zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-08-05 17:28:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Refactor EPP users to API users

Browse source
This commit is contained in:
Martin Lensment 2015-01-29 14:13:49 +02:00
parent b8494993ea
commit c91c9c8ebf
44 changed files with 154 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/api/repp/api.rb
View file

@ -4,7 +4,7 @@ module Repp
prefix :repp
http_basic do |username, password|
@current_api_user ||= EppUser.find_by(username: username, password: password)
@current_api_user ||= ApiUser.find_by(username: username, password: password)
end
helpers do

32
app/controllers/admin/epp_users_controller.rb → app/controllers/admin/api_users_controller.rb
View file

@ -1,22 +1,22 @@
class Admin::EppUsersController < AdminController
class Admin::ApiUsersController < AdminController
load_and_authorize_resource
before_action :set_epp_user, only: [:show, :edit, :update, :destroy]
before_action :set_api_user, only: [:show, :edit, :update, :destroy]
def index
@q = EppUser.search(params[:q])
@epp_users = @q.result.page(params[:page])
@q = ApiUser.search(params[:q])
@api_users = @q.result.page(params[:page])
end
def new
@epp_user = EppUser.new
@api_user = ApiUser.new
end
def create
@epp_user = EppUser.new(epp_user_params)
@api_user = ApiUser.new(api_user_params)
if @epp_user.save
if @api_user.save
flash[:notice] = I18n.t('record_created')
redirect_to [:admin, @epp_user]
redirect_to [:admin, @api_user]
else
flash.now[:alert] = I18n.t('failed_to_create_record')
render 'new'
@ -28,9 +28,9 @@ class Admin::EppUsersController < AdminController
def edit; end
def update
if @epp_user.update(epp_user_params)
if @api_user.update(api_user_params)
flash[:notice] = I18n.t('record_updated')
redirect_to [:admin, @epp_user]
redirect_to [:admin, @api_user]
else
flash.now[:alert] = I18n.t('failed_to_update_record')
render 'edit'
@ -38,9 +38,9 @@ class Admin::EppUsersController < AdminController
end
def destroy
if @epp_user.destroy
if @api_user.destroy
flash[:notice] = I18n.t('record_deleted')
redirect_to admin_epp_users_path
redirect_to admin_api_users_path
else
flash.now[:alert] = I18n.t('failed_to_delete_record')
render 'show'
@ -49,11 +49,11 @@ class Admin::EppUsersController < AdminController
private
def set_epp_user
@epp_user = EppUser.find(params[:id])
def set_api_user
@api_user = ApiUser.find(params[:id])
end
def epp_user_params
params.require(:epp_user).permit(:username, :password, :crt, :active, :registrar_id, :registrar_typeahead)
def api_user_params
params.require(:api_user).permit(:username, :password, :crt, :active, :registrar_id, :registrar_typeahead)
end
end

4
app/controllers/concerns/shared/user_stamper.rb
View file

@ -5,9 +5,9 @@ module Shared::UserStamper
return false if obj.nil? || !obj.has_attribute?(:created_by_id && :updated_by_id)
if obj.new_record?
obj.created_by_id = current_epp_user.id
obj.created_by_id = current_api_user.id
else
obj.updated_by_id = current_epp_user.id
obj.updated_by_id = current_api_user.id
end
true

10
app/controllers/epp/contacts_controller.rb
View file

@ -3,12 +3,12 @@ class Epp::ContactsController < EppController
helper WhodunnitHelper ## Refactor this?
def user_for_paper_trail ## Refactor this?
current_epp_user ? "#{current_epp_user.id}-EppUser" : nil
current_api_user ? "#{current_api_user.id}-ApiUser" : nil
end
def create
@contact = Contact.new(contact_and_address_attributes)
@contact.registrar = current_epp_user.registrar
@contact.registrar = current_api_user.registrar
render_epp_response '/epp/contacts/create' and return if stamp(@contact) && @contact.save
handle_errors(@contact)
end
@ -113,7 +113,7 @@ class Epp::ContactsController < EppController
return false unless xml_attrs_present?(@ph, [['id']])
@contact = find_contact
return false unless @contact
return true if current_epp_user.registrar == @contact.registrar || xml_attrs_present?(@ph, [%w(authInfo pw)])
return true if current_api_user.registrar == @contact.registrar || xml_attrs_present?(@ph, [%w(authInfo pw)])
false
end
@ -135,7 +135,7 @@ class Epp::ContactsController < EppController
def owner?(with_errors = true)
return false unless find_contact
return true if @contact.registrar == current_epp_user.registrar
return true if @contact.registrar == current_api_user.registrar
return false unless with_errors
epp_errors << { code: '2201', msg: t('errors.messages.epp_authorization_error') }
false
@ -144,7 +144,7 @@ class Epp::ContactsController < EppController
def rights?
pw = @ph.try(:[], :authInfo).try(:[], :pw)
return true if current_epp_user.try(:registrar) == @contact.try(:registrar)
return true if current_api_user.try(:registrar) == @contact.try(:registrar)
return true if pw && @contact.auth_info_matches(pw) # @contact.try(:auth_info_matches, pw)
epp_errors << { code: '2200', msg: t('errors.messages.epp_authentication_error') }

6
app/controllers/epp/domains_controller.rb
View file

@ -175,7 +175,7 @@ class Epp::DomainsController < EppController
{
name: name,
registrar_id: current_epp_user.registrar.try(:id),
registrar_id: current_api_user.registrar.try(:id),
registered_at: Time.now,
period: (period.to_i == 0) ? 1 : period.to_i,
period_unit: Epp::EppDomain.parse_period_unit_from_frame(params[:parsed_frame]) || 'y'
@ -186,7 +186,7 @@ class Epp::DomainsController < EppController
res = {}
res[:pw] = params[:parsed_frame].css('pw').first.try(:text)
res[:action] = params[:parsed_frame].css('transfer').first[:op]
res[:current_user] = current_epp_user
res[:current_user] = current_api_user
res
end
@ -205,7 +205,7 @@ class Epp::DomainsController < EppController
return domain if domain.auth_info == params[:parsed_frame].css('authInfo pw').text
if (domain.registrar != current_epp_user.registrar && secure[:secure] == true) &&
if (domain.registrar != current_api_user.registrar && secure[:secure] == true) &&
epp_errors << {
code: '2302',
msg: I18n.t('errors.messages.domain_exists_but_belongs_to_other_registrar'),

2
app/controllers/epp/keyrelays_controller.rb
View file

@ -6,7 +6,7 @@ class Epp::KeyrelaysController < EppController
handle_errors(@domain) and return unless @domain
handle_errors(@domain) and return unless @domain.authenticate(params[:parsed_frame].css('pw').text)
handle_errors(@domain) and return unless @domain.keyrelay(params[:parsed_frame], current_epp_user.registrar)
handle_errors(@domain) and return unless @domain.keyrelay(params[:parsed_frame], current_api_user.registrar)
render_epp_response '/epp/shared/success'
end

4
app/controllers/epp/polls_controller.rb
View file

@ -5,7 +5,7 @@ class Epp::PollsController < EppController
end
def req_poll
@message = current_epp_user.queued_messages.last
@message = current_api_user.queued_messages.last
render_epp_response 'epp/poll/poll_no_messages' and return unless @message
if @message.attached_obj_type && @message.attached_obj_id
@ -20,7 +20,7 @@ class Epp::PollsController < EppController
end
def ack_poll
@message = current_epp_user.queued_messages.find_by(id: params[:parsed_frame].css('poll').first['msgID'])
@message = current_api_user.queued_messages.find_by(id: params[:parsed_frame].css('poll').first['msgID'])
unless @message
epp_errors << {

10
app/controllers/epp/sessions_controller.rb
View file

@ -4,10 +4,10 @@ class Epp::SessionsController < EppController
end
def login
@epp_user = EppUser.find_by(login_params)
@api_user = ApiUser.find_by(login_params)
if @epp_user.try(:active)
epp_session[:epp_user_id] = @epp_user.id
if @api_user.try(:active)
epp_session[:api_user_id] = @api_user.id
render_epp_response('login_success')
else
response.headers['X-EPP-Returncode'] = '2200'
@ -16,8 +16,8 @@ class Epp::SessionsController < EppController
end
def logout
@epp_user = current_epp_user # cache current_epp_user for logging
epp_session[:epp_user_id] = nil
@api_user = current_api_user # cache current_api_user for logging
epp_session[:api_user_id] = nil
response.headers['X-EPP-Returncode'] = '1500'
render_epp_response('logout')
end

10
app/controllers/epp_controller.rb
View file

@ -3,7 +3,7 @@ class EppController < ApplicationController
before_action :generate_svtrid
before_action :validate_request
layout false
helper_method :current_epp_user
helper_method :current_api_user
def generate_svtrid
# rubocop: disable Style/VariableName
@ -21,8 +21,8 @@ class EppController < ApplicationController
EppSession.find_or_initialize_by(session_id: cookie['session'])
end
def current_epp_user
@current_epp_user ||= EppUser.find(epp_session[:epp_user_id]) if epp_session[:epp_user_id]
def current_api_user
@current_api_user ||= ApiUser.find(epp_session[:api_user_id]) if epp_session[:api_user_id]
end
# ERROR + RESPONSE HANDLING
@ -198,8 +198,8 @@ class EppController < ApplicationController
request_successful: epp_errors.empty?,
request_object: params[:epp_object_type],
response: @response,
api_user_name: @epp_user.try(:to_s) || current_epp_user.try(:to_s),
api_user_registrar: @epp_user.try(:registrar).try(:to_s) || current_epp_user.try(:registrar).try(:to_s),
api_user_name: @api_user.try(:to_s) || current_api_user.try(:to_s),
api_user_registrar: @api_user.try(:registrar).try(:to_s) || current_api_user.try(:registrar).try(:to_s),
ip: request.ip
})
end

8
app/helpers/whodunnit_helper.rb
View file

@ -1,8 +1,8 @@
module WhodunnitHelper
def link_to_whodunnit(whodunnit)
return nil unless whodunnit
if whodunnit.include?('-EppUser')
user = EppUser.find(whodunnit)
if whodunnit.include?('-ApiUser')
user = ApiUser.find(whodunnit)
return link_to(user.username, admin_epp_user_path(user))
end
user = User.find(whodunnit)
@ -13,8 +13,8 @@ module WhodunnitHelper
def whodunnit_with_protocol(whodunnit)
return nil unless whodunnit
if whodunnit.include?('-EppUser')
user = EppUser.find(whodunnit)
if whodunnit.include?('-ApiUser')
user = ApiUser.find(whodunnit)
return "#{user.username} (EPP)"
end
user = User.find(whodunnit)

2
app/models/ability.rb
View file

@ -29,7 +29,7 @@ class Ability
can :manage, ZonefileSetting
can :manage, DomainVersion
can :manage, User
can :manage, EppUser
can :manage, ApiUser
can :manage, Keyrelay
can :manage, LegalDocument
can :read, ApiLog::EppLog

2
app/models/epp_user.rb → app/models/api_user.rb
View file

@ -1,5 +1,5 @@
# rubocop: disable Metrics/ClassLength
class EppUser < ActiveRecord::Base
class ApiUser < ActiveRecord::Base
# TODO: should have max request limit per day
belongs_to :registrar
has_many :contacts

4
app/models/concerns/user_events.rb
View file

@ -7,7 +7,7 @@ module UserEvents
return [] unless registrar
@events = []
registrar.users.each { |user| @events << user_events(user.id) }
registrar.epp_users.each { |user| @events << epp_user_events(user.id) }
registrar.api_users.each { |user| @events << epp_user_events(user.id) }
@events
end
@ -16,7 +16,7 @@ module UserEvents
end
def epp_user_events(id)
where(whodunnit: "#{id}-EppUser")
where(whodunnit: "#{id}-ApiUser")
end
end
end

4
app/models/contact.rb
View file

@ -11,8 +11,8 @@ class Contact < ActiveRecord::Base
has_many :statuses, class_name: 'ContactStatus'
# TODO: remove the x_by
belongs_to :created_by, class_name: 'EppUser', foreign_key: :created_by_id
belongs_to :updated_by, class_name: 'EppUser', foreign_key: :updated_by_id
belongs_to :created_by, class_name: 'ApiUser', foreign_key: :created_by_id
belongs_to :updated_by, class_name: 'ApiUser', foreign_key: :updated_by_id
belongs_to :registrar
accepts_nested_attributes_for :address, :disclosure

2
app/models/registrar.rb
View file

@ -2,7 +2,7 @@ class Registrar < ActiveRecord::Base
belongs_to :country
has_many :domains, dependent: :restrict_with_error
has_many :contacts, dependent: :restrict_with_error
has_many :epp_users, dependent: :restrict_with_error
has_many :api_users, dependent: :restrict_with_error
has_many :messages
validates :name, :reg_no, :address, :country, presence: true

10
app/views/admin/epp_users/_form.haml → app/views/admin/api_users/_form.haml
View file

@ -1,9 +1,9 @@
= form_for([:admin, @epp_user]) do |f|
- if @epp_user.errors.any?
- @epp_user.errors.each do |attr, err|
= form_for([:admin, @api_user]) do |f|
- if @api_user.errors.any?
- @api_user.errors.each do |attr, err|
= err
%br
- if @epp_user.errors.any?
- if @api_user.errors.any?
%hr
.row
@ -23,7 +23,7 @@
= f.hidden_field(:registrar_id, class: 'js-registrar-id')
.form-group
.checkbox
%label{for: 'epp_user_active'}
%label{for: 'api_user_active'}
= f.check_box(:active)
= t('active')

4
app/views/admin/epp_users/edit.haml → app/views/admin/api_users/edit.haml
View file

@ -1,9 +1,9 @@
.row
.col-sm-6
%h2.text-center-xs
= "#{t('edit_epp_user')}"
= "#{t('edit_api_user')}"
.col-sm-6
%h2.text-right.text-center-xs
= link_to(t('back_to_epp_user'), [:admin, @epp_user], class: 'btn btn-default')
= link_to(t('back_to_api_user'), [:admin, @api_user], class: 'btn btn-default')
%hr
= render 'form'

8
app/views/admin/epp_users/index.haml → app/views/admin/api_users/index.haml
View file

@ -1,9 +1,9 @@
.row
.col-sm-6
%h2.text-center-xs= t('epp_users')
%h2.text-center-xs= t('api_users')
.col-sm-6
%h2.text-right.text-center-xs
= link_to(t('create_new_epp_user'), new_admin_epp_user_path, class: 'btn btn-primary')
= link_to(t('create_new_api_user'), new_admin_api_user_path, class: 'btn btn-primary')
%hr
.row
.col-md-12
@ -18,11 +18,11 @@
%th{class: 'col-xs-2'}
= sort_link(@q, 'active', t('active'))
%tbody
- @epp_users.each do |x|
- @api_users.each do |x|
%tr
%td= link_to(x, [:admin, x])
%td= link_to(x.registrar, [:admin, x.registrar])
%td= x.active
.row
.col-md-12
= paginate @epp_users
= paginate @api_users

3
app/views/admin/api_users/new.haml Normal file
View file

@ -0,0 +1,3 @@
%h2= t('create_new_api_user')
%hr
= render 'form'

22
app/views/admin/epp_users/show.haml → app/views/admin/api_users/show.haml
View file

@ -1,18 +1,18 @@
.row
.col-sm-6
%h2.text-center-xs
= "#{t('epp_user_details')}"
= "#{t('api_user_details')}"
.col-sm-6
%h2.text-right.text-center-xs
= link_to(t('edit'), edit_admin_epp_user_path(@epp_user), class: 'btn btn-primary')
= link_to(t('delete'), admin_epp_user_path(@epp_user), method: :delete, data: { confirm: t('are_you_sure') }, class: 'btn btn-danger')
= link_to(t('edit'), edit_admin_api_user_path(@api_user), class: 'btn btn-primary')
= link_to(t('delete'), admin_api_user_path(@api_user), method: :delete, data: { confirm: t('are_you_sure') }, class: 'btn btn-danger')
%hr
- if @epp_user.errors.any?
- @epp_user.errors.each do |attr, err|
- if @api_user.errors.any?
- @api_user.errors.each do |attr, err|
= err
%br
- if @epp_user.errors.any?
- if @api_user.errors.any?
%hr
.row
.col-md-6
@ -22,13 +22,13 @@
.panel-body
%dl.dl-horizontal
%dt= t('username')
%dd= @epp_user.username
%dd= @api_user.username
%dt= t('password')
%dd= @epp_user.password
%dd= @api_user.password
%dt= t('active')
%dd= @epp_user.active
%dd= @api_user.active
.col-md-6
.panel.panel-default
@ -37,7 +37,7 @@
.panel-body
%dl.dl-horizontal
%dt= t('csr')
%dd= @epp_user.csr
%dd= @api_user.csr
%dt= t('crt')
%dd= @epp_user.crt
%dd= @api_user.crt

3
app/views/admin/epp_users/new.haml
View file

@ -1,3 +0,0 @@
%h2= t('create_new_epp_user')
%hr
= render 'form'

4
app/views/admin/registrars/show.haml
View file

@ -49,7 +49,7 @@
.col-md-12
#epp-users.panel.panel-default
.panel-heading.clearfix
= t('epp_users')
= t('api_users')
.table-responsive
%table.table.table-hover.table-bordered.table-condensed
%thead
@ -57,7 +57,7 @@
%th{class: 'col-xs-6'}= t('username')
%th{class: 'col-xs-6'}= t('active')
%tbody
- @registrar.epp_users.each do |x|
- @registrar.api_users.each do |x|
%tr
%td= link_to(x, [:admin, x])
%td= x.active

2
app/views/epp/poll/poll_ack.xml.builder
View file

@ -4,7 +4,7 @@ xml.epp_head do
xml.msg 'Command completed successfully'
end
xml.tag!('msgQ', 'count' => current_epp_user.queued_messages.count, 'id' => @message.id)
xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id)
xml << render('/epp/shared/trID')
end

2
app/views/epp/poll/poll_keyrelay.xml.builder
View file

@ -10,7 +10,7 @@ xml.epp(
xml.msg 'Command completed successfully; ack to dequeue'
end
xml.tag!('msgQ', 'count' => current_epp_user.queued_messages.count, 'id' => @message.id) do
xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id) do
xml.qDate @message.created_at
xml.msg @message.body
end

2
app/views/epp/poll/poll_req.xml.builder
View file

@ -4,7 +4,7 @@ xml.epp_head do
xml.msg 'Command completed successfully; ack to dequeue'
end
xml.tag!('msgQ', 'count' => current_epp_user.queued_messages.count, 'id' => @message.id) do
xml.tag!('msgQ', 'count' => current_api_user.queued_messages.count, 'id' => @message.id) do
xml.qDate @message.created_at
xml.msg @message.body
end

2
app/views/layouts/application.haml
View file

@ -53,7 +53,7 @@
%li.divider
%li.dropdown-header= t('users')
%li= link_to t(:admin_users), admin_users_path
%li= link_to t(:epp_users), admin_epp_users_path
%li= link_to t(:api_users), admin_api_users_path
%ul.nav.navbar-nav.navbar-right
%li= link_to t('log_out', user: current_user), '/logout'