diff --git a/app/api/repp/api.rb b/app/api/repp/api.rb index 9c12470a0..7858cd625 100644 --- a/app/api/repp/api.rb +++ b/app/api/repp/api.rb @@ -59,5 +59,6 @@ module Repp mount Repp::AccountV1 mount Repp::DomainTransfersV1 mount Repp::NameserversV1 + mount Repp::DomainContactsV1 end end diff --git a/app/api/repp/domain_contacts_v1.rb b/app/api/repp/domain_contacts_v1.rb new file mode 100644 index 000000000..7f3e323ac --- /dev/null +++ b/app/api/repp/domain_contacts_v1.rb @@ -0,0 +1,47 @@ +module Repp + class DomainContactsV1 < Grape::API + version 'v1', using: :path + + resource :domains do + resource :contacts do + patch '/' do + current_contact = current_user.registrar.contacts + .find_by(code: params[:current_contact_id]) + new_contact = current_user.registrar.contacts.find_by(code: params[:new_contact_id]) + + unless current_contact + error!({ error: { type: 'invalid_request_error', + param: 'current_contact_id', + message: "No such contact: #{params[:current_contact_id]}"} }, + :bad_request) + end + + unless new_contact + error!({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: "No such contact: #{params[:new_contact_id]}" } }, + :bad_request) + end + + if new_contact.invalid? + error!({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: 'New contact must be valid' } }, + :bad_request) + end + + if current_contact == new_contact + error!({ error: { type: 'invalid_request_error', + message: 'New contact ID must be different from current' \ + ' contact ID' } }, + :bad_request) + end + + affected_domains, skipped_domains = TechDomainContact + .replace(current_contact, new_contact) + @response = { affected_domains: affected_domains, skipped_domains: skipped_domains } + end + end + end + end +end diff --git a/app/assets/images/every_pay.png b/app/assets/images/every_pay.png new file mode 100644 index 000000000..fcd4a2c67 Binary files /dev/null and b/app/assets/images/every_pay.png differ diff --git a/app/assets/javascripts/popover.js b/app/assets/javascripts/popover.js new file mode 100644 index 000000000..2f8ed57b5 --- /dev/null +++ b/app/assets/javascripts/popover.js @@ -0,0 +1,9 @@ +(function() { + function initPopover() { + $(function () { + $('[data-toggle="popover"]').popover(); + }) + } + + initPopover(); +})(); diff --git a/app/assets/javascripts/registrar-manifest.coffee b/app/assets/javascripts/registrar-manifest.coffee index 5c4a58df6..f83d9f76e 100644 --- a/app/assets/javascripts/registrar-manifest.coffee +++ b/app/assets/javascripts/registrar-manifest.coffee @@ -7,6 +7,8 @@ #= require select2 #= require datepicker #= require spell_check +#= require popover +#= require text_field_trimmer #= require shared/general #= require registrar/autocomplete #= require registrar/application diff --git a/app/assets/javascripts/text_field_trimmer.js b/app/assets/javascripts/text_field_trimmer.js new file mode 100644 index 000000000..71cbc5295 --- /dev/null +++ b/app/assets/javascripts/text_field_trimmer.js @@ -0,0 +1,15 @@ +(function () { + function trimTextFields() { + let selector = 'input[type=text], input[type=search], input[type=email], textarea'; + let textFields = document.querySelectorAll(selector); + let listener = function () { + this.value = this.value.trim(); + }; + + for (let field of textFields) { + field.addEventListener('change', listener); + } + } + + trimTextFields(); +})(); diff --git a/app/controllers/registrar/bulk_change_controller.rb b/app/controllers/registrar/bulk_change_controller.rb new file mode 100644 index 000000000..562344a46 --- /dev/null +++ b/app/controllers/registrar/bulk_change_controller.rb @@ -0,0 +1,20 @@ +class Registrar + class BulkChangeController < DeppController + helper_method :available_contacts + + def new + authorize! :manage, :repp + render file: 'registrar/bulk_change/new', locals: { active_tab: default_tab } + end + + private + + def available_contacts + current_user.registrar.contacts.order(:name).pluck(:name, :code) + end + + def default_tab + :technical_contact + end + end +end diff --git a/app/controllers/registrar/domain_transfers_controller.rb b/app/controllers/registrar/domain_transfers_controller.rb index 65127155e..7c0925f03 100644 --- a/app/controllers/registrar/domain_transfers_controller.rb +++ b/app/controllers/registrar/domain_transfers_controller.rb @@ -1,5 +1,5 @@ class Registrar - class DomainTransfersController < DeppController + class DomainTransfersController < BulkChangeController before_action do authorize! :transfer, Depp::Domain end @@ -58,7 +58,7 @@ class Registrar redirect_to registrar_domains_url else @api_errors = parsed_response[:errors] - render :new + render file: 'registrar/bulk_change/new', locals: { active_tab: :bulk_transfer } end else params[:request] = true # EPP domain:transfer "op" attribute diff --git a/app/controllers/registrar/registrar_nameservers_controller.rb b/app/controllers/registrar/nameservers_controller.rb similarity index 94% rename from app/controllers/registrar/registrar_nameservers_controller.rb rename to app/controllers/registrar/nameservers_controller.rb index 1af3cde64..b6f7af829 100644 --- a/app/controllers/registrar/registrar_nameservers_controller.rb +++ b/app/controllers/registrar/nameservers_controller.rb @@ -1,9 +1,5 @@ class Registrar - class RegistrarNameserversController < DeppController - def edit - authorize! :manage, :repp - end - + class NameserversController < BulkChangeController def update authorize! :manage, :repp @@ -52,7 +48,7 @@ class Registrar redirect_to registrar_domains_url else @api_errors = parsed_response[:errors] - render :edit + render file: 'registrar/bulk_change/new', locals: { active_tab: :nameserver } end end end diff --git a/app/controllers/registrar/payments_controller.rb b/app/controllers/registrar/payments_controller.rb index 18c892ea7..57565b9c2 100644 --- a/app/controllers/registrar/payments_controller.rb +++ b/app/controllers/registrar/payments_controller.rb @@ -1,30 +1,34 @@ class Registrar class PaymentsController < BaseController - protect_from_forgery except: :back + protect_from_forgery except: [:back, :callback] skip_authorization_check # actually anyone can pay, no problems at all - skip_before_action :authenticate_user!, :check_ip_restriction, only: [:back] - before_action :check_bank + skip_before_action :authenticate_user!, :check_ip_restriction, only: [:back, :callback] + before_action :check_supported_payment_method - # to handle existing model we should - # get invoice_id and then get number - # build BankTransaction without connection with right reference number - # do not connect transaction and invoice def pay invoice = Invoice.find(params[:invoice_id]) - @bank_link = BankLink::Request.new(params[:bank], invoice, self) - @bank_link.make_transaction + bank = params[:bank] + opts = { + return_url: registrar_return_payment_with_url( + bank, invoice_id: invoice + ), + response_url: registrar_response_payment_with_url( + bank, invoice_id: invoice + ) + } + @payment = ::PaymentOrders.create_with_type(bank, invoice, opts) + @payment.create_transaction end - - # connect invoice and transaction - # both back and IPN def back - @bank_link = BankLink::Response.new(params[:bank], params) - if @bank_link.valid? && @bank_link.ok? - @bank_link.complete_payment + invoice = Invoice.find(params[:invoice_id]) + opts = { response: params } + @payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts) + if @payment.valid_response_from_intermediary? && @payment.settled_payment? + @payment.complete_transaction - if @bank_link.invoice.binded? + if invoice.binded? flash[:notice] = t(:pending_applied) else flash[:alert] = t(:something_wrong) @@ -32,17 +36,31 @@ class Registrar else flash[:alert] = t(:something_wrong) end - redirect_to registrar_invoice_path(@bank_link.invoice) + redirect_to registrar_invoice_path(invoice) + end + + def callback + invoice = Invoice.find(params[:invoice_id]) + opts = { response: params } + @payment = ::PaymentOrders.create_with_type(params[:bank], invoice, opts) + + if @payment.valid_response_from_intermediary? && @payment.settled_payment? + @payment.complete_transaction + end + + render status: 200, json: { status: 'ok' } end private - def banks - ENV['payments_banks'].split(",").map(&:strip) + def check_supported_payment_method + return if supported_payment_method? + raise StandardError.new("Not supported payment method") end - def check_bank - raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank]) + + def supported_payment_method? + PaymentOrders::PAYMENT_METHODS.include?(params[:bank]) end end end diff --git a/app/controllers/registrar/tech_contacts_controller.rb b/app/controllers/registrar/tech_contacts_controller.rb new file mode 100644 index 000000000..9d4568ad6 --- /dev/null +++ b/app/controllers/registrar/tech_contacts_controller.rb @@ -0,0 +1,59 @@ +class Registrar + class TechContactsController < BulkChangeController + def update + authorize! :manage, :repp + + uri = URI.parse("#{ENV['repp_url']}domains/contacts") + + request = Net::HTTP::Patch.new(uri) + request.set_form_data(current_contact_id: params[:current_contact_id], + new_contact_id: params[:new_contact_id]) + request.basic_auth(current_user.username, current_user.password) + + if Rails.env.test? + response = Net::HTTP.start(uri.hostname, uri.port, + use_ssl: (uri.scheme == 'https'), + verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http| + http.request(request) + end + elsif Rails.env.development? + client_cert = File.read(ENV['cert_path']) + client_key = File.read(ENV['key_path']) + response = Net::HTTP.start(uri.hostname, uri.port, + use_ssl: (uri.scheme == 'https'), + verify_mode: OpenSSL::SSL::VERIFY_NONE, + cert: OpenSSL::X509::Certificate.new(client_cert), + key: OpenSSL::PKey::RSA.new(client_key)) do |http| + http.request(request) + end + else + client_cert = File.read(ENV['cert_path']) + client_key = File.read(ENV['key_path']) + response = Net::HTTP.start(uri.hostname, uri.port, + use_ssl: (uri.scheme == 'https'), + cert: OpenSSL::X509::Certificate.new(client_cert), + key: OpenSSL::PKey::RSA.new(client_key)) do |http| + http.request(request) + end + end + + parsed_response = JSON.parse(response.body, symbolize_names: true) + + if response.code == '200' + notices = [t('.replaced')] + + notices << "#{t('.affected_domains')}: #{parsed_response[:affected_domains].join(', ')}" + + if parsed_response[:skipped_domains] + notices << "#{t('.skipped_domains')}: #{parsed_response[:skipped_domains].join(', ')}" + end + + flash[:notice] = notices + redirect_to registrar_domains_url + else + @error = parsed_response[:error] + render file: 'registrar/bulk_change/new', locals: { active_tab: :technical_contact } + end + end + end +end diff --git a/app/models/bank_link.rb b/app/models/bank_link.rb deleted file mode 100644 index e388a0f8b..000000000 --- a/app/models/bank_link.rb +++ /dev/null @@ -1,158 +0,0 @@ -class BankLink - module Base - def prepend_size(value) - value = (value || "").to_s.strip - string = "" - string << sprintf("%03i", value.size) - string << value - end - end - - class Request - include Base - include ActionView::Helpers::NumberHelper - - # need controller here in order to handle random ports and domains - # I don't want to do it but has to - attr_accessor :type, :invoice, :controller - def initialize(type, invoice, controller) - @type, @invoice, @controller = type, invoice, controller - end - - def url - ENV["payments_#{type}_url"] - end - - def fields - @fields ||= (hash = {} - hash["VK_SERVICE"] = "1012" - hash["VK_VERSION"] = "008" - hash["VK_SND_ID"] = ENV["payments_#{type}_seller_account"] - hash["VK_STAMP"] = invoice.number - hash["VK_AMOUNT"] = number_with_precision(invoice.total, :precision => 2, :separator => ".") - hash["VK_CURR"] = invoice.currency - hash["VK_REF"] = "" - hash["VK_MSG"] = invoice.order - hash["VK_RETURN"] = controller.registrar_return_payment_with_url(type) - hash["VK_CANCEL"] = controller.registrar_return_payment_with_url(type) - hash["VK_DATETIME"] = Time.now.strftime("%Y-%m-%dT%H:%M:%S%z") - hash["VK_MAC"] = calc_mac(hash) - hash["VK_ENCODING"] = "UTF-8" - hash["VK_LANG"] = "ENG" - hash) - end - - def calc_mac(fields) - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT VK_CURR VK_REF - VK_MSG VK_RETURN VK_CANCEL VK_DATETIME).freeze - data = pars.map{|e| prepend_size(fields[e]) }.join - - sign(data) - end - - def make_transaction - transaction = BankTransaction.where(description: fields["VK_MSG"]).first_or_initialize( - reference_no: invoice.reference_no, - currency: invoice.currency, - iban: invoice.seller_iban - ) - - transaction.save! - end - - private - def sign(data) - private_key = OpenSSL::PKey::RSA.new(File.read(ENV["payments_#{type}_seller_private"])) - - signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data) - signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '') - signed_data - end - end - - - - - class Response - include Base - include ActionView::Helpers::NumberHelper - - attr_accessor :type, :params, :invoice - def initialize(type, params) - @type, @params = type, params - - @invoice = Invoice.find_by(number: params["VK_STAMP"]) if params["VK_STAMP"].present? - end - - def valid? - !!validate - end - - def ok? - params["VK_SERVICE"] == "1111" - end - - def complete_payment - if valid? - transaction = BankTransaction.find_by(description: params["VK_MSG"]) - transaction.sum = BigDecimal.new(params["VK_AMOUNT"].to_s) - transaction.bank_reference = params['VK_T_NO'] - transaction.buyer_bank_code = params["VK_SND_ID"] - transaction.buyer_iban = params["VK_SND_ACC"] - transaction.buyer_name = params["VK_SND_NAME"] - transaction.paid_at = Time.parse(params["VK_T_DATETIME"]) - transaction.save! - - transaction.autobind_invoice - end - end - - - - def validate - case params["VK_SERVICE"] - when "1111" - validate_success && validate_amount && validate_currency - when "1911" - validate_cancel - else - false - end - end - - def validate_success - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_T_NO VK_AMOUNT VK_CURR - VK_REC_ACC VK_REC_NAME VK_SND_ACC VK_SND_NAME VK_REF VK_MSG VK_T_DATETIME).freeze - - @validate_success ||= ( - data = pars.map{|e| prepend_size(params[e]) }.join - verify_mac(data, params["VK_MAC"]) - ) - end - - def validate_cancel - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_REF VK_MSG).freeze - @validate_cancel ||= ( - data = pars.map{|e| prepend_size(params[e]) }.join - verify_mac(data, params["VK_MAC"]) - ) - end - - def validate_amount - source = number_with_precision(BigDecimal.new(params["VK_AMOUNT"].to_s), precision: 2, separator: ".") - target = number_with_precision(invoice.total, precision: 2, separator: ".") - - source == target - end - - def validate_currency - invoice.currency == params["VK_CURR"] - end - - - def verify_mac(data, mac) - bank_public_key = OpenSSL::X509::Certificate.new(File.read(ENV["payments_#{type}_bank_certificate"])).public_key - bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data) - end - end -end diff --git a/app/models/payment_orders.rb b/app/models/payment_orders.rb new file mode 100644 index 000000000..921af0cd4 --- /dev/null +++ b/app/models/payment_orders.rb @@ -0,0 +1,15 @@ +module PaymentOrders + PAYMENT_INTERMEDIARIES = ENV['payments_intermediaries'].to_s.strip.split(', ').freeze + PAYMENT_BANKLINK_BANKS = ENV['payments_banks'].to_s.strip.split(', ').freeze + PAYMENT_METHODS = [PAYMENT_INTERMEDIARIES, PAYMENT_BANKLINK_BANKS].flatten.freeze + + def self.create_with_type(type, invoice, opts = {}) + raise ArgumentError unless PAYMENT_METHODS.include?(type) + + if PAYMENT_BANKLINK_BANKS.include?(type) + BankLink.new(type, invoice, opts) + elsif type == 'every_pay' + EveryPay.new(type, invoice, opts) + end + end +end diff --git a/app/models/payment_orders/bank_link.rb b/app/models/payment_orders/bank_link.rb new file mode 100644 index 000000000..e568da0df --- /dev/null +++ b/app/models/payment_orders/bank_link.rb @@ -0,0 +1,146 @@ +module PaymentOrders + class BankLink < Base + BANK_LINK_VERSION = '008' + + NEW_TRANSACTION_SERVICE_NUMBER = '1012' + SUCCESSFUL_PAYMENT_SERVICE_NUMBER = '1111' + CANCELLED_PAYMENT_SERVICE_NUMBER = '1911' + + NEW_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT + VK_CURR VK_REF VK_MSG VK_RETURN VK_CANCEL + VK_DATETIME).freeze + SUCCESS_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP + VK_T_NO VK_AMOUNT VK_CURR VK_REC_ACC VK_REC_NAME + VK_SND_ACC VK_SND_NAME VK_REF VK_MSG + VK_T_DATETIME).freeze + CANCEL_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP + VK_REF VK_MSG).freeze + + def form_fields + hash = {} + hash["VK_SERVICE"] = NEW_TRANSACTION_SERVICE_NUMBER + hash["VK_VERSION"] = BANK_LINK_VERSION + hash["VK_SND_ID"] = seller_account + hash["VK_STAMP"] = invoice.number + hash["VK_AMOUNT"] = number_with_precision(invoice.total, precision: 2, separator: ".") + hash["VK_CURR"] = invoice.currency + hash["VK_REF"] = "" + hash["VK_MSG"] = invoice.order + hash["VK_RETURN"] = return_url + hash["VK_CANCEL"] = return_url + hash["VK_DATETIME"] = Time.zone.now.strftime("%Y-%m-%dT%H:%M:%S%z") + hash["VK_MAC"] = calc_mac(hash) + hash["VK_ENCODING"] = "UTF-8" + hash["VK_LANG"] = "ENG" + hash + end + + def valid_response_from_intermediary? + return false unless response + + case response["VK_SERVICE"] + when SUCCESSFUL_PAYMENT_SERVICE_NUMBER + valid_successful_transaction? + when CANCELLED_PAYMENT_SERVICE_NUMBER + valid_cancel_notice? + else + false + end + end + + def complete_transaction + return unless valid_successful_transaction? + + transaction = BankTransaction.find_by( + description: invoice.order, + currency: invoice.currency, + iban: invoice.seller_iban + ) + + transaction.sum = response['VK_AMOUNT'] + transaction.bank_reference = response['VK_T_NO'] + transaction.buyer_bank_code = response["VK_SND_ID"] + transaction.buyer_iban = response["VK_SND_ACC"] + transaction.buyer_name = response["VK_SND_NAME"] + transaction.paid_at = Time.parse(response["VK_T_DATETIME"]) + + transaction.save! + transaction.autobind_invoice + end + + def settled_payment? + response["VK_SERVICE"] == SUCCESSFUL_PAYMENT_SERVICE_NUMBER + end + + private + + def valid_successful_transaction? + valid_success_notice? && valid_amount? && valid_currency? + end + + def valid_cancel_notice? + valid_mac?(response, CANCEL_MESSAGE_KEYS) + end + + def valid_success_notice? + valid_mac?(response, SUCCESS_MESSAGE_KEYS) + end + + def valid_amount? + source = number_with_precision( + BigDecimal.new(response["VK_AMOUNT"]), precision: 2, separator: "." + ) + target = number_with_precision( + invoice.total, precision: 2, separator: "." + ) + + source == target + end + + def valid_currency? + invoice.currency == response["VK_CURR"] + end + + def sign(data) + private_key = OpenSSL::PKey::RSA.new(File.read(seller_certificate)) + signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data) + signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '') + signed_data + end + + def calc_mac(fields) + pars = NEW_MESSAGE_KEYS + data = pars.map { |element| prepend_size(fields[element]) }.join + sign(data) + end + + def valid_mac?(hash, keys) + data = keys.map { |element| prepend_size(hash[element]) }.join + verify_mac(data, hash["VK_MAC"]) + end + + def verify_mac(data, mac) + bank_public_key = OpenSSL::X509::Certificate.new(File.read(bank_certificate)).public_key + bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data) + end + + def prepend_size(value) + value = (value || "").to_s.strip + string = "" + string << format("%03i", value.size) + string << value + end + + def seller_account + ENV["payments_#{type}_seller_account"] + end + + def seller_certificate + ENV["payments_#{type}_seller_private"] + end + + def bank_certificate + ENV["payments_#{type}_bank_certificate"] + end + end +end diff --git a/app/models/payment_orders/base.rb b/app/models/payment_orders/base.rb new file mode 100644 index 000000000..cf0293025 --- /dev/null +++ b/app/models/payment_orders/base.rb @@ -0,0 +1,33 @@ +module PaymentOrders + class Base + include ActionView::Helpers::NumberHelper + + attr_reader :type, + :invoice, + :return_url, + :response_url, + :response + + def initialize(type, invoice, opts = {}) + @type = type + @invoice = invoice + @return_url = opts[:return_url] + @response_url = opts[:response_url] + @response = opts[:response] + end + + def create_transaction + transaction = BankTransaction.where(description: invoice.order).first_or_initialize( + reference_no: invoice.reference_no, + currency: invoice.currency, + iban: invoice.seller_iban + ) + + transaction.save! + end + + def form_url + ENV["payments_#{type}_url"] + end + end +end diff --git a/app/models/payment_orders/every_pay.rb b/app/models/payment_orders/every_pay.rb new file mode 100644 index 000000000..b4ddcdf29 --- /dev/null +++ b/app/models/payment_orders/every_pay.rb @@ -0,0 +1,84 @@ +module PaymentOrders + class EveryPay < Base + USER = ENV['payments_every_pay_api_user'].freeze + KEY = ENV['payments_every_pay_api_key'].freeze + ACCOUNT_ID = ENV['payments_every_pay_seller_account'].freeze + SUCCESSFUL_PAYMENT = %w(settled authorized).freeze + + def form_fields + base_json = base_params + base_json[:nonce] = SecureRandom.hex(15) + hmac_fields = (base_json.keys + ['hmac_fields']).sort.uniq! + + base_json[:hmac_fields] = hmac_fields.join(',') + hmac_string = hmac_fields.map { |key, _v| "#{key}=#{base_json[key]}" }.join('&') + hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string) + base_json[:hmac] = hmac + + base_json + end + + def valid_response_from_intermediary? + return false unless response + valid_hmac? && valid_amount? && valid_account? + end + + def settled_payment? + SUCCESSFUL_PAYMENT.include?(response[:payment_state]) + end + + def complete_transaction + return unless valid_response_from_intermediary? && settled_payment? + + transaction = BankTransaction.find_by( + description: invoice.order, + currency: invoice.currency, + iban: invoice.seller_iban + ) + + transaction.sum = response[:amount] + transaction.paid_at = Date.strptime(response[:timestamp], '%s') + transaction.buyer_name = response[:cc_holder_name] + + transaction.save! + transaction.autobind_invoice + end + + private + + def base_params + { + api_username: USER, + account_id: ACCOUNT_ID, + timestamp: Time.now.to_i.to_s, + callback_url: response_url, + customer_url: return_url, + amount: number_with_precision(invoice.total, precision: 2), + order_reference: SecureRandom.hex(15), + transaction_type: 'charge', + hmac_fields: '' + }.with_indifferent_access + end + + def valid_hmac? + hmac_fields = response[:hmac_fields].split(',') + hmac_hash = {} + hmac_fields.map do |field| + symbol = field.to_sym + hmac_hash[symbol] = response[symbol] + end + + hmac_string = hmac_hash.map { |key, _v| "#{key}=#{hmac_hash[key]}" }.join('&') + expected_hmac = OpenSSL::HMAC.hexdigest('sha1', KEY, hmac_string) + expected_hmac == response[:hmac] + end + + def valid_amount? + invoice.total == BigDecimal.new(response[:amount]) + end + + def valid_account? + response[:account_id] == ACCOUNT_ID + end + end +end diff --git a/app/models/tech_domain_contact.rb b/app/models/tech_domain_contact.rb index 68ae35dde..04f36c4e4 100644 --- a/app/models/tech_domain_contact.rb +++ b/app/models/tech_domain_contact.rb @@ -1,2 +1,23 @@ class TechDomainContact < DomainContact + # Audit log is needed, therefore no raw SQL + def self.replace(current_contact, new_contact) + affected_domains = [] + skipped_domains = [] + tech_contacts = where(contact: current_contact) + + transaction do + tech_contacts.each do |tech_contact| + if tech_contact.domain.discarded? + skipped_domains << tech_contact.domain.name + next + end + + tech_contact.contact = new_contact + tech_contact.save! + affected_domains << tech_contact.domain.name + end + end + + return affected_domains.sort, skipped_domains.sort + end end diff --git a/app/views/admin/base/_flash_messages.html.erb b/app/views/application/_flash_messages.html.erb similarity index 77% rename from app/views/admin/base/_flash_messages.html.erb rename to app/views/application/_flash_messages.html.erb index 4a10df304..9b31f0d3f 100644 --- a/app/views/admin/base/_flash_messages.html.erb +++ b/app/views/application/_flash_messages.html.erb @@ -1,7 +1,11 @@ <% if flash[:notice] %>
-

<%= flash[:notice] %>

+ <% if flash[:notice].respond_to?(:join) %> +

<%= flash[:notice].join('
').html_safe %>

+ <% else %> +

<%= flash[:notice] %>

+ <% end %>
<% end %> diff --git a/app/views/layouts/registrant/application.html.erb b/app/views/layouts/registrant/application.html.erb index da081b05a..f38f8fcea 100644 --- a/app/views/layouts/registrant/application.html.erb +++ b/app/views/layouts/registrant/application.html.erb @@ -20,7 +20,7 @@
- <%= render 'shared/flash' %> + <%= render 'flash_messages' %> <% if depp_controller? %> <%= render 'registrar/shared/epp_results' %> <% end %> diff --git a/app/views/layouts/registrar/sessions.haml b/app/views/layouts/registrar/sessions.haml deleted file mode 100644 index 49c71ab2c..000000000 --- a/app/views/layouts/registrar/sessions.haml +++ /dev/null @@ -1,45 +0,0 @@ -!!! 5 -%html{lang: I18n.locale.to_s} - %head - %meta{charset: "utf-8"}/ - %meta{content: "IE=edge", "http-equiv" => "X-UA-Compatible"}/ - %meta{content: "width=device-width, initial-scale=1", name: "viewport"}/ - - if content_for? :head_title - = yield :head_title - - else - %title= t(:registrar_head_title) - = csrf_meta_tags - = stylesheet_link_tag 'registrar-manifest', media: 'all' - = javascript_include_tag 'registrar-manifest' - = favicon_link_tag 'favicon.ico' - %body - %nav.navbar.navbar-default.navbar-fixed-top - .container - .navbar-header - %button.navbar-toggle.collapsed{"aria-controls" => "navbar", "aria-expanded" => "false", "data-target" => "#navbar", "data-toggle" => "collapse", :type => "button"} - %span.sr-only Toggle navigation - %span.icon-bar - %span.icon-bar - %span.icon-bar - = link_to registrar_root_path, class: 'navbar-brand', id: 'registrar-home-btn' do - = t(:registrar_head_title) - - if unstable_env.present? - .text-center - %small{style: 'color: #0074B3;'}= unstable_env - - if current_user - = render 'navbar' - - .container - = render 'shared/flash' - - if depp_controller? - = render 'registrar/shared/epp_results' - = yield - - %footer.footer - .container - .row - .col-md-6 - = image_tag 'eis-logo-et.png' - .col-md-6.text-right - Version - = CURRENT_COMMIT_HASH diff --git a/app/views/layouts/registrar/sessions.html.erb b/app/views/layouts/registrar/sessions.html.erb new file mode 100644 index 000000000..904388155 --- /dev/null +++ b/app/views/layouts/registrar/sessions.html.erb @@ -0,0 +1,54 @@ + + + + + <% if content_for? :head_title %> + <%= yield :head_title %> + <% else %> + + <%= t(:registrar_head_title) %> + + <% end %> + <%= csrf_meta_tags %> + <%= stylesheet_link_tag 'registrar-manifest', media: 'all' %> + <%= javascript_include_tag 'registrar-manifest' %> + + + + +
+ <%= render 'flash_messages' %> + <%= yield %> +
+ + + + \ No newline at end of file diff --git a/app/views/registrar/bulk_change/_bulk_transfer_form.html.erb b/app/views/registrar/bulk_change/_bulk_transfer_form.html.erb new file mode 100644 index 000000000..0a953845b --- /dev/null +++ b/app/views/registrar/bulk_change/_bulk_transfer_form.html.erb @@ -0,0 +1,34 @@ +<%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %> + <%= render 'registrar/domain_transfers/form/api_errors' %> + +
+
+ <%= label_tag :batch_file %> +
+
+ <%= file_field_tag :batch_file, required: true %> + <%= t '.file_field_hint' %> +
+
+ +
+
+ +
+
+ +
+
+ <%= t '.help_btn' %> + +
+
+ <%= t '.help' %> +
+
+
+
+<% end %> diff --git a/app/views/registrar/registrar_nameservers/_form.html.erb b/app/views/registrar/bulk_change/_nameserver_form.html.erb similarity index 61% rename from app/views/registrar/registrar_nameservers/_form.html.erb rename to app/views/registrar/bulk_change/_nameserver_form.html.erb index 3aca3e0e1..e3f4a0214 100644 --- a/app/views/registrar/registrar_nameservers/_form.html.erb +++ b/app/views/registrar/bulk_change/_nameserver_form.html.erb @@ -1,12 +1,13 @@ -<%= form_tag registrar_update_registrar_nameserver_path, method: :put, class: 'form-horizontal' do %> +<%= form_tag registrar_nameservers_path, method: :patch, class: 'form-horizontal' do %> + <%= render 'registrar/domain_transfers/form/api_errors' %> +
<%= label_tag :old_hostname %>
-
- <%= text_field_tag :old_hostname, params[:old_hostname], autofocus: true, - required: true, +
+ <%= text_field_tag :old_hostname, params[:old_hostname], required: true, class: 'form-control' %>
@@ -16,7 +17,7 @@ <%= label_tag :new_hostname %>
-
+
<%= text_field_tag :new_hostname, params[:new_hostname], required: true, class: 'form-control' %>
@@ -27,7 +28,7 @@ <%= label_tag :ipv4 %>
-
+
<%= text_area_tag :ipv4, params[:ipv4], class: 'form-control' %>
@@ -37,17 +38,30 @@ <%= label_tag :ipv6 %>
-
+
<%= text_area_tag :ipv6, params[:ipv6], class: 'form-control' %> <%= t '.ip_hint' %>
-
+
+ +
+
+ <%= t '.help_btn' %> + +
+
+ <%= t '.help' %> +
+
+
+
<% end %> diff --git a/app/views/registrar/bulk_change/_tech_contact_form.html.erb b/app/views/registrar/bulk_change/_tech_contact_form.html.erb new file mode 100644 index 000000000..dc0693599 --- /dev/null +++ b/app/views/registrar/bulk_change/_tech_contact_form.html.erb @@ -0,0 +1,60 @@ +<%= form_tag registrar_tech_contacts_path, method: :patch, class: 'form-horizontal' do %> + <% if @error %> +
+ <%= @error[:message] %> +
+ <% end %> + +
+
+ <%= label_tag :current_contact_id, t('.current_contact_id') %> +
+ +
+ <%= text_field_tag :current_contact_id, params[:current_contact_id], + list: :contacts, + required: true, + autofocus: true, + class: 'form-control' %> +
+
+ +
+
+ <%= label_tag :new_contact_id, t('.new_contact_id') %> +
+ +
+ <%= text_field_tag :new_contact_id, params[:new_contact_id], + list: :contacts, + required: true, + class: 'form-control' %> +
+
+ +
+
+ +
+
+ +
+
+ <%= t '.help_btn' %> +
+
+ <%= t '.help' %> +
+
+
+
+<% end %> + + + <% available_contacts.each do |data| %> + + <% end %> + diff --git a/app/views/registrar/bulk_change/new.html.erb b/app/views/registrar/bulk_change/new.html.erb new file mode 100644 index 000000000..da85899ff --- /dev/null +++ b/app/views/registrar/bulk_change/new.html.erb @@ -0,0 +1,37 @@ +
    +
  1. <%= link_to t('registrar.domains.index.header'), registrar_domains_path %>
    2. +
+ +
+

<%= t '.header' %>

+
+ + + + +
+
+ <%= render 'tech_contact_form', available_contacts: available_contacts %> +
+ +
+ <%= render 'nameserver_form' %> +
+ +
+ <%= render 'bulk_transfer_form' %> +
+
diff --git a/app/views/registrar/domain_transfers/form/_single.html.erb b/app/views/registrar/domain_transfers/_form.html.erb similarity index 92% rename from app/views/registrar/domain_transfers/form/_single.html.erb rename to app/views/registrar/domain_transfers/_form.html.erb index 8a9488580..52dcca468 100644 --- a/app/views/registrar/domain_transfers/form/_single.html.erb +++ b/app/views/registrar/domain_transfers/_form.html.erb @@ -1,4 +1,6 @@ <%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %> + <%= render 'registrar/domain_transfers/form/api_errors' %> +
<%= label_tag :domain_name, nil, class: 'required' %> @@ -30,7 +32,7 @@
diff --git a/app/views/registrar/domain_transfers/form/_batch.html.erb b/app/views/registrar/domain_transfers/form/_batch.html.erb deleted file mode 100644 index 6effa8a86..000000000 --- a/app/views/registrar/domain_transfers/form/_batch.html.erb +++ /dev/null @@ -1,19 +0,0 @@ -<%= form_tag registrar_domain_transfers_path, multipart: true, class: 'form-horizontal' do %> -
-
- <%= label_tag :batch_file %> -
-
- <%= file_field_tag :batch_file, required: true %> - <%= t '.batch_file_help' %> -
-
- -
-
- -
-
-<% end %> diff --git a/app/views/registrar/domain_transfers/new.html.erb b/app/views/registrar/domain_transfers/new.html.erb index 8ba658023..52dd3f900 100644 --- a/app/views/registrar/domain_transfers/new.html.erb +++ b/app/views/registrar/domain_transfers/new.html.erb @@ -6,24 +6,6 @@
- - -
-
- <%= render 'registrar/domain_transfers/form/single' %> -
- -
- <%= render 'registrar/domain_transfers/form/batch' %> -
-
+ <%= render 'form' %>
diff --git a/app/views/registrar/domains/index.html.erb b/app/views/registrar/domains/index.html.erb index 319f0d04f..cbc048697 100644 --- a/app/views/registrar/domains/index.html.erb +++ b/app/views/registrar/domains/index.html.erb @@ -1,13 +1,13 @@
-
+

<%= t '.header' %>

-
+
<%= link_to t('.new_btn'), new_registrar_domain_path, class: 'btn btn-primary' %> <%= link_to t('.transfer_btn'), new_registrar_domain_transfer_path, class: 'btn btn-default' %> - <%= link_to t('.replace_nameserver_btn'), registrar_edit_registrar_nameserver_path, + <%= link_to t('.bulk_change_btn'), new_registrar_bulk_change_path, class: 'btn btn-default' %>
@@ -24,22 +24,22 @@
- - - - - - + + + + + + - <%= render @domains %> + <%= render @domains %>
- <%= sort_link(@q, 'name') %> - - <%= sort_link @q, 'registrant_name', Registrant.model_name.human %> - - <%= sort_link @q, 'valid_to', Domain.human_attribute_name(:expire_time) %> -
+ <%= sort_link(@q, 'name') %> + + <%= sort_link @q, 'registrant_name', Registrant.model_name.human %> + + <%= sort_link @q, 'valid_to', Domain.human_attribute_name(:expire_time) %> +
diff --git a/app/views/registrar/invoices/partials/_banklinks.haml b/app/views/registrar/invoices/partials/_banklinks.haml index 133a8d9c0..84f6e1399 100644 --- a/app/views/registrar/invoices/partials/_banklinks.haml +++ b/app/views/registrar/invoices/partials/_banklinks.haml @@ -1,6 +1,7 @@ -%h4= t(:pay_by_bank_link) +%h4= t('registrar.invoices.pay_invoice') %hr -- ENV['payments_banks'].split(",").each do |meth| + +- locals[:payment_channels].each do |meth| - meth = meth.strip = link_to registrar_payment_with_path(meth, invoice_id: params[:id]) do = image_tag("#{meth}.png") diff --git a/app/views/registrar/invoices/show.haml b/app/views/registrar/invoices/show.haml index ed0c4d1d2..c2c5331c2 100644 --- a/app/views/registrar/invoices/show.haml +++ b/app/views/registrar/invoices/show.haml @@ -17,4 +17,4 @@ - if !@invoice.cancelled? && !@invoice.binded? .row.semifooter - .col-md-12.text-right= render 'registrar/invoices/partials/banklinks' + .col-md-6-offset-6.text-right= render 'registrar/invoices/partials/banklinks', locals: { payment_channels: PaymentOrders::PAYMENT_METHODS } diff --git a/app/views/registrar/payments/pay.html.haml b/app/views/registrar/payments/pay.html.haml index c0fd8b6ad..8e759f9ea 100644 --- a/app/views/registrar/payments/pay.html.haml +++ b/app/views/registrar/payments/pay.html.haml @@ -1,11 +1,14 @@ +.h3 + = t('registrar.invoices.redirected_to_intermediary') + .payment-form - = form_tag @bank_link.url, method: :post do - - @bank_link.fields.each do |k, v| + = form_tag @payment.form_url, method: :post do + - @payment.form_fields.each do |k, v| = hidden_field_tag k, v - = submit_tag "Mine maksma" + = submit_tag t('registrar.invoices.go_to_intermediary') - -:coffeescript - load_listener = -> - $('.payment-form form').submit() - window.addEventListener 'load', load_listener +:javascript + function load_listener() { + $('.payment-form form').submit(); + } + window.addEventListener('load', load_listener) diff --git a/app/views/registrar/registrar_nameservers/edit.html.erb b/app/views/registrar/registrar_nameservers/edit.html.erb deleted file mode 100644 index 0903f1556..000000000 --- a/app/views/registrar/registrar_nameservers/edit.html.erb +++ /dev/null @@ -1,11 +0,0 @@ -
    -
  1. <%= link_to t('registrar.domains.index.header'), registrar_domains_path %>
    2. -
- -
-

<%= t '.header' %>

-
- -<%= render 'registrar/domain_transfers/form/api_errors' %> - -<%= render 'form' %> diff --git a/config/application-example.yml b/config/application-example.yml index bf846f23b..7785aafb5 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -106,10 +106,13 @@ sk_digi_doc_service_name: 'Testimine' secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret' devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret' +# You should list only payment methods that +# conform with the Estonian BankLink standard payments_banks: > seb, swed, lhv + payments_seb_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r' payments_seb_bank_certificate: 'eyp_pub.pem' payments_seb_seller_private: 'kaupmees_priv.pem' @@ -123,6 +126,26 @@ payments_lhv_bank_certificate: 'eyp_pub.pem' payments_lhv_seller_private: 'kaupmees_priv.pem' payments_lhv_seller_account: 'testvpos' +# You should list other payment intermediaries here. Each one of them needs their own class in /app/models/payments/ +payments_intermediaries: > + every_pay + +# Other intermediaries should follow this naming convention: +# payments_intermediary_url - URL to intiate payments +# payments_intermediary_seller_account - your username in the bank system +# payments_intermediary_api_user - API username, in case it's different than the seller account +# payments_intermediary_api_key - API key given to you by intermediary +payments_every_pay_url: 'https://igw-demo.every-pay.com/transactions/' +payments_every_pay_seller_account: 'EUR3D1' +payments_every_pay_api_user: 'api_user' +payments_every_pay_api_key: 'api_key' + user_session_timeout: '3600' # 1 hour secure_session_cookies: 'false' # true|false same_site_session_cookies: 'false' # false|strict|lax + + +# Since the keys for staging are absent from the repo, we need to supply them separate for testing. +test: + payments_seb_bank_certificate: 'test/fixtures/files/seb_bank_cert.pem' + payments_seb_seller_private: 'test/fixtures/files/seb_seller_key.pem' diff --git a/config/locales/en.yml b/config/locales/en.yml index 7ac84379f..2afbb45a5 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -541,7 +541,6 @@ en: your_current_account_balance_is: 'Your current account balance is %{balance} %{currency}' billing: 'Billing' your_account: 'Your account' - pay_by_bank_link: 'Pay by bank link' issue_date: 'Issue date' due_date: 'Due date' payment_term: 'Payment term' diff --git a/config/locales/registrar/bulk_change.en.yml b/config/locales/registrar/bulk_change.en.yml new file mode 100644 index 000000000..7c1f11da9 --- /dev/null +++ b/config/locales/registrar/bulk_change.en.yml @@ -0,0 +1,31 @@ +en: + registrar: + bulk_change: + new: + header: Bulk change + technical_contact: Technical contact + nameserver: Nameserver + bulk_transfer: Bulk transfer + + tech_contact_form: + current_contact_id: Current contact ID + new_contact_id: New contact ID + submit_btn: Replace technical contacts + help_btn: Toggle help + help: >- + Replace technical contact specified in "current contact ID" with the one in "new + contact ID" on any domain registered under this registrar + + nameserver_form: + ip_hint: One IP per line + replace_btn: Replace nameserver + help_btn: Toggle help + help: >- + Replace nameserver specified in the "old hostname" with the one in "new hostname" with + optional IPv4 and IPv6 addresses on any domain registered under this registrar + + bulk_transfer_form: + file_field_hint: CSV file with domain list provided by another registrar + submit_btn: Transfer + help_btn: Toggle help + help: Transfer domains in the csv file with correct transfer code to this registrar diff --git a/config/locales/registrar/domain_transfers.en.yml b/config/locales/registrar/domain_transfers.en.yml index d162110ce..c146a5fd1 100644 --- a/config/locales/registrar/domain_transfers.en.yml +++ b/config/locales/registrar/domain_transfers.en.yml @@ -3,17 +3,10 @@ en: domain_transfers: new: header: Domain transfer - single: One by one - batch: Batch create: header: Domain transfer transferred: "%{count} domains have been successfully transferred" form: - single: - transfer_btn: Transfer - - batch: - batch_file_help: CSV file with domain list provided by another registrar - transfer_btn: Transfer batch + submit_btn: Transfer diff --git a/config/locales/registrar/domains.en.yml b/config/locales/registrar/domains.en.yml index ddd30676d..31380074f 100644 --- a/config/locales/registrar/domains.en.yml +++ b/config/locales/registrar/domains.en.yml @@ -5,7 +5,7 @@ en: header: Domains new_btn: New domain transfer_btn: Transfer - replace_nameserver_btn: Replace nameserver + bulk_change_btn: Bulk change csv: domain_name: Domain transfer_code: Transfer code diff --git a/config/locales/registrar/invoices.en.yml b/config/locales/registrar/invoices.en.yml index 1e8ecaafc..8415c3d61 100644 --- a/config/locales/registrar/invoices.en.yml +++ b/config/locales/registrar/invoices.en.yml @@ -1,5 +1,11 @@ en: registrar: invoices: + pay_invoice: 'Pay invoice' + redirected_to_intermediary: 'Click the button below to redirect to payment intermediary' + to_card_payment: Open card payment + go_to_intermediary: 'Go to intermediary' + pay_by_credit_card: Pay by credit card + payment_complete: Credit Card payment Complete index: reset_btn: Reset diff --git a/config/locales/registrar/nameservers.en.yml b/config/locales/registrar/nameservers.en.yml new file mode 100644 index 000000000..fbe4c387e --- /dev/null +++ b/config/locales/registrar/nameservers.en.yml @@ -0,0 +1,5 @@ +en: + registrar: + nameservers: + update: + replaced: Nameserver have been successfully replaced diff --git a/config/locales/registrar/registrar_nameservers.en.yml b/config/locales/registrar/registrar_nameservers.en.yml deleted file mode 100644 index b9e7cb2fa..000000000 --- a/config/locales/registrar/registrar_nameservers.en.yml +++ /dev/null @@ -1,13 +0,0 @@ -en: - registrar: - registrar_nameservers: - edit: - header: Replace nameserver - replace_btn: Replace - - form: - ip_hint: One IP per line - replace_btn: Replace nameserver - - update: - replaced: Nameserver have been successfully replaced diff --git a/config/locales/registrar/tech_contacts.en.yml b/config/locales/registrar/tech_contacts.en.yml new file mode 100644 index 000000000..bf57f0cc7 --- /dev/null +++ b/config/locales/registrar/tech_contacts.en.yml @@ -0,0 +1,7 @@ +en: + registrar: + tech_contacts: + update: + replaced: Technical contacts have been successfully replaced. + affected_domains: Affected domains + skipped_domains: Skipped domains diff --git a/config/routes.rb b/config/routes.rb index 5ef26a195..b06598cdc 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -62,9 +62,9 @@ Rails.application.routes.draw do end end resources :domain_transfers, only: %i[new create] - get 'registrar/nameservers', to: 'registrar_nameservers#edit', as: :edit_registrar_nameserver - put 'registrar/nameservers', to: 'registrar_nameservers#update', as: :update_registrar_nameserver - + resource :bulk_change, controller: :bulk_change, only: :new + resource :tech_contacts, only: :update + resource :nameservers, only: :update resources :contacts, constraints: {:id => /[^\/]+(?=#{ ActionController::Renderers::RENDERERS.map{|e| "\\.#{e}\\z"}.join("|") })|[^\/]+/} do member do get 'delete' @@ -91,10 +91,11 @@ Rails.application.routes.draw do end end - - get 'pay/return/:bank' => 'payments#back', as: 'return_payment_with' - post 'pay/return/:bank' => 'payments#back' - get 'pay/go/:bank' => 'payments#pay', as: 'payment_with' + get 'pay/return/:bank' => 'payments#back', as: 'return_payment_with' + post 'pay/return/:bank' => 'payments#back' + put 'pay/return/:bank' => 'payments#back' + post 'pay/callback/:bank' => 'payments#callback', as: 'response_payment_with' + get 'pay/go/:bank' => 'payments#pay', as: 'payment_with' end namespace :registrant do diff --git a/doc/repp/v1/domain_contacts.md b/doc/repp/v1/domain_contacts.md new file mode 100644 index 000000000..b412e9f73 --- /dev/null +++ b/doc/repp/v1/domain_contacts.md @@ -0,0 +1,19 @@ +# Domain contacts + +## PATCH https://repp.internet.ee/v1/domains/contacts +Replaces all domain contacts of the current registrar. + +### Example request +``` +$ curl https://repp.internet.ee/v1/domains/contacts \ + -X PATCH \ + -u username:password \ + -d current_contact_id=foo \ + -d new_contact_id=bar +``` +### Example response +``` +{ + "affected_domains": ["example.com", "example.org"] +} +``` diff --git a/spec/factories/registrar.rb b/spec/factories/registrar.rb index ab46553a0..3b2a3e730 100644 --- a/spec/factories/registrar.rb +++ b/spec/factories/registrar.rb @@ -8,7 +8,7 @@ FactoryBot.define do state 'test' zip 'test' email 'test@test.com' - country_code 'EE' + country_code 'US' accounting_customer_code 'test' factory :registrar_with_unlimited_balance do diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index f4dcd9cb3..6dded4f13 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -20,6 +20,7 @@ require 'support/paper_trail' require 'support/settings' ActiveRecord::Migration.maintain_test_schema! +Setting.registry_country_code = 'US' RSpec.configure do |config| config.include ActionView::TestCase::Behavior, type: :presenter diff --git a/test/fixtures/bank_transactions.yml b/test/fixtures/bank_transactions.yml index b0b4d661c..290be1597 100644 --- a/test/fixtures/bank_transactions.yml +++ b/test/fixtures/bank_transactions.yml @@ -1,3 +1,8 @@ one: sum: 1 currency: EUR + +for_payments_test: + description: "Order nr. 1" + currency: "EUR" + iban: "1234" diff --git a/test/fixtures/contacts.yml b/test/fixtures/contacts.yml index 50befdcf8..b64dce039 100644 --- a/test/fixtures/contacts.yml +++ b/test/fixtures/contacts.yml @@ -76,7 +76,7 @@ not_in_use: invalid: name: any - code: any + code: invalid email: invalid@invalid.test auth_info: any registrar: bestnames diff --git a/test/fixtures/domain_contacts.yml b/test/fixtures/domain_contacts.yml index 3442278a1..43d082e31 100644 --- a/test/fixtures/domain_contacts.yml +++ b/test/fixtures/domain_contacts.yml @@ -8,11 +8,26 @@ shop_william: contact: william type: TechDomainContact +shop_acme_ltd: + domain: shop + contact: acme_ltd + type: TechDomainContact + airport_john: domain: airport contact: john type: AdminDomainContact +airport_william_admin: + domain: airport + contact: william + type: AdminDomainContact + +airport_william_tech: + domain: airport + contact: william + type: TechDomainContact + library_john: domain: library contact: john diff --git a/test/fixtures/files/seb_bank_cert.pem b/test/fixtures/files/seb_bank_cert.pem new file mode 100644 index 000000000..a98508d36 --- /dev/null +++ b/test/fixtures/files/seb_bank_cert.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICVTCCAb4CCQCdHk6fGGIg9DANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJF +RTERMA8GA1UECAwISGFyanVtYWExEDAOBgNVBAcMB1RhbGxpbm4xJTAjBgNVBAoM +HEVzdG9uaWFuIEludGVybmV0IEZvdW5kYXRpb24xFDASBgNVBAMMC2ludGVybmV0 +LmVlMB4XDTE4MDQyMTEyNDEyMloXDTE4MDUyMTEyNDEyMlowbzELMAkGA1UEBhMC +RUUxETAPBgNVBAgMCEhhcmp1bWFhMRAwDgYDVQQHDAdUYWxsaW5uMSUwIwYDVQQK +DBxFc3RvbmlhbiBJbnRlcm5ldCBGb3VuZGF0aW9uMRQwEgYDVQQDDAtpbnRlcm5l +dC5lZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QPTaFdN+03vC63vgcSd +OsURjrt/eslJkPXr53VgkcFoD2AI+z1AoUbOMJ/FfXb+iY4o70we3YeRP8SeaDFn +pjOlSmS+DTsh5s3DCahbdbFzvyBDD5A4yKRaVRSCWFEjC684Uvg9Pf/ifP6GxHN6 +uVFg9/YhkS9XwfE0deJhxUUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCKC6bL+4Eu ++Dz+RQEZ9IEerZSKnnV2mygN9usddg46BnMqceWCA19Ei71C2UQsVD2e+7XkLjrl +0IDGciQqAjOUp4KKG+jQbtlcP0BBvP6CnirwqFfeV0XLWKapLetDjtdlmACAtHXj +8U0YFVbj5GGPJWAfAPnzpsiTxnQIinXNZw== +-----END CERTIFICATE----- diff --git a/test/fixtures/files/seb_seller_key.pem b/test/fixtures/files/seb_seller_key.pem new file mode 100644 index 000000000..be1febf79 --- /dev/null +++ b/test/fixtures/files/seb_seller_key.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOED02hXTftN7wut +74HEnTrFEY67f3rJSZD16+d1YJHBaA9gCPs9QKFGzjCfxX12/omOKO9MHt2HkT/E +nmgxZ6YzpUpkvg07IebNwwmoW3Wxc78gQw+QOMikWlUUglhRIwuvOFL4PT3/4nz+ +hsRzerlRYPf2IZEvV8HxNHXiYcVFAgMBAAECgYEAxLXAgm4YaUK3YOF9CVgmD/Oq +Jrp5dpEzs/uZcO4nLyUCYLaXA3SH5LXumYmDb+ywFvbliFVmgkn6y+GKjhHqxjhx +KtyK3w1vGVkk6RyA076vgnOEp3un7j9XXM5U93Osk25Ezzb4pqslU7nDPb1OGg2A +q4UG+zHyj9UkI2S1V10CQQD39JtA3eiSlJ4jtr7QP3/KFV3O7Sku5TTmc6aMUhja +9qZCUMaK/67aMFjl62E9vdNBb1gGg28dBo/zV0uZAdsrAkEA6FCvyzaMOOzWqz6N +/uzeU7NTW9cHNQRx1d7e3vjWhYxvvknNrFim3sH+tbTock5MeNr4d4yCYFM72Zc5 +wH/pTwJBAIrD7OMnjZIC9GGeUzluYBDzVjWJCmRBSBK0pH+hLmHUaYVxeTuvDebz +6bx6t0f7ZTAYpRW4FsYStxsDPr6ZiFMCQFh7SslKSFPyGLz2QVzj2LXmagxjtLID +tFux3A7ulb4dw/2k3HoU9dGH77xDX/kRS10IgXP/BzUq3nO8flmMHk8CQQCCnqcJ +CEA+kqwPvgQ8YdeJOBFEc4spQ+OFbLUAtMt8+9YfeWtHyUlyNhtGXmwN8kGAHcPz +qtfPVIDR4dU0uvCw +-----END PRIVATE KEY----- diff --git a/test/fixtures/invoices.yml b/test/fixtures/invoices.yml index c395da425..71189f6b6 100644 --- a/test/fixtures/invoices.yml +++ b/test/fixtures/invoices.yml @@ -31,3 +31,9 @@ outstanding: overdue: <<: *DEFAULTS due_date: <%= Date.parse '2010-07-03' %> + +for_payments_test: + <<: *DEFAULTS + total: 12.00 + id: 1 + number: 1 diff --git a/test/fixtures/nameservers.yml b/test/fixtures/nameservers.yml index 8c3c021d6..344f7894d 100644 --- a/test/fixtures/nameservers.yml +++ b/test/fixtures/nameservers.yml @@ -18,6 +18,10 @@ airport_ns1: hostname: ns1.bestnames.test domain: airport +airport_ns2: + hostname: ns2.bestnames.test + domain: airport + metro_ns1: hostname: ns1.bestnames.test domain: metro diff --git a/test/integration/api/domain_contacts_test.rb b/test/integration/api/domain_contacts_test.rb new file mode 100644 index 000000000..a6d6376f7 --- /dev/null +++ b/test/integration/api/domain_contacts_test.rb @@ -0,0 +1,124 @@ +require 'test_helper' + +class APIDomainContactsTest < ActionDispatch::IntegrationTest + def test_replace_all_tech_contacts_of_the_current_registrar + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_nil domains(:shop).tech_contacts.find_by(code: 'william-001') + assert domains(:shop).tech_contacts.find_by(code: 'john-001') + assert domains(:airport).tech_contacts.find_by(code: 'john-001') + end + + def test_skip_discarded_domains + domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE]) + + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert domains(:airport).tech_contacts.find_by(code: 'william-001') + end + + def test_return_affected_domains_in_alphabetical_order + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :ok + assert_equal ({ affected_domains: %w[airport.test shop.test], + skipped_domains: [] }), + JSON.parse(response.body, symbolize_names: true) + end + + def test_return_skipped_domains_in_alphabetical_order + domains(:shop).update!(statuses: [DomainStatus::DELETE_CANDIDATE]) + domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE]) + + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :ok + assert_equal %w[airport.test shop.test], JSON.parse(response.body, + symbolize_names: true)[:skipped_domains] + end + + def test_keep_other_tech_contacts_intact + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert domains(:shop).tech_contacts.find_by(code: 'acme-ltd-001') + end + + def test_keep_admin_contacts_intact + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert domains(:airport).admin_contacts.find_by(code: 'william-001') + end + + def test_restrict_contacts_to_the_current_registrar + patch '/repp/v1/domains/contacts', { current_contact_id: 'jack-001', + new_contact_id: 'william-002' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + param: 'current_contact_id', + message: 'No such contact: jack-001' } }), + JSON.parse(response.body, symbolize_names: true) + end + + def test_non_existent_current_contact + patch '/repp/v1/domains/contacts', { current_contact_id: 'non-existent', + new_contact_id: 'john-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + param: 'current_contact_id', + message: 'No such contact: non-existent' } }), + JSON.parse(response.body, symbolize_names: true) + end + + def test_non_existent_new_contact + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'non-existent' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: 'No such contact: non-existent' } }), + JSON.parse(response.body, symbolize_names: true) + end + + def test_disallow_invalid_new_contact + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'invalid' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + param: 'new_contact_id', + message: 'New contact must be valid' } }), + JSON.parse(response.body, symbolize_names: true) + end + + def test_disallow_self_replacement + patch '/repp/v1/domains/contacts', { current_contact_id: 'william-001', + new_contact_id: 'william-001' }, + { 'HTTP_AUTHORIZATION' => http_auth_key } + assert_response :bad_request + assert_equal ({ error: { type: 'invalid_request_error', + message: 'New contact ID must be different from current contact ID' } }), + JSON.parse(response.body, symbolize_names: true) + end + + private + + def http_auth_key + ActionController::HttpAuthentication::Basic.encode_credentials('test_bestnames', 'testtest') + end +end diff --git a/test/integration/api/domain_transfers_test.rb b/test/integration/api/domain_transfers_test.rb index 04301e3e3..4b65b35de 100644 --- a/test/integration/api/domain_transfers_test.rb +++ b/test/integration/api/domain_transfers_test.rb @@ -53,7 +53,7 @@ class APIDomainTransfersTest < ActionDispatch::IntegrationTest end def test_duplicates_registrant_admin_and_tech_contacts - assert_difference -> { @new_registrar.contacts.size }, 2 do + assert_difference -> { @new_registrar.contacts.size }, 3 do post '/repp/v1/domain_transfers', request_params, { 'HTTP_AUTHORIZATION' => http_auth_key } end end diff --git a/test/integration/epp/domain/transfer/request_test.rb b/test/integration/epp/domain/transfer/request_test.rb index f3ea644fc..3e776331b 100644 --- a/test/integration/epp/domain/transfer/request_test.rb +++ b/test/integration/epp/domain/transfer/request_test.rb @@ -49,7 +49,7 @@ class EppDomainTransferRequestTest < ActionDispatch::IntegrationTest end def test_duplicates_registrant_admin_and_tech_contacts - assert_difference -> { @new_registrar.contacts.size }, 2 do + assert_difference -> { @new_registrar.contacts.size }, 3 do post '/epp/command/transfer', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=api_goodnames' } end end diff --git a/test/integration/registrar/billing/balance_top_up_test.rb b/test/integration/registrar/billing/balance_top_up_test.rb index c77c9ff37..15face70c 100644 --- a/test/integration/registrar/billing/balance_top_up_test.rb +++ b/test/integration/registrar/billing/balance_top_up_test.rb @@ -6,6 +6,7 @@ class BalanceTopUpTest < ActionDispatch::IntegrationTest end def test_creates_new_invoice + original_vat_prc = Setting.registry_vat_prc Setting.registry_vat_prc = 0.1 visit registrar_invoices_url @@ -21,5 +22,7 @@ class BalanceTopUpTest < ActionDispatch::IntegrationTest assert_equal BigDecimal(10), invoice.vat_rate assert_equal BigDecimal('28.05'), invoice.total assert_text 'Please pay the following invoice' + + Setting.registry_vat_prc = original_vat_prc end end diff --git a/test/integration/registrar/domain_transfers_test.rb b/test/integration/registrar/bulk_change/bulk_transfer_test.rb similarity index 80% rename from test/integration/registrar/domain_transfers_test.rb rename to test/integration/registrar/bulk_change/bulk_transfer_test.rb index 4cd6fc66c..5bfe7cc68 100644 --- a/test/integration/registrar/domain_transfers_test.rb +++ b/test/integration/registrar/bulk_change/bulk_transfer_test.rb @@ -1,12 +1,11 @@ require 'test_helper' -class RegistrarDomainTransfersTest < ActionDispatch::IntegrationTest +class RegistrarAreaBulkTransferTest < ActionDispatch::IntegrationTest setup do - WebMock.reset! login_as users(:api_goodnames) end - def test_batch_transfer_succeeds + def test_transfer_multiple_domains_in_bulk request_body = { data: { domainTransfers: [{ domainName: 'shop.test', transferCode: '65078d5' }] } } headers = { 'Content-type' => 'application/json' } request_stub = stub_request(:post, /domain_transfers/).with(body: request_body, @@ -17,28 +16,26 @@ class RegistrarDomainTransfersTest < ActionDispatch::IntegrationTest }] }.to_json, status: 200) visit registrar_domains_url - click_link 'Transfer' - - click_on 'Batch' + click_link 'Bulk change' + click_link 'Bulk transfer' attach_file 'Batch file', Rails.root.join('test', 'fixtures', 'files', 'valid_domains_for_transfer.csv').to_s - click_button 'Transfer batch' + click_button 'Transfer' assert_requested request_stub assert_current_path registrar_domains_path assert_text '1 domains have been successfully transferred' end - def test_batch_transfer_fails_gracefully + def test_fail_gracefully body = { errors: [{ title: 'epic fail' }] }.to_json headers = { 'Content-type' => 'application/json' } stub_request(:post, /domain_transfers/).to_return(status: 400, body: body, headers: headers) visit registrar_domains_url - click_link 'Transfer' - - click_on 'Batch' + click_link 'Bulk change' + click_link 'Bulk transfer' attach_file 'Batch file', Rails.root.join('test', 'fixtures', 'files', 'valid_domains_for_transfer.csv').to_s - click_button 'Transfer batch' + click_button 'Transfer' assert_text 'epic fail' end diff --git a/test/integration/registrar/nameserver_replacement_test.rb b/test/integration/registrar/bulk_change/nameserver_test.rb similarity index 92% rename from test/integration/registrar/nameserver_replacement_test.rb rename to test/integration/registrar/bulk_change/nameserver_test.rb index 8ed0f9419..fbbdee105 100644 --- a/test/integration/registrar/nameserver_replacement_test.rb +++ b/test/integration/registrar/bulk_change/nameserver_test.rb @@ -1,8 +1,7 @@ require 'test_helper' -class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest +class RegistrarAreaNameserverBulkChangeTest < ActionDispatch::IntegrationTest setup do - WebMock.reset! login_as users(:api_goodnames) end @@ -21,7 +20,8 @@ class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest }] }.to_json, status: 200) visit registrar_domains_url - click_link 'Replace nameserver' + click_link 'Bulk change' + click_link 'Nameserver' fill_in 'Old hostname', with: 'ns1.bestnames.test' fill_in 'New hostname', with: 'new-ns.bestnames.test' @@ -40,7 +40,8 @@ class RegistrarNameserverReplacementTest < ActionDispatch::IntegrationTest headers: { 'Content-type' => 'application/json' }) visit registrar_domains_url - click_link 'Replace nameserver' + click_link 'Bulk change' + click_link 'Nameserver' fill_in 'Old hostname', with: 'old hostname' fill_in 'New hostname', with: 'new hostname' diff --git a/test/integration/registrar/bulk_change/tech_contact_test.rb b/test/integration/registrar/bulk_change/tech_contact_test.rb new file mode 100644 index 000000000..993f166a0 --- /dev/null +++ b/test/integration/registrar/bulk_change/tech_contact_test.rb @@ -0,0 +1,47 @@ +require 'test_helper' + +class RegistrarAreaTechContactBulkChangeTest < ActionDispatch::IntegrationTest + setup do + login_as users(:api_bestnames) + end + + def test_replace_domain_contacts_of_current_registrar + request_stub = stub_request(:patch, /domains\/contacts/) + .with(body: { current_contact_id: 'william-001', new_contact_id: 'john-001' }, + basic_auth: ['test_bestnames', 'testtest']) + .to_return(body: { affected_domains: %w[foo.test bar.test], + skipped_domains: %w[baz.test qux.test] }.to_json, + status: 200) + + visit registrar_domains_url + click_link 'Bulk change' + + fill_in 'Current contact ID', with: 'william-001' + fill_in 'New contact ID', with: 'john-001' + click_on 'Replace technical contacts' + + assert_requested request_stub + assert_current_path registrar_domains_path + assert_text 'Technical contacts have been successfully replaced' + assert_text 'Affected domains: foo.test, bar.test' + assert_text 'Skipped domains: baz.test, qux.test' + end + + def test_fails_gracefully + stub_request(:patch, /domains\/contacts/) + .to_return(status: 400, + body: { error: { message: 'epic fail' } }.to_json, + headers: { 'Content-type' => 'application/json' }) + + visit registrar_domains_url + click_link 'Bulk change' + + fill_in 'Current contact ID', with: 'william-001' + fill_in 'New contact ID', with: 'john-001' + click_on 'Replace technical contacts' + + assert_text 'epic fail' + assert_field 'Current contact ID', with: 'william-001' + assert_field 'New contact ID', with: 'john-001' + end +end diff --git a/test/integration/registrar/domains_test.rb b/test/integration/registrar/domains_test.rb index 35411815f..e98212297 100644 --- a/test/integration/registrar/domains_test.rb +++ b/test/integration/registrar/domains_test.rb @@ -9,7 +9,7 @@ class RegistrarDomainsTest < ActionDispatch::IntegrationTest Domain,Transfer code,Registrant name,Registrant code,Date of expiry library.test,45118f5,Acme Ltd,acme-ltd-001,2010-07-05 shop.test,65078d5,John,john-001,2010-07-05 - invalid.test,1438d6,any,any,2010-07-05 + invalid.test,1438d6,any,invalid,2010-07-05 airport.test,55438j5,John,john-001,2010-07-05 CSV diff --git a/test/integration/registrar/invoices/list_test.rb b/test/integration/registrar/invoices/list_test.rb new file mode 100644 index 000000000..45e7d5f8b --- /dev/null +++ b/test/integration/registrar/invoices/list_test.rb @@ -0,0 +1,28 @@ +require 'test_helper' + +class ListInvoicesTest < ActionDispatch::IntegrationTest + def setup + super + + @user = users(:api_bestnames) + @registrar_invoices = @user.registrar.invoices + login_as @user + end + + def test_show_balance + visit registrar_invoices_path + assert_text "Your current account balance is 100,00 EUR" + end + + def test_show_multiple_invoices + @invoices = invoices + @registrar_invoices = [] + @invoices.each do |invoice| + @registrar_invoices << invoice + end + + visit registrar_invoices_path + assert_text "Unpaid", count: 5 + assert_text "Invoice no.", count: 7 + end +end diff --git a/test/integration/registrar/invoices/new_invoice_payment_test.rb b/test/integration/registrar/invoices/new_invoice_payment_test.rb new file mode 100644 index 000000000..995379edc --- /dev/null +++ b/test/integration/registrar/invoices/new_invoice_payment_test.rb @@ -0,0 +1,40 @@ +require 'test_helper' + +class NewInvoicePaymentTest < ActionDispatch::IntegrationTest + def setup + super + + @user = users(:api_bestnames) + login_as @user + end + + def create_invoice_and_visit_its_page + visit registrar_invoices_path + click_link_or_button 'Add deposit' + fill_in 'Amount', with: '200.00' + fill_in 'Description', with: 'My first invoice' + click_link_or_button 'Add' + end + + def test_create_new_SEB_payment + create_invoice_and_visit_its_page + click_link_or_button 'Seb' + form = page.find('form') + assert_equal('https://www.seb.ee/cgi-bin/dv.sh/ipank.r', form['action']) + assert_equal('post', form['method']) + assert_equal('240.00', form.find_by_id('VK_AMOUNT', visible: false).value) + end + + def test_create_new_Every_Pay_payment + create_invoice_and_visit_its_page + click_link_or_button 'Every pay' + expected_hmac_fields = 'account_id,amount,api_username,callback_url,' + + 'customer_url,hmac_fields,nonce,order_reference,timestamp,transaction_type' + + form = page.find('form') + assert_equal('https://igw-demo.every-pay.com/transactions/', form['action']) + assert_equal('post', form['method']) + assert_equal(expected_hmac_fields, form.find_by_id('hmac_fields', visible: false).value) + assert_equal('240.00', form.find_by_id('amount', visible: false).value) + end +end diff --git a/test/integration/registrar/invoices/new_test.rb b/test/integration/registrar/invoices/new_test.rb new file mode 100644 index 000000000..738e06d3c --- /dev/null +++ b/test/integration/registrar/invoices/new_test.rb @@ -0,0 +1,48 @@ +require 'test_helper' + +class NewInvoiceTest < ActionDispatch::IntegrationTest + def setup + super + + @user = users(:api_bestnames) + login_as @user + end + + def test_show_balance + visit registrar_invoices_path + assert_text "Your current account balance is 100,00 EUR" + end + + def test_create_new_invoice_with_positive_amount + visit registrar_invoices_path + click_link_or_button 'Add deposit' + fill_in 'Amount', with: '200.00' + fill_in 'Description', with: 'My first invoice' + + assert_difference 'Invoice.count', 1 do + click_link_or_button 'Add' + end + + assert_text 'Please pay the following invoice' + assert_text 'Invoice no. 131050' + assert_text 'Subtotal 200,00 €' + assert_text 'Pay invoice' + end + + # This test case should fail once issue #651 gets fixed + def test_create_new_invoice_with_amount_0_goes_through + visit registrar_invoices_path + click_link_or_button 'Add deposit' + fill_in 'Amount', with: '0.00' + fill_in 'Description', with: 'My first invoice' + + assert_difference 'Invoice.count', 1 do + click_link_or_button 'Add' + end + + assert_text 'Please pay the following invoice' + assert_text 'Invoice no. 131050' + assert_text 'Subtotal 0,00 €' + assert_text 'Pay invoice' + end +end diff --git a/test/integration/registrar/invoices/payment_callback_test.rb b/test/integration/registrar/invoices/payment_callback_test.rb new file mode 100644 index 000000000..9e8996214 --- /dev/null +++ b/test/integration/registrar/invoices/payment_callback_test.rb @@ -0,0 +1,49 @@ +require 'test_helper' + +class PaymentCallbackTest < ActionDispatch::IntegrationTest + def setup + super + + @user = users(:api_bestnames) + login_as @user + end + + def create_invoice_with_items + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + @user.registrar.invoices << @invoice + end + + def every_pay_request_params + { + nonce: "392f2d7748bc8cb0d14f263ebb7b8932", + timestamp: "1524136727", + api_username: "ca8d6336dd750ddb", + transaction_result: "completed", + payment_reference: "fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56", + payment_state: "settled", + amount: "12.00", + order_reference: "e468a2d59a731ccc546f2165c3b1a6", + account_id: "EUR3D1", + cc_type: "master_card", + cc_last_four_digits: "0487", + cc_month: "10", + cc_year: "2018", + cc_holder_name: "John Doe", + hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result", + hmac: "efac1c732835668cd86023a7abc140506c692f0d", + invoice_id: "12900000", + payment_method: "every_pay" + } + end + + def test_every_pay_callback_returns_status_200 + create_invoice_with_items + request_params = every_pay_request_params.merge(invoice_id: @invoice.id) + post "/registrar/pay/callback/every_pay", request_params + assert_equal(200, response.status) + end +end diff --git a/test/integration/registrar/invoices/payment_return_test.rb b/test/integration/registrar/invoices/payment_return_test.rb new file mode 100644 index 000000000..4524dc1ef --- /dev/null +++ b/test/integration/registrar/invoices/payment_return_test.rb @@ -0,0 +1,100 @@ +require 'test_helper' + +class PaymentReturnTest < ActionDispatch::IntegrationTest + def setup + super + + @user = users(:api_bestnames) + login_as @user + end + + def create_invoice_with_items + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + @user.registrar.invoices << @invoice + end + + def every_pay_request_params + { + nonce: "392f2d7748bc8cb0d14f263ebb7b8932", + timestamp: "1524136727", + api_username: "ca8d6336dd750ddb", + transaction_result: "completed", + payment_reference: "fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56", + payment_state: "settled", + amount: "12.00", + order_reference: "e468a2d59a731ccc546f2165c3b1a6", + account_id: "EUR3D1", + cc_type: "master_card", + cc_last_four_digits: "0487", + cc_month: "10", + cc_year: "2018", + cc_holder_name: "John Doe", + hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result", + hmac: "efac1c732835668cd86023a7abc140506c692f0d", + invoice_id: "12900000", + payment_method: "every_pay" + } + end + + def bank_link_request_params + { + "VK_SERVICE": "1111", + "VK_VERSION": "008", + "VK_SND_ID": "testvpos", + "VK_REC_ID": "seb", + "VK_STAMP": 1, + "VK_T_NO": "1", + "VK_AMOUNT": "12.00", + "VK_CURR": "EUR", + "VK_REC_ACC": "1234", + "VK_REC_NAME": "Eesti Internet", + "VK_SND_ACC": "1234", + "VK_SND_NAME": "John Doe", + "VK_REF": "", + "VK_MSG": "Order nr 1", + "VK_T_DATETIME": "2018-04-01T00:30:00+0300", + "VK_MAC": "CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=", + "VK_ENCODING": "UTF-8", + "VK_LANG": "ENG", + payment_method: "seb" + } + end + + def test_every_pay_return_creates_activity_redirects_to_invoice_path + create_invoice_with_items + request_params = every_pay_request_params.merge(invoice_id: @invoice.id) + + post "/registrar/pay/return/every_pay", request_params + assert_equal(302, response.status) + assert_redirected_to(registrar_invoice_path(@invoice)) + end + + def test_Every_Pay_return_raises_RecordNotFound + create_invoice_with_items + request_params = every_pay_request_params.merge(invoice_id: "178907") + assert_raises(ActiveRecord::RecordNotFound) do + post "/registrar/pay/return/every_pay", request_params + end + end + + def test_bank_link_return_redirects_to_invoice_paths + create_invoice_with_items + request_params = bank_link_request_params.merge(invoice_id: @invoice.id) + + post "/registrar/pay/return/seb", request_params + assert_equal(302, response.status) + assert_redirected_to(registrar_invoice_path(@invoice)) + end + + def test_bank_link_return + create_invoice_with_items + request_params = bank_link_request_params.merge(invoice_id: "178907") + assert_raises(ActiveRecord::RecordNotFound) do + post "/registrar/pay/return/seb", request_params + end + end +end diff --git a/test/models/domain_transfer_test.rb b/test/models/domain_transfer_test.rb index 9dde09fa7..8c7494571 100644 --- a/test/models/domain_transfer_test.rb +++ b/test/models/domain_transfer_test.rb @@ -20,7 +20,7 @@ class DomainTransferTest < ActiveSupport::TestCase body = 'Transfer of domain shop.test has been approved.' \ ' It was associated with registrant john-001' \ - ' and contacts jane-001, william-001.' + ' and contacts acme-ltd-001, jane-001, william-001.' id = @domain_transfer.id class_name = @domain_transfer.class.name diff --git a/test/models/nameserver_test.rb b/test/models/nameserver_test.rb index 8f2a07334..1392d259e 100644 --- a/test/models/nameserver_test.rb +++ b/test/models/nameserver_test.rb @@ -50,9 +50,11 @@ class NameserverTest < ActiveSupport::TestCase end def test_hostnames - assert_equal %w[ns1.bestnames.test + assert_equal %w[ + ns1.bestnames.test ns2.bestnames.test ns1.bestnames.test + ns2.bestnames.test ns1.bestnames.test], Nameserver.hostnames end diff --git a/test/models/payment_orders/bank_link_test.rb b/test/models/payment_orders/bank_link_test.rb new file mode 100644 index 000000000..16f790d13 --- /dev/null +++ b/test/models/payment_orders/bank_link_test.rb @@ -0,0 +1,134 @@ +require 'test_helper' + +class BankLinkTest < ActiveSupport::TestCase + # Note: Files stored in: test/fixtures/files/seb_seller_key.pem + # test/fixtures/files/seb_bank_cert.pem + # are autogenerated, they will not work against production or even staging. + def setup + super + + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + + travel_to '2018-04-01 00:30 +0300' + create_new_bank_link + create_completed_bank_link + create_cancelled_bank_link + end + + def teardown + super + + travel_back + end + + def create_completed_bank_link + params = { + 'VK_SERVICE': '1111', + 'VK_VERSION': '008', + 'VK_SND_ID': 'testvpos', + 'VK_REC_ID': 'seb', + 'VK_STAMP': 1, + 'VK_T_NO': '1', + 'VK_AMOUNT': '12.00', + 'VK_CURR': 'EUR', + 'VK_REC_ACC': '1234', + 'VK_REC_NAME': 'Eesti Internet', + 'VK_SND_ACC': '1234', + 'VK_SND_NAME': 'John Doe', + 'VK_REF': '', + 'VK_MSG': 'Order nr 1', + 'VK_T_DATETIME': '2018-04-01T00:30:00+0300', + 'VK_MAC': 'CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=', + 'VK_ENCODING': 'UTF-8', + 'VK_LANG': 'ENG' + }.with_indifferent_access + + @completed_bank_link = PaymentOrders::BankLink.new( + 'seb', @invoice, { response: params } + ) + end + + def create_cancelled_bank_link + params = { + 'VK_SERVICE': '1911', + 'VK_VERSION': '008', + 'VK_SND_ID': 'testvpos', + 'VK_REC_ID': 'seb', + 'VK_STAMP': 1, + 'VK_REF': '', + 'VK_MSG': 'Order nr 1', + 'VK_MAC': 'PElE2mYXXN50q2UBvTuYU1rN0BmOQcbafPummDnWfNdm9qbaGQkGyOn0XaaFGlrdEcldXaHBbZKUS0HegIgjdDfl2NOk+wkLNNH0Iu38KzZaxHoW9ga7vqiyKHC8dcxkHiO9HsOnz77Sy/KpWCq6cz48bi3fcMgo+MUzBMauWoQ=', + 'VK_ENCODING': 'UTF-8', + 'VK_LANG': 'ENG' + }.with_indifferent_access + + @cancelled_bank_link = PaymentOrders::BankLink.new( + 'seb', @invoice, { response: params } + ) + end + + def create_new_bank_link + params = { return_url: 'return.url', response_url: 'response.url' } + @new_bank_link = PaymentOrders::BankLink.new('seb', @invoice, params) + end + + def test_response_is_not_valid_when_it_is_missing + refute(false, @new_bank_link.valid_response_from_intermediary?) + end + + def test_form_fields + expected_response = { + 'VK_SERVICE': '1012', + 'VK_VERSION': '008', + 'VK_SND_ID': 'testvpos', + 'VK_STAMP': 1, + 'VK_AMOUNT': '12.00', + 'VK_CURR': 'EUR', + 'VK_REF': '', + 'VK_MSG': 'Order nr. 1', + 'VK_RETURN': 'return.url', + 'VK_CANCEL': 'return.url', + 'VK_DATETIME': '2018-04-01T00:30:00+0300', + 'VK_MAC': 'q70UNFV4ih1qYij2+CyrHaApc3OE66igy3ijuR1m9dl0Cg+lIrAUsP47JChAF7PRErwZ78vSuZwrg0Vabhlp3WoC934ik2FiE04BBxUUTndONvguaNR1wvl0FiwfXFljLncX7TOmRraywJljKC5vTnIRNT2+1HXvmv0v576PGao=', + 'VK_ENCODING': 'UTF-8', + 'VK_LANG': 'ENG' + }.with_indifferent_access + + assert_equal(expected_response, @new_bank_link.form_fields) + end + + def test_valid_success_response_from_intermediary? + assert(@completed_bank_link.valid_response_from_intermediary?) + end + + def test_valid_cancellation_response_from_intermediary? + assert(@cancelled_bank_link.valid_response_from_intermediary?) + end + + def test_settled_payment? + assert(@completed_bank_link.settled_payment?) + refute(@cancelled_bank_link.settled_payment?) + end + + def test_complete_transaction_calls_methods_on_transaction + mock_transaction = MiniTest::Mock.new + mock_transaction.expect(:sum= , '12.00', ['12.00']) + mock_transaction.expect(:bank_reference= , '1', ['1']) + mock_transaction.expect(:buyer_bank_code= , 'testvpos', ['testvpos']) + mock_transaction.expect(:buyer_iban= , '1234', ['1234']) + mock_transaction.expect(:paid_at= , Date.parse('2018-04-01 00:30:00 +0300'), [Time.parse('2018-04-01T00:30:00+0300')]) + mock_transaction.expect(:buyer_name=, 'John Doe', ['John Doe']) + mock_transaction.expect(:save!, true) + mock_transaction.expect(:autobind_invoice, AccountActivity.new) + + BankTransaction.stub(:find_by, mock_transaction) do + @completed_bank_link.complete_transaction + end + + mock_transaction.verify + end +end diff --git a/test/models/payment_orders/every_pay_test.rb b/test/models/payment_orders/every_pay_test.rb new file mode 100644 index 000000000..2be3401dc --- /dev/null +++ b/test/models/payment_orders/every_pay_test.rb @@ -0,0 +1,92 @@ +require 'test_helper' + +class EveryPayTest < ActiveSupport::TestCase + def setup + super + + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + + params = { + response: + { + utf8: '✓', + _method: 'put', + authenticity_token: 'OnA69vbccQtMt3C9wxEWigs5Gpf/7z+NoxRCMkFPlTvaATs8+OgMKF1I4B2f+vuK37zCgpWZaWWtyuslRRSwkw==', + nonce: '392f2d7748bc8cb0d14f263ebb7b8932', + timestamp: '1524136727', + api_username: 'ca8d6336dd750ddb', + transaction_result: 'completed', + payment_reference: 'fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56', + payment_state: 'settled', + amount: '12.00', + order_reference: 'e468a2d59a731ccc546f2165c3b1a6', + account_id: 'EUR3D1', + cc_type: 'master_card', + cc_last_four_digits: '0487', + cc_month: '10', + cc_year: '2018', + cc_holder_name: 'John Doe', + hmac_fields: 'account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result', + hmac: 'efac1c732835668cd86023a7abc140506c692f0d', + invoice_id: '1', + }, + } + @every_pay = PaymentOrders::EveryPay.new('every_pay', @invoice, params) + @other_pay = PaymentOrders::EveryPay.new('every_pay', @invoice, {}) + + travel_to Time.zone.parse('2018-04-01 00:30:00 +0000') + end + + def teardown + super + + travel_back + end + + def test_form_fields + expected_fields = { + api_username: 'api_user', + account_id: 'EUR3D1', + timestamp: '1522542600', + amount: '12.00', + transaction_type: 'charge', + hmac_fields: 'account_id,amount,api_username,callback_url,customer_url,hmac_fields,nonce,order_reference,timestamp,transaction_type' + } + form_fields = @every_pay.form_fields + expected_fields.each do |k, v| + assert_equal(v, form_fields[k]) + end + end + + def test_valid_response_from_intermediary? + assert(@every_pay.valid_response_from_intermediary?) + refute(@other_pay.valid_response_from_intermediary?) + end + + def test_settled_payment? + assert(@every_pay.settled_payment?) + other_pay = PaymentOrders::EveryPay.new( + 'every_pay', @invoice, {response: {payment_state: 'CANCELLED'}} + ) + refute(other_pay.settled_payment?) + end + + def test_complete_transaction_calls_methods_on_transaction + mock_transaction = MiniTest::Mock.new + mock_transaction.expect(:sum= , '12.00', ['12.00']) + mock_transaction.expect(:paid_at= , Date.strptime('1524136727', '%s'), [Date.strptime('1524136727', '%s')]) + mock_transaction.expect(:buyer_name=, 'John Doe', ['John Doe']) + mock_transaction.expect(:save!, true) + mock_transaction.expect(:autobind_invoice, AccountActivity.new) + + BankTransaction.stub(:find_by, mock_transaction) do + @every_pay.complete_transaction + end + + mock_transaction.verify + end +end diff --git a/test/models/payment_orders_test.rb b/test/models/payment_orders_test.rb new file mode 100644 index 000000000..252ba0582 --- /dev/null +++ b/test/models/payment_orders_test.rb @@ -0,0 +1,58 @@ +require 'test_helper' + +class PaymentOrdersTest < ActiveSupport::TestCase + def setup + super + + @original_methods = ENV['payment_methods'] + @original_seb_URL = ENV['seb_payment_url'] + ENV['payment_methods'] = 'seb, swed, credit_card' + ENV['seb_payment_url'] = nil + @not_implemented_payment = PaymentOrders::Base.new( + 'not_implemented', Invoice.new + ) + end + + def teardown + super + + ENV['payment_methods'] = @original_methods + ENV['seb_payment_url'] = @original_seb_URL + end + + def test_variable_assignment + assert_equal 'not_implemented', @not_implemented_payment.type + assert_nil @not_implemented_payment.response_url + assert_nil @not_implemented_payment.return_url + assert_nil @not_implemented_payment.form_url + end + + def test_that_errors_are_raised_on_missing_methods + assert_raise NoMethodError do + @not_implemented_payment.valid_response? + end + + assert_raise NoMethodError do + @not_implemented_payment.settled_payment? + end + + assert_raise NoMethodError do + @not_implemented_payment.form_fields + end + + assert_raise NoMethodError do + @not_implemented_payment.complete_transaction + end + end + + def test_that_create_with_type_raises_argument_error + assert_raise ArgumentError do + PaymentOrders.create_with_type("not_implemented", Invoice.new) + end + end + + def test_create_with_correct_subclass + payment = PaymentOrders.create_with_type('seb', Invoice.new) + assert_equal PaymentOrders::BankLink, payment.class + end +end diff --git a/test/models/registry_test.rb b/test/models/registry_test.rb index 90a603e15..80c88c8bf 100644 --- a/test/models/registry_test.rb +++ b/test/models/registry_test.rb @@ -10,7 +10,11 @@ class RegistryTest < ActiveSupport::TestCase end def test_vat_rate + original_vat_prc = Setting.registry_vat_prc Setting.registry_vat_prc = 0.25 + assert_equal BigDecimal(25), @registry.vat_rate + + Setting.registry_vat_prc = original_vat_prc end end