zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 22:54:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' into remove-spring-gem

Browse source
This commit is contained in:
Artur Beljajev 2018-06-06 21:49:41 +03:00
commit b09e224d02
82 changed files with 1674 additions and 2976 deletions
Download patch file Download diff file Expand all files Collapse all files

30
.codeclimate.yml
View file

@ -1,12 +1,12 @@
version: "2"
prepare:
fetch:
- "https://raw.githubusercontent.com/internetee/style-guide/master/ruby/.rubocop.yml"
plugins:
brakeman:
enabled: true
bundler-audit:
enabled: true
csslint:
enabled: true
coffeelint:
enabled: true
duplication:
enabled: true
config:
@ -17,22 +17,12 @@ plugins:
enabled: true
fixme:
enabled: true
config:
strings:
- FIXME
- TODO
- HACK
rubocop:
enabled: true
channel: rubocop-0-51
reek:
enabled: true
checks:
IrresponsibleModule:
enabled: false
exclude_patterns:
- "config/"
- "db/"
- "vendor/"
- "spec/"
- "test/"
- "bin/"
- "config/"
- "db/"
- "vendor/"
- "test/"
- "spec/"

2
.csslintrc
View file

@ -1,2 +0,0 @@
--exclude-exts=.min.css
--ignore=adjoining-classes,box-model,ids,order-alphabetical,unqualified-attributes

1
.eslintignore
View file

@ -1 +0,0 @@
**/*{.,-}min.js

7
.eslintrc.yml
View file

@ -1,7 +0,0 @@
env:
browser: true
es6: true
jquery: true
extends: google
rules:
require-jsdoc: off

24
.gitignore vendored
View file

@ -1,25 +1,13 @@
*.rbc
capybara-*.html
.rspec
/log
/tmp
/db/*.sqlite3
/public/system
/public/assets
/coverage/
/spec/tmp
**.orig
config/initializers/secret_token.rb
config/deploy.rb
config/database.yml
config/application.yml
config/environments/development.rb
misc
/export
/import
/ca
/.bundle
/vendor/bundle
/config/database.yml
/config/application.yml
/config/environments/development.rb
/config/deploy.rb
# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
.rvmrc
# Do not commit one. Instead, download the latest from https://github.com/internetee/style-guide.
.rubocop.yml

1136
.reek
View file

File diff suppressed because it is too large Load diff

7
.rubocop.yml
View file

@ -1,7 +0,0 @@
inherit_from: .rubocop_todo.yml
Style/Alias:
EnforcedStyle: prefer_alias_method
Style/FrozenStringLiteralComment:
Enabled: false

1282
.rubocop_todo.yml
View file

File diff suppressed because it is too large Load diff

1
app/api/repp/api.rb
View file

@ -59,5 +59,6 @@ module Repp
mount Repp::AccountV1
mount Repp::DomainTransfersV1
mount Repp::NameserversV1
mount Repp::DomainContactsV1
end
end

47
app/api/repp/domain_contacts_v1.rb Normal file
View file

@ -0,0 +1,47 @@
module Repp
class DomainContactsV1 < Grape::API
version 'v1', using: :path
resource :domains do
resource :contacts do
patch '/' do
current_contact = current_user.registrar.contacts
.find_by(code: params[:current_contact_id])
new_contact = current_user.registrar.contacts.find_by(code: params[:new_contact_id])
unless current_contact
error!({ error: { type: 'invalid_request_error',
param: 'current_contact_id',
message: "No such contact: #{params[:current_contact_id]}"} },
:bad_request)
end
unless new_contact
error!({ error: { type: 'invalid_request_error',
param: 'new_contact_id',
message: "No such contact: #{params[:new_contact_id]}" } },
:bad_request)
end
if new_contact.invalid?
error!({ error: { type: 'invalid_request_error',
param: 'new_contact_id',
message: 'New contact must be valid' } },
:bad_request)
end
if current_contact == new_contact
error!({ error: { type: 'invalid_request_error',
message: 'New contact ID must be different from current' \
' contact ID' } },
:bad_request)
end
affected_domains, skipped_domains = TechDomainContact
.replace(current_contact, new_contact)
@response = { affected_domains: affected_domains, skipped_domains: skipped_domains }
end
end
end
end
end

BIN
app/assets/images/every_pay.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 6.7 KiB

9
app/assets/javascripts/popover.js Normal file
View file

@ -0,0 +1,9 @@
(function() {
function initPopover() {
$(function () {
$('[data-toggle="popover"]').popover();
})
}
initPopover();
})();

2
app/assets/javascripts/registrar-manifest.coffee
View file

@ -7,6 +7,8 @@
#= require select2
#= require datepicker
#= require spell_check
#= require popover
#= require text_field_trimmer
#= require shared/general
#= require registrar/autocomplete
#= require registrar/application

15
app/assets/javascripts/text_field_trimmer.js Normal file
View file

@ -0,0 +1,15 @@
(function () {
function trimTextFields() {
let selector = 'input[type=text], input[type=search], input[type=email], textarea';
let textFields = document.querySelectorAll(selector);
let listener = function () {
this.value = this.value.trim();
};
for (let field of textFields) {
field.addEventListener('change', listener);
}
}
trimTextFields();
})();

20
app/controllers/registrar/bulk_change_controller.rb Normal file
View file

@ -0,0 +1,20 @@
class Registrar
class BulkChangeController < DeppController
helper_method :available_contacts
def new
authorize! :manage, :repp
render file: 'registrar/bulk_change/new', locals: { active_tab: default_tab }
end
private
def available_contacts
current_user.registrar.contacts.order(:name).pluck(:name, :code)
end
def default_tab
:technical_contact
end
end
end

4
app/controllers/registrar/domain_transfers_controller.rb
View file

@ -1,5 +1,5 @@
class Registrar
class DomainTransfersController < DeppController
class DomainTransfersController < BulkChangeController
before_action do
authorize! :transfer, Depp::Domain
end
@ -58,7 +58,7 @@ class Registrar
redirect_to registrar_domains_url
else
@api_errors = parsed_response[:errors]
render :new
render file: 'registrar/bulk_change/new', locals: { active_tab: :bulk_transfer }
end
else
params[:request] = true # EPP domain:transfer "op" attribute

8
app/controllers/registrar/registrar_nameservers_controller.rb → app/controllers/registrar/nameservers_controller.rb
View file

@ -1,9 +1,5 @@
class Registrar
class RegistrarNameserversController < DeppController
def edit
authorize! :manage, :repp
end
class NameserversController < BulkChangeController
def update
authorize! :manage, :repp
@ -52,7 +48,7 @@ class Registrar
redirect_to registrar_domains_url
else
@api_errors = parsed_response[:errors]
render :edit
render file: 'registrar/bulk_change/new', locals: { active_tab: :nameserver }
end
end
end

60
app/controllers/registrar/payments_controller.rb
View file

@ -1,30 +1,34 @@
class Registrar
class PaymentsController < BaseController
protect_from_forgery except: :back
protect_from_forgery except: [:back, :callback]
skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_user!, :check_ip_restriction, only: [:back]
before_action :check_bank
skip_before_action :authenticate_user!, :check_ip_restriction, only: [:back, :callback]
before_action :check_supported_payment_method
# to handle existing model we should
# get invoice_id and then get number
# build BankTransaction without connection with right reference number
# do not connect transaction and invoice
def pay
invoice = Invoice.find(params[:invoice_id])
@bank_link = BankLink::Request.new(params[:bank], invoice, self)
@bank_link.make_transaction
bank = params[:bank]
opts = {
return_url: registrar_return_payment_with_url(
bank, invoice_id: invoice
),
response_url: registrar_response_payment_with_url(
bank, invoice_id: invoice
)
}
@payment = ::PaymentOrders.create_with_type(bank, invoice, opts)
@payment.create_transaction
end
# connect invoice and transaction
# both back and IPN
def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid? && @bank_link.ok?
@bank_link.complete_payment
invoice = Invoice.find(params[:invoice_id])
opts = { response: params }
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
if @payment.valid_response_from_intermediary? && @payment.settled_payment?
@payment.complete_transaction
if @bank_link.invoice.binded?
if invoice.binded?
flash[:notice] = t(:pending_applied)
else
flash[:alert] = t(:something_wrong)
@ -32,17 +36,31 @@ class Registrar
else
flash[:alert] = t(:something_wrong)
end
redirect_to registrar_invoice_path(@bank_link.invoice)
redirect_to registrar_invoice_path(invoice)
end
def callback
invoice = Invoice.find(params[:invoice_id])
opts = { response: params }
@payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts)
if @payment.valid_response_from_intermediary? && @payment.settled_payment?
@payment.complete_transaction
end
render status: 200, json: { status: 'ok' }
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
def check_supported_payment_method
return if supported_payment_method?
raise StandardError.new("Not supported payment method")
end
def check_bank
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank])
def supported_payment_method?
PaymentOrders::PAYMENT_METHODS.include?(params[:bank])
end
end
end

59
app/controllers/registrar/tech_contacts_controller.rb Normal file
View file

@ -0,0 +1,59 @@
class Registrar
class TechContactsController < BulkChangeController
def update
authorize! :manage, :repp
uri = URI.parse("#{ENV['repp_url']}domains/contacts")
request = Net::HTTP::Patch.new(uri)
request.set_form_data(current_contact_id: params[:current_contact_id],
new_contact_id: params[:new_contact_id])
request.basic_auth(current_user.username, current_user.password)
if Rails.env.test?
response = Net::HTTP.start(uri.hostname, uri.port,
use_ssl: (uri.scheme == 'https'),
verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
http.request(request)
end
elsif Rails.env.development?
client_cert = File.read(ENV['cert_path'])
client_key = File.read(ENV['key_path'])
response = Net::HTTP.start(uri.hostname, uri.port,
use_ssl: (uri.scheme == 'https'),
verify_mode: OpenSSL::SSL::VERIFY_NONE,
cert: OpenSSL::X509::Certificate.new(client_cert),
key: OpenSSL::PKey::RSA.new(client_key)) do |http|
http.request(request)
end
else
client_cert = File.read(ENV['cert_path'])
client_key = File.read(ENV['key_path'])
response = Net::HTTP.start(uri.hostname, uri.port,
use_ssl: (uri.scheme == 'https'),
cert: OpenSSL::X509::Certificate.new(client_cert),
key: OpenSSL::PKey::RSA.new(client_key)) do |http|
http.request(request)
end
end
parsed_response = JSON.parse(response.body, symbolize_names: true)
if response.code == '200'
notices = [t('.replaced')]
notices << "#{t('.affected_domains')}: #{parsed_response[:affected_domains].join(', ')}"
if parsed_response[:skipped_domains]
notices << "#{t('.skipped_domains')}: #{parsed_response[:skipped_domains].join(', ')}"
end
flash[:notice] = notices
redirect_to registrar_domains_url
else
@error = parsed_response[:error]
render file: 'registrar/bulk_change/new', locals: { active_tab: :technical_contact }
end
end
end
end

158
app/models/bank_link.rb
View file

@ -1,158 +0,0 @@
class BankLink
module Base
def prepend_size(value)
value = (value || "").to_s.strip
string = ""
string << sprintf("%03i", value.size)
string << value
end
end
class Request
include Base
include ActionView::Helpers::NumberHelper
# need controller here in order to handle random ports and domains
# I don't want to do it but has to
attr_accessor :type, :invoice, :controller
def initialize(type, invoice, controller)
@type, @invoice, @controller = type, invoice, controller
end
def url
ENV["payments_#{type}_url"]
end
def fields
@fields ||= (hash = {}
hash["VK_SERVICE"] = "1012"
hash["VK_VERSION"] = "008"
hash["VK_SND_ID"] = ENV["payments_#{type}_seller_account"]
hash["VK_STAMP"] = invoice.number
hash["VK_AMOUNT"] = number_with_precision(invoice.total, :precision => 2, :separator => ".")
hash["VK_CURR"] = invoice.currency
hash["VK_REF"] = ""
hash["VK_MSG"] = invoice.order
hash["VK_RETURN"] = controller.registrar_return_payment_with_url(type)
hash["VK_CANCEL"] = controller.registrar_return_payment_with_url(type)
hash["VK_DATETIME"] = Time.now.strftime("%Y-%m-%dT%H:%M:%S%z")
hash["VK_MAC"] = calc_mac(hash)
hash["VK_ENCODING"] = "UTF-8"
hash["VK_LANG"] = "ENG"
hash)
end
def calc_mac(fields)
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT VK_CURR VK_REF
VK_MSG VK_RETURN VK_CANCEL VK_DATETIME).freeze
data = pars.map{|e| prepend_size(fields[e]) }.join
sign(data)
end
def make_transaction
transaction = BankTransaction.where(description: fields["VK_MSG"]).first_or_initialize(
reference_no: invoice.reference_no,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.save!
end
private
def sign(data)
private_key = OpenSSL::PKey::RSA.new(File.read(ENV["payments_#{type}_seller_private"]))
signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data)
signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '')
signed_data
end
end
class Response
include Base
include ActionView::Helpers::NumberHelper
attr_accessor :type, :params, :invoice
def initialize(type, params)
@type, @params = type, params
@invoice = Invoice.find_by(number: params["VK_STAMP"]) if params["VK_STAMP"].present?
end
def valid?
!!validate
end
def ok?
params["VK_SERVICE"] == "1111"
end
def complete_payment
if valid?
transaction = BankTransaction.find_by(description: params["VK_MSG"])
transaction.sum = BigDecimal.new(params["VK_AMOUNT"].to_s)
transaction.bank_reference = params['VK_T_NO']
transaction.buyer_bank_code = params["VK_SND_ID"]
transaction.buyer_iban = params["VK_SND_ACC"]
transaction.buyer_name = params["VK_SND_NAME"]
transaction.paid_at = Time.parse(params["VK_T_DATETIME"])
transaction.save!
transaction.autobind_invoice
end
end
def validate
case params["VK_SERVICE"]
when "1111"
validate_success && validate_amount && validate_currency
when "1911"
validate_cancel
else
false
end
end
def validate_success
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_T_NO VK_AMOUNT VK_CURR
VK_REC_ACC VK_REC_NAME VK_SND_ACC VK_SND_NAME VK_REF VK_MSG VK_T_DATETIME).freeze
@validate_success ||= (
data = pars.map{|e| prepend_size(params[e]) }.join
verify_mac(data, params["VK_MAC"])
)
end
def validate_cancel
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_REF VK_MSG).freeze
@validate_cancel ||= (
data = pars.map{|e| prepend_size(params[e]) }.join
verify_mac(data, params["VK_MAC"])
)
end
def validate_amount
source = number_with_precision(BigDecimal.new(params["VK_AMOUNT"].to_s), precision: 2, separator: ".")
target = number_with_precision(invoice.total, precision: 2, separator: ".")
source == target
end
def validate_currency
invoice.currency == params["VK_CURR"]
end
def verify_mac(data, mac)
bank_public_key = OpenSSL::X509::Certificate.new(File.read(ENV["payments_#{type}_bank_certificate"])).public_key
bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data)
end
end
end

15
app/models/payment_orders.rb Normal file
View file

@ -0,0 +1,15 @@
module PaymentOrders
PAYMENT_INTERMEDIARIES = ENV['payments_intermediaries'].to_s.strip.split(', ').freeze
PAYMENT_BANKLINK_BANKS = ENV['payments_banks'].to_s.strip.split(', ').freeze
PAYMENT_METHODS = [PAYMENT_INTERMEDIARIES, PAYMENT_BANKLINK_BANKS].flatten.freeze
def self.create_with_type(type, invoice, opts = {})
raise ArgumentError unless PAYMENT_METHODS.include?(type)
if PAYMENT_BANKLINK_BANKS.include?(type)
BankLink.new(type, invoice, opts)
elsif type == 'every_pay'
EveryPay.new(type, invoice, opts)
end
end
end

146
app/models/payment_orders/bank_link.rb Normal file
View file

@ -0,0 +1,146 @@
module PaymentOrders
class BankLink < Base
BANK_LINK_VERSION = '008'
NEW_TRANSACTION_SERVICE_NUMBER = '1012'
SUCCESSFUL_PAYMENT_SERVICE_NUMBER = '1111'
CANCELLED_PAYMENT_SERVICE_NUMBER = '1911'
NEW_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT
VK_CURR VK_REF VK_MSG VK_RETURN VK_CANCEL
VK_DATETIME).freeze
SUCCESS_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP
VK_T_NO VK_AMOUNT VK_CURR VK_REC_ACC VK_REC_NAME
VK_SND_ACC VK_SND_NAME VK_REF VK_MSG
VK_T_DATETIME).freeze
CANCEL_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP
VK_REF VK_MSG).freeze
def form_fields
hash = {}
hash["VK_SERVICE"] = NEW_TRANSACTION_SERVICE_NUMBER
hash["VK_VERSION"] = BANK_LINK_VERSION
hash["VK_SND_ID"] = seller_account
hash["VK_STAMP"] = invoice.number
hash["VK_AMOUNT"] = number_with_precision(invoice.total, precision: 2, separator: ".")
hash["VK_CURR"] = invoice.currency
hash["VK_REF"] = ""
hash["VK_MSG"] = invoice.order
hash["VK_RETURN"] = return_url
hash["VK_CANCEL"] = return_url
hash["VK_DATETIME"] = Time.zone.now.strftime("%Y-%m-%dT%H:%M:%S%z")
hash["VK_MAC"] = calc_mac(hash)
hash["VK_ENCODING"] = "UTF-8"
hash["VK_LANG"] = "ENG"
hash
end
def valid_response_from_intermediary?
return false unless response
case response["VK_SERVICE"]
when SUCCESSFUL_PAYMENT_SERVICE_NUMBER
valid_successful_transaction?
when CANCELLED_PAYMENT_SERVICE_NUMBER
valid_cancel_notice?
else
false
end
end
def complete_transaction
return unless valid_successful_transaction?
transaction = BankTransaction.find_by(
description: invoice.order,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.sum = response['VK_AMOUNT']
transaction.bank_reference = response['VK_T_NO']
transaction.buyer_bank_code = response["VK_SND_ID"]
transaction.buyer_iban = response["VK_SND_ACC"]
transaction.buyer_name = response["VK_SND_NAME"]
transaction.paid_at = Time.parse(response["VK_T_DATETIME"])
transaction.save!
transaction.autobind_invoice
end
def settled_payment?
response["VK_SERVICE"] == SUCCESSFUL_PAYMENT_SERVICE_NUMBER
end
private
def valid_successful_transaction?
valid_success_notice? && valid_amount? && valid_currency?
end
def valid_cancel_notice?
valid_mac?(response, CANCEL_MESSAGE_KEYS)
end
def valid_success_notice?
valid_mac?(response, SUCCESS_MESSAGE_KEYS)
end
def valid_amount?
source = number_with_precision(
BigDecimal.new(response["VK_AMOUNT"]), precision: 2, separator: "."
)
target = number_with_precision(
invoice.total, precision: 2, separator: "."
)
source == target
end
def valid_currency?
invoice.currency == response["VK_CURR"]
end
def sign(data)
private_key = OpenSSL::PKey::RSA.new(File.read(seller_certificate))
signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data)
signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '')
signed_data
end
def calc_mac(fields)
pars = NEW_MESSAGE_KEYS
data = pars.map { |element| prepend_size(fields[element]) }.join
sign(data)
end
def valid_mac?(hash, keys)
data = keys.map { |element| prepend_size(hash[element]) }.join
verify_mac(data, hash["VK_MAC"])
end
def verify_mac(data, mac)
bank_public_key = OpenSSL::X509::Certificate.new(File.read(bank_certificate)).public_key
bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data)
end
def prepend_size(value)
value = (value || "").to_s.strip
string = ""
string << format("%03i", value.size)
string << value
end
def seller_account
ENV["payments_#{type}_seller_account"]
end
def seller_certificate
ENV["payments_#{type}_seller_private"]
end
def bank_certificate
ENV["payments_#{type}_bank_certificate"]
end
end
end

33
app/models/payment_orders/base.rb Normal file
View file

@ -0,0 +1,33 @@
module PaymentOrders
class Base
include ActionView::Helpers::NumberHelper
attr_reader :type,
:invoice,
:return_url,
:response_url,
:response
def initialize(type, invoice, opts = {})
@type = type
@invoice = invoice
@return_url = opts[:return_url]
@response_url = opts[:response_url]
@response = opts[:response]
end
def create_transaction
transaction = BankTransaction.where(description: invoice.order).first_or_initialize(
reference_no: invoice.reference_no,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.save!
end
def form_url
ENV["payments_#{type}_url"]
end
end
end

84
app/models/payment_orders/every_pay.rb Normal file
View file

@ -0,0 +1,84 @@
module PaymentOrders
class EveryPay < Base
USER = ENV['payments_every_pay_api_user'].freeze
KEY = ENV['payments_every_pay_api_key'].freeze
ACCOUNT_ID = ENV['payments_every_pay_seller_account'].freeze
SUCCESSFUL_PAYMENT = %w(settled authorized).freeze
def form_fields
base_json = base_params
base_json[:nonce] = SecureRandom.hex(15)
hmac_fields = (base_json.keys + ['hmac_fields']).sort.uniq!
base_json[:hmac_fields] = hmac_fields.join(',')
hmac_string = hmac_fields.map { |key, _v| "#{key}=#{base_json[key]}" }.join('&')
hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string)
base_json[:hmac] = hmac
base_json
end
def valid_response_from_intermediary?
return false unless response
valid_hmac? && valid_amount? && valid_account?
end
def settled_payment?
SUCCESSFUL_PAYMENT.include?(response[:payment_state])
end
def complete_transaction
return unless valid_response_from_intermediary? && settled_payment?
transaction = BankTransaction.find_by(
description: invoice.order,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.sum = response[:amount]
transaction.paid_at = Date.strptime(response[:timestamp], '%s')
transaction.buyer_name = response[:cc_holder_name]
transaction.save!
transaction.autobind_invoice
end
private
def base_params
{
api_username: USER,
account_id: ACCOUNT_ID,
timestamp: Time.now.to_i.to_s,
callback_url: response_url,
customer_url: return_url,
amount: number_with_precision(invoice.total, precision: 2),
order_reference: SecureRandom.hex(15),
transaction_type: 'charge',
hmac_fields: ''
}.with_indifferent_access
end
def valid_hmac?
hmac_fields = response[:hmac_fields].split(',')
hmac_hash = {}
hmac_fields.map do |field|
symbol = field.to_sym
hmac_hash[symbol] = response[symbol]
end
hmac_string = hmac_hash.map { |key, _v| "#{key}=#{hmac_hash[key]}" }.join('&')
expected_hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string)
expected_hmac == response[:hmac]
end
def valid_amount?
invoice.total == BigDecimal.new(response[:amount])
end
def valid_account?
response[:account_id] == ACCOUNT_ID
end
end
end

21
app/models/tech_domain_contact.rb
View file

@ -1,2 +1,23 @@
class TechDomainContact < DomainContact
# Audit log is needed, therefore no raw SQL
def self.replace(current_contact, new_contact)
affected_domains = []
skipped_domains = []
tech_contacts = where(contact: current_contact)
transaction do
tech_contacts.each do |tech_contact|
if tech_contact.domain.discarded?
skipped_domains << tech_contact.domain.name
next
end
tech_contact.contact = new_contact
tech_contact.save!
affected_domains << tech_contact.domain.name
end
end
return affected_domains.sort, skipped_domains.sort
end
end

6
app/views/admin/base/_flash_messages.html.erb → app/views/application/_flash_messages.html.erb
View file

@ -1,7 +1,11 @@
<% if flash[:notice] %>
<div class="alert alert-success alert-dismissible">
<button class="close" data-dismiss="alert" type=button><span>&times;</span></button>
<p><%= flash[:notice] %></p>
<% if flash[:notice].respond_to?(:join) %>
<p><%= flash[:notice].join('<br>').html_safe %></p>
<% else %>
<p><%= flash[:notice] %></p>
<% end %>
</div>
<% end %>

2
app/views/layouts/registrant/application.html.erb
View file

@ -20,7 +20,7 @@
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button aria-controls="navbar" aria-expanded="false" class="navbar-toggle collapsed" data-target="#navbar" data-toggle="collapse" type="button">
<button aria-expanded="false" class="navbar-toggle collapsed" data-target="#navbar" data-toggle="collapse" type="button">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>

4
app/views/layouts/registrar/base.html.erb
View file

@ -18,7 +18,7 @@
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button aria-controls="navbar" aria-expanded="false" class="navbar-toggle collapsed" data-target="#navbar" data-toggle="collapse" type="button">
<button aria-expanded="false" class="navbar-toggle collapsed" data-target="#navbar" data-toggle="collapse" type="button">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
@ -39,7 +39,7 @@
</div>
</nav>
<div class="container">
<%= render 'shared/flash' %>
<%= render 'flash_messages' %>
<% if depp_controller? %>
<%= render 'registrar/shared/epp_results' %>
<% end %>

45
app/views/layouts/registrar/sessions.haml
View file

@ -1,45 +0,0 @@
!!! 5
%html{lang: I18n.locale.to_s}
%head
%meta{charset: "utf-8"}/
%meta{content: "IE=edge", "http-equiv" => "X-UA-Compatible"}/
%meta{content: "width=device-width, initial-scale=1", name: "viewport"}/
- if content_for? :head_title
= yield :head_title
- else
%title= t(:registrar_head_title)
= csrf_meta_tags
= stylesheet_link_tag 'registrar-manifest', media: 'all'
= javascript_include_tag 'registrar-manifest'
= favicon_link_tag 'favicon.ico'
%body
%nav.navbar.navbar-default.navbar-fixed-top
.container
.navbar-header
%button.navbar-toggle.collapsed{"aria-controls" => "navbar", "aria-expanded" => "false", "data-target" => "#navbar", "data-toggle" => "collapse", :type => "button"}
%span.sr-only Toggle navigation
%span.icon-bar
%span.icon-bar
%span.icon-bar
= link_to registrar_root_path, class: 'navbar-brand', id: 'registrar-home-btn' do
= t(:registrar_head_title)
- if unstable_env.present?
.text-center
%small{style: 'color: #0074B3;'}= unstable_env
- if current_user
= render 'navbar'
.container
= render 'shared/flash'
- if depp_controller?
= render 'registrar/shared/epp_results'
= yield
%footer.footer
.container
.row
.col-md-6
= image_tag 'eis-logo-et.png'
.col-md-6.text-right
Version
= CURRENT_COMMIT_HASH

54
app/views/layouts/registrar/sessions.html.erb Normal file
View file

@ -0,0 +1,54 @@
<!DOCTYPE html>
<html lang="<%= locale %>">
<head>
<meta charset="utf-8">
<% if content_for? :head_title %>
<%= yield :head_title %>
<% else %>
<title>
<%= t(:registrar_head_title) %>
</title>
<% end %>
<%= csrf_meta_tags %>
<%= stylesheet_link_tag 'registrar-manifest', media: 'all' %>
<%= javascript_include_tag 'registrar-manifest' %>
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<%= link_to registrar_root_path, class: 'navbar-brand',
id: 'registrar-home-btn' do %>
<%= t(:registrar_head_title) %>
<% if unstable_env.present? %>
<div class="text-center">
<small style="color: #0074B3;">
<%= unstable_env %>
</small>
</div>
<% end %>
<% end %>
</div>
</div>
</nav>
<div class="container">
<%= render 'flash_messages' %>
<%= yield %>
</div>
<footer class="footer">
<div class="container">
<div class="row">
<div class="col-md-6">
<%= image_tag 'eis-logo-et.png' %>
</div>
<div class="col-md-6 text-right">
Version
<%= CURRENT_COMMIT_HASH %>
</div>
</div>
</div>
</footer>
</body>
</html>

34
app/views/registrar/bulk_change/_bulk_transfer_form.html.erb Normal file
View file

@ -0,0 +1,34 @@
<%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %>
<%= render 'registrar/domain_transfers/form/api_errors' %>
<div class="form-group">
<div class="col-md-2 control-label">
<%= label_tag :batch_file %>
</div>
<div class="col-md-4">
<%= file_field_tag :batch_file, required: true %>
<span class="help-block"><%= t '.file_field_hint' %></span>
</div>
</div>
<div class="form-group">
<div class="col-md-4 col-md-offset-2 text-right">
<button class="btn btn-warning">
<%= t '.submit_btn' %>
</button>
</div>
</div>
<div class="form-group">
<div class="col-md-6">
<a class="btn btn-default btn-xs" role="button" data-toggle="collapse"
href="#bulk_change_bulk_transfer_help"><%= t '.help_btn' %>
</a>
<div class="collapse" id="bulk_change_bulk_transfer_help">
<div class="well">
<%= t '.help' %>
</div>
</div>
</div>
</div>
<% end %>

30
app/views/registrar/registrar_nameservers/_form.html.erb → app/views/registrar/bulk_change/_nameserver_form.html.erb
View file

@ -1,12 +1,13 @@
<%= form_tag registrar_update_registrar_nameserver_path, method: :put, class: 'form-horizontal' do %>
<%= form_tag registrar_nameservers_path, method: :patch, class: 'form-horizontal' do %>
<%= render 'registrar/domain_transfers/form/api_errors' %>
<div class="form-group">
<div class="col-md-2 control-label">
<%= label_tag :old_hostname %>
</div>
<div class="col-md-5">
<%= text_field_tag :old_hostname, params[:old_hostname], autofocus: true,
required: true,
<div class="col-md-4">
<%= text_field_tag :old_hostname, params[:old_hostname], required: true,
class: 'form-control' %>
</div>
</div>
@ -16,7 +17,7 @@
<%= label_tag :new_hostname %>
</div>
<div class="col-md-5">
<div class="col-md-4">
<%= text_field_tag :new_hostname, params[:new_hostname], required: true,
class: 'form-control' %>
</div>
@ -27,7 +28,7 @@
<%= label_tag :ipv4 %>
</div>
<div class="col-md-3">
<div class="col-md-4">
<%= text_area_tag :ipv4, params[:ipv4], class: 'form-control' %>
</div>
</div>
@ -37,17 +38,30 @@
<%= label_tag :ipv6 %>
</div>
<div class="col-md-3">
<div class="col-md-4">
<%= text_area_tag :ipv6, params[:ipv6], class: 'form-control' %>
<span class="help-block"><%= t '.ip_hint' %></span>
</div>
</div>
<div class="form-group">
<div class="col-md-5 col-md-offset-2 text-right">
<div class="col-md-4 col-md-offset-2 text-right">
<button class="btn btn-warning">
<%= t '.replace_btn' %>
</button>
</div>
</div>
<div class="form-group">
<div class="col-md-6">
<a class="btn btn-default btn-xs" role="button" data-toggle="collapse"
href="#bulk_change_nameserver_help"><%= t '.help_btn' %>
</a>
<div class="collapse" id="bulk_change_nameserver_help">
<div class="well">
<%= t '.help' %>
</div>
</div>
</div>
</div>
<% end %>

60
app/views/registrar/bulk_change/_tech_contact_form.html.erb Normal file
View file

@ -0,0 +1,60 @@
<%= form_tag registrar_tech_contacts_path, method: :patch, class: 'form-horizontal' do %>
<% if @error %>
<div class="alert alert-danger">
<%= @error[:message] %>
</div>
<% end %>
<div class="form-group">
<div class="col-md-2 control-label">
<%= label_tag :current_contact_id, t('.current_contact_id') %>
</div>
<div class="col-md-4">
<%= text_field_tag :current_contact_id, params[:current_contact_id],
list: :contacts,
required: true,
autofocus: true,
class: 'form-control' %>
</div>
</div>
<div class="form-group">
<div class="col-md-2 control-label">
<%= label_tag :new_contact_id, t('.new_contact_id') %>
</div>
<div class="col-md-4">
<%= text_field_tag :new_contact_id, params[:new_contact_id],
list: :contacts,
required: true,
class: 'form-control' %>
</div>
</div>
<div class="form-group">
<div class="col-md-4 col-md-offset-2 text-right">
<button class="btn btn-warning">
<%= t '.submit_btn' %>
</button>
</div>
</div>
<div class="form-group">
<div class="col-md-6">
<a class="btn btn-default btn-xs" role="button" data-toggle="collapse"
href="#bulk_change_tech_contact_help"><%= t '.help_btn' %></a>
<div class="collapse" id="bulk_change_tech_contact_help">
<div class="well">
<%= t '.help' %>
</div>
</div>
</div>
</div>
<% end %>
<datalist id="contacts">
<% available_contacts.each do |data| %>
<option value="<%= data.second %>"><%= data.first %></option>
<% end %>
</datalist>

37
app/views/registrar/bulk_change/new.html.erb Normal file
View file

@ -0,0 +1,37 @@
<ol class="breadcrumb">
<li><%= link_to t('registrar.domains.index.header'), registrar_domains_path %></li>
</ol>
<div class="page-header">
<h1><%= t '.header' %></h1>
</div>
<ul class="nav nav-tabs">
<li class="<%= 'active' if active_tab == :technical_contact %>">
<a href="#technical_contact" data-toggle="tab"><%= t '.technical_contact' %></a>
</li>
<li class="<%= 'active' if active_tab == :nameserver %>">
<a href="#nameserver" data-toggle="tab"><%= t '.nameserver' %></a>
</li>
<li class="<%= 'active' if active_tab == :bulk_transfer %>">
<a href="#bulk_transfer" data-toggle="tab"><%= t '.bulk_transfer' %></a>
</li>
</ul>
<div class="tab-content">
<div class="tab-pane<%= ' active' if active_tab == :technical_contact %>"
id="technical_contact">
<%= render 'tech_contact_form', available_contacts: available_contacts %>
</div>
<div class="tab-pane<%= ' active' if active_tab == :nameserver %>" id="nameserver">
<%= render 'nameserver_form' %>
</div>
<div class="tab-pane<%= ' active' if active_tab == :bulk_transfer %>" id="bulk_transfer">
<%= render 'bulk_transfer_form' %>
</div>
</div>

4
app/views/registrar/domain_transfers/form/_single.html.erb → app/views/registrar/domain_transfers/_form.html.erb
View file

@ -1,4 +1,6 @@
<%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %>
<%= render 'registrar/domain_transfers/form/api_errors' %>
<div class="form-group">
<div class="col-md-3 control-label">
<%= label_tag :domain_name, nil, class: 'required' %>
@ -30,7 +32,7 @@
<div class="form-group">
<div class="col-md-10 text-right">
<button class="btn btn-warning">
<%= t '.transfer_btn' %>
<%= t '.submit_btn' %>
</button>
</div>
</div>

19
app/views/registrar/domain_transfers/form/_batch.html.erb
View file

@ -1,19 +0,0 @@
<%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %>
<div class="form-group">
<div class="col-md-3 control-label">
<%= label_tag :batch_file %>
</div>
<div class="col-md-7">
<%= file_field_tag :batch_file, required: true %>
<span class="help-block"><%= t '.batch_file_help' %></span>
</div>
</div>
<div class="form-group">
<div class="col-md-10 text-right">
<button class="btn btn-warning">
<%= t '.transfer_btn' %>
</button>
</div>
</div>
<% end %>

20
app/views/registrar/domain_transfers/new.html.erb
View file

@ -6,24 +6,6 @@
<div class="row">
<div class="col-md-8">
<ul class="nav nav-tabs">
<li class="active">
<a href="#single" data-toggle="tab"><%= t '.single' %></a>
</li>
<li>
<a href="#batch" data-toggle="tab"><%= t '.batch' %></a>
</li>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="single">
<%= render 'registrar/domain_transfers/form/single' %>
</div>
<div class="tab-pane" id="batch">
<%= render 'registrar/domain_transfers/form/batch' %>
</div>
</div>
<%= render 'form' %>
</div>
</div>

32
app/views/registrar/domains/index.html.erb
View file

@ -1,13 +1,13 @@
<div class="page-header">
<div class="row">
<div class="col-sm-7">
<div class="col-sm-5">
<h1><%= t '.header' %></h1>
</div>
<div class="col-sm-5 text-right">
<div class="col-sm-7 text-right">
<%= link_to t('.new_btn'), new_registrar_domain_path, class: 'btn btn-primary' %>
<%= link_to t('.transfer_btn'), new_registrar_domain_transfer_path, class: 'btn btn-default' %>
<%= link_to t('.replace_nameserver_btn'), registrar_edit_registrar_nameserver_path,
<%= link_to t('.bulk_change_btn'), new_registrar_bulk_change_path,
class: 'btn btn-default' %>
</div>
</div>
@ -24,22 +24,22 @@
<div class="table-responsive">
<table class="table table-hover table-bordered table-condensed">
<thead>
<tr>
<th class="col-xs-2">
<%= sort_link(@q, 'name') %>
</th>
<th class="col-xs-2">
<%= sort_link @q, 'registrant_name', Registrant.model_name.human %>
</th>
<th class="col-xs-2">
<%= sort_link @q, 'valid_to', Domain.human_attribute_name(:expire_time) %>
</th>
<th class="col-xs-2"></th>
</tr>
<tr>
<th class="col-xs-2">
<%= sort_link(@q, 'name') %>
</th>
<th class="col-xs-2">
<%= sort_link @q, 'registrant_name', Registrant.model_name.human %>
</th>
<th class="col-xs-2">
<%= sort_link @q, 'valid_to', Domain.human_attribute_name(:expire_time) %>
</th>
<th class="col-xs-2"></th>
</tr>
</thead>
<tbody>
<%= render @domains %>
<%= render @domains %>
</tbody>
</table>
</div>

5
app/views/registrar/invoices/partials/_banklinks.haml
View file

@ -1,6 +1,7 @@
%h4= t(:pay_by_bank_link)
%h4= t('registrar.invoices.pay_invoice')
%hr
- ENV['payments_banks'].split(",").each do |meth|
- locals[:payment_channels].each do |meth|
- meth = meth.strip
= link_to registrar_payment_with_path(meth, invoice_id: params[:id]) do
= image_tag("#{meth}.png")

2
app/views/registrar/invoices/show.haml
View file

@ -17,4 +17,4 @@
- if !@invoice.cancelled? && !@invoice.binded?
.row.semifooter
.col-md-12.text-right= render 'registrar/invoices/partials/banklinks'
.col-md-6-offset-6.text-right= render 'registrar/invoices/partials/banklinks', locals: { payment_channels: PaymentOrders::PAYMENT_METHODS }

19
app/views/registrar/payments/pay.html.haml
View file

@ -1,11 +1,14 @@
.h3
= t('registrar.invoices.redirected_to_intermediary')
.payment-form
= form_tag @bank_link.url, method: :post do
- @bank_link.fields.each do |k, v|
= form_tag @payment.form_url, method: :post do
- @payment.form_fields.each do |k, v|
= hidden_field_tag k, v
= submit_tag "Mine maksma"
= submit_tag t('registrar.invoices.go_to_intermediary')
:coffeescript
load_listener = ->
$('.payment-form form').submit()
window.addEventListener 'load', load_listener
:javascript
function load_listener() {
$('.payment-form form').submit();
}
window.addEventListener('load', load_listener)

11
app/views/registrar/registrar_nameservers/edit.html.erb
View file

@ -1,11 +0,0 @@
<ol class="breadcrumb">
<li><%= link_to t('registrar.domains.index.header'), registrar_domains_path %></li>
</ol>
<div class="page-header">
<h1><%= t '.header' %></h1>
</div>
<%= render 'registrar/domain_transfers/form/api_errors' %>
<%= render 'form' %>

129
coffeelint.json
View file

@ -1,129 +0,0 @@
{
"arrow_spacing": {
"level": "ignore"
},
"braces_spacing": {
"level": "ignore",
"spaces": 0,
"empty_object_spaces": 0
},
"camel_case_classes": {
"level": "error"
},
"coffeescript_error": {
"level": "error"
},
"colon_assignment_spacing": {
"level": "ignore",
"spacing": {
"left": 0,
"right": 0
}
},
"cyclomatic_complexity": {
"value": 10,
"level": "ignore"
},
"duplicate_key": {
"level": "error"
},
"empty_constructor_needs_parens": {
"level": "ignore"
},
"ensure_comprehensions": {
"level": "warn"
},
"eol_last": {
"level": "ignore"
},
"indentation": {
"value": 2,
"level": "error"
},
"line_endings": {
"level": "ignore",
"value": "unix"
},
"max_line_length": {
"value": 80,
"level": "error",
"limitComments": true
},
"missing_fat_arrows": {
"level": "ignore",
"is_strict": false
},
"newlines_after_classes": {
"value": 3,
"level": "ignore"
},
"no_backticks": {
"level": "error"
},
"no_debugger": {
"level": "warn",
"console": false
},
"no_empty_functions": {
"level": "ignore"
},
"no_empty_param_list": {
"level": "ignore"
},
"no_implicit_braces": {
"level": "ignore",
"strict": true
},
"no_implicit_parens": {
"strict": true,
"level": "ignore"
},
"no_interpolation_in_single_quotes": {
"level": "ignore"
},
"no_plusplus": {
"level": "ignore"
},
"no_stand_alone_at": {
"level": "ignore"
},
"no_tabs": {
"level": "error"
},
"no_this": {
"level": "ignore"
},
"no_throwing_strings": {
"level": "error"
},
"no_trailing_semicolons": {
"level": "error"
},
"no_trailing_whitespace": {
"level": "error",
"allowed_in_comments": false,
"allowed_in_empty_lines": true
},
"no_unnecessary_double_quotes": {
"level": "ignore"
},
"no_unnecessary_fat_arrows": {
"level": "warn"
},
"non_empty_constructor_needs_parens": {
"level": "ignore"
},
"prefer_english_operator": {
"level": "ignore",
"doubleNotLevel": "ignore"
},
"space_operators": {
"level": "ignore"
},
"spacing_after_comma": {
"level": "ignore"
},
"transform_messes_up_line_numbers": {
"level": "warn"
}
}

23
config/application-example.yml
View file

@ -106,10 +106,13 @@ sk_digi_doc_service_name: 'Testimine'
secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret'
devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret'
# You should list only payment methods that
# conform with the Estonian BankLink standard
payments_banks: >
seb,
swed,
lhv
payments_seb_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_seb_bank_certificate: 'eyp_pub.pem'
payments_seb_seller_private: 'kaupmees_priv.pem'
@ -123,6 +126,26 @@ payments_lhv_bank_certificate: 'eyp_pub.pem'
payments_lhv_seller_private: 'kaupmees_priv.pem'
payments_lhv_seller_account: 'testvpos'
# You should list other payment intermediaries here. Each one of them needs their own class in /app/models/payments/
payments_intermediaries: >
every_pay
# Other intermediaries should follow this naming convention:
# payments_intermediary_url - URL to intiate payments
# payments_intermediary_seller_account - your username in the bank system
# payments_intermediary_api_user - API username, in case it's different than the seller account
# payments_intermediary_api_key - API key given to you by intermediary
payments_every_pay_url: 'https://igw-demo.every-pay.com/transactions/'
payments_every_pay_seller_account: 'EUR3D1'
payments_every_pay_api_user: 'api_user'
payments_every_pay_api_key: 'api_key'
user_session_timeout: '3600' # 1 hour
secure_session_cookies: 'false' # true|false
same_site_session_cookies: 'false' # false|strict|lax
# Since the keys for staging are absent from the repo, we need to supply them separate for testing.
test:
payments_seb_bank_certificate: 'test/fixtures/files/seb_bank_cert.pem'
payments_seb_seller_private: 'test/fixtures/files/seb_seller_key.pem'

1
config/locales/en.yml
View file

@ -541,7 +541,6 @@ en:
your_current_account_balance_is: 'Your current account balance is %{balance} %{currency}'
billing: 'Billing'
your_account: 'Your account'
pay_by_bank_link: 'Pay by bank link'
issue_date: 'Issue date'
due_date: 'Due date'
payment_term: 'Payment term'

31
config/locales/registrar/bulk_change.en.yml Normal file
View file

@ -0,0 +1,31 @@
en:
registrar:
bulk_change:
new:
header: Bulk change
technical_contact: Technical contact
nameserver: Nameserver
bulk_transfer: Bulk transfer
tech_contact_form:
current_contact_id: Current contact ID
new_contact_id: New contact ID
submit_btn: Replace technical contacts
help_btn: Toggle help
help: >-
Replace technical contact specified in "current contact ID" with the one in "new
contact ID" on any domain registered under this registrar
nameserver_form:
ip_hint: One IP per line
replace_btn: Replace nameserver
help_btn: Toggle help
help: >-
Replace nameserver specified in the "old hostname" with the one in "new hostname" with
optional IPv4 and IPv6 addresses on any domain registered under this registrar
bulk_transfer_form:
file_field_hint: CSV file with domain list provided by another registrar
submit_btn: Transfer
help_btn: Toggle help
help: Transfer domains in the csv file with correct transfer code to this registrar

9
config/locales/registrar/domain_transfers.en.yml
View file

@ -3,17 +3,10 @@ en:
domain_transfers:
new:
header: Domain transfer
single: One by one
batch: Batch
create:
header: Domain transfer
transferred: "%{count} domains have been successfully transferred"
form:
single:
transfer_btn: Transfer
batch:
batch_file_help: CSV file with domain list provided by another registrar
transfer_btn: Transfer batch
submit_btn: Transfer

2
config/locales/registrar/domains.en.yml
View file

@ -5,7 +5,7 @@ en:
header: Domains
new_btn: New domain
transfer_btn: Transfer
replace_nameserver_btn: Replace nameserver
bulk_change_btn: Bulk change
csv:
domain_name: Domain
transfer_code: Transfer code

6
config/locales/registrar/invoices.en.yml
View file

@ -1,5 +1,11 @@
en:
registrar:
invoices:
pay_invoice: 'Pay invoice'
redirected_to_intermediary: 'Click the button below to redirect to payment intermediary'
to_card_payment: Open card payment
go_to_intermediary: 'Go to intermediary'
pay_by_credit_card: Pay by credit card
payment_complete: Credit Card payment Complete
index:
reset_btn: Reset

5
config/locales/registrar/nameservers.en.yml Normal file
View file

@ -0,0 +1,5 @@
en:
registrar:
nameservers:
update:
replaced: Nameserver have been successfully replaced

13
config/locales/registrar/registrar_nameservers.en.yml
View file

@ -1,13 +0,0 @@
en:
registrar:
registrar_nameservers:
edit:
header: Replace nameserver
replace_btn: Replace
form:
ip_hint: One IP per line
replace_btn: Replace nameserver
update:
replaced: Nameserver have been successfully replaced

7
config/locales/registrar/tech_contacts.en.yml Normal file
View file

@ -0,0 +1,7 @@
en:
registrar:
tech_contacts:
update:
replaced: Technical contacts have been successfully replaced.
affected_domains: Affected domains
skipped_domains: Skipped domains

15
config/routes.rb
View file

@ -62,9 +62,9 @@ Rails.application.routes.draw do
end
end
resources :domain_transfers, only: %i[new create]
get 'registrar/nameservers', to: 'registrar_nameservers#edit', as: :edit_registrar_nameserver
put 'registrar/nameservers', to: 'registrar_nameservers#update', as: :update_registrar_nameserver
resource :bulk_change, controller: :bulk_change, only: :new
resource :tech_contacts, only: :update
resource :nameservers, only: :update
resources :contacts, constraints: {:id => /[^\/]+(?=#{ ActionController::Renderers::RENDERERS.map{|e| "\\.#{e}\\z"}.join("|") })|[^\/]+/} do
member do
get 'delete'
@ -91,10 +91,11 @@ Rails.application.routes.draw do
end
end
get 'pay/return/:bank' => 'payments#back', as: 'return_payment_with'
post 'pay/return/:bank' => 'payments#back'
get 'pay/go/:bank' => 'payments#pay', as: 'payment_with'
get 'pay/return/:bank' => 'payments#back', as: 'return_payment_with'
post 'pay/return/:bank' => 'payments#back'
put 'pay/return/:bank' => 'payments#back'
post 'pay/callback/:bank' => 'payments#callback', as: 'response_payment_with'
get 'pay/go/:bank' => 'payments#pay', as: 'payment_with'
end
namespace :registrant do

19
doc/repp/v1/domain_contacts.md Normal file
View file

@ -0,0 +1,19 @@
# Domain contacts
## PATCH https://repp.internet.ee/v1/domains/contacts
Replaces all domain contacts of the current registrar.
### Example request
```
$ curl https://repp.internet.ee/v1/domains/contacts \
-X PATCH \
-u username:password \
-d current_contact_id=foo \
-d new_contact_id=bar
```
### Example response
```
{
"affected_domains": ["example.com", "example.org"]
}
```

2
spec/factories/registrar.rb
View file

@ -8,7 +8,7 @@ FactoryBot.define do
state 'test'
zip 'test'
email 'test@test.com'
country_code 'EE'
country_code 'US'
accounting_customer_code 'test'
factory :registrar_with_unlimited_balance do

1
spec/rails_helper.rb
View file

@ -20,6 +20,7 @@ require 'support/paper_trail'
require 'support/settings'
ActiveRecord::Migration.maintain_test_schema!
Setting.registry_country_code = 'US'
RSpec.configure do |config|
config.include ActionView::TestCase::Behavior, type: :presenter

5
test/fixtures/bank_transactions.yml vendored
View file

@ -1,3 +1,8 @@
one:
sum: 1
currency: EUR
for_payments_test:
description: "Order nr. 1"
currency: "EUR"
iban: "1234"

2
test/fixtures/contacts.yml vendored
View file

@ -76,7 +76,7 @@ not_in_use:
invalid:
name: any
code: any
code: invalid
email: invalid@invalid.test
auth_info: any
registrar: bestnames

15
test/fixtures/domain_contacts.yml vendored
View file

@ -8,11 +8,26 @@ shop_william:
contact: william
type: TechDomainContact
shop_acme_ltd:
domain: shop
contact: acme_ltd
type: TechDomainContact
airport_john:
domain: airport
contact: john
type: AdminDomainContact
airport_william_admin:
domain: airport
contact: william
type: AdminDomainContact
airport_william_tech:
domain: airport
contact: william
type: TechDomainContact
library_john:
domain: library
contact: john

15
test/fixtures/files/seb_bank_cert.pem vendored Normal file
View file

@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICVTCCAb4CCQCdHk6fGGIg9DANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJF
RTERMA8GA1UECAwISGFyanVtYWExEDAOBgNVBAcMB1RhbGxpbm4xJTAjBgNVBAoM
HEVzdG9uaWFuIEludGVybmV0IEZvdW5kYXRpb24xFDASBgNVBAMMC2ludGVybmV0
LmVlMB4XDTE4MDQyMTEyNDEyMloXDTE4MDUyMTEyNDEyMlowbzELMAkGA1UEBhMC
RUUxETAPBgNVBAgMCEhhcmp1bWFhMRAwDgYDVQQHDAdUYWxsaW5uMSUwIwYDVQQK
DBxFc3RvbmlhbiBJbnRlcm5ldCBGb3VuZGF0aW9uMRQwEgYDVQQDDAtpbnRlcm5l
dC5lZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QPTaFdN+03vC63vgcSd
OsURjrt/eslJkPXr53VgkcFoD2AI+z1AoUbOMJ/FfXb+iY4o70we3YeRP8SeaDFn
pjOlSmS+DTsh5s3DCahbdbFzvyBDD5A4yKRaVRSCWFEjC684Uvg9Pf/ifP6GxHN6
uVFg9/YhkS9XwfE0deJhxUUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCKC6bL+4Eu
+Dz+RQEZ9IEerZSKnnV2mygN9usddg46BnMqceWCA19Ei71C2UQsVD2e+7XkLjrl
0IDGciQqAjOUp4KKG+jQbtlcP0BBvP6CnirwqFfeV0XLWKapLetDjtdlmACAtHXj
8U0YFVbj5GGPJWAfAPnzpsiTxnQIinXNZw==
-----END CERTIFICATE-----

16
test/fixtures/files/seb_seller_key.pem vendored Normal file
View file

@ -0,0 +1,16 @@
-----BEGIN PRIVATE KEY-----
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOED02hXTftN7wut
74HEnTrFEY67f3rJSZD16+d1YJHBaA9gCPs9QKFGzjCfxX12/omOKO9MHt2HkT/E
nmgxZ6YzpUpkvg07IebNwwmoW3Wxc78gQw+QOMikWlUUglhRIwuvOFL4PT3/4nz+
hsRzerlRYPf2IZEvV8HxNHXiYcVFAgMBAAECgYEAxLXAgm4YaUK3YOF9CVgmD/Oq
Jrp5dpEzs/uZcO4nLyUCYLaXA3SH5LXumYmDb+ywFvbliFVmgkn6y+GKjhHqxjhx
KtyK3w1vGVkk6RyA076vgnOEp3un7j9XXM5U93Osk25Ezzb4pqslU7nDPb1OGg2A
q4UG+zHyj9UkI2S1V10CQQD39JtA3eiSlJ4jtr7QP3/KFV3O7Sku5TTmc6aMUhja
9qZCUMaK/67aMFjl62E9vdNBb1gGg28dBo/zV0uZAdsrAkEA6FCvyzaMOOzWqz6N
/uzeU7NTW9cHNQRx1d7e3vjWhYxvvknNrFim3sH+tbTock5MeNr4d4yCYFM72Zc5
wH/pTwJBAIrD7OMnjZIC9GGeUzluYBDzVjWJCmRBSBK0pH+hLmHUaYVxeTuvDebz
6bx6t0f7ZTAYpRW4FsYStxsDPr6ZiFMCQFh7SslKSFPyGLz2QVzj2LXmagxjtLID
tFux3A7ulb4dw/2k3HoU9dGH77xDX/kRS10IgXP/BzUq3nO8flmMHk8CQQCCnqcJ
CEA+kqwPvgQ8YdeJOBFEc4spQ+OFbLUAtMt8+9YfeWtHyUlyNhtGXmwN8kGAHcPz
qtfPVIDR4dU0uvCw
-----END PRIVATE KEY-----

6
test/fixtures/invoices.yml vendored
View file

@ -31,3 +31,9 @@ outstanding:
overdue:
<<: *DEFAULTS
due_date: <%= Date.parse '2010-07-03' %>
for_payments_test:
<<: *DEFAULTS
total: 12.00
id: 1
number: 1

4
test/fixtures/nameservers.yml vendored
View file

@ -18,6 +18,10 @@ airport_ns1:
hostname: ns1.bestnames.test
domain: airport
airport_ns2:
hostname: ns2.bestnames.test
domain: airport
metro_ns1:
hostname: ns1.bestnames.test
domain: metro

124
test/integration/api/domain_contacts_test.rb Normal file
View file

@ -0,0 +1,124 @@
require 'test_helper'
class APIDomainContactsTest < ActionDispatch::IntegrationTest
def test_replace_all_tech_contacts_of_the_current_registrar
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_nil domains(:shop).tech_contacts.find_by(code: 'william-001')
assert domains(:shop).tech_contacts.find_by(code: 'john-001')
assert domains(:airport).tech_contacts.find_by(code: 'john-001')
end
def test_skip_discarded_domains
domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert domains(:airport).tech_contacts.find_by(code: 'william-001')
end
def test_return_affected_domains_in_alphabetical_order
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :ok
assert_equal ({ affected_domains: %w[airport.test shop.test],
skipped_domains: [] }),
JSON.parse(response.body, symbolize_names: true)
end
def test_return_skipped_domains_in_alphabetical_order
domains(:shop).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :ok
assert_equal %w[airport.test shop.test], JSON.parse(response.body,
symbolize_names: true)[:skipped_domains]
end
def test_keep_other_tech_contacts_intact
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert domains(:shop).tech_contacts.find_by(code: 'acme-ltd-001')
end
def test_keep_admin_contacts_intact
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert domains(:airport).admin_contacts.find_by(code: 'william-001')
end
def test_restrict_contacts_to_the_current_registrar
patch '/repp/v1/domains/contacts', { current_contact_id: 'jack-001',
new_contact_id: 'william-002' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :bad_request
assert_equal ({ error: { type: 'invalid_request_error',
param: 'current_contact_id',
message: 'No such contact: jack-001' } }),
JSON.parse(response.body, symbolize_names: true)
end
def test_non_existent_current_contact
patch '/repp/v1/domains/contacts', { current_contact_id: 'non-existent',
new_contact_id: 'john-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :bad_request
assert_equal ({ error: { type: 'invalid_request_error',
param: 'current_contact_id',
message: 'No such contact: non-existent' } }),
JSON.parse(response.body, symbolize_names: true)
end
def test_non_existent_new_contact
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'non-existent' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :bad_request
assert_equal ({ error: { type: 'invalid_request_error',
param: 'new_contact_id',
message: 'No such contact: non-existent' } }),
JSON.parse(response.body, symbolize_names: true)
end
def test_disallow_invalid_new_contact
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'invalid' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :bad_request
assert_equal ({ error: { type: 'invalid_request_error',
param: 'new_contact_id',
message: 'New contact must be valid' } }),
JSON.parse(response.body, symbolize_names: true)
end
def test_disallow_self_replacement
patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001',
new_contact_id: 'william-001' },
{ 'HTTP_AUTHORIZATION' => http_auth_key }
assert_response :bad_request
assert_equal ({ error: { type: 'invalid_request_error',
message: 'New contact ID must be different from current contact ID' } }),
JSON.parse(response.body, symbolize_names: true)
end
private
def http_auth_key
ActionController::HttpAuthentication::Basic.encode_credentials('test_bestnames', 'testtest')
end
end

2
test/integration/api/domain_transfers_test.rb
View file

@ -53,7 +53,7 @@ class APIDomainTransfersTest < ActionDispatch::IntegrationTest
end
def test_duplicates_registrant_admin_and_tech_contacts
assert_difference -> { @new_registrar.contacts.size }, 2 do
assert_difference -> { @new_registrar.contacts.size }, 3 do
post '/repp/v1/domain_transfers', request_params, { 'HTTP_AUTHORIZATION' => http_auth_key }
end
end

2
test/integration/epp/domain/transfer/request_test.rb
View file

@ -49,7 +49,7 @@ class EppDomainTransferRequestTest < ActionDispatch::IntegrationTest
end
def test_duplicates_registrant_admin_and_tech_contacts
assert_difference -> { @new_registrar.contacts.size }, 2 do
assert_difference -> { @new_registrar.contacts.size }, 3 do
post '/epp/command/transfer', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_goodnames' }
end
end

3
test/integration/registrar/billing/balance_top_up_test.rb
View file

@ -6,6 +6,7 @@ class BalanceTopUpTest < ActionDispatch::IntegrationTest
end
def test_creates_new_invoice
original_vat_prc = Setting.registry_vat_prc
Setting.registry_vat_prc = 0.1
visit registrar_invoices_url
@ -21,5 +22,7 @@ class BalanceTopUpTest < ActionDispatch::IntegrationTest
assert_equal BigDecimal(10), invoice.vat_rate
assert_equal BigDecimal('28.05'), invoice.total
assert_text 'Please pay the following invoice'
Setting.registry_vat_prc = original_vat_prc
end
end

21
test/integration/registrar/domain_transfers_test.rb → test/integration/registrar/bulk_change/bulk_transfer_test.rb
View file

@ -1,12 +1,11 @@
require 'test_helper'
class RegistrarDomainTransfersTest < ActionDispatch::IntegrationTest
class RegistrarAreaBulkTransferTest < ActionDispatch::IntegrationTest
setup do
WebMock.reset!
login_as users(:api_goodnames)
end
def test_batch_transfer_succeeds
def test_transfer_multiple_domains_in_bulk
request_body = { data: { domainTransfers: [{ domainName: 'shop.test', transferCode: '65078d5' }] } }
headers = { 'Content-type' => 'application/json' }
request_stub = stub_request(:post, /domain_transfers/).with(body: request_body,
@ -17,28 +16,26 @@ class RegistrarDomainTransfersTest < ActionDispatch::IntegrationTest
}] }.to_json, status: 200)
visit registrar_domains_url
click_link 'Transfer'
click_on 'Batch'
click_link 'Bulk change'
click_link 'Bulk transfer'
attach_file 'Batch file', Rails.root.join('test', 'fixtures', 'files', 'valid_domains_for_transfer.csv').to_s
click_button 'Transfer batch'
click_button 'Transfer'
assert_requested request_stub
assert_current_path registrar_domains_path
assert_text '1 domains have been successfully transferred'
end
def test_batch_transfer_fails_gracefully
def test_fail_gracefully
body = { errors: [{ title: 'epic fail' }] }.to_json
headers = { 'Content-type' => 'application/json' }
stub_request(:post, /domain_transfers/).to_return(status: 400, body: body, headers: headers)
visit registrar_domains_url
click_link 'Transfer'
click_on 'Batch'
click_link 'Bulk change'
click_link 'Bulk transfer'
attach_file 'Batch file', Rails.root.join('test', 'fixtures', 'files', 'valid_domains_for_transfer.csv').to_s
click_button 'Transfer batch'
click_button 'Transfer'
assert_text 'epic fail'
end

9
test/integration/registrar/nameserver_replacement_test.rb → test/integration/registrar/bulk_change/nameserver_test.rb
View file

@ -1,8 +1,7 @@
require 'test_helper'
class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest
class RegistrarAreaNameserverBulkChangeTest < ActionDispatch::IntegrationTest
setup do
WebMock.reset!
login_as users(:api_goodnames)
end
@ -21,7 +20,8 @@ class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest
}] }.to_json, status: 200)
visit registrar_domains_url
click_link 'Replace nameserver'
click_link 'Bulk change'
click_link 'Nameserver'
fill_in 'Old hostname', with: 'ns1.bestnames.test'
fill_in 'New hostname', with: 'new-ns.bestnames.test'
@ -40,7 +40,8 @@ class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest
headers: { 'Content-type' => 'application/json' })
visit registrar_domains_url
click_link 'Replace nameserver'
click_link 'Bulk change'
click_link 'Nameserver'
fill_in 'Old hostname', with: 'old hostname'
fill_in 'New hostname', with: 'new hostname'

47
test/integration/registrar/bulk_change/tech_contact_test.rb Normal file
View file

@ -0,0 +1,47 @@
require 'test_helper'
class RegistrarAreaTechContactBulkChangeTest < ActionDispatch::IntegrationTest
setup do
login_as users(:api_bestnames)
end
def test_replace_domain_contacts_of_current_registrar
request_stub = stub_request(:patch, /domains\/contacts/)
.with(body: { current_contact_id: 'william-001', new_contact_id: 'john-001' },
basic_auth: ['test_bestnames', 'testtest'])
.to_return(body: { affected_domains: %w[foo.test bar.test],
skipped_domains: %w[baz.test qux.test] }.to_json,
status: 200)
visit registrar_domains_url
click_link 'Bulk change'
fill_in 'Current contact ID', with: 'william-001'
fill_in 'New contact ID', with: 'john-001'
click_on 'Replace technical contacts'
assert_requested request_stub
assert_current_path registrar_domains_path
assert_text 'Technical contacts have been successfully replaced'
assert_text 'Affected domains: foo.test, bar.test'
assert_text 'Skipped domains: baz.test, qux.test'
end
def test_fails_gracefully
stub_request(:patch, /domains\/contacts/)
.to_return(status: 400,
body: { error: { message: 'epic fail' } }.to_json,
headers: { 'Content-type' => 'application/json' })
visit registrar_domains_url
click_link 'Bulk change'
fill_in 'Current contact ID', with: 'william-001'
fill_in 'New contact ID', with: 'john-001'
click_on 'Replace technical contacts'
assert_text 'epic fail'
assert_field 'Current contact ID', with: 'william-001'
assert_field 'New contact ID', with: 'john-001'
end
end

2
test/integration/registrar/domains_test.rb
View file

@ -9,7 +9,7 @@ class RegistrarDomainsTest < ActionDispatch::IntegrationTest
Domain,Transfer code,Registrant name,Registrant code,Date of expiry
library.test,45118f5,Acme Ltd,acme-ltd-001,2010-07-05
shop.test,65078d5,John,john-001,2010-07-05
invalid.test,1438d6,any,any,2010-07-05
invalid.test,1438d6,any,invalid,2010-07-05
airport.test,55438j5,John,john-001,2010-07-05
CSV

28
test/integration/registrar/invoices/list_test.rb Normal file
View file

@ -0,0 +1,28 @@
require 'test_helper'
class ListInvoicesTest < ActionDispatch::IntegrationTest
def setup
super
@user = users(:api_bestnames)
@registrar_invoices = @user.registrar.invoices
login_as @user
end
def test_show_balance
visit registrar_invoices_path
assert_text "Your current account balance is 100,00 EUR"
end
def test_show_multiple_invoices
@invoices = invoices
@registrar_invoices = []
@invoices.each do |invoice|
@registrar_invoices << invoice
end
visit registrar_invoices_path
assert_text "Unpaid", count: 5
assert_text "Invoice no.", count: 7
end
end

40
test/integration/registrar/invoices/new_invoice_payment_test.rb Normal file
View file

@ -0,0 +1,40 @@
require 'test_helper'
class NewInvoicePaymentTest < ActionDispatch::IntegrationTest
def setup
super
@user = users(:api_bestnames)
login_as @user
end
def create_invoice_and_visit_its_page
visit registrar_invoices_path
click_link_or_button 'Add deposit'
fill_in 'Amount', with: '200.00'
fill_in 'Description', with: 'My first invoice'
click_link_or_button 'Add'
end
def test_create_new_SEB_payment
create_invoice_and_visit_its_page
click_link_or_button 'Seb'
form = page.find('form')
assert_equal('https://www.seb.ee/cgi-bin/dv.sh/ipank.r', form['action'])
assert_equal('post', form['method'])
assert_equal('240.00', form.find_by_id('VK_AMOUNT', visible: false).value)
end
def test_create_new_Every_Pay_payment
create_invoice_and_visit_its_page
click_link_or_button 'Every pay'
expected_hmac_fields = 'account_id,amount,api_username,callback_url,' +
'customer_url,hmac_fields,nonce,order_reference,timestamp,transaction_type'
form = page.find('form')
assert_equal('https://igw-demo.every-pay.com/transactions/', form['action'])
assert_equal('post', form['method'])
assert_equal(expected_hmac_fields, form.find_by_id('hmac_fields', visible: false).value)
assert_equal('240.00', form.find_by_id('amount', visible: false).value)
end
end

48
test/integration/registrar/invoices/new_test.rb Normal file
View file

@ -0,0 +1,48 @@
require 'test_helper'
class NewInvoiceTest < ActionDispatch::IntegrationTest
def setup
super
@user = users(:api_bestnames)
login_as @user
end
def test_show_balance
visit registrar_invoices_path
assert_text "Your current account balance is 100,00 EUR"
end
def test_create_new_invoice_with_positive_amount
visit registrar_invoices_path
click_link_or_button 'Add deposit'
fill_in 'Amount', with: '200.00'
fill_in 'Description', with: 'My first invoice'
assert_difference 'Invoice.count', 1 do
click_link_or_button 'Add'
end
assert_text 'Please pay the following invoice'
assert_text 'Invoice no. 131050'
assert_text 'Subtotal 200,00 €'
assert_text 'Pay invoice'
end
# This test case should fail once issue #651 gets fixed
def test_create_new_invoice_with_amount_0_goes_through
visit registrar_invoices_path
click_link_or_button 'Add deposit'
fill_in 'Amount', with: '0.00'
fill_in 'Description', with: 'My first invoice'
assert_difference 'Invoice.count', 1 do
click_link_or_button 'Add'
end
assert_text 'Please pay the following invoice'
assert_text 'Invoice no. 131050'
assert_text 'Subtotal 0,00 €'
assert_text 'Pay invoice'
end
end

49
test/integration/registrar/invoices/payment_callback_test.rb Normal file
View file

@ -0,0 +1,49 @@
require 'test_helper'
class PaymentCallbackTest < ActionDispatch::IntegrationTest
def setup
super
@user = users(:api_bestnames)
login_as @user
end
def create_invoice_with_items
@invoice = invoices(:for_payments_test)
invoice_item = invoice_items(:one)
@invoice.invoice_items << invoice_item
@invoice.invoice_items << invoice_item
@user.registrar.invoices << @invoice
end
def every_pay_request_params
{
nonce: "392f2d7748bc8cb0d14f263ebb7b8932",
timestamp: "1524136727",
api_username: "ca8d6336dd750ddb",
transaction_result: "completed",
payment_reference: "fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56",
payment_state: "settled",
amount: "12.00",
order_reference: "e468a2d59a731ccc546f2165c3b1a6",
account_id: "EUR3D1",
cc_type: "master_card",
cc_last_four_digits: "0487",
cc_month: "10",
cc_year: "2018",
cc_holder_name: "John Doe",
hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result",
hmac: "efac1c732835668cd86023a7abc140506c692f0d",
invoice_id: "12900000",
payment_method: "every_pay"
}
end
def test_every_pay_callback_returns_status_200
create_invoice_with_items
request_params = every_pay_request_params.merge(invoice_id: @invoice.id)
post "/registrar/pay/callback/every_pay", request_params
assert_equal(200, response.status)
end
end

100
test/integration/registrar/invoices/payment_return_test.rb Normal file
View file

@ -0,0 +1,100 @@
require 'test_helper'
class PaymentReturnTest < ActionDispatch::IntegrationTest
def setup
super
@user = users(:api_bestnames)
login_as @user
end
def create_invoice_with_items
@invoice = invoices(:for_payments_test)
invoice_item = invoice_items(:one)
@invoice.invoice_items << invoice_item
@invoice.invoice_items << invoice_item
@user.registrar.invoices << @invoice
end
def every_pay_request_params
{
nonce: "392f2d7748bc8cb0d14f263ebb7b8932",
timestamp: "1524136727",
api_username: "ca8d6336dd750ddb",
transaction_result: "completed",
payment_reference: "fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56",
payment_state: "settled",
amount: "12.00",
order_reference: "e468a2d59a731ccc546f2165c3b1a6",
account_id: "EUR3D1",
cc_type: "master_card",
cc_last_four_digits: "0487",
cc_month: "10",
cc_year: "2018",
cc_holder_name: "John Doe",
hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result",
hmac: "efac1c732835668cd86023a7abc140506c692f0d",
invoice_id: "12900000",
payment_method: "every_pay"
}
end
def bank_link_request_params
{
"VK_SERVICE": "1111",
"VK_VERSION": "008",
"VK_SND_ID": "testvpos",
"VK_REC_ID": "seb",
"VK_STAMP": 1,
"VK_T_NO": "1",
"VK_AMOUNT": "12.00",
"VK_CURR": "EUR",
"VK_REC_ACC": "1234",
"VK_REC_NAME": "Eesti Internet",
"VK_SND_ACC": "1234",
"VK_SND_NAME": "John Doe",
"VK_REF": "",
"VK_MSG": "Order nr 1",
"VK_T_DATETIME": "2018-04-01T00:30:00+0300",
"VK_MAC": "CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=",
"VK_ENCODING": "UTF-8",
"VK_LANG": "ENG",
payment_method: "seb"
}
end
def test_every_pay_return_creates_activity_redirects_to_invoice_path
create_invoice_with_items
request_params = every_pay_request_params.merge(invoice_id: @invoice.id)
post "/registrar/pay/return/every_pay", request_params
assert_equal(302, response.status)
assert_redirected_to(registrar_invoice_path(@invoice))
end
def test_Every_Pay_return_raises_RecordNotFound
create_invoice_with_items
request_params = every_pay_request_params.merge(invoice_id: "178907")
assert_raises(ActiveRecord::RecordNotFound) do
post "/registrar/pay/return/every_pay", request_params
end
end
def test_bank_link_return_redirects_to_invoice_paths
create_invoice_with_items
request_params = bank_link_request_params.merge(invoice_id: @invoice.id)
post "/registrar/pay/return/seb", request_params
assert_equal(302, response.status)
assert_redirected_to(registrar_invoice_path(@invoice))
end
def test_bank_link_return
create_invoice_with_items
request_params = bank_link_request_params.merge(invoice_id: "178907")
assert_raises(ActiveRecord::RecordNotFound) do
post "/registrar/pay/return/seb", request_params
end
end
end

2
test/models/domain_transfer_test.rb
View file

@ -20,7 +20,7 @@ class DomainTransferTest < ActiveSupport::TestCase
body = 'Transfer of domain shop.test has been approved.' \
' It was associated with registrant john-001' \
' and contacts jane-001, william-001.'
' and contacts acme-ltd-001, jane-001, william-001.'
id = @domain_transfer.id
class_name = @domain_transfer.class.name

4
test/models/nameserver_test.rb
View file

@ -50,9 +50,11 @@ class NameserverTest < ActiveSupport::TestCase
end
def test_hostnames
assert_equal %w[ns1.bestnames.test
assert_equal %w[
ns1.bestnames.test
ns2.bestnames.test
ns1.bestnames.test
ns2.bestnames.test
ns1.bestnames.test], Nameserver.hostnames
end

134
test/models/payment_orders/bank_link_test.rb Normal file
View file

@ -0,0 +1,134 @@
require 'test_helper'
class BankLinkTest < ActiveSupport::TestCase
# Note: Files stored in: test/fixtures/files/seb_seller_key.pem
# test/fixtures/files/seb_bank_cert.pem
# are autogenerated, they will not work against production or even staging.
def setup
super
@invoice = invoices(:for_payments_test)
invoice_item = invoice_items(:one)
@invoice.invoice_items << invoice_item
@invoice.invoice_items << invoice_item
travel_to '2018-04-01 00:30 +0300'
create_new_bank_link
create_completed_bank_link
create_cancelled_bank_link
end
def teardown
super
travel_back
end
def create_completed_bank_link
params = {
'VK_SERVICE': '1111',
'VK_VERSION': '008',
'VK_SND_ID': 'testvpos',
'VK_REC_ID': 'seb',
'VK_STAMP': 1,
'VK_T_NO': '1',
'VK_AMOUNT': '12.00',
'VK_CURR': 'EUR',
'VK_REC_ACC': '1234',
'VK_REC_NAME': 'Eesti Internet',
'VK_SND_ACC': '1234',
'VK_SND_NAME': 'John Doe',
'VK_REF': '',
'VK_MSG': 'Order nr 1',
'VK_T_DATETIME': '2018-04-01T00:30:00+0300',
'VK_MAC': 'CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=',
'VK_ENCODING': 'UTF-8',
'VK_LANG': 'ENG'
}.with_indifferent_access
@completed_bank_link = PaymentOrders::BankLink.new(
'seb', @invoice, { response: params }
)
end
def create_cancelled_bank_link
params = {
'VK_SERVICE': '1911',
'VK_VERSION': '008',
'VK_SND_ID': 'testvpos',
'VK_REC_ID': 'seb',
'VK_STAMP': 1,
'VK_REF': '',
'VK_MSG': 'Order nr 1',
'VK_MAC': 'PElE2mYXXN50q2UBvTuYU1rN0BmOQcbafPummDnWfNdm9qbaGQkGyOn0XaaFGlrdEcldXaHBbZKUS0HegIgjdDfl2NOk+wkLNNH0Iu38KzZaxHoW9ga7vqiyKHC8dcxkHiO9HsOnz77Sy/KpWCq6cz48bi3fcMgo+MUzBMauWoQ=',
'VK_ENCODING': 'UTF-8',
'VK_LANG': 'ENG'
}.with_indifferent_access
@cancelled_bank_link = PaymentOrders::BankLink.new(
'seb', @invoice, { response: params }
)
end
def create_new_bank_link
params = { return_url: 'return.url', response_url: 'response.url' }
@new_bank_link = PaymentOrders::BankLink.new('seb', @invoice, params)
end
def test_response_is_not_valid_when_it_is_missing
refute(false, @new_bank_link.valid_response_from_intermediary?)
end
def test_form_fields
expected_response = {
'VK_SERVICE': '1012',
'VK_VERSION': '008',
'VK_SND_ID': 'testvpos',
'VK_STAMP': 1,
'VK_AMOUNT': '12.00',
'VK_CURR': 'EUR',
'VK_REF': '',
'VK_MSG': 'Order nr. 1',
'VK_RETURN': 'return.url',
'VK_CANCEL': 'return.url',
'VK_DATETIME': '2018-04-01T00:30:00+0300',
'VK_MAC': 'q70UNFV4ih1qYij2+CyrHaApc3OE66igy3ijuR1m9dl0Cg+lIrAUsP47JChAF7PRErwZ78vSuZwrg0Vabhlp3WoC934ik2FiE04BBxUUTndONvguaNR1wvl0FiwfXFljLncX7TOmRraywJljKC5vTnIRNT2+1HXvmv0v576PGao=',
'VK_ENCODING': 'UTF-8',
'VK_LANG': 'ENG'
}.with_indifferent_access
assert_equal(expected_response, @new_bank_link.form_fields)
end
def test_valid_success_response_from_intermediary?
assert(@completed_bank_link.valid_response_from_intermediary?)
end
def test_valid_cancellation_response_from_intermediary?
assert(@cancelled_bank_link.valid_response_from_intermediary?)
end
def test_settled_payment?
assert(@completed_bank_link.settled_payment?)
refute(@cancelled_bank_link.settled_payment?)
end
def test_complete_transaction_calls_methods_on_transaction
mock_transaction = MiniTest::Mock.new
mock_transaction.expect(:sum= , '12.00', ['12.00'])
mock_transaction.expect(:bank_reference= , '1', ['1'])
mock_transaction.expect(:buyer_bank_code= , 'testvpos', ['testvpos'])
mock_transaction.expect(:buyer_iban= , '1234', ['1234'])
mock_transaction.expect(:paid_at= , Date.parse('2018-04-01 00:30:00 +0300'), [Time.parse('2018-04-01T00:30:00+0300')])
mock_transaction.expect(:buyer_name=, 'John Doe', ['John Doe'])
mock_transaction.expect(:save!, true)
mock_transaction.expect(:autobind_invoice, AccountActivity.new)
BankTransaction.stub(:find_by, mock_transaction) do
@completed_bank_link.complete_transaction
end
mock_transaction.verify
end
end

92
test/models/payment_orders/every_pay_test.rb Normal file
View file

@ -0,0 +1,92 @@
require 'test_helper'
class EveryPayTest < ActiveSupport::TestCase
def setup
super
@invoice = invoices(:for_payments_test)
invoice_item = invoice_items(:one)
@invoice.invoice_items << invoice_item
@invoice.invoice_items << invoice_item
params = {
response:
{
utf8: '✓',
_method: 'put',
authenticity_token: 'OnA69vbccQtMt3C9wxEWigs5Gpf/7z+NoxRCMkFPlTvaATs8+OgMKF1I4B2f+vuK37zCgpWZaWWtyuslRRSwkw==',
nonce: '392f2d7748bc8cb0d14f263ebb7b8932',
timestamp: '1524136727',
api_username: 'ca8d6336dd750ddb',
transaction_result: 'completed',
payment_reference: 'fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56',
payment_state: 'settled',
amount: '12.00',
order_reference: 'e468a2d59a731ccc546f2165c3b1a6',
account_id: 'EUR3D1',
cc_type: 'master_card',
cc_last_four_digits: '0487',
cc_month: '10',
cc_year: '2018',
cc_holder_name: 'John Doe',
hmac_fields: 'account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result',
hmac: 'efac1c732835668cd86023a7abc140506c692f0d',
invoice_id: '1',
},
}
@every_pay = PaymentOrders::EveryPay.new('every_pay', @invoice, params)
@other_pay = PaymentOrders::EveryPay.new('every_pay', @invoice, {})
travel_to Time.zone.parse('2018-04-01 00:30:00 +0000')
end
def teardown
super
travel_back
end
def test_form_fields
expected_fields = {
api_username: 'api_user',
account_id: 'EUR3D1',
timestamp: '1522542600',
amount: '12.00',
transaction_type: 'charge',
hmac_fields: 'account_id,amount,api_username,callback_url,customer_url,hmac_fields,nonce,order_reference,timestamp,transaction_type'
}
form_fields = @every_pay.form_fields
expected_fields.each do |k, v|
assert_equal(v, form_fields[k])
end
end
def test_valid_response_from_intermediary?
assert(@every_pay.valid_response_from_intermediary?)
refute(@other_pay.valid_response_from_intermediary?)
end
def test_settled_payment?
assert(@every_pay.settled_payment?)
other_pay = PaymentOrders::EveryPay.new(
'every_pay', @invoice, {response: {payment_state: 'CANCELLED'}}
)
refute(other_pay.settled_payment?)
end
def test_complete_transaction_calls_methods_on_transaction
mock_transaction = MiniTest::Mock.new
mock_transaction.expect(:sum= , '12.00', ['12.00'])
mock_transaction.expect(:paid_at= , Date.strptime('1524136727', '%s'), [Date.strptime('1524136727', '%s')])
mock_transaction.expect(:buyer_name=, 'John Doe', ['John Doe'])
mock_transaction.expect(:save!, true)
mock_transaction.expect(:autobind_invoice, AccountActivity.new)
BankTransaction.stub(:find_by, mock_transaction) do
@every_pay.complete_transaction
end
mock_transaction.verify
end
end

58
test/models/payment_orders_test.rb Normal file
View file

@ -0,0 +1,58 @@
require 'test_helper'
class PaymentOrdersTest < ActiveSupport::TestCase
def setup
super
@original_methods = ENV['payment_methods']
@original_seb_URL = ENV['seb_payment_url']
ENV['payment_methods'] = 'seb, swed, credit_card'
ENV['seb_payment_url'] = nil
@not_implemented_payment = PaymentOrders::Base.new(
'not_implemented', Invoice.new
)
end
def teardown
super
ENV['payment_methods'] = @original_methods
ENV['seb_payment_url'] = @original_seb_URL
end
def test_variable_assignment
assert_equal 'not_implemented', @not_implemented_payment.type
assert_nil @not_implemented_payment.response_url
assert_nil @not_implemented_payment.return_url
assert_nil @not_implemented_payment.form_url
end
def test_that_errors_are_raised_on_missing_methods
assert_raise NoMethodError do
@not_implemented_payment.valid_response?
end
assert_raise NoMethodError do
@not_implemented_payment.settled_payment?
end
assert_raise NoMethodError do
@not_implemented_payment.form_fields
end
assert_raise NoMethodError do
@not_implemented_payment.complete_transaction
end
end
def test_that_create_with_type_raises_argument_error
assert_raise ArgumentError do
PaymentOrders.create_with_type("not_implemented", Invoice.new)
end
end
def test_create_with_correct_subclass
payment = PaymentOrders.create_with_type('seb', Invoice.new)
assert_equal PaymentOrders::BankLink, payment.class
end
end

4
test/models/registry_test.rb
View file

@ -10,7 +10,11 @@ class RegistryTest < ActiveSupport::TestCase
end
def test_vat_rate
original_vat_prc = Setting.registry_vat_prc
Setting.registry_vat_prc = 0.25
assert_equal BigDecimal(25), @registry.vat_rate
Setting.registry_vat_prc = original_vat_prc
end
end