REPP: Domain Delete endpoint, port EPP Delete to Actions

app/controllers/epp/domains_controller.rb

@@ -1,3 +1,4 @@
+require 'deserializers/xml/domain_delete'
 module Epp
   class DomainsController < BaseController
     before_action :find_domain, only: %i[info renew update transfer delete]
@@ -43,28 +44,22 @@ module Epp
       update_params = ::Deserializers::Xml::DomainUpdate.new(params[:parsed_frame],
                                                              registrar_id).call
       action = Actions::DomainUpdate.new(@domain, update_params, false)
-      if action.call
-        pending = @domain.epp_pending_update.present?
-        render_epp_response("/epp/domains/success#{'_pending' if pending}")
-      else
-        handle_errors(@domain)
-      end
+      (handle_errors(@domain) and return) unless action.call
+
+      pending = @domain.epp_pending_update.present?
+      render_epp_response("/epp/domains/success#{'_pending' if pending}")
     end
 
     def delete
-      authorize! :delete, @domain, @password
+      authorize!(:delete, @domain, @password)
+      frame = params[:parsed_frame]
+      delete_params = ::Deserializers::Xml::DomainDelete.new(frame).call
+      action = Actions::DomainDelete.new(@domain, delete_params, current_user.registrar)
 
-      (handle_errors(@domain) && return) unless @domain.can_be_deleted?
+      (handle_errors(@domain) and return) unless action.call
 
-      if @domain.epp_destroy(params[:parsed_frame], current_user.id)
-        if @domain.epp_pending_delete.present?
-          render_epp_response '/epp/domains/success_pending'
-        else
-          render_epp_response '/epp/domains/success'
-        end
-      else
-        handle_errors(@domain)
-      end
+      pending = @domain.epp_pending_delete.present?
+      render_epp_response("/epp/domains/success#{'_pending' if pending}")
     end
 
     def check

app/controllers/repp/v1/domains_controller.rb

@@ -2,8 +2,8 @@ require 'serializers/registrant_api/domain'
 module Repp
   module V1
     class DomainsController < BaseController
-      before_action :set_authorized_domain, only: %i[transfer_info]
-      before_action :forward_registrar_id, only: %i[create]
+      before_action :set_authorized_domain, only: %i[transfer_info destroy]
+      before_action :forward_registrar_id, only: %i[create destroy]
       before_action :set_domain, only: %i[show update]
 
       api :GET, '/repp/v1/domains'
@@ -112,6 +112,20 @@ module Repp
         render_success(data: { success: @successful, failed: @errors })
       end
 
+      api :DELETE, '/repp/v1/domains/:domain_name'
+      desc 'Delete specific domain'
+      param :delete, Hash, required: true, desc: 'Object holding verified key' do
+        param :verified, [true, false], required: true, desc: 'Whether to ask registrant verification or not'
+      end
+      def destroy
+        action = Actions::DomainDelete.new(@domain, params, current_user.registrar)
+        handle_errors(@domain) and return unless action.call
+
+        render_success(data: { domain: { name: @domain.name }})
+      end
+
+      private
+
       def initiate_transfer(transfer)
         domain = Epp::Domain.find_or_initialize_by(name: transfer[:domain_name])
         action = Actions::DomainTransfer.new(domain, transfer[:transfer_code],
@@ -125,8 +139,6 @@ module Repp
         end
       end
 
-      private
-
       def transfer_params
         params.require(:data).require(:domain_transfers).each do |t|
           t.require(:domain_name)
@@ -156,7 +168,7 @@ module Repp
         @epp_errors ||= []
         h = {}
         h[transfer_info_params[:id].match?(/\A[0-9]+\z/) ? :id : :name] = transfer_info_params[:id]
-        @domain = Domain.find_by!(h)
+        @domain = Epp::Domain.find_by!(h)
 
         validate_registrar_authorization
       end

app/models/actions/domain_delete.rb

@@ -0,0 +1,57 @@
+module Actions
+  class DomainDelete
+    attr_reader :domain
+    attr_reader :params
+    attr_reader :user
+
+    def initialize(domain, params, user)
+      @domain = domain
+      @params = params
+      @user = user
+    end
+
+    def call
+      return false unless @domain.can_be_deleted?
+
+      verify_not_discarded
+      maybe_attach_legal_doc
+
+      return false if domain.errors.any?
+      return false if domain.errors[:epp_errors].any?
+
+      destroy
+    end
+
+    def maybe_attach_legal_doc
+      Actions::BaseAction.attach_legal_doc_to_new(domain, params[:legal_document], domain: true)
+    end
+
+    def verify_not_discarded
+      return unless domain.discarded?
+
+      domain.add_epp_error('2304', nil, nil, 'Object status prohibits operation')
+    end
+
+    def verify?
+      return false unless Setting.request_confirmation_on_domain_deletion_enabled
+      return false if params[:delete][:verified] == true
+
+      true
+    end
+
+    def destroy
+      if verify?
+        domain.registrant_verification_asked!(params, user.id)
+        domain.pending_delete!
+        domain.manage_automatic_statuses
+      else
+        domain.set_pending_delete!
+      end
+
+      return false if domain.errors.any?
+      return false if domain.errors[:epp_errors].any?
+
+      true
+    end
+  end
+end

lib/deserializers/xml/domain_delete.rb

@@ -0,0 +1,20 @@
+module Deserializers
+  module Xml
+    class DomainDelete
+      attr_reader :frame
+
+      def initialize(frame)
+        @frame = frame
+      end
+
+      def call
+        obj = {}
+        obj[:name] = frame.css('name')&.text
+        verify = frame.css('delete').children.css('delete').attr('verified').to_s.downcase == 'yes'
+        obj[:delete] = { verified: verify }
+
+        obj
+      end
+    end
+  end
+end