REPP: Domain Delete endpoint, port EPP Delete to Actions

2025-06-12 15:44:45 +02:00 · 2021-01-26 15:47:53 +02:00 · 2021-01-26 15:47:53 +02:00 · cdf2866434
commit cdf2866434
parent 99a1f1f489
4 changed files with 106 additions and 22 deletions
--- a/app/controllers/epp/domains_controller.rb
+++ b/app/controllers/epp/domains_controller.rb
@ -1,3 +1,4 @@
+require 'deserializers/xml/domain_delete'
 module Epp
  class DomainsController < BaseController
    before_action :find_domain, only: %i[info renew update transfer delete]
@ -43,28 +44,22 @@ module Epp
      update_params = ::Deserializers::Xml::DomainUpdate.new(params[:parsed_frame],
                                                             registrar_id).call
      action = Actions::DomainUpdate.new(@domain, update_params, false)
-      if action.call
+      (handle_errors(@domain) and return) unless action.call
+
      pending = @domain.epp_pending_update.present?
      render_epp_response("/epp/domains/success#{'_pending' if pending}")
-      else
-        handle_errors(@domain)
-      end
    end

    def delete
-      authorize! :delete, @domain, @password
+      authorize!(:delete, @domain, @password)
+      frame = params[:parsed_frame]
+      delete_params = ::Deserializers::Xml::DomainDelete.new(frame).call
+      action = Actions::DomainDelete.new(@domain, delete_params, current_user.registrar)

-      (handle_errors(@domain) && return) unless @domain.can_be_deleted?
+      (handle_errors(@domain) and return) unless action.call

-      if @domain.epp_destroy(params[:parsed_frame], current_user.id)
-        if @domain.epp_pending_delete.present?
-          render_epp_response '/epp/domains/success_pending'
-        else
-          render_epp_response '/epp/domains/success'
-        end
-      else
-        handle_errors(@domain)
-      end
+      pending = @domain.epp_pending_delete.present?
+      render_epp_response("/epp/domains/success#{'_pending' if pending}")
    end

    def check
--- a/app/controllers/repp/v1/domains_controller.rb
+++ b/app/controllers/repp/v1/domains_controller.rb
@ -2,8 +2,8 @@ require 'serializers/registrant_api/domain'
 module Repp
  module V1
    class DomainsController < BaseController
-      before_action :set_authorized_domain, only: %i[transfer_info]
-      before_action :forward_registrar_id, only: %i[create]
+      before_action :set_authorized_domain, only: %i[transfer_info destroy]
+      before_action :forward_registrar_id, only: %i[create destroy]
      before_action :set_domain, only: %i[show update]

      api :GET, '/repp/v1/domains'
@ -112,6 +112,20 @@ module Repp
        render_success(data: { success: @successful, failed: @errors })
      end

+      api :DELETE, '/repp/v1/domains/:domain_name'
+      desc 'Delete specific domain'
+      param :delete, Hash, required: true, desc: 'Object holding verified key' do
+        param :verified, [true, false], required: true, desc: 'Whether to ask registrant verification or not'
+      end
+      def destroy
+        action = Actions::DomainDelete.new(@domain, params, current_user.registrar)
+        handle_errors(@domain) and return unless action.call
+
+        render_success(data: { domain: { name: @domain.name }})
+      end
+
+      private
+
      def initiate_transfer(transfer)
        domain = Epp::Domain.find_or_initialize_by(name: transfer[:domain_name])
        action = Actions::DomainTransfer.new(domain, transfer[:transfer_code],
@ -125,8 +139,6 @@ module Repp
        end
      end

-      private
-
      def transfer_params
        params.require(:data).require(:domain_transfers).each do |t|
          t.require(:domain_name)
@ -156,7 +168,7 @@ module Repp
        @epp_errors ||= []
        h = {}
        h[transfer_info_params[:id].match?(/\A[0-9]+\z/) ? :id : :name] = transfer_info_params[:id]
-        @domain = Domain.find_by!(h)
+        @domain = Epp::Domain.find_by!(h)

        validate_registrar_authorization
      end
--- a/app/models/actions/domain_delete.rb
+++ b/app/models/actions/domain_delete.rb
@ -0,0 +1,57 @@
+module Actions
+  class DomainDelete
+    attr_reader :domain
+    attr_reader :params
+    attr_reader :user
+
+    def initialize(domain, params, user)
+      @domain = domain
+      @params = params
+      @user = user
+    end
+
+    def call
+      return false unless @domain.can_be_deleted?
+
+      verify_not_discarded
+      maybe_attach_legal_doc
+
+      return false if domain.errors.any?
+      return false if domain.errors[:epp_errors].any?
+
+      destroy
+    end
+
+    def maybe_attach_legal_doc
+      Actions::BaseAction.attach_legal_doc_to_new(domain, params[:legal_document], domain: true)
+    end
+
+    def verify_not_discarded
+      return unless domain.discarded?
+
+      domain.add_epp_error('2304', nil, nil, 'Object status prohibits operation')
+    end
+
+    def verify?
+      return false unless Setting.request_confirmation_on_domain_deletion_enabled
+      return false if params[:delete][:verified] == true
+
+      true
+    end
+
+    def destroy
+      if verify?
+        domain.registrant_verification_asked!(params, user.id)
+        domain.pending_delete!
+        domain.manage_automatic_statuses
+      else
+        domain.set_pending_delete!
+      end
+
+      return false if domain.errors.any?
+      return false if domain.errors[:epp_errors].any?
+
+      true
+    end
+  end
+end
--- a/lib/deserializers/xml/domain_delete.rb
+++ b/lib/deserializers/xml/domain_delete.rb
@ -0,0 +1,20 @@
+module Deserializers
+  module Xml
+    class DomainDelete
+      attr_reader :frame
+
+      def initialize(frame)
+        @frame = frame
+      end
+
+      def call
+        obj = {}
+        obj[:name] = frame.css('name')&.text
+        verify = frame.css('delete').children.css('delete').attr('verified').to_s.downcase == 'yes'
+        obj[:delete] = { verified: verify }
+
+        obj
+      end
+    end
+  end
+end