@ -90,6 +91,32 @@ class RegistrantApiV1ContactUpdateTest < ActionDispatch::IntegrationTest
                  @contact.address
   end
 
+  def test_update_address_when_enabled_without_address_params
+    Setting.address_processing = true
+
+    patch api_v1_registrant_contact_path(@contact.uuid), params: { address: { } },
+          as: :json,
+          headers: { 'HTTP_AUTHORIZATION' => auth_token }
+
+    assert_response :bad_request
+    @contact.reload
+    assert_equal Contact::Address.new(nil, nil, nil, nil, nil),
+                 @contact.address
+  end
+
+  def test_update_address_when_enabled_without_address_params
+    Setting.address_processing = true
+
+    patch api_v1_registrant_contact_path(@contact.uuid), params: { },
+          as: :json,
+          headers: { 'HTTP_AUTHORIZATION' => auth_token }
+
+    assert_response :bad_request
+    @contact.reload
+    assert_equal Contact::Address.new(nil, nil, nil, nil, nil),
+                 @contact.address
+  end
+
   def test_address_is_optional_when_enabled
     Setting.address_processing = true
     @contact.update!(street: 'any', zip: 'any', city: 'any', state: 'any', country_code: 'US')
@@ -211,6 +238,21 @@ class RegistrantApiV1ContactUpdateTest < ActionDispatch::IntegrationTest
                                                                               symbolize_names: true)
   end
 
+  def test_org_disclosed_attributes
+    patch api_v1_registrant_contact_path(@contact_org.uuid), params: { disclosed_attributes: ["some_attr"]  },
+          as: :json,
+          headers: { 'HTTP_AUTHORIZATION' => auth_token }
+
+    assert_response :bad_request
+    
+    err_msg = "Legal person's data is visible by default and cannot be concealed. Please remove this parameter."
+    
+    response_json = JSON.parse(response.body, symbolize_names: true)
+    response_msg = response_json[:errors][0][:disclosed_attributes][0]
+
+    assert_equal err_msg, response_msg
+  end
+
   def test_unmanaged_contact_cannot_be_updated
     assert_equal 'US-1234', @user.registrant_ident
     @contact.update!(ident: '12345')

test/integration/epp/domain/create/base_test.rb

@@ -2,6 +2,51 @@ require 'test_helper'
 
 class EppDomainCreateBaseTest < EppTestCase
 
+  def test_illegal_chars_in_dns_key
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+
+    pub_key = "AwEAAddt2AkLf\n
+    \n
+    YGKgiEZB5SmIF8E\n
+    vrjxNMH6HtxW\rEA4RJ9Ao6LCWheg8"
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+            </domain:create>
+          </create>
+          <extension>
+          <secDNS:create xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1">
+          <secDNS:keyData>
+            <secDNS:flags>257</secDNS:flags>
+            <secDNS:protocol>3</secDNS:protocol>
+            <secDNS:alg>8</secDNS:alg>
+            <secDNS:pubKey>#{pub_key}</secDNS:pubKey>
+          </secDNS:keyData>
+        </secDNS:create>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_syntax_error
+  end
+
+
   def test_not_registers_domain_without_legaldoc
     now = Time.zone.parse('2010-07-05')
     travel_to now
@@ -31,6 +76,230 @@ class EppDomainCreateBaseTest < EppTestCase
     assert_epp_response :required_parameter_missing
   end
 
+  def test_create_domain_with_unique_contact
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contacts(:jane).code}</domain:contact>
+              <domain:contact type="tech">#{contacts(:william).code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+    assert_epp_response :completed_successfully
+  end
+
+
+  def test_create_domain_with_array_of_not_unique_admins_and_techs
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_policy_error
+  end
+
+  def test_create_domain_with_array_of_not_unique_admins
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_policy_error
+  end
+
+  def test_create_domain_with_array_of_not_unique_techs
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_policy_error
+  end
+
+  def test_create_domain_with_array_of_not_unique_admin_but_tech_another_one
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+    contact_two = contacts(:william)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="admin">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact_two.code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+          headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_policy_error
+  end
+
+  def test_create_domain_with_array_of_not_unique_techs_but_admin_another_one
+    now = Time.zone.parse('2010-07-05')
+    travel_to now
+    name = "new.#{dns_zones(:one).origin}"
+    contact = contacts(:john)
+    registrant = contact.becomes(Registrant)
+    contact_two = contacts(:william)
+
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <create>
+            <domain:create xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{name}</domain:name>
+              <domain:registrant>#{registrant.code}</domain:registrant>
+              <domain:contact type="admin">#{contact_two.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+              <domain:contact type="tech">#{contact.code}</domain:contact>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+          headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+
+    assert_epp_response :parameter_value_policy_error
+  end
+
   def test_registers_new_domain_with_required_attributes
     now = Time.zone.parse('2010-07-05')
     travel_to now

test/integration/epp/domain/transfer/request_test.rb

@@ -3,6 +3,7 @@ require 'test_helper'
 class EppDomainTransferRequestTest < EppTestCase
   def setup
     @domain = domains(:shop)
+    @contact = contacts(:jane)
     @new_registrar = registrars(:goodnames)
     @original_transfer_wait_time = Setting.transfer_wait_time
     Setting.transfer_wait_time = 0
@@ -12,6 +13,95 @@ class EppDomainTransferRequestTest < EppTestCase
     Setting.transfer_wait_time = @original_transfer_wait_time
   end
 
+  def test_transfer_domain_with_contacts_if_registrant_and_tech_are_shared
+    @domain.tech_domain_contacts[0].update!(contact_id: @domain.registrant.id)
+
+    @domain.tech_domain_contacts[1].delete
+    @domain.reload
+
+    post epp_transfer_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_goodnames' }
+
+    assert_epp_response :completed_successfully
+    
+    @domain.reload
+
+    tech = Contact.find_by(id: @domain.tech_domain_contacts[0].contact_id)
+
+    assert_equal @domain.contacts.where(original_id: @domain.registrant.original_id).count, 1
+    assert_equal tech.registrar_id, @domain.registrar.id
+  end
+
+  def test_transfer_domain_with_contacts_if_registrant_and_admin_are_shared
+    @domain.admin_domain_contacts[0].update!(contact_id: @domain.registrant.id)
+    @domain.tech_domain_contacts[0].update!(contact_id: @contact.id)
+    
+    @domain.tech_domain_contacts[1].delete
+    @domain.reload
+
+    post epp_transfer_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_goodnames' }
+
+    assert_epp_response :completed_successfully
+    
+    @domain.reload
+
+    admin = Contact.find_by(id: @domain.admin_domain_contacts[0].contact_id)
+
+    assert_equal @domain.contacts.where(original_id: @domain.registrant.original_id).count, 1
+    assert_equal admin.registrar_id, @domain.registrar.id
+  end
+
+  def test_transfer_domain_with_contacts_if_admin_and_tech_are_shared
+    @domain.admin_domain_contacts[0].update!(contact_id: @contact.id)
+    @domain.tech_domain_contacts[0].update!(contact_id: @contact.id)
+
+    @domain.tech_domain_contacts[1].delete
+    @domain.reload
+
+    post epp_transfer_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_goodnames' }
+
+    assert_epp_response :completed_successfully
+
+    @domain.reload
+
+    admin = Contact.find_by(id: @domain.admin_domain_contacts[0].contact_id)
+    tech = Contact.find_by(id: @domain.tech_domain_contacts[0].contact_id)
+
+    result_hash = @domain.contacts.pluck(:original_id).group_by(&:itself).transform_values(&:count)
+    assert result_hash[admin.original_id], 2
+
+    assert_equal admin.registrar_id, @domain.registrar.id
+    assert_equal tech.registrar_id, @domain.registrar.id
+  end
+
+  def test_transfer_domain_with_contacts_if_admin_and_tech_and_registrant_are_shared
+    @domain.tech_domain_contacts[0].update!(contact_id: @domain.registrant.id)
+    @domain.admin_domain_contacts[0].update!(contact_id: @domain.registrant.id)
+
+    @domain.tech_domain_contacts[1].delete
+    @domain.reload
+
+    post epp_transfer_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_goodnames' }
+
+    assert_epp_response :completed_successfully
+
+    @domain.reload
+
+    admin = Contact.find_by(id: @domain.admin_domain_contacts[0].contact_id)
+    tech = Contact.find_by(id: @domain.tech_domain_contacts[0].contact_id)
+
+    assert_equal @domain.contacts.where(original_id: @domain.registrant.original_id).count, 2
+
+    result_hash = @domain.contacts.pluck(:original_id).group_by(&:itself).transform_values(&:count)
+    assert result_hash[@domain.registrant.original_id], 2
+
+    assert_equal admin.registrar_id, @domain.registrar.id
+    assert_equal tech.registrar_id, @domain.registrar.id
+  end
+
   def test_transfers_domain_at_once
     post epp_transfer_path, params: { frame: request_xml },
          headers: { 'HTTP_COOKIE' => 'session=api_goodnames' }

test/models/domain/releasable/auctionable_test.rb

@@ -25,6 +25,7 @@ class DomainReleasableAuctionableTest < ActiveSupport::TestCase
   def test_skips_auction_when_domains_is_blocked
     assert_equal 'shop.test', @domain.name
     blocked_domains(:one).update!(name: 'shop.test')
+    @domain.save!(validate: false)
 
     @domain.release
 
@@ -34,6 +35,7 @@ class DomainReleasableAuctionableTest < ActiveSupport::TestCase
   def test_skips_auction_when_domains_is_reserved
     assert_equal 'shop.test', @domain.name
     reserved_domains(:one).update!(name: 'shop.test')
+    @domain.save!(validate: false)
 
     @domain.release
 
@@ -58,6 +60,24 @@ class DomainReleasableAuctionableTest < ActiveSupport::TestCase
     end
   end
 
+  def test_updates_whois_server
+    @domain.update!(delete_date: '2010-07-04')
+    travel_to Time.zone.parse('2010-07-05')
+    old_whois = @domain.whois_record
+
+    Domain.release_domains
+
+    assert_raises ActiveRecord::RecordNotFound do
+      old_whois.reload
+    end
+
+    whois_record = Whois::Record.find_by(name: @domain.name)
+    json = { "name"=>@domain.name,
+             "status"=>["AtAuction"],
+             "disclaimer"=> Setting.registry_whois_disclaimer }
+    assert_equal whois_record.json, json
+  end
+
   def test_notifies_registrar
     @domain.update!(delete_date: '2010-07-04')
     travel_to Time.zone.parse('2010-07-05')

test/models/domain_test.rb

@@ -69,6 +69,12 @@ class DomainTest < ActiveSupport::TestCase
 
     domain.name = 'xn--mnchen-3ya.test'
     assert domain.valid?
+
+    domain.name = '####'
+    assert domain.invalid?
+
+    domain.name = 'https://example.test'
+    assert domain.invalid?
   end
 
   def test_invalid_when_name_is_already_taken

test/system/admin_area/bank_statement_test.rb

@@ -4,6 +4,35 @@ class AdminAreaBankStatementTest < ApplicationSystemTestCase
   setup do
     sign_in users(:admin)
     travel_to Time.zone.parse('2010-07-05 00:30:00')
+
+    @invoice = invoices(:one)
+  end
+
+  def test_update_bank_statement
+    visit admin_bank_statement_path(id: @invoice.id)
+    
+    click_link_or_button 'Add'
+
+    fill_in 'Description', with: 'Invoice with id 123'
+    fill_in 'Reference number', with: '1232'
+    fill_in 'Sum', with: '500'
+    fill_in 'Paid at', with: Time.zone.today.to_s
+
+    click_link_or_button 'Save'
+    assert_text 'Bank transaction'
+
+    click_link_or_button 'Edit'
+    fill_in 'Description', with: 'Invoice with id 123'
+    click_link_or_button 'Save'
+
+    assert_text 'Record updated'
+  end
+
+  def test_bind_bank
+    visit admin_bank_statement_path(id: @invoice.id)
+    click_link_or_button 'Bind invoices'
+
+    assert_text 'No invoices were binded'
   end
 
   def test_can_create_statement_manually

test/system/admin_area/contacts_test.rb

@@ -8,6 +8,17 @@ class AdminContactsTest < ApplicationSystemTestCase
     sign_in users(:admin)
   end
 
+  def test_update_contact
+    visit admin_contact_path(id: @contact.id)
+    assert_text "#{@contact.name}"
+
+    click_on 'Edit statuses'
+    assert_text "Edit: #{@contact.name}"
+
+    click_on 'Save'
+    assert_text 'Contact updated'
+  end
+
   def test_display_list
     visit admin_contacts_path
 

test/system/admin_area/domains/csv_test.rb

@@ -0,0 +1,18 @@
+require 'application_system_test_case'
+
+class AdminAreaCsvTest < ApplicationSystemTestCase
+  setup do
+    sign_in users(:admin)
+  end
+
+  def test_downloads_domain_list_as_csv
+    search_params = {"valid_to_lteq"=>nil}
+    expected_csv = Domain.includes(:registrar, :registrant).search(search_params).result.to_csv
+
+    travel_to Time.zone.parse('2010-07-05 10:30')
+    visit admin_domains_url
+    click_link('CSV')
+    assert_equal "attachment; filename=\"domains.csv\"; filename*=UTF-8''domains.csv", response_headers['Content-Disposition']
+    assert_equal expected_csv, page.body
+  end
+end

test/system/admin_area/domains/legal_doc_test.rb

@@ -15,7 +15,7 @@ class AdminAreaDomainsLegalDocTest < ApplicationSystemTestCase
   def test_absent_doc_downloading_without_errors
     visit admin_domain_url(@domain)
     assert_nothing_raised do
-      click_on "#{@document.created_at}"
+      click_on "#{@document.created_at}", match: :first
     end
   end
 end

test/system/admin_area/invoices_test.rb

@@ -40,4 +40,4 @@ class AdminAreaInvoicesTest < ApplicationSystemTestCase
     assert_current_path admin_invoice_path(@invoice)
     assert_text 'Invoice has been sent'
   end
-end
+end

test/system/admin_area/protected_area_test.rb

@@ -19,4 +19,4 @@ class AdminAreaProtectedAreaTest < ApplicationSystemTestCase
     assert_text 'You are already signed in'
     assert_current_path admin_domains_path
   end
-end
+end

test/system/registrar_area/account_activities_test.rb

@@ -0,0 +1,28 @@
+require 'application_system_test_case'
+
+class RegistrarAccountActivitiesTest < ApplicationSystemTestCase
+  setup do
+    @registrar = registrars(:bestnames)
+    sign_in users(:api_bestnames)
+  end
+
+  def test_show_account_activity_page
+    account_activities(:one).update(sum: "123.00")
+    visit registrar_account_activities_path
+    assert_text 'Account activity'
+  end
+
+  def test_download_account_activity
+    now = Time.zone.parse('2010-07-05 08:00')
+    travel_to now
+    account_activities(:one).update(sum: "123.00")
+
+    get registrar_account_activities_path(format: :csv)
+
+    assert_response :ok
+    assert_equal "text/csv", response.headers['Content-Type']
+    assert_equal %(attachment; filename="account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv"; filename*=UTF-8''account_activities_#{Time.zone.now.to_formatted_s(:number)}.csv),
+                 response.headers['Content-Disposition']
+    assert_not_empty response.body
+  end
+end