zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-11 07:04:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

added dnskey update prohibited status

Browse source
This commit is contained in:
Oleg Hasjanov 2021-09-07 12:22:12 +03:00
parent c771902780
commit 9bffb09e34
5 changed files with 238 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

43
app/controllers/epp/domains_controller.rb
View file

@ -162,9 +162,52 @@ module Epp
@prefix = 'update > update >'
requires 'name'
dnskey_update_enabled
dnkey_update_prohibited
status_editing_disabled
end
def parsed_response_for_dnskey(value)
doc = Nokogiri::Slop params[:parsed_frame].css(value).to_html
return true if doc.document.children.empty?
store = []
doc.document.add.children.each_with_index do |x, i|
store << doc.document.add.children[i].name
end
return true if store.size == 1 and store[0] == "keyData"
store.empty?
end
def dnskey_update_enabled
find_domain
if @domain.dnskey_update_enabled? && !params[:parsed_frame].css('update').empty?
return if parsed_response_for_dnskey('add')
return if parsed_response_for_dnskey('rem')
return epp_errors.add(:epp_errors,
code: '2304',
msg: "#{I18n.t(:object_status_prohibits_operation)}
:serverDnskeyUpdateEnabled")
end
end
def dnkey_update_prohibited
find_domain
if @domain.extension_update_prohibited? && !params[:parsed_frame].css('keyData').empty?
return epp_errors.add(:epp_errors,
code: '2304',
msg: "#{I18n.t(:object_status_prohibits_operation)}
:serverExtensionUpdateProhibited")
end
end
def validate_delete
@prefix = 'delete > delete >'
requires 'name'

8
app/models/domain.rb
View file

@ -220,6 +220,14 @@ class Domain < ApplicationRecord
nameservers.select { |x| !x.hostname.end_with?(name) }
end
def extension_update_prohibited?
statuses.include? DomainStatus::SERVER_EXTENSION_UPDATE_PROHIBITED
end
def dnskey_update_enabled?
statuses.include? DomainStatus::SERVER_DNSKEY_UPDATE_ENABLED
end
def admin_change_prohibited?
statuses.include? DomainStatus::SERVER_ADMIN_CHANGE_PROHIBITED
end

17
app/models/domain_status.rb
View file

@ -9,6 +9,8 @@ class DomainStatus < ApplicationRecord
# Requests to delete the object MUST be rejected.
CLIENT_DELETE_PROHIBITED = 'clientDeleteProhibited'
SERVER_DELETE_PROHIBITED = 'serverDeleteProhibited'
SERVER_EXTENSION_UPDATE_PROHIBITED = 'serverExtensionUpdateProhibited'
SERVER_DNSKEY_UPDATE_ENABLED = 'serverDnskeyUpdateEnabled'
# DNS delegation information MUST NOT be published for the object.
CLIENT_HOLD = 'clientHold'
@ -80,10 +82,12 @@ class DomainStatus < ApplicationRecord
CLIENT_DELETE_PROHIBITED, SERVER_DELETE_PROHIBITED, CLIENT_HOLD, SERVER_HOLD,
CLIENT_RENEW_PROHIBITED, SERVER_RENEW_PROHIBITED, CLIENT_TRANSFER_PROHIBITED,
SERVER_TRANSFER_PROHIBITED, CLIENT_UPDATE_PROHIBITED, SERVER_UPDATE_PROHIBITED,
INACTIVE, OK, PENDING_CREATE, PENDING_DELETE, PENDING_DELETE_CONFIRMATION, PENDING_RENEW, PENDING_TRANSFER,
PENDING_UPDATE, SERVER_MANUAL_INZONE, SERVER_REGISTRANT_CHANGE_PROHIBITED,
SERVER_ADMIN_CHANGE_PROHIBITED, SERVER_TECH_CHANGE_PROHIBITED, FORCE_DELETE,
DELETE_CANDIDATE, EXPIRED, DISPUTED, SERVER_RELEASE_PROHIBITED
INACTIVE, OK, PENDING_CREATE, PENDING_DELETE, PENDING_DELETE_CONFIRMATION,
PENDING_RENEW, PENDING_TRANSFER, PENDING_UPDATE, SERVER_MANUAL_INZONE,
SERVER_REGISTRANT_CHANGE_PROHIBITED, SERVER_ADMIN_CHANGE_PROHIBITED,
SERVER_TECH_CHANGE_PROHIBITED, FORCE_DELETE, DELETE_CANDIDATE, EXPIRED, DISPUTED,
SERVER_RELEASE_PROHIBITED, SERVER_EXTENSION_UPDATE_PROHIBITED,
SERVER_DNSKEY_UPDATE_ENABLED
].freeze
CLIENT_STATUSES = [
@ -94,7 +98,8 @@ class DomainStatus < ApplicationRecord
SERVER_STATUSES = [
SERVER_DELETE_PROHIBITED, SERVER_HOLD, SERVER_RENEW_PROHIBITED, SERVER_TRANSFER_PROHIBITED,
SERVER_UPDATE_PROHIBITED, SERVER_MANUAL_INZONE, SERVER_REGISTRANT_CHANGE_PROHIBITED,
SERVER_ADMIN_CHANGE_PROHIBITED, SERVER_TECH_CHANGE_PROHIBITED, SERVER_RELEASE_PROHIBITED
SERVER_ADMIN_CHANGE_PROHIBITED, SERVER_TECH_CHANGE_PROHIBITED, SERVER_RELEASE_PROHIBITED,
SERVER_EXTENSION_UPDATE_PROHIBITED, SERVER_DNSKEY_UPDATE_ENABLED
].freeze
UPDATE_PROHIBIT_STATES = [
@ -161,6 +166,8 @@ class DomainStatus < ApplicationRecord
['UpdateProhibited', SERVER_UPDATE_PROHIBITED],
['DeleteProhibited', SERVER_DELETE_PROHIBITED],
['ReleaseProhibited', SERVER_RELEASE_PROHIBITED],
['serverExtensionUpdateProhibited', SERVER_EXTENSION_UPDATE_PROHIBITED],
['serverDnskeyUpdateEnabled', SERVER_DNSKEY_UPDATE_ENABLED],
]
end

1
app/models/epp/domain.rb
View file

@ -16,6 +16,7 @@ class Epp::Domain < Domain
return unless update_prohibited?
stat = (statuses & (DomainStatus::UPDATE_PROHIBIT_STATES + DomainStatus::DELETE_PROHIBIT_STATES)).first
add_epp_error('2304', 'status', stat, I18n.t(:object_status_prohibits_operation))
throw(:abort)
end

174
test/integration/epp/domain/update/base_test.rb
View file

@ -48,6 +48,180 @@ class EppDomainUpdateBaseTest < EppTestCase
assert_epp_response :parameter_value_syntax_error
end
def test_update_domain_data_out_of_extension_block_with_serverDnskeyUpdateEnabled
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_DNSKEY_UPDATE_ENABLED
@domain.save
@dnskey = dnskeys(:one)
@dnskey.update(domain: @domain)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.1')}">
<domain:name>shop.test</domain:name>
<domain:rem>
<domain:ns>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns1).hostname}</domain:hostName>
</domain:hostAttr>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns2).hostname}</domain:hostName>
</domain:hostAttr>
</domain:ns>
<secDNS:keyData>
<secDNS:flags>#{@dnskey.flags}</secDNS:flags>
<secDNS:protocol>#{@dnskey.protocol}</secDNS:protocol>
<secDNS:alg>#{@dnskey.alg}</secDNS:alg>
<secDNS:pubKey>#{@dnskey.public_key}</secDNS:pubKey>
</secDNS:keyData>
</domain:rem>
</domain:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_correct_against_schema response_xml
@domain.reload
assert_epp_response :completed_successfully
end
def test_update_domain_dns_with_serverDnskeyUpdateEnabled
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_DNSKEY_UPDATE_ENABLED
@domain.save
@dnskey = dnskeys(:one)
@dnskey.update(domain: @domain)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.1')}">
<domain:name>shop.test</domain:name>
<domain:chg>
<domain:authInfo>
<domain:pw>f0ff7d17b0</domain:pw>
</domain:authInfo>
</domain:chg>
</domain:update>
</update>
<extension>
<secDNS:update xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1">
<secDNS:rem>
<secDNS:keyData>
<secDNS:flags>#{@dnskey.flags}</secDNS:flags>
<secDNS:protocol>#{@dnskey.protocol}</secDNS:protocol>
<secDNS:alg>#{@dnskey.alg}</secDNS:alg>
<secDNS:pubKey>#{@dnskey.public_key}</secDNS:pubKey>
</secDNS:keyData>
</secDNS:rem>
</secDNS:update>
</extension>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_correct_against_schema response_xml
@domain.reload
assert_epp_response :completed_successfully
end
def test_update_domain_data_out_of_extension_block_with_extension_update_prohibited
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_EXTENSION_UPDATE_PROHIBITED
@domain.save
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.1')}">
<domain:name>shop.test</domain:name>
<domain:rem>
<domain:ns>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns1).hostname}</domain:hostName>
</domain:hostAttr>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns2).hostname}</domain:hostName>
</domain:hostAttr>
</domain:ns>
</domain:rem>
</domain:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_correct_against_schema response_xml
@domain.reload
assert_epp_response :completed_successfully
end
def test_update_domain_dns_with_extension_update_prohibited
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_EXTENSION_UPDATE_PROHIBITED
@domain.save
@dnskey = dnskeys(:one)
@dnskey.update(domain: @domain)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.1')}">
<domain:name>shop.test</domain:name>
<domain:chg>
<domain:authInfo>
<domain:pw>f0ff7d17b0</domain:pw>
</domain:authInfo>
</domain:chg>
</domain:update>
</update>
<extension>
<secDNS:update xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1">
<secDNS:rem>
<secDNS:keyData>
<secDNS:flags>#{@dnskey.flags}</secDNS:flags>
<secDNS:protocol>#{@dnskey.protocol}</secDNS:protocol>
<secDNS:alg>#{@dnskey.alg}</secDNS:alg>
<secDNS:pubKey>#{@dnskey.public_key}</secDNS:pubKey>
</secDNS:keyData>
</secDNS:rem>
</secDNS:update>
</extension>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_correct_against_schema response_xml
@domain.reload
assert_epp_response :object_status_prohibits_operation
end
def test_update_domain
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>