Merge branch 'master' into improve-registrant-area

.ruby-version

@@ -1 +1 @@
-2.3.7
+2.4.4

Dockerfile

@@ -1,4 +1,4 @@
-FROM internetee/ruby:2.3
+FROM internetee/ruby:2.4
 MAINTAINER maciej.szlosarczyk@internet.ee
 
 RUN mkdir -p /opt/webapps/app/tmp/pids

app/api/repp/domain_v1.rb

@@ -29,7 +29,7 @@ module Repp
       # example: curl -u registrar1:password localhost:3000/repp/v1/domains/1/transfer_info -H "Auth-Code: authinfopw1"
       get '/:id/transfer_info', requirements: { id: /.*/ } do
         ident = params[:id]
-        domain = ident =~ /\A[0-9]+\z/ ? Domain.find_by(id: ident) : Domain.find_by_idn(ident)
+        domain = ident.match?(/\A[0-9]+\z/) ? Domain.find_by(id: ident) : Domain.find_by_idn(ident)
 
         error! I18n.t('errors.messages.epp_domain_not_found'), 404 unless domain
         error! I18n.t('errors.messages.epp_authorization_error'), 401 unless domain.transfer_code.eql? request.headers['Auth-Code']

app/controllers/epp_controller.rb

@@ -145,7 +145,9 @@ class EppController < ApplicationController
   # VALIDATION
   def latin_only
     return true if params['frame'].blank?
-    return true if params['frame'].match(/\A[\p{Latin}\p{Z}\p{P}\p{S}\p{Cc}\p{Cf}\w_\'\+\-\.\(\)\/]*\Z/i)
+    if params['frame'].match?(/\A[\p{Latin}\p{Z}\p{P}\p{S}\p{Cc}\p{Cf}\w_\'\+\-\.\(\)\/]*\Z/i)
+      return true
+    end
 
     epp_errors << {
       msg: 'Parameter value policy error. Allowed only Latin characters.',

app/helpers/application_helper.rb

@@ -89,4 +89,8 @@ module ApplicationHelper
     types.delete('ddoc')
     ".#{types.join(',.')}"
   end
+
+  def body_css_class
+    [controller_path.split('/').map!(&:dasherize), action_name.dasherize, 'page'].join('-')
+  end
 end

app/models/certificate.rb

@@ -87,14 +87,14 @@ class Certificate < ActiveRecord::Base
     -extensions usr_cert -notext -md sha256 \
     -in #{csr_file.path} -out #{crt_file.path} -key '#{ENV['ca_key_password']}' -batch")
 
-    if err.match(/Data Base Updated/)
+    if err.match?(/Data Base Updated/)
       crt_file.rewind
       self.crt = crt_file.read
       self.md5 = OpenSSL::Digest::MD5.new(parsed_crt.to_der).to_s
       save!
     else
       logger.error('FAILED TO CREATE CLIENT CERTIFICATE')
-      if err.match(/TXT_DB error number 2/)
+      if err.match?(/TXT_DB error number 2/)
         errors.add(:base, I18n.t('failed_to_create_crt_csr_already_signed'))
         logger.error('CSR ALREADY SIGNED')
       else

app/models/concerns/versions.rb

@@ -34,16 +34,12 @@ module Versions
     end
 
     def user_from_id_role_username(str)
-      user = ApiUser.find_by(id: $1) if str =~ /^(\d+)-(ApiUser:|api-)/
-      unless user.present?
-        user = AdminUser.find_by(id: $1) if str =~ /^(\d+)-AdminUser:/
-        unless user.present?
-          # on import we copied Registrar name, which may eql code
-          registrar = Registrar.find_by(name: str)
-          # assume each registrar has only one user
-          user = registrar.api_users.first if registrar
-        end
-      end
+      registrar = Registrar.find_by(name: str)
+      user = registrar.api_users.first if registrar
+
+      str_match = str.match(/^(\d+)-(ApiUser:|api-|AdminUser:)/)
+      user ||= User.find_by(id: str_match[1]) if str_match
+
       user
     end
 

app/models/nameserver.rb

@@ -100,18 +100,18 @@ class Nameserver < ActiveRecord::Base
 
   def check_puny_symbols
     regexp = /(\A|\.)..--/
-    errors.add(:hostname, :invalid) if hostname =~ regexp
+    errors.add(:hostname, :invalid) if hostname.match?(regexp)
   end
 
   def validate_ipv4_format
     ipv4.to_a.each do |ip|
-      errors.add(:ipv4, :invalid) unless ip =~ IPV4_REGEXP
+      errors.add(:ipv4, :invalid) unless ip.match?(IPV4_REGEXP)
     end
   end
 
   def validate_ipv6_format
     ipv6.to_a.each do |ip|
-      errors.add(:ipv6, :invalid) unless ip =~ IPV6_REGEXP
+      errors.add(:ipv6, :invalid) unless ip.match?(IPV6_REGEXP)
     end
   end
 end

app/validators/contact/ident/reg_no_validator.rb

@@ -10,7 +10,8 @@ class Contact::Ident::RegNoValidator < ActiveModel::EachValidator
 
     return unless format
 
-    record.errors.add(attribute, :invalid_reg_no, country: record.country) unless value =~ format
+    return if value.match?(format)
+    record.errors.add(attribute, :invalid_reg_no, country: record.country)
   end
 
   private

app/validators/domain_name_validator.rb

@@ -22,7 +22,7 @@ class DomainNameValidator < ActiveModel::EachValidator
       # it's punycode
       if value[2] == '-' && value[3] == '-'
         regexp = /\Axn--[a-zA-Z0-9-]{0,59}\.#{general_domains}\z/
-        return false unless value =~ regexp
+        return false unless value.match?(regexp)
         value = SimpleIDN.to_unicode(value).mb_chars.downcase.strip
       end
 

app/views/layouts/admin/base.haml

@@ -10,7 +10,7 @@
     = csrf_meta_tags
     = stylesheet_link_tag 'admin-manifest', media: 'all'
     = favicon_link_tag 'favicon.ico'
-  %body{:style => env_style}
+  %body{:style => env_style, class: body_css_class}
     .navbar.navbar-inverse.navbar-static-top{role: "navigation"}
       .container
         .navbar-header

app/views/layouts/devise.haml

@@ -9,7 +9,7 @@
     = csrf_meta_tags
     = stylesheet_link_tag 'admin-manifest', media: 'all'
     = favicon_link_tag 'favicon.ico'
-  %body{:style => env_style}
+  %body{:style => env_style, class: body_css_class}
     .navbar.navbar-inverse.navbar-static-top{role: "navigation"}
       .container
         .navbar-header

app/views/layouts/registrant/application.html.erb

@@ -14,7 +14,7 @@
         <%= stylesheet_link_tag 'registrant-manifest', media: 'all' %>
         <%= favicon_link_tag 'favicon.ico' %>
     </head>
-    <body>
+    <body class="<%= body_css_class %>">
         <!-- Fixed navbar
         -->
         <nav class="navbar navbar-default navbar-fixed-top">

app/views/layouts/registrar/base.html.erb

@@ -14,7 +14,7 @@
         <%= stylesheet_link_tag 'registrar-manifest', media: 'all' %>
         <%= favicon_link_tag 'favicon.ico' %>
     </head>
-    <body>
+    <body class="<%= body_css_class %>">
         <nav class="navbar navbar-default navbar-fixed-top">
             <div class="container">
                 <div class="navbar-header">

app/views/layouts/registrar/sessions.html.erb

@@ -13,7 +13,7 @@
     <%= stylesheet_link_tag 'registrar-manifest', media: 'all' %>
     <%= javascript_include_tag 'registrar-manifest' %>
 </head>
-<body>
+<body class="<%= body_css_class %>">
     <nav class="navbar navbar-default navbar-fixed-top">
         <div class="container">
             <div class="navbar-header">

doc/registrant-api/v1/authentication.md

@@ -38,7 +38,7 @@ Content-type: application/json
 #### Response
 ```
 HTTP/1.1 201
-Content-Type: application.json
+Content-Type: application/json
 
 
 {
@@ -70,7 +70,7 @@ Content-type: application/json
 #### Response
 ```
 HTTP/1.1 201
-Content-Type: application.json
+Content-Type: application/json
 
 
 {

doc/registrant-api/v1/contact.md

@@ -148,7 +148,7 @@ Content-type: application/json
 
 ```
 HTTP/1.1 200
-Content-Type: application.json
+Content-Type: application/json
 
 {
   "uuid": "84c62f3d-e56f-40fa-9ca4-dc0137778949",
@@ -184,7 +184,7 @@ Content-Type: application.json
 ### Response on failure
 ```
 HTTP/1.1 400
-Content-Type: application.json
+Content-Type: application/json
 
 {
   "errors": [

lib/auth_token/auth_token_creator.rb

@@ -26,7 +26,10 @@ class AuthTokenCreator
   def encrypted_token
     encryptor = OpenSSL::Cipher::AES.new(256, :CBC)
     encryptor.encrypt
-    encryptor.key = key
+
+    # OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
+    # See: https://github.com/ruby/openssl/issues/116
+    encryptor.key = key[0..31]
     encrypted_bytes = encryptor.update(hashable) + encryptor.final
     Base64.urlsafe_encode64(encrypted_bytes)
   end

lib/auth_token/auth_token_decryptor.rb

@@ -16,7 +16,10 @@ class AuthTokenDecryptor
   def decrypt_token
     decipher = OpenSSL::Cipher::AES.new(256, :CBC)
     decipher.decrypt
-    decipher.key = key
+
+    # OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
+    # See: https://github.com/ruby/openssl/issues/116
+    decipher.key = key[0..31]
 
     base64_decoded = Base64.urlsafe_decode64(token.to_s)
     plain = decipher.update(base64_decoded) + decipher.final

test/fixtures/contacts.yml

@@ -16,7 +16,7 @@ william: &william
   name: William
   email: william@inbox.test
   phone: '+555.555'
-  fax: +555.555
+  fax: '+666.6'
   ident: 1234
   ident_type: priv
   ident_country_code: US

test/fixtures/registrars.yml

@@ -41,12 +41,3 @@ complete:
   language: en
   vat_no: US12345
   vat_rate: 0.05
-
-not_in_use:
-  name: any
-  reg_no: any
-  code: any
-  email: any@example.com
-  country_code: US
-  accounting_customer_code: any
-  language: en

test/lib/auth_token/auth_token_creator_test.rb

@@ -8,7 +8,7 @@ class AuthTokenCreatorTest < ActiveSupport::TestCase
 
     @user = users(:registrant)
     time = Time.zone.parse('2010-07-05 00:30:00 +0000')
-    @random_bytes = SecureRandom.random_bytes(64)
+    @random_bytes = SecureRandom.random_bytes(32)
     @token_creator = AuthTokenCreator.new(@user, @random_bytes, time)
   end
 

test/support/task_test_case.rb

@@ -0,0 +1,12 @@
+class TaskTestCase < ActiveSupport::TestCase
+  setup do
+    # Rake tasks usually display some results, which mixes up with test results.
+    # This suppresses default stdout and makes Rails.env.test? checks unnecessary.
+    @original_stdout = $stdout
+    $stdout = File.open(File::NULL, 'w')
+  end
+
+  teardown do
+    $stdout = @original_stdout
+  end
+end

test/test_helper.rb

@@ -12,6 +12,7 @@ require 'capybara/rails'
 require 'capybara/minitest'
 require 'webmock/minitest'
 require 'support/rails5_assertions' # Remove once upgraded to Rails 5
+require 'support/task_test_case'
 
 Setting.address_processing = false
 Setting.registry_country_code = 'US'