From a994767330649a6f217783901da4a84e49d7fe9c Mon Sep 17 00:00:00 2001
From: Priit Tark <priit@gitlab.eu>
Date: Wed, 1 Apr 2015 12:02:24 +0300
Subject: [PATCH] Contact info request should return smaal contact info when pw
 is blank

---
 app/models/ability.rb    |  4 +++-
 spec/epp/contact_spec.rb | 18 ++++++++++++++++--
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/app/models/ability.rb b/app/models/ability.rb
index f86984d14..9098cb4e2 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -19,6 +19,7 @@ class Ability
 
   # rubocop: disable Metrics/CyclomaticComplexity
   # rubocop: disable Metrics/PerceivedComplexity
+  # rubocop: disable Metrics/LineLength
   def epp
     # Epp::Domain
     can(:info,     Epp::Domain) { |d, pw| d.registrar_id == @user.registrar_id || d.auth_info == pw }
@@ -29,7 +30,7 @@ class Ability
     can(:transfer, Epp::Domain) { |d, pw| d.auth_info == pw }
 
     # Epp::Contact
-    can(:info, Epp::Contact)           { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
+    can(:info, Epp::Contact)           { |c, pw| c.registrar_id == @user.registrar_id || pw.blank? ? true : c.auth_info == pw }
     can(:view_full_info, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
     can(:check,  Epp::Contact)
     can(:create, Epp::Contact)
@@ -38,6 +39,7 @@ class Ability
     can(:renew,  Epp::Contact)
     can(:view_password, Epp::Contact) { |c, pw| c.registrar_id == @user.registrar_id || c.auth_info == pw }
   end
+  # rubocop: enable Metrics/LineLength
   # rubocop: enable Metrics/CyclomaticComplexity
   # rubocop: enable Metrics/PerceivedComplexity
 
diff --git a/spec/epp/contact_spec.rb b/spec/epp/contact_spec.rb
index 6c268818a..b53f10f26 100644
--- a/spec/epp/contact_spec.rb
+++ b/spec/epp/contact_spec.rb
@@ -519,7 +519,7 @@ describe 'EPP Contact', epp: true do
         response[:results].count.should == 1
       end
 
-      it 'returns no authorization error for wrong user but correct pw' do
+      it 'returns no authorization error for wrong user but correct password' do
         login_as :registrar2 do
           response = info_request
 
@@ -534,7 +534,7 @@ describe 'EPP Contact', epp: true do
         end
       end
 
-      it 'returns authorization error for wrong user and wrong pw' do
+      it 'returns authorization error for wrong user and wrong password' do
         login_as :registrar2 do
           response = info_request({ authInfo: { pw: { value: 'wrong-pw' } } })
           response[:msg].should == 'Authorization error'
@@ -547,6 +547,20 @@ describe 'EPP Contact', epp: true do
           contact.css('voice').first.try(:text).should == nil
         end
       end
+
+      it 'returns no authorization error for wrong user and no password' do
+        login_as :registrar2 do
+          response = info_request({ authInfo: { pw: { value: '' } } })
+          response[:msg].should == 'Command completed successfully'
+          response[:result_code].should == '1000'
+          response[:results].count.should == 1
+
+          contact = response[:parsed].css('resData infData')
+          contact.css('postalInfo addr city').first.try(:text).should == nil
+          contact.css('email').first.try(:text).should == nil
+          contact.css('voice').first.try(:text).should == nil
+        end
+      end
     end
 
     context 'renew command' do