diff --git a/app/helpers/epp/domains_helper.rb b/app/helpers/epp/domains_helper.rb index 9d049e7ed..65b34e458 100644 --- a/app/helpers/epp/domains_helper.rb +++ b/app/helpers/epp/domains_helper.rb @@ -105,16 +105,23 @@ module Epp::DomainsHelper ## CREATE def validate_domain_create_request + ret = true + @ph = params_hash['epp']['command']['create']['create'] # TODO: Verify contact presence if registrant is juridical attrs_present = xml_attrs_present?(@ph, [['name'], ['ns'], ['registrant']]) - return false unless attrs_present + ret = false unless attrs_present + + if parsed_frame.css('hostObj').any? + epp_errors << { code: '2306', msg: I18n.t('host_obj_is_not_allowed') } + ret = false + end if parsed_frame.css('dsData').count > 0 && parsed_frame.css('create > keyData').count > 0 epp_errors << { code: '2306', msg: I18n.t('shared.ds_data_and_key_data_must_not_exists_together') } - return false + ret = false end - true + ret end def domain_create_params diff --git a/config/locales/en.yml b/config/locales/en.yml index da8dc2c87..2b9da78f3 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -422,3 +422,4 @@ en: registrar: 'Registrar' transfer_requested: 'Transfer requested.' message_was_not_found: 'Message was not found' + host_obj_is_not_allowed: 'hostObj object is not allowed' diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb index 83076ba3d..7c4087df6 100644 --- a/spec/epp/domain_spec.rb +++ b/spec/epp/domain_spec.rb @@ -263,9 +263,17 @@ describe 'EPP Domain', epp: true do it 'validates nameserver ipv4 when in same zone as domain' do xml = domain_create_xml({ ns: [ - { hostObj: { value: 'ns1.example.ee' } }, - { hostObj: { value: 'ns2.example.ee' } } - ] + { + hostAttr: [ + { hostName: { value: 'ns1.example.ee' } } + ] + }, + { + hostAttr: { + hostName: { value: 'ns2.example.ee' } + } + } + ], }) response = epp_request(xml, :xml) @@ -309,7 +317,13 @@ describe 'EPP Domain', epp: true do it 'does not create domain with too many nameservers' do nameservers = [] - 14.times { |i| nameservers << { hostObj: { value: "ns#{i}.example.net" } } } + 14.times do |i| + nameservers << { + hostAttr: { + hostName: { value: "ns#{i}.example.net" } + } + } + end xml = domain_create_xml(ns: nameservers) response = epp_request(xml, :xml) @@ -320,8 +334,16 @@ describe 'EPP Domain', epp: true do it 'returns error when invalid nameservers are present' do xml = domain_create_xml({ ns: [ - { hostObj: { value: 'invalid1-' } }, - { hostObj: { value: '-invalid2' } } + { + hostAttr: { + hostName: { value: 'invalid1-' } + } + }, + { + hostAttr: { + hostName: { value: '-invalid2' } + } + } ] }) @@ -330,6 +352,23 @@ describe 'EPP Domain', epp: true do expect(response[:msg]).to eq('Hostname is invalid') end + it 'does not allow hostObj' do + xml = domain_create_xml({ + ns: [ + { + hostObj: { value: 'ns1.example.ee' } + }, + { + hostObj: { value: 'ns2.example.ee' } + }, + ] + }) + + response = epp_request(xml, :xml) + expect(response[:result_code]).to eq('2306') + expect(response[:msg]).to eq('hostObj object is not allowed') + end + it 'creates domain with nameservers with ips' do epp_request(domain_create_with_host_attrs, :xml) expect(Domain.first.nameservers.count).to eq(2) diff --git a/spec/support/epp.rb b/spec/support/epp.rb index b32d314b3..ceb3fad69 100644 --- a/spec/support/epp.rb +++ b/spec/support/epp.rb @@ -70,8 +70,18 @@ module Epp name: { value: 'example.ee' }, period: { value: '1', attrs: { unit: 'y' } }, ns: [ - { hostObj: { value: 'ns1.example.net' } }, - { hostObj: { value: 'ns2.example.net' } } + { + hostAttr: [ + { hostName: { value: 'ns1.example.net' } }, + { hostAddr: { value: '192.0.2.2', attrs: { ip: 'v4' } } }, + { hostAddr: { value: '1080:0:0:0:8:800:200C:417A', attrs: { ip: 'v6' } } } + ] + }, + { + hostAttr: { + hostName: { value: 'ns2.example.net' } + } + } ], registrant: { value: 'jd1234' }, _anonymus: [