zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 06:34:46 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/master' into 1739-ns-bulk-change-test-and-whois-update

Browse source
This commit is contained in:
Karl Erik Õunapuu 2020-12-22 12:52:33 +02:00
commit c1aa286e90
No known key found for this signature in database
GPG key ID: C9DD647298A34764
192 changed files with 5154 additions and 1343 deletions
Download patch file Download diff file Expand all files Collapse all files

30
app/controllers/admin/bounced_mail_addresses_controller.rb Normal file
View file

@ -0,0 +1,30 @@
module Admin
class BouncedMailAddressesController < BaseController
before_action :set_bounced_mail_address, only: %i[show destroy]
load_and_authorize_resource
# GET /bounced_mail_addresses
def index
@bounced_mail_addresses = BouncedMailAddress.all.order(created_at: :desc)
end
# GET /bounced_mail_addresses/1
def show; end
# DELETE /bounced_mail_addresses/1
def destroy
@bounced_mail_address.destroy
redirect_to(
admin_bounced_mail_addresses_url,
notice: 'Bounced mail address was successfully destroyed.'
)
end
private
# Use callbacks to share common setup or constraints between actions.
def set_bounced_mail_address
@bounced_mail_address = BouncedMailAddress.find(params[:id])
end
end
end

30
app/controllers/admin/domains/force_delete_controller.rb
View file

@ -4,26 +4,15 @@ module Admin
def create
authorize! :manage, domain
notice = t('.scheduled')
domain.transaction do
domain.schedule_force_delete(type: force_delete_type)
domain.registrar.notifications.create!(text: t('force_delete_set_on_domain',
domain_name: domain.name,
outzone_date: domain.outzone_date,
purge_date: domain.purge_date))
notify_by_email if notify_by_email?
result = domain.schedule_force_delete(type: force_delete_type,
notify_by_email: notify_by_email?)
notice = result.errors.messages[:domain].first unless result.valid?
end
redirect_to edit_admin_domain_url(domain), notice: t('.scheduled')
end
def notify_by_email
if force_delete_type == :fast_track
send_email
domain.update(contact_notification_sent_date: Time.zone.today)
else
domain.update(template_name: domain.notification_template)
end
redirect_to edit_admin_domain_url(domain), notice: notice
end
def destroy
@ -42,13 +31,6 @@ module Admin
ActiveRecord::Type::Boolean.new.cast(params[:notify_by_email])
end
def send_email
DomainDeleteMailer.forced(domain: domain,
registrar: domain.registrar,
registrant: domain.registrant,
template_name: domain.notification_template).deliver_now
end
def force_delete_type
soft_delete? ? :soft : :fast_track
end

5
app/controllers/api/v1/base_controller.rb
View file

@ -10,6 +10,11 @@ module Api
head :unauthorized unless ip_allowed
end
def authenticate_shared_key
api_key = "Basic #{ENV['api_shared_key']}"
head(:unauthorized) unless api_key == request.authorization
end
def not_found_error
uuid = params['uuid']
json = { error: 'Not Found', uuid: uuid, message: 'Record not found' }

25
app/controllers/api/v1/bounces_controller.rb Normal file
View file

@ -0,0 +1,25 @@
module Api
module V1
class BouncesController < BaseController
before_action :authenticate_shared_key
# POST api/v1/bounces/
def create
return head(:bad_request) unless bounce_params[:bounce][:bouncedRecipients].any?
BouncedMailAddress.record(bounce_params)
head(:created)
rescue ActionController::ParameterMissing
head(:bad_request)
end
def bounce_params
params.require(:data).require(:bounce).require(:bouncedRecipients).each do |r|
r.require(:emailAddress)
end
params.require(:data)
end
end
end
end

119
app/controllers/api/v1/registrant/confirms_controller.rb Normal file
View file

@ -0,0 +1,119 @@
require 'serializers/registrant_api/domain'
module Api
module V1
module Registrant
class ConfirmsController < ::Api::V1::Registrant::BaseController
skip_before_action :authenticate, :set_paper_trail_whodunnit
before_action :set_domain, only: %i[index update]
before_action :verify_action, only: %i[index update]
before_action :verify_decision, only: %i[update]
def index
res = {
domain_name: @domain.name,
current_registrant: serialized_registrant(@domain.registrant),
}
unless delete_action?
res[:new_registrant] = serialized_registrant(@domain.pending_registrant)
end
render json: res, status: :ok
end
def update
verification = RegistrantVerification.new(domain_id: @domain.id,
verification_token: verify_params[:token])
unless delete_action? ? delete_action(verification) : change_action(verification)
head :bad_request
return
end
render json: { domain_name: @domain.name,
current_registrant: serialized_registrant(current_registrant),
status: params[:decision] }, status: :ok
end
private
def initiator
"email link, #{I18n.t(:user_not_authenticated)}"
end
def current_registrant
confirmed? && !delete_action? ? @domain.pending_registrant : @domain.registrant
end
def confirmed?
verify_params[:decision] == 'confirmed'
end
def change_action(verification)
if confirmed?
verification.domain_registrant_change_confirm!(initiator)
else
verification.domain_registrant_change_reject!(initiator)
end
end
def delete_action(verification)
if confirmed?
verification.domain_registrant_delete_confirm!(initiator)
else
verification.domain_registrant_delete_reject!(initiator)
end
end
def serialized_registrant(registrant)
{
name: registrant.try(:name),
ident: registrant.try(:ident),
country: registrant.try(:ident_country_code),
}
end
def verify_params
params do |p|
p.require(:name)
p.require(:token)
p.permit(:decision)
end
end
def delete_action?
return true if params[:template] == 'delete'
false
end
def verify_decision
return if %w[confirmed rejected].include?(params[:decision])
head :not_found
end
def set_domain
@domain = Domain.find_by(name: verify_params[:name])
@domain ||= Domain.find_by(name_puny: verify_params[:name])
return if @domain
render json: { error: 'Domain not found' }, status: :not_found
end
def verify_action
action = if params[:template] == 'change'
@domain.registrant_update_confirmable?(verify_params[:token])
elsif params[:template] == 'delete'
@domain.registrant_delete_confirmable?(verify_params[:token])
end
return if action
render json: { error: 'Application expired or not found' }, status: :unauthorized
end
end
end
end
end

11
app/controllers/api/v1/registrant/contacts_controller.rb
View file

@ -19,15 +19,16 @@ module Api
end
contacts = current_user_contacts.limit(limit).offset(offset)
serialized_contacts = contacts.collect { |contact| serialize_contact(contact) }
serialized_contacts = contacts.collect { |contact| serialize_contact(contact, false) }
render json: serialized_contacts
end
def show
contact = current_user_contacts.find_by(uuid: params[:uuid])
links = params[:links] == 'true'
if contact
render json: serialize_contact(contact)
render json: serialize_contact(contact, links)
else
render json: { errors: [{ base: ['Contact not found'] }] }, status: :not_found
end
@ -85,7 +86,7 @@ module Api
contact.registrar.notify(action)
end
render json: serialize_contact(contact)
render json: serialize_contact(contact, false)
end
private
@ -96,8 +97,8 @@ module Api
current_registrant_user.direct_contacts
end
def serialize_contact(contact)
Serializers::RegistrantApi::Contact.new(contact).to_json
def serialize_contact(contact, links)
Serializers::RegistrantApi::Contact.new(contact, links).to_json
end
end
end

12
app/controllers/api/v1/registrant/domains_controller.rb
View file

@ -7,6 +7,7 @@ module Api
def index
limit = params[:limit] || 200
offset = params[:offset] || 0
simple = params[:simple] == 'true' || false
if limit.to_i > 200 || limit.to_i < 1
render(json: { errors: [{ limit: ['parameter is out of range'] }] },
@ -18,21 +19,20 @@ module Api
status: :bad_request) && return
end
@domains = current_user_domains.limit(limit).offset(offset)
serialized_domains = @domains.map do |item|
serializer = Serializers::RegistrantApi::Domain.new(item)
domains = current_user_domains
serialized_domains = domains.limit(limit).offset(offset).map do |item|
serializer = Serializers::RegistrantApi::Domain.new(item, simplify: simple)
serializer.to_json
end
render json: serialized_domains
render json: { count: domains.count, domains: serialized_domains }
end
def show
@domain = current_user_domains.find_by(uuid: params[:uuid])
if @domain
serializer = Serializers::RegistrantApi::Domain.new(@domain)
serializer = Serializers::RegistrantApi::Domain.new(@domain, simplify: false)
render json: serializer.to_json
else
render json: { errors: [{ base: ['Domain not found'] }] }, status: :not_found

75
app/controllers/epp/contacts_controller.rb
View file

@ -1,10 +1,9 @@
require 'deserializers/xml/contact_update'
require 'deserializers/xml/contact_create'
module Epp
class ContactsController < BaseController
before_action :find_contact, only: [:info, :update, :delete]
before_action :find_password, only: [:info, :update, :delete]
helper_method :address_processing?
def info
authorize! :info, @contact, @password
@ -21,25 +20,13 @@ module Epp
def create
authorize! :create, Epp::Contact
frame = params[:parsed_frame]
@contact = Epp::Contact.new(frame, current_user.registrar)
@contact.add_legal_file_to_new(frame)
@contact.generate_code
@contact = Epp::Contact.new(params[:parsed_frame], current_user.registrar)
collected_data = ::Deserializers::Xml::ContactCreate.new(params[:parsed_frame])
action = Actions::ContactCreate.new(@contact, collected_data.legal_document,
collected_data.ident)
if @contact.save
if !address_processing? && address_given?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response '/epp/contacts/save'
else
handle_errors(@contact)
end
action_call_response(action: action)
end
def update
@ -52,29 +39,18 @@ module Epp
collected_data.ident,
current_user)
if action.call
if !address_processing? && address_given?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response 'epp/contacts/save'
else
handle_errors(@contact)
end
action_call_response(action: action)
end
def delete
authorize! :delete, @contact, @password
if @contact.destroy_and_clean(params[:parsed_frame])
render_epp_response '/epp/contacts/delete'
else
action = Actions::ContactDelete.new(@contact, params[:legal_document])
unless action.call
handle_errors(@contact)
return
end
render_epp_response '/epp/contacts/delete'
end
def renew
@ -91,6 +67,26 @@ module Epp
private
def opt_addr?
!Contact.address_processing? && address_given?
end
def action_call_response(action:)
# rubocop:disable Style/AndOr
(handle_errors(@contact) and return) unless action.call
# rubocop:enable Style/AndOr
if opt_addr?
@response_code = 1100
@response_description = t('epp.contacts.completed_without_address')
else
@response_code = 1000
@response_description = t('epp.contacts.completed')
end
render_epp_response('epp/contacts/save')
end
def find_password
@password = params[:parsed_frame].css('authInfo pw').text
end
@ -129,8 +125,7 @@ module Epp
'postalInfo > addr > cc',
]
required_attributes.concat(address_attributes) if address_processing?
required_attributes.concat(address_attributes) if Contact.address_processing?
requires(*required_attributes)
ident = params[:parsed_frame].css('ident')
@ -206,9 +201,5 @@ module Epp
def address_given?
params[:parsed_frame].css('postalInfo addr').size != 0
end
def address_processing?
Contact.address_processing?
end
end
end

49
app/controllers/registrar/bulk_change_controller.rb
View file

@ -4,11 +4,38 @@ class Registrar
def new
authorize! :manage, :repp
@expire_date = Time.zone.now.to_date
render file: 'registrar/bulk_change/new', locals: { active_tab: default_tab }
end
def bulk_renew
authorize! :manage, :repp
set_form_data
if ready_to_renew?
res = ReppApi.bulk_renew(domain_ids_for_bulk_renew, params[:period],
current_registrar_user)
flash_message(JSON.parse(res))
else
flash[:notice] = nil
end
render file: 'registrar/bulk_change/new', locals: { active_tab: :bulk_renew }
end
private
def ready_to_renew?
domain_ids_for_bulk_renew.present? && params[:renew].present?
end
def set_form_data
@expire_date = params[:expire_date].to_date
@domains = domains_by_date(@expire_date)
@period = params[:period]
end
def available_contacts
current_registrar_user.registrar.contacts.order(:name).pluck(:name, :code)
end
@ -16,5 +43,27 @@ class Registrar
def default_tab
:technical_contact
end
def domains_scope
current_registrar_user.registrar.domains
end
def domains_by_date(date)
domains_scope.where('valid_to <= ?', date)
end
def domain_ids_for_bulk_renew
params.dig('domain_ids')&.reject { |id| id.blank? }
end
def renew_task(domains)
Domains::BulkRenew::Start.run(domains: domains,
period_element: @period,
registrar: current_registrar_user.registrar)
end
def flash_message(res)
flash[:notice] = res['code'] == 1000 ? t(:bulk_renew_completed) : res['message']
end
end
end

12
app/controllers/registrar/domain_transfers_controller.rb
View file

@ -15,12 +15,12 @@ class Registrar
csv.each do |row|
domain_name = row['Domain']
transfer_code = row['Transfer code']
domain_transfers << { 'domainName' => domain_name, 'transferCode' => transfer_code }
domain_transfers << { 'domain_name' => domain_name, 'transfer_code' => transfer_code }
end
uri = URI.parse("#{ENV['repp_url']}domain_transfers")
uri = URI.parse("#{ENV['repp_url']}domains/transfer")
request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
request.body = { data: { domainTransfers: domain_transfers } }.to_json
request.body = { data: { domain_transfers: domain_transfers } }.to_json
request.basic_auth(current_registrar_user.username,
current_registrar_user.plain_text_password)
@ -55,10 +55,12 @@ class Registrar
parsed_response = JSON.parse(response.body, symbolize_names: true)
if response.code == '200'
flash[:notice] = t '.transferred', count: parsed_response[:data].size
failed = parsed_response[:data][:failed].each(&:domain_name).join(', ')
flash[:notice] = t('.transferred', count: parsed_response[:data][:success].size,
failed: failed)
redirect_to registrar_domains_url
else
@api_errors = parsed_response[:errors]
@api_errors = parsed_response[:message]
render file: 'registrar/bulk_change/new', locals: { active_tab: :bulk_transfer }
end
else

7
app/controllers/registrar/nameservers_controller.rb
View file

@ -49,12 +49,13 @@ class Registrar
if response.code == '200'
notices = [t('.replaced')]
notices << "#{t('.affected_domains')}: #{parsed_response[:affected_domains].join(', ')}"
notices << "#{t('.affected_domains')}: " \
"#{parsed_response[:data][:affected_domains].join(', ')}"
flash[:notice] = notices
flash[:notice] = notices.join(', ')
redirect_to registrar_domains_url
else
@api_errors = parsed_response[:errors]
@api_errors = parsed_response[:message]
render file: 'registrar/bulk_change/new', locals: { active_tab: :nameserver }
end
end

1
app/controllers/registrar/sessions_controller.rb
View file

@ -62,6 +62,7 @@ class Registrar
def find_user_by_idc_and_allowed(idc)
return User.new unless idc
possible_users = ApiUser.where(identity_code: idc) || User.new
possible_users.each do |selected_user|
if selected_user.registrar.white_ips.registrar_area.include_ip?(request.ip)

12
app/controllers/registrar/tech_contacts_controller.rb
View file

@ -43,16 +43,18 @@ class Registrar
if response.code == '200'
notices = [t('.replaced')]
notices << "#{t('.affected_domains')}: #{parsed_response[:affected_domains].join(', ')}"
notices << "#{t('.affected_domains')}: " \
"#{parsed_response[:data][:affected_domains].join(', ')}"
if parsed_response[:skipped_domains]
notices << "#{t('.skipped_domains')}: #{parsed_response[:skipped_domains].join(', ')}"
if parsed_response[:data][:skipped_domains]
notices << "#{t('.skipped_domains')}: " \
"#{parsed_response[:data][:skipped_domains].join(', ')}"
end
flash[:notice] = notices
flash[:notice] = notices.join(', ')
redirect_to registrar_domains_url
else
@error = parsed_response[:error]
@error = response.code == '404' ? 'Contact(s) not found' : parsed_response[:message]
render file: 'registrar/bulk_change/new', locals: { active_tab: :technical_contact }
end
end

11
app/controllers/repp/v1/accounts_controller.rb Normal file
View file

@ -0,0 +1,11 @@
module Repp
module V1
class AccountsController < BaseController
def balance
resp = { balance: current_user.registrar.cash_account.balance,
currency: current_user.registrar.cash_account.currency }
render_success(data: resp)
end
end
end
end

4
app/controllers/repp/v1/auctions_controller.rb
View file

@ -3,9 +3,9 @@ module Repp
class AuctionsController < ActionController::API
def index
auctions = Auction.started
@response = { count: auctions.count, auctions: auctions_to_json(auctions) }
render json: { count: auctions.count,
auctions: auctions_to_json(auctions) }
render json: @response
end
private

130
app/controllers/repp/v1/base_controller.rb Normal file
View file

@ -0,0 +1,130 @@
module Repp
module V1
class BaseController < ActionController::API
rescue_from ActiveRecord::RecordNotFound, with: :not_found_error
before_action :authenticate_user
before_action :validate_webclient_ca
before_action :check_ip_restriction
attr_reader :current_user
before_action :set_paper_trail_whodunnit
rescue_from ActionController::ParameterMissing do |exception|
render json: { code: 2003, message: exception }, status: :bad_request
end
after_action do
ApiLog::ReppLog.create(
request_path: request.path, request_method: request.request_method,
request_params: request.params.except('route_info').to_json, uuid: request.try(:uuid),
response: @response.to_json, response_code: status, ip: request.ip,
api_user_name: current_user.try(:username),
api_user_registrar: current_user.try(:registrar).try(:to_s)
)
end
private
def set_paper_trail_whodunnit
::PaperTrail.request.whodunnit = current_user
end
def render_success(code: nil, message: nil, data: nil)
@response = { code: code || 1000, message: message || 'Command completed successfully',
data: data || {} }
render(json: @response, status: :ok)
end
def epp_errors
@epp_errors ||= []
end
def handle_errors(obj = nil, update: false)
@epp_errors ||= []
obj&.construct_epp_errors
@epp_errors += obj.errors[:epp_errors] if obj
format_epp_errors if update
@epp_errors.uniq!
render_epp_error
end
def format_epp_errors
@epp_errors.each_with_index do |error, index|
blocked_by_delete_prohibited?(error, index)
end
end
def blocked_by_delete_prohibited?(error, index)
if error[:code] == 2304 && error[:value][:val] == DomainStatus::SERVER_DELETE_PROHIBITED &&
error[:value][:obj] == 'status'
@epp_errors[index][:value][:val] = DomainStatus::PENDING_UPDATE
end
end
def render_epp_error(status = :bad_request, data = {})
@epp_errors ||= []
@epp_errors << { code: 2304, msg: 'Command failed' } if data != {}
@response = { code: @epp_errors[0][:code].to_i, message: @epp_errors[0][:msg], data: data }
render(json: @response, status: status)
end
def basic_token
pattern = /^Basic /
header = request.headers['Authorization']
header = header.gsub(pattern, '') if header&.match(pattern)
header.strip
end
def authenticate_user
username, password = Base64.urlsafe_decode64(basic_token).split(':')
@current_user ||= ApiUser.find_by(username: username, plain_text_password: password)
return if @current_user
raise(ArgumentError)
rescue NoMethodError, ArgumentError
@response = { code: 2202, message: 'Invalid authorization information' }
render(json: @response, status: :unauthorized)
end
def check_ip_restriction
return if webclient_request?
return if @current_user.registrar.api_ip_white?(request.ip)
@response = { code: 2202,
message: I18n.t('registrar.authorization.ip_not_allowed', ip: request.ip) }
render(json: @response, status: :unauthorized)
end
def webclient_request?
return if Rails.env.test?
ENV['webclient_ips'].split(',').map(&:strip).include?(request.ip)
end
def validate_webclient_ca
return unless webclient_request?
request_name = request.env['HTTP_SSL_CLIENT_S_DN_CN']
webclient_cn = ENV['webclient_cert_common_name'] || 'webclient'
return if request_name == webclient_cn
@response = { code: 2202,
message: I18n.t('registrar.authorization.ip_not_allowed', ip: request.ip) }
render(json: @response, status: :unauthorized)
end
def not_found_error
@response = { code: 2303, message: 'Object does not exist' }
render(json: @response, status: :not_found)
end
end
end
end

137
app/controllers/repp/v1/contacts_controller.rb Normal file
View file

@ -0,0 +1,137 @@
require 'serializers/repp/contact'
module Repp
module V1
class ContactsController < BaseController
before_action :find_contact, only: %i[show update destroy]
## GET /repp/v1/contacts
def index
record_count = current_user.registrar.contacts.count
contacts = showable_contacts(params[:details], params[:limit] || 200,
params[:offset] || 0)
@response = { contacts: contacts, total_number_of_records: record_count }
render(json: @response, status: :ok)
end
## GET /repp/v1/contacts/1
def show
serializer = ::Serializers::Repp::Contact.new(@contact,
show_address: Contact.address_processing?)
render_success(data: serializer.to_json)
end
## GET /repp/v1/contacts/check/1
def check
contact = Epp::Contact.find_by(code: params[:id])
data = { contact: { id: params[:id], available: contact.nil? } }
render_success(data: data)
end
## POST /repp/v1/contacts
def create
@contact = Epp::Contact.new(contact_params_with_address, current_user.registrar, epp: false)
action = Actions::ContactCreate.new(@contact, params[:legal_document],
contact_ident_params)
unless action.call
handle_errors(@contact)
return
end
render_success(create_update_success_body)
end
## PUT /repp/v1/contacts/1
def update
action = Actions::ContactUpdate.new(@contact, contact_params_with_address(required: false),
params[:legal_document],
contact_ident_params(required: false), current_user)
unless action.call
handle_errors(@contact)
return
end
render_success(create_update_success_body)
end
def destroy
action = Actions::ContactDelete.new(@contact, params[:legal_document])
unless action.call
handle_errors(@contact)
return
end
render_success
end
def contact_addr_present?
return false unless contact_addr_params.key?(:addr)
contact_addr_params[:addr].keys.any?
end
def create_update_success_body
{ code: opt_addr? ? 1100 : nil, data: { contact: { id: @contact.code } },
message: opt_addr? ? I18n.t('epp.contacts.completed_without_address') : nil }
end
def showable_contacts(details, limit, offset)
contacts = current_user.registrar.contacts.limit(limit).offset(offset)
return contacts.pluck(:code) unless details
contacts = contacts.map do |contact|
serializer = ::Serializers::Repp::Contact.new(contact,
show_address: Contact.address_processing?)
serializer.to_json
end
contacts
end
def opt_addr?
!Contact.address_processing? && contact_addr_present?
end
def find_contact
code = params[:id]
@contact = Epp::Contact.find_by!(code: code, registrar: current_user.registrar)
end
def contact_params_with_address(required: true)
return contact_create_params(required: required) unless contact_addr_params.key?(:addr)
addr = {}
contact_addr_params[:addr].each_key { |k| addr[k] = contact_addr_params[:addr][k] }
contact_create_params(required: required).merge(addr)
end
def contact_create_params(required: true)
params.require(:contact).require(%i[name email phone]) if required
params.require(:contact).permit(:name, :email, :phone, :id)
end
def contact_ident_params(required: true)
if required
params.require(:contact).require(:ident).require(%i[ident ident_type ident_country_code])
params.require(:contact).require(:ident).permit(:ident, :ident_type, :ident_country_code)
else
params.permit(contact: { ident: %i[ident ident_type ident_country_code] })
end
params[:contact][:ident]
end
def contact_addr_params
if Contact.address_processing?
params.require(:contact).require(:addr).require(%i[country_code city street zip])
params.require(:contact).require(:addr).permit(:country_code, :city, :street, :zip)
else
params.require(:contact).permit(addr: %i[country_code city street zip])
end
end
end
end
end

42
app/controllers/repp/v1/domains/contacts_controller.rb Normal file
View file

@ -0,0 +1,42 @@
module Repp
module V1
module Domains
class ContactsController < BaseController
before_action :set_current_contact, only: [:update]
before_action :set_new_contact, only: [:update]
def set_current_contact
@current_contact = current_user.registrar.contacts.find_by!(
code: contact_params[:current_contact_id]
)
end
def set_new_contact
@new_contact = current_user.registrar.contacts.find_by!(code: params[:new_contact_id])
end
def update
@epp_errors ||= []
@epp_errors << { code: 2304, msg: 'New contact must be valid' } if @new_contact.invalid?
if @new_contact == @current_contact
@epp_errors << { code: 2304, msg: 'New contact must be different from current' }
end
return handle_errors if @epp_errors.any?
affected, skipped = TechDomainContact.replace(@current_contact, @new_contact)
@response = { affected_domains: affected, skipped_domains: skipped }
render_success(data: @response)
end
private
def contact_params
params.require(%i[current_contact_id new_contact_id])
params.permit(:current_contact_id, :new_contact_id)
end
end
end
end
end

65
app/controllers/repp/v1/domains/renews_controller.rb Normal file
View file

@ -0,0 +1,65 @@
module Repp
module V1
module Domains
class RenewsController < BaseController
before_action :validate_renew_period, only: [:bulk_renew]
before_action :select_renewable_domains, only: [:bulk_renew]
def bulk_renew
renew = run_bulk_renew_task(@domains, bulk_renew_params[:renew_period])
return render_success(data: { updated_domains: @domains.map(&:name) }) if renew.valid?
@epp_errors << { code: 2002,
msg: renew.errors.keys.map { |k, _v| renew.errors[k] }.join(', ') }
handle_errors
end
private
def validate_renew_period
@epp_errors ||= []
periods = Depp::Domain::PERIODS.map { |p| p[1] }
return if periods.include? bulk_renew_params[:renew_period]
@epp_errors << { code: 2005, msg: 'Invalid renew period' }
end
def select_renewable_domains
@epp_errors ||= []
if bulk_renew_params[:domains].instance_of?(Array)
@domains = bulk_renew_domains
else
@epp_errors << { code: 2005, msg: 'Domains attribute must be an array' }
end
return handle_errors if @epp_errors.any?
end
def run_bulk_renew_task(domains, period)
::Domains::BulkRenew::Start.run(domains: domains, period_element: period,
registrar: current_user.registrar)
end
def bulk_renew_params
params do
params.require(%i[domains renew_period])
params.permit(:domains, :renew_period)
end
end
def bulk_renew_domains
@epp_errors ||= []
domains = []
bulk_renew_params[:domains].each do |idn|
domain = Epp::Domain.find_by(name: idn)
domains << domain if domain
@epp_errors << { code: 2304, msg: "Object does not exist: #{idn}" } unless domain
end
domains
end
end
end
end
end

94
app/controllers/repp/v1/domains_controller.rb Normal file
View file

@ -0,0 +1,94 @@
module Repp
module V1
class DomainsController < BaseController
before_action :set_authorized_domain, only: [:transfer_info]
def index
records = current_user.registrar.domains
domains = records.limit(limit).offset(offset)
domains = domains.pluck(:name) unless index_params[:details] == 'true'
render_success(data: { domains: domains, total_number_of_records: records.count })
end
def transfer_info
contact_fields = %i[code name ident ident_type ident_country_code phone email street city
zip country_code statuses]
data = {
domain: @domain.name,
registrant: @domain.registrant.as_json(only: contact_fields),
admin_contacts: @domain.admin_contacts.map { |c| c.as_json(only: contact_fields) },
tech_contacts: @domain.tech_contacts.map { |c| c.as_json(only: contact_fields) },
}
render_success(data: data)
end
def transfer
@errors ||= []
@successful = []
transfer_params[:domain_transfers].each do |transfer|
initiate_transfer(transfer)
end
render_success(data: { success: @successful, failed: @errors })
end
def initiate_transfer(transfer)
domain = Epp::Domain.find_or_initialize_by(name: transfer[:domain_name])
action = Actions::DomainTransfer.new(domain, transfer[:transfer_code],
current_user.registrar)
if action.call
@successful << { type: 'domain_transfer', domain_name: domain.name }
else
@errors << { type: 'domain_transfer', domain_name: domain.name,
errors: domain.errors[:epp_errors] }
end
end
private
def transfer_params
params.require(:data).require(:domain_transfers).each do |t|
t.require(:domain_name)
t.permit(:domain_name)
t.require(:transfer_code)
t.permit(:transfer_code)
end
params.require(:data).permit(domain_transfers: %i[domain_name transfer_code])
end
def transfer_info_params
params.require(:id)
params.permit(:id)
end
def set_authorized_domain
@epp_errors ||= []
h = {}
h[transfer_info_params[:id].match?(/\A[0-9]+\z/) ? :id : :name] = transfer_info_params[:id]
@domain = Domain.find_by!(h)
return if @domain.transfer_code.eql?(request.headers['Auth-Code'])
@epp_errors << { code: 2202, msg: I18n.t('errors.messages.epp_authorization_error') }
handle_errors
end
def limit
index_params[:limit] || 200
end
def offset
index_params[:offset] || 0
end
def index_params
params.permit(:limit, :offset, :details)
end
end
end
end

56
app/controllers/repp/v1/registrar/nameservers_controller.rb Normal file
View file

@ -0,0 +1,56 @@
module Repp
module V1
module Registrar
class NameserversController < BaseController
before_action :verify_nameserver_existance, only: %i[update]
def update
affected = current_user.registrar
.replace_nameservers(hostname,
hostname_params[:data][:attributes],
domains: domains_from_params)
render_success(data: data_format_for_success(affected))
rescue ActiveRecord::RecordInvalid => e
handle_errors(e.record)
end
private
def domains_from_params
return [] unless params[:data][:domains]
params[:data][:domains].map(&:downcase)
end
def data_format_for_success(affected_domains)
{
type: 'nameserver',
id: params[:data][:attributes][:hostname],
attributes: params[:data][:attributes],
affected_domains: affected_domains,
}
end
def hostname_params
params.require(:data).require(%i[type id])
params.require(:data).require(:attributes).require([:hostname])
params.permit(data: [
:type, :id,
{ domains: [],
attributes: [:hostname, { ipv4: [], ipv6: [] }] }
])
end
def hostname
hostname_params[:data][:id]
end
def verify_nameserver_existance
current_user.registrar.nameservers.find_by!(hostname: hostname)
end
end
end
end
end

3
app/controllers/repp/v1/retained_domains_controller.rb
View file

@ -3,8 +3,9 @@ module Repp
class RetainedDomainsController < ActionController::API
def index
domains = RetainedDomains.new(query_params)
@response = { count: domains.count, domains: domains.to_jsonable }
render json: { count: domains.count, domains: domains.to_jsonable }
render json: @response
end
def query_params