zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 14:44:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' into fix-registrar-url-condition-in-pdf

Browse source
This commit is contained in:
Georg Kahest 2020-08-18 16:47:07 +03:00
commit a394822b11
729 changed files with 13700 additions and 14837 deletions
Download patch file Download diff file Expand all files Collapse all files

3
app/api/repp/api.rb
View file

@ -30,7 +30,8 @@ module Repp
webclient_cert_name = ENV['webclient_cert_common_name'] || 'webclient'
error! "Webclient #{message} #{webclient_cert_name}", 401 if webclient_cert_name != request_name
else
unless @current_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
unless @current_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'],
request.env['HTTP_SSL_CLIENT_S_DN_CN'])
error! "#{message} #{@current_user.username}", 401
end
end

3
app/assets/config/manifest.js Normal file
View file

@ -0,0 +1,3 @@
//= link_tree ../images
//= link_directory ../javascripts .js
//= link_directory ../stylesheets .css

6
app/assets/javascripts/admin/autocomplete.js.coffee
View file

@ -47,12 +47,6 @@ class @Autocomplete
selector: '.js-contact-typeahead'
hiddenSelector: '.js-contact-id'
@bindAdminRegistrarSearch: ->
Autocomplete.bindTypeahead
remote: '/admin/registrars/search'
selector: '.js-registrar-typeahead'
hiddenSelector: '.js-registrar-id'
@bindClientContactSearch: ->
Autocomplete.bindTypeahead
remote: '/client/contacts/search'

6
app/assets/stylesheets/admin/admin.sass
View file

@ -133,12 +133,6 @@ body.login
padding-top: 40px
padding-bottom: 40px
.form-signin
.form-signin-heading,
.form-signin
.checkbox
margin-bottom: 10px
.form-signin
max-width: 330px
padding: 15px

3
app/assets/stylesheets/shared/general.sass
View file

@ -15,6 +15,9 @@ body > .container
padding-top: 15px
font-size: 10px
a.footer-version-link
color: black
.nowrap
white-space: nowrap

6
app/controllers/admin/account_activities_controller.rb
View file

@ -23,11 +23,11 @@ module Admin
@q.sorts = 'id desc' if @q.sorts.empty?
@account_activities = @q.result.page(params[:page]).per(params[:results_per_page])
sort = @account_activities.orders.map(&:to_sql).join(",")
# can do here inline SQL as it's our
if params[:page] && params[:page].to_i > 1
@sum = @q.result.reorder(sort).limit(@account_activities.offset_value).sum(:sum) + @b.result.where("account_activities.id NOT IN (#{@q.result.select(:id).to_sql})").sum(:sum)
@sum = @q.result.limit(@account_activities.offset_value).sum(:sum) +
@b.result.where("account_activities.id NOT IN (#{@q.result.select(:id).to_sql})")
.sum(:sum)
else
@sum = @b.result.where("account_activities.id NOT IN (#{@q.result.select(:id).to_sql})").sum(:sum)
end

44
app/controllers/admin/api_users_controller.rb
View file

@ -1,7 +1,6 @@
module Admin
class ApiUsersController < BaseController
load_and_authorize_resource
before_action :set_api_user, only: [:show, :edit, :update, :destroy]
def index
@q = ApiUser.includes(:registrar).search(params[:q])
@ -9,18 +8,17 @@ module Admin
end
def new
@registrar = Registrar.find_by(id: params[:registrar_id])
@api_user = ApiUser.new(registrar: @registrar)
@api_user = registrar.api_users.build
end
def create
@api_user = ApiUser.new(api_user_params)
@api_user = registrar.api_users.build(api_user_params)
if @api_user.save
flash[:notice] = I18n.t('record_created')
redirect_to [:admin, @api_user]
if @api_user.valid?
@api_user.save!
redirect_to admin_registrar_api_user_path(@api_user.registrar, @api_user),
notice: t('.created')
else
flash.now[:alert] = I18n.t('failed_to_create_record')
render 'new'
end
end
@ -32,39 +30,31 @@ module Admin
end
def update
if params[:api_user][:plain_text_password].blank?
params[:api_user].delete(:plain_text_password)
end
@api_user.attributes = api_user_params
if @api_user.update(api_user_params)
flash[:notice] = I18n.t('record_updated')
redirect_to [:admin, @api_user]
if @api_user.valid?
@api_user.save!
redirect_to admin_registrar_api_user_path(@api_user.registrar, @api_user),
notice: t('.updated')
else
flash.now[:alert] = I18n.t('failed_to_update_record')
render 'edit'
end
end
def destroy
if @api_user.destroy
flash[:notice] = I18n.t('record_deleted')
redirect_to admin_api_users_path
else
flash.now[:alert] = I18n.t('failed_to_delete_record')
render 'show'
end
@api_user.destroy!
redirect_to admin_registrar_path(@api_user.registrar), notice: t('.deleted')
end
private
def set_api_user
@api_user = ApiUser.find(params[:id])
end
def api_user_params
params.require(:api_user).permit(:username, :plain_text_password, :active,
:registrar_id, :registrar_typeahead,
:identity_code, { roles: [] })
end
def registrar
Registrar.find(params[:registrar_id])
end
end
end

2
app/controllers/admin/bank_statements_controller.rb
View file

@ -60,7 +60,7 @@ module Admin
end
def bind_invoices
@bank_statement.bind_invoices
@bank_statement.bind_invoices(manual: true)
flash[:notice] = t('invoices_were_fully_binded') if @bank_statement.fully_binded?
flash[:warning] = t('invoices_were_partially_binded') if @bank_statement.partially_binded?

2
app/controllers/admin/bank_transactions_controller.rb
View file

@ -34,7 +34,7 @@ module Admin
end
def bind
if @bank_transaction.bind_invoice(params[:invoice_no])
if @bank_transaction.bind_invoice(params[:invoice_no], manual: true)
flash[:notice] = I18n.t('record_created')
redirect_to [:admin, @bank_transaction]
else

3
app/controllers/admin/base_controller.rb
View file

@ -2,6 +2,7 @@ module Admin
class BaseController < ApplicationController
before_action :authenticate_admin_user!
helper_method :head_title_sufix
before_action :set_paper_trail_whodunnit
def head_title_sufix
t(:admin_head_title_sufix)
@ -17,4 +18,4 @@ module Admin
current_admin_user ? current_admin_user.id_role_username : 'anonymous'
end
end
end
end

2
app/controllers/admin/certificates_controller.rb
View file

@ -34,7 +34,7 @@ module Admin
if @certificate.destroy
flash[:notice] = I18n.t('record_deleted')
redirect_to admin_api_user_path(@api_user)
redirect_to admin_registrar_api_user_path(@api_user.registrar, @api_user)
else
flash.now[:alert] = I18n.t('failed_to_delete_record')
render 'show'

21
app/controllers/admin/contacts_controller.rb
View file

@ -3,6 +3,7 @@ module Admin
load_and_authorize_resource
before_action :set_contact, only: [:show]
helper_method :ident_types
helper_method :domain_filter_params
def index
params[:q] ||= {}
@ -12,19 +13,27 @@ module Admin
search_params[:registrant_domains_id_not_null] = 1
end
contacts = Contact.includes(:registrar).joins(:registrar).select('contacts.*, registrars.name')
contacts = Contact.includes(:registrar).joins(:registrar)
.select('contacts.*, registrars.name')
contacts = contacts.filter_by_states(params[:statuses_contains].join(',')) if params[:statuses_contains]
contacts = contacts.where("ident_country_code is null or ident_country_code=''") if params[:only_no_country_code].eql?('1')
contacts = filter_by_flags(contacts)
normalize_search_parameters do
@q = contacts.search(search_params)
@contacts = @q.result.uniq.page(params[:page])
@contacts = @q.result.distinct.page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
end
def filter_by_flags(contacts)
if params[:only_no_country_code].eql?('1')
contacts = contacts.where("ident_country_code is null or ident_country_code=''")
end
contacts = contacts.email_verification_failed if params[:email_verification_failed].eql?('1')
contacts
end
def search
render json: Contact.search_by_query(params[:q])
end
@ -84,5 +93,9 @@ module Admin
def ident_types
Contact::Ident.types
end
def domain_filter_params
params.permit(:domain_filter)
end
end
end

74
app/controllers/admin/disputes_controller.rb Normal file
View file

@ -0,0 +1,74 @@
# frozen_string_literal: true
module Admin
class DisputesController < BaseController
load_and_authorize_resource
before_action :set_dispute, only: %i[show edit update delete]
# GET /admin/disputes
def index
params[:q] ||= {}
@disputes = sortable_dispute_query_for(Dispute.active.all, params[:q])
@closed_disputes = sortable_dispute_query_for(Dispute.closed.all, params[:q], closed: true)
end
# GET /admin/disputes/1
def show; end
# GET /admin/disputes/new
def new
@dispute = Dispute.new
end
# GET /admin/disputes/1/edit
def edit; end
# POST /admin/disputes
def create
@dispute = Dispute.new(dispute_params)
if @dispute.save
notice = 'Dispute was successfully created'
notice += @dispute.domain ? '.' : ' for domain that is not registered.'
redirect_to admin_disputes_url, notice: notice
else
render :new
end
end
# PATCH/PUT /admin/disputes/1
def update
if @dispute.update(dispute_params.except(:domain_name))
redirect_to admin_disputes_url, notice: 'Dispute was successfully updated.'
else
render :edit
end
end
# DELETE /admin/disputes/1
def delete
@dispute.close(initiator: 'Admin')
redirect_to admin_disputes_url, notice: 'Dispute was successfully closed.'
end
private
def sortable_dispute_query_for(disputes, query, closed: false)
@q = disputes.order(:domain_name).search(query)
disputes = @q.result.page(closed ? params[:closed_page] : params[:page])
return disputes.per(params[:results_per_page]) if params[:results_per_page].present?
disputes
end
# Use callbacks to share common setup or constraints between actions.
def set_dispute
@dispute = Dispute.find(params[:id])
end
# Only allow a trusted parameter "white list" through.
def dispute_params
params.require(:dispute).permit(:domain_name, :password, :starts_at, :comment)
end
end
end

39
app/controllers/admin/domains/force_delete_controller.rb
View file

@ -5,21 +5,27 @@ module Admin
authorize! :manage, domain
domain.transaction do
domain.schedule_force_delete
domain.schedule_force_delete(type: force_delete_type)
domain.registrar.notifications.create!(text: t('force_delete_set_on_domain',
domain_name: domain.name))
domain_name: domain.name,
outzone_date: domain.outzone_date,
purge_date: domain.purge_date))
if notify_by_email?
DomainDeleteMailer.forced(domain: domain,
registrar: domain.registrar,
registrant: domain.registrant,
template_name: params[:template_name]).deliver_now
end
notify_by_email if notify_by_email?
end
redirect_to edit_admin_domain_url(domain), notice: t('.scheduled')
end
def notify_by_email
if force_delete_type == :fast_track
send_email
domain.update(contact_notification_sent_date: Time.zone.today)
else
domain.update(template_name: params[:template_name])
end
end
def destroy
authorize! :manage, domain
domain.cancel_force_delete
@ -33,7 +39,22 @@ module Admin
end
def notify_by_email?
ActiveRecord::Type::Boolean.new.type_cast_from_user(params[:notify_by_email])
ActiveRecord::Type::Boolean.new.cast(params[:notify_by_email])
end
def send_email
DomainDeleteMailer.forced(domain: domain,
registrar: domain.registrar,
registrant: domain.registrant,
template_name: params[:template_name]).deliver_now
end
def force_delete_type
soft_delete? ? :soft : :fast_track
end
def soft_delete?
ActiveRecord::Type::Boolean.new.cast(params[:soft_delete])
end
end
end

13
app/controllers/admin/keyrelays_controller.rb
View file

@ -1,13 +0,0 @@
module Admin
class KeyrelaysController < BaseController
load_and_authorize_resource
def index
@q = Keyrelay.includes(:requester, :accepter).search(params[:q])
@keyrelays = @q.result.page(params[:page])
end
def show;
end
end
end

6
app/controllers/admin/legal_documents_controller.rb
View file

@ -5,7 +5,11 @@ module Admin
def show
@ld = LegalDocument.find(params[:id])
filename = @ld.path.split('/').last
send_data File.open(@ld.path).read, filename: filename
file = File.open(@ld.path)&.read
send_data file, filename: filename
rescue Errno::ENOENT
flash[:notice] = I18n.t('legal_doc_not_found')
redirect_to [:admin, @ld.documentable]
end
end
end

1
app/controllers/admin/pending_deletes_controller.rb
View file

@ -29,7 +29,6 @@ module Admin
# steal token
token = @domain.registrant_verification_token
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
domain_name: @domain.name,
verification_token: token)
end

1
app/controllers/admin/pending_updates_controller.rb
View file

@ -26,7 +26,6 @@ module Admin
# steal token
token = @domain.registrant_verification_token
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
domain_name: @domain.name,
verification_token: token)
end

2
app/controllers/admin/registrars_controller.rb
View file

@ -74,6 +74,8 @@ module Admin
:vat_rate,
:accounting_customer_code,
:billing_email,
:legaldoc_optout,
:legaldoc_optout_comment,
:iban,
:language)
end

2
app/controllers/admin/zonefiles_controller.rb
View file

@ -13,7 +13,7 @@ module Admin
send_data @zonefile, filename: "#{params[:origin]}.txt"
else
flash[:alert] = 'Origin not supported'
redirect_to :back
redirect_back(fallback_location: root_path)
end
end
end

2
app/controllers/api/cors_controller.rb
View file

@ -5,7 +5,7 @@ module Api
def cors_preflight_check
set_access_control_headers
render text: ''
render plain: ''
end
def set_access_control_headers

2
app/controllers/api/v1/auctions_controller.rb
View file

@ -30,6 +30,8 @@ module Api
raise "Invalid status #{params[:status]}"
end
auction.mark_deadline(params[:registration_deadline]) if params[:registration_deadline]
if auction.payment_not_received? || auction.domain_not_registered?
update_whois_from_auction(Auction.pending(auction.domain))
else

10
app/controllers/api/v1/base_controller.rb
View file

@ -1,8 +1,8 @@
require 'rails5_api_controller_backport'
module Api
module V1
class BaseController < ActionController::API
rescue_from ActiveRecord::RecordNotFound, with: :not_found_error
private
def authenticate
@ -10,6 +10,12 @@ module Api
head :unauthorized unless ip_allowed
end
def not_found_error
uuid = params['uuid']
json = { error: 'Not Found', uuid: uuid, message: 'Record not found' }
render json: json, status: :not_found
end
def allowed_ips
ENV['auction_api_allowed_ips'].split(',').map(&:strip)
end

3
app/controllers/api/v1/registrant/auth_controller.rb
View file

@ -1,4 +1,3 @@
require 'rails5_api_controller_backport'
require 'auth_token/auth_token_creator'
module Api
@ -16,7 +15,7 @@ module Api
end
def eid
user = RegistrantUser.find_or_create_by_api_data(eid_params)
user = RegistrantUser.find_or_create_by_api_data(eid_params.to_h)
token = create_token(user)
if token

3
app/controllers/api/v1/registrant/base_controller.rb
View file

@ -1,4 +1,3 @@
require 'rails5_api_controller_backport'
require 'auth_token/auth_token_decryptor'
module Api
@ -45,7 +44,7 @@ module Api
# This controller does not inherit from ApplicationController,
# so user_for_paper_trail method is not usable.
def set_paper_trail_whodunnit
::PaperTrail.whodunnit = current_registrant_user.id_role_username
::PaperTrail.request.whodunnit = current_registrant_user.id_role_username
end
def show_not_found_error

5
app/controllers/application_controller.rb
View file

@ -1,9 +1,10 @@
class ApplicationController < ActionController::Base
check_authorization unless: :devise_controller?
before_action :set_paper_trail_whodunnit
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
protect_from_forgery with: :exception, prepend: true
before_action do
resource = controller_name.singularize.to_sym
@ -32,4 +33,4 @@ class ApplicationController < ActionController::Base
def available_languages
{ en: 'English', et: 'Estonian' }.invert
end
end
end

15
app/controllers/epp/base_controller.rb
View file

@ -1,9 +1,8 @@
module Epp
class BaseController < ActionController::Base
class AuthorizationError < StandardError; end
check_authorization
skip_before_action :verify_authenticity_token
check_authorization
layout false
before_action :ensure_session_id_passed
@ -11,7 +10,7 @@ module Epp
before_action :latin_only
before_action :validate_against_schema
before_action :validate_request
before_action :update_epp_session, if: 'signed_in?'
before_action :update_epp_session, if: -> { signed_in? }
around_action :wrap_exceptions
@ -21,6 +20,7 @@ module Epp
rescue_from StandardError, with: :respond_with_command_failed_error
rescue_from AuthorizationError, with: :respond_with_authorization_error
rescue_from ActiveRecord::RecordNotFound, with: :respond_with_object_does_not_exist_error
before_action :set_paper_trail_whodunnit
protected
@ -58,7 +58,7 @@ module Epp
end
def validate_against_schema
return if ['hello', 'error', 'keyrelay'].include?(params[:action])
return if %w[hello error].include?(params[:action])
schema.validate(params[:nokogiri_frame]).each do |error|
epp_errors << {
code: 2001,
@ -119,7 +119,7 @@ module Epp
end
def render_epp_response(*args)
@response = render_to_string(*args, formats: 'xml')
@response = render_to_string(*args, formats: [:xml])
render xml: @response
write_to_epp_log
end
@ -395,7 +395,12 @@ module Epp
end
def log_exception(exception)
logger.error(([exception.message] + exception.backtrace).join($INPUT_RECORD_SEPARATOR))
notify_airbrake(exception)
end
def user_for_paper_trail
current_user ? current_user.id_role_username : 'anonymous'
end
end
end

17
app/controllers/epp/contacts_controller.rb
View file

@ -1,3 +1,5 @@
require 'deserializers/xml/contact_update'
module Epp
class ContactsController < BaseController
before_action :find_contact, only: [:info, :update, :delete]
@ -43,9 +45,14 @@ module Epp
def update
authorize! :update, @contact, @password
frame = params[:parsed_frame]
collected_data = ::Deserializers::Xml::ContactUpdate.new(params[:parsed_frame])
action = Actions::ContactUpdate.new(@contact,
collected_data.contact,
collected_data.legal_document,
collected_data.ident,
current_user)
if @contact.update_attributes(frame, current_user)
if action.call
if !address_processing? && address_given?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
@ -76,6 +83,12 @@ module Epp
handle_errors
end
def transfer
authorize! :transfer, Epp::Contact
epp_errors << { code: '2101', msg: t(:'errors.messages.unimplemented_command') }
handle_errors
end
private
def find_password

33
app/controllers/epp/domains_controller.rb
View file

@ -2,6 +2,7 @@ module Epp
class DomainsController < BaseController
before_action :find_domain, only: %i[info renew update transfer delete]
before_action :find_password, only: %i[info update transfer delete]
before_action :set_paper_trail_whodunnit
def info
authorize! :info, @domain
@ -91,7 +92,7 @@ module Epp
status: Auction.statuses[:payment_received])
active_auction.domain_registered!
end
Dispute.close_by_domain(@domain.name)
render_epp_response '/epp/domains/create'
else
handle_errors(@domain)
@ -102,23 +103,17 @@ module Epp
def update
authorize! :update, @domain, @password
if @domain.update(params[:parsed_frame], current_user)
if @domain.epp_pending_update.present?
render_epp_response '/epp/domains/success_pending'
else
render_epp_response '/epp/domains/success'
end
else
handle_errors(@domain)
end
updated = @domain.update(params[:parsed_frame], current_user)
(handle_errors(@domain) && return) unless updated
pending = @domain.epp_pending_update.present?
render_epp_response "/epp/domains/success#{'_pending' if pending}"
end
def delete
authorize! :delete, @domain, @password
# all includes for bullet
@domain = Epp::Domain.where(id: @domain.id).includes(nameservers: :versions).first
handle_errors(@domain) and return unless @domain.can_be_deleted?
(handle_errors(@domain) && return) unless @domain.can_be_deleted?
if @domain.epp_destroy(params[:parsed_frame], current_user.id)
if @domain.epp_pending_delete.present?
@ -242,7 +237,7 @@ module Epp
mutually_exclusive 'keyData', 'dsData'
@prefix = nil
requires 'extension > extdata > legalDocument'
requires 'extension > extdata > legalDocument' if current_user.legaldoc_mandatory?
optional_attribute 'period', 'unit', values: %w(d m y)
@ -251,7 +246,7 @@ module Epp
def validate_update
if element_count('update > chg > registrant') > 0
requires 'extension > extdata > legalDocument'
requires 'extension > extdata > legalDocument' if current_user.legaldoc_mandatory?
end
@prefix = 'update > update >'
@ -261,8 +256,6 @@ module Epp
end
def validate_delete
requires 'extension > extdata > legalDocument'
@prefix = 'delete > delete >'
requires 'name'
end
@ -313,6 +306,7 @@ module Epp
def status_editing_disabled
return true if Setting.client_status_editing_enabled
return true if check_client_hold
return true if params[:parsed_frame].css('status').empty?
epp_errors << {
code: '2306',
@ -320,6 +314,11 @@ module Epp
}
end
def check_client_hold
statuses = params[:parsed_frame].css('status').map { |element| element['s'] }
statuses == [::DomainStatus::CLIENT_HOLD]
end
def balance_ok?(operation, period = nil, unit = nil)
@domain_pricelist = @domain.pricelist(operation, period.try(:to_i), unit)
if @domain_pricelist.try(:price) # checking if price list is not found

5
app/controllers/epp/errors_controller.rb
View file

@ -6,10 +6,5 @@ module Epp
epp_errors << { code: params[:code], msg: params[:msg] }
render_epp_response '/epp/error'
end
def not_found
epp_errors << { code: 2400, msg: t(:could_not_determine_object_type_check_xml_format_and_namespaces) }
render_epp_response '/epp/error'
end
end
end

63
app/controllers/epp/keyrelays_controller.rb
View file

@ -1,63 +0,0 @@
module Epp
class KeyrelaysController < BaseController
skip_authorization_check # TODO: move authorization under ability
def keyrelay
# keyrelay temp turned off
@domain = find_domain
handle_errors(@domain) and return unless @domain
handle_errors(@domain) and return unless @domain.authenticate(params[:parsed_frame].css('pw').text)
handle_errors(@domain) and return unless @domain.keyrelay(params[:parsed_frame], current_user.registrar)
render_epp_response '/epp/shared/success'
end
private
def validate_keyrelay
@prefix = 'keyrelay >'
requires(
'name',
'keyData', 'keyData > pubKey', 'keyData > flags', 'keyData > protocol', 'keyData > alg',
'authInfo', 'authInfo > pw'
)
optional 'expiry > relative', duration_iso8601: true
optional 'expiry > absolute', date_time_iso8601: true
exactly_one_of 'expiry > relative', 'expiry > absolute'
end
def find_domain
domain_name = params[:parsed_frame].css('name').text.strip.downcase
# keyrelay temp turned off
epp_errors << {
code: '2307',
msg: I18n.t(:unimplemented_object_service),
value: { obj: 'name', val: domain_name }
}
nil
# end of keyrelay temp turned off
# domain = Epp::Domain.includes(:registrant).find_by(name: domain_name)
# unless domain
# epp_errors << {
# code: '2303',
# msg: I18n.t('errors.messages.epp_domain_not_found'),
# value: { obj: 'name', val: domain_name }
# }
# return nil
# end
# domain
end
def resource
@domain
end
end
end

6
app/controllers/epp/polls_controller.rb
View file

@ -29,11 +29,7 @@ module Epp
end
end
if @notification.attached_obj_type == 'Keyrelay'
render_epp_response 'epp/poll/poll_keyrelay'
else
render_epp_response 'epp/poll/poll_req'
end
render_epp_response 'epp/poll/poll_req'
end
def ack_poll

4
app/controllers/epp/sessions_controller.rb
View file

@ -1,6 +1,7 @@
module Epp
class SessionsController < BaseController
skip_authorization_check only: [:hello, :login, :logout]
before_action :set_paper_trail_whodunnit
def hello
render_epp_response('greeting')
@ -25,7 +26,8 @@ module Epp
end
if !Rails.env.development? && (!webclient_request && @api_user)
unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
unless @api_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'],
request.env['HTTP_SSL_CLIENT_S_DN_CN'])
epp_errors << {
msg: 'Authentication error; server closing connection (certificate is not valid)',
code: '2501'

15
app/controllers/registrant/contacts_controller.rb
View file

@ -1,10 +1,12 @@
class Registrant::ContactsController < RegistrantController
helper_method :domain
helper_method :fax_enabled?
helper_method :domain_filter_params
skip_authorization_check only: %i[edit update]
before_action :set_contact, only: [:show]
def show
@contact = current_user_contacts.find(params[:id])
@requester_contact = Contact.find_by(ident: current_registrant_user.ident)
authorize! :read, @contact
end
@ -29,6 +31,13 @@ class Registrant::ContactsController < RegistrantController
private
def set_contact
id = params[:id]
contact = domain.contacts.find_by(id: id) || current_user_contacts.find_by(id: id)
contact ||= Contact.find_by(id: id, ident: domain.registrant.ident)
@contact = contact
end
def domain
current_user_domains.find(params[:domain_id])
end
@ -99,4 +108,8 @@ class Registrant::ContactsController < RegistrantController
http.request(request)
end
end
def domain_filter_params
params.permit(:domain_filter)
end
end

35
app/controllers/registrant/domain_delete_confirms_controller.rb
View file

@ -4,6 +4,7 @@ class Registrant::DomainDeleteConfirmsController < RegistrantController
def show
return if params[:confirmed] || params[:rejected]
@domain = Domain.find(params[:id])
@domain = nil unless @domain.registrant_delete_confirmable?(params[:token])
end
@ -16,28 +17,28 @@ class Registrant::DomainDeleteConfirmsController < RegistrantController
end
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
domain_name: @domain.name,
verification_token: params[:token])
initiator = current_registrant_user ? current_registrant_user.username :
t(:user_not_authenticated)
if params[:rejected]
if @registrant_verification.domain_registrant_delete_reject!("email link #{initiator}")
flash[:notice] = t(:registrant_domain_verification_rejected)
redirect_to registrant_domain_delete_confirm_path(@domain.id, rejected: true)
else
flash[:alert] = t(:registrant_domain_delete_rejected_failed)
return render 'show'
end
elsif params[:confirmed]
if @registrant_verification.domain_registrant_delete_confirm!("email link #{initiator}")
flash[:notice] = t(:registrant_domain_verification_confirmed)
redirect_to registrant_domain_delete_confirm_path(@domain.id, confirmed: true)
else
flash[:alert] = t(:registrant_domain_delete_confirmed_failed)
return render 'show'
end
confirmed = params[:confirmed] ? true : false
action = if confirmed
@registrant_verification.domain_registrant_delete_confirm!("email link #{initiator}")
else
@registrant_verification.domain_registrant_delete_reject!("email link #{initiator}")
end
fail_msg = t("registrant_domain_delete_#{confirmed ? 'confirmed' : 'rejected'}_failed".to_sym)
success_msg = t("registrant_domain_verification_#{confirmed ? 'confirmed' : 'rejected'}".to_sym)
flash[:alert] = action ? success_msg : fail_msg
(render 'show' && return) unless action
if confirmed
redirect_to registrant_domain_delete_confirm_path(@domain.id, confirmed: true)
else
redirect_to registrant_domain_delete_confirm_path(@domain.id, rejected: true)
end
end
end

3
app/controllers/registrant/domain_update_confirms_controller.rb
View file

@ -16,7 +16,6 @@ class Registrant::DomainUpdateConfirmsController < RegistrantController
end
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
domain_name: @domain.name,
verification_token: params[:token])
initiator = current_registrant_user ? current_registrant_user.username :
@ -32,6 +31,8 @@ class Registrant::DomainUpdateConfirmsController < RegistrantController
end
elsif params[:confirmed]
if @registrant_verification.domain_registrant_change_confirm!("email link, #{initiator}")
Dispute.close_by_domain(@domain.name) if @domain.disputed?
flash[:notice] = t(:registrant_domain_verification_confirmed)
redirect_to registrant_domain_update_confirm_path(@domain.id, confirmed: true)
else

48
app/controllers/registrant/domains_controller.rb
View file

@ -4,11 +4,29 @@ class Registrant::DomainsController < RegistrantController
params[:q] ||= {}
normalize_search_parameters do
@q = current_user_domains.search(params[:q])
@domains = @q.result.page(params[:page])
@q = current_user_domains.search(search_params)
end
@domains = @domains.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
domains = @q.result
respond_to do |format|
format.html do
@domains = domains.page(params[:page])
domains_per_page = params[:results_per_page].to_i
@domains = @domains.per(domains_per_page) if domains_per_page.positive?
end
format.csv do
raw_csv = @q.result.to_csv
send_data raw_csv, filename: 'domains.csv', type: "#{Mime[:csv]}; charset=utf-8"
end
format.pdf do
view = ActionView::Base.new(ActionController::Base.view_paths, domains: domains)
raw_html = view.render(file: 'registrant/domains/list_pdf', layout: false)
raw_pdf = domains.pdf(raw_html)
send_data raw_pdf, filename: 'domains.pdf'
end
end
end
def show
@ -32,23 +50,6 @@ class Registrant::DomainsController < RegistrantController
end
end
def download_list
authorize! :view, :registrant_domains
params[:q] ||= {}
normalize_search_parameters do
@q = current_user_domains.search(params[:q])
@domains = @q
end
respond_to do |format|
format.csv { render text: @domains.result.to_csv }
format.pdf do
pdf = @domains.result.pdf(render_to_string('registrant/domains/download_list', layout: false))
send_data pdf, filename: 'domains.pdf'
end
end
end
private
def normalize_search_parameters
@ -70,4 +71,9 @@ class Registrant::DomainsController < RegistrantController
registrant_domain_delete_confirm_url(token: domain.registrant_verification_token)
end
end
end
def search_params
params.require(:q).permit(:name_matches, :registrant_ident_eq, :valid_to_gteq, :valid_to_lteq,
:results_per_page)
end
end

3
app/controllers/registrant_controller.rb
View file

@ -1,5 +1,6 @@
class RegistrantController < ApplicationController
before_action :authenticate_registrant_user!
before_action :set_paper_trail_whodunnit
layout 'registrant/application'
include Registrant::ApplicationHelper
@ -33,4 +34,4 @@ class RegistrantController < ApplicationController
flash.now[:notice] = t('registrant.company_register_unavailable')
current_registrant_user.direct_domains
end
end
end

1
app/controllers/registrar/base_controller.rb
View file

@ -6,6 +6,7 @@ class Registrar
before_action :check_ip_restriction
helper_method :depp_controller?
helper_method :head_title_sufix
before_action :set_paper_trail_whodunnit
protected

87
app/controllers/registrar/contacts_controller.rb
View file

@ -3,6 +3,7 @@ class Registrar
before_action :init_epp_contact
helper_method :address_processing?
helper_method :ident_types
helper_method :domain_filter_params
def index
authorize! :view, Depp::Contact
@ -16,51 +17,40 @@ class Registrar
search_params[:registrant_domains_id_not_null] = 1
end
if search_params.length == 1 && search_params[:name_matches].present?
@contacts = Contact.find_by(name: search_params[:name_matches])
end
contacts = current_registrar_user.registrar.contacts.includes(:registrar)
status_list = params[:statuses_contains]
if params[:statuses_contains]
contacts = current_registrar_user.registrar.contacts.includes(:registrar).where(
"contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}"
)
else
contacts = current_registrar_user.registrar.contacts.includes(:registrar)
if status_list
contacts_ids = contacts.select { |c| (c.statuses & status_list.to_a) == status_list.to_a }
.map(&:id)
contacts = contacts.where(id: contacts_ids)
end
normalize_search_parameters do
@q = contacts.search(search_params)
@contacts = @q.result(distinct: :true).page(params[:page])
end
@contacts = @contacts.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
end
def download_list
authorize! :view, Depp::Contact
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@contacts = Contact.find_by(name: params[:q][:name_matches])
end
contacts = current_registrar_user.registrar.contacts.includes(:registrar)
contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains]
normalize_search_parameters do
@q = contacts.search(params[:q])
@contacts = @q.result
end
contacts = @q.result
respond_to do |format|
format.csv { render text: @contacts.to_csv }
format.html do
contacts_per_page = params[:results_per_page].to_i
@contacts = contacts.page(params[:page])
@contacts = @contacts.per(contacts_per_page) if contacts_per_page.positive?
end
format.csv do
raw_csv = contacts.to_csv
send_data raw_csv, filename: 'contacts.csv', type: "#{Mime[:csv]}; charset=utf-8"
end
format.pdf do
pdf = @contacts.pdf(render_to_string('registrar/contacts/download_list', layout: false))
send_data pdf, filename: 'contacts.pdf'
view = ActionView::Base.new(ActionController::Base.view_paths, contacts: contacts)
view.class_eval { include ::ApplicationHelper }
raw_html = view.render(file: 'registrar/contacts/list_pdf', layout: false)
raw_pdf = contacts.pdf(raw_html)
send_data raw_pdf, filename: 'contacts.pdf'
end
end
end
def new
@ -80,7 +70,7 @@ class Registrar
def create
authorize! :create, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
@contact = Depp::Contact.new(contact_params)
if @contact.save
redirect_to registrar_contact_url(@contact.id)
@ -91,9 +81,9 @@ class Registrar
def update
authorize! :edit, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
@contact = Depp::Contact.new(contact_params)
if @contact.update_attributes(params[:depp_contact])
if @contact.update_attributes(contact_params)
redirect_to registrar_contact_url(@contact.id)
else
render 'edit'
@ -107,7 +97,7 @@ class Registrar
def destroy
authorize! :delete, Depp::Contact
@contact = Depp::Contact.new(params[:depp_contact])
@contact = Depp::Contact.new(contact_params_for_delete)
if @contact.delete
redirect_to registrar_contacts_url, notice: t(:destroyed)
@ -116,6 +106,12 @@ class Registrar
end
end
protected
def domain_filter_params
params.permit(:domain_filter)
end
private
def init_epp_contact
@ -143,5 +139,22 @@ class Registrar
def ident_types
Contact::Ident.types
end
def contact_params
params.require(:depp_contact).permit(:id,
:name,
:email,
:phone,
:org_name,
:ident, :ident_type, :ident_country_code,
:street, :city, :zip, :state, :country_code,
:password,
:legal_document,
:code)
end
def contact_params_for_delete
params.require(:depp_contact).permit(:id, :password, :legal_document)
end
end
end

2
app/controllers/registrar/current_user_controller.rb
View file

@ -6,7 +6,7 @@ class Registrar
raise 'Cannot switch to unlinked user' unless current_registrar_user.linked_with?(new_user)
sign_in(:registrar_user, new_user)
redirect_to :back, notice: t('.switched', new_user: new_user)
redirect_back(fallback_location: root_path, notice: t('.switched', new_user: new_user))
end
private

76
app/controllers/registrar/domains_controller.rb
View file

@ -2,16 +2,17 @@ class Registrar
class DomainsController < DeppController
before_action :init_domain, except: :new
helper_method :contacts
helper_method :search_params
def index
authorize! :view, Depp::Domain
params[:q] ||= {}
params[:q].delete_if { |_k, v| v.blank? }
if params[:q].length == 1 && params[:q][:name_matches].present?
@domain = Domain.find_by(name: params[:q][:name_matches])
if @domain
redirect_to info_registrar_domains_url(domain_name: @domain.name) and return
if search_params.to_h.delete_if { |_key, value| value.blank? }.length == 1 &&
search_params[:name_matches].present?
domain = Domain.find_by(name: search_params[:name_matches])
if domain
redirect_to info_registrar_domains_url(domain_name: domain.name) and return
end
end
@ -24,15 +25,15 @@ class Registrar
end
normalize_search_parameters do
@q = domains.search(params[:q])
@q = domains.search(search_params)
@domains = @q.result.page(params[:page])
if @domains.count == 0 && params[:q][:name_matches] !~ /^%.+%$/
# if we do not get any results, add wildcards to the name field and search again
n_cache = params[:q][:name_matches]
params[:q][:name_matches] = "%#{params[:q][:name_matches]}%"
@q = domains.search(params[:q])
# if we do not get any results, add wildcards to the name field and search again
if @domains.count == 0 && search_params[:name_matches] !~ /^%.+%$/
new_search_params = search_params.to_h
new_search_params[:name_matches] = "%#{new_search_params[:name_matches]}%"
@q = domains.search(new_search_params)
@domains = @q.result.page(params[:page])
params[:q][:name_matches] = n_cache # we don't want to show wildcards in search form
end
end
@ -47,9 +48,10 @@ class Registrar
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
end
csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters, view: view_context).to_s
raw_csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters,
view: view_context).to_s
filename = "Domains_#{l(Time.zone.now, format: :filename)}.csv"
send_data(csv, filename: filename)
send_data raw_csv, filename: filename, type: "#{Mime[:csv]}; charset=utf-8"
end
end
end
@ -57,6 +59,7 @@ class Registrar
def info
authorize! :info, Depp::Domain
@data = @domain.info(params[:domain_name]) if params[:domain_name]
@client_holded = client_holded(@data)
if response_ok?
render 'info'
else
@ -83,7 +86,7 @@ class Registrar
def create
authorize! :create, Depp::Domain
@domain_params = params[:domain]
@domain_params = domain_params.to_h
@data = @domain.create(@domain_params)
if response_ok?
@ -97,12 +100,14 @@ class Registrar
authorize! :update, Depp::Domain
@data = @domain.info(params[:domain_name])
@domain_params = Depp::Domain.construct_params_from_server_data(@data)
@dispute = Dispute.active.find_by(domain_name: params[:domain_name])
end
def update
authorize! :update, Depp::Domain
@domain_params = params[:domain]
@data = @domain.update(@domain_params)
@dispute = Dispute.active.find_by(domain_name: @domain_params[:name])
if response_ok?
redirect_to info_registrar_domains_url(domain_name: @domain_params[:name])
@ -151,29 +156,60 @@ class Registrar
render json: scope.pluck(:name, :code).map { |c| { display_key: "#{c.second} #{c.first}", value: c.second } }
end
def remove_hold
authorize! :remove_hold, Depp::Domain
return unless params[:domain_name]
@data = @domain.remove_hold(params)
flash[:alert] = @data.css('msg').text unless response_ok?
redirect_to info_registrar_domains_url(domain_name: params[:domain_name])
end
private
def init_domain
@domain = Depp::Domain.new(current_user: depp_current_user)
end
def client_holded(data)
data.css('status')&.map { |element| element.attribute('s').value }
&.any? { |status| status == DomainStatus::CLIENT_HOLD }
end
def contacts
current_registrar_user.registrar.contacts
end
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
ca_cache = search_params[:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
end_time = search_params[:valid_to_lteq].try(:to_date)
search_params[:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
search_params[:valid_to_lteq] = ca_cache
end
def search_params
params.fetch(:q, {}).permit(:name_matches,
:registrant_ident_eq,
:contacts_ident_eq,
:nameservers_hostname_eq,
:valid_to_gteq,
:valid_to_lteq,
:s)
end
def domain_params
params.require(:domain).permit(:name, :period, :registrant, :registrant_helper, :reserved_pw,
:verified, :legal_document, contacts_attributes: {},
nameservers_attributes: {},
dnskeys_attributes: {})
end
end
end

20
app/controllers/registrar/keyrelays_controller.rb
View file

@ -1,20 +0,0 @@
class Registrar
class KeyrelaysController < DeppController
def show
authorize! :view, Depp::Keyrelay
end
def create
authorize! :create, Depp::Keyrelay
keyrelay = Depp::Keyrelay.new(current_user: depp_current_user)
@data = keyrelay.keyrelay(params)
if response_ok?
flash[:epp_results] = [{ 'code' => '1000', 'msg' => 'Command completed successfully', 'show' => true }]
redirect_to registrar_keyrelay_path
else
render 'show'
end
end
end
end

65
app/controllers/registrar/payments_controller.rb
View file

@ -5,48 +5,51 @@ class Registrar
skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_registrar_user!, :check_ip_restriction,
only: [:back, :callback]
before_action :check_supported_payment_method
before_action :check_supported_payment_method, only: [:pay]
def pay
invoice = Invoice.find(params[:invoice_id])
bank = params[:bank]
opts = {
return_url: registrar_return_payment_with_url(
bank, invoice_id: invoice
),
response_url: registrar_response_payment_with_url(
bank, invoice_id: invoice
)
}
@payment = ::PaymentOrders.create_with_type(bank, invoice, opts)
@payment.create_transaction
channel = params[:bank]
@payment_order = PaymentOrder.new_with_type(type: channel, invoice: invoice)
@payment_order.save
@payment_order.reload
@payment_order.return_url = registrar_return_payment_with_url(@payment_order)
@payment_order.response_url = registrar_response_payment_with_url(@payment_order)
@payment_order.save
@payment_order.reload
end
def back
invoice = Invoice.find(params[:invoice_id])
opts = { response: params }
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
if @payment.valid_response_from_intermediary? && @payment.settled_payment?
@payment.complete_transaction
@payment_order = PaymentOrder.find_by!(id: params[:payment_order])
@payment_order.update!(response: params.to_unsafe_h)
if invoice.paid?
flash[:notice] = t(:pending_applied)
if @payment_order.payment_received?
@payment_order.complete_transaction
if @payment_order.invoice.paid?
flash[:notice] = t('.payment_successful')
else
flash[:alert] = t(:something_wrong)
flash[:alert] = t('.successful_payment_backend_error')
end
else
flash[:alert] = t(:something_wrong)
@payment_order.create_failure_report
flash[:alert] = t('.payment_not_received')
end
redirect_to registrar_invoice_path(invoice)
redirect_to registrar_invoice_path(@payment_order.invoice)
end
def callback
invoice = Invoice.find(params[:invoice_id])
opts = { response: params }
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
@payment_order = PaymentOrder.find_by!(id: params[:payment_order])
@payment_order.update!(response: params.to_unsafe_h)
if @payment.valid_response_from_intermediary? && @payment.settled_payment?
@payment.complete_transaction
if @payment_order.payment_received?
@payment_order.complete_transaction
else
@payment_order.create_failure_report
end
render status: 200, json: { status: 'ok' }
@ -55,13 +58,9 @@ class Registrar
private
def check_supported_payment_method
return if supported_payment_method?
raise StandardError.new("Not supported payment method")
end
return if PaymentOrder.supported_method?(params[:bank], shortname: true)
def supported_payment_method?
PaymentOrders::PAYMENT_METHODS.include?(params[:bank])
raise(StandardError, 'Not supported payment method')
end
end
end

15
app/controllers/registrar/polls_controller.rb
View file

@ -26,21 +26,6 @@ class Registrar
render 'show'
end
# TODO: Keyrelay is disabled for now
# def confirm_keyrelay
# authorize! :confirm, :keyrelay
# domain_params = params[:domain]
# @data = @domain.confirm_keyrelay(domain_params)
# if response_ok?
# redirect_to info_registrar_domains_url(domain_name: domain_params[:name])
# else
# @results = @data.css('result')
# @data = depp_current_user.request(@ex.poll)
# render 'show'
# end
# end
def confirm_transfer
domain_params = params[:domain]
@data = @domain.confirm_transfer(domain_params)

9
app/controllers/registrar/sessions_controller.rb
View file

@ -31,7 +31,8 @@ class Registrar
end
if @depp_user.pki
unless @api_user.registrar_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
unless @api_user.pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'],
request.env['HTTP_SSL_CLIENT_S_DN_CN'], api: false)
@depp_user.errors.add(:base, :invalid_cert)
end
end
@ -55,7 +56,7 @@ class Registrar
ip_allowed = restricted_ip.can_access_registrar_area?(resource.registrar)
unless ip_allowed
render text: t('registrar.authorization.ip_not_allowed', ip: request.ip)
render plain: t('registrar.authorization.ip_not_allowed', ip: request.ip)
warden.logout(:registrar_user)
return
end
@ -171,7 +172,7 @@ class Registrar
return if allowed
render text: t('registrar.authorization.ip_not_allowed', ip: request.ip)
render plain: t('registrar.authorization.ip_not_allowed', ip: request.ip)
end
def current_ability
@ -205,4 +206,4 @@ class Registrar
redirect_to new_registrar_user_session_url, alert: @depp_user.errors.full_messages.first
end
end
end
end

2
app/controllers/registrar/xml_consoles_controller.rb
View file

@ -19,7 +19,7 @@ class Registrar
xml_dir_path = Rails.root + 'app/views/registrar/xml_consoles/epp_requests'
xml = File.read("#{xml_dir_path}/#{params[:obj]}/#{params[:epp_action]}.xml")
xml.gsub!('<clTRID>ABC-12345</clTRID>', "<clTRID>#{cl_trid}</clTRID>")
render text: xml
render plain: xml
end
end
end

23
app/controllers/repp/v1/auctions_controller.rb Normal file
View file

@ -0,0 +1,23 @@
module Repp
module V1
class AuctionsController < ActionController::API
def index
auctions = Auction.started
render json: { count: auctions.count,
auctions: auctions_to_json(auctions) }
end
private
def auctions_to_json(auctions)
auctions.map do |e|
{
domain_name: e.domain,
punycode_domain_name: SimpleIDN.to_ascii(e.domain),
}
end
end
end
end
end

15
app/controllers/repp/v1/retained_domains_controller.rb Normal file
View file

@ -0,0 +1,15 @@
module Repp
module V1
class RetainedDomainsController < ActionController::API
def index
domains = RetainedDomains.new(query_params)
render json: { count: domains.count, domains: domains.to_jsonable }
end
def query_params
params.permit(:type)
end
end
end
end

24
app/helpers/application_helper.rb
View file

@ -33,6 +33,18 @@ module ApplicationHelper
end
end
def current_commit_link
hash = `git rev-parse --short HEAD`
current_repo = `git remote get-url origin`.gsub('com:', 'com/')
.gsub('git@', 'https://')
.gsub('.git', '')
link_to hash.to_s, "#{current_repo}/commit/#{hash}",
class: 'footer-version-link',
target: '_blank',
rel: 'noopener'
end
def creator_link(model)
return 'not present' if model.blank?
return 'unknown' if model.creator.blank?
@ -96,4 +108,14 @@ module ApplicationHelper
def body_css_class
[controller_path.split('/').map!(&:dasherize), action_name.dasherize, 'page'].join('-')
end
end
def verified_email_span(verification)
content_tag(:span, verification.email, class: verified_email_class(verification))
end
def verified_email_class(verification)
return 'text-danger' if verification.failed?
return 'text-primary' if verification.not_verified?
return 'text-success' if verification.verified?
end
end

125
app/jobs/directo_invoice_forward_job.rb Normal file
View file

@ -0,0 +1,125 @@
class DirectoInvoiceForwardJob < Que::Job
def run(monthly: false, dry: false)
@dry = dry
(@month = Time.zone.now - 1.month) if monthly
api_url = ENV['directo_invoice_url']
sales_agent = Setting.directo_sales_agent
payment_term = Setting.directo_receipt_payment_term
@prepayment_product_id = Setting.directo_receipt_product_name
@client = DirectoApi::Client.new(api_url, sales_agent, payment_term)
monthly ? send_monthly_invoices : send_receipts
end
def send_receipts
unsent_invoices = Invoice.where(in_directo: false).non_cancelled
Rails.logger.info("[DIRECTO] Trying to send #{unsent_invoices.count} prepayment invoices")
unsent_invoices.each do |invoice|
unless valid_invoice_conditions?(invoice)
Rails.logger.info "[DIRECTO] Invoice #{invoice.number} has been skipped"
next
end
@client.invoices.add_with_schema(invoice: invoice.as_directo_json, schema: 'prepayment')
end
sync_with_directo
end
def send_monthly_invoices
Registrar.where.not(test_registrar: true).find_each do |registrar|
fetch_monthly_summary(registrar: registrar)
end
return unless @client.invoices.count.positive?
sync_with_directo
end
def fetch_monthly_summary(registrar:)
return unless registrar.cash_account
summary = registrar.monthly_summary(month: @month)
@client.invoices.add_with_schema(invoice: summary, schema: 'summary') unless summary.nil?
end
def assign_monthly_numbers
if directo_counter_exceedable?(@client.invoices.count)
raise 'Directo Counter is going to be out of period!'
end
min_directo = Setting.directo_monthly_number_min.presence.try(:to_i)
directo_number = [Setting.directo_monthly_number_last.presence.try(:to_i),
min_directo].compact.max || 0
@client.invoices.each do |inv|
directo_number += 1
inv.number = directo_number
end
end
def valid_invoice_conditions?(invoice)
if invoice.account_activity.nil? || invoice.account_activity.bank_transaction.nil? ||
invoice.account_activity.bank_transaction.sum.nil? ||
invoice.account_activity.bank_transaction.sum != invoice.total
return false
end
true
end
def sync_with_directo
assign_monthly_numbers if @month
Rails.logger.info("[Directo] - attempting to send following XML:\n #{@client.invoices.as_xml}")
return if @dry
res = @client.invoices.deliver(ssl_verify: false)
process_directo_response(res.body, @client.invoices.as_xml)
rescue SocketError, Errno::ECONNREFUSED, Timeout::Error, Errno::EINVAL, Errno::ECONNRESET,
EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError
Rails.logger.info('[Directo] Failed to communicate via API')
end
def process_directo_response(xml, req)
Rails.logger.info "[Directo] - Responded with body: #{xml}"
Nokogiri::XML(xml).css('Result').each do |res|
if @month
mark_invoice_as_sent(res: res, req: req)
else
inv = Invoice.find_by(number: res.attributes['docid'].value.to_i)
mark_invoice_as_sent(invoice: inv, res: res, req: req)
end
end
end
def mark_invoice_as_sent(invoice: nil, res:, req:)
directo_record = Directo.new(response: res.as_json.to_h,
request: req, invoice_number: res.attributes['docid'].value.to_i)
if invoice
directo_record.item = invoice
invoice.update(in_directo: true)
else
update_directo_number(num: directo_record.invoice_number)
end
directo_record.save!
end
def update_directo_number(num:)
return unless num.to_i > Setting.directo_monthly_number_last.to_i
Setting.directo_monthly_number_last = num.to_i
end
def directo_counter_exceedable?(invoice_count)
min_directo = Setting.directo_monthly_number_min.presence.try(:to_i)
max_directo = Setting.directo_monthly_number_max.presence.try(:to_i)
last_directo = [Setting.directo_monthly_number_last.presence.try(:to_i),
min_directo].compact.max || 0
return true if max_directo && max_directo < (last_directo + invoice_count)
false
end
end

63
app/jobs/dispute_status_update_job.rb Normal file
View file

@ -0,0 +1,63 @@
class DisputeStatusUpdateJob < Que::Job
def run(logger: Logger.new(STDOUT))
@logger = logger
@backlog = { 'activated': 0, 'closed': 0, 'activate_fail': [], 'close_fail': [] }
.with_indifferent_access
close_disputes
activate_disputes
@logger.info "DisputeStatusUpdateJob - All done. Closed #{@backlog['closed']} and " \
"activated #{@backlog['activated']} disputes."
show_failed_disputes unless @backlog['activate_fail'].empty? && @backlog['close_fail'].empty?
end
def close_disputes
disputes = Dispute.where(closed: nil).where('expires_at < ?', Time.zone.today).all
@logger.info "DisputeStatusUpdateJob - Found #{disputes.count} closable disputes"
disputes.each do |dispute|
process_dispute(dispute, closing: true)
end
end
def activate_disputes
disputes = Dispute.where(closed: nil, starts_at: Time.zone.today).all
@logger.info "DisputeStatusUpdateJob - Found #{disputes.count} activatable disputes"
disputes.each do |dispute|
process_dispute(dispute, closing: false)
end
end
def process_dispute(dispute, closing: false)
intent = closing ? 'close' : 'activate'
success = closing ? dispute.close(initiator: 'Job') : dispute.generate_data
create_backlog_entry(dispute: dispute, intent: intent, successful: success)
end
def create_backlog_entry(dispute:, intent:, successful:)
if successful
@backlog["#{intent}d"] += 1
@logger.info "DisputeStatusUpdateJob - #{intent}d dispute " \
" for '#{dispute.domain_name}'"
else
@backlog["#{intent}_fail"] << dispute.id
@logger.info 'DisputeStatusUpdateJob - Failed to' \
"#{intent} dispute for '#{dispute.domain_name}'"
end
end
def show_failed_disputes
if @backlog['close_fail'].any?
@logger.info('DisputeStatusUpdateJob - Failed to close disputes with Ids:' \
"#{@backlog['close_fail']}")
end
return unless @backlog['activate_fail'].any?
@logger.info('DisputeStatusUpdateJob - Failed to activate disputes with Ids:' \
"#{@backlog['activate_fail']}")
end
end

2
app/jobs/domain_delete_confirm_job.rb
View file

@ -1,6 +1,6 @@
class DomainDeleteConfirmJob < Que::Job
def run(domain_id, action, initiator = nil)
::PaperTrail.whodunnit = "job - #{self.class.name} - #{action} by #{initiator}"
::PaperTrail.request.whodunnit = "job - #{self.class.name} - #{action} by #{initiator}"
# it's recommended to keep transaction against job table as short as possible.
ActiveRecord::Base.transaction do
domain = Epp::Domain.find(domain_id)

2
app/jobs/domain_delete_job.rb
View file

@ -3,7 +3,7 @@ class DomainDeleteJob < Que::Job
def run(domain_id)
domain = Domain.find(domain_id)
::PaperTrail.whodunnit = "job - #{self.class.name}"
::PaperTrail.request.whodunnit = "job - #{self.class.name}"
WhoisRecord.where(domain_id: domain.id).destroy_all
domain.destroy

2
app/jobs/domain_update_confirm_job.rb
View file

@ -1,6 +1,6 @@
class DomainUpdateConfirmJob < Que::Job
def run(domain_id, action, initiator = nil)
::PaperTrail.whodunnit = "job - #{self.class.name} - #{action} by #{initiator}"
::PaperTrail.request.whodunnit = "job - #{self.class.name} - #{action} by #{initiator}"
# it's recommended to keep transaction against job table as short as possible.
ActiveRecord::Base.transaction do
domain = Epp::Domain.find(domain_id)

11
app/jobs/regenerate_subzone_whoises_job.rb Normal file
View file

@ -0,0 +1,11 @@
class RegenerateSubzoneWhoisesJob < Que::Job
def run
subzones = DNS::Zone.all
subzones.each do |zone|
next unless zone.subzone?
UpdateWhoisRecordJob.enqueue zone.origin, 'zone'
end
end
end

43
app/jobs/send_e_invoice_job.rb Normal file
View file

@ -0,0 +1,43 @@
class SendEInvoiceJob < Que::Job
def run(invoice_id)
invoice = run_condition(Invoice.find_by(id: invoice_id))
invoice.to_e_invoice.deliver
ActiveRecord::Base.transaction do
invoice.update(e_invoice_sent_at: Time.zone.now)
log_success(invoice)
destroy
end
rescue StandardError => e
log_error(invoice: invoice, error: e)
raise e
end
private
def run_condition(invoice)
destroy unless invoice
destroy if invoice.do_not_send_e_invoice?
invoice
end
def log_success(invoice)
id = invoice.try(:id) || invoice
message = "E-Invoice for an invoice with ID # #{id} was sent successfully"
logger.info message
end
def log_error(invoice:, error:)
id = invoice.try(:id) || invoice
message = <<~TEXT.squish
There was an error sending e-invoice for invoice with ID # #{id}.
The error message was the following: #{error}
This job will retry.
TEXT
logger.error message
end
def logger
Rails.logger
end
end

51
app/jobs/update_whois_record_job.rb
View file

@ -1,16 +1,12 @@
class UpdateWhoisRecordJob < Que::Job
def run(names, type)
::PaperTrail.whodunnit = "job - #{self.class.name} - #{type}"
::PaperTrail.request.whodunnit = "job - #{self.class.name} - #{type}"
klass = case type
when 'reserved'then ReservedDomain
when 'blocked' then BlockedDomain
when 'domain' then Domain
end
klass = determine_class(type)
Array(names).each do |name|
record = klass.find_by(name: name)
record = find_record(klass, name)
if record
send "update_#{type}", record
else
@ -19,7 +15,19 @@ class UpdateWhoisRecordJob < Que::Job
end
end
def find_record(klass, name)
klass == DNS::Zone ? klass.find_by(origin: name) : klass.find_by(name: name)
end
def determine_class(type)
case type
when 'reserved' then ReservedDomain
when 'blocked' then BlockedDomain
when 'domain' then Domain
when 'disputed' then Dispute.active
when 'zone' then DNS::Zone
end
end
def update_domain(domain)
domain.whois_record ? domain.whois_record.save : domain.create_whois_record
@ -33,6 +41,13 @@ class UpdateWhoisRecordJob < Que::Job
update_reserved(record)
end
def update_disputed(record)
update_reserved(record)
end
def update_zone(record)
update_reserved(record)
end
# 1. deleting own
# 2. trying to regenerate reserved in order domain is still in the list
@ -41,14 +56,32 @@ class UpdateWhoisRecordJob < Que::Job
BlockedDomain.find_by(name: name).try(:generate_data)
ReservedDomain.find_by(name: name).try(:generate_data)
Dispute.active.find_by(domain_name: name).try(:generate_data)
end
def delete_reserved(name)
Domain.where(name: name).any?
Whois::Record.where(name: name).delete_all
remove_status_from_whois(domain_name: name, domain_status: 'Reserved')
end
def delete_blocked(name)
delete_reserved(name)
end
def delete_disputed(name)
return if Dispute.active.find_by(domain_name: name).present?
remove_status_from_whois(domain_name: name, domain_status: 'disputed')
end
def delete_zone(name)
WhoisRecord.where(name: name).destroy_all
Whois::Record.where(name: name).destroy_all
end
def remove_status_from_whois(domain_name:, domain_status:)
Whois::Record.where(name: domain_name).each do |r|
r.json['status'] = r.json['status'].delete_if { |status| status == domain_status }
r.json['status'].blank? ? r.destroy : r.save
end
end
end

45
app/jobs/verify_emails_job.rb Normal file
View file

@ -0,0 +1,45 @@
class VerifyEmailsJob < Que::Job
def run(verification_id)
email_address_verification = run_condition(EmailAddressVerification.find(verification_id))
return if email_address_verification.recently_verified?
ActiveRecord::Base.transaction do
email_address_verification.verify
log_success(email_address_verification)
destroy
end
rescue StandardError => e
log_error(verification: email_address_verification, error: e)
raise e
end
private
def run_condition(email_address_verification)
destroy unless email_address_verification
destroy if email_address_verification.recently_verified?
email_address_verification
end
def logger
@logger ||= Logger.new(Rails.root.join('log', 'email_verification.log'))
end
def log_success(verification)
email = verification.try(:email) || verification
message = "Email address #{email} verification done"
logger.info message
end
def log_error(verification:, error:)
email = verification.try(:email) || verification
message = <<~TEXT.squish
There was an error verifying email #{email}.
The error message was the following: #{error}
This job will retry.
TEXT
logger.error message
end
end

4
app/mailers/domain_delete_mailer.rb
View file

@ -39,10 +39,12 @@ class DomainDeleteMailer < ApplicationMailer
@registrant = RegistrantPresenter.new(registrant: registrant, view: view_context)
@redemption_grace_period = Setting.redemption_grace_period
@expire_warning_period = Setting.expire_warning_period
@delete_period_length = @redemption_grace_period + @expire_warning_period
subject = default_i18n_subject(domain_name: domain.name)
mail(from: forced_email_from,
to: domain.primary_contact_emails,
to: domain.force_delete_contact_emails,
subject: subject,
template_path: 'mailers/domain_delete_mailer/forced',
template_name: template_name)

6
app/models/ability.rb
View file

@ -34,8 +34,6 @@ class Ability
if @user.registrar.api_ip_white?(@ip)
can :manage, :poll
can :manage, Depp::Contact
# can :manage, Depp::Keyrelay # TODO: Keyrelay is disabled for now
# can :confirm, :keyrelay # TODO: Keyrelay is disabled for now
can :manage, :xml_console
can :manage, Depp::Domain
end
@ -52,6 +50,7 @@ class Ability
can(:check, Epp::Domain)
can(:create, Epp::Domain)
can(:renew, Epp::Domain) { |d| d.registrar_id == @user.registrar_id }
can(:remove_hold, Epp::Domain) { |d| d.registrar_id == @user.registrar_id }
can(:update, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.transfer_code == pw }
can(:transfer, Epp::Domain)
can(:delete, Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.transfer_code == pw }
@ -64,6 +63,7 @@ class Ability
can(:update, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:delete, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
can(:renew, Epp::Contact)
can(:transfer, Epp::Contact)
can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
end
@ -94,13 +94,13 @@ class Ability
can :manage, ApiUser
can :manage, AdminUser
can :manage, Certificate
can :manage, Keyrelay
can :manage, LegalDocument
can :manage, BankStatement
can :manage, BankTransaction
can :manage, Invoice
can :manage, WhiteIp
can :manage, AccountActivity
can :manage, Dispute
can :read, ApiLog::EppLog
can :read, ApiLog::ReppLog
can :update, :pending

2
app/models/account.rb
View file

@ -1,4 +1,4 @@
class Account < ActiveRecord::Base
class Account < ApplicationRecord
include Versions
belongs_to :registrar, required: true

2
app/models/account_activity.rb
View file

@ -1,4 +1,4 @@
class AccountActivity < ActiveRecord::Base
class AccountActivity < ApplicationRecord
include Versions
belongs_to :account, required: true
belongs_to :bank_transaction

6
app/models/action.rb
View file

@ -1,5 +1,5 @@
class Action < ActiveRecord::Base
has_paper_trail class_name: 'ActionVersion'
class Action < ApplicationRecord
has_paper_trail versions: { class_name: 'ActionVersion' }
belongs_to :user
belongs_to :contact
@ -16,4 +16,4 @@ class Action < ActiveRecord::Base
raise 'Action object is missing' unless contact
"contact_#{operation}".to_sym
end
end
end

105
app/models/actions/contact_update.rb Normal file
View file

@ -0,0 +1,105 @@
module Actions
class ContactUpdate
attr_reader :contact
attr_reader :new_attributes
attr_reader :legal_document
attr_reader :ident
attr_reader :user
def initialize(contact, new_attributes, legal_document, ident, user)
@contact = contact
@new_attributes = new_attributes
@legal_document = legal_document
@ident = ident
@user = user
end
def call
maybe_remove_address
maybe_update_statuses
maybe_update_ident
maybe_attach_legal_doc
commit
end
def maybe_remove_address
return if Contact.address_processing?
new_attributes.delete(:city)
new_attributes.delete(:zip)
new_attributes.delete(:street)
new_attributes.delete(:state)
new_attributes.delete(:country_code)
end
def maybe_update_statuses
return unless Setting.client_status_editing_enabled
new_statuses =
contact.statuses - new_attributes[:statuses_to_remove] + new_attributes[:statuses_to_add]
new_attributes[:statuses] = new_statuses
end
def maybe_attach_legal_doc
return unless legal_document
document = contact.legal_documents.create(
document_type: legal_document[:type],
body: legal_document[:body]
)
contact.legal_document_id = document.id
end
def maybe_update_ident
return unless ident[:ident]
if contact.identifier.valid?
submitted_ident = ::Contact::Ident.new(code: ident[:ident],
type: ident[:ident_type],
country_code: ident[:ident_country_code])
if submitted_ident != contact.identifier
contact.add_epp_error('2308', nil, nil, I18n.t('epp.contacts.errors.valid_ident'))
@error = true
end
else
ident_update_attempt = ident[:ident] != contact.ident
if ident_update_attempt
contact.add_epp_error('2308', nil, nil, I18n.t('epp.contacts.errors.ident_update'))
@error = true
end
identifier = ::Contact::Ident.new(code: ident[:ident],
type: ident[:ident_type],
country_code: ident[:ident_country_code])
identifier.validate
contact.identifier = identifier
contact.ident_updated_at ||= Time.zone.now
end
end
def commit
return false if @error
contact.upid = user.registrar&.id
contact.up_date = Time.zone.now
contact.attributes = new_attributes
email_changed = contact.will_save_change_to_email?
old_email = contact.email_was
updated = contact.save
if updated && email_changed && contact.registrant?
ContactMailer.email_changed(contact: contact, old_email: old_email).deliver_now
end
updated
end
end
end

2
app/models/admin_user.rb
View file

@ -4,7 +4,7 @@ class AdminUser < User
validates :identity_code, presence: true, if: -> { country_code == 'EE' }
validates :email, presence: true
validates :password, :password_confirmation, presence: true, if: :new_record?
validates :password_confirmation, presence: true, if: :encrypted_password_changed?
validates :password_confirmation, presence: true, if: :will_save_change_to_encrypted_password?
validate :validate_identity_code, if: -> { country_code == 'EE' }
ROLES = %w(user customer_service admin) # should not match to api_users roles

2
app/models/api_log/db.rb
View file

@ -1,5 +1,5 @@
module ApiLog
class Db < ActiveRecord::Base
class Db < ApplicationRecord
self.abstract_class = true
# to_sym is needed because passing a string to ActiveRecord::Base.establish_connection
# for a configuration lookup is deprecated

40
app/models/api_user.rb
View file

@ -26,9 +26,9 @@ class ApiUser < User
validates :username, uniqueness: true
delegate :code, :name, to: :registrar, prefix: true
delegate :legaldoc_mandatory?, to: :registrar
alias_attribute :login, :username
attr_accessor :registrar_typeahead
SUPER = 'super'
EPP = 'epp'
@ -44,7 +44,7 @@ class ApiUser < User
after_initialize :set_defaults
def set_defaults
return unless new_record?
self.active = true unless active_changed?
self.active = true unless saved_change_to_active?
end
class << self
@ -53,10 +53,6 @@ class ApiUser < User
end
end
def registrar_typeahead
@registrar_typeahead || registrar || nil
end
def to_s
username
end
@ -69,24 +65,14 @@ class ApiUser < User
registrar.notifications.unread
end
def registrar_pki_ok?(crt, cn)
return false if crt.blank? || cn.blank?
crt = crt.split(' ').join("\n")
crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
cert = OpenSSL::X509::Certificate.new(crt)
md5 = OpenSSL::Digest::MD5.new(cert.to_der).to_s
certificates.registrar.exists?(md5: md5, common_name: cn)
end
def pki_ok?(crt, com, api: true)
return false if crt.blank? || com.blank?
def api_pki_ok?(crt, cn)
return false if crt.blank? || cn.blank?
crt = crt.split(' ').join("\n")
crt.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
crt.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
cert = OpenSSL::X509::Certificate.new(crt)
origin = api ? certificates.api : certificates.registrar
cert = machine_readable_certificate(crt)
md5 = OpenSSL::Digest::MD5.new(cert.to_der).to_s
certificates.api.exists?(md5: md5, common_name: cn)
origin.exists?(md5: md5, common_name: com, revoked: false)
end
def linked_users
@ -98,4 +84,14 @@ class ApiUser < User
def linked_with?(another_api_user)
another_api_user.identity_code == self.identity_code
end
private
def machine_readable_certificate(cert)
cert = cert.split(' ').join("\n")
cert.gsub!("-----BEGIN\nCERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n")
cert.gsub!("\n-----END\nCERTIFICATE-----", "\n-----END CERTIFICATE-----")
OpenSSL::X509::Certificate.new(cert)
end
end

3
app/models/application_record.rb Normal file
View file

@ -0,0 +1,3 @@
class ApplicationRecord < ActiveRecord::Base
self.abstract_class = true
end

13
app/models/auction.rb
View file

@ -1,4 +1,4 @@
class Auction < ActiveRecord::Base
class Auction < ApplicationRecord
enum status: {
started: 'started',
awaiting_payment: 'awaiting_payment',
@ -23,10 +23,19 @@ class Auction < ActiveRecord::Base
save!
end
def whois_deadline
registration_deadline.try(:to_s, :iso8601)
end
def mark_as_no_bids
no_bids!
end
def mark_deadline(registration_deadline)
self.registration_deadline = registration_deadline
save!
end
def mark_as_payment_received
self.status = self.class.statuses[:payment_received]
generate_registration_code
@ -69,4 +78,4 @@ class Auction < ActiveRecord::Base
def registration_code_matches?(code)
registration_code == code
end
end
end

16
app/models/bank_statement.rb
View file

@ -1,4 +1,4 @@
class BankStatement < ActiveRecord::Base
class BankStatement < ApplicationRecord
include Versions
has_many :bank_transactions
@ -25,10 +25,16 @@ class BankStatement < ActiveRecord::Base
bank_transactions.build(bt_params)
end
prepare_dir
self.import_file_path = "#{ENV['bank_statement_import_dir']}/#{Time.zone.now.to_formatted_s(:number)}.txt"
File.open(import_file_path, 'w') { |f| f.write(th6_file.open.read) }
end
def prepare_dir
dirname = ENV['bank_statement_import_dir']
FileUtils.mkdir_p(dirname) unless File.directory?(dirname)
end
def parse_th6_row(row)
return parse_th6_header(row) if row[4, 3].strip == '000'
return if row[4, 3].strip == '999' # skip footer
@ -45,7 +51,7 @@ class BankStatement < ActiveRecord::Base
buyer_name: row[83, 35].strip,
document_no: row[118, 8].strip,
description: row[126, 140].strip,
sum: BigDecimal.new(row[268, 12].strip) / BigDecimal.new('100.0'),
sum: BigDecimal(row[268, 12].strip) / BigDecimal('100.0'),
reference_no: row[280, 35].strip
}
end
@ -80,7 +86,9 @@ class BankStatement < ActiveRecord::Base
status == FULLY_BINDED
end
def bind_invoices
bank_transactions.unbinded.each(&:autobind_invoice)
def bind_invoices(manual: false)
bank_transactions.unbinded.each do |transaction|
transaction.autobind_invoice(manual: manual)
end
end
end

97
app/models/bank_transaction.rb
View file

@ -1,4 +1,4 @@
class BankTransaction < ActiveRecord::Base
class BankTransaction < ApplicationRecord
include Versions
belongs_to :bank_statement
has_one :account_activity
@ -13,53 +13,72 @@ class BankTransaction < ActiveRecord::Base
def binded_invoice
return unless binded?
account_activity.invoice
end
def invoice_num
return @invoice_no if defined?(@invoice_no)
match = description.match(/^[^\d]*(\d+)/)
return unless match
@invoice_no = match[1].try(:to_i)
end
def invoice
@invoice ||= registrar.invoices.find_by(number: invoice_num) if registrar
return unless registrar
@invoice ||= registrar.invoices
.order(created_at: :asc)
.unpaid
.non_cancelled
.find_by(total: sum)
end
def registrar
@registrar ||= Invoice.find_by(reference_no: reference_no)&.buyer
@registrar ||= Invoice.find_by(reference_no: parsed_ref_number)&.buyer
end
# For successful binding, reference number, invoice id and sum must match with the invoice
def autobind_invoice
def autobind_invoice(manual: false)
return if binded?
return unless registrar
return unless invoice_num
return unless invoice
return unless invoice.payable?
return if invoice.total != sum
create_activity(registrar, invoice)
channel = if manual
'admin_payment'
else
'system_payment'
end
create_internal_payment_record(channel: channel, invoice: invoice,
registrar: registrar)
end
def bind_invoice(invoice_no)
def create_internal_payment_record(channel: nil, invoice:, registrar:)
if channel.nil?
create_activity(invoice.buyer, invoice)
return
end
payment_order = PaymentOrder.new_with_type(type: channel, invoice: invoice)
payment_order.save!
if create_activity(registrar, invoice)
payment_order.paid!
else
payment_order.update(notes: 'Failed to create activity', status: 'failed')
end
end
def bind_invoice(invoice_no, manual: false)
if binded?
errors.add(:base, I18n.t('transaction_is_already_binded'))
return
end
invoice = Invoice.find_by(number: invoice_no)
errors.add(:base, I18n.t('invoice_was_not_found')) unless invoice
validate_invoice_data(invoice)
return if errors.any?
unless invoice
errors.add(:base, I18n.t('invoice_was_not_found'))
return
end
create_internal_payment_record(channel: (manual ? 'admin_payment' : nil), invoice: invoice,
registrar: invoice.buyer)
end
def validate_invoice_data(invoice)
if invoice.paid?
errors.add(:base, I18n.t('invoice_is_already_binded'))
return
@ -70,23 +89,21 @@ class BankTransaction < ActiveRecord::Base
return
end
if invoice.total != sum
errors.add(:base, I18n.t('invoice_and_transaction_sums_do_not_match'))
return
end
create_activity(invoice.buyer, invoice)
errors.add(:base, I18n.t('invoice_and_transaction_sums_do_not_match')) if invoice.total != sum
end
def create_activity(registrar, invoice)
ActiveRecord::Base.transaction do
create_account_activity!(account: registrar.cash_account,
invoice: invoice,
sum: invoice.subtotal,
currency: currency,
description: description,
activity_type: AccountActivity::ADD_CREDIT)
activity = AccountActivity.new(
account: registrar.cash_account, bank_transaction: self,
invoice: invoice, sum: invoice.subtotal,
currency: currency, description: description,
activity_type: AccountActivity::ADD_CREDIT
)
if activity.save
reset_pending_registrar_balance_reload
true
else
false
end
end
@ -98,4 +115,12 @@ class BankTransaction < ActiveRecord::Base
registrar.settings['balance_auto_reload'].delete('pending')
registrar.save!
end
def parsed_ref_number
reference_no || ref_number_from_description
end
def ref_number_from_description
/(\d{7})/.match(description)[0]
end
end

2
app/models/billing/price.rb
View file

@ -1,5 +1,5 @@
module Billing
class Price < ActiveRecord::Base
class Price < ApplicationRecord
include Concerns::Billing::Price::Expirable
belongs_to :zone, class_name: 'DNS::Zone', required: true

2
app/models/blocked_domain.rb
View file

@ -1,4 +1,4 @@
class BlockedDomain < ActiveRecord::Base
class BlockedDomain < ApplicationRecord
include Versions
before_save :generate_data
after_destroy :remove_data

32
app/models/certificate.rb
View file

@ -1,6 +1,6 @@
require 'open3'
class Certificate < ActiveRecord::Base
class Certificate < ApplicationRecord
include Versions
belongs_to :api_user
@ -32,20 +32,21 @@ class Certificate < ActiveRecord::Base
errors.add(:base, I18n.t(:invalid_csr_or_crt))
end
before_create :parse_metadata
def parse_metadata
if crt
pc = parsed_crt.try(:subject).try(:to_s) || ''
cn = pc.scan(/\/CN=(.+)/).flatten.first
self.common_name = cn.split('/').first
self.md5 = OpenSSL::Digest::MD5.new(parsed_crt.to_der).to_s
self.interface = API
elsif csr
pc = parsed_csr.try(:subject).try(:to_s) || ''
cn = pc.scan(/\/CN=(.+)/).flatten.first
self.common_name = cn.split('/').first
self.interface = REGISTRAR
end
validate :assign_metadata, on: :create
def assign_metadata
origin = crt ? parsed_crt : parsed_csr
parse_metadata(origin)
rescue NoMethodError
errors.add(:base, I18n.t(:invalid_csr_or_crt))
end
def parse_metadata(origin)
pc = origin.subject.to_s
cn = pc.scan(%r{\/CN=(.+)}).flatten.first
self.common_name = cn.split('/').first
self.md5 = OpenSSL::Digest::MD5.new(origin.to_der).to_s if crt
self.interface = crt ? API : REGISTRAR
end
def parsed_crt
@ -116,6 +117,7 @@ class Certificate < ActiveRecord::Base
-revoke #{crt_file.path} -key '#{ENV['ca_key_password']}' -batch")
if err.match(/Data Base Updated/) || err.match(/ERROR:Already revoked/)
self.revoked = true
save!
@cached_status = REVOKED
else

2
app/models/concerns/contact/transferable.rb
View file

@ -3,7 +3,7 @@ module Concerns::Contact::Transferable
included do
validates :auth_info, presence: true
after_initialize :generate_auth_info, if: 'new_record? && auth_info.blank?'
after_initialize :generate_auth_info, if: -> { new_record? && auth_info.blank? }
end
def transfer(new_registrar)

44
app/models/concerns/domain/disputable.rb Normal file
View file

@ -0,0 +1,44 @@
# frozen_string_literal: true
module Concerns
module Domain
module Disputable
extend ActiveSupport::Concern
included do
validate :validate_disputed
end
def mark_as_disputed
statuses.push(DomainStatus::DISPUTED) unless statuses.include?(DomainStatus::DISPUTED)
save
end
def unmark_as_disputed
statuses.delete_if { |status| status == DomainStatus::DISPUTED }
save
end
def in_disputed_list?
@in_disputed_list ||= Dispute.active.find_by(domain_name: name).present?
end
def disputed?
Dispute.active.where(domain_name: name).any?
end
def validate_disputed
return if persisted? || !in_disputed_list?
if reserved_pw.blank?
errors.add(:base, :required_parameter_missing_disputed)
return false
end
return if Dispute.valid_auth?(name, reserved_pw)
errors.add(:base, :invalid_auth_information_reserved)
end
end
end
end

114
app/models/concerns/domain/force_delete.rb
View file

@ -1,32 +1,116 @@
module Concerns::Domain::ForceDelete
module Concerns::Domain::ForceDelete # rubocop:disable Metrics/ModuleLength
extend ActiveSupport::Concern
included do
store_accessor :force_delete_data,
:force_delete_type,
:contact_notification_sent_date,
:template_name
scope :notification_not_sent,
lambda {
where("(force_delete_data->>'contact_notification_sent_date') is null")
}
end
class_methods do
def force_delete_scheduled
where('force_delete_start <= ?', Time.zone.now)
end
end
def force_delete_scheduled?
statuses.include?(DomainStatus::FORCE_DELETE)
end
def schedule_force_delete
def should_notify_on_soft_force_delete?
force_delete_scheduled? && contact_notification_sent_date.blank? &&
force_delete_start.to_date <= Time.zone.now.to_date && force_delete_type.to_sym == :soft &&
!statuses.include?(DomainStatus::CLIENT_HOLD)
end
def client_holdable?
force_delete_scheduled? && !statuses.include?(DomainStatus::CLIENT_HOLD) &&
force_delete_start.present? && force_delete_lte_today && force_delete_lte_valid_date
end
def force_delete_lte_today
force_delete_start + Setting.expire_warning_period.days <= Time.zone.now
end
def force_delete_lte_valid_date
force_delete_start + Setting.expire_warning_period.days <= valid_to
end
def schedule_force_delete(type: :fast_track)
if discarded?
raise StandardError, 'Force delete procedure cannot be scheduled while a domain is discarded'
end
type == :fast_track ? force_delete_fast_track : force_delete_soft
end
def add_force_delete_type(force_delete_type)
self.force_delete_type = force_delete_type
end
def force_delete_fast_track
preserve_current_statuses_for_force_delete
add_force_delete_statuses
self.force_delete_date = Time.zone.today + Setting.redemption_grace_period.days + 1.day
add_force_delete_type(:fast)
self.force_delete_date = force_delete_fast_track_start_date + 1.day
self.force_delete_start = Time.zone.today + 1.day
stop_all_pending_actions
allow_deletion
save(validate: false)
end
def cancel_force_delete
restore_statuses_before_force_delete
remove_force_delete_statuses
self.force_delete_date = nil
def force_delete_soft
preserve_current_statuses_for_force_delete
add_force_delete_statuses
add_force_delete_type(:soft)
calculate_soft_delete_date
stop_all_pending_actions
allow_deletion
save(validate: false)
end
def clear_force_delete_data
self.force_delete_data = nil
end
def cancel_force_delete
restore_statuses_before_force_delete
remove_force_delete_statuses
clear_force_delete_data
self.force_delete_date = nil
self.force_delete_start = nil
save(validate: false)
registrar.notifications.create!(text: I18n.t('force_delete_cancelled', domain_name: name))
end
def outzone_date
(force_delete_start || valid_to) + Setting.expire_warning_period.days
end
def purge_date
(force_delete_date&.beginning_of_day || valid_to + Setting.expire_warning_period.days +
Setting.redemption_grace_period.days)
end
private
def calculate_soft_delete_date
years = (valid_to.to_date - Time.zone.today).to_i / 365
soft_delete_dates(years) if years.positive?
end
def soft_delete_dates(years)
self.force_delete_start = valid_to - years.years + 1.day
self.force_delete_date = force_delete_start + Setting.expire_warning_period.days +
Setting.redemption_grace_period.days
end
def stop_all_pending_actions
statuses.delete(DomainStatus::PENDING_UPDATE)
statuses.delete(DomainStatus::PENDING_TRANSFER)
@ -35,7 +119,7 @@ module Concerns::Domain::ForceDelete
end
def preserve_current_statuses_for_force_delete
self.statuses_before_force_delete = statuses
self.statuses_before_force_delete = statuses.clone
end
def restore_statuses_before_force_delete
@ -47,25 +131,21 @@ module Concerns::Domain::ForceDelete
statuses << DomainStatus::FORCE_DELETE
statuses << DomainStatus::SERVER_RENEW_PROHIBITED
statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED
statuses << DomainStatus::SERVER_UPDATE_PROHIBITED
statuses << DomainStatus::PENDING_DELETE
if (statuses & [DomainStatus::SERVER_HOLD, DomainStatus::CLIENT_HOLD]).empty?
statuses << DomainStatus::SERVER_MANUAL_INZONE
end
end
def remove_force_delete_statuses
statuses.delete(DomainStatus::FORCE_DELETE)
statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED)
statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED)
statuses.delete(DomainStatus::SERVER_UPDATE_PROHIBITED)
statuses.delete(DomainStatus::PENDING_DELETE)
statuses.delete(DomainStatus::SERVER_MANUAL_INZONE)
statuses.delete(DomainStatus::CLIENT_HOLD)
end
def allow_deletion
statuses.delete(DomainStatus::CLIENT_DELETE_PROHIBITED)
statuses.delete(DomainStatus::SERVER_DELETE_PROHIBITED)
end
def force_delete_fast_track_start_date
Time.zone.today + Setting.expire_warning_period.days + Setting.redemption_grace_period.days
end
end

9
app/models/concerns/domain/transferable.rb
View file

@ -57,7 +57,8 @@ module Concerns::Domain::Transferable
def transfer_domain_contacts(new_registrar)
copied_ids = []
contacts.each do |contact|
domain_contacts.each do |dc|
contact = Contact.find(dc.contact_id)
next if copied_ids.include?(contact.id) || contact.registrar == new_registrar
if registrant_id_was == contact.id # registrant was copied previously, do not copy it again
@ -66,7 +67,11 @@ module Concerns::Domain::Transferable
oc = contact.transfer(new_registrar)
end
domain_contacts.where(contact_id: contact.id).update_all({ contact_id: oc.id }) # n+1 workaround
if domain_contacts.find_by(contact_id: oc.id, domain_id: id, type: dc.type).present?
dc.destroy
else
dc.update(contact_id: oc.id)
end
copied_ids << contact.id
end
end

91
app/models/concerns/email_verifable.rb Normal file
View file

@ -0,0 +1,91 @@
module Concerns
module EmailVerifable
extend ActiveSupport::Concern
def email_verification
@email_verification ||= EmailAddressVerification.find_or_create_by(email: unicode_email,
domain: domain(email))
end
def billing_email_verification
return unless attribute_names.include?('billing_email')
@billing_email_verification ||= EmailAddressVerification
.find_or_create_by(email: unicode_billing_email,
domain: domain(billing_email))
end
class_methods do
def domain(email)
Mail::Address.new(email).domain&.downcase || 'not_found'
rescue Mail::Field::IncompleteParseError
'not_found'
end
def local(email)
Mail::Address.new(email).local&.downcase || email
rescue Mail::Field::IncompleteParseError
email
end
def punycode_to_unicode(email)
return email if domain(email) == 'not_found'
local = local(email)
domain = SimpleIDN.to_unicode(domain(email))
"#{local}@#{domain}"&.downcase
end
def unicode_to_punycode(email)
return email if domain(email) == 'not_found'
local = local(email)
domain = SimpleIDN.to_ascii(domain(email))
"#{local}@#{domain}"&.downcase
end
end
def unicode_billing_email
self.class.punycode_to_unicode(billing_email)
end
def unicode_email
self.class.punycode_to_unicode(email)
end
def domain(email)
SimpleIDN.to_unicode(self.class.domain(email))
end
def punycode_to_unicode(email)
self.class.punycode_to_unicode(email)
end
def correct_email_format
return if email.blank?
result = email_verification.verify
process_result(result: result, field: :email)
end
def correct_billing_email_format
return if email.blank?
result = billing_email_verification.verify
process_result(result: result, field: :billing_email)
end
# rubocop:disable Metrics/LineLength
def process_result(result:, field:)
case result[:errors].keys.first
when :smtp
errors.add(field, I18n.t('activerecord.errors.models.contact.attributes.email.email_smtp_check_error'))
when :mx
errors.add(field, I18n.t('activerecord.errors.models.contact.attributes.email.email_mx_check_error'))
when :regex
errors.add(field, I18n.t('activerecord.errors.models.contact.attributes.email.email_regex_check_error'))
end
end
# rubocop:enable Metrics/LineLength
end
end

2
app/models/concerns/epp_errors.rb
View file

@ -20,7 +20,7 @@ module EppErrors
epp_errors << collect_parent_errors(attr, errors)
end
errors[:epp_errors] = epp_errors
errors.add(:epp_errors, epp_errors)
errors[:epp_errors].flatten!
end

34
app/models/concerns/invoice/book_keeping.rb Normal file
View file

@ -0,0 +1,34 @@
module Concerns
module Invoice
module BookKeeping
extend ActiveSupport::Concern
def as_directo_json
invoice = ActiveSupport::JSON.decode(ActiveSupport::JSON.encode(self))
invoice['customer'] = compose_directo_customer
invoice['issue_date'] = issue_date.strftime('%Y-%m-%d')
invoice['transaction_date'] = account_activity
.bank_transaction&.paid_at&.strftime('%Y-%m-%d')
invoice['language'] = buyer.language == 'en' ? 'ENG' : ''
invoice['invoice_lines'] = compose_directo_product
invoice
end
def compose_directo_product
[{ 'product_id': Setting.directo_receipt_product_name, 'description': order,
'quantity': 1, 'price': ActionController::Base.helpers.number_with_precision(
subtotal, precision: 2, separator: '.'
) }].as_json
end
def compose_directo_customer
{
'code': buyer.accounting_customer_code,
'destination': buyer_country_code,
'vat_reg_no': buyer_vat_no,
}.as_json
end
end
end
end

34
app/models/concerns/job/force_delete.rb Normal file
View file

@ -0,0 +1,34 @@
module Concerns
module Job
module ForceDelete
extend ActiveSupport::Concern
class_methods do
def start_client_hold
log_prepare_client_hold
::PaperTrail.request.whodunnit = "cron - #{__method__}"
::Domain.force_delete_scheduled.each do |domain|
proceed_client_hold(domain: domain)
end
log_end_end_force_delete_job
end
def proceed_client_hold(domain:)
notify_on_grace_period(domain) if domain.should_notify_on_soft_force_delete?
return unless domain.client_holdable?
domain.statuses << DomainStatus::CLIENT_HOLD
log_start_client_hold(domain)
domain.save(validate: false)
notify_client_hold(domain)
log_end_end_client_hold(domain)
end
end
end
end
end

34
app/models/concerns/job/force_delete_logging.rb Normal file
View file

@ -0,0 +1,34 @@
module Concerns
module Job
module ForceDeleteLogging
extend ActiveSupport::Concern
class_methods do
def log_prepare_client_hold
return if Rails.env.test?
STDOUT << "#{Time.zone.now.utc} - Setting client_hold to domains\n"
end
def log_start_client_hold(domain)
return if Rails.env.test?
STDOUT << "#{Time.zone.now.utc} DomainCron.start_client_hold: ##{domain.id} "\
"(#{domain.name}) #{domain.changes}\n"
end
def log_end_end_client_hold(domain)
return if Rails.env.test?
STDOUT << "#{Time.zone.now.utc} - Successfully set client_hold on (#{domain.name})"
end
def log_end_end_force_delete_job
return if Rails.env.test?
STDOUT << "#{Time.zone.now.utc} - All client_hold setting are done\n"
end
end
end
end
end

31
app/models/concerns/job/force_delete_notify.rb Normal file
View file

@ -0,0 +1,31 @@
module Concerns
module Job
module ForceDeleteNotify
extend ActiveSupport::Concern
class_methods do
def notify_client_hold(domain)
domain.registrar.notifications.create!(text: I18n.t('force_delete_set_on_domain',
domain_name: domain.name,
outzone_date: domain.outzone_date,
purge_date: domain.purge_date))
end
def notify_on_grace_period(domain)
domain.registrar.notifications.create!(text: I18n.t('grace_period_started_domain',
domain_name: domain.name,
date: domain.force_delete_start))
send_mail(domain)
domain.update(contact_notification_sent_date: Time.zone.today)
end
def send_mail(domain)
DomainDeleteMailer.forced(domain: domain,
registrar: domain.registrar,
registrant: domain.registrant,
template_name: domain.template_name).deliver_now
end
end
end
end
end

128
app/models/concerns/registrar/book_keeping.rb Normal file
View file

@ -0,0 +1,128 @@
module Concerns
module Registrar
module BookKeeping
extend ActiveSupport::Concern
DOMAIN_TO_PRODUCT = { 'ee': '01EE', 'com.ee': '02COM', 'pri.ee': '03PRI',
'fie.ee': '04FIE', 'med.ee': '05MED' }.freeze
def monthly_summary(month:)
activities = monthly_activites(month)
return unless activities.any?
invoice = {
'number': 1,
'customer': compose_directo_customer,
'language': language == 'en' ? 'ENG' : '', 'currency': activities.first.currency,
'date': month.end_of_month.strftime('%Y-%m-%d')
}.as_json
invoice['invoice_lines'] = prepare_invoice_lines(month: month, activities: activities)
invoice
end
def prepare_invoice_lines(month:, activities:)
lines = []
lines << { 'description': title_for_summary(month) }
activities.each do |activity|
fetch_invoice_lines(activity, lines)
end
lines << prepayment_for_all(lines)
lines.as_json
end
def title_for_summary(date)
I18n.with_locale(language == 'en' ? 'en' : 'et') do
I18n.t('registrar.monthly_summary_title', date: I18n.l(date, format: '%B %Y'))
end
end
def fetch_invoice_lines(activity, lines)
price = load_price(activity)
if price.duration.include? 'year'
price.duration.to_i.times do |duration|
lines << new_monthly_invoice_line(activity: activity, duration: duration + 1).as_json
end
else
lines << new_monthly_invoice_line(activity: activity).as_json
end
end
def monthly_activites(month)
AccountActivity.where(account_id: account_ids)
.where(created_at: month.beginning_of_month..month.end_of_month)
.where(activity_type: [AccountActivity::CREATE, AccountActivity::RENEW])
end
def new_monthly_invoice_line(activity:, duration: nil)
price = load_price(activity)
line = {
'product_id': DOMAIN_TO_PRODUCT[price.zone_name.to_sym],
'quantity': 1,
'unit': language == 'en' ? 'pc' : 'tk',
}
finalize_invoice_line(line, price: price, duration: duration, activity: activity)
end
def finalize_invoice_line(line, price:, activity:, duration:)
yearly = price.duration.include?('year')
line['price'] = yearly ? (price.price.amount / price.duration.to_i) : price.price.amount
line['description'] = description_in_language(price: price, yearly: yearly)
if duration.present?
add_product_timeframe(line: line, activity: activity, duration: duration) if duration > 1
end
line
end
def add_product_timeframe(line:, activity:, duration:)
create_time = activity.created_at
line['start_date'] = (create_time + (duration - 1).year).end_of_month.strftime('%Y-%m-%d')
line['end_date'] = (create_time + (duration - 1).year + 1).end_of_month.strftime('%Y-%m-%d')
end
def description_in_language(price:, yearly:)
timeframe_string = yearly ? 'yearly' : 'monthly'
locale_string = "registrar.invoice_#{timeframe_string}_product_description"
I18n.with_locale(language == 'en' ? 'en' : 'et') do
I18n.t(locale_string, tld: ".#{price.zone_name}", length: price.duration.to_i)
end
end
def prepayment_for_all(lines)
total = 0
en = language == 'en'
lines.each { |l| total += l['quantity'].to_f * l['price'].to_f }
{
'product_id': Setting.directo_receipt_product_name,
'description': en ? 'Domains prepayment' : 'Domeenide ettemaks',
'quantity': -1,
'price': total,
'unit': en ? 'pc' : 'tk',
}
end
def compose_directo_customer
{
'code': accounting_customer_code,
'destination': address_country_code,
'vat_reg_no': vat_no,
}.as_json
end
def load_price(account_activity)
@pricelists ||= {}
return @pricelists[account_activity.price_id] if @pricelists.key? account_activity.price_id
@pricelists[account_activity.price_id] = account_activity.price
end
end
end
end

16
app/models/concerns/registrar/legal_doc.rb Normal file
View file

@ -0,0 +1,16 @@
module Concerns
module Registrar
module LegalDoc
extend ActiveSupport::Concern
def legaldoc_mandatory?
!legaldoc_not_mandatory?
end
def legaldoc_not_mandatory?
setting = Setting.find_by(var: 'legal_document_is_mandatory')&.value
legaldoc_optout || !setting
end
end
end
end

9
app/models/concerns/remove_hold.rb Normal file
View file

@ -0,0 +1,9 @@
module RemoveHold
extend ActiveSupport::Concern
def remove_hold(params)
xml = epp_xml.update(name: { value: params[:domain_name] },
rem: [status: { attrs: { s: 'clientHold' }, value: '' }])
current_user.request(xml)
end
end

27
app/models/concerns/versions.rb
View file

@ -1,10 +1,17 @@
# Papertrail concerns is mainly tested at country spec
module Versions
extend ActiveSupport::Concern
WITH_CHILDREN = %w[Domain Contact].freeze
included do
attr_accessor :version_loader
has_paper_trail class_name: "#{model_name}Version"
if WITH_CHILDREN.include?(model_name.name)
has_paper_trail versions: { class_name: "#{model_name}Version" },
meta: { children: :children_log }
else
has_paper_trail versions: { class_name: "#{model_name}Version" }
end
# add creator and updator
before_create :add_creator
@ -12,23 +19,25 @@ module Versions
before_update :add_updator
def add_creator
self.creator_str = ::PaperTrail.whodunnit
self.creator_str = ::PaperTrail.request.whodunnit
true
end
def add_updator
self.updator_str = ::PaperTrail.whodunnit
self.updator_str = ::PaperTrail.request.whodunnit
true
end
def creator
return nil if creator_str.blank?
creator = user_from_id_role_username creator_str
creator.present? ? creator : creator_str
end
def updator
return nil if updator_str.blank?
updator = user_from_id_role_username updator_str
updator.present? ? updator : updator_str
end
@ -45,25 +54,27 @@ module Versions
# callbacks
def touch_domain_version
domain.try(:touch_with_version)
domain.try(:touch)
end
def touch_domains_version
domains.each(&:touch_with_version)
domains.each(&:touch)
end
end
module ClassMethods
def all_versions_for(ids, time)
ver_klass = paper_trail_version_class
ver_klass = paper_trail.version_class
from_history = ver_klass.where(item_id: ids.to_a).
order(:item_id).
preceding(time + 1, true).
select("distinct on (item_id) #{ver_klass.table_name}.*").
map do |ver|
o = new(ver.object)
valid_columns = ver.item_type.constantize&.column_names
o = new(ver.object&.slice(*valid_columns))
o.version_loader = ver
ver.object_changes.to_h.each { |k, v| o.public_send("#{k}=", v[-1]) }
changes = ver.object_changes.to_h&.slice(*valid_columns)
changes.each { |k, v| o.public_send("#{k}=", v[-1]) }
o
end
not_in_history = where(id: (ids.to_a - from_history.map(&:id)))

15
app/models/concerns/whois_status_populate.rb Normal file
View file

@ -0,0 +1,15 @@
module WhoisStatusPopulate
extend ActiveSupport::Concern
def generate_json(record, domain_status:)
h = HashWithIndifferentAccess.new(name: record.name, status: [domain_status])
return h if record.json.blank?
status_arr = (record.json['status'] ||= [])
return record.json if status_arr.include? domain_status
status_arr.push(domain_status)
record.json['status'] = status_arr
record.json
end
end

72
app/models/concerns/zone/whois_queryable.rb Normal file
View file

@ -0,0 +1,72 @@
module Concerns
module Zone
module WhoisQueryable
extend ActiveSupport::Concern
included do
after_save :update_whois_record, if: :subzone?
after_destroy :update_whois_record
end
def subzone?
origin.include? '.'
end
def update_whois_record
UpdateWhoisRecordJob.enqueue origin, 'zone'
end
def generate_data
wr = Whois::Record.find_or_initialize_by(name: origin)
wr.json = generate_json
wr.save
end
def generate_json
data = {}.with_indifferent_access
[domain_vars, registrar_vars, registrant_vars].each do |h|
data.merge!(h)
end
data
end
def domain_vars
{ disclaimer: Setting.registry_whois_disclaimer, name: origin,
registered: created_at.try(:to_s, :iso8601), status: ['ok (paid and in zone)'],
changed: updated_at.try(:to_s, :iso8601), email: Setting.registry_email,
admin_contacts: [contact_vars], tech_contacts: [contact_vars],
nameservers: nameserver_vars }
end
def registrar_vars
{ registrar: Setting.registry_juridical_name, registrar_website: Setting.registry_url,
registrar_phone: Setting.registry_phone }
end
def registrant_vars
{ registrant: Setting.registry_juridical_name, registrant_reg_no: Setting.registry_reg_no,
registrant_ident_country_code: Setting.registry_country_code, registrant_kind: 'org',
registrant_disclosed_attributes: %w[name email] }
end
def contact_vars
{ name: Setting.registry_invoice_contact, email: Setting.registry_email,
disclosed_attributes: %w[name email] }
end
def nameserver_vars
vars = []
return vars unless ns_records
parsed_ns = ns_records.gsub("\r", '').gsub("\n", '')
parsed_ns.split("#{origin}. IN NS ").each do |ns|
ns.delete_suffix! '.'
vars << ns if ns.match? Nameserver::HOSTNAME_REGEXP
end
vars
end
end
end
end

120
app/models/contact.rb
View file

@ -1,10 +1,13 @@
class Contact < ActiveRecord::Base
require 'deserializers/xml/legal_document'
class Contact < ApplicationRecord
include Versions # version/contact_version.rb
include EppErrors
include UserEvents
include Concerns::Contact::Transferable
include Concerns::Contact::Identical
include Concerns::Contact::Disclosable
include Concerns::EmailVerifable
belongs_to :original, class_name: self.name
belongs_to :registrar, required: true
@ -14,21 +17,25 @@ class Contact < ActiveRecord::Base
has_many :registrant_domains, class_name: 'Domain', foreign_key: 'registrant_id'
has_many :actions, dependent: :destroy
has_paper_trail class_name: "ContactVersion", meta: { children: :children_log }
attr_accessor :legal_document_id
alias_attribute :kind, :ident_type
alias_attribute :copy_from_id, :original_id # Old attribute name; for PaperTrail
accepts_nested_attributes_for :legal_documents
scope :email_verification_failed, lambda {
joins('LEFT JOIN email_address_verifications emv ON contacts.email = emv.email')
.where('success = false and verified_at IS NOT NULL')
}
validates :name, :email, presence: true
validates :street, :city, :zip, :country_code, presence: true, if: 'self.class.address_processing?'
validates :street, :city, :zip, :country_code, presence: true, if: lambda {
self.class.address_processing?
}
validates :phone, presence: true, e164: true, phone: true
validates :email, format: /@/
validates :email, email_format: { message: :invalid }, if: proc { |c| c.email_changed? }
validate :correct_email_format, if: proc { |c| c.will_save_change_to_email? }
validates :code,
uniqueness: { message: :epp_id_taken },
@ -37,7 +44,7 @@ class Contact < ActiveRecord::Base
validates_associated :identifier
validate :validate_html
validate :validate_country_code, if: 'self.class.address_processing?'
validate :validate_country_code, if: -> { self.class.address_processing? }
after_initialize do
self.status_notes = {} if status_notes.nil?
@ -55,6 +62,9 @@ class Contact < ActiveRecord::Base
mapping: [%w[ident code], %w[ident_type type], %w[ident_country_code country_code]]
after_save :update_related_whois_records
before_validation :clear_address_modifications, if: -> { !self.class.address_processing? }
self.ignored_columns = %w[legacy_id legacy_history_id]
ORG = 'org'
PRIV = 'priv'
@ -246,10 +256,8 @@ class Contact < ActiveRecord::Base
end
def registrant_user_contacts(registrant_user)
# In Rails 5, can be replaced with a much simpler `or` query method and the raw SQL parts can
# be removed.
from("(#{registrant_user_direct_contacts(registrant_user).to_sql} UNION " \
"#{registrant_user_indirect_contacts(registrant_user).to_sql}) AS contacts")
registrant_user_direct_contacts(registrant_user)
.or(registrant_user_indirect_contacts(registrant_user))
end
def registrant_user_direct_contacts(registrant_user)
@ -290,7 +298,7 @@ class Contact < ActiveRecord::Base
end
def to_s
name || '[no name]'
name
end
def validate_html
@ -351,7 +359,7 @@ class Contact < ActiveRecord::Base
return false
end
legal_document_data = Epp::Domain.parse_legal_document_from_frame(frame)
legal_document_data = ::Deserializers::Xml::LegalDocument.new(frame).call
if legal_document_data
@ -415,45 +423,65 @@ class Contact < ActiveRecord::Base
# if total is smaller than needed, the load more
# we also need to sort by valid_to
# todo: extract to drapper. Then we can remove Domain#roles
def all_domains(page: nil, per: nil, params: {})
# compose filter sql
filter_sql = case params[:domain_filter]
when "Registrant".freeze
%Q{select id from domains where registrant_id=#{id}}
when AdminDomainContact.to_s, TechDomainContact.to_s
%Q{select domain_id from domain_contacts where contact_id=#{id} AND type='#{params[:domain_filter]}'}
else
%Q{select domain_id from domain_contacts where contact_id=#{id} UNION select id from domains where registrant_id=#{id}}
end
def all_domains(page: nil, per: nil, params:, requester: nil)
filter_sql = qualified_domain_ids(params[:domain_filter])
# get sorting rules
sorts = params.fetch(:sort, {}).first || []
sort = Domain.column_names.include?(sorts.first) ? sorts.first : "valid_to"
order = {"asc"=>"desc", "desc"=>"asc"}[sorts.second] || "desc"
sort = %w[name registrar_name valid_to].include?(sorts.first) ? sorts.first : 'valid_to'
order = %w[asc desc].include?(sorts.second) ? sorts.second : 'desc'
# fetch domains
domains = Domain.where("domains.id IN (#{filter_sql})")
domains = qualified_domain_name_list(requester, filter_sql)
domains = domains.includes(:registrar).page(page).per(per)
if sorts.first == "registrar_name".freeze
# using small rails hack to generate outer join
domains = domains.includes(:registrar).where.not(registrars: {id: nil}).order("registrars.name #{order} NULLS LAST")
else
domains = domains.order("#{sort} #{order} NULLS LAST")
end
# using small rails hack to generate outer join
domains = if sorts.first == 'registrar_name'.freeze
domains.includes(:registrar).where.not(registrars: { id: nil })
.order("registrars.name #{order} NULLS LAST")
else
domains.order("#{sort} #{order} NULLS LAST")
end
# adding roles. Need here to make faster sqls
domain_c = Hash.new([])
registrant_domains.where(id: domains.map(&:id)).each{|d| domain_c[d.id] |= ["Registrant".freeze] }
DomainContact.where(contact_id: id, domain_id: domains.map(&:id)).each{|d| domain_c[d.domain_id] |= [d.type] }
domains.each{|d| d.roles = domain_c[d.id].uniq}
registrant_domains.where(id: domains.map(&:id)).each do |d|
domain_c[d.id] |= ['Registrant'.freeze]
end
DomainContact.where(contact_id: id, domain_id: domains.map(&:id)).each do |d|
domain_c[d.domain_id] |= [d.type]
end
domains.each { |d| d.roles = domain_c[d.id].uniq }
domains
end
def qualified_domain_name_list(requester, filter_sql)
return Domain.where('domains.id IN (?)', filter_sql) if requester.blank?
registrant_user = RegistrantUser.find_or_initialize_by(registrant_ident:
"#{requester.ident_country_code}-#{requester.ident}")
begin
registrant_user.domains.where('domains.id IN (?)', filter_sql)
rescue CompanyRegister::NotAvailableError
registrant_user.direct_domains.where('domains.id IN (?)', filter_sql)
end
end
def qualified_domain_ids(domain_filter)
registrant_ids = registrant_domains.pluck(:id)
return registrant_ids if domain_filter == 'Registrant'
if %w[AdminDomainContact TechDomainContact].include? domain_filter
DomainContact.select('domain_id').where(contact_id: id, type: domain_filter)
else
(DomainContact.select('domain_id').where(contact_id: id).pluck(:domain_id) +
registrant_ids).uniq
end
end
def update_prohibited?
(statuses & [
CLIENT_UPDATE_PROHIBITED,
@ -480,9 +508,23 @@ class Contact < ActiveRecord::Base
]).present?
end
def clear_address_modifications
return unless modifies_address?
remove_address
end
def modifies_address?
modified = false
self.class.address_attribute_names.each { |field| modified = true if changes.key?(field) }
modified
end
def update_related_whois_records
# not doing anything if no real changes
return if changes.slice(*(self.class.column_names - ["updated_at", "created_at", "statuses", "status_notes"])).empty?
ignored_columns = %w[updated_at created_at statuses status_notes]
return if saved_changes.slice(*(self.class.column_names - ignored_columns)).empty?
names = related_domain_descriptions.keys
UpdateWhoisRecordJob.enqueue(names, 'domain') if names.present?

24
app/models/counter.rb
View file

@ -1,24 +0,0 @@
class Counter
def initialize value = 0
@value = value
end
attr_accessor :value
def method_missing *args, &blk
@value.send(*args, &blk)
end
def to_s
@value.to_s
end
def now
@value
end
# pre-increment ".+" when x not present
def next(x = 1)
@value += x
end
def prev(x = 1)
@value -= x
end
end

11
app/models/depp/domain.rb
View file

@ -1,6 +1,7 @@
module Depp
class Domain
include ActiveModel::Conversion
include RemoveHold
extend ActiveModel::Naming
attr_accessor :name, :current_user, :epp_xml
@ -121,16 +122,6 @@ module Depp
}, op, Domain.construct_custom_params_hash(params)))
end
def confirm_keyrelay(domain_params)
xml = epp_xml.update({
name: { value: domain_params[:name] }
}, {
add: Domain.create_dnskeys_hash(domain_params)
})
current_user.request(xml)
end
def confirm_transfer(domain_params)
data = current_user.request(epp_xml.info(name: { value: domain_params[:name] }))
pw = data.css('pw').text

45
app/models/depp/keyrelay.rb
View file

@ -1,45 +0,0 @@
module Depp
class Keyrelay
attr_accessor :current_user, :epp_xml
def initialize(args = {})
self.current_user = args[:current_user]
self.epp_xml = EppXml::Keyrelay.new(cl_trid_prefix: current_user.tag)
end
def keyrelay(params)
custom_params = {}
if params[:legal_document].present?
type = params[:legal_document].original_filename.split('.').last.downcase
custom_params = {
_anonymus: [
legalDocument: { value: Base64.encode64(params[:legal_document].read), attrs: { type: type } }
]
}
end
xml = epp_xml.keyrelay({
name: { value: params['domain_name'] },
keyData: {
flags: { value: params['key_data_flags'] },
protocol: { value: params['key_data_protocol'] },
alg: { value: params['key_data_alg'] },
pubKey: { value: params['key_data_public_key'] }
},
authInfo: {
pw: { value: params['password'] }
},
expiry: expiry(params['expiry'])
}, custom_params)
current_user.request(xml)
end
def expiry(value)
ISO8601::Duration.new(value)
{ relative: { value: value } }
rescue => _e
{ absolute: { value: value } }
end
end
end

195
app/models/directo.rb
View file

@ -1,196 +1,3 @@
class Directo < ActiveRecord::Base
DOMAIN_TO_PRODUCT = {"ee" => "01EE", "com.ee" => "02COM", "pri.ee" => "03PRI", "fie.ee"=>"04FIE", "med.ee" => "05MED"}.freeze
class Directo < ApplicationRecord
belongs_to :item, polymorphic: true
def self.send_receipts
new_trans = Invoice.where(in_directo: false).non_cancelled
total = new_trans.count
counter = 0
Rails.logger.info("[DIRECTO] Will try to send #{total} invoices")
new_trans.find_in_batches(batch_size: 10).each do |group|
mappers = {} # need them as no direct connection between invoice
builder = Nokogiri::XML::Builder.new(encoding: "UTF-8") do |xml|
xml.invoices {
group.each do |invoice|
if invoice.account_activity.nil? || invoice.account_activity.bank_transaction.nil? ||
invoice.account_activity.bank_transaction.sum.nil? || invoice.account_activity.bank_transaction.sum != invoice.total
Rails.logger.info("[DIRECTO] Invoice #{invoice.number} has been skipped")
next
end
counter += 1
num = invoice.number
mappers[num] = invoice
xml.invoice(
"SalesAgent" => Setting.directo_sales_agent,
"Number" => num,
"InvoiceDate" => invoice.issue_date.strftime("%Y-%m-%d"),
"PaymentTerm" => Setting.directo_receipt_payment_term,
"Currency" => invoice.currency,
"CustomerCode"=> invoice.buyer.accounting_customer_code
){
xml.line(
"ProductID" => Setting.directo_receipt_product_name,
"Quantity" => 1,
"UnitPriceWoVAT" => ActionController::Base.helpers.number_with_precision(invoice.subtotal, precision: 2, separator: "."),
"ProductName" => invoice.order
)
}
end
}
end
data = builder.to_xml.gsub("\n",'')
Rails.logger.info("[Directo] XML request: #{data}")
response = RestClient::Request.execute(url: ENV['directo_invoice_url'], method: :post, payload: {put: "1", what: "invoice", xmldata: data}, verify_ssl: false)
Rails.logger.info("[Directo] Directo responded with code: #{response.code}, body: #{response.body}")
dump_result_to_db(mappers, response.to_s)
end
STDOUT << "#{Time.zone.now.utc} - Directo receipts sending finished. #{counter} of #{total} are sent\n"
end
def self.dump_result_to_db mappers, xml
Nokogiri::XML(xml).css("Result").each do |res|
obj = mappers[res.attributes["docid"].value.to_i]
obj.directo_records.create!(response: res.as_json.to_h, invoice_number: obj.number)
obj.update_columns(in_directo: true)
Rails.logger.info("[DIRECTO] Invoice #{res.attributes["docid"].value} was pushed and return is #{res.as_json.to_h.inspect}")
end
end
def self.send_monthly_invoices(debug: false)
I18n.locale = :et
month = Time.now - 1.month
invoices_until = month.end_of_month
date_format = "%Y-%m-%d"
invoice_counter= Counter.new
min_directo = Setting.directo_monthly_number_min.presence.try(:to_i)
max_directo = Setting.directo_monthly_number_max.presence.try(:to_i)
last_directo = [Setting.directo_monthly_number_last.presence.try(:to_i), min_directo].compact.max || 0
if max_directo && max_directo <= last_directo
raise "Directo counter is out of period (max allowed number is smaller than last counter number)"
end
directo_next = last_directo
Registrar.where.not(test_registrar: true).find_each do |registrar|
unless registrar.cash_account
Rails.logger.info("[DIRECTO] Monthly invoice for registrar #{registrar.id} has been skipped as it doesn't has cash_account")
next
end
counter = Counter.new(1)
items = {}
registrar_activities = AccountActivity.where(account_id: registrar.account_ids).where("created_at BETWEEN ? AND ?",month.beginning_of_month, month.end_of_month)
# adding domains items
registrar_activities.where(activity_type: [AccountActivity::CREATE, AccountActivity::RENEW]).each do |activity|
price = load_price(activity)
if price.duration.include?('year')
price.duration.to_i.times do |i|
year = i+1
hash = {
"ProductID" => DOMAIN_TO_PRODUCT[price.zone_name],
"Unit" => "tk",
"ProductName" => ".#{price.zone_name} registreerimine: #{price.duration.to_i} aasta#{price.duration.to_i > 1 ? 't' : ''}",
"UnitPriceWoVAT" => price.price.amount / price.duration.to_i
}
hash["StartDate"] = (activity.created_at + (year-1).year).end_of_month.strftime(date_format) if year > 1
hash["EndDate"] = (activity.created_at + (year-1).year + 1).end_of_month.strftime(date_format) if year > 1
if items.has_key?(hash)
items[hash]["Quantity"] += 1
else
items[hash] = { "RN" => counter.next, "RR" => counter.now - i, "Quantity" => 1 }
end
end
else
1.times do |i|
quantity = price.account_activities
.where(account_id: registrar.account_ids)
.where(created_at: month.beginning_of_month..month.end_of_month)
.where(activity_type: [AccountActivity::CREATE, AccountActivity::RENEW])
.count
hash = {
"ProductID" => DOMAIN_TO_PRODUCT[price.zone_name],
"Unit" => "tk",
"ProductName" => ".#{price.zone_name} registreerimine: #{price.duration.to_i} kuud",
"UnitPriceWoVAT" => price.price.amount,
}
if items.has_key?(hash)
#items[hash]["Quantity"] += 1
else
items[hash] = { "RN" => counter.next, "RR" => counter.now - i, "Quantity" => quantity }
end
end
end
end
#adding prepaiments
if items.any?
total = 0
items.each{ |key, val| total += val["Quantity"] * key["UnitPriceWoVAT"] }
hash = {"ProductID" => Setting.directo_receipt_product_name, "Unit" => "tk", "ProductName" => "Domeenide ettemaks", "UnitPriceWoVAT"=>total}
items[hash] = {"RN"=>counter.next, "RR" => counter.now, "Quantity"=> -1}
end
# generating XML
if items.any?
directo_next += 1
invoice_counter.next
builder = Nokogiri::XML::Builder.new(encoding: "UTF-8") do |xml|
xml.invoices{
xml.invoice("Number" =>directo_next,
"InvoiceDate" =>invoices_until.strftime(date_format),
"PaymentTerm" =>Setting.directo_receipt_payment_term,
"CustomerCode"=>registrar.accounting_customer_code,
"Language" =>"",
"Currency" =>registrar_activities.first.currency,
"SalesAgent" =>Setting.directo_sales_agent){
xml.line("RN" => 1, "RR"=>1, "ProductName"=> "Domeenide registreerimine - #{I18n.l(invoices_until, format: "%B %Y").titleize}")
items.each do |line, val|
xml.line(val.merge(line))
end
}
}
end
data = builder.to_xml.gsub("\n",'')
Rails.logger.info("[Directo] XML request: #{data}")
if debug
STDOUT << "#{Time.zone.now.utc} - Directo xml had to be sent #{data}\n"
else
response = RestClient::Request.execute(url: ENV['directo_invoice_url'], method: :post, payload: {put: "1", what: "invoice", xmldata: data}, verify_ssl: false)
Rails.logger.info("[Directo] Directo responded with code: #{response.code}, body: #{response.body}")
response = response.to_s
Setting.directo_monthly_number_last = directo_next
Nokogiri::XML(response).css("Result").each do |res|
Directo.create!(request: data, response: res.as_json.to_h, invoice_number: directo_next)
Rails.logger.info("[DIRECTO] Invoice #{res.attributes["docid"].value} was pushed and return is #{res.as_json.to_h.inspect}")
end
end
else
Rails.logger.info("[DIRECTO] Registrar #{registrar.id} has nothing to be sent to Directo")
end
end
STDOUT << "#{Time.zone.now.utc} - Directo invoices sending finished. #{invoice_counter.now} are sent\n"
end
def self.load_price(account_activity)
@pricelists ||= {}
return @pricelists[account_activity.price_id] if @pricelists.has_key?(account_activity.price_id)
@pricelists[account_activity.price_id] = account_activity.price
end
end

133
app/models/dispute.rb Normal file
View file

@ -0,0 +1,133 @@
class Dispute < ApplicationRecord
include WhoisStatusPopulate
validates :domain_name, :password, :starts_at, :expires_at, presence: true
before_validation :fill_empty_passwords, :set_expiry_date
validate :validate_domain_name_format
validate :validate_domain_name_period_uniqueness
validate :validate_start_date
before_save :set_expiry_date, :sync_reserved_password, :generate_data
after_destroy :remove_data
scope :expired, -> { where('expires_at < ?', Time.zone.today) }
scope :active, lambda {
where('starts_at <= ? AND expires_at >= ? AND closed IS NULL', Time.zone.today, Time.zone.today)
}
scope :closed, -> { where.not(closed: nil) }
attr_readonly :domain_name
def domain
Domain.find_by(name: domain_name)
end
def self.close_by_domain(domain_name)
dispute = Dispute.active.find_by(domain_name: domain_name)
return false unless dispute
dispute.close(initiator: 'Registrant')
end
def self.valid_auth?(domain_name, password)
Dispute.active.find_by(domain_name: domain_name, password: password).present?
end
def set_expiry_date
return if starts_at.blank?
self.expires_at = starts_at + Setting.dispute_period_in_months.months
end
def generate_password
self.password = SecureRandom.hex
end
def generate_data
return if starts_at > Time.zone.today || expires_at < Time.zone.today
domain&.mark_as_disputed
return if domain
wr = Whois::Record.find_or_initialize_by(name: domain_name)
wr.json = @json = generate_json(wr, domain_status: 'disputed')
wr.save
end
def close(initiator: 'Unknown')
return false unless update(closed: Time.zone.now, initiator: initiator)
return if Dispute.active.where(domain_name: domain_name).any?
domain&.unmark_as_disputed
return true if domain
forward_to_auction_if_possible
end
def forward_to_auction_if_possible
domain = DNS::DomainName.new(domain_name)
if domain.available? && domain.auctionable?
domain.sell_at_auction
return true
end
whois_record = Whois::Record.find_by(name: domain_name)
remove_whois_data(whois_record)
end
def remove_whois_data(record)
return true unless record
record.json['status'] = record.json['status'].delete_if { |status| status == 'disputed' }
record.destroy && return if record.json['status'].blank?
record.save
end
def remove_data
UpdateWhoisRecordJob.enqueue domain_name, 'disputed'
end
def fill_empty_passwords
generate_password if password.blank?
end
def sync_reserved_password
reserved_domain = ReservedDomain.find_by(name: domain_name)
generate_password if password.blank?
unless reserved_domain.nil?
reserved_domain.password = password
reserved_domain.save!
end
generate_data
end
private
def validate_start_date
return if starts_at.nil?
errors.add(:starts_at, :future) if starts_at.future?
end
def validate_domain_name_format
return unless domain_name
zone = domain_name.reverse.rpartition('.').map(&:reverse).reverse.last
supported_zone = DNS::Zone.origins.include?(zone)
errors.add(:domain_name, :unsupported_zone) unless supported_zone
end
def validate_domain_name_period_uniqueness
existing_dispute = Dispute.unscoped.where(domain_name: domain_name, closed: nil)
.where('expires_at >= ?', starts_at)
existing_dispute = existing_dispute.where.not(id: id) unless new_record?
return unless existing_dispute.any?
errors.add(:starts_at, 'Dispute already exists for this domain at given timeframe')
end
end

9
app/models/dns/domain_name.rb
View file

@ -60,13 +60,18 @@ module DNS
end
def blocked?
BlockedDomain.where(name: name).any?
BlockedDomain.where(name: name).any? ||
BlockedDomain.where(name: SimpleIDN.to_unicode(name)).any?
end
def reserved?
ReservedDomain.where(name: name).any?
end
def disputed?
Dispute.active.where(domain_name: name).any?
end
def auctionable?
!not_auctionable?
end
@ -80,7 +85,7 @@ module DNS
attr_reader :name
def not_auctionable?
blocked? || reserved?
blocked? || reserved? || disputed?
end
def zone_with_same_origin?

7
app/models/dns/zone.rb
View file

@ -1,11 +1,14 @@
# frozen_string_literal: true
module DNS
class Zone < ActiveRecord::Base
class Zone < ApplicationRecord
validates :origin, :ttl, :refresh, :retry, :expire, :minimum_ttl, :email, :master_nameserver, presence: true
validates :ttl, :refresh, :retry, :expire, :minimum_ttl, numericality: { only_integer: true }
validates :origin, uniqueness: true
include Concerns::Zone::WhoisQueryable
before_destroy do
!used?
throw(:abort) if used?
end
def self.generate_zonefiles

14
app/models/dnskey.rb
View file

@ -1,4 +1,4 @@
class Dnskey < ActiveRecord::Base
class Dnskey < ApplicationRecord
include Versions # version/dnskey_version.rb
include EppErrors
@ -9,10 +9,16 @@ class Dnskey < ActiveRecord::Base
validate :validate_protocol
validate :validate_flags
before_save -> { generate_digest if public_key_changed? && !ds_digest_changed? }
before_save lambda {
generate_digest if will_save_change_to_public_key? && !will_save_change_to_ds_digest?
}
before_save lambda {
if (public_key_changed? || flags_changed? || alg_changed? || protocol_changed?) && !ds_key_tag_changed?
if (will_save_change_to_public_key? ||
will_save_change_to_flags? ||
will_save_change_to_alg? ||
will_save_change_to_protocol?) &&
!will_save_change_to_ds_key_tag?
generate_ds_key_tag
end
}
@ -22,6 +28,8 @@ class Dnskey < ActiveRecord::Base
FLAGS = %w(0 256 257) # 256 = ZSK, 257 = KSK
DS_DIGEST_TYPE = [1,2]
self.ignored_columns = %w[legacy_domain_id]
def epp_code_map
{
'2005' => [

Some files were not shown because too many files have changed in this diff Show more