zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-03 01:33:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'm'

Browse source
This commit is contained in:
Priit Tark 2015-07-16 14:03:13 +03:00
commit af94bd4aad
3 changed files with 53 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

38
app/controllers/epp/sessions_controller.rb
View file

@ -17,35 +17,59 @@ class Epp::SessionsController < EppController
client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
if client_md5 != server_md5
@msg = 'Authentication error; server closing connection (certificate is not valid)'
epp_errors << {
msg: 'Authentication error; server closing connection (certificate is not valid)',
code: '2501'
}
success = false
end
end
if request.ip != ENV['webclient_ip'] && @api_user
unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
@msg = 'Authentication error; server closing connection (certificate is not valid)'
epp_errors << {
msg: 'Authentication error; server closing connection (certificate is not valid)',
code: '2501'
}
success = false
end
end
if success && !@api_user
@msg = 'Authentication error; server closing connection (API user not found)'
epp_errors << {
msg: 'Authentication error; server closing connection (API user not found)',
code: '2501'
}
success = false
end
if success && !@api_user.try(:active)
@msg = 'Authentication error; server closing connection (API user is not active)'
epp_errors << {
msg: 'Authentication error; server closing connection (API user is not active)',
code: '2501'
}
success = false
end
if success && !ip_white?
@msg = 'Authentication error; server closing connection (IP is not whitelisted)'
epp_errors << {
msg: 'Authentication error; server closing connection (IP is not whitelisted)',
code: '2501'
}
success = false
end
if success && !connection_limit_ok?
@msg = 'Authentication error; server closing connection (connection limit reached)'
epp_errors << {
msg: 'Authentication error; server closing connection (connection limit reached)',
code: '2501'
}
success = false
end
@ -62,7 +86,7 @@ class Epp::SessionsController < EppController
render_epp_response('login_success')
else
response.headers['X-EPP-Returncode'] = '2200'
render_epp_response('login_fail')
handle_errors
end
end
# rubocop: enable Metrics/MethodLength

9
app/controllers/epp_controller.rb
View file

@ -125,8 +125,13 @@ class EppController < ApplicationController
def latin_only
return true if params['frame'].blank?
return true if params['frame'].match(/\A[\p{Latin}\p{Z}\p{P}\p{S}\p{Cc}\p{Cf}\w_\'\+\-\.\(\)\/]*\Z/i)
render_epp_response '/epp/latin_error'
false
epp_errors << {
msg: 'Parameter value policy error. Allowed only Latin characters.',
code: '2306'
}
handle_errors and return false
end
# VALIDATION

15
spec/epp/session_spec.rb
View file

@ -28,6 +28,11 @@ describe 'EPP Session', epp: true do
response[:msg].should == 'Authentication error; server closing connection (API user not found)'
response[:result_code].should == '2501'
response[:clTRID].should == 'ABC-12345'
log = ApiLog::EppLog.last
log.request_command.should == 'login'
log.request_successful.should == false
log.api_user_name.should == 'api-public'
end
it 'does not log in with inactive user' do
@ -38,6 +43,11 @@ describe 'EPP Session', epp: true do
response = epp_plain_request(inactive)
response[:msg].should == 'Authentication error; server closing connection (API user is not active)'
response[:result_code].should == '2501'
log = ApiLog::EppLog.last
log.request_command.should == 'login'
log.request_successful.should == false
log.api_user_name.should == '2-api-inactive-user'
end
it 'prohibits further actions unless logged in' do
@ -61,6 +71,11 @@ describe 'EPP Session', epp: true do
response[:msg].should == 'Parameter value policy error. Allowed only Latin characters.'
response[:result_code].should == '2306'
response[:clTRID].should == 'ABC-12345'
log = ApiLog::EppLog.last
log.request_command.should == 'login'
log.request_successful.should == false
log.api_user_name.should == 'api-public'
end
context 'with valid user' do