Merge pull request #1774 from internetee/repp-domains

REPP: Domain management

test/integration/admin_area/domain_update_confirms_test.rb

@@ -0,0 +1,80 @@
+require 'test_helper'
+require 'application_system_test_case'
+
+class AdminAreaBlockedDomainsIntegrationTest < JavaScriptApplicationSystemTestCase  
+  setup do
+    WebMock.allow_net_connect!
+    sign_in users(:admin)
+    @domain = domains(:shop)
+  end
+
+  def test_t
+    new_registrant = contacts(:william)
+    assert_not_equal new_registrant, @domain.registrant
+
+    puts new_registrant.name
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <update>
+            <domain:update xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{@domain.name}</domain:name>
+                <domain:chg>
+                  <domain:registrant>#{new_registrant.code}</domain:registrant>
+                </domain:chg>
+            </domain:update>
+          </update>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    post epp_update_path, params: { frame: request_xml },
+          headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    @domain.reload
+
+    puts @domain.registrant
+  end
+
+  private
+
+  def update_registrant_of_domain
+    new_registrant = contacts(:william)
+    assert_not_equal new_registrant, @domain.registrant
+
+    @domain.registrant
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="https://epp.tld.ee/schema/epp-ee-1.0.xsd">
+        <command>
+          <update>
+            <domain:update xmlns:domain="https://epp.tld.ee/schema/domain-eis-1.0.xsd">
+              <domain:name>#{@domain.name}</domain:name>
+                <domain:chg>
+                  <domain:registrant>#{new_registrant.code}</domain:registrant>
+                </domain:chg>
+            </domain:update>
+          </update>
+          <extension>
+            <eis:extdata xmlns:eis="https://epp.tld.ee/schema/eis-1.0.xsd">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    post epp_update_path, params: { frame: request_xml },
+          headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    @domain.reload
+
+    # puts response.body
+    puts @domain.registrant
+  end
+
+end

test/integration/repp/v1/contacts/tech_replace_test.rb

@@ -0,0 +1,68 @@
+require 'test_helper'
+
+class ReppV1ContactsTechReplaceTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_replaces_tech_contacts
+    old_contact = contacts(:john)
+    new_contact = contacts(:william)
+
+    assert DomainContact.where(contact: old_contact, type: 'TechDomainContact').any?
+
+    payload = { current_contact_id: old_contact.code, new_contact_id: new_contact.code}
+    patch "/repp/v1/domains/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_empty ["hospital.test", "library.test"] - json[:data][:affected_domains]
+
+    assert DomainContact.where(contact: old_contact, type: 'TechDomainContact').blank?
+  end
+
+  def test_validates_contact_codes
+    payload = { current_contact_id: 'aaa', new_contact_id: 'bbb'}
+    patch "/repp/v1/domains/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_new_contact_must_be_different
+    old_contact = contacts(:john)
+
+    payload = { current_contact_id: old_contact.code, new_contact_id: old_contact.code }
+    patch "/repp/v1/domains/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+    assert_equal 'New contact must be different from current', json[:message]
+  end
+
+  def test_domain_has_status_tech_change_prohibited
+    domain_shop = domains(:shop)
+    domain_shop_tech_contact_id = domain_shop.tech_domain_contacts[0][:contact_id]
+    old_contact = Contact.find_by(id: domain_shop_tech_contact_id)
+    new_contact = contacts(:john)
+    
+    domain_shop.update(statuses: [DomainStatus::SERVER_TECH_CHANGE_PROHIBITED])
+    domain_shop.reload
+    assert domain_shop.statuses.include? DomainStatus::SERVER_TECH_CHANGE_PROHIBITED
+
+    payload = { current_contact_id: old_contact.code, new_contact_id: new_contact.code }
+    patch "/repp/v1/domains/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_equal json[:data][:skipped_domains], ["shop.test"]
+    assert domain_shop.contacts.find_by(id: domain_shop_tech_contact_id).present?
+  end
+end

test/integration/repp/v1/domains/bulk_renew_test.rb

@@ -106,7 +106,7 @@ class ReppV1DomainsBulkRenewTest < ActionDispatch::IntegrationTest
 
       assert_response :bad_request
       assert_equal 2002, json[:code]
-      assert_equal 'Not enough funds for renew domains', json[:message]
+      assert_equal 'Domain Billing failure - credit balance low', json[:message]
     end
   end
 

test/integration/repp/v1/domains/contacts_test.rb

@@ -0,0 +1,100 @@
+require 'test_helper'
+
+class ReppV1DomainsContactsTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_shows_existing_domain_contacts
+    get "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal @domain.admin_contacts.length, json[:data][:admin_contacts].length
+    assert_equal @domain.tech_contacts.length, json[:data][:tech_contacts].length
+  end
+
+  def test_can_add_new_admin_contacts
+    new_contact = contacts(:john)
+    refute  @domain.admin_contacts.find_by(code: new_contact.code).present?
+
+    payload = { contacts: [ { code: new_contact.code, type: 'admin' } ] }
+    post "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+
+    assert @domain.admin_contacts.find_by(code: new_contact.code).present?
+  end
+
+  def test_can_add_new_tech_contacts
+    new_contact = contacts(:john)
+    refute  @domain.tech_contacts.find_by(code: new_contact.code).present?
+
+    payload = { contacts: [ { code: new_contact.code, type: 'tech' } ] }
+    post "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    @domain.reload
+
+    assert @domain.tech_contacts.find_by(code: new_contact.code).present?
+  end
+
+  def test_can_remove_admin_contacts
+    contact = contacts(:john)
+    payload = { contacts: [ { code: contact.code, type: 'admin' } ] }
+    post "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    assert @domain.admin_contacts.find_by(code: contact.code).present?
+
+    # Actually delete the contact
+    delete "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+
+    refute @domain.admin_contacts.find_by(code: contact.code).present?
+  end
+
+  def test_can_remove_tech_contacts
+    contact = contacts(:john)
+    payload = { contacts: [ { code: contact.code, type: 'tech' } ] }
+    post "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    assert @domain.tech_contacts.find_by(code: contact.code).present?
+
+    # Actually delete the contact
+    delete "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+
+    refute @domain.tech_contacts.find_by(code: contact.code).present?
+  end
+
+  def test_can_not_remove_one_and_only_contact
+    contact = @domain.admin_contacts.last
+
+    payload = { contacts: [ { code: contact.code, type: 'admin' } ] }
+    delete "/repp/v1/domains/#{@domain.name}/contacts", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    @domain.reload
+    assert_response :bad_request
+    assert_equal 2004, json[:code]
+
+    assert @domain.admin_contacts.any?
+  end
+
+end

test/integration/repp/v1/domains/create_test.rb

@@ -0,0 +1,137 @@
+require 'test_helper'
+
+class ReppV1DomainsCreateTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_creates_new_domain_successfully
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: 'domeener.test',
+        registrant: contact.code,
+        period: 1,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @user.registrar.domains.find_by(name: 'domeener.test').present?
+  end
+
+  def test_validates_price_on_domain_create
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: 'domeener.test',
+        registrant: contact.code,
+        period: 3,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2104, json[:code]
+    assert_equal 'Active price missing for this operation!', json[:message]
+
+    refute @user.registrar.domains.find_by(name: 'domeener.test').present?
+  end
+
+  def test_creates_domain_with_predefined_nameservers
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: 'domeener.test',
+        registrant: contact.code,
+        period: 1,
+        period_unit: 'y',
+        nameservers_attributes: [
+          { hostname: 'ns1.domeener.ee' },
+          { hostname: 'ns2.domeener.ee' }
+        ]
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    domain = @user.registrar.domains.find_by(name: 'domeener.test')
+    assert domain.present?
+    assert_empty ['ns1.domeener.ee', 'ns2.domeener.ee'] - domain.nameservers.collect(&:hostname)
+  end
+
+  def test_creates_domain_with_custom_contacts
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+    admin_contact = contacts(:william)
+    tech_contact = contacts(:jane)
+
+    payload = {
+      domain: {
+        name: 'domeener.test',
+        registrant: contact.code,
+        period: 1,
+        period_unit: 'y',
+        admin_contacts: [ admin_contact.code ],
+        tech_contacts: [ tech_contact.code ],
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    domain = @user.registrar.domains.find_by(name: 'domeener.test')
+    assert domain.present?
+    assert_equal tech_contact, domain.tech_domain_contacts.first.contact
+    assert_equal admin_contact, domain.admin_domain_contacts.first.contact
+  end
+
+  def test_creates_new_domain_with_desired_transfer_code
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: 'domeener.test',
+        registrant: contact.code,
+        transfer_code: 'ABADIATS',
+        period: 1,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @user.registrar.domains.find_by(name: 'domeener.test').present?
+    assert_equal 'ABADIATS', @user.registrar.domains.find_by(name: 'domeener.test').transfer_code
+  end
+end

test/integration/repp/v1/domains/delete_test.rb

@@ -0,0 +1,54 @@
+require 'test_helper'
+
+class ReppV1DomainsDeleteTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_domain_pending_delete_confirmation
+    Setting.request_confirmation_on_domain_deletion_enabled = true
+    @auth_headers['Content-Type'] = 'application/json'
+
+    payload = {
+      delete: {
+        verified: false
+      }
+    }
+
+    delete "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @domain.statuses.include? DomainStatus::PENDING_DELETE_CONFIRMATION
+    assert_not @domain.statuses.include? DomainStatus::PENDING_DELETE
+  end
+
+  def test_domain_pending_delete_on_verified_delete
+    Setting.request_confirmation_on_domain_deletion_enabled = true
+    @auth_headers['Content-Type'] = 'application/json'
+
+    payload = {
+      delete: {
+        verified: true
+      }
+    }
+
+    delete "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    refute @domain.statuses.include? DomainStatus::PENDING_DELETE_CONFIRMATION
+    assert @domain.statuses.include? DomainStatus::PENDING_DELETE
+  end
+end

test/integration/repp/v1/domains/dnssec_test.rb

@@ -0,0 +1,96 @@
+require 'test_helper'
+
+class ReppV1DomainsDnssecTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_shows_dnssec_keys_associated_with_domain
+    get "/repp/v1/domains/#{@domain.name}/dnssec", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_empty json[:data][:dns_keys]
+
+    payload = {
+      dns_keys: [
+        { flags: '256',
+          alg: '14',
+          protocol: '3',
+          public_key: 'dGVzdA=='
+        }
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/dnssec", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    get "/repp/v1/domains/#{@domain.name}/dnssec", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_equal 1, json[:data][:dns_keys].length
+  end
+
+  def test_creates_dnssec_key_successfully
+    assert @domain.dnskeys.empty?
+    payload = {
+      dns_keys: [
+        { flags: '256',
+          alg: '14',
+          protocol: '3',
+          public_key: 'dGVzdA=='
+        }
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/dnssec", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    @domain.reload
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @domain.dnskeys.present?
+    dnssec_key = @domain.dnskeys.last
+    assert_equal payload[:dns_keys][0][:flags].to_i, dnssec_key.flags
+    assert_equal payload[:dns_keys][0][:alg].to_i, dnssec_key.alg
+    assert_equal payload[:dns_keys][0][:protocol].to_i, dnssec_key.protocol
+    assert_equal payload[:dns_keys][0][:public_key], dnssec_key.public_key
+  end
+
+  def test_removes_existing_dnssec_key_successfully
+    payload = {
+      dns_keys: [
+        { flags: '256',
+          alg: '14',
+          protocol: '3',
+          public_key: 'dGVzdA=='
+        }
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/dnssec", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert @domain.dnskeys.any?
+
+    # Real delete here
+    delete "/repp/v1/domains/#{@domain.name}/dnssec", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    @domain.reload
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @domain.dnskeys.empty?
+  end
+end

test/integration/repp/v1/domains/list_test.rb

@@ -51,4 +51,17 @@ class ReppV1DomainsListTest < ActionDispatch::IntegrationTest
 
     assert_equal (@user.registrar.domains.count - offset), json[:data][:domains].length
   end
+
+  def test_returns_specific_domain_details_by_name
+    domain = domains(:shop)
+    get "/repp/v1/domains/#{domain.name}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    serialized_domain = Serializers::Repp::Domain.new(domain).to_json
+    assert_equal serialized_domain.as_json, json[:data][:domain].as_json
+  end
 end

test/integration/repp/v1/domains/nameservers_test.rb

@@ -0,0 +1,94 @@
+require 'test_helper'
+
+class ReppV1DomainsNameserversTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_can_add_new_nameserver
+    payload = {
+      nameservers: [
+        { hostname: "ns1.domeener.ee",
+          ipv4: ["192.168.1.1"],
+          ipv6: ["FE80::AEDE:48FF:FE00:1122"]}
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/nameservers", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal payload[:nameservers][0][:hostname], @domain.nameservers.last.hostname
+    assert_equal payload[:nameservers][0][:ipv4], @domain.nameservers.last.ipv4
+    assert_equal payload[:nameservers][0][:ipv6], @domain.nameservers.last.ipv6
+  end
+
+  def test_can_remove_existing_nameserver
+    payload = {
+      nameservers: [
+        { hostname: "ns1.domeener.ee",
+          ipv4: ["192.168.1.1"],
+          ipv6: ["FE80::AEDE:48FF:FE00:1122"]}
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/nameservers", params: payload, headers: @auth_headers
+    assert_response :ok
+
+    @domain.reload
+    assert @domain.nameservers.where(hostname: payload[:nameservers][0][:hostname]).any?
+
+    delete "/repp/v1/domains/#{@domain.name}/nameservers/#{payload[:nameservers][0][:hostname]}",
+           params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+   @domain.reload
+   refute @domain.nameservers.where(hostname: payload[:nameservers][0][:hostname]).any?
+  end
+
+  def test_can_not_add_duplicate_nameserver
+    payload = {
+      nameservers: [
+        { hostname: @domain.nameservers.last.hostname,
+          ipv4: @domain.nameservers.last.ipv4,
+          ipv6: @domain.nameservers.last.ipv6 }
+      ]
+    }
+
+    post "/repp/v1/domains/#{@domain.name}/nameservers", params: payload, headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2302, json[:code]
+    assert_equal 'Nameserver already exists on this domain [hostname]', json[:message]
+  end
+
+  def test_returns_errors_when_removing_unknown_nameserver
+    delete "/repp/v1/domains/#{@domain.name}/nameservers/ns.nonexistant.test", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_returns_error_when_ns_count_too_low
+    delete "/repp/v1/domains/#{@domain.name}/nameservers/#{@domain.nameservers.last.hostname}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2308, json[:code]
+    assert_equal 'Data management policy violation; Nameserver count must be between 2-11 for active ' \
+                 'domains [nameservers]', json[:message]
+  end
+end

test/integration/repp/v1/domains/renews_test.rb

@@ -0,0 +1,66 @@
+require 'test_helper'
+
+class ReppV1DomainsRenewsTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_domain_can_be_renewed
+    original_valid_to = @domain.valid_to
+    travel_to Time.zone.parse('2010-07-05')
+
+    @auth_headers['Content-Type'] = 'application/json'
+    payload = { renew: { period: 1, period_unit: 'y', exp_date: original_valid_to } }
+    post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @domain.valid_to, original_valid_to + 1.year
+  end
+
+  def test_domain_renew_pricing_error
+    original_valid_to = @domain.valid_to
+    travel_to Time.zone.parse('2010-07-05')
+
+    @auth_headers['Content-Type'] = 'application/json'
+    payload = { renew: { period: 100, period_unit: 'y', exp_date: original_valid_to } }
+    post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2104, json[:code]
+    assert_equal 'Active price missing for this operation!', json[:message]
+
+    assert @domain.valid_to, original_valid_to
+  end
+
+  def test_some_test
+    days_to_renew_domain_before_expire = setting_entries(:days_to_renew_domain_before_expire)
+    days_to_renew_domain_before_expire.update(value: '1')
+    days_to_renew_domain_before_expire.reload
+
+    original_valid_to = @domain.valid_to
+    travel_to @domain.valid_to - 3.days
+
+    one_year = billing_prices(:renew_one_year)
+    one_year.update(valid_from: @domain.valid_to - 5.days)
+    one_year.reload
+
+    @auth_headers['Content-Type'] = 'application/json'
+    payload = { renew: { period: 1, period_unit: 'y', exp_date: original_valid_to } }
+    post "/repp/v1/domains/#{@domain.name}/renew", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+    assert_equal 'Object status prohibits operation', json[:message]
+  end
+end

test/integration/repp/v1/domains/statuses_test.rb

@@ -0,0 +1,82 @@
+require 'test_helper'
+
+class ReppV1DomainsStatusesTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_client_hold_can_be_added
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+    put repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    @domain.reload
+
+    assert @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+  end
+
+  def test_client_hold_can_be_removed
+    statuses = @domain.statuses << DomainStatus::CLIENT_HOLD
+    @domain.update(statuses: statuses)
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+
+    assert_response :ok
+    @domain.reload
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+  end
+
+  def test_can_not_remove_disallowed_statuses
+    statuses = @domain.statuses << DomainStatus::FORCE_DELETE
+    @domain.update(statuses: statuses)
+
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::FORCE_DELETE), headers: @auth_headers
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status serverForceDelete', json[:message]
+
+    assert @domain.statuses.include?(DomainStatus::FORCE_DELETE)
+  end
+
+  def test_can_not_add_disallowed_statuses
+    put repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::DELETE_CANDIDATE), headers: @auth_headers
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status deleteCandidate', json[:message]
+
+    refute @domain.statuses.include?(DomainStatus::DELETE_CANDIDATE)
+  end
+
+  def test_can_not_remove_unexistant_status
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status clientHold', json[:message]
+  end
+
+  def test_returns_normal_error_when_action_fails
+    @invalid_domain = domains(:invalid)
+
+    put repp_v1_domain_status_path(domain_id: @invalid_domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+
+    delete repp_v1_domain_status_path(domain_id: @invalid_domain.name, id: DomainStatus::FORCE_DELETE), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2306, json[:code]
+  end
+
+end

test/integration/repp/v1/domains/transfer_info_test.rb

@@ -28,6 +28,7 @@ class ReppV1DomainsTransferInfoTest < ActionDispatch::IntegrationTest
   def test_respects_domain_authorization_code
     headers = @auth_headers
     headers['Auth-Code'] = 'jhfgifhdg'
+    @domain.update!(registrar: registrars(:goodnames))
 
     get "/repp/v1/domains/#{@domain.name}/transfer_info", headers: headers
     json = JSON.parse(response.body, symbolize_names: true)

test/integration/repp/v1/domains/transfer_test.rb

@@ -10,6 +10,34 @@ class ReppV1DomainsTransferTest < ActionDispatch::IntegrationTest
     @auth_headers = { 'Authorization' => token }
   end
 
+  def test_transfers_scoped_domain
+    refute @domain.registrar == @user.registrar
+    payload = { transfer: { transfer_code: @domain.transfer_code } }
+    post "/repp/v1/domains/#{@domain.name}/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+    @domain.reload
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal @domain.registrar, @user.registrar
+  end
+
+  def test_does_not_transfer_scoped_domain_with_invalid_transfer_code
+    refute @domain.registrar == @user.registrar
+    payload = { transfer: { transfer_code: 'invalid' } }
+    post "/repp/v1/domains/#{@domain.name}/transfer", headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+    @domain.reload
+
+    assert_response :bad_request
+    assert_equal 2202, json[:code]
+    assert_equal 'Invalid authorization information', json[:message]
+
+    refute @domain.registrar == @user.registrar
+  end
+
   def test_transfers_domain
     payload = {
       "data": {

test/integration/repp/v1/domains/update_test.rb

@@ -0,0 +1,85 @@
+require 'test_helper'
+
+class ReppV1DomainsUpdateTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_updates_transfer_code_for_domain
+    @auth_headers['Content-Type'] = 'application/json'
+    new_auth_code = 'aisdcbkabcsdnc'
+
+    payload = {
+      domain: {
+        auth_code: new_auth_code
+      }
+    }
+
+    put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert new_auth_code, @domain.auth_info
+  end
+
+  def test_domain_pending_update_on_registrant_change
+    Setting.request_confirmation_on_registrant_change_enabled = true
+
+    @auth_headers['Content-Type'] = 'application/json'
+    new_registrant = contacts(:william)
+    refute @domain.registrant == new_registrant
+
+    payload = {
+      domain: {
+        registrant: {
+          code: new_registrant.code
+        }
+      }
+    }
+
+    put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    refute @domain.registrant.code == new_registrant.code
+    assert @domain.statuses.include? DomainStatus::PENDING_UPDATE
+  end
+
+  def test_replaces_registrant_when_verified
+    Setting.request_confirmation_on_registrant_change_enabled = true
+
+    @auth_headers['Content-Type'] = 'application/json'
+    new_registrant = contacts(:william)
+    refute @domain.registrant == new_registrant
+
+    payload = {
+      domain: {
+        registrant: {
+          code: new_registrant.code,
+          verified: true
+        }
+      }
+    }
+
+    put "/repp/v1/domains/#{@domain.name}", headers: @auth_headers, params: payload.to_json
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @domain.registrant.code == new_registrant.code
+    refute @domain.statuses.include? DomainStatus::PENDING_UPDATE
+  end
+end

test/integration/repp/v1/registrar/nameservers_test.rb

@@ -101,4 +101,79 @@ class ReppV1RegistrarNameserversTest < ActionDispatch::IntegrationTest
     assert_equal 2005, json[:code]
     assert_equal 'IPv6 is invalid [ipv6]', json[:message]
   end
+
+  def test_ipv4_isnt_array
+    nameserver = nameservers(:shop_ns1)
+    payload = {
+      "data": {
+        "id": nameserver.hostname,
+        "type": "nameserver",
+        "domains": ["shop.test", "airport.test", "library.test", "metro.test"],
+        "attributes": {
+          "hostname": nameserver.hostname,
+          "ipv4": "1.1.1.1",
+          "ipv6": ["2620:119:352::36"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2005, json[:code]
+    assert json[:message].include? 'Must be an array of String'
+  end
+
+  def test_ipv6_isnt_array
+    nameserver = nameservers(:shop_ns1)
+    payload = {
+      "data": {
+        "id": nameserver.hostname,
+        "type": "nameserver",
+        "domains": ["shop.test", "airport.test", "library.test", "metro.test"],
+        "attributes": {
+          "hostname": nameserver.hostname,
+          "ipv4": ["1.1.1.1"],
+          "ipv6": "2620:119:352::36"
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 2005, json[:code]
+    assert json[:message].include? 'Must be an array of String'
+  end
+
+  def test_bulk_nameservers_change_in_array_of_domains
+    domain_shop = domains(:shop)
+    domain_airport = domains(:airport)
+
+    payload = {
+      "data": {
+        "type": "nameserver",
+        "id": "ns1.bestnames.test",
+        "domains": ["shop.test", "airport.test"],
+        "attributes": {
+          "hostname": "ns4.bestnames.test",
+          "ipv4": ["192.168.1.1"],
+          "ipv6": ["2620:119:35::36"]
+        }
+      }
+    }
+
+    put '/repp/v1/registrar/nameservers', headers: @auth_headers, params: payload
+    json = JSON.parse(response.body, symbolize_names: true)
+    domain_airport.reload
+    domain_shop.reload
+
+    refute domain_shop.nameservers.find_by(hostname: 'ns1.bestnames.test').present?
+    assert domain_shop.nameservers.find_by(hostname: 'ns4.bestnames.test').present?
+    assert_equal({ hostname: "ns4.bestnames.test", ipv4: ["192.168.1.1"], ipv6: ["2620:119:35::36"] }, json[:data][:attributes])
+    assert json[:data][:affected_domains].include? 'airport.test'
+    assert json[:data][:affected_domains].include? 'shop.test'
+  end
 end

test/integration/repp/v1/registrar/notifications_test.rb

@@ -0,0 +1,50 @@
+require 'test_helper'
+
+class ReppV1RegistrarNotificationsTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_gets_latest_unread_poll_message
+    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).first
+    get "/repp/v1/registrar/notifications", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal notification.text, json[:data][:text]
+  end
+
+  def test_can_read_specific_notification_by_id
+    notification = @user.registrar.notifications.order(created_at: :desc).second
+
+    get "/repp/v1/registrar/notifications/#{notification.id}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal notification.text, json[:data][:text]
+  end
+
+  def test_can_mark_notification_as_read
+    @auth_headers['Content-Type'] = 'application/json'
+    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).first
+
+    payload = { notification: { read: true} }
+    put "/repp/v1/registrar/notifications/#{notification.id}", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    notification.reload
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+    assert_equal notification.id, json[:data][:notification_id]
+    assert_equal notification.read, json[:data][:read]
+  end
+end

test/integration/repp/v1/retained_domains_test.rb

@@ -77,7 +77,7 @@ class ReppV1RetainedDomainsTest < ActionDispatch::IntegrationTest
                           status: 'disputed',
                           punycode_name: 'reserved.test' }]
 
-    assert_empty response_json[:domains] - expected_objects
+    assert_equal response_json[:domains].to_set, expected_objects.to_set
   end
 
   def test_etags_cache

test/jobs/domain_update_confirm_job_test.rb

@@ -1,4 +1,6 @@
 require "test_helper"
+require 'deserializers/xml/domain_update'
+
 class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
   def setup
     super
@@ -55,7 +57,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
 
     @domain.reload
@@ -71,7 +75,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
 
     DomainUpdateConfirmJob.perform_now(@domain.id, RegistrantVerification::REJECTED)
@@ -86,7 +92,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
     @domain.update(statuses: [DomainStatus::DELETE_CANDIDATE, DomainStatus::DISPUTED])
 
@@ -104,7 +112,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
     @domain.update(statuses: [DomainStatus::DELETE_CANDIDATE, DomainStatus::DISPUTED])
 
@@ -122,7 +132,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
     @domain.update(statuses: [DomainStatus::PENDING_UPDATE])
     @domain.nameservers.destroy_all
@@ -142,7 +154,9 @@ class DomainUpdateConfirmJobTest < ActiveSupport::TestCase
     "        <chg>\n          <registrant>#{@new_registrant.code}</registrant>\n        </chg>\n      </update>\n    </update>\n    <extension>\n      <update/>\n" \
     "      <extdata>\n        <legalDocument type=\"pdf\">#{@legal_doc_path}</legalDocument>\n      </extdata>\n" \
     "    </extension>\n    <clTRID>20alla-1594199756</clTRID>\n  </command>\n</epp>\n"
-    @domain.pending_json['frame'] = epp_xml
+    parsed_frame = Deserializers::Xml::DomainUpdate.new(Nokogiri::XML(epp_xml), @domain.registrar.id).call
+
+    @domain.pending_json['frame'] = parsed_frame
     @domain.update(pending_json: @domain.pending_json)
     @domain.update(statuses: [DomainStatus::OK, DomainStatus::PENDING_UPDATE])