diff --git a/app/controllers/epp/domains_controller.rb b/app/controllers/epp/domains_controller.rb index 546cc131b..656e51874 100644 --- a/app/controllers/epp/domains_controller.rb +++ b/app/controllers/epp/domains_controller.rb @@ -1,3 +1,4 @@ +require 'deserializers/xml/domain_delete' module Epp class DomainsController < BaseController before_action :find_domain, only: %i[info renew update transfer delete] @@ -43,28 +44,22 @@ module Epp update_params = ::Deserializers::Xml::DomainUpdate.new(params[:parsed_frame], registrar_id).call action = Actions::DomainUpdate.new(@domain, update_params, false) - if action.call - pending = @domain.epp_pending_update.present? - render_epp_response("/epp/domains/success#{'_pending' if pending}") - else - handle_errors(@domain) - end + (handle_errors(@domain) and return) unless action.call + + pending = @domain.epp_pending_update.present? + render_epp_response("/epp/domains/success#{'_pending' if pending}") end def delete - authorize! :delete, @domain, @password + authorize!(:delete, @domain, @password) + frame = params[:parsed_frame] + delete_params = ::Deserializers::Xml::DomainDelete.new(frame).call + action = Actions::DomainDelete.new(@domain, delete_params, current_user.registrar) - (handle_errors(@domain) && return) unless @domain.can_be_deleted? + (handle_errors(@domain) and return) unless action.call - if @domain.epp_destroy(params[:parsed_frame], current_user.id) - if @domain.epp_pending_delete.present? - render_epp_response '/epp/domains/success_pending' - else - render_epp_response '/epp/domains/success' - end - else - handle_errors(@domain) - end + pending = @domain.epp_pending_delete.present? + render_epp_response("/epp/domains/success#{'_pending' if pending}") end def check diff --git a/app/controllers/repp/v1/domains_controller.rb b/app/controllers/repp/v1/domains_controller.rb index 3d0ba8c56..6115d972b 100644 --- a/app/controllers/repp/v1/domains_controller.rb +++ b/app/controllers/repp/v1/domains_controller.rb @@ -2,8 +2,8 @@ require 'serializers/registrant_api/domain' module Repp module V1 class DomainsController < BaseController - before_action :set_authorized_domain, only: %i[transfer_info] - before_action :forward_registrar_id, only: %i[create] + before_action :set_authorized_domain, only: %i[transfer_info destroy] + before_action :forward_registrar_id, only: %i[create destroy] before_action :set_domain, only: %i[show update] api :GET, '/repp/v1/domains' @@ -112,6 +112,20 @@ module Repp render_success(data: { success: @successful, failed: @errors }) end + api :DELETE, '/repp/v1/domains/:domain_name' + desc 'Delete specific domain' + param :delete, Hash, required: true, desc: 'Object holding verified key' do + param :verified, [true, false], required: true, desc: 'Whether to ask registrant verification or not' + end + def destroy + action = Actions::DomainDelete.new(@domain, params, current_user.registrar) + handle_errors(@domain) and return unless action.call + + render_success(data: { domain: { name: @domain.name }}) + end + + private + def initiate_transfer(transfer) domain = Epp::Domain.find_or_initialize_by(name: transfer[:domain_name]) action = Actions::DomainTransfer.new(domain, transfer[:transfer_code], @@ -125,8 +139,6 @@ module Repp end end - private - def transfer_params params.require(:data).require(:domain_transfers).each do |t| t.require(:domain_name) @@ -156,7 +168,7 @@ module Repp @epp_errors ||= [] h = {} h[transfer_info_params[:id].match?(/\A[0-9]+\z/) ? :id : :name] = transfer_info_params[:id] - @domain = Domain.find_by!(h) + @domain = Epp::Domain.find_by!(h) validate_registrar_authorization end diff --git a/app/models/actions/domain_delete.rb b/app/models/actions/domain_delete.rb new file mode 100644 index 000000000..f3197c452 --- /dev/null +++ b/app/models/actions/domain_delete.rb @@ -0,0 +1,57 @@ +module Actions + class DomainDelete + attr_reader :domain + attr_reader :params + attr_reader :user + + def initialize(domain, params, user) + @domain = domain + @params = params + @user = user + end + + def call + return false unless @domain.can_be_deleted? + + verify_not_discarded + maybe_attach_legal_doc + + return false if domain.errors.any? + return false if domain.errors[:epp_errors].any? + + destroy + end + + def maybe_attach_legal_doc + Actions::BaseAction.attach_legal_doc_to_new(domain, params[:legal_document], domain: true) + end + + def verify_not_discarded + return unless domain.discarded? + + domain.add_epp_error('2304', nil, nil, 'Object status prohibits operation') + end + + def verify? + return false unless Setting.request_confirmation_on_domain_deletion_enabled + return false if params[:delete][:verified] == true + + true + end + + def destroy + if verify? + domain.registrant_verification_asked!(params, user.id) + domain.pending_delete! + domain.manage_automatic_statuses + else + domain.set_pending_delete! + end + + return false if domain.errors.any? + return false if domain.errors[:epp_errors].any? + + true + end + end +end diff --git a/lib/deserializers/xml/domain_delete.rb b/lib/deserializers/xml/domain_delete.rb new file mode 100644 index 000000000..b682c9b5b --- /dev/null +++ b/lib/deserializers/xml/domain_delete.rb @@ -0,0 +1,20 @@ +module Deserializers + module Xml + class DomainDelete + attr_reader :frame + + def initialize(frame) + @frame = frame + end + + def call + obj = {} + obj[:name] = frame.css('name')&.text + verify = frame.css('delete').children.css('delete').attr('verified').to_s.downcase == 'yes' + obj[:delete] = { verified: verify } + + obj + end + end + end +end