keyrelay turned off, ability update

app/controllers/epp/domains_controller.rb

@@ -1,6 +1,4 @@
 class Epp::DomainsController < EppController
-  skip_authorization_check # TODO: remove it
-
   before_action :find_domain, only: [:info, :renew, :update, :transfer, :delete]
   before_action :find_password, only: [:info, :update, :transfer, :delete]
 
@@ -44,6 +42,8 @@ class Epp::DomainsController < EppController
 
   # rubocop:disable Metrics/CyclomaticComplexity
   def delete
+    authorize! :delete, @domain, @password
+
     # all includes for bullet
     @domain = Epp::Domain.where(id: @domain.id).includes(nameservers: :versions).first
 

app/controllers/epp/errors_controller.rb

@@ -1,6 +1,4 @@
 class Epp::ErrorsController < EppController
-  skip_authorization_check # TODO: remove it
-
   def error
     epp_errors << { code: params[:code], msg: params[:msg] }
     render_epp_response '/epp/error'

app/controllers/epp/keyrelays_controller.rb

@@ -1,9 +1,10 @@
 class Epp::KeyrelaysController < EppController
-  skip_authorization_check # TODO: remove it
+  skip_authorization_check # TODO: move authorization under ability
 
   # rubocop: disable Metrics/PerceivedComplexity
   # rubocop: disable Metrics/CyclomaticComplexity
   def keyrelay
+    # keyrelay temp turned off
     @domain = find_domain
 
     handle_errors(@domain) and return unless @domain
@@ -34,6 +35,15 @@ class Epp::KeyrelaysController < EppController
 
   def find_domain
     domain_name = params[:parsed_frame].css('name').text.strip.downcase
+
+    # keyrelay temp turned off
+    epp_errors << {
+      code: '2307',
+      msg: I18n.t(:unimplemented_object_service),
+      value: { obj: 'name', val: domain_name }
+    }
+    return nil
+
     domain = Epp::Domain.includes(:registrant).find_by(name: domain_name)
 
     unless domain

app/controllers/epp/polls_controller.rb

@@ -1,5 +1,5 @@
 class Epp::PollsController < EppController
-  skip_authorization_check # TODO: remove it
+  skip_authorization_check # TODO: move authorization under ability
 
   def poll
     req_poll if params[:parsed_frame].css('poll').first['op'] == 'req'

app/controllers/sessions_controller.rb

@@ -1,5 +1,5 @@
 class SessionsController < Devise::SessionsController
-  skip_authorization_check
+  skip_authorization_check only: :create
 
   def create
     # TODO: Create ID Card login here:

app/models/ability.rb

@@ -30,6 +30,7 @@ class Ability
     can(:update,   Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
     can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw }
     can(:view_password, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
+    can(:delete,   Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
 
     # Epp::Contact
     can(:info, Epp::Contact)           { |c, pw| c.registrar_id == @user.registrar_id || pw.blank? ? true : c.auth_info == pw }

config/locales/en.yml

@@ -757,3 +757,4 @@ en:
   back_to_domains: 'Back to domains'
   no_hostnames_replaced: 'No hostnames replaced'
   forbidden_code: 'is forbidden to use'
+  unimplemented_object_service: 'Unimplemented object service'

spec/epp/keyrelay_spec.rb

@@ -34,15 +34,18 @@ describe 'EPP Keyrelay', epp: true do
 
     response = epp_plain_request(xml, :xml)
 
-    response[:msg].should == 'Command completed successfully'
-    response[:result_code].should == '1000'
+    response[:msg].should == 'Unimplemented object service'
+    response[:result_code].should == '2307'
 
-    @registrar2.messages.queued.count.should == 1
+    # response[:msg].should == 'Command completed successfully'
+    # response[:result_code].should == '1000'
 
-    log = ApiLog::EppLog.last
-    log.request_command.should == 'keyrelay'
-    log.request_successful.should == true
-    log.api_user_name.should == '1-api-registrar1'
+    # @registrar2.messages.queued.count.should == 1
+
+    # log = ApiLog::EppLog.last
+    # log.request_command.should == 'keyrelay'
+    # log.request_successful.should == true
+    # log.api_user_name.should == '1-api-registrar1'
   end
 
   it 'returns an error when parameters are missing' do
@@ -169,12 +172,16 @@ describe 'EPP Keyrelay', epp: true do
     })
 
     response = epp_plain_request(xml, :xml)
-    response[:msg].should == 'Command completed successfully'
 
-    docs = Keyrelay.last.legal_documents
-    docs.count.should == 1
-    docs.first.path.should_not be_blank
-    docs.first.document_type.should == 'pdf'
+    response[:msg].should == 'Unimplemented object service'
+    response[:result_code].should == '2307'
+
+    # response[:msg].should == 'Command completed successfully'
+
+    # docs = Keyrelay.last.legal_documents
+    # docs.count.should == 1
+    # docs.first.path.should_not be_blank
+    # docs.first.document_type.should == 'pdf'
   end
 
   it 'validates legal document types' do