diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb index 18561044f..0abd219f5 100644 --- a/app/controllers/epp/domains_controller.rb +++ b/app/controllers/epp/domains_controller.rb @@ -1,6 +1,4 @@ class Epp::DomainsController < EppController - skip_authorization_check # TODO: remove it - before_action :find_domain, only: [:info, :renew, :update, :transfer, :delete] before_action :find_password, only: [:info, :update, :transfer, :delete] @@ -44,6 +42,8 @@ class Epp::DomainsController < EppController # rubocop:disable Metrics/CyclomaticComplexity def delete + authorize! :delete, @domain, @password + # all includes for bullet @domain = Epp::Domain.where(id: @domain.id).includes(nameservers: :versions).first diff --git a/app/controllers/epp/errors_controller.rb b/app/controllers/epp/errors_controller.rb index cba923bc9..1d665b9cc 100644 --- a/app/controllers/epp/errors_controller.rb +++ b/app/controllers/epp/errors_controller.rb @@ -1,6 +1,4 @@ class Epp::ErrorsController < EppController - skip_authorization_check # TODO: remove it - def error epp_errors << { code: params[:code], msg: params[:msg] } render_epp_response '/epp/error' diff --git a/app/controllers/epp/keyrelays_controller.rb b/app/controllers/epp/keyrelays_controller.rb index a2191c83d..c0b127f5b 100644 --- a/app/controllers/epp/keyrelays_controller.rb +++ b/app/controllers/epp/keyrelays_controller.rb @@ -1,9 +1,10 @@ class Epp::KeyrelaysController < EppController - skip_authorization_check # TODO: remove it + skip_authorization_check # TODO: move authorization under ability # rubocop: disable Metrics/PerceivedComplexity # rubocop: disable Metrics/CyclomaticComplexity def keyrelay + # keyrelay temp turned off @domain = find_domain handle_errors(@domain) and return unless @domain @@ -34,6 +35,15 @@ class Epp::KeyrelaysController < EppController def find_domain domain_name = params[:parsed_frame].css('name').text.strip.downcase + + # keyrelay temp turned off + epp_errors << { + code: '2307', + msg: I18n.t(:unimplemented_object_service), + value: { obj: 'name', val: domain_name } + } + return nil + domain = Epp::Domain.includes(:registrant).find_by(name: domain_name) unless domain diff --git a/app/controllers/epp/polls_controller.rb b/app/controllers/epp/polls_controller.rb index 2f445abc6..69dd24106 100644 --- a/app/controllers/epp/polls_controller.rb +++ b/app/controllers/epp/polls_controller.rb @@ -1,5 +1,5 @@ class Epp::PollsController < EppController - skip_authorization_check # TODO: remove it + skip_authorization_check # TODO: move authorization under ability def poll req_poll if params[:parsed_frame].css('poll').first['op'] == 'req' diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 103283f6b..0f6758f30 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,5 +1,5 @@ class SessionsController < Devise::SessionsController - skip_authorization_check + skip_authorization_check only: :create def create # TODO: Create ID Card login here: diff --git a/app/models/ability.rb b/app/models/ability.rb index 1e213e478..38d50e9df 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -30,6 +30,7 @@ class Ability can(:update, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw } can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw } can(:view_password, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw } + can(:delete, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw } # Epp::Contact can(:info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || pw.blank? ? true : c.auth_info == pw } diff --git a/config/locales/en.yml b/config/locales/en.yml index 06205f495..b52702039 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -757,3 +757,4 @@ en: back_to_domains: 'Back to domains' no_hostnames_replaced: 'No hostnames replaced' forbidden_code: 'is forbidden to use' + unimplemented_object_service: 'Unimplemented object service' diff --git a/spec/epp/keyrelay_spec.rb b/spec/epp/keyrelay_spec.rb index 451c5f7cc..75bb253ad 100644 --- a/spec/epp/keyrelay_spec.rb +++ b/spec/epp/keyrelay_spec.rb @@ -34,15 +34,18 @@ describe 'EPP Keyrelay', epp: true do response = epp_plain_request(xml, :xml) - response[:msg].should == 'Command completed successfully' - response[:result_code].should == '1000' + response[:msg].should == 'Unimplemented object service' + response[:result_code].should == '2307' - @registrar2.messages.queued.count.should == 1 + # response[:msg].should == 'Command completed successfully' + # response[:result_code].should == '1000' - log = ApiLog::EppLog.last - log.request_command.should == 'keyrelay' - log.request_successful.should == true - log.api_user_name.should == '1-api-registrar1' + # @registrar2.messages.queued.count.should == 1 + + # log = ApiLog::EppLog.last + # log.request_command.should == 'keyrelay' + # log.request_successful.should == true + # log.api_user_name.should == '1-api-registrar1' end it 'returns an error when parameters are missing' do @@ -169,12 +172,16 @@ describe 'EPP Keyrelay', epp: true do }) response = epp_plain_request(xml, :xml) - response[:msg].should == 'Command completed successfully' - docs = Keyrelay.last.legal_documents - docs.count.should == 1 - docs.first.path.should_not be_blank - docs.first.document_type.should == 'pdf' + response[:msg].should == 'Unimplemented object service' + response[:result_code].should == '2307' + + # response[:msg].should == 'Command completed successfully' + + # docs = Keyrelay.last.legal_documents + # docs.count.should == 1 + # docs.first.path.should_not be_blank + # docs.first.document_type.should == 'pdf' end it 'validates legal document types' do