zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-03 01:33:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

Story#105842700 - Set security

Browse source
This commit is contained in:
Vladimir Krylov 2016-01-27 13:21:45 +02:00
parent 438f77a981
commit be8aa474f8
3 changed files with 21 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
app/controllers/registrant/contacts_controller.rb
View file

@ -1,8 +1,18 @@
class Registrant::ContactsController < RegistrantController class Registrant::ContactsController < RegistrantController
def show def show
@contact = Contact.find(params[:id]) @contact = contacts.find(params[:id])
authorize! :read, @contact authorize! :read, @contact
@contact.valid? end
def contacts
ident_cc, ident = @current_user.registrant_ident.to_s.split '-'
begin
BusinessRegistryCache.fetch_by_ident_and_cc(ident, ident_cc).associated_contacts
rescue Soap::Arireg::NotAvailableError => error
flash[:notice] = I18n.t(error.json[:message])
Rails.logger.fatal("[EXCEPTION] #{error.to_s}")
Contact.none
end
end end
end end

7
app/controllers/registrant/domains_controller.rb
View file

@ -11,15 +11,12 @@ class Registrant::DomainsController < RegistrantController
end end
def show def show
@domain = Domain.find(params[:id]) @domain = domains.find(params[:id])
if !(domains.include?(@domain) || @domain.valid?)
redirect_to registrant_domains_path
end
authorize! :read, @domain authorize! :read, @domain
end end
def set_domain def set_domain
@domain = Domain.find(params[:id]) @domain = domains.find(params[:id])
end end
def download_list def download_list

9
app/models/business_registry_cache.rb
View file

@ -22,11 +22,16 @@ class BusinessRegistryCache < ActiveRecord::Base
# 1. load domains by business # 1. load domains by business
# 2. load domains by person # 2. load domains by person
def associated_contacts
contact_ids = Contact.where(ident_type: 'org', ident: associated_businesses, ident_country_code: 'EE').pluck(:id)
contact_ids += Contact.where(ident_type: 'priv', ident: ident, ident_country_code: ident_country_code).pluck(:id)
contact_ids
end
def associated_domains def associated_domains
domains = [] domains = []
contact_ids = Contact.where(ident_type: 'org', ident: associated_businesses, ident_country_code: 'EE').pluck(:id) contact_ids = associated_contacts
contact_ids += Contact.where(ident_type: 'priv', ident: ident, ident_country_code: ident_country_code).pluck(:id)
unless contact_ids.blank? unless contact_ids.blank?
domains = DomainContact.distinct.where(contact_id: contact_ids).pluck(:domain_id) domains = DomainContact.distinct.where(contact_id: contact_ids).pluck(:domain_id)