zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-24 11:38:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

Refactor complext dnskeys method

Browse source
This commit is contained in:
Martin Lensment 2014-10-15 11:57:59 +03:00
parent a1c2dc2175
commit a74e2e5fd1
4 changed files with 75 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

6
app/models/dnskey.rb
View file

@ -3,7 +3,7 @@ class Dnskey < ActiveRecord::Base
belongs_to :domain
validates :alg, :protocol, :flags, :public_key, presence: true
validates :alg, :protocol, :flags, :public_key, presence: true, if: :validate_key_data
validate :validate_algorithm
validate :validate_protocol
validate :validate_flags
@ -36,6 +36,10 @@ class Dnskey < ActiveRecord::Base
}
end
def validate_key_data
alg.present? || protocol.present? || flags.present? || public_key.present?
end
def validate_algorithm
return if alg.blank?
return if ALGORITHMS.include?(alg.to_s)

62
app/models/epp/epp_domain.rb
View file

@ -21,7 +21,8 @@ class Epp::EppDomain < Domain
],
'2306' => [ # Parameter policy error
[:owner_contact, :blank],
[:admin_contacts, :out_of_range]
[:admin_contacts, :out_of_range],
[:base, :ds_data_with_key_not_allowed]
],
'2004' => [ # Parameter value range error
[:nameservers, :out_of_range,
@ -187,27 +188,10 @@ class Epp::EppDomain < Domain
def attach_dnskeys(dnssec_data)
sg = SettingGroup.dnskeys
ds_data_allowed = sg.setting(Setting::ALLOW_DS_DATA).value == '0' ? false : true
ds_data_with_keys_allowed = sg.setting(Setting::ALLOW_DS_DATA_WITH_KEYS).value == '0' ? false : true
key_data_allowed = sg.setting(Setting::ALLOW_KEY_DATA).value == '0' ? false : true
if dnssec_data[:ds_data].any? && !ds_data_allowed
errors.add(:base, :ds_data_not_allowed)
return
end
return false unless validate_dnssec_data(dnssec_data, sg)
dnssec_data[:ds_data].each do |ds_data|
if ds_data[:public_key] && !ds_data_with_keys_allowed
errors.add(:base, :ds_data_with_keys_not_allowed)
next
else
dnskeys.build(ds_data)
end
end
if dnssec_data[:key_data].any? && !key_data_allowed
errors.add(:base, :key_data_not_allowed)
return
dnskeys.build(ds_data)
end
dnssec_data[:key_data].each do |x|
@ -217,8 +201,44 @@ class Epp::EppDomain < Domain
ds_digest_type: sg.setting(Setting::DS_ALGORITHM).value
}.merge(x))
end
end
errors.any?
def validate_dnssec_data(dnssec_data, sg)
ds_data_allowed?(dnssec_data, sg)
ds_data_with_keys_allowed?(dnssec_data, sg)
key_data_allowed?(dnssec_data, sg)
errors.empty?
end
def ds_data_allowed?(dnssec_data, sg)
ds_data_allowed = sg.setting(Setting::ALLOW_DS_DATA).value == '0' ? false : true
return if (dnssec_data[:ds_data].any? && ds_data_allowed) || dnssec_data[:ds_data].empty?
errors.add(:base, :ds_data_not_allowed)
end
def ds_data_with_keys_allowed?(dnssec_data, sg)
ds_data_with_keys_allowed = sg.setting(Setting::ALLOW_DS_DATA_WITH_KEYS).value == '0' ? false : true
dnssec_data[:ds_data].each do |ds_data|
if key_data?(ds_data) && !ds_data_with_keys_allowed
errors.add(:base, :ds_data_with_key_not_allowed)
return
end
end
end
def key_data_allowed?(dnssec_data, sg)
key_data_allowed = sg.setting(Setting::ALLOW_KEY_DATA).value == '0' ? false : true
return if (dnssec_data[:key_data].any? && key_data_allowed) || dnssec_data[:key_data].empty?
errors.add(:base, :key_data_not_allowed)
end
def key_data?(data)
key_data_attrs = [:public_key, :alg, :protocol, :flags]
(data.keys & key_data_attrs).any?
end
def detach_dnskeys(dnssec_data)