zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-16 17:37:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Added auth info to contact

Browse source
This commit is contained in:
Andres Keskküla 2014-08-15 16:09:05 +03:00
parent eaa9b015e2
commit c1f90754d1
7 changed files with 50 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

33
app/helpers/epp/contacts_helper.rb
View file

@ -1,18 +1,15 @@
module Epp::ContactsHelper
def create_contact
@contact = Contact.new( contact_and_address_attributes )
stamp @contact
if @contact.save
render '/epp/contacts/create'
else
handle_errors(@contact)
end
render '/epp/contacts/create' and return if stamp(@contact) && @contact.save
handle_errors(@contact)
end
def update_contact
code = params_hash['epp']['command']['update']['update'][:id]
@contact = Contact.where(code: code).first
if stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
if has_rights? && stamp(@contact) && @contact.update_attributes(contact_and_address_attributes(:update))
render 'epp/contacts/update'
else
epp_errors << { code: '2303', msg: t('errors.messages.epp_obj_does_not_exist'), value: { obj: 'id', val: code } } if @contact == []
@ -22,6 +19,7 @@ module Epp::ContactsHelper
def delete_contact
#no deleting, implement PaperTrail or something similar.
#TODO check for relation before 'destroying'
@contact = find_contact
handle_errors(@contact) and return unless @contact
@contact.destroy
@ -47,12 +45,10 @@ module Epp::ContactsHelper
def validate_contact_create_request
@ph = params_hash['epp']['command']['create']['create']
xml_attrs_present?(@ph, [['id'],
['postalInfo'],
['authInfo', 'pw'],
['postalInfo', 'name'],
['postalInfo', 'addr'],
['postalInfo', 'addr', 'city'],
['postalInfo', 'addr', 'cc'],
['authInfo']])
['postalInfo', 'addr', 'cc']])
end
## UPDATE
@ -89,6 +85,14 @@ module Epp::ContactsHelper
contact
end
def has_rights?
authInfo = @ph.try(:[], :authInfo).try(:[], :pw) || @ph.try(:[], :chg).try(:[], :authInfo).try(:[], :pw) || []
id = @ph[:id]
return true if (id && authInfo && find_contact.auth_info == authInfo)
epp_errors << { code: '2201', msg: t('errors.messages.epp_authorization_error'), value: { obj: 'pw', val: authInfo } }
return false
end
def contact_and_address_attributes( type=:create )
case type
@ -105,13 +109,6 @@ module Epp::ContactsHelper
contact_hash
end
def has_rights
if @contact.created_by.registrar == current_epp_user.registrar
return true
end
return false
end
def ident_type
result = params[:frame].slice(/(?<=\<ns2:ident type=)(.*)(?=<)/)

5
db/migrate/20140815114000_add_auth_info_to_contact.rb Normal file
View file

@ -0,0 +1,5 @@
class AddAuthInfoToContact < ActiveRecord::Migration
def change
add_column :contacts, :auth_info, :string
end
end

3
db/schema.rb
View file

@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20140815110028) do
ActiveRecord::Schema.define(version: 20140815114000) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@ -43,6 +43,7 @@ ActiveRecord::Schema.define(version: 20140815110028) do
t.string "org_name"
t.integer "created_by_id"
t.integer "updated_by_id"
t.string "auth_info"
end
create_table "countries", force: true do |t|

25
spec/epp/contact_spec.rb
View file

@ -7,6 +7,7 @@ describe 'EPP Contact', epp: true do
before(:each) { Fabricate(:epp_user) }
context 'create command' do
it "fails if request is invalid" do
response = epp_request(contact_create_xml( { authInfo: [false], addr: { cc: false, city: false } } ), :xml)
@ -14,9 +15,9 @@ describe 'EPP Contact', epp: true do
expect(response[:results][1][:result_code]).to eq('2003')
expect(response[:results][2][:result_code]).to eq('2003')
expect(response[:results][0][:msg]).to eq('Required parameter missing: city')
expect(response[:results][1][:msg]).to eq('Required parameter missing: cc')
expect(response[:results][2][:msg]).to eq('Required parameter missing: authInfo')
expect(response[:results][0][:msg]).to eq('Required parameter missing: pw')
expect(response[:results][1][:msg]).to eq('Required parameter missing: city')
expect(response[:results][2][:msg]).to eq('Required parameter missing: cc')
expect(response[:results].count).to eq 3
end
@ -37,7 +38,6 @@ describe 'EPP Contact', epp: true do
expect(Contact.first.address.street).to eq('123 Example Dr.')
expect(Contact.first.address.street2).to eq('Suite 100')
expect(Contact.first.address.street3).to eq nil
end
it 'returns result data upon success' do
@ -77,7 +77,16 @@ describe 'EPP Contact', epp: true do
expect(response[:results][0][:msg]).to eq('Required parameter missing: id')
expect(response[:results].count).to eq 1
end
it 'fails with wrong authentication info' do
Fabricate(:contact, code: 'sh8013', auth_info: 'secure_password')
response = epp_request('contacts/update.xml')
expect(response[:msg]).to eq('Authorization error')
expect(response[:result_code]).to eq('2201')
end
it 'stamps updated_by succesfully' do
Fabricate(:contact, code: 'sh8013')
@ -89,7 +98,7 @@ describe 'EPP Contact', epp: true do
end
it 'is succesful' do
Fabricate(:contact, created_by_id: 1, email: 'not_updated@test.test', code: 'sh8013')
Fabricate(:contact, created_by_id: 1, email: 'not_updated@test.test', code: 'sh8013', auth_info: '2fooBAR')
#response = epp_request(contact_update_xml( { chg: { email: 'fred@bloggers.ee', postalInfo: { name: 'Fred Bloggers' } } } ), :xml)
response = epp_request('contacts/update.xml')
@ -101,7 +110,7 @@ describe 'EPP Contact', epp: true do
end
it 'returns phone and email error' do
Fabricate(:contact, created_by_id: 1, email: 'not_updated@test.test', code: 'sh8013')
Fabricate(:contact, created_by_id: 1, email: 'not_updated@test.test', code: 'sh8013', auth_info: '2fooBAR')
#response = epp_request(contact_update_xml( { chg: { email: "qwe", phone: "123qweasd" } }), :xml)
response = epp_request('contacts/update_with_errors.xml')
@ -123,7 +132,7 @@ describe 'EPP Contact', epp: true do
end
it 'deletes contact' do
Fabricate(:contact, code: "dwa1234")
Fabricate(:contact, code: "dwa1234", auth_info: '2fooBAR')
response = epp_request('contacts/delete.xml')
expect(response[:result_code]).to eq('1000')
expect(response[:msg]).to eq('Command completed successfully')

3
spec/epp/requests/contacts/update_with_errors.xml
View file

@ -8,6 +8,9 @@
<contact:chg>
<contact:voice x="1234">123456798</contact:voice>
<contact:email>faulty</contact:email>
<contact:authInfo>
<contact:pw>2fooBAR</contact:pw>
</contact:authInfo>
</contact:chg>
</contact:update>
</update>

1
spec/fabricators/contact_fabricator.rb
View file

@ -5,5 +5,6 @@ Fabricator(:contact) do
ident '37605030299'
code { "sh#{Faker::Number.number(4)}" }
ident_type 'op'
auth_info 'ccds4324pok'
address
end

7
spec/support/epp_contact_xml_builder.rb
View file

@ -94,6 +94,8 @@ module EppContactXmlBuilder
xml_params[:chg][:postalInfo] = postalInfo
xml_params[:chg][:postalInfo][:addr] = addr
xml_params[:chg][:authInfo] = xml_params[:chg][:authInfo] || { pw: 'ccds4324pok' }
xml.instruct!(:xml, standalone: 'no')
xml.epp('xmlns' => 'urn:ietf:params:xml:ns:epp-1.0') do
@ -122,6 +124,11 @@ module EppContactXmlBuilder
end
end
end
unless xml_params[:chg][:authInfo] == [false]
xml.tag!('contact:authInfo') do
xml.tag!('contact:pw', xml_params[:chg][:authInfo][:pw] ) unless xml_params[:chg][:authInfo][:pw] == false
end
end
end
end
end