diff --git a/app/controllers/admin/pending_deletes_controller.rb b/app/controllers/admin/pending_deletes_controller.rb index a64a34714..2eda703bd 100644 --- a/app/controllers/admin/pending_deletes_controller.rb +++ b/app/controllers/admin/pending_deletes_controller.rb @@ -5,9 +5,7 @@ class Admin::PendingDeletesController < AdminController def update authorize! :update, :pending - @epp_domain = Epp::Domain.find(params[:domain_id]) # only epp domain has apply pending - @epp_domain.is_admin= true - if @epp_domain.apply_pending_delete! + if registrant_verification.domain_registrant_delete_confirm! redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied) else redirect_to admin_edit_domain_path(@domain.id), alert: t(:failure) @@ -17,7 +15,7 @@ class Admin::PendingDeletesController < AdminController def destroy authorize! :destroy, :pending - if @domain.clean_pendings! + if registrant_verification.domain_registrant_delete_reject! redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed) else redirect_to admin_domain_path(@domain.id), alert: t(:failure) @@ -26,6 +24,14 @@ class Admin::PendingDeletesController < AdminController private + def registrant_verification + # steal token + token = @domain.registrant_verification_token + @registrant_verification = RegistrantVerification.new(domain_id: @domain.id, + domain_name: @domain.name, + verification_token: token) + end + def find_domain @domain = Domain.find(params[:domain_id]) end diff --git a/app/controllers/admin/pending_updates_controller.rb b/app/controllers/admin/pending_updates_controller.rb index 4d08297d7..6e41a6c57 100644 --- a/app/controllers/admin/pending_updates_controller.rb +++ b/app/controllers/admin/pending_updates_controller.rb @@ -5,8 +5,7 @@ class Admin::PendingUpdatesController < AdminController def update authorize! :update, :pending - @epp_domain = Epp::Domain.find(params[:domain_id]) # only epp domain has apply pending - if @epp_domain.apply_pending_update! + if registrant_verification.domain_registrant_change_confirm! redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied) else redirect_to edit_admin_domain_path(@domain.id), alert: t(:failure) @@ -15,14 +14,21 @@ class Admin::PendingUpdatesController < AdminController def destroy authorize! :destroy, :pending - - if @domain.clean_pendings! + if registrant_verification.domain_registrant_change_reject! redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed) else redirect_to admin_domain_path(@domain.id), alert: t(:failure) end end + def registrant_verification + # steal token + token = @domain.registrant_verification_token + @registrant_verification = RegistrantVerification.new(domain_id: @domain.id, + domain_name: @domain.name, + verification_token: token) + end + private def find_domain diff --git a/app/jobs/domain_update_confirm_job.rb b/app/jobs/domain_update_confirm_job.rb index 42209d205..be0ada219 100644 --- a/app/jobs/domain_update_confirm_job.rb +++ b/app/jobs/domain_update_confirm_job.rb @@ -4,19 +4,19 @@ class DomainUpdateConfirmJob < Que::Job ActiveRecord::Base.transaction do domain = Epp::Domain.find(domain_id) case action - when RegistrantVerification::CONFIRMED - domain.poll_message!(:poll_pending_update_confirmed_by_registrant) - domain.apply_pending_update! do |e| - e.instance_variable_set("@changed_attributes", e.changed_attributes.merge("statuses"=>[])) - end - domain.clean_pendings! - WhoisRecord.find_by(domain_id: domain.id).save! - when RegistrantVerification::REJECTED - domain.send_mail :pending_update_rejected_notification_for_new_registrant - domain.poll_message!(:poll_pending_update_rejected_by_registrant) - domain.clean_pendings! - domain.instance_variable_set("@changed_attributes", domain.changed_attributes.merge("statuses"=>[])) - domain.save + when RegistrantVerification::CONFIRMED + domain.poll_message!(:poll_pending_update_confirmed_by_registrant) + domain.apply_pending_update! do |e| + e.instance_variable_set("@changed_attributes", e.changed_attributes.merge("statuses"=>[])) + end + domain.clean_pendings! + WhoisRecord.find_by(domain_id: domain.id).save + when RegistrantVerification::REJECTED + domain.send_mail :pending_update_rejected_notification_for_new_registrant + domain.poll_message!(:poll_pending_update_rejected_by_registrant) + domain.clean_pendings! + domain.instance_variable_set("@changed_attributes", domain.changed_attributes.merge("statuses"=>[])) + domain.save end destroy # it's best to destroy the job in the same transaction end diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index 51d4c1c32..d84de4ca6 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -7,6 +7,7 @@ class Epp::Domain < Domain before_validation :manage_permissions def manage_permissions + return if is_admin # this bad hack for 109086524, refactor later return true if is_transfer return unless update_prohibited? || delete_prohibited? add_epp_error('2304', nil, nil, I18n.t(:object_status_prohibits_operation)) diff --git a/app/models/registrant_verification.rb b/app/models/registrant_verification.rb index d0c015ecb..a33751413 100644 --- a/app/models/registrant_verification.rb +++ b/app/models/registrant_verification.rb @@ -12,7 +12,6 @@ class RegistrantVerification < ActiveRecord::Base belongs_to :domain validates :verification_token, :domain_name, :domain, :action, :action_type, presence: true - validates :domain, uniqueness: { scope: [:domain_id, :verification_token] } def domain_registrant_change_confirm! self.action_type = DOMAIN_REGISTRANT_CHANGE