zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 09:57:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow updating password via EPP

Browse source
This commit is contained in:
Martin Lensment 2015-04-06 16:39:58 +03:00
parent a42136268f
commit a79ef51ed9
4 changed files with 53 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
app/controllers/epp/sessions_controller.rb
View file

@ -19,6 +19,12 @@ class Epp::SessionsController < EppController
end end
if @api_user.try(:active) && cert_valid if @api_user.try(:active) && cert_valid
if parsed_frame.css('newPW').first
unless @api_user.update(password: parsed_frame.css('newPW').first.text)
handle_errors(@api_user) and return
end
end
epp_session[:api_user_id] = @api_user.id epp_session[:api_user_id] = @api_user.id
render_epp_response('login_success') render_epp_response('login_success')
else else
@ -42,4 +48,8 @@ class Epp::SessionsController < EppController
ph = params_hash['epp']['command']['login'] ph = params_hash['epp']['command']['login']
{ username: ph[:clID], password: ph[:pw] } { username: ph[:clID], password: ph[:pw] }
end end
def parsed_frame
@parsed_frame ||= Nokogiri::XML(request.params[:raw_frame]).remove_namespaces!
end
end end

9
app/models/api_user.rb
View file

@ -2,6 +2,15 @@ require 'open3'
# rubocop: disable Metrics/ClassLength # rubocop: disable Metrics/ClassLength
class ApiUser < User class ApiUser < User
include EppErrors
def epp_code_map # rubocop:disable Metrics/MethodLength
{
'2306' => [ # Parameter policy error
[:password, :blank]
]
}
end
# TODO: should have max request limit per day # TODO: should have max request limit per day
belongs_to :registrar belongs_to :registrar
has_many :contacts has_many :contacts

4
app/views/registrar/sessions/login_mid.haml
View file

@ -9,6 +9,10 @@
= f.text_field :phone, class: 'form-control', placeholder: t('phone_no'), autocomplete: 'off' = f.text_field :phone, class: 'form-control', placeholder: t('phone_no'), autocomplete: 'off'
%button.btn.btn-lg.btn-primary.btn-block.js-login{:type => 'submit'}= t('log_in') %button.btn.btn-lg.btn-primary.btn-block.js-login{:type => 'submit'}= t('log_in')
- if ['development', 'alpha'].include?(Rails.env)
%div.text-center
60000007 / 00000766
:coffee :coffee
$('.js-login').attr('disabled', false) $('.js-login').attr('disabled', false)

30
spec/epp/session_spec.rb
View file

@ -85,6 +85,36 @@ describe 'EPP Session', epp: true do
EppSession.last[:api_user_id].should == nil EppSession.last[:api_user_id].should == nil
end end
it 'changes password and logs in' do
@api_user.update(password: 'ghyt9e4fu')
response = epp_plain_request(@epp_xml.session.login(
clID: { value: 'gitlab' },
pw: { value: 'ghyt9e4fu' },
newPW: { value: 'abcdefg' }
), :xml)
response[:msg].should == 'Command completed successfully'
response[:result_code].should == '1000'
@api_user.reload
@api_user.password.should == 'abcdefg'
end
it 'fails if new password is not valid' do
@api_user.update(password: 'ghyt9e4fu')
response = epp_plain_request(@epp_xml.session.login(
clID: { value: 'gitlab' },
pw: { value: 'ghyt9e4fu' },
newPW: { value: '' }
), :xml)
response[:msg].should == 'Password is missing [password]'
response[:result_code].should == '2306'
@api_user.reload
@api_user.password.should == 'ghyt9e4fu'
end
end end
end end
end end