zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-08 13:44:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1702 from internetee/1580-registrar-api-contacts-endpoint

Browse source 
REPP: Contact management
This commit is contained in:
Timo Võhmar 2020-11-24 15:28:39 +02:00 committed by GitHub
commit bcafa2e424
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
57 changed files with 2049 additions and 649 deletions
Download patch file Download diff file Expand all files Collapse all files

75
app/controllers/epp/contacts_controller.rb
View file

@ -1,10 +1,9 @@
require 'deserializers/xml/contact_update'
require 'deserializers/xml/contact_create'
module Epp
class ContactsController < BaseController
before_action :find_contact, only: [:info, :update, :delete]
before_action :find_password, only: [:info, :update, :delete]
helper_method :address_processing?
def info
authorize! :info, @contact, @password
@ -21,25 +20,13 @@ module Epp
def create
authorize! :create, Epp::Contact
frame = params[:parsed_frame]
@contact = Epp::Contact.new(frame, current_user.registrar)
@contact.add_legal_file_to_new(frame)
@contact.generate_code
@contact = Epp::Contact.new(params[:parsed_frame], current_user.registrar)
collected_data = ::Deserializers::Xml::ContactCreate.new(params[:parsed_frame])
action = Actions::ContactCreate.new(@contact, collected_data.legal_document,
collected_data.ident)
if @contact.save
if !address_processing? && address_given?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response '/epp/contacts/save'
else
handle_errors(@contact)
end
action_call_response(action: action)
end
def update
@ -52,29 +39,18 @@ module Epp
collected_data.ident,
current_user)
if action.call
if !address_processing? && address_given?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response 'epp/contacts/save'
else
handle_errors(@contact)
end
action_call_response(action: action)
end
def delete
authorize! :delete, @contact, @password
if @contact.destroy_and_clean(params[:parsed_frame])
render_epp_response '/epp/contacts/delete'
else
action = Actions::ContactDelete.new(@contact, params[:legal_document])
unless action.call
handle_errors(@contact)
return
end
render_epp_response '/epp/contacts/delete'
end
def renew
@ -91,6 +67,26 @@ module Epp
private
def opt_addr?
!Contact.address_processing? && address_given?
end
def action_call_response(action:)
# rubocop:disable Style/AndOr
(handle_errors(@contact) and return) unless action.call
# rubocop:enable Style/AndOr
if opt_addr?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response('epp/contacts/save')
end
def find_password
@password = params[:parsed_frame].css('authInfo pw').text
end
@ -129,8 +125,7 @@ module Epp
'postalInfo > addr > cc',
]
required_attributes.concat(address_attributes) if address_processing?
required_attributes.concat(address_attributes) if Contact.address_processing?
requires(*required_attributes)
ident = params[:parsed_frame].css('ident')
@ -206,9 +201,5 @@ module Epp
def address_given?
params[:parsed_frame].css('postalInfo addr').size != 0
end
def address_processing?
Contact.address_processing?
end
end
end

6
app/controllers/registrar/domain_transfers_controller.rb
View file

@ -15,12 +15,12 @@ class Registrar
csv.each do |row|
domain_name = row['Domain']
transfer_code = row['Transfer code']
domain_transfers << { 'domainName' => domain_name, 'transferCode' => transfer_code }
domain_transfers << { 'domain_name' => domain_name, 'transfer_code' => transfer_code }
end
uri = URI.parse("#{ENV['repp_url']}domain_transfers")
uri = URI.parse("#{ENV['repp_url']}domains/transfer")
request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
request.body = { data: { domainTransfers: domain_transfers } }.to_json
request.body = { data: { domain_transfers: domain_transfers } }.to_json
request.basic_auth(current_registrar_user.username,
current_registrar_user.plain_text_password)

11
app/controllers/repp/v1/accounts_controller.rb Normal file
View file

@ -0,0 +1,11 @@
module Repp
module V1
class AccountsController < BaseController
def balance
resp = { balance: current_user.registrar.cash_account.balance,
currency: current_user.registrar.cash_account.currency }
render_success(data: resp)
end
end
end
end

4
app/controllers/repp/v1/auctions_controller.rb
View file

@ -3,9 +3,9 @@ module Repp
class AuctionsController < ActionController::API
def index
auctions = Auction.started
@response = { count: auctions.count, auctions: auctions_to_json(auctions) }
render json: { count: auctions.count,
auctions: auctions_to_json(auctions) }
render json: @response
end
private

111
app/controllers/repp/v1/base_controller.rb Normal file
View file

@ -0,0 +1,111 @@
module Repp
module V1
class BaseController < ActionController::API
rescue_from ActiveRecord::RecordNotFound, with: :not_found_error
before_action :authenticate_user
before_action :check_ip_restriction
attr_reader :current_user
before_action :set_paper_trail_whodunnit
rescue_from ActionController::ParameterMissing do |exception|
render json: { code: 2003, message: exception }, status: :bad_request
end
after_action do
ApiLog::ReppLog.create(
request_path: request.path, request_method: request.request_method,
request_params: request.params.except('route_info').to_json, uuid: request.try(:uuid),
response: @response.to_json, response_code: status, ip: request.ip,
api_user_name: current_user.try(:username),
api_user_registrar: current_user.try(:registrar).try(:to_s)
)
end
private
def set_paper_trail_whodunnit
::PaperTrail.request.whodunnit = current_user
end
def render_success(code: nil, message: nil, data: nil)
@response = { code: code || 1000, message: message || 'Command completed successfully',
data: data || {} }
render(json: @response, status: :ok)
end
def epp_errors
@epp_errors ||= []
end
def handle_errors(obj = nil, update: false)
@epp_errors ||= []
obj&.construct_epp_errors
@epp_errors += obj.errors[:epp_errors] if obj
format_epp_errors if update
@epp_errors.uniq!
render_epp_error
end
def format_epp_errors
@epp_errors.each_with_index do |error, index|
blocked_by_delete_prohibited?(error, index)
end
end
def blocked_by_delete_prohibited?(error, index)
if error[:code] == 2304 && error[:value][:val] == DomainStatus::SERVER_DELETE_PROHIBITED &&
error[:value][:obj] == 'status'
@epp_errors[index][:value][:val] = DomainStatus::PENDING_UPDATE
end
end
def render_epp_error(status = :bad_request, data = {})
@epp_errors ||= []
@epp_errors << { code: 2304, msg: 'Command failed' } if data != {}
@response = { code: @epp_errors[0][:code].to_i, message: @epp_errors[0][:msg], data: data }
render(json: @response, status: status)
end
def basic_token
pattern = /^Basic /
header = request.headers['Authorization']
header = header.gsub(pattern, '') if header&.match(pattern)
header.strip
end
def authenticate_user
username, password = Base64.urlsafe_decode64(basic_token).split(':')
@current_user ||= ApiUser.find_by(username: username, plain_text_password: password)
return if @current_user
raise(ArgumentError)
rescue NoMethodError, ArgumentError
@response = { code: 2202, message: 'Invalid authorization information' }
render(json: @response, status: :unauthorized)
end
def check_ip_restriction
allowed = @current_user.registrar.api_ip_white?(request.ip)
return if allowed
@response = { code: 2202,
message: I18n.t('registrar.authorization.ip_not_allowed', ip: request.ip) }
render(json: @response, status: :unauthorized)
end
def not_found_error
@response = { code: 2303, message: 'Object does not exist' }
render(json: @response, status: :not_found)
end
end
end
end

137
app/controllers/repp/v1/contacts_controller.rb Normal file
View file

@ -0,0 +1,137 @@
require 'serializers/repp/contact'
module Repp
module V1
class ContactsController < BaseController
before_action :find_contact, only: %i[show update destroy]
## GET /repp/v1/contacts
def index
record_count = current_user.registrar.contacts.count
contacts = showable_contacts(params[:details], params[:limit] || 200,
params[:offset] || 0)
@response = { contacts: contacts, total_number_of_records: record_count }
render(json: @response, status: :ok)
end
## GET /repp/v1/contacts/1
def show
serializer = ::Serializers::Repp::Contact.new(@contact,
show_address: Contact.address_processing?)
render_success(data: serializer.to_json)
end
## GET /repp/v1/contacts/check/1
def check
contact = Epp::Contact.find_by(code: params[:id])
data = { contact: { id: params[:id], available: contact.nil? } }
render_success(data: data)
end
## POST /repp/v1/contacts
def create
@contact = Epp::Contact.new(contact_params_with_address, current_user.registrar, epp: false)
action = Actions::ContactCreate.new(@contact, params[:legal_document],
contact_ident_params)
unless action.call
handle_errors(@contact)
return
end
render_success(create_update_success_body)
end
## PUT /repp/v1/contacts/1
def update
action = Actions::ContactUpdate.new(@contact, contact_params_with_address(required: false),
params[:legal_document],
contact_ident_params(required: false), current_user)
unless action.call
handle_errors(@contact)
return
end
render_success(create_update_success_body)
end
def destroy
action = Actions::ContactDelete.new(@contact, params[:legal_document])
unless action.call
handle_errors(@contact)
return
end
render_success
end
def contact_addr_present?
return false unless contact_addr_params.key?(:addr)
contact_addr_params[:addr].keys.any?
end
def create_update_success_body
{ code: opt_addr? ? 1100 : nil, data: { contact: { id: @contact.code } },
message: opt_addr? ? I18n.t('epp.contacts.completed_without_address') : nil }
end
def showable_contacts(details, limit, offset)
contacts = current_user.registrar.contacts.limit(limit).offset(offset)
return contacts.pluck(:code) unless details
contacts = contacts.map do |contact|
serializer = ::Serializers::Repp::Contact.new(contact,
show_address: Contact.address_processing?)
serializer.to_json
end
contacts
end
def opt_addr?
!Contact.address_processing? && contact_addr_present?
end
def find_contact
code = params[:id]
@contact = Epp::Contact.find_by!(code: code, registrar: current_user.registrar)
end
def contact_params_with_address(required: true)
return contact_create_params(required: required) unless contact_addr_params.key?(:addr)
addr = {}
contact_addr_params[:addr].each_key { |k| addr[k] = contact_addr_params[:addr][k] }
contact_create_params(required: required).merge(addr)
end
def contact_create_params(required: true)
params.require(:contact).require(%i[name email phone]) if required
params.require(:contact).permit(:name, :email, :phone, :id)
end
def contact_ident_params(required: true)
if required
params.require(:contact).require(:ident).require(%i[ident ident_type ident_country_code])
params.require(:contact).require(:ident).permit(:ident, :ident_type, :ident_country_code)
else
params.permit(contact: { ident: %i[ident ident_type ident_country_code] })
end
params[:contact][:ident]
end
def contact_addr_params
if Contact.address_processing?
params.require(:contact).require(:addr).require(%i[country_code city street zip])
params.require(:contact).require(:addr).permit(:country_code, :city, :street, :zip)
else
params.require(:contact).permit(addr: %i[country_code city street zip])
end
end
end
end
end

42
app/controllers/repp/v1/domains/contacts_controller.rb Normal file
View file

@ -0,0 +1,42 @@
module Repp
module V1
module Domains
class ContactsController < BaseController
before_action :set_current_contact, only: [:update]
before_action :set_new_contact, only: [:update]
def set_current_contact
@current_contact = current_user.registrar.contacts.find_by!(
code: contact_params[:current_contact_id]
)
end
def set_new_contact
@new_contact = current_user.registrar.contacts.find_by!(code: params[:new_contact_id])
end
def update
@epp_errors ||= []
@epp_errors << { code: 2304, msg: 'New contact must be valid' } if @new_contact.invalid?
if @new_contact == @current_contact
@epp_errors << { code: 2304, msg: 'New contact must be different from current' }
end
return handle_errors if @epp_errors.any?
affected, skipped = TechDomainContact.replace(@current_contact, @new_contact)
@response = { affected_domains: affected, skipped_domains: skipped }
render_success(data: @response)
end
private
def contact_params
params.require(%i[current_contact_id new_contact_id])
params.permit(:current_contact_id, :new_contact_id)
end
end
end
end
end

94
app/controllers/repp/v1/domains_controller.rb Normal file
View file

@ -0,0 +1,94 @@
module Repp
module V1
class DomainsController < BaseController
before_action :set_authorized_domain, only: [:transfer_info]
def index
records = current_user.registrar.domains
domains = records.limit(limit).offset(offset)
domains = domains.pluck(:name) unless index_params[:details] == 'true'
render_success(data: { domains: domains, total_number_of_records: records.count })
end
def transfer_info
contact_fields = %i[code name ident ident_type ident_country_code phone email street city
zip country_code statuses]
data = {
domain: @domain.name,
registrant: @domain.registrant.as_json(only: contact_fields),
admin_contacts: @domain.admin_contacts.map { |c| c.as_json(only: contact_fields) },
tech_contacts: @domain.tech_contacts.map { |c| c.as_json(only: contact_fields) },
}
render_success(data: data)
end
def transfer
@errors ||= []
@successful = []
transfer_params[:domain_transfers].each do |transfer|
initiate_transfer(transfer)
end
render_success(data: { success: @successful, failed: @errors })
end
def initiate_transfer(transfer)
domain = Epp::Domain.find_or_initialize_by(name: transfer[:domain_name])
action = Actions::DomainTransfer.new(domain, transfer[:transfer_code],
current_user.registrar)
if action.call
@successful << { type: 'domain_transfer', domain_name: domain.name }
else
@errors << { type: 'domain_transfer', domain_name: domain.name,
errors: domain.errors[:epp_errors] }
end
end
private
def transfer_params
params.require(:data).require(:domain_transfers).each do |t|
t.require(:domain_name)
t.permit(:domain_name)
t.require(:transfer_code)
t.permit(:transfer_code)
end
params.require(:data).permit(domain_transfers: %i[domain_name transfer_code])
end
def transfer_info_params
params.require(:id)
params.permit(:id)
end
def set_authorized_domain
@epp_errors ||= []
h = {}
h[transfer_info_params[:id].match?(/\A[0-9]+\z/) ? :id : :name] = transfer_info_params[:id]
@domain = Domain.find_by!(h)
return if @domain.transfer_code.eql?(request.headers['Auth-Code'])
@epp_errors << { code: 2202, msg: I18n.t('errors.messages.epp_authorization_error') }
handle_errors
end
def limit
index_params[:limit] || 200
end
def offset
index_params[:offset] || 0
end
def index_params
params.permit(:limit, :offset, :details)
end
end
end
end

51
app/controllers/repp/v1/registrar/nameservers_controller.rb Normal file
View file

@ -0,0 +1,51 @@
module Repp
module V1
module Registrar
class NameserversController < BaseController
before_action :verify_nameserver_existance, only: %i[update]
def update
domains = params[:data][:domains] || []
affected = current_user.registrar
.replace_nameservers(hostname,
hostname_params[:data][:attributes],
domains: domains)
render_success(data: data_format_for_success(affected))
rescue ActiveRecord::RecordInvalid => e
handle_errors(e.record)
end
private
def data_format_for_success(affected_domains)
{
type: 'nameserver',
id: params[:data][:attributes][:hostname],
attributes: params[:data][:attributes],
affected_domains: affected_domains,
}
end
def hostname_params
params.require(:data).require(%i[type id])
params.require(:data).require(:attributes).require([:hostname])
params.permit(data: [
:type, :id,
{ domains: [],
attributes: [:hostname, { ipv4: [], ipv6: [] }] }
])
end
def hostname
hostname_params[:data][:id]
end
def verify_nameserver_existance
current_user.registrar.nameservers.find_by!(hostname: hostname)
end
end
end
end
end

3
app/controllers/repp/v1/retained_domains_controller.rb
View file

@ -3,8 +3,9 @@ module Repp
class RetainedDomainsController < ActionController::API
def index
domains = RetainedDomains.new(query_params)
@response = { count: domains.count, domains: domains.to_jsonable }
render json: { count: domains.count, domains: domains.to_jsonable }
render json: @response
end
def query_params