Merge pull request #1702 from internetee/1580-registrar-api-contacts-endpoint

REPP: Contact management
2025-06-08 21:54:48 +02:00 · 2020-11-24 15:28:39 +02:00 · 2020-11-24 15:28:39 +02:00 · bcafa2e424
commit bcafa2e424
parent ee92807139 283bf8cd1a
57 changed files with 2049 additions and 649 deletions
--- a/test/integration/api/domain_contacts_test.rb
+++ b/test/integration/api/domain_contacts_test.rb
@ -27,8 +27,8 @@ class APIDomainContactsTest < ApplicationIntegrationTest
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }

    assert_response :ok
-    assert_equal ({ affected_domains: %w[airport.test shop.test],
-                    skipped_domains: [] }),
+    assert_equal ({ code: 1000, message: 'Command completed successfully', data: { affected_domains: %w[airport.test shop.test],
+                    skipped_domains: [] }}),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -42,7 +42,7 @@ class APIDomainContactsTest < ApplicationIntegrationTest

    assert_response :ok
    assert_equal %w[airport.test shop.test], JSON.parse(response.body,
-                                                        symbolize_names: true)[:skipped_domains]
+                                                        symbolize_names: true)[:data][:skipped_domains]
  end

  def test_keep_other_tech_contacts_intact
@ -66,10 +66,8 @@ class APIDomainContactsTest < ApplicationIntegrationTest
                                                 new_contact_id: 'william-002' },
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }

-    assert_response :bad_request
-    assert_equal ({ error: { type: 'invalid_request_error',
-                             param: 'current_contact_id',
-                             message: 'No such contact: jack-001' } }),
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -77,10 +75,8 @@ class APIDomainContactsTest < ApplicationIntegrationTest
    patch '/repp/v1/domains/contacts', params: { current_contact_id: 'non-existent',
                                                 new_contact_id: 'john-001' },
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
-    assert_response :bad_request
-    assert_equal ({ error: { type: 'invalid_request_error',
-                             param: 'current_contact_id',
-                             message: 'No such contact: non-existent' } }),
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -88,10 +84,8 @@ class APIDomainContactsTest < ApplicationIntegrationTest
    patch '/repp/v1/domains/contacts', params: { current_contact_id: 'william-001',
                                                 new_contact_id: 'non-existent' },
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
-    assert_response :bad_request
-    assert_equal ({ error: { type: 'invalid_request_error',
-                             param: 'new_contact_id',
-                             message: 'No such contact: non-existent' } }),
+    assert_response :not_found
+    assert_equal ({code: 2303, message: 'Object does not exist'}),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -100,9 +94,7 @@ class APIDomainContactsTest < ApplicationIntegrationTest
                                                 new_contact_id: 'invalid' },
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    assert_response :bad_request
-    assert_equal ({ error: { type: 'invalid_request_error',
-                             param: 'new_contact_id',
-                             message: 'New contact must be valid' } }),
+    assert_equal ({ code: 2304, message: 'New contact must be valid', data: {} }),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -111,8 +103,7 @@ class APIDomainContactsTest < ApplicationIntegrationTest
                                                 new_contact_id: 'william-001' },
          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    assert_response :bad_request
-    assert_equal ({ error: { type: 'invalid_request_error',
-                             message: 'New contact ID must be different from current contact ID' } }),
+    assert_equal ({ code: 2304, message: 'New contact must be different from current', data: {} }),
                 JSON.parse(response.body, symbolize_names: true)
  end

--- a/test/integration/api/domain_transfers_test.rb
+++ b/test/integration/api/domain_transfers_test.rb
@ -12,34 +12,21 @@ class APIDomainTransfersTest < ApplicationIntegrationTest
    Setting.transfer_wait_time = @original_transfer_wait_time
  end

-  def test_returns_domain_transfers
-    post '/repp/v1/domain_transfers', params: request_params, as: :json,
-         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
-    assert_response 200
-    assert_equal ({ data: [{
-                             type: 'domain_transfer',
-                             attributes: {
-                               domain_name: 'shop.test'
-                             },
-                           }] }),
-                 JSON.parse(response.body, symbolize_names: true)
-  end
-
  def test_creates_new_domain_transfer
    assert_difference -> { @domain.transfers.size } do
-      post '/repp/v1/domain_transfers', params: request_params, as: :json,
+      post '/repp/v1/domains/transfer', params: request_params, as: :json,
           headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    end
  end

  def test_approves_automatically_if_auto_approval_is_enabled
-    post '/repp/v1/domain_transfers', params: request_params, as: :json,
+    post '/repp/v1/domains/transfer', params: request_params, as: :json,
         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    assert @domain.transfers.last.approved?
  end

  def test_assigns_new_registrar
-    post '/repp/v1/domain_transfers', params: request_params, as: :json,
+    post '/repp/v1/domains/transfer', params: request_params, as: :json,
         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    @domain.reload
    assert_equal @new_registrar, @domain.registrar
@ -48,7 +35,7 @@ class APIDomainTransfersTest < ApplicationIntegrationTest
  def test_regenerates_transfer_code
    @old_transfer_code = @domain.transfer_code

-    post '/repp/v1/domain_transfers', params: request_params, as: :json,
+    post '/repp/v1/domains/transfer', params: request_params, as: :json,
         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    @domain.reload
    refute_equal @domain.transfer_code, @old_transfer_code
@ -58,51 +45,28 @@ class APIDomainTransfersTest < ApplicationIntegrationTest
    @old_registrar = @domain.registrar

    assert_difference -> { @old_registrar.notifications.count } do
-      post '/repp/v1/domain_transfers', params: request_params, as: :json,
+      post '/repp/v1/domains/transfer', params: request_params, as: :json,
           headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    end
  end

  def test_duplicates_registrant_admin_and_tech_contacts
    assert_difference -> { @new_registrar.contacts.size }, 3 do
-      post '/repp/v1/domain_transfers', params: request_params, as: :json,
+      post '/repp/v1/domains/transfer', params: request_params, as: :json,
           headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    end
  end

  def test_reuses_identical_contact
-    post '/repp/v1/domain_transfers', params: request_params, as: :json,
+    post '/repp/v1/domains/transfer', params: request_params, as: :json,
         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
    assert_equal 1, @new_registrar.contacts.where(name: 'William').size
  end

-  def test_fails_if_domain_does_not_exist
-    post '/repp/v1/domain_transfers',
-         params: { data: { domainTransfers: [{ domainName: 'non-existent.test',
-                                               transferCode: 'any' }] } },
-         as: :json,
-         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
-    assert_response 400
-    assert_equal ({ errors: [{ title: 'non-existent.test does not exist' }] }),
-                 JSON.parse(response.body, symbolize_names: true)
-  end
-
-  def test_fails_if_transfer_code_is_wrong
-    post '/repp/v1/domain_transfers',
-         params: { data: { domainTransfers: [{ domainName: 'shop.test',
-                                               transferCode: 'wrong' }] } },
-         as: :json,
-         headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
-    assert_response 400
-    refute_equal @new_registrar, @domain.registrar
-    assert_equal ({ errors: [{ title: 'shop.test transfer code is wrong' }] }),
-                 JSON.parse(response.body, symbolize_names: true)
-  end
-
  private

  def request_params
-    { data: { domainTransfers: [{ domainName: 'shop.test', transferCode: '65078d5' }] } }
+    { data: { domain_transfers: [{ domain_name: 'shop.test', transfer_code: '65078d5' }] } }
  end

  def http_auth_key
--- a/test/integration/api/nameservers/put_test.rb
+++ b/test/integration/api/nameservers/put_test.rb
@ -60,12 +60,14 @@ class APINameserversPutTest < ApplicationIntegrationTest
        headers: { 'HTTP_AUTHORIZATION' => http_auth_key }

    assert_response 200
-    assert_equal ({ data: { type: 'nameserver',
+    assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { type: 'nameserver',
                            id: 'ns55.bestnames.test',
                            attributes: { hostname: 'ns55.bestnames.test',
                                          ipv4: ['192.0.2.55'],
-                                          ipv6: ['2001:db8::55'] } },
-                    affected_domains: ["airport.test", "shop.test"] }),
+                                          ipv6: ['2001:db8::55'] },
+                    affected_domains: ["airport.test", "shop.test"] }}),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -85,7 +87,7 @@ class APINameserversPutTest < ApplicationIntegrationTest
        headers: { 'HTTP_AUTHORIZATION' => http_auth_key }

    assert_response 404
-    assert_equal ({ errors: [{ title: 'Hostname non-existent.test does not exist' }] }),
+    assert_equal ({code: 2303, message: 'Object does not exist' }),
                 JSON.parse(response.body, symbolize_names: true)
  end

@ -96,7 +98,8 @@ class APINameserversPutTest < ApplicationIntegrationTest
        headers: { 'HTTP_AUTHORIZATION' => http_auth_key }

    assert_response 400
-    assert_equal ({ errors: [{ title: 'Hostname is missing' }] }),
+    assert_equal ({ code: 2003,
+                    message: 'param is missing or the value is empty: hostname' }),
                 JSON.parse(response.body, symbolize_names: true)
  end

--- a/test/integration/repp/v1/accounts/balance_test.rb
+++ b/test/integration/repp/v1/accounts/balance_test.rb
@ -0,0 +1,22 @@
+require 'test_helper'
+
+class ReppV1BalanceTest < ActionDispatch::IntegrationTest
+  def setup
+    @registrar = users(:api_bestnames)
+    token = Base64.encode64("#{@registrar.username}:#{@registrar.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_can_query_balance
+    get '/repp/v1/accounts/balance', headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal @registrar.registrar.cash_account.balance.to_s, json[:data][:balance]
+    assert_equal @registrar.registrar.cash_account.currency, json[:data][:currency]
+  end
+end
--- a/test/integration/repp/v1/auctions_test.rb
+++ b/test/integration/repp/v1/auctions_test.rb
--- a/test/integration/repp/v1/base_test.rb
+++ b/test/integration/repp/v1/base_test.rb
@ -0,0 +1,63 @@
+require 'test_helper'
+
+class ReppV1BaseTest < ActionDispatch::IntegrationTest
+  def setup
+    @registrar = users(:api_bestnames)
+    token = Base64.encode64("#{@registrar.username}:#{@registrar.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_unauthorized_user_has_no_access
+    get repp_v1_contacts_path
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 'Invalid authorization information', response_json[:message]
+
+    invalid_token = Base64.encode64("nonexistant:user")
+    headers = { 'Authorization' => "Basic #{invalid_token}" }
+
+    get repp_v1_contacts_path, headers: headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 'Invalid authorization information', response_json[:message]
+  end
+
+  def test_authenticates_valid_user
+    get repp_v1_contacts_path, headers: @auth_headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+  end
+
+  def test_processes_invalid_base64_token_format_properly
+    token = '??as8d9sf kjsdjh klsdfjjf'
+    headers = { 'Authorization' => "Basic #{token}"}
+    get repp_v1_contacts_path, headers: headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 'Invalid authorization information', response_json[:message]
+  end
+
+  def test_takes_ip_whitelist_into_account
+    Setting.api_ip_whitelist_enabled = true
+    Setting.registrar_ip_whitelist_enabled = true
+
+    whiteip = white_ips(:one)
+    whiteip.update(ipv4: '1.1.1.1')
+
+    get repp_v1_contacts_path, headers: @auth_headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 2202, response_json[:code]
+    assert response_json[:message].include? 'Access denied from IP'
+
+    Setting.api_ip_whitelist_enabled = false
+    Setting.registrar_ip_whitelist_enabled = false
+  end
+end
--- a/test/integration/repp/v1/contacts/check_test.rb
+++ b/test/integration/repp/v1/contacts/check_test.rb
@ -0,0 +1,30 @@
+require 'test_helper'
+
+class ReppV1ContactsCheckTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_code_based_check_returns_true_for_available_contact
+    get '/repp/v1/contacts/check/nonexistant:code', headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 'nonexistant:code', json[:data][:contact][:id]
+    assert_equal true, json[:data][:contact][:available]
+  end
+
+  def test_code_based_check_returns_true_for_available_contact
+    contact = contacts(:jack)
+    get "/repp/v1/contacts/check/#{contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal contact.code, json[:data][:contact][:id]
+    assert_equal false, json[:data][:contact][:available]
+  end
+end
--- a/test/integration/repp/v1/contacts/create_test.rb
+++ b/test/integration/repp/v1/contacts/create_test.rb
@ -0,0 +1,156 @@
+require 'test_helper'
+
+class ReppV1ContactsCreateTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_creates_new_contact
+    request_body =  {
+      "contact": {
+        "name": "Donald Trump",
+        "phone": "+372.51111112",
+        "email": "donald@trumptower.com",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "EE",
+          "ident": "39708290069"
+        }
+      }
+    }
+
+    post '/repp/v1/contacts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    contact = Contact.find_by(code: json[:data][:contact][:id])
+    assert contact.present?
+
+    assert_equal(request_body[:contact][:name], contact.name)
+    assert_equal(request_body[:contact][:phone], contact.phone)
+    assert_equal(request_body[:contact][:email], contact.email)
+    assert_equal(request_body[:contact][:ident][:ident_type], contact.ident_type)
+    assert_equal(request_body[:contact][:ident][:ident_country_code], contact.ident_country_code)
+    assert_equal(request_body[:contact][:ident][:ident], contact.ident)
+  end
+
+  def test_removes_postal_info_when_contact_created
+    request_body =  {
+      "contact": {
+        "name": "Donald Trump",
+        "phone": "+372.51111111",
+        "email": "donald@trump.com",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "EE",
+          "ident": "39708290069"
+        },
+        "addr": {
+          "city": "Tallinn",
+          "street": "Wismari 13",
+          "zip": "12345",
+          "country_code": "EE"
+        }
+      }
+    }
+
+    post '/repp/v1/contacts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1100, json[:code]
+    assert_equal 'Command completed successfully; Postal address data discarded', json[:message]
+
+    contact = Contact.find_by(code: json[:data][:contact][:id])
+    assert contact.present?
+
+    assert_nil contact.city
+    assert_nil contact.street
+    assert_nil contact.zip
+    assert_nil contact.country_code
+  end
+
+  def test_requires_contact_address_when_processing_enabled
+    Setting.address_processing = true
+
+    request_body =  {
+      "contact": {
+        "name": "Donald Trump",
+        "phone": "+372.51111112",
+        "email": "donald@trumptower.com",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "EE",
+          "ident": "39708290069"
+        }
+      }
+    }
+
+    post '/repp/v1/contacts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2003, json[:code]
+    assert json[:message].include? 'param is missing or the value is empty'
+
+    Setting.address_processing = false
+  end
+
+  def test_validates_ident_code
+    request_body =  {
+      "contact": {
+        "name": "Donald Trump",
+        "phone": "+372.51111112",
+        "email": "donald@trumptower.com",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "EE",
+          "ident": "123123123"
+        }
+      }
+    }
+
+    post '/repp/v1/contacts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2005, json[:code]
+    assert json[:message].include? 'Ident code does not conform to national identification number format'
+  end
+
+  def test_attaches_legaldoc_if_present
+    request_body =  {
+      "contact": {
+        "name": "Donald Trump",
+        "phone": "+372.51111112",
+        "email": "donald@trumptower.com",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "EE",
+          "ident": "39708290069"
+        },
+      },
+      "legal_document": {
+        "type": "pdf",
+        "body": "#{'test' * 2000}"
+      }
+    }
+
+    post '/repp/v1/contacts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    contact = Contact.find_by(code: json[:data][:contact][:id])
+    assert contact.legal_documents.any?
+  end
+end
--- a/test/integration/repp/v1/contacts/delete_test.rb
+++ b/test/integration/repp/v1/contacts/delete_test.rb
@ -0,0 +1,47 @@
+require 'test_helper'
+
+class ReppV1ContactsDeleteTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_deletes_unassociated_contact
+    contact = contacts(:invalid_email)
+    delete "/repp/v1/contacts/#{contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+  end
+
+  def test_can_not_delete_associated_contact
+    contact = contacts(:john)
+    delete "/repp/v1/contacts/#{contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2305, json[:code]
+    assert_equal 'Object association prohibits operation [domains]', json[:message]
+  end
+
+  def test_handles_unknown_contact
+    delete "/repp/v1/contacts/definitely:unexistant", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+  end
+
+  def test_can_not_destroy_other_registrar_contact
+    contact = contacts(:jack)
+
+    delete "/repp/v1/contacts/#{contact.code}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+  end
+end
--- a/test/integration/repp/v1/contacts/list_test.rb
+++ b/test/integration/repp/v1/contacts/list_test.rb
@ -0,0 +1,55 @@
+require 'test_helper'
+
+class ReppV1ContactsListTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_returns_registrar_contacts
+    get repp_v1_contacts_path, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal @user.registrar.contacts.count, json[:total_number_of_records]
+    assert_equal @user.registrar.contacts.count, json[:contacts].length
+
+    assert json[:contacts][0].is_a? String
+  end
+
+
+  def test_returns_detailed_registrar_contacts
+    get repp_v1_contacts_path(details: true), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal @user.registrar.contacts.count, json[:total_number_of_records]
+    assert_equal @user.registrar.contacts.count, json[:contacts].length
+
+    assert json[:contacts][0].is_a? Hash
+  end
+
+  def test_respects_limit
+    get repp_v1_contacts_path(details: true, limit: 2), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal 2, json[:contacts].length
+  end
+
+  def test_respects_offset
+    offset = 1
+    get repp_v1_contacts_path(details: true, offset: offset), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal (@user.registrar.contacts.count - offset), json[:contacts].length
+  end
+end
--- a/test/integration/repp/v1/contacts/show_test.rb
+++ b/test/integration/repp/v1/contacts/show_test.rb
@ -0,0 +1,45 @@
+require 'test_helper'
+
+class ReppV1ContactsShowTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_returns_error_when_not_found
+    get repp_v1_contact_path(id: 'definitelynotexistant'), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_shows_existing_contact
+    contact = @user.registrar.contacts.first
+
+    get repp_v1_contact_path(id: contact.code), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal contact.code, json[:data][:id]
+  end
+
+  def test_can_not_access_out_of_scope_contacts
+    # Contact of registrar goodnames, we're using bestnames API credentials
+    contact = contacts(:jack)
+
+    get repp_v1_contact_path(id: contact.code), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+end
--- a/test/integration/repp/v1/contacts/update_test.rb
+++ b/test/integration/repp/v1/contacts/update_test.rb
@ -0,0 +1,119 @@
+require 'test_helper'
+
+class ReppV1ContactsUpdateTest < ActionDispatch::IntegrationTest
+  def setup
+    @contact = contacts(:john)
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_updates_contact
+    request_body =  {
+      "contact": {
+        "email": "donaldtrump@yandex.ru"
+      }
+    }
+
+    put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    contact = Contact.find_by(code: json[:data][:contact][:id])
+    assert contact.present?
+
+    assert_equal(request_body[:contact][:email], contact.email)
+  end
+
+  def test_removes_postal_info_when_updated
+    request_body =  {
+      "contact": {
+        "addr": {
+          "city": "Tallinn",
+          "street": "Wismari 13",
+          "zip": "12345",
+          "country_code": "EE"
+        }
+      }
+    }
+
+    put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1100, json[:code]
+    assert_equal 'Command completed successfully; Postal address data discarded', json[:message]
+
+    contact = Contact.find_by(code: json[:data][:contact][:id])
+    assert contact.present?
+
+    assert_nil contact.city
+    assert_nil contact.street
+    assert_nil contact.zip
+    assert_nil contact.country_code
+  end
+
+  def test_can_not_change_ident_code
+    request_body =  {
+      "contact": {
+        "name": "Donald Trumpster",
+        "ident": {
+          "ident_type": "priv",
+          "ident_country_code": "US",
+          "ident": "12345"
+        }
+      }
+    }
+
+    put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    @contact.reload
+    assert_not @contact.ident == 12345
+    assert_response :bad_request
+    assert_equal 2308, json[:code]
+    assert json[:message].include? 'Ident update is not allowed. Consider creating new contact object'
+  end
+
+  def test_attaches_legaldoc_if_present
+    request_body =  {
+      "contact": {
+        "email": "donaldtrump@yandex.ru"
+      },
+      "legal_document": {
+        "type": "pdf",
+        "body": "#{'test' * 2000}"
+      }
+    }
+
+    put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    @contact.reload
+    assert @contact.legal_documents.any?
+  end
+
+  def test_returns_error_if_ident_wrong_format
+    request_body =  {
+      "contact": {
+        "ident": "123"
+      }
+    }
+
+    put "/repp/v1/contacts/#{@contact.code}", headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2308, json[:code]
+    assert_equal 'Ident update is not allowed. Consider creating new contact object', json[:message]
+  end
+end
--- a/test/integration/repp/v1/domains/contact_replacement_test.rb
+++ b/test/integration/repp/v1/domains/contact_replacement_test.rb
@ -0,0 +1,65 @@
+require 'test_helper'
+
+class ReppV1DomainsContactReplacementTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_replaces_tech_contact_with_new_one
+    replaceable_contact = contacts(:william)
+    replacing_contact = contacts(:jane)
+
+    payload = {
+      "current_contact_id": replaceable_contact.code,
+      "new_contact_id": replacing_contact.code
+    }
+
+    patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert json[:data][:affected_domains].include? 'airport.test'
+    assert json[:data][:affected_domains].include? 'shop.test'
+
+    assert_empty json[:data][:skipped_domains]
+  end
+
+  def test_tech_contact_id_must_differ
+    replaceable_contact = contacts(:william)
+    replacing_contact = contacts(:william)
+
+    payload = {
+      "current_contact_id": replaceable_contact.code,
+      "new_contact_id": replacing_contact.code
+    }
+
+    patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+    assert_equal 'New contact must be different from current', json[:message]
+  end
+
+  def test_contact_codes_must_be_valid
+    payload = {
+      "current_contact_id": 'dfgsdfg',
+      "new_contact_id": 'vvv'
+    }
+
+    patch '/repp/v1/domains/contacts', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+end
--- a/test/integration/repp/v1/domains/list_test.rb
+++ b/test/integration/repp/v1/domains/list_test.rb
@ -0,0 +1,54 @@
+require 'test_helper'
+
+class ReppV1DomainsListTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_returns_registrar_domains
+    get repp_v1_domains_path, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal @user.registrar.domains.count, json[:data][:total_number_of_records]
+    assert_equal @user.registrar.domains.count, json[:data][:domains].length
+
+    assert json[:data][:domains][0].is_a? String
+  end
+
+  def test_returns_detailed_registrar_domains
+    get repp_v1_domains_path(details: true), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal @user.registrar.domains.count, json[:data][:total_number_of_records]
+    assert_equal @user.registrar.domains.count, json[:data][:domains].length
+
+    assert json[:data][:domains][0].is_a? Hash
+  end
+
+  def test_respects_limit
+    get repp_v1_domains_path(details: true, limit: 2), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal 2, json[:data][:domains].length
+  end
+
+  def test_respects_offset
+    offset = 1
+    get repp_v1_domains_path(details: true, offset: offset), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+
+    assert_equal (@user.registrar.domains.count - offset), json[:data][:domains].length
+  end
+end
--- a/test/integration/repp/v1/domains/transfer_info_test.rb
+++ b/test/integration/repp/v1/domains/transfer_info_test.rb
@ -0,0 +1,40 @@
+require 'test_helper'
+
+class ReppV1DomainsTransferInfoTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+    @domain = domains(:shop)
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_can_query_domain_info
+    headers = @auth_headers
+    headers['Auth-Code'] = @domain.transfer_code
+
+    get "/repp/v1/domains/#{@domain.name}/transfer_info", headers: headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal @domain.name, json[:data][:domain]
+    assert json[:data][:registrant].present?
+    assert json[:data][:admin_contacts].present?
+    assert json[:data][:tech_contacts].present?
+  end
+
+  def test_respects_domain_authorization_code
+    headers = @auth_headers
+    headers['Auth-Code'] = 'jhfgifhdg'
+
+    get "/repp/v1/domains/#{@domain.name}/transfer_info", headers: headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2202, json[:code]
+    assert_equal 'Authorization error', json[:message]
+    assert_empty json[:data]
+  end
+end
--- a/test/integration/repp/v1/domains/transfer_test.rb
+++ b/test/integration/repp/v1/domains/transfer_test.rb
@ -0,0 +1,127 @@
+require 'test_helper'
+
+class ReppV1DomainsTransferTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+    @domain = domains(:hospital)
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_transfers_domain
+    payload = {
+      "data": {
+        "domain_transfers": [
+          { "domain_name": @domain.name, "transfer_code": @domain.transfer_code }
+        ]
+      }
+    }
+    post "/repp/v1/domains/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal @domain.name, json[:data][:success][0][:domain_name]
+
+    @domain.reload
+
+    assert @domain.registrar = @user.registrar
+  end
+
+  def test_does_not_transfer_domain_if_not_transferable
+    @domain.schedule_force_delete(type: :fast_track)
+
+    payload = {
+      "data": {
+        "domain_transfers": [
+          { "domain_name": @domain.name, "transfer_code": @domain.transfer_code }
+        ]
+      }
+    }
+
+    post "/repp/v1/domains/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal 'Object status prohibits operation', json[:data][:failed][0][:errors][0][:msg]
+
+    @domain.reload
+
+    assert_not @domain.registrar == @user.registrar
+  end
+
+  def test_does_not_transfer_domain_with_invalid_auth_code
+    payload = {
+      "data": {
+        "domain_transfers": [
+          { "domain_name": @domain.name, "transfer_code": "sdfgsdfg" }
+        ]
+      }
+    }
+    post "/repp/v1/domains/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal "Invalid authorization information", json[:data][:failed][0][:errors][0][:msg]
+  end
+
+  def test_does_not_transfer_domain_to_same_registrar
+    @domain.update!(registrar: @user.registrar)
+
+    payload = {
+      "data": {
+        "domain_transfers": [
+          { "domain_name": @domain.name, "transfer_code": @domain.transfer_code }
+        ]
+      }
+    }
+
+    post "/repp/v1/domains/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal 'Domain already belongs to the querying registrar', json[:data][:failed][0][:errors][0][:msg]
+
+    @domain.reload
+
+    assert @domain.registrar == @user.registrar
+  end
+
+  def test_does_not_transfer_domain_if_discarded
+    @domain.update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+
+    payload = {
+      "data": {
+        "domain_transfers": [
+          { "domain_name": @domain.name, "transfer_code": @domain.transfer_code }
+        ]
+      }
+    }
+
+    post "/repp/v1/domains/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal 'Object is not eligible for transfer', json[:data][:failed][0][:errors][0][:msg]
+
+    @domain.reload
+
+    assert_not @domain.registrar == @user.registrar
+  end
+end
--- a/test/integration/repp/v1/registrar/nameservers_test.rb
+++ b/test/integration/repp/v1/registrar/nameservers_test.rb
@ -0,0 +1,77 @@
+require 'test_helper'
+
+class ReppV1RegistrarNameserversTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_updates_nameserver_values
+    nameserver = nameservers(:shop_ns1)
+    payload = {
+      "data": {
+        "id": nameserver.hostname,
+        "type": "nameserver",
+        "attributes": {
+          "hostname": "#{nameserver.hostname}.test",
+          "ipv4": ["1.1.1.1"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes])
+    assert_equal({ hostname: "#{nameserver.hostname}.test", ipv4: ["1.1.1.1"] }, json[:data][:attributes])
+    assert json[:data][:affected_domains].include? 'airport.test'
+    assert json[:data][:affected_domains].include? 'shop.test'
+  end
+
+  def test_nameserver_with_hostname_must_exist
+    payload = {
+      "data": {
+        "id": 'ns.nonexistant.test',
+        "type": "nameserver",
+        "attributes": {
+          "hostname": "ns1.dn.test",
+          "ipv4": ["1.1.1.1"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_ip_must_be_in_correct_format
+    nameserver = nameservers(:shop_ns1)
+    payload = {
+      "data": {
+        "id": nameserver.hostname,
+        "type": "nameserver",
+        "attributes": {
+          "hostname": "#{nameserver.hostname}.test",
+          "ipv6": ["1.1.1.1"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2005, json[:code]
+    assert_equal 'IPv6 is invalid [ipv6]', json[:message]
+  end
+end
--- a/test/integration/repp/v1/retained_domains_test.rb
+++ b/test/integration/repp/v1/retained_domains_test.rb