REPP domains: Modify DNSSEC keys

app/controllers/repp/v1/domains/dnssec_controller.rb

@@ -0,0 +1,70 @@
+module Repp
+  module V1
+    module Domains
+      class DnssecController < BaseController
+        before_action :set_domain, only: %i[index create destroy]
+
+        api :GET, '/repp/v1/domains/:domain_name/dnssec'
+        desc "View all domain's DNSSEC keys"
+        def index
+          dnssec_keys = @domain.dnskeys
+          data = { dns_keys: dnssec_keys.as_json(only: %i[flags alg protocol public_key]) }
+          render_success(data: data)
+        end
+
+        api :POST, '/repp/v1/domains/:domain_name/dnssec'
+        desc 'Add new DNSSEC key(s) to domain'
+        param :dns_keys, Array, required: true, desc: 'Array of new DNSSEC keys' do
+          param :flags, String, required: true, desc: '256 (KSK) or 257 (ZSK)'
+          param :protocol, String, required: true, desc: 'Key protocol (3)'
+          param :alg, String, required: true, desc: 'DNSSEC key algorithm (3,5,6,7,8,10,13,14)'
+          param :public_key, String, required: true, desc: 'DNSSEC public key'
+        end
+        def create
+          dnssec_params[:dnssec][:dns_keys].each { |n| n[:action] = 'add' }
+          action = Actions::DomainUpdate.new(@domain, dnssec_params[:dnssec], current_user)
+
+          unless action.call
+            handle_errors(@domain)
+            return
+          end
+
+          render_success(data: { domain: { name: @domain.name } })
+        end
+
+        api :DELETE, 'repp/v1/domains/:domain_name/dnssec'
+        param :dns_keys, Array, required: true, desc: 'Array of removable DNSSEC keys' do
+          param :flags, String, required: true, desc: '256 (KSK) or 257 (ZSK)'
+          param :protocol, String, required: true, desc: 'Key protocol (3)'
+          param :alg, String, required: true, desc: 'DNSSEC key algorithm (3,5,6,7,8,10,13,14)'
+          param :public_key, String, required: true, desc: 'DNSSEC public key'
+        end
+        def destroy
+          dnssec_params[:dnssec][:dns_keys].each { |n| n[:action] = 'rem' }
+          action = Actions::DomainUpdate.new(@domain, dnssec_params[:dnssec], current_user)
+
+          unless action.call
+            handle_errors(@domain)
+            return
+          end
+
+          render_success(data: { domain: { name: @domain.name } })
+        end
+
+        private
+
+        def set_domain
+          registrar = current_user.registrar
+          @domain = Epp::Domain.find_by(registrar: registrar, name: params[:domain_id])
+          @domain ||= Epp::Domain.find_by!(registrar: registrar, name_puny: params[:domain_id])
+
+          @domain
+        end
+
+        def dnssec_params
+          params.permit!
+        end
+      end
+    end
+  end
+end

app/controllers/repp/v1/domains/nameservers_controller.rb

@@ -24,8 +24,8 @@ module Repp
           render_success(data: { domain: { name: @domain.name } })
         end
 
-        api :POST, '/repp/v1/domains/:domain/nameservers/:nameserver'
-        desc 'Modifiy nameserver for domain'
+        api :PUT, '/repp/v1/domains/:domain/nameservers/:nameserver'
+        desc 'Modify nameserver for domain'
         param :nameserver, Hash, required: true, desc: 'Nameserver parameters' do
           param :hostname, String, required: true, desc: 'Nameserver hostname'
           param :ipv4, Array, required: false, desc: 'Array of IPv4 values'

app/controllers/repp/v1/domains_controller.rb

@@ -63,6 +63,7 @@ module Repp
       param :domain, Hash, required: true, desc: 'Changes of domain object' do
         param :registrant, Hash, required: false, desc: 'New registrant object' do
           param :code, String, required: true, desc: 'New registrant contact code'
+          param :verified, [true, false], required: false, desc: 'Registrant change is already verified'
         end
         param :auth_info, String, required: false, desc: 'New authorization code'
       end

app/models/actions/domain_update.rb

@@ -55,7 +55,6 @@ module Actions
     end
 
     def assign_nameserver_modifications
-      puts "ASSIGNING"
       @nameservers = []
       params[:nameservers].each do |ns_attr|
         case ns_attr[:action]
@@ -80,17 +79,16 @@ module Actions
 
     def assign_dnssec_modifications
       @dnskeys = []
-
       params[:dns_keys].each do |key|
         case key[:action]
         when 'add'
-          validate_dnskey_integrity(key) && @dnskeys << key.except(:action)
+          validate_dnskey_integrity(key)
         when 'rem'
           assign_removable_dnskey(key)
         end
       end
 
-      domain.dnskeys_attributes = @dnskeys
+      domain.dnskeys_attributes = @dnskeys.uniq
     end
 
     def validate_dnskey_integrity(key)
@@ -100,7 +98,7 @@ module Actions
         domain.add_epp_error('2306', nil, nil, %i[dnskeys ds_data_not_allowed])
       end
 
-      dnskeys << key.except(:action)
+      @dnskeys << key.except(:action)
     end
 
     def assign_removable_dnskey(key)

config/routes.rb

@@ -61,6 +61,8 @@ Rails.application.routes.draw do
       end
       resources :domains, constraints: { id: /.*/ } do
         resources :nameservers, only: %i[create destroy], constraints: { id: /.*/ }, controller: 'domains/nameservers'
+        resources :dnssec, only: %i[index create], constraints: { id: /.*/ }, controller: 'domains/dnssec'
+        match "dnssec", to: "domains/dnssec#destroy", via: "delete", defaults: { id: nil }
         collection do
           get ':id/transfer_info', to: 'domains#transfer_info', constraints: { id: /.*/ }
           post 'transfer', to: 'domains#transfer'