From bfdabaacf3a3f5f00cbb17855720cf53eaa60f22 Mon Sep 17 00:00:00 2001
From: Martin Lensment <mlensment@gmail.com>
Date: Thu, 9 Jul 2015 17:57:33 +0300
Subject: [PATCH] Add new element, error messages, fix tests #2565

---
 app/models/domain.rb                        | 21 ++++++++-----
 app/models/epp/domain.rb                    | 11 ++++---
 config/locales/en.yml                       |  3 +-
 doc/schemas/eis-1.0.xsd                     | 20 ++++++++++++-
 spec/epp/domain_spec.rb                     | 33 +++++++++++++++++----
 spec/features/admin/reserved_domain_spec.rb |  8 +++--
 spec/support/epp.rb                         |  6 ++--
 7 files changed, 77 insertions(+), 25 deletions(-)

diff --git a/app/models/domain.rb b/app/models/domain.rb
index d67b8f929..0359bc890 100644
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@@ -96,8 +96,17 @@ class Domain < ActiveRecord::Base
   validate :validate_reservation
   def validate_reservation
     return if persisted?
-    return if !in_reserved_list? || reserved_pw == auth_info
-    errors.add(:base, :domain_is_reserved_and_requires_correct_auth_info)
+    return if !in_reserved_list?
+
+    if reserved_pw.blank?
+      errors.add(:base, :required_parameter_missing_reserved)
+      return false
+    end
+
+    if ReservedDomain.pw_for(name) != reserved_pw
+      errors.add(:base, :invalid_auth_information_reserved)
+      return false
+    end
   end
 
   validates :nameservers, object_count: {
@@ -149,7 +158,7 @@ class Domain < ActiveRecord::Base
   end
 
   attr_accessor :registrant_typeahead, :update_me, :deliver_emails,
-    :epp_pending_update, :epp_pending_delete
+    :epp_pending_update, :epp_pending_delete, :reserved_pw
 
   def subordinate_nameservers
     nameservers.select { |x| x.hostname.end_with?(name) }
@@ -263,11 +272,7 @@ class Domain < ActiveRecord::Base
   end
 
   def in_reserved_list?
-    reserved_pw.present?
-  end
-
-  def reserved_pw
-    ReservedDomain.pw_for(name)
+    ReservedDomain.pw_for(name).present?
   end
 
   def pending_transfer
diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb
index 626477675..c95ba7bed 100644
--- a/app/models/epp/domain.rb
+++ b/app/models/epp/domain.rb
@@ -25,7 +25,8 @@ class Epp::Domain < Domain
       ],
       '2003' => [ # Required parameter missing
         [:registrant, :blank],
-        [:registrar, :blank]
+        [:registrar, :blank],
+        [:base, :required_parameter_missing_reserved]
       ],
       '2004' => [ # Parameter value range error
         [:nameservers, :out_of_range,
@@ -60,14 +61,16 @@ class Epp::Domain < Domain
       '2201' => [ # Authorisation error
         [:auth_info, :wrong_pw]
       ],
+      '2202' => [
+        [:base, :invalid_auth_information_reserved]
+      ],
       '2302' => [ # Object exists
         [:name_dirty, :taken, { value: { obj: 'name', val: name_dirty } }],
         [:name_dirty, :reserved, { value: { obj: 'name', val: name_dirty } }],
         [:name_dirty, :blocked, { value: { obj: 'name', val: name_dirty } }]
       ],
       '2304' => [ # Object status prohibits operation
-        [:base, :domain_status_prohibits_operation],
-        [:base, :domain_is_reserved_and_requires_correct_auth_info]
+        [:base, :domain_status_prohibits_operation]
       ],
       '2306' => [ # Parameter policy error
         [:period, :out_of_range, { value: { obj: 'period', val: period } }],
@@ -113,7 +116,7 @@ class Epp::Domain < Domain
 
     at[:period_unit] = Epp::Domain.parse_period_unit_from_frame(frame) || 'y'
 
-    at[:auth_info] = frame.css('pw').text if new_record?
+    at[:reserved_pw] = frame.css('reserved > pw').text
 
     # at[:statuses] = domain_statuses_attrs(frame, action)
     # binding.pry
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 228002ec0..aabea6468 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -60,7 +60,8 @@ en:
               ds_data_not_allowed: 'dsData object is not allowed'
               ds_data_with_key_not_allowed: 'dsData object with key data is not allowed'
               key_data_not_allowed: 'keyData object is not allowed'
-              domain_is_reserved_and_requires_correct_auth_info: 'Domain is reserved and requires correct auth info'
+              required_parameter_missing_reserved: 'Required parameter missing; reserved>pw element required for reserved domains'
+              invalid_auth_information_reserved: 'Invalid authorization information; invalid reserved>pw value'
             name_dirty:
               invalid: 'Domain name is invalid'
               reserved: 'Domain name is reserved'
diff --git a/doc/schemas/eis-1.0.xsd b/doc/schemas/eis-1.0.xsd
index 262d94581..70393f340 100644
--- a/doc/schemas/eis-1.0.xsd
+++ b/doc/schemas/eis-1.0.xsd
@@ -24,13 +24,31 @@
     <sequence>
       <element name="ident" type="eis:identType" minOccurs="0" maxOccurs="1"/>
       <element name="legalDocument" type="eis:legalDocType" minOccurs="0" maxOccurs="1"/>
+      <element name="reserved" type="eis:reservedType" minOccurs="0" maxOccurs="1"/>
     </sequence>
   </complexType>
 
   <!--
-  Child elements of extdata
+    Child elements of extdata
   -->
 
+  <!--
+    Reserved for providing passwords for reserved domains
+  -->
+
+  <complexType name="reservedType">
+    <sequence>
+      <element name="pw" type="eis:pwType" minOccurs="1" maxOccurs="1"/>
+    </sequence>
+  </complexType>
+
+  <simpleType name="pwType">
+     <restriction base="normalizedString">
+       <minLength value="1"/>
+       <maxLength value="255"/>
+     </restriction>
+  </simpleType>
+
   <!--
   Legal document, encoded in base64
   -->
diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb
index ac5f37ff6..1326ff0e7 100644
--- a/spec/epp/domain_spec.rb
+++ b/spec/epp/domain_spec.rb
@@ -225,18 +225,39 @@ describe 'EPP Domain', epp: true do
       xml = domain_create_xml(name: { value: '1162.ee' })
 
       response = epp_plain_request(xml)
-      response[:result_code].should == '2304'
-      response[:msg].should == 'Domain is reserved and requires correct auth info'
+      response[:msg].should == 'Required parameter missing; reserved>pw element required for reserved domains'
+      response[:result_code].should == '2003'
       response[:clTRID].should == 'ABC-12345'
 
-      xml = domain_create_xml(name: { value: '1162.ee' }, authInfo: { pw: { value: 'wrong_pw' } })
+      xml = domain_create_xml({name: { value: '1162.ee' }}, {}, {
+        _anonymus: [
+          legalDocument: {
+            value: 'dGVzdCBmYWlsCg==',
+            attrs: { type: 'pdf' }
+          },
+          reserved: {
+            pw: { value: 'wrong_pw' }
+          }
+        ]
+      })
+
       response = epp_plain_request(xml)
-      response[:result_code].should == '2304'
-      response[:msg].should == 'Domain is reserved and requires correct auth info'
+      response[:msg].should == 'Invalid authorization information; invalid reserved>pw value'
+      response[:result_code].should == '2202'
     end
 
     it 'creates a reserved domain with correct auth info' do
-      xml = domain_create_xml(name: { value: '1162.ee' }, authInfo: { pw: { value: 'abc' } })
+      xml = domain_create_xml({name: { value: '1162.ee' }}, {}, {
+        _anonymus: [
+          legalDocument: {
+            value: 'dGVzdCBmYWlsCg==',
+            attrs: { type: 'pdf' }
+          },
+          reserved: {
+            pw: { value: 'abc' }
+          }
+        ]
+      })
 
       response = epp_plain_request(xml)
       response[:msg].should == 'Command completed successfully'
diff --git a/spec/features/admin/reserved_domain_spec.rb b/spec/features/admin/reserved_domain_spec.rb
index 7fc6f4ae2..d8f2dfb95 100644
--- a/spec/features/admin/reserved_domain_spec.rb
+++ b/spec/features/admin/reserved_domain_spec.rb
@@ -24,12 +24,14 @@ feature 'ReservedDomain', type: :feature do
     page.should have_content('110.ee: testpw')
 
     d.valid?.should == false
-    d.errors.full_messages.should match_array(["Domain is reserved and requires correct auth info"])
+    d.errors.full_messages.should match_array(
+      ["Required parameter missing; reserved>pw element required for reserved domains"]
+    )
 
-    d.auth_info = 'wrongpw'
+    d.reserved_pw = 'wrongpw'
     d.valid?.should == false
 
-    d.auth_info = 'testpw'
+    d.reserved_pw = 'testpw'
     d.valid?.should == true
     d.errors.full_messages.should match_array([])
   end
diff --git a/spec/support/epp.rb b/spec/support/epp.rb
index 5e9847d48..0193787f5 100644
--- a/spec/support/epp.rb
+++ b/spec/support/epp.rb
@@ -144,7 +144,7 @@ module Epp
   end
 
   # rubocop: disable Metrics/MethodLength
-  def domain_create_xml(xml_params = {}, dnssec_params = {})
+  def domain_create_xml(xml_params = {}, dnssec_params = {}, custom_params = {})
     defaults = {
       name: { value: next_domain_name },
       period: { value: '1', attrs: { unit: 'y' } },
@@ -185,7 +185,7 @@ module Epp
 
     dnssec_params = dnssec_defaults.deep_merge(dnssec_params) if dnssec_params != false
 
-    custom_params = {
+    custom_defaults = {
       _anonymus: [
         legalDocument: {
           value: 'dGVzdCBmYWlsCg==',
@@ -194,6 +194,8 @@ module Epp
       ]
     }
 
+    custom_params = custom_defaults.deep_merge(custom_params) if custom_params != false
+
     epp_xml = EppXml::Domain.new(cl_trid: 'ABC-12345')
     epp_xml.create(xml_params, dnssec_params, custom_params)
   end