From 3dd17f83f36fd2813304e69dc4a2a473b302a7f6 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 8 Apr 2018 22:55:53 +0300 Subject: [PATCH 01/72] Remove unneeded attribute alias #791 --- app/models/concerns/domain/force_delete.rb | 4 ---- app/presenters/domain_presenter.rb | 2 +- app/views/admin/domains/partials/_general.html.erb | 4 ++-- config/locales/admin/domains.en.yml | 1 - spec/models/concerns/domain/force_delete_spec.rb | 2 -- spec/presenters/domain_presenter_spec.rb | 4 ++-- 6 files changed, 5 insertions(+), 12 deletions(-) diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index 96f1a94b3..30dc1b1ec 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -1,10 +1,6 @@ module Concerns::Domain::ForceDelete extend ActiveSupport::Concern - included do - alias_attribute :force_delete_time, :force_delete_at - end - def force_delete_scheduled? statuses.include?(DomainStatus::FORCE_DELETE) end diff --git a/app/presenters/domain_presenter.rb b/app/presenters/domain_presenter.rb index 9597330b8..cf117a1fb 100644 --- a/app/presenters/domain_presenter.rb +++ b/app/presenters/domain_presenter.rb @@ -23,7 +23,7 @@ class DomainPresenter end def force_delete_date - view.l(domain.force_delete_time, format: :date) if domain.force_delete_time + view.l(domain.force_delete_at, format: :date) if domain.force_delete_at end def admin_contact_names diff --git a/app/views/admin/domains/partials/_general.html.erb b/app/views/admin/domains/partials/_general.html.erb index eeeef6eb5..0c2da7bbd 100644 --- a/app/views/admin/domains/partials/_general.html.erb +++ b/app/views/admin/domains/partials/_general.html.erb @@ -34,8 +34,8 @@
<%= t('.delete_time') %>
<%= l(@domain.delete_at) %>
-
<%= t('.force_delete_time') %>
-
<%= l(@domain.force_delete_at) %>
+
<%= Domain.human_attribute_name :force_delete_at %>
+
<%= l @domain.force_delete_at %>
diff --git a/config/locales/admin/domains.en.yml b/config/locales/admin/domains.en.yml index 200657d01..8d66347ae 100644 --- a/config/locales/admin/domains.en.yml +++ b/config/locales/admin/domains.en.yml @@ -29,7 +29,6 @@ en: general: outzone_time: Outzone time delete_time: Delete time - force_delete_time: Force delete time admin_contacts: title: Admin. contacts diff --git a/spec/models/concerns/domain/force_delete_spec.rb b/spec/models/concerns/domain/force_delete_spec.rb index cc022a6d7..8a82faa8e 100644 --- a/spec/models/concerns/domain/force_delete_spec.rb +++ b/spec/models/concerns/domain/force_delete_spec.rb @@ -1,8 +1,6 @@ require 'rails_helper' RSpec.describe Domain do - it { is_expected.to alias_attribute(:force_delete_time, :force_delete_at) } - before :example do create(:zone, origin: 'ee') end diff --git a/spec/presenters/domain_presenter_spec.rb b/spec/presenters/domain_presenter_spec.rb index 3726960b4..c83ca58ca 100644 --- a/spec/presenters/domain_presenter_spec.rb +++ b/spec/presenters/domain_presenter_spec.rb @@ -63,7 +63,7 @@ RSpec.describe DomainPresenter do subject(:force_delete_date) { presenter.force_delete_date } context 'when present' do - let(:domain) { instance_double(Domain, force_delete_time: '05.07.2010') } + let(:domain) { instance_double(Domain, force_delete_at: '05.07.2010') } it 'returns localized date' do expect(view).to receive(:l).with('05.07.2010', format: :date).and_return('delete date') @@ -72,7 +72,7 @@ RSpec.describe DomainPresenter do end context 'when absent' do - let(:domain) { instance_double(Domain, force_delete_time: nil) } + let(:domain) { instance_double(Domain, force_delete_at: nil) } specify { expect(force_delete_date).to be_nil } end From be8ce276c71a6b2ec2736bef23cb17582a13b940 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sat, 21 Apr 2018 23:27:09 +0300 Subject: [PATCH 02/72] Refactor domain "force delete" operation #791 --- app/models/concerns/domain/force_delete.rb | 45 ++++---- .../concerns/domain/force_delete_spec.rb | 100 ------------------ test/models/domain/force_delete_test.rb | 40 +++++++ 3 files changed, 61 insertions(+), 124 deletions(-) delete mode 100644 spec/models/concerns/domain/force_delete_spec.rb create mode 100644 test/models/domain/force_delete_test.rb diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index 30dc1b1ec..ec5c651be 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -6,21 +6,6 @@ module Concerns::Domain::ForceDelete end def schedule_force_delete - self.statuses_backup = statuses - statuses.delete(DomainStatus::CLIENT_DELETE_PROHIBITED) - statuses.delete(DomainStatus::SERVER_DELETE_PROHIBITED) - statuses.delete(DomainStatus::PENDING_UPDATE) - statuses.delete(DomainStatus::PENDING_TRANSFER) - statuses.delete(DomainStatus::PENDING_RENEW) - statuses.delete(DomainStatus::PENDING_CREATE) - - statuses.delete(DomainStatus::FORCE_DELETE) - statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED) - statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED) - statuses.delete(DomainStatus::SERVER_UPDATE_PROHIBITED) - statuses.delete(DomainStatus::SERVER_MANUAL_INZONE) - statuses.delete(DomainStatus::PENDING_DELETE) - statuses << DomainStatus::FORCE_DELETE statuses << DomainStatus::SERVER_RENEW_PROHIBITED statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED @@ -31,20 +16,32 @@ module Concerns::Domain::ForceDelete statuses << DomainStatus::SERVER_MANUAL_INZONE end - self.force_delete_at = (Time.zone.now + (Setting.redemption_grace_period.days + 1.day)).utc.beginning_of_day unless force_delete_at - save!(validate: false) + self.force_delete_at = (Time.zone.now + (Setting.redemption_grace_period.days + 1.day)).utc + .beginning_of_day + stop_all_pending_actions + save(validate: false) end def cancel_force_delete - s = [] - s << DomainStatus::EXPIRED if statuses.include?(DomainStatus::EXPIRED) - s << DomainStatus::SERVER_HOLD if statuses.include?(DomainStatus::SERVER_HOLD) - s << DomainStatus::DELETE_CANDIDATE if statuses.include?(DomainStatus::DELETE_CANDIDATE) - - self.statuses = (statuses_backup + s).uniq + statuses.delete(DomainStatus::FORCE_DELETE) + statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED) + statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED) + statuses.delete(DomainStatus::SERVER_UPDATE_PROHIBITED) + statuses.delete(DomainStatus::PENDING_DELETE) + statuses.delete(DomainStatus::SERVER_MANUAL_INZONE) self.force_delete_at = nil - self.statuses_backup = [] save(validate: false) end + + private + + def stop_all_pending_actions + statuses.delete(DomainStatus::CLIENT_DELETE_PROHIBITED) + statuses.delete(DomainStatus::SERVER_DELETE_PROHIBITED) + statuses.delete(DomainStatus::PENDING_UPDATE) + statuses.delete(DomainStatus::PENDING_TRANSFER) + statuses.delete(DomainStatus::PENDING_RENEW) + statuses.delete(DomainStatus::PENDING_CREATE) + end end diff --git a/spec/models/concerns/domain/force_delete_spec.rb b/spec/models/concerns/domain/force_delete_spec.rb deleted file mode 100644 index 8a82faa8e..000000000 --- a/spec/models/concerns/domain/force_delete_spec.rb +++ /dev/null @@ -1,100 +0,0 @@ -require 'rails_helper' - -RSpec.describe Domain do - before :example do - create(:zone, origin: 'ee') - end - - it 'should set force delete time' do - domain = build(:domain) - domain.nameservers.build(attributes_for(:nameserver)) - domain.nameservers.build(attributes_for(:nameserver)) - domain.save! - - domain.statuses = ['ok'] - domain.schedule_force_delete - - domain.statuses.should match_array([ - "serverForceDelete", - "pendingDelete", - "serverManualInzone", - "serverRenewProhibited", - "serverTransferProhibited", - "serverUpdateProhibited" - ]) - - domain.cancel_force_delete - - domain.statuses.should == ['ok'] - - domain.statuses = [ - DomainStatus::CLIENT_DELETE_PROHIBITED, - DomainStatus::SERVER_DELETE_PROHIBITED, - DomainStatus::PENDING_UPDATE, - DomainStatus::PENDING_TRANSFER, - DomainStatus::PENDING_RENEW, - DomainStatus::PENDING_CREATE, - DomainStatus::CLIENT_HOLD, - DomainStatus::EXPIRED, - DomainStatus::SERVER_HOLD, - DomainStatus::DELETE_CANDIDATE - ] - - domain.save - - domain.schedule_force_delete - - domain.statuses.should match_array([ - "clientHold", - "deleteCandidate", - "expired", - "serverForceDelete", - "pendingDelete", - "serverHold", - "serverRenewProhibited", - "serverTransferProhibited", - "serverUpdateProhibited" - ]) - - domain.cancel_force_delete - - domain.statuses.should match_array([ - "clientDeleteProhibited", - "clientHold", - "deleteCandidate", - "expired", - "pendingCreate", - "pendingRenew", - "pendingTransfer", - "pendingUpdate", - "serverDeleteProhibited", - "serverHold" - ]) - end - - it 'should should be manual in zone and held after force delete' do - domain = create(:domain) - Setting.redemption_grace_period = 1 - - domain.valid? - domain.outzone_at = Time.zone.now + 1.day # before redemption grace period - # what should this be? - # domain.server_holdable?.should be true - domain.statuses.include?(DomainStatus::SERVER_HOLD).should be false - domain.statuses.include?(DomainStatus::SERVER_MANUAL_INZONE).should be false - domain.schedule_force_delete - domain.server_holdable?.should be false - domain.statuses.include?(DomainStatus::SERVER_MANUAL_INZONE).should be true - domain.statuses.include?(DomainStatus::SERVER_HOLD).should be false - end - - it 'should not allow update after force delete' do - domain = create(:domain) - domain.valid? - domain.pending_update_prohibited?.should be false - domain.update_prohibited?.should be false - domain.schedule_force_delete - domain.pending_update_prohibited?.should be true - domain.update_prohibited?.should be true - end -end diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb new file mode 100644 index 000000000..27b792fe7 --- /dev/null +++ b/test/models/domain/force_delete_test.rb @@ -0,0 +1,40 @@ +require 'test_helper' + +class DomainForceDeleteTest < ActiveSupport::TestCase + def setup + @domain = domains(:shop) + end + + def test_schedule_force_delete + @original_redemption_grace_period = Setting.redemption_grace_period + Setting.redemption_grace_period = 30 + travel_to Time.zone.parse('2010-07-05 00:00') + + @domain.schedule_force_delete + + assert @domain.force_delete_scheduled? + assert_equal Time.zone.parse('2010-08-04 03:00'), @domain.force_delete_at + + travel_back + Setting.redemption_grace_period = @original_redemption_grace_period + end + + def test_scheduling_force_delete_bypasses_validation + @domain = domains(:invalid) + @domain.schedule_force_delete + assert @domain.force_delete_scheduled? + end + + def test_cancel_force_delete + @domain.cancel_force_delete + assert_not @domain.force_delete_scheduled? + assert_nil @domain.force_delete_at + end + + def test_cancelling_force_delete_bypasses_validation + @domain = domains(:invalid) + @domain.schedule_force_delete + @domain.cancel_force_delete + assert_not @domain.force_delete_scheduled? + end +end From ed6f067a8d861f130fc74b90eab2970f054cbef8 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 22 Apr 2018 16:14:17 +0300 Subject: [PATCH 03/72] Require a domain to be discarded before cancelling force delete #791 --- app/models/concerns/domain/force_delete.rb | 2 ++ test/models/domain/force_delete_test.rb | 14 +++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index ec5c651be..bf67a33f2 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -23,6 +23,8 @@ module Concerns::Domain::ForceDelete end def cancel_force_delete + raise 'Domain must be discarded before cancelling force delete procedure' unless discarded? + statuses.delete(DomainStatus::FORCE_DELETE) statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED) statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED) diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index 27b792fe7..328a45658 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -11,6 +11,7 @@ class DomainForceDeleteTest < ActiveSupport::TestCase travel_to Time.zone.parse('2010-07-05 00:00') @domain.schedule_force_delete + @domain.reload assert @domain.force_delete_scheduled? assert_equal Time.zone.parse('2010-08-04 03:00'), @domain.force_delete_at @@ -25,14 +26,25 @@ class DomainForceDeleteTest < ActiveSupport::TestCase assert @domain.force_delete_scheduled? end - def test_cancel_force_delete + def test_cancelling_force_delete_on_discarded_domain + @domain.discard + @domain.schedule_force_delete @domain.cancel_force_delete + @domain.reload assert_not @domain.force_delete_scheduled? assert_nil @domain.force_delete_at end + def test_cancelling_force_delete_requires_a_domain_to_be_discarded + @domain.schedule_force_delete + assert_raises StandardError do + @domain.cancel_force_delete + end + end + def test_cancelling_force_delete_bypasses_validation @domain = domains(:invalid) + @domain.discard @domain.schedule_force_delete @domain.cancel_force_delete assert_not @domain.force_delete_scheduled? From 615eb0557cbde0dc654976a4652cd9243519ff97 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 22 Apr 2018 19:15:45 +0300 Subject: [PATCH 04/72] Rename column #791 --- ...omains_statuses_backup_to_statuses_before_force_delete.rb | 5 +++++ db/structure.sql | 4 +++- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20180422154642_rename_domains_statuses_backup_to_statuses_before_force_delete.rb diff --git a/db/migrate/20180422154642_rename_domains_statuses_backup_to_statuses_before_force_delete.rb b/db/migrate/20180422154642_rename_domains_statuses_backup_to_statuses_before_force_delete.rb new file mode 100644 index 000000000..a6784f02e --- /dev/null +++ b/db/migrate/20180422154642_rename_domains_statuses_backup_to_statuses_before_force_delete.rb @@ -0,0 +1,5 @@ +class RenameDomainsStatusesBackupToStatusesBeforeForceDelete < ActiveRecord::Migration + def change + rename_column :domains, :statuses_backup, :statuses_before_force_delete + end +end diff --git a/db/structure.sql b/db/structure.sql index 744ea9e19..c319b8e28 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -895,7 +895,7 @@ CREATE TABLE domains ( statuses character varying[], reserved boolean DEFAULT false, status_notes hstore, - statuses_backup character varying[] DEFAULT '{}'::character varying[], + statuses_before_force_delete character varying[] DEFAULT '{}'::character varying[], upid integer, up_date timestamp without time zone ); @@ -4716,3 +4716,5 @@ INSERT INTO schema_migrations (version) VALUES ('20180327151906'); INSERT INTO schema_migrations (version) VALUES ('20180331200125'); +INSERT INTO schema_migrations (version) VALUES ('20180422154642'); + From 3ee49cdae903178a08af7515913e07662f45bde1 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 23 Apr 2018 02:30:29 +0300 Subject: [PATCH 05/72] Add tests #791 --- app/models/concerns/domain/force_delete.rb | 51 ++++++++++------ test/models/domain/force_delete_test.rb | 69 +++++++++++++++++++++- 2 files changed, 102 insertions(+), 18 deletions(-) diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index bf67a33f2..c7b3ef454 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -6,16 +6,8 @@ module Concerns::Domain::ForceDelete end def schedule_force_delete - statuses << DomainStatus::FORCE_DELETE - statuses << DomainStatus::SERVER_RENEW_PROHIBITED - statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED - statuses << DomainStatus::SERVER_UPDATE_PROHIBITED - statuses << DomainStatus::PENDING_DELETE - - if (statuses & [DomainStatus::SERVER_HOLD, DomainStatus::CLIENT_HOLD]).empty? - statuses << DomainStatus::SERVER_MANUAL_INZONE - end - + preserve_current_statuses_for_force_delete + add_force_delete_statuses self.force_delete_at = (Time.zone.now + (Setting.redemption_grace_period.days + 1.day)).utc .beginning_of_day stop_all_pending_actions @@ -25,13 +17,8 @@ module Concerns::Domain::ForceDelete def cancel_force_delete raise 'Domain must be discarded before cancelling force delete procedure' unless discarded? - statuses.delete(DomainStatus::FORCE_DELETE) - statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED) - statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED) - statuses.delete(DomainStatus::SERVER_UPDATE_PROHIBITED) - statuses.delete(DomainStatus::PENDING_DELETE) - statuses.delete(DomainStatus::SERVER_MANUAL_INZONE) - + restore_statuses_before_force_delete + remove_force_delete_statuses self.force_delete_at = nil save(validate: false) end @@ -46,4 +33,34 @@ module Concerns::Domain::ForceDelete statuses.delete(DomainStatus::PENDING_RENEW) statuses.delete(DomainStatus::PENDING_CREATE) end + + def preserve_current_statuses_for_force_delete + self.statuses_before_force_delete = statuses + end + + def restore_statuses_before_force_delete + self.statuses = statuses_before_force_delete + self.statuses_before_force_delete = nil + end + + def add_force_delete_statuses + statuses << DomainStatus::FORCE_DELETE + statuses << DomainStatus::SERVER_RENEW_PROHIBITED + statuses << DomainStatus::SERVER_TRANSFER_PROHIBITED + statuses << DomainStatus::SERVER_UPDATE_PROHIBITED + statuses << DomainStatus::PENDING_DELETE + + if (statuses & [DomainStatus::SERVER_HOLD, DomainStatus::CLIENT_HOLD]).empty? + statuses << DomainStatus::SERVER_MANUAL_INZONE + end + end + + def remove_force_delete_statuses + statuses.delete(DomainStatus::FORCE_DELETE) + statuses.delete(DomainStatus::SERVER_RENEW_PROHIBITED) + statuses.delete(DomainStatus::SERVER_TRANSFER_PROHIBITED) + statuses.delete(DomainStatus::SERVER_UPDATE_PROHIBITED) + statuses.delete(DomainStatus::PENDING_DELETE) + statuses.delete(DomainStatus::SERVER_MANUAL_INZONE) + end end diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index 328a45658..058a49bfb 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -20,13 +20,50 @@ class DomainForceDeleteTest < ActiveSupport::TestCase Setting.redemption_grace_period = @original_redemption_grace_period end + def test_scheduling_force_delete_adds_corresponding_statuses + statuses = [ + DomainStatus::FORCE_DELETE, + DomainStatus::SERVER_RENEW_PROHIBITED, + DomainStatus::SERVER_TRANSFER_PROHIBITED, + DomainStatus::SERVER_UPDATE_PROHIBITED, + DomainStatus::PENDING_DELETE, + ] + + @domain.schedule_force_delete + @domain.reload + assert (@domain.statuses & statuses) == statuses + end + + def test_scheduling_force_delete_stops_pending_actions + statuses = [ + DomainStatus::CLIENT_DELETE_PROHIBITED, + DomainStatus::SERVER_DELETE_PROHIBITED, + DomainStatus::PENDING_UPDATE, + DomainStatus::PENDING_TRANSFER, + DomainStatus::PENDING_RENEW, + DomainStatus::PENDING_CREATE, + ] + + @domain.statuses = statuses + %w[other-status] + @domain.schedule_force_delete + @domain.reload + assert_not (@domain.statuses & statuses).any?, 'Pending actions should be stopped' + end + + def test_scheduling_force_delete_preserves_current_statuses + @domain.statuses = %w[test1 test2] + @domain.schedule_force_delete + @domain.reload + assert_equal %w[test1 test2], @domain.statuses_before_force_delete + end + def test_scheduling_force_delete_bypasses_validation @domain = domains(:invalid) @domain.schedule_force_delete assert @domain.force_delete_scheduled? end - def test_cancelling_force_delete_on_discarded_domain + def test_cancelling_force_delete_on_a_discarded_domain @domain.discard @domain.schedule_force_delete @domain.cancel_force_delete @@ -49,4 +86,34 @@ class DomainForceDeleteTest < ActiveSupport::TestCase @domain.cancel_force_delete assert_not @domain.force_delete_scheduled? end + + def test_cancelling_force_delete_removes_statuses_that_were_set_on_force_delete + statuses = [ + DomainStatus::FORCE_DELETE, + DomainStatus::SERVER_RENEW_PROHIBITED, + DomainStatus::SERVER_TRANSFER_PROHIBITED, + DomainStatus::SERVER_UPDATE_PROHIBITED, + DomainStatus::PENDING_DELETE, + DomainStatus::SERVER_MANUAL_INZONE + ] + @domain.discard + @domain.statuses = @domain.statuses + statuses + @domain.schedule_force_delete + + @domain.cancel_force_delete + @domain.reload + + assert (@domain.statuses & statuses).empty? + end + + def test_cancelling_force_delete_restores_statuses_that_a_domain_had_before_force_delete + @domain.discard + @domain.statuses_before_force_delete = ['test1', DomainStatus::DELETE_CANDIDATE] + + @domain.cancel_force_delete + @domain.reload + + assert_equal ['test1', DomainStatus::DELETE_CANDIDATE], @domain.statuses + assert_nil @domain.statuses_before_force_delete + end end From 304b04bd61d592cfcfa20194c08fcd6b790a95c1 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 11 Jun 2018 06:19:33 +0300 Subject: [PATCH 06/72] Remove `domains.statuses_before_force_delete` from REST API --- app/models/domain.rb | 1 + doc/repp/v1/domain.md | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/app/models/domain.rb b/app/models/domain.rb index 55596aedf..ebe7e93d2 100644 --- a/app/models/domain.rb +++ b/app/models/domain.rb @@ -639,6 +639,7 @@ class Domain < ActiveRecord::Base hash = super hash['auth_info'] = hash.delete('transfer_code') # API v1 requirement hash['valid_from'] = hash['registered_at'] # API v1 requirement + hash.delete('statuses_before_force_delete') hash end diff --git a/doc/repp/v1/domain.md b/doc/repp/v1/domain.md index adb9c4c8e..4c9476125 100644 --- a/doc/repp/v1/domain.md +++ b/doc/repp/v1/domain.md @@ -63,10 +63,7 @@ Content-Type: application/json ], "reserved": false, "status_notes": { - }, - "statuses_backup": [ - - ] + } } ], "total_number_of_records": 2 From 4e2bd9f2dabbece172c511db506217d1de34e080 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 11 Jun 2018 08:10:32 +0300 Subject: [PATCH 07/72] Improve readability --- test/models/domain/force_delete_test.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index 058a49bfb..c04244052 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -21,7 +21,7 @@ class DomainForceDeleteTest < ActiveSupport::TestCase end def test_scheduling_force_delete_adds_corresponding_statuses - statuses = [ + statuses_to_be_added = [ DomainStatus::FORCE_DELETE, DomainStatus::SERVER_RENEW_PROHIBITED, DomainStatus::SERVER_TRANSFER_PROHIBITED, @@ -31,11 +31,11 @@ class DomainForceDeleteTest < ActiveSupport::TestCase @domain.schedule_force_delete @domain.reload - assert (@domain.statuses & statuses) == statuses + assert (@domain.statuses & statuses_to_be_added) == statuses_to_be_added end def test_scheduling_force_delete_stops_pending_actions - statuses = [ + statuses_to_be_removed = [ DomainStatus::CLIENT_DELETE_PROHIBITED, DomainStatus::SERVER_DELETE_PROHIBITED, DomainStatus::PENDING_UPDATE, @@ -44,10 +44,10 @@ class DomainForceDeleteTest < ActiveSupport::TestCase DomainStatus::PENDING_CREATE, ] - @domain.statuses = statuses + %w[other-status] + @domain.statuses = statuses_to_be_removed + %w[other-status] @domain.schedule_force_delete @domain.reload - assert_not (@domain.statuses & statuses).any?, 'Pending actions should be stopped' + assert_empty @domain.statuses & statuses_to_be_removed, 'Pending actions should be stopped' end def test_scheduling_force_delete_preserves_current_statuses @@ -103,7 +103,7 @@ class DomainForceDeleteTest < ActiveSupport::TestCase @domain.cancel_force_delete @domain.reload - assert (@domain.statuses & statuses).empty? + assert_empty @domain.statuses & statuses end def test_cancelling_force_delete_restores_statuses_that_a_domain_had_before_force_delete From c2d5b7c7040b1ab6c7eafb1bef107fb5807508bb Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 11 Jun 2018 08:26:17 +0300 Subject: [PATCH 08/72] Extract method --- app/models/concerns/domain/force_delete.rb | 8 ++++++-- test/models/domain/force_delete_test.rb | 12 +++++++++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index c7b3ef454..45f45dab6 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -11,6 +11,7 @@ module Concerns::Domain::ForceDelete self.force_delete_at = (Time.zone.now + (Setting.redemption_grace_period.days + 1.day)).utc .beginning_of_day stop_all_pending_actions + allow_deletion save(validate: false) end @@ -26,8 +27,6 @@ module Concerns::Domain::ForceDelete private def stop_all_pending_actions - statuses.delete(DomainStatus::CLIENT_DELETE_PROHIBITED) - statuses.delete(DomainStatus::SERVER_DELETE_PROHIBITED) statuses.delete(DomainStatus::PENDING_UPDATE) statuses.delete(DomainStatus::PENDING_TRANSFER) statuses.delete(DomainStatus::PENDING_RENEW) @@ -63,4 +62,9 @@ module Concerns::Domain::ForceDelete statuses.delete(DomainStatus::PENDING_DELETE) statuses.delete(DomainStatus::SERVER_MANUAL_INZONE) end + + def allow_deletion + statuses.delete(DomainStatus::CLIENT_DELETE_PROHIBITED) + statuses.delete(DomainStatus::SERVER_DELETE_PROHIBITED) + end end diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index c04244052..535ad84d8 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -34,10 +34,20 @@ class DomainForceDeleteTest < ActiveSupport::TestCase assert (@domain.statuses & statuses_to_be_added) == statuses_to_be_added end - def test_scheduling_force_delete_stops_pending_actions + def test_scheduling_force_delete_allows_domain_deletion statuses_to_be_removed = [ DomainStatus::CLIENT_DELETE_PROHIBITED, DomainStatus::SERVER_DELETE_PROHIBITED, + ] + + @domain.statuses = statuses_to_be_removed + %w[other-status] + @domain.schedule_force_delete + @domain.reload + assert_empty @domain.statuses & statuses_to_be_removed + end + + def test_scheduling_force_delete_stops_pending_actions + statuses_to_be_removed = [ DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_TRANSFER, DomainStatus::PENDING_RENEW, From cd6a40b1bb637bfde9ef3ca3cb39920387d606f2 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Fri, 15 Jun 2018 17:10:06 +0300 Subject: [PATCH 09/72] Fix test --- test/integration/admin/domains/force_delete_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/integration/admin/domains/force_delete_test.rb b/test/integration/admin/domains/force_delete_test.rb index 0ef017c11..df95307b4 100644 --- a/test/integration/admin/domains/force_delete_test.rb +++ b/test/integration/admin/domains/force_delete_test.rb @@ -44,8 +44,8 @@ class AdminAreaDomainForceDeleteTest < ActionDispatch::IntegrationTest end def test_cancels_scheduled_domain_force_delete - @domain.update_attribute(:statuses, [DomainStatus::FORCE_DELETE]) - assert @domain.force_delete_scheduled? + @domain.discard + @domain.schedule_force_delete visit edit_admin_domain_url(@domain) click_link_or_button 'Cancel force delete' From 0f6df9e3f8d8d5c328582dfd05e59fb3012ad20d Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:00:40 +0300 Subject: [PATCH 10/72] Regenerate Devise translation --- config/locales/devise.en.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/config/locales/devise.en.yml b/config/locales/devise.en.yml index 9524e860c..3a853fe31 100644 --- a/config/locales/devise.en.yml +++ b/config/locales/devise.en.yml @@ -9,12 +9,12 @@ en: failure: already_authenticated: "You are already signed in." inactive: "Your account is not activated yet." - invalid: "Invalid email or password." + invalid: "Invalid %{authentication_keys} or password." locked: "Your account is locked." last_attempt: "You have one more attempt before your account is locked." - not_found_in_database: "Invalid email address or password." + not_found_in_database: "Invalid %{authentication_keys} or password." timeout: "Your session expired. Please sign in again to continue." - unauthenticated: "You need to sign in." + unauthenticated: "You need to sign in before continuing." unconfirmed: "You have to confirm your email address before continuing." mailer: confirmation_instructions: @@ -23,6 +23,10 @@ en: subject: "Reset password instructions" unlock_instructions: subject: "Unlock instructions" + email_changed: + subject: "Email Changed" + password_change: + subject: "Password Changed" omniauth_callbacks: failure: "Could not authenticate you from %{kind} because \"%{reason}\"." success: "Successfully authenticated from %{kind} account." From ebe831e78247bde3eb50347969b46622ee24db21 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:23:54 +0300 Subject: [PATCH 11/72] Regenerate and tune Devise config --- config/initializers/devise.rb | 82 +++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 33 deletions(-) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index eceb6d5f2..c2f89e691 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,26 +1,31 @@ -require 'devise_custom_failure' +# frozen_string_literal: true # Use this hook to configure devise mailer, warden hooks and so forth. # Many of these configuration options can be set straight in your model. Devise.setup do |config| - config.warden do |manager| - manager.failure_app = DeviseCustomFailure - end - # The secret key used by Devise. Devise uses this key to generate # random tokens. Changing this key will render invalid all existing # confirmation, reset password and unlock tokens in the database. + # Devise will use the `secret_key_base` as its `secret_key` + # by default. You can change it below and use your own secret key. config.secret_key = ENV['devise_secret'] + # ==> Controller configuration + # Configure the parent class to the devise controllers. + # config.parent_controller = 'DeviseController' + # ==> Mailer Configuration # Configure the e-mail address which will be shown in Devise::Mailer, # note that it will be overwritten if you use your own mailer class # with default "from" parameter. - config.mailer_sender = 'noreply@example.com' + config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com' # Configure the class responsible to send e-mails. # config.mailer = 'Devise::Mailer' + # Configure the parent class responsible to send e-mails. + # config.parent_mailer = 'ActionMailer::Base' + # ==> ORM configuration # Load and configure the ORM. Supports :active_record (default) and # :mongoid (bson_ext recommended) by default. Other ORMs may be @@ -35,7 +40,7 @@ Devise.setup do |config| # session. If you need permissions, you should implement that in a before filter. # You can also supply a hash where the value is a boolean determining whether # or not authentication should be aborted when the value is not present. - # config.authentication_keys = [ :email ] + # config.authentication_keys = [:email] # Configure parameters from the request object used for authentication. Each entry # given should be a request method and it will automatically be passed to the @@ -67,7 +72,7 @@ Devise.setup do |config| # :database = Support basic authentication with authentication key + password # config.http_authenticatable = false - # If http headers should be returned for AJAX requests. True by default. + # If 401 status code should be returned for AJAX requests. True by default. # config.http_authenticatable_on_xhr = true # The realm used in Http Basic Authentication. 'Application' by default. @@ -91,20 +96,31 @@ Devise.setup do |config| # from the server. You can disable this option at your own risk. # config.clean_up_csrf_token_on_authentication = true + # When false, Devise will not attempt to reload routes on eager load. + # This can reduce the time taken to boot the app but if your application + # requires the Devise mappings to be loaded during boot time the application + # won't boot properly. + # config.reload_routes = true + # ==> Configuration for :database_authenticatable - # For bcrypt, this is the cost for hashing the password and defaults to 10. If - # using other encryptors, it sets how many times you want the password re-encrypted. + # For bcrypt, this is the cost for hashing the password and defaults to 11. If + # using other algorithms, it sets how many times you want the password to be hashed. # # Limiting the stretches to just one in testing will increase the performance of # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use # a value less than 10 in other environments. Note that, for bcrypt (the default - # encryptor), the cost increases exponentially with the number of stretches (e.g. + # algorithm), the cost increases exponentially with the number of stretches (e.g. # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). - config.stretches = Rails.env.test? ? 1 : 10 + config.stretches = Rails.env.test? ? 1 : 11 - # Setup a pepper to generate the encrypted password. - # config.pepper = '4d1b39f778c3ea5b415476ce410f337a27895181a8ccd586c60e50e0f7284' \ - # '3d5d6ded80558ed7a4637de6b3a1504379270af6eee995fd9a329e4f4c5daa33882' + # Set up a pepper to generate the hashed password. + # config.pepper = '1fc02c7f3a9d5d0dc6c3e49828eb45d29e5fdb3136f78ee0063a2cdf774b7ed53ea40176d5823703554b7f015dd23c0e491fb488bb705a0768db32d02b1d088d' + + # Send a notification to the original email when the user's email is changed. + # config.send_email_changed_notification = false + + # Send a notification email when the user's password is changed. + # config.send_password_change_notification = false # ==> Configuration for :confirmable # A period that the user is allowed to access the website even without @@ -129,11 +145,11 @@ Devise.setup do |config| config.reconfirmable = true # Defines which key will be used when confirming an account - # config.confirmation_keys = [ :email ] + # config.confirmation_keys = [:email] # ==> Configuration for :rememberable # The time the user will be remembered without asking for credentials again. - config.remember_for = 2.weeks + # config.remember_for = 2.weeks # Invalidates all the remember me tokens when the user signs out. config.expire_all_remember_me_on_sign_out = true @@ -152,15 +168,12 @@ Devise.setup do |config| # Email regex used to validate email formats. It simply asserts that # one (and only one) @ exists in the given string. This is mainly # to give user feedback and not to assert the e-mail validity. - # config.email_regexp = /\A[^@]+@[^@]+\z/ + config.email_regexp = /\A[^@\s]+@[^@\s]+\z/ # ==> Configuration for :timeoutable # The time you want to timeout the user session without activity. After this # time the user will be asked for credentials again. Default is 30 minutes. - config.timeout_in = ENV['user_session_timeout'].to_i.seconds if ENV['user_session_timeout'] - - # If true, expires auth token on session timeout. - # config.expire_auth_token_on_timeout = false + # config.timeout_in = 30.minutes # ==> Configuration for :lockable # Defines which strategy will be used to lock an account. @@ -169,7 +182,7 @@ Devise.setup do |config| # config.lock_strategy = :failed_attempts # Defines which key will be used when locking and unlocking an account - # config.unlock_keys = [ :email ] + # config.unlock_keys = [:email] # Defines which strategy will be used to unlock an account. # :email = Sends an unlock link to the user email @@ -186,24 +199,28 @@ Devise.setup do |config| # config.unlock_in = 1.hour # Warn on the last attempt before the account is locked. - # config.last_attempt_warning = false + # config.last_attempt_warning = true # ==> Configuration for :recoverable # # Defines which key will be used when recovering the password for an account - # config.reset_password_keys = [ :email ] + # config.reset_password_keys = [:email] # Time interval you can reset your password with a reset password key. # Don't put a too small interval or your users won't have the time to # change their passwords. config.reset_password_within = 6.hours + # When set to false, does not sign a user in automatically after their password is + # reset. Defaults to true, so a user is signed in automatically after a reset. + # config.sign_in_after_reset_password = true + # ==> Configuration for :encryptable - # Allow you to use another encryption algorithm besides bcrypt (default). You can use - # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1, - # :authlogic_sha512 (then you should set stretches above to 20 for default behavior) - # and :restful_authentication_sha1 (then you should set stretches to 10, and copy - # REST_AUTH_SITE_KEY to pepper). + # Allow you to use another hashing or encryption algorithm besides bcrypt (default). + # You can use :sha1, :sha512 or algorithms from others authentication tools as + # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20 + # for default behavior) and :restful_authentication_sha1 (then you should set + # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper). # # Require the `devise-encryptable` gem when using anything other than bcrypt # config.encryptor = :sha512 @@ -220,7 +237,7 @@ Devise.setup do |config| # Set this configuration to false if you want /users/sign_out to sign out # only the current scope. By default, Devise signs out all scopes. - # config.sign_out_all_scopes = true + config.sign_out_all_scopes = false # ==> Navigation configuration # Lists the formats that should be treated as navigational. Formats like @@ -260,8 +277,7 @@ Devise.setup do |config| # The router that invoked `devise_for`, in the example above, would be: # config.router_name = :my_engine # - # When using omniauth, Devise cannot automatically set Omniauth path, + # When using OmniAuth, Devise cannot automatically set OmniAuth path, # so you need to do it manually. For the users scope, it would be: # config.omniauth_path_prefix = '/my_engine/users/auth' end - From bb39d0340e6eeaf441c34aa4d76cedf484ccda72 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:24:52 +0300 Subject: [PATCH 12/72] Remove routing specs --- app/models/user.rb | 2 +- spec/routing/registrar/domains_routing_spec.rb | 9 --------- spec/routing/registrar/sessions_routing_spec.rb | 9 --------- 3 files changed, 1 insertion(+), 19 deletions(-) delete mode 100644 spec/routing/registrar/domains_routing_spec.rb delete mode 100644 spec/routing/registrar/sessions_routing_spec.rb diff --git a/app/models/user.rb b/app/models/user.rb index b69e0250c..150311e90 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,6 +1,6 @@ class User < ActiveRecord::Base include Versions # version/user_version.rb - devise :trackable, :timeoutable + devise :database_authenticatable, :trackable, :timeoutable attr_accessor :phone diff --git a/spec/routing/registrar/domains_routing_spec.rb b/spec/routing/registrar/domains_routing_spec.rb deleted file mode 100644 index e30d1dd24..000000000 --- a/spec/routing/registrar/domains_routing_spec.rb +++ /dev/null @@ -1,9 +0,0 @@ -require 'rails_helper' - -RSpec.describe Registrar::DomainsController do - describe 'routing' do - it 'routes to #index' do - expect(get: '/registrar/domains').to route_to('registrar/domains#index') - end - end -end diff --git a/spec/routing/registrar/sessions_routing_spec.rb b/spec/routing/registrar/sessions_routing_spec.rb deleted file mode 100644 index 24e075e58..000000000 --- a/spec/routing/registrar/sessions_routing_spec.rb +++ /dev/null @@ -1,9 +0,0 @@ -require 'rails_helper' - -RSpec.describe Registrar::SessionsController do - describe 'routing' do - it 'routes to #login' do - expect(get: '/registrar/login').to route_to('registrar/sessions#login') - end - end -end From c538579d5b2a451f5b522b06b7ba6fb1f9eafd33 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:36:06 +0300 Subject: [PATCH 13/72] Remove `rememberable` and `lockable` modules from `AdminUser` --- app/models/admin_user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/admin_user.rb b/app/models/admin_user.rb index d76c42dec..c2c213226 100644 --- a/app/models/admin_user.rb +++ b/app/models/admin_user.rb @@ -9,7 +9,7 @@ class AdminUser < User ROLES = %w(user customer_service admin) # should not match to api_users roles - devise :database_authenticatable, :rememberable, :trackable, :validatable, :lockable + devise :database_authenticatable, :trackable, :validatable def self.min_password_length Devise.password_length.min From 756836001c9179c00575a9dbdd5e0fc3f2e4db35 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:39:52 +0300 Subject: [PATCH 14/72] Remove unused routes --- config/routes.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index ecb054409..6fe587caa 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -20,7 +20,6 @@ Rails.application.routes.draw do # REGISTRAR ROUTES namespace :registrar do - resource :dashboard root 'dashboard#show' resources :invoices do @@ -247,9 +246,6 @@ Rails.application.routes.draw do end resources :delayed_jobs - - resource :dashboard - resources :epp_logs resources :repp_logs From 28416a3375580d604a278f2c400b49b7247eddae Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:43:23 +0300 Subject: [PATCH 15/72] Use singular controller --- app/controllers/admin/dashboard_controller.rb | 8 ++++++++ app/controllers/admin/dashboards_controller.rb | 9 --------- .../{dashboards/show.haml => dashboard/show.html.erb} | 0 config/routes.rb | 4 ++-- 4 files changed, 10 insertions(+), 11 deletions(-) create mode 100644 app/controllers/admin/dashboard_controller.rb delete mode 100644 app/controllers/admin/dashboards_controller.rb rename app/views/admin/{dashboards/show.haml => dashboard/show.html.erb} (100%) diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb new file mode 100644 index 000000000..35efab599 --- /dev/null +++ b/app/controllers/admin/dashboard_controller.rb @@ -0,0 +1,8 @@ +module Admin + class DashboardController < BaseController + authorize_resource class: false + + def show + end + end +end \ No newline at end of file diff --git a/app/controllers/admin/dashboards_controller.rb b/app/controllers/admin/dashboards_controller.rb deleted file mode 100644 index 52d82ea0a..000000000 --- a/app/controllers/admin/dashboards_controller.rb +++ /dev/null @@ -1,9 +0,0 @@ -module Admin - class DashboardsController < BaseController - authorize_resource class: false - - def show - redirect_to [:admin, :domains] if can? :show, Domain - end - end -end diff --git a/app/views/admin/dashboards/show.haml b/app/views/admin/dashboard/show.html.erb similarity index 100% rename from app/views/admin/dashboards/show.haml rename to app/views/admin/dashboard/show.html.erb diff --git a/config/routes.rb b/config/routes.rb index 6fe587caa..7e0e99815 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -149,6 +149,8 @@ Rails.application.routes.draw do # ADMIN ROUTES namespace :admin do + root 'dashboard#show' + resources :keyrelays resources :zonefiles resources :zones, controller: 'dns/zones', except: %i[show destroy] @@ -258,8 +260,6 @@ Rails.application.routes.draw do authenticate :user do mount Que::Web, at: 'que' end - - root 'dashboards#show' end devise_for :users From 724d421f4410297cedad8d2c2d2c1f94ef9e46b9 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 20:50:02 +0300 Subject: [PATCH 16/72] Remove Devise FailureApp --- lib/devise_custom_failure.rb | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 lib/devise_custom_failure.rb diff --git a/lib/devise_custom_failure.rb b/lib/devise_custom_failure.rb deleted file mode 100644 index a8a947173..000000000 --- a/lib/devise_custom_failure.rb +++ /dev/null @@ -1,18 +0,0 @@ -class DeviseCustomFailure < Devise::FailureApp - def redirect_url - return registrant_login_url if request.original_fullpath.to_s.match(%r{^\/registrant}) - return registrar_login_url if request.original_fullpath.to_s.match(%r{^\/registrar}) - return '/admin' if request.original_fullpath.to_s.match(%r{^\/admin\/que}) - return admin_login_url if request.original_fullpath.to_s.match(%r{^\/admin}) - root_url - end - - # You need to override respond to eliminate recall - def respond - if http_auth? - http_auth - else - redirect - end - end -end From febbe1282d94f39530f7cc2f66e6b9fdc9770774 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 21:02:56 +0300 Subject: [PATCH 17/72] Fix links --- app/views/layouts/admin/base.haml | 2 +- app/views/layouts/devise.haml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/views/layouts/admin/base.haml b/app/views/layouts/admin/base.haml index 717c5015c..8ec55c424 100644 --- a/app/views/layouts/admin/base.haml +++ b/app/views/layouts/admin/base.haml @@ -19,7 +19,7 @@ %span.icon-bar %span.icon-bar %span.icon-bar - = link_to admin_dashboard_path, class: 'navbar-brand' do + = link_to admin_root_path, class: 'navbar-brand' do = ENV['app_name'] - if unstable_env.present? .text-center diff --git a/app/views/layouts/devise.haml b/app/views/layouts/devise.haml index 81248b86d..aaa1c8e31 100644 --- a/app/views/layouts/devise.haml +++ b/app/views/layouts/devise.haml @@ -18,7 +18,7 @@ %span.icon-bar %span.icon-bar %span.icon-bar - = link_to admin_dashboard_path, class: 'navbar-brand' do + = link_to admin_login_path, class: 'navbar-brand' do = ENV['app_name'] - if unstable_env.present? .text-center From 450a95f628676d7ca07c775f28d6c71fd36558ab Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 21:08:44 +0300 Subject: [PATCH 18/72] Revert "Remove routing specs" This reverts commit bb39d0340e6eeaf441c34aa4d76cedf484ccda72. --- app/models/user.rb | 2 +- spec/routing/registrar/domains_routing_spec.rb | 9 +++++++++ spec/routing/registrar/sessions_routing_spec.rb | 9 +++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 spec/routing/registrar/domains_routing_spec.rb create mode 100644 spec/routing/registrar/sessions_routing_spec.rb diff --git a/app/models/user.rb b/app/models/user.rb index 150311e90..b69e0250c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,6 +1,6 @@ class User < ActiveRecord::Base include Versions # version/user_version.rb - devise :database_authenticatable, :trackable, :timeoutable + devise :trackable, :timeoutable attr_accessor :phone diff --git a/spec/routing/registrar/domains_routing_spec.rb b/spec/routing/registrar/domains_routing_spec.rb new file mode 100644 index 000000000..e30d1dd24 --- /dev/null +++ b/spec/routing/registrar/domains_routing_spec.rb @@ -0,0 +1,9 @@ +require 'rails_helper' + +RSpec.describe Registrar::DomainsController do + describe 'routing' do + it 'routes to #index' do + expect(get: '/registrar/domains').to route_to('registrar/domains#index') + end + end +end diff --git a/spec/routing/registrar/sessions_routing_spec.rb b/spec/routing/registrar/sessions_routing_spec.rb new file mode 100644 index 000000000..24e075e58 --- /dev/null +++ b/spec/routing/registrar/sessions_routing_spec.rb @@ -0,0 +1,9 @@ +require 'rails_helper' + +RSpec.describe Registrar::SessionsController do + describe 'routing' do + it 'routes to #login' do + expect(get: '/registrar/login').to route_to('registrar/sessions#login') + end + end +end From 02137b620ed2bff753162fb9c64cf85a4956f0f9 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 21:10:53 +0300 Subject: [PATCH 19/72] Remove routing specs --- spec/routing/registrar/domains_routing_spec.rb | 9 --------- spec/routing/registrar/sessions_routing_spec.rb | 9 --------- 2 files changed, 18 deletions(-) delete mode 100644 spec/routing/registrar/domains_routing_spec.rb delete mode 100644 spec/routing/registrar/sessions_routing_spec.rb diff --git a/spec/routing/registrar/domains_routing_spec.rb b/spec/routing/registrar/domains_routing_spec.rb deleted file mode 100644 index e30d1dd24..000000000 --- a/spec/routing/registrar/domains_routing_spec.rb +++ /dev/null @@ -1,9 +0,0 @@ -require 'rails_helper' - -RSpec.describe Registrar::DomainsController do - describe 'routing' do - it 'routes to #index' do - expect(get: '/registrar/domains').to route_to('registrar/domains#index') - end - end -end diff --git a/spec/routing/registrar/sessions_routing_spec.rb b/spec/routing/registrar/sessions_routing_spec.rb deleted file mode 100644 index 24e075e58..000000000 --- a/spec/routing/registrar/sessions_routing_spec.rb +++ /dev/null @@ -1,9 +0,0 @@ -require 'rails_helper' - -RSpec.describe Registrar::SessionsController do - describe 'routing' do - it 'routes to #login' do - expect(get: '/registrar/login').to route_to('registrar/sessions#login') - end - end -end From c31f507c254195094997fb6727195839afe6ca60 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Tue, 19 Jun 2018 22:20:52 +0300 Subject: [PATCH 20/72] Specify Devise modules for each type of user --- app/models/admin_user.rb | 2 +- app/models/api_user.rb | 1 + app/models/registrant_user.rb | 2 ++ app/models/user.rb | 1 - 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/app/models/admin_user.rb b/app/models/admin_user.rb index c2c213226..b53d6531a 100644 --- a/app/models/admin_user.rb +++ b/app/models/admin_user.rb @@ -9,7 +9,7 @@ class AdminUser < User ROLES = %w(user customer_service admin) # should not match to api_users roles - devise :database_authenticatable, :trackable, :validatable + devise :database_authenticatable, :trackable, :validatable, :timeoutable def self.min_password_length Devise.password_length.min diff --git a/app/models/api_user.rb b/app/models/api_user.rb index ce32c4045..378292076 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -2,6 +2,7 @@ require 'open3' class ApiUser < User include EppErrors + devise :database_authenticatable, :trackable, :timeoutable def epp_code_map { diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb index 12cae0d82..1e1eb452f 100644 --- a/app/models/registrant_user.rb +++ b/app/models/registrant_user.rb @@ -2,6 +2,8 @@ class RegistrantUser < User ACCEPTED_ISSUER = 'AS Sertifitseerimiskeskus' attr_accessor :idc_data + devise :database_authenticatable, :trackable, :timeoutable + def ability @ability ||= Ability.new(self) end diff --git a/app/models/user.rb b/app/models/user.rb index b69e0250c..8968e2736 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,6 +1,5 @@ class User < ActiveRecord::Base include Versions # version/user_version.rb - devise :trackable, :timeoutable attr_accessor :phone From 9684c8e59f58d2b7285b65122c3250fe7b97ac26 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 20 Jun 2018 12:21:22 +0300 Subject: [PATCH 21/72] Refactor Devise integration - Use scoped users - Use the named route helpers instead of hardcoded paths --- app/controllers/admin/base_controller.rb | 14 ++++- .../admin/pending_deletes_controller.rb | 4 +- .../admin/pending_updates_controller.rb | 4 +- app/controllers/admin/sessions_controller.rb | 23 +++++--- app/controllers/application_controller.rb | 56 ++---------------- .../registrant/contacts_controller.rb | 3 +- .../domain_delete_confirms_controller.rb | 2 +- .../domain_update_confirms_controller.rb | 2 +- .../registrant/domains_controller.rb | 4 +- .../registrant/sessions_controller.rb | 21 +++++-- app/controllers/registrant_controller.rb | 15 ++++- .../account_activities_controller.rb | 2 +- app/controllers/registrar/base_controller.rb | 14 +++-- .../registrar/bulk_change_controller.rb | 2 +- .../registrar/contacts_controller.rb | 6 +- .../registrar/current_user_controller.rb | 4 +- .../registrar/deposits_controller.rb | 2 +- app/controllers/registrar/depp_controller.rb | 10 ++-- .../registrar/domain_transfers_controller.rb | 2 +- .../registrar/domains_controller.rb | 8 +-- .../registrar/invoices_controller.rb | 2 +- .../registrar/nameservers_controller.rb | 2 +- .../registrar/profile_controller.rb | 4 +- .../registrar/sessions_controller.rb | 32 +++++----- .../registrar/tech_contacts_controller.rb | 2 +- app/views/admin/base/_menu.haml | 2 +- .../admin/sessions/{login.haml => new.haml} | 2 +- app/views/layouts/devise.haml | 2 +- .../layouts/registrant/application.html.erb | 6 +- .../sessions/{login.haml => new.haml} | 0 .../registrar/base/_current_user.html.erb | 4 +- app/views/registrar/invoices/index.haml | 4 +- .../sessions/{login.haml => new.haml} | 2 +- config/locales/registrar/sessions.en.yml | 2 +- config/routes.rb | 59 ++++++++----------- doc/controllers_complete.svg | 8 --- spec/features/registrar/home_link_spec.rb | 2 +- .../registrar/sign_in/mobile_id_spec.rb | 2 +- .../registrar/sign_in/password_spec.rb | 39 ------------ spec/features/registrar/sign_out_spec.rb | 14 ----- .../requests/registrar/ip_restriction_spec.rb | 12 ++-- spec/requests/registrar/linked_users_spec.rb | 9 ++- .../registrar/sign_in/password_spec.rb | 16 ----- spec/requests/registrar/sign_out_spec.rb | 18 ------ spec/support/features/session_helpers.rb | 4 +- spec/support/requests/session_helpers.rb | 6 +- test/integration/admin/login_test.rb | 27 +++++++++ test/integration/admin/logout_test.rb | 15 +++++ test/integration/admin/protected_area_test.rb | 22 +++++++ test/integration/registrar/login_test.rb | 39 ++++++++++++ test/integration/registrar/logout_test.rb | 15 +++++ .../registrar/protected_area_test.rb | 22 +++++++ 52 files changed, 313 insertions(+), 280 deletions(-) rename app/views/admin/sessions/{login.haml => new.haml} (84%) rename app/views/registrant/sessions/{login.haml => new.haml} (100%) rename app/views/registrar/sessions/{login.haml => new.haml} (88%) delete mode 100644 spec/features/registrar/sign_in/password_spec.rb delete mode 100644 spec/features/registrar/sign_out_spec.rb delete mode 100644 spec/requests/registrar/sign_in/password_spec.rb delete mode 100644 spec/requests/registrar/sign_out_spec.rb create mode 100644 test/integration/admin/login_test.rb create mode 100644 test/integration/admin/logout_test.rb create mode 100644 test/integration/admin/protected_area_test.rb create mode 100644 test/integration/registrar/login_test.rb create mode 100644 test/integration/registrar/logout_test.rb create mode 100644 test/integration/registrar/protected_area_test.rb diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb index 7de43f7fc..52ff6aa7c 100644 --- a/app/controllers/admin/base_controller.rb +++ b/app/controllers/admin/base_controller.rb @@ -1,10 +1,20 @@ module Admin class BaseController < ApplicationController - before_action :authenticate_user! + before_action :authenticate_admin_user! helper_method :head_title_sufix def head_title_sufix t(:admin_head_title_sufix) end + + private + + def current_ability + @current_ability ||= Ability.new(current_admin_user) + end + + def user_for_paper_trail + current_admin_user.present? ? current_admin_user.id_role_username : 'public' + end end -end +end \ No newline at end of file diff --git a/app/controllers/admin/pending_deletes_controller.rb b/app/controllers/admin/pending_deletes_controller.rb index 86529da84..9cc8702c5 100644 --- a/app/controllers/admin/pending_deletes_controller.rb +++ b/app/controllers/admin/pending_deletes_controller.rb @@ -6,7 +6,7 @@ module Admin def update authorize! :update, :pending - if registrant_verification.domain_registrant_delete_confirm!("admin #{current_user.username}") + if registrant_verification.domain_registrant_delete_confirm!("admin #{current_admin_user.username}") redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied) else redirect_to admin_domain_path(@domain.id), alert: t(:failure) @@ -16,7 +16,7 @@ module Admin def destroy authorize! :destroy, :pending - if registrant_verification.domain_registrant_delete_reject!("admin #{current_user.username}") + if registrant_verification.domain_registrant_delete_reject!("admin #{current_admin_user.username}") redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed) else redirect_to admin_domain_path(@domain.id), alert: t(:failure) diff --git a/app/controllers/admin/pending_updates_controller.rb b/app/controllers/admin/pending_updates_controller.rb index e402227e0..4a2e5ec7c 100644 --- a/app/controllers/admin/pending_updates_controller.rb +++ b/app/controllers/admin/pending_updates_controller.rb @@ -6,7 +6,7 @@ module Admin def update authorize! :update, :pending - if registrant_verification.domain_registrant_change_confirm!("admin #{current_user.username}") + if registrant_verification.domain_registrant_change_confirm!("admin #{current_admin_user.username}") redirect_to admin_domain_path(@domain.id), notice: t(:pending_applied) else redirect_to edit_admin_domain_path(@domain.id), alert: t(:failure) @@ -15,7 +15,7 @@ module Admin def destroy authorize! :destroy, :pending - if registrant_verification.domain_registrant_change_reject!("admin #{current_user.username}") + if registrant_verification.domain_registrant_change_reject!("admin #{current_admin_user.username}") redirect_to admin_domain_path(@domain.id), notice: t(:pending_removed) else redirect_to admin_domain_path(@domain.id), alert: t(:failure) diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index 1bdcd30dc..1e9be9eb7 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -1,8 +1,6 @@ module Admin class SessionsController < Devise::SessionsController - skip_authorization_check only: :create - - def login + def new @admin_user = AdminUser.new end @@ -10,19 +8,28 @@ module Admin if params[:admin_user].blank? @admin_user = AdminUser.new flash[:alert] = 'Something went wrong' - return render 'login' + return render :new end @admin_user = AdminUser.find_by(username: params[:admin_user][:username]) @admin_user ||= AdminUser.new(username: params[:admin_user][:username]) if @admin_user.valid_password?(params[:admin_user][:password]) - sign_in @admin_user, event: :authentication - redirect_to admin_root_url, notice: I18n.t(:welcome) + sign_in_and_redirect(:admin_user, @admin_user, event: :authentication) else flash[:alert] = 'Authorization error' - render 'login' + render :new end end + + private + + def after_sign_in_path_for(resource_or_scope) + admin_root_path + end + + def after_sign_out_path_for(resource_or_scope) + new_admin_user_session_path + end end -end +end \ No newline at end of file diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 87dabad01..518b752b7 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,63 +12,15 @@ class ApplicationController < ActionController::Base end rescue_from CanCan::AccessDenied do |exception| - redirect_to current_root_url, alert: exception.message + redirect_to root_url, alert: exception.message end - helper_method :registrant_request?, :registrar_request?, :admin_request?, :current_root_url helper_method :available_languages - def registrant_request? - request.path.match(/^\/registrant/) - end - - def registrar_request? - request.path.match(/^\/registrar/) - end - - def admin_request? - request.path.match(/^\/admin/) - end - - def current_root_url - if registrar_request? - registrar_root_url - elsif registrant_request? - registrant_login_url - elsif admin_request? - admin_root_url - end - end - - def after_sign_in_path_for(_resource) - rt = session[:user_return_to].to_s.presence - login_paths = [admin_login_path, registrar_login_path, '/login'] - return rt if rt && !login_paths.include?(rt) - current_root_url - end - - def after_sign_out_path_for(_resource) - if registrar_request? - registrar_login_url - elsif registrant_request? - registrant_login_url - elsif admin_request? - admin_login_url - end - end - def info_for_paper_trail { uuid: request.uuid } end - def user_for_paper_trail - user_log_str(current_user) - end - - def user_log_str(user) - user.nil? ? 'public' : user.id_role_username - end - def comma_support_for(parent_key, key) return if params[parent_key].blank? return if params[parent_key][key].blank? @@ -80,4 +32,8 @@ class ApplicationController < ActionController::Base def available_languages { en: 'English', et: 'Estonian' }.invert end -end + + def user_for_paper_trail + current_user.present? ? current_user.id_role_username : 'public' + end +end \ No newline at end of file diff --git a/app/controllers/registrant/contacts_controller.rb b/app/controllers/registrant/contacts_controller.rb index db6c279eb..948bc1a94 100644 --- a/app/controllers/registrant/contacts_controller.rb +++ b/app/controllers/registrant/contacts_controller.rb @@ -2,7 +2,6 @@ class Registrant::ContactsController < RegistrantController helper_method :domain_ids def show @contact = Contact.where(id: contacts).find_by(id: params[:id]) - @current_user = current_user authorize! :read, @contact end @@ -19,7 +18,7 @@ class Registrant::ContactsController < RegistrantController def domain_ids @domain_ids ||= begin - ident_cc, ident = @current_user.registrant_ident.to_s.split '-' + ident_cc, ident = current_registrant_user.registrant_ident.to_s.split '-' BusinessRegistryCache.fetch_by_ident_and_cc(ident, ident_cc).associated_domain_ids end end diff --git a/app/controllers/registrant/domain_delete_confirms_controller.rb b/app/controllers/registrant/domain_delete_confirms_controller.rb index af8516462..a57c6178a 100644 --- a/app/controllers/registrant/domain_delete_confirms_controller.rb +++ b/app/controllers/registrant/domain_delete_confirms_controller.rb @@ -19,7 +19,7 @@ class Registrant::DomainDeleteConfirmsController < RegistrantController domain_name: @domain.name, verification_token: params[:token]) - initiator = current_user ? current_user.username : t(:user_not_authenticated) + initiator = current_registrant_user ? current_registrant_user.username : t(:user_not_authenticated) if params[:rejected] if @registrant_verification.domain_registrant_delete_reject!("email link #{initiator}") diff --git a/app/controllers/registrant/domain_update_confirms_controller.rb b/app/controllers/registrant/domain_update_confirms_controller.rb index ca91f0192..feaa39d6e 100644 --- a/app/controllers/registrant/domain_update_confirms_controller.rb +++ b/app/controllers/registrant/domain_update_confirms_controller.rb @@ -19,7 +19,7 @@ class Registrant::DomainUpdateConfirmsController < RegistrantController domain_name: @domain.name, verification_token: params[:token]) - initiator = current_user ? current_user.username : t(:user_not_authenticated) + initiator = current_registrant_user ? current_registrant_user.username : t(:user_not_authenticated) if params[:rejected] if @registrant_verification.domain_registrant_change_reject!("email link, #{initiator}") diff --git a/app/controllers/registrant/domains_controller.rb b/app/controllers/registrant/domains_controller.rb index 0e2f6eeaf..06b24624d 100644 --- a/app/controllers/registrant/domains_controller.rb +++ b/app/controllers/registrant/domains_controller.rb @@ -54,13 +54,13 @@ class Registrant::DomainsController < RegistrantController end def domains - ident_cc, ident = @current_user.registrant_ident.split '-' + ident_cc, ident = current_registrant_user.registrant_ident.split '-' begin BusinessRegistryCache.fetch_associated_domains ident, ident_cc rescue Soap::Arireg::NotAvailableError => error flash[:notice] = I18n.t(error.json[:message]) Rails.logger.fatal("[EXCEPTION] #{error.to_s}") - current_user.domains + current_registrant_user.domains end end diff --git a/app/controllers/registrant/sessions_controller.rb b/app/controllers/registrant/sessions_controller.rb index 80a23eb0a..c29c920b0 100644 --- a/app/controllers/registrant/sessions_controller.rb +++ b/app/controllers/registrant/sessions_controller.rb @@ -1,7 +1,7 @@ class Registrant::SessionsController < Devise::SessionsController layout 'registrant/application' - def login + def new end def id @@ -10,11 +10,10 @@ class Registrant::SessionsController < Devise::SessionsController @user = RegistrantUser.find_or_create_by_idc_data(id_code, id_issuer) if @user - sign_in(@user, event: :authentication) - redirect_to registrant_root_url + sign_in_and_redirect(:registrant_user, @user, event: :authentication) else flash[:alert] = t('login_failed_check_id_card') - redirect_to registrant_login_url + redirect_to new_registrant_user_session_url end end @@ -68,7 +67,7 @@ class Registrant::SessionsController < Devise::SessionsController when 'USER_AUTHENTICATED' @user = RegistrantUser.find_by(registrant_ident: "#{session[:user_country]}-#{session[:user_id_code]}") - sign_in @user + sign_in(:registrant_user, @user) flash[:notice] = t(:welcome) flash.keep(:notice) render js: "window.location = '#{registrant_root_path}'" @@ -97,4 +96,14 @@ class Registrant::SessionsController < Devise::SessionsController return User.new unless idc ApiUser.find_by(identity_code: idc) || User.new end -end + + private + + def after_sign_in_path_for(resource_or_scope) + registrant_root_path + end + + def after_sign_out_path_for(resource_or_scope) + new_registrant_user_session_path + end +end \ No newline at end of file diff --git a/app/controllers/registrant_controller.rb b/app/controllers/registrant_controller.rb index 72fb78a08..76be97a1f 100644 --- a/app/controllers/registrant_controller.rb +++ b/app/controllers/registrant_controller.rb @@ -1,11 +1,22 @@ class RegistrantController < ApplicationController - before_action :authenticate_user! + before_action :authenticate_registrant_user! layout 'registrant/application' include Registrant::ApplicationHelper helper_method :head_title_sufix + def head_title_sufix t(:registrant_head_title_sufix) end -end + + private + + def current_ability + @current_ability ||= Ability.new(current_registrant_user, request.remote_ip) + end + + def user_for_paper_trail + current_registrant_user.present? ? current_registrant_user.id_role_username : 'public' + end +end \ No newline at end of file diff --git a/app/controllers/registrar/account_activities_controller.rb b/app/controllers/registrar/account_activities_controller.rb index 0b95d0122..baa0256af 100644 --- a/app/controllers/registrar/account_activities_controller.rb +++ b/app/controllers/registrar/account_activities_controller.rb @@ -4,7 +4,7 @@ class Registrar def index params[:q] ||= {} - account = current_user.registrar.cash_account + account = current_registrar_user.registrar.cash_account ca_cache = params[:q][:created_at_lteq] begin diff --git a/app/controllers/registrar/base_controller.rb b/app/controllers/registrar/base_controller.rb index 90f2f5210..2bd2eb492 100644 --- a/app/controllers/registrar/base_controller.rb +++ b/app/controllers/registrar/base_controller.rb @@ -2,7 +2,7 @@ class Registrar class BaseController < ApplicationController include Registrar::ApplicationHelper - before_action :authenticate_user! + before_action :authenticate_registrar_user! before_action :check_ip_restriction helper_method :depp_controller? helper_method :head_title_sufix @@ -10,21 +10,21 @@ class Registrar protected def current_ability - @current_ability ||= Ability.new(current_user, request.remote_ip) + @current_ability ||= Ability.new(current_registrar_user, request.remote_ip) end private def check_ip_restriction ip_restriction = Authorization::RestrictedIP.new(request.ip) - allowed = ip_restriction.can_access_registrar_area?(current_user.registrar) + allowed = ip_restriction.can_access_registrar_area?(current_registrar_user.registrar) return if allowed - sign_out current_user + sign_out current_registrar_user flash[:alert] = t('registrar.authorization.ip_not_allowed', ip: request.ip) - redirect_to registrar_login_url + redirect_to new_registrar_user_session_url end def depp_controller? @@ -34,5 +34,9 @@ class Registrar def head_title_sufix t(:registrar_head_title_sufix) end + + def user_for_paper_trail + current_registrar_user.present? ? current_registrar_user.id_role_username : 'public' + end end end diff --git a/app/controllers/registrar/bulk_change_controller.rb b/app/controllers/registrar/bulk_change_controller.rb index 562344a46..441127f6c 100644 --- a/app/controllers/registrar/bulk_change_controller.rb +++ b/app/controllers/registrar/bulk_change_controller.rb @@ -10,7 +10,7 @@ class Registrar private def available_contacts - current_user.registrar.contacts.order(:name).pluck(:name, :code) + current_registrar_user.registrar.contacts.order(:name).pluck(:name, :code) end def default_tab diff --git a/app/controllers/registrar/contacts_controller.rb b/app/controllers/registrar/contacts_controller.rb index cb059641e..f343f9bfb 100644 --- a/app/controllers/registrar/contacts_controller.rb +++ b/app/controllers/registrar/contacts_controller.rb @@ -21,11 +21,11 @@ class Registrar end if params[:statuses_contains] - contacts = current_user.registrar.contacts.includes(:registrar).where( + contacts = current_registrar_user.registrar.contacts.includes(:registrar).where( "contacts.statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}" ) else - contacts = current_user.registrar.contacts.includes(:registrar) + contacts = current_registrar_user.registrar.contacts.includes(:registrar) end normalize_search_parameters do @@ -45,7 +45,7 @@ class Registrar @contacts = Contact.find_by(name: params[:q][:name_matches]) end - contacts = current_user.registrar.contacts.includes(:registrar) + contacts = current_registrar_user.registrar.contacts.includes(:registrar) contacts = contacts.filter_by_states(params[:statuses_contains]) if params[:statuses_contains] normalize_search_parameters do diff --git a/app/controllers/registrar/current_user_controller.rb b/app/controllers/registrar/current_user_controller.rb index 266e4b915..624ee294e 100644 --- a/app/controllers/registrar/current_user_controller.rb +++ b/app/controllers/registrar/current_user_controller.rb @@ -3,9 +3,9 @@ class Registrar skip_authorization_check def switch - raise 'Cannot switch to unlinked user' unless current_user.linked_with?(new_user) + raise 'Cannot switch to unlinked user' unless current_registrar_user.linked_with?(new_user) - sign_in(new_user) + sign_in(:registrar_user, new_user) redirect_to :back, notice: t('.switched', new_user: new_user) end diff --git a/app/controllers/registrar/deposits_controller.rb b/app/controllers/registrar/deposits_controller.rb index ec6d13977..6b10ccdd3 100644 --- a/app/controllers/registrar/deposits_controller.rb +++ b/app/controllers/registrar/deposits_controller.rb @@ -7,7 +7,7 @@ class Registrar end def create - @deposit = Deposit.new(deposit_params.merge(registrar: current_user.registrar)) + @deposit = Deposit.new(deposit_params.merge(registrar: current_registrar_user.registrar)) @invoice = @deposit.issue_prepayment_invoice if @invoice&.persisted? diff --git a/app/controllers/registrar/depp_controller.rb b/app/controllers/registrar/depp_controller.rb index 234ab40b7..87269b160 100644 --- a/app/controllers/registrar/depp_controller.rb +++ b/app/controllers/registrar/depp_controller.rb @@ -5,13 +5,13 @@ class Registrar rescue_from(Errno::ECONNRESET, Errno::ECONNREFUSED) do |exception| logger.error 'COULD NOT CONNECT TO REGISTRY' logger.error exception.backtrace.join("\n") - redirect_to registrar_login_url, alert: t(:no_connection_to_registry) + redirect_to new_registrar_user_session_url, alert: t(:no_connection_to_registry) end before_action :authenticate_user def authenticate_user - redirect_to registrar_login_url and return unless depp_current_user + redirect_to new_registrar_user_session_url and return unless depp_current_user end def depp_controller? @@ -19,10 +19,10 @@ class Registrar end def depp_current_user - return nil unless current_user + return nil unless current_registrar_user @depp_current_user ||= Depp::User.new( - tag: current_user.username, - password: current_user.password + tag: current_registrar_user.username, + password: current_registrar_user.password ) end diff --git a/app/controllers/registrar/domain_transfers_controller.rb b/app/controllers/registrar/domain_transfers_controller.rb index 7c0925f03..f65f3cece 100644 --- a/app/controllers/registrar/domain_transfers_controller.rb +++ b/app/controllers/registrar/domain_transfers_controller.rb @@ -21,7 +21,7 @@ class Registrar uri = URI.parse("#{ENV['repp_url']}domain_transfers") request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json') request.body = { data: { domainTransfers: domain_transfers } }.to_json - request.basic_auth(current_user.username, current_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.password) if Rails.env.test? diff --git a/app/controllers/registrar/domains_controller.rb b/app/controllers/registrar/domains_controller.rb index 7cb8fdfbe..d2969bb69 100644 --- a/app/controllers/registrar/domains_controller.rb +++ b/app/controllers/registrar/domains_controller.rb @@ -16,11 +16,11 @@ class Registrar end if params[:statuses_contains] - domains = current_user.registrar.domains.includes(:registrar, :registrant).where( + domains = current_registrar_user.registrar.domains.includes(:registrar, :registrant).where( "statuses @> ?::varchar[]", "{#{params[:statuses_contains].join(',')}}" ) else - domains = current_user.registrar.domains.includes(:registrar, :registrant) + domains = current_registrar_user.registrar.domains.includes(:registrar, :registrant) end normalize_search_parameters do @@ -142,7 +142,7 @@ class Registrar def search_contacts authorize! :create, Depp::Domain - scope = current_user.registrar.contacts.limit(10) + scope = current_registrar_user.registrar.contacts.limit(10) if params[:query].present? escaped_str = ActiveRecord::Base.connection.quote_string params[:query] scope = scope.where("name ilike '%#{escaped_str}%' OR code ilike '%#{escaped_str}%' ") @@ -159,7 +159,7 @@ class Registrar def contacts - current_user.registrar.contacts + current_registrar_user.registrar.contacts end def normalize_search_parameters diff --git a/app/controllers/registrar/invoices_controller.rb b/app/controllers/registrar/invoices_controller.rb index 735df91a3..548e47ebe 100644 --- a/app/controllers/registrar/invoices_controller.rb +++ b/app/controllers/registrar/invoices_controller.rb @@ -6,7 +6,7 @@ class Registrar def index params[:q] ||= {} - invoices = current_user.registrar.invoices.includes(:invoice_items, :account_activity) + invoices = current_registrar_user.registrar.invoices.includes(:invoice_items, :account_activity) normalize_search_parameters do @q = invoices.search(params[:q]) diff --git a/app/controllers/registrar/nameservers_controller.rb b/app/controllers/registrar/nameservers_controller.rb index b6f7af829..90dd5afb4 100644 --- a/app/controllers/registrar/nameservers_controller.rb +++ b/app/controllers/registrar/nameservers_controller.rb @@ -12,7 +12,7 @@ class Registrar attributes: { hostname: params[:new_hostname], ipv4: ipv4, ipv6: ipv6 } } }.to_json - request.basic_auth(current_user.username, current_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/controllers/registrar/profile_controller.rb b/app/controllers/registrar/profile_controller.rb index 5f202a894..1fe6d6a0b 100644 --- a/app/controllers/registrar/profile_controller.rb +++ b/app/controllers/registrar/profile_controller.rb @@ -5,13 +5,13 @@ class Registrar helper_method :linked_users def show - @user = current_user + @user = current_registrar_user end private def linked_users - current_user.linked_users + current_registrar_user.linked_users end end end diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index 1a8b195ee..d7a690752 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -3,7 +3,7 @@ class Registrar before_action :check_ip_restriction helper_method :depp_controller? - def login + def new @depp_user = Depp::User.new end @@ -30,7 +30,7 @@ class Registrar unless @api_user @depp_user.errors.add(:base, t(:no_such_user)) - render 'login' and return + render :new and return end if @depp_user.pki @@ -41,14 +41,13 @@ class Registrar if @depp_user.errors.none? if @api_user.active? - sign_in @api_user - redirect_to registrar_root_url + sign_in_and_redirect(:registrar_user, @api_user) else @depp_user.errors.add(:base, :not_active) - render 'login' + render :new end else - render 'login' + render :new end end @@ -56,11 +55,10 @@ class Registrar @user = ApiUser.find_by_idc_data_and_allowed(request.env['SSL_CLIENT_S_DN'], request.ip) if @user - sign_in(@user, event: :authentication) - redirect_to registrar_root_url + sign_in_and_redirect(:registrar_user, @user, event: :authentication) else flash[:alert] = t('no_such_user') - redirect_to registrar_login_url + redirect_to new_registrar_user_session_url end end @@ -91,7 +89,7 @@ class Registrar @user = find_user_by_idc_and_allowed(response.user_id_code) else @user = find_user_by_idc(response.user_id_code) - end + end if @user.persisted? session[:user_id_code] = response.user_id_code @@ -117,7 +115,7 @@ class Registrar render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok when 'USER_AUTHENTICATED' @user = find_user_by_idc_and_allowed(session[:user_id_code]) - sign_in @user + sign_in(:registrar_user, @user) flash[:notice] = t(:welcome) flash.keep(:notice) render js: "window.location = '#{registrar_root_url}'" @@ -163,8 +161,6 @@ class Registrar end end - - def check_ip_restriction ip_restriction = Authorization::RestrictedIP.new(request.ip) allowed = ip_restriction.can_access_registrar_area_sign_in_page? @@ -173,5 +169,13 @@ class Registrar render text: t('registrar.authorization.ip_not_allowed', ip: request.ip) end + + def after_sign_in_path_for(resource_or_scope) + registrar_root_path + end + + def after_sign_out_path_for(resource_or_scope) + new_registrar_user_session_path + end end -end +end \ No newline at end of file diff --git a/app/controllers/registrar/tech_contacts_controller.rb b/app/controllers/registrar/tech_contacts_controller.rb index 9d4568ad6..fe3dd86da 100644 --- a/app/controllers/registrar/tech_contacts_controller.rb +++ b/app/controllers/registrar/tech_contacts_controller.rb @@ -8,7 +8,7 @@ class Registrar request = Net::HTTP::Patch.new(uri) request.set_form_data(current_contact_id: params[:current_contact_id], new_contact_id: params[:new_contact_id]) - request.basic_auth(current_user.username, current_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/views/admin/base/_menu.haml b/app/views/admin/base/_menu.haml index 7c813e43e..957b7826d 100644 --- a/app/views/admin/base/_menu.haml +++ b/app/views/admin/base/_menu.haml @@ -41,4 +41,4 @@ - if signed_in? %ul.nav.navbar-nav.navbar-right - %li= link_to t(:log_out, user: current_user), '/admin/logout' + %li= link_to t(:log_out, user: current_admin_user), destroy_admin_user_session_path, method: :delete, class: 'navbar-link' diff --git a/app/views/admin/sessions/login.haml b/app/views/admin/sessions/new.haml similarity index 84% rename from app/views/admin/sessions/login.haml rename to app/views/admin/sessions/new.haml index 1ecca10ae..d37461c85 100644 --- a/app/views/admin/sessions/login.haml +++ b/app/views/admin/sessions/new.haml @@ -3,7 +3,7 @@ %h2.form-signin-heading.text-center Eesti Interneti SA %hr .form-signin - = form_for(@admin_user, url: admin_sessions_path, method: :create, html: {class: 'form-signin'}) do |f| + = form_for(@admin_user, url: admin_user_session_path, html: {class: 'form-signin'}) do |f| = render 'admin/shared/errors', object: f.object - error_class = f.object.errors.any? ? 'has-error' : '' diff --git a/app/views/layouts/devise.haml b/app/views/layouts/devise.haml index aaa1c8e31..839290cef 100644 --- a/app/views/layouts/devise.haml +++ b/app/views/layouts/devise.haml @@ -18,7 +18,7 @@ %span.icon-bar %span.icon-bar %span.icon-bar - = link_to admin_login_path, class: 'navbar-brand' do + = link_to new_admin_user_session_path, class: 'navbar-brand' do = ENV['app_name'] - if unstable_env.present? .text-center diff --git a/app/views/layouts/registrant/application.html.erb b/app/views/layouts/registrant/application.html.erb index 075ac4652..6d47b72cf 100644 --- a/app/views/layouts/registrant/application.html.erb +++ b/app/views/layouts/registrant/application.html.erb @@ -37,7 +37,7 @@ <% end %> <% end %> - <% if current_user %> + <% if current_registrant_user %>
    <% if can? :view, Depp::Domain %> @@ -54,9 +54,9 @@ <% end %>
    - <% if user_signed_in? %> + <% if registrant_user_signed_in? %>
  • - <%= link_to t(:log_out, user: current_user), '/registrant/logout' %> + <%= link_to t(:log_out, user: current_registrant_user), destroy_registrant_user_session_path, method: :delete %>
    • <% end %>
diff --git a/app/views/registrant/sessions/login.haml b/app/views/registrant/sessions/new.haml similarity index 100% rename from app/views/registrant/sessions/login.haml rename to app/views/registrant/sessions/new.haml diff --git a/app/views/registrar/base/_current_user.html.erb b/app/views/registrar/base/_current_user.html.erb index 75d159bfb..0e45c9c7d 100644 --- a/app/views/registrar/base/_current_user.html.erb +++ b/app/views/registrar/base/_current_user.html.erb @@ -1,5 +1,5 @@ -<% current_user_presenter = UserPresenter.new(user: current_user, view: self) %> +<% current_user_presenter = UserPresenter.new(user: current_registrar_user, view: self) %> <%= link_to current_user_presenter.login_with_role, registrar_profile_path, id: 'registrar-profile-btn', class: 'navbar-link' %> | -<%= link_to t('.sign_out'), registrar_destroy_user_session_path, method: :delete, class: 'navbar-link' %> +<%= link_to t('.sign_out'), destroy_registrar_user_session_path, method: :delete, class: 'navbar-link' %> diff --git a/app/views/registrar/invoices/index.haml b/app/views/registrar/invoices/index.haml index 61d955708..47270f2a6 100644 --- a/app/views/registrar/invoices/index.haml +++ b/app/views/registrar/invoices/index.haml @@ -4,8 +4,8 @@ = render 'shared/title', name: t(:your_account) = t(:your_current_account_balance_is, - balance: currency(current_user.registrar.cash_account.balance), - currency: current_user.registrar.cash_account.currency) + balance: currency(current_registrar_user.registrar.cash_account.balance), + currency: current_registrar_user.registrar.cash_account.currency) %h1= t(:invoices) .row diff --git a/app/views/registrar/sessions/login.haml b/app/views/registrar/sessions/new.haml similarity index 88% rename from app/views/registrar/sessions/login.haml rename to app/views/registrar/sessions/new.haml index 75ec951af..4d273c9f4 100644 --- a/app/views/registrar/sessions/login.haml +++ b/app/views/registrar/sessions/new.haml @@ -2,7 +2,7 @@ .form-signin.col-md-6.center-block.text-center %h2.form-signin-heading.text-center= t(:log_in) %hr - = form_for @depp_user, url: registrar_sessions_path, html: {class: 'form-signin'} do |f| + = form_for @depp_user, url: registrar_user_session_path, html: {class: 'form-signin'} do |f| = render 'registrar/shared/errors', object: f.object - error_class = f.object.errors.any? ? 'has-error' : '' diff --git a/config/locales/registrar/sessions.en.yml b/config/locales/registrar/sessions.en.yml index 25031e189..55d72979c 100644 --- a/config/locales/registrar/sessions.en.yml +++ b/config/locales/registrar/sessions.en.yml @@ -1,7 +1,7 @@ en: registrar: sessions: - login: + new: login_btn: Login login_mid: login_btn: Login diff --git a/config/routes.rb b/config/routes.rb index 7e0e99815..6c78b1742 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -22,6 +22,16 @@ Rails.application.routes.draw do namespace :registrar do root 'dashboard#show' + devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, + class_name: 'ApiUser' + devise_scope :registrar_user do + get 'login/mid' => 'sessions#login_mid' + post 'login/mid' => 'sessions#mid' + post 'login/mid_status' => 'sessions#mid_status' + post 'id' => 'sessions#id' + post 'mid' => 'sessions#mid' + end + resources :invoices do member do get 'download_pdf' @@ -33,18 +43,6 @@ Rails.application.routes.draw do resources :deposits resources :account_activities - devise_scope :user do - get 'login' => 'sessions#login' - get 'login/mid' => 'sessions#login_mid' - post 'login/mid' => 'sessions#mid' - post 'login/mid_status' => 'sessions#mid_status' - - post 'sessions' => 'sessions#create' - post 'id' => 'sessions#id' - post 'mid' => 'sessions#mid' - delete 'logout', to: '/devise/sessions#destroy', as: :destroy_user_session - end - put 'current_user/switch/:new_user_id', to: 'current_user#switch', as: :switch_current_user resource :profile, controller: :profile, only: :show @@ -100,6 +98,16 @@ Rails.application.routes.draw do namespace :registrant do root 'domains#index' + devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, + class_name: 'RegistrantUser' + devise_scope :registrant_user do + get 'login/mid' => 'sessions#login_mid' + post 'login/mid' => 'sessions#mid' + post 'login/mid_status' => 'sessions#mid_status' + post 'mid' => 'sessions#mid' + post 'id' => 'sessions#id' + end + resources :domains, only: %i[index show] do collection do get :download_list @@ -112,19 +120,6 @@ Rails.application.routes.draw do resources :domain_update_confirms resources :domain_delete_confirms - - devise_scope :user do - get 'login' => 'sessions#login' - get 'login/mid' => 'sessions#login_mid' - post 'login/mid' => 'sessions#mid' - post 'login/mid_status' => 'sessions#mid_status' - - post 'sessions' => 'sessions#create' - post 'mid' => 'sessions#mid' - post 'id' => 'sessions#id' - get 'logout' => '/devise/sessions#destroy' - end - resources :domains do resources :registrant_verifications collection do @@ -150,6 +145,8 @@ Rails.application.routes.draw do # ADMIN ROUTES namespace :admin do root 'dashboard#show' + devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, + class_name: 'AdminUser' resources :keyrelays resources :zonefiles @@ -251,18 +248,10 @@ Rails.application.routes.draw do resources :epp_logs resources :repp_logs - devise_scope :user do - get 'login' => 'sessions#login' - post 'sessions' => 'sessions#create' - get 'logout' => '/devise/sessions#destroy' - end - - authenticate :user do + authenticate :admin_user do mount Que::Web, at: 'que' end end - devise_for :users - root to: redirect('admin/login') -end +end \ No newline at end of file diff --git a/doc/controllers_complete.svg b/doc/controllers_complete.svg index 7f3644dd3..0501ceac9 100644 --- a/doc/controllers_complete.svg +++ b/doc/controllers_complete.svg @@ -433,14 +433,6 @@ ApplicationController -admin_request? -after_sign_in_path_for -after_sign_out_path_for -api_user_log_str -current_root_url -registrant_request? -registrar_request? -user_for_paper_trail _layout diff --git a/spec/features/registrar/home_link_spec.rb b/spec/features/registrar/home_link_spec.rb index 04d61e1b7..b42c41746 100644 --- a/spec/features/registrar/home_link_spec.rb +++ b/spec/features/registrar/home_link_spec.rb @@ -2,7 +2,7 @@ require 'rails_helper' RSpec.feature 'Registrar area home link', db: true do scenario 'is visible' do - visit registrar_login_url + visit new_registrar_user_session_url expect(page).to have_link('registrar-home-btn', href: registrar_root_path) end end diff --git a/spec/features/registrar/sign_in/mobile_id_spec.rb b/spec/features/registrar/sign_in/mobile_id_spec.rb index bc26daff5..35c0cc18e 100644 --- a/spec/features/registrar/sign_in/mobile_id_spec.rb +++ b/spec/features/registrar/sign_in/mobile_id_spec.rb @@ -9,7 +9,7 @@ RSpec.feature 'Mobile ID login', db: true do end scenario 'login with phone number' do - visit registrar_login_path + visit new_registrar_user_session_url click_on 'login-with-mobile-id-btn' fill_in 'user[phone]', with: '1234' diff --git a/spec/features/registrar/sign_in/password_spec.rb b/spec/features/registrar/sign_in/password_spec.rb deleted file mode 100644 index 64e22b8f4..000000000 --- a/spec/features/registrar/sign_in/password_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'rails_helper' - -RSpec.feature 'Registrar area password sign-in' do - scenario 'signs in the user with valid credentials' do - create(:api_user_with_unlimited_balance, - active: true, - login: 'test', - password: 'testtest') - - visit registrar_login_path - sign_in_with 'test', 'testtest' - - expect(page).to have_text(t('registrar.base.current_user.sign_out')) - end - - scenario 'notifies the user with invalid credentials' do - create(:api_user, login: 'test', password: 'testtest') - - visit registrar_login_path - sign_in_with 'test', 'invalid' - - expect(page).to have_text('No such user') - end - - scenario 'notifies the user with inactive account' do - create(:api_user, active: false, login: 'test', password: 'testtest') - - visit registrar_login_path - sign_in_with 'test', 'testtest' - - expect(page).to have_text('User is not active') - end - - def sign_in_with(username, password) - fill_in 'depp_user_tag', with: username - fill_in 'depp_user_password', with: password - click_button 'Login' - end -end diff --git a/spec/features/registrar/sign_out_spec.rb b/spec/features/registrar/sign_out_spec.rb deleted file mode 100644 index 09ae011cd..000000000 --- a/spec/features/registrar/sign_out_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'rails_helper' - -RSpec.feature 'Registrar area sign-out', settings: false do - background do - sign_in_to_registrar_area(user: create(:api_user_with_unlimited_balance)) - end - - scenario 'signs the user out' do - visit registrar_root_path - click_on t('registrar.base.current_user.sign_out') - - expect(page).to have_text('Signed out successfully.') - end -end diff --git a/spec/requests/registrar/ip_restriction_spec.rb b/spec/requests/registrar/ip_restriction_spec.rb index 69ba33602..e43b7946b 100644 --- a/spec/requests/registrar/ip_restriction_spec.rb +++ b/spec/requests/registrar/ip_restriction_spec.rb @@ -22,7 +22,7 @@ RSpec.describe 'Registrar area IP restriction', settings: false do context 'when ip is allowed' do let!(:white_ip) { create(:white_ip, ipv4: '127.0.0.1', - registrar: controller.current_user.registrar, + registrar: controller.current_registrar_user.registrar, interfaces: [WhiteIp::REGISTRAR]) } specify do @@ -36,12 +36,12 @@ RSpec.describe 'Registrar area IP restriction', settings: false do it 'signs the user out' do get registrar_root_url follow_redirect! - expect(controller.current_user).to be_nil + expect(controller.current_registrar_user).to be_nil end it 'redirects to login url' do get registrar_root_url - expect(response).to redirect_to(registrar_login_url) + expect(response).to redirect_to(new_registrar_user_session_url) end end end @@ -67,14 +67,14 @@ RSpec.describe 'Registrar area IP restriction', settings: false do interfaces: [WhiteIp::REGISTRAR]) } specify do - get registrar_login_path + get new_registrar_user_session_path expect(response).to be_success end end context 'when ip is not allowed' do specify do - get registrar_login_path + get new_registrar_user_session_path expect(response.body).to match "Access denied" end end @@ -82,7 +82,7 @@ RSpec.describe 'Registrar area IP restriction', settings: false do context 'when IP restriction is disabled' do specify do - get registrar_login_path + get new_registrar_user_session_path expect(response).to be_success end end diff --git a/spec/requests/registrar/linked_users_spec.rb b/spec/requests/registrar/linked_users_spec.rb index d5d51e3c6..352508f6d 100644 --- a/spec/requests/registrar/linked_users_spec.rb +++ b/spec/requests/registrar/linked_users_spec.rb @@ -6,7 +6,7 @@ RSpec.describe 'Registrar area linked users', db: false do let!(:current_user) { create(:api_user, id: 1, identity_code: 'code') } before do - sign_in_to_registrar_area(user: current_user) + sign_in current_user end context 'when ip is allowed' do @@ -23,7 +23,7 @@ RSpec.describe 'Registrar area linked users', db: false do it 'signs in as a new user' do put '/registrar/current_user/switch/2', nil, { HTTP_REFERER: registrar_contacts_url } follow_redirect! - expect(controller.current_user.id).to eq(2) + expect(controller.current_registrar_user.id).to eq(2) end it 'redirects back' do @@ -46,7 +46,6 @@ RSpec.describe 'Registrar area linked users', db: false do put '/registrar/current_user/switch/2', nil, { HTTP_REFERER: registrar_contacts_path } end - follow_redirect! expect(controller.current_user.id).to eq(1) end end @@ -62,7 +61,7 @@ RSpec.describe 'Registrar area linked users', db: false do specify do put '/registrar/current_user/switch/2' - expect(response).to redirect_to(registrar_login_url) + expect(response).to redirect_to(new_registrar_user_session_url) end end end @@ -70,7 +69,7 @@ RSpec.describe 'Registrar area linked users', db: false do context 'when user is not authenticated' do specify do put '/registrar/current_user/switch/2' - expect(response).to redirect_to(registrar_login_url) + expect(response).to redirect_to(new_registrar_user_session_url) end end end diff --git a/spec/requests/registrar/sign_in/password_spec.rb b/spec/requests/registrar/sign_in/password_spec.rb deleted file mode 100644 index b875de98a..000000000 --- a/spec/requests/registrar/sign_in/password_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'rails_helper' - -RSpec.describe 'Registrar area password sign-in', settings: false do - let!(:user) { create(:api_user, active: true, login: 'test', password: 'testtest') } - - it 'signs the user in' do - post registrar_sessions_path, depp_user: { tag: 'test', password: 'testtest' } - follow_redirect! - expect(controller.current_user).to eq(user) - end - - it 'redirects to root url' do - post registrar_sessions_path, depp_user: { tag: 'test', password: 'testtest' } - expect(response).to redirect_to(registrar_root_url) - end -end diff --git a/spec/requests/registrar/sign_out_spec.rb b/spec/requests/registrar/sign_out_spec.rb deleted file mode 100644 index 4f5b099c0..000000000 --- a/spec/requests/registrar/sign_out_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'rails_helper' - -RSpec.describe 'Registrar area sign-out', settings: false do - before do - sign_in_to_registrar_area - end - - it 'signs the user out' do - delete registrar_destroy_user_session_path - follow_redirect! - expect(controller.current_user).to be_nil - end - - it 'redirects to login url' do - delete registrar_destroy_user_session_path - expect(response).to redirect_to(registrar_login_url) - end -end diff --git a/spec/support/features/session_helpers.rb b/spec/support/features/session_helpers.rb index df02691d2..70ebce981 100644 --- a/spec/support/features/session_helpers.rb +++ b/spec/support/features/session_helpers.rb @@ -1,7 +1,7 @@ module Features module SessionHelpers def sign_in_to_admin_area(user: create(:admin_user)) - visit admin_login_url + visit new_admin_user_session_url fill_in 'admin_user[username]', with: user.username fill_in 'admin_user[password]', with: user.password @@ -10,7 +10,7 @@ module Features end def sign_in_to_registrar_area(user: create(:api_user)) - visit registrar_login_url + visit new_registrar_user_session_url fill_in 'depp_user_tag', with: user.username fill_in 'depp_user_password', with: user.password diff --git a/spec/support/requests/session_helpers.rb b/spec/support/requests/session_helpers.rb index 84cb9c701..6c30c00c9 100644 --- a/spec/support/requests/session_helpers.rb +++ b/spec/support/requests/session_helpers.rb @@ -1,11 +1,11 @@ module Requests module SessionHelpers def sign_in_to_admin_area(user: create(:admin_user)) - post admin_sessions_path, admin_user: { username: user.username, password: user.password } + post admin_user_session_path, admin_user: { username: user.username, password: user.password } end def sign_in_to_registrar_area(user: create(:api_user)) - post registrar_sessions_path, { depp_user: { tag: user.username, password: user.password } } + post registrar_user_session_path, { depp_user: { tag: user.username, password: user.password } } end end -end +end \ No newline at end of file diff --git a/test/integration/admin/login_test.rb b/test/integration/admin/login_test.rb new file mode 100644 index 000000000..898c8b148 --- /dev/null +++ b/test/integration/admin/login_test.rb @@ -0,0 +1,27 @@ +require 'test_helper' + +class AdminAreaLoginTest < ActionDispatch::IntegrationTest + def setup + @user = users(:admin) + end + + def test_correct_username_and_password + visit new_admin_user_session_url + fill_in 'admin_user_username', with: @user.username + fill_in 'admin_user_password', with: 'testtest' + click_button 'Log in' + + assert_text 'Log out' + assert_current_path admin_root_path + end + + def test_wrong_password + visit new_admin_user_session_url + fill_in 'admin_user_username', with: @user.username + fill_in 'admin_user_password', with: 'wrong' + click_button 'Log in' + + assert_text 'Authorization error' + assert_current_path new_admin_user_session_path + end +end \ No newline at end of file diff --git a/test/integration/admin/logout_test.rb b/test/integration/admin/logout_test.rb new file mode 100644 index 000000000..f15776993 --- /dev/null +++ b/test/integration/admin/logout_test.rb @@ -0,0 +1,15 @@ +require 'test_helper' + +class AdminAreaLogoutTest < ActionDispatch::IntegrationTest + def setup + sign_in users(:admin) + end + + def test_logout + visit admin_root_url + click_on 'Log out' + + assert_text 'Signed out successfully' + assert_current_path new_admin_user_session_path + end +end \ No newline at end of file diff --git a/test/integration/admin/protected_area_test.rb b/test/integration/admin/protected_area_test.rb new file mode 100644 index 000000000..b13e335ce --- /dev/null +++ b/test/integration/admin/protected_area_test.rb @@ -0,0 +1,22 @@ +require 'test_helper' + +class AdminAreaProtectedAreaTest < ActionDispatch::IntegrationTest + def test_unauthenticated_user_is_asked_to_authenticate_when_navigating_to_protected_area + visit admin_domains_url + assert_text 'You need to sign in before continuing' + assert_current_path new_admin_user_session_path + end + + def test_authenticated_user_can_access_protected_area + sign_in users(:admin) + visit admin_domains_url + assert_current_path admin_domains_path + end + + def test_authenticated_user_is_not_asked_to_authenticate_again + sign_in users(:admin) + visit new_admin_user_session_url + assert_text 'You are already signed in' + assert_current_path admin_root_path + end +end \ No newline at end of file diff --git a/test/integration/registrar/login_test.rb b/test/integration/registrar/login_test.rb new file mode 100644 index 000000000..bfacd3c16 --- /dev/null +++ b/test/integration/registrar/login_test.rb @@ -0,0 +1,39 @@ +require 'test_helper' + +class RegistrarAreaLoginTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + end + + def test_correct_username_and_password + visit new_registrar_user_session_url + fill_in 'depp_user_tag', with: @user.username + fill_in 'depp_user_password', with: 'testtest' + click_button 'Login' + + assert_text 'Log out' + assert_current_path registrar_root_path + end + + def test_wrong_password + visit new_registrar_user_session_url + fill_in 'depp_user_tag', with: @user.username + fill_in 'depp_user_password', with: 'wrong' + click_button 'Login' + + assert_text 'No such user' + assert_current_path new_registrar_user_session_path + end + + def test_inactive_user + @user.update!(active: false) + + visit new_registrar_user_session_url + fill_in 'depp_user_tag', with: @user.username + fill_in 'depp_user_password', with: 'testtest' + click_button 'Login' + + assert_text 'User is not active' + assert_current_path new_registrar_user_session_path + end +end \ No newline at end of file diff --git a/test/integration/registrar/logout_test.rb b/test/integration/registrar/logout_test.rb new file mode 100644 index 000000000..9f2bba9dd --- /dev/null +++ b/test/integration/registrar/logout_test.rb @@ -0,0 +1,15 @@ +require 'test_helper' + +class RegistrarAreaLogoutTest < ActionDispatch::IntegrationTest + def setup + sign_in users(:api_bestnames) + end + + def test_logout + visit registrar_root_url + click_on 'Log out' + + assert_text 'Signed out successfully' + assert_current_path new_registrar_user_session_path + end +end \ No newline at end of file diff --git a/test/integration/registrar/protected_area_test.rb b/test/integration/registrar/protected_area_test.rb new file mode 100644 index 000000000..967a37dec --- /dev/null +++ b/test/integration/registrar/protected_area_test.rb @@ -0,0 +1,22 @@ +require 'test_helper' + +class RegistrarAreaProtectedAreaTest < ActionDispatch::IntegrationTest + def test_unauthenticated_user_is_asked_to_authenticate_when_navigating_to_protected_area + visit registrar_domains_url + assert_text 'You need to sign in before continuing' + assert_current_path new_registrar_user_session_path + end + + def test_authenticated_user_can_access_protected_area + sign_in users(:api_bestnames) + visit registrar_domains_url + assert_current_path registrar_domains_path + end + + def test_authenticated_user_is_not_asked_to_authenticate_again + sign_in users(:api_bestnames) + visit new_registrar_user_session_url + assert_text 'You are already signed in' + assert_current_path registrar_root_path + end +end \ No newline at end of file From fa9731be16d01ba8afc32c196047ca731e81b666 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 20 Jun 2018 12:21:44 +0300 Subject: [PATCH 22/72] Remove redirection --- app/controllers/registrar/dashboard_controller.rb | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/app/controllers/registrar/dashboard_controller.rb b/app/controllers/registrar/dashboard_controller.rb index 80b3f530b..468c7513a 100644 --- a/app/controllers/registrar/dashboard_controller.rb +++ b/app/controllers/registrar/dashboard_controller.rb @@ -3,11 +3,6 @@ class Registrar authorize_resource class: false def show - if can?(:show, :poll) - redirect_to registrar_poll_url and return - elsif can?(:show, Invoice) - redirect_to registrar_invoices_url and return - end end end -end +end \ No newline at end of file From 904975ad2deefa3767f61ba6d908a1776d6076d0 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 20 Jun 2018 12:25:09 +0300 Subject: [PATCH 23/72] Update fixtures --- test/fixtures/users.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index b20bd8a83..494cadd24 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -18,6 +18,7 @@ api_goodnames: admin: username: test + encrypted_password: <%= Devise::Encryptor.digest(AdminUser, 'testtest') %> type: AdminUser country_code: US roles: From 7d405459668e9f1631b25451f6d8c5ffd54b703a Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 21 Jun 2018 17:56:24 +0300 Subject: [PATCH 24/72] Reformat --- db/structure.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/db/structure.sql b/db/structure.sql index a6f0355a4..39c5eb043 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -3259,7 +3259,7 @@ ALTER TABLE ONLY settings -- --- Name: uniq_contact_uuid; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: +-- Name: uniq_contact_uuid; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: -- ALTER TABLE ONLY contacts @@ -3267,7 +3267,7 @@ ALTER TABLE ONLY contacts -- --- Name: uniq_domain_uuid; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: +-- Name: uniq_domain_uuid; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: -- ALTER TABLE ONLY domains From 32ecf3605759bf072e136374d3addb56986adb91 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Fri, 13 Jul 2018 23:09:21 +0300 Subject: [PATCH 25/72] Rename `users.password` to `users.plain_text_password` Otherwise it conflicts with Devise --- app/api/repp/api.rb | 2 +- app/controllers/admin/api_users_controller.rb | 4 ++-- app/controllers/epp/sessions_controller.rb | 4 ++-- app/controllers/registrar/depp_controller.rb | 2 +- app/controllers/registrar/domain_transfers_controller.rb | 2 +- app/controllers/registrar/nameservers_controller.rb | 2 +- app/controllers/registrar/sessions_controller.rb | 3 ++- app/controllers/registrar/tech_contacts_controller.rb | 2 +- app/models/api_user.rb | 6 +++--- app/views/admin/api_users/_form.haml | 2 +- app/views/admin/api_users/show.haml | 2 +- ...13154915_rename_users_password_to_plain_text_password.rb | 5 +++++ db/structure.sql | 4 +++- lib/tasks/import.rake | 4 ++-- spec/api/repp/contact_v1_spec.rb | 2 +- spec/factories/api_user.rb | 2 +- spec/support/features/session_helpers.rb | 2 +- spec/support/requests/session_helpers.rb | 2 +- test/fixtures/users.yml | 4 ++-- 19 files changed, 32 insertions(+), 24 deletions(-) create mode 100644 db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb diff --git a/app/api/repp/api.rb b/app/api/repp/api.rb index 7858cd625..e5bda46f5 100644 --- a/app/api/repp/api.rb +++ b/app/api/repp/api.rb @@ -4,7 +4,7 @@ module Repp prefix :repp http_basic do |username, password| - @current_user ||= ApiUser.find_by(username: username, password: password) + @current_user ||= ApiUser.find_by(username: username, plain_text_password: password) if @current_user true else diff --git a/app/controllers/admin/api_users_controller.rb b/app/controllers/admin/api_users_controller.rb index 84344c2e9..7f6eb1a3d 100644 --- a/app/controllers/admin/api_users_controller.rb +++ b/app/controllers/admin/api_users_controller.rb @@ -32,7 +32,7 @@ module Admin end def update - params[:api_user].delete(:password) if params[:api_user][:password].blank? + params[:api_user].delete(:plain_text_password) if params[:api_user][:plain_text_password].blank? if @api_user.update(api_user_params) flash[:notice] = I18n.t('record_updated') redirect_to [:admin, @api_user] @@ -59,7 +59,7 @@ module Admin end def api_user_params - params.require(:api_user).permit(:username, :password, :active, + params.require(:api_user).permit(:username, :plain_text_password, :active, :registrar_id, :registrar_typeahead, :identity_code, { roles: [] }) end diff --git a/app/controllers/epp/sessions_controller.rb b/app/controllers/epp/sessions_controller.rb index e3e9f3114..05bbba9a8 100644 --- a/app/controllers/epp/sessions_controller.rb +++ b/app/controllers/epp/sessions_controller.rb @@ -81,7 +81,7 @@ class Epp::SessionsController < EppController if success if params[:parsed_frame].css('newPW').first - unless @api_user.update(password: params[:parsed_frame].css('newPW').first.text) + unless @api_user.update(plain_text_password: params[:parsed_frame].css('newPW').first.text) response.headers['X-EPP-Returncode'] = '2500' handle_errors(@api_user) and return end @@ -128,7 +128,7 @@ class Epp::SessionsController < EppController def login_params user = params[:parsed_frame].css('clID').first.text pw = params[:parsed_frame].css('pw').first.text - { username: user, password: pw } + { username: user, plain_text_password: pw } end private diff --git a/app/controllers/registrar/depp_controller.rb b/app/controllers/registrar/depp_controller.rb index 87269b160..70fb01c4a 100644 --- a/app/controllers/registrar/depp_controller.rb +++ b/app/controllers/registrar/depp_controller.rb @@ -22,7 +22,7 @@ class Registrar return nil unless current_registrar_user @depp_current_user ||= Depp::User.new( tag: current_registrar_user.username, - password: current_registrar_user.password + password: current_registrar_user.plain_text_password ) end diff --git a/app/controllers/registrar/domain_transfers_controller.rb b/app/controllers/registrar/domain_transfers_controller.rb index f65f3cece..71cbb306d 100644 --- a/app/controllers/registrar/domain_transfers_controller.rb +++ b/app/controllers/registrar/domain_transfers_controller.rb @@ -21,7 +21,7 @@ class Registrar uri = URI.parse("#{ENV['repp_url']}domain_transfers") request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json') request.body = { data: { domainTransfers: domain_transfers } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? diff --git a/app/controllers/registrar/nameservers_controller.rb b/app/controllers/registrar/nameservers_controller.rb index 31a047d2f..af2e00f7f 100644 --- a/app/controllers/registrar/nameservers_controller.rb +++ b/app/controllers/registrar/nameservers_controller.rb @@ -12,7 +12,7 @@ class Registrar attributes: { hostname: params[:new_hostname], ipv4: ipv4, ipv6: ipv6 } } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index d7a690752..a600869f8 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -26,7 +26,8 @@ class Registrar @depp_user.errors.add(:base, :webserver_client_cert_directive_should_be_required) end - @api_user = ApiUser.find_by(username: params[:depp_user][:tag], password: params[:depp_user][:password]) + @api_user = ApiUser.find_by(username: params[:depp_user][:tag], + plain_text_password: params[:depp_user][:password]) unless @api_user @depp_user.errors.add(:base, t(:no_such_user)) diff --git a/app/controllers/registrar/tech_contacts_controller.rb b/app/controllers/registrar/tech_contacts_controller.rb index fe3dd86da..22d667a41 100644 --- a/app/controllers/registrar/tech_contacts_controller.rb +++ b/app/controllers/registrar/tech_contacts_controller.rb @@ -8,7 +8,7 @@ class Registrar request = Net::HTTP::Patch.new(uri) request.set_form_data(current_contact_id: params[:current_contact_id], new_contact_id: params[:new_contact_id]) - request.basic_auth(current_registrar_user.username, current_registrar_user.password) + request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/models/api_user.rb b/app/models/api_user.rb index 378292076..da3497dd8 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -7,7 +7,7 @@ class ApiUser < User def epp_code_map { '2306' => [ # Parameter policy error - [:password, :blank] + [:plain_text_password, :blank] ] } end @@ -20,8 +20,8 @@ class ApiUser < User belongs_to :registrar has_many :certificates - validates :username, :password, :registrar, :roles, presence: true - validates :password, length: { minimum: min_password_length } + validates :username, :plain_text_password, :registrar, :roles, presence: true + validates :plain_text_password, length: { minimum: min_password_length } validates :username, uniqueness: true delegate :code, :name, to: :registrar, prefix: true diff --git a/app/views/admin/api_users/_form.haml b/app/views/admin/api_users/_form.haml index 9a26b9fc8..2e837b22a 100644 --- a/app/views/admin/api_users/_form.haml +++ b/app/views/admin/api_users/_form.haml @@ -13,7 +13,7 @@ .col-md-4.control-label = f.label :password, nil, class: 'required' .col-md-7 - = f.text_field :password, required: true, class: 'form-control' + = f.text_field :plain_text_password, required: true, class: 'form-control' .form-group .col-md-4.control-label diff --git a/app/views/admin/api_users/show.haml b/app/views/admin/api_users/show.haml index 00e562c6d..2e13445d1 100644 --- a/app/views/admin/api_users/show.haml +++ b/app/views/admin/api_users/show.haml @@ -21,7 +21,7 @@ %dd= @api_user.username %dt= t(:password) - %dd= @api_user.password + %dd= @api_user.plain_text_password %dt= t(:registrar_name) %dd= link_to(@api_user.registrar, admin_registrar_path(@api_user.registrar)) diff --git a/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb b/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb new file mode 100644 index 000000000..9636d69bf --- /dev/null +++ b/db/migrate/20180713154915_rename_users_password_to_plain_text_password.rb @@ -0,0 +1,5 @@ +class RenameUsersPasswordToPlainTextPassword < ActiveRecord::Migration + def change + rename_column :users, :password, :plain_text_password + end +end diff --git a/db/structure.sql b/db/structure.sql index b07f08000..40ae46e6d 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -2282,7 +2282,7 @@ ALTER SEQUENCE public.settings_id_seq OWNED BY public.settings.id; CREATE TABLE public.users ( id integer NOT NULL, username character varying, - password character varying, + plain_text_password character varying, created_at timestamp without time zone, updated_at timestamp without time zone, email character varying, @@ -4757,3 +4757,5 @@ INSERT INTO schema_migrations (version) VALUES ('20180613030330'); INSERT INTO schema_migrations (version) VALUES ('20180613045614'); +INSERT INTO schema_migrations (version) VALUES ('20180713154915'); + diff --git a/lib/tasks/import.rake b/lib/tasks/import.rake index 2fa67a827..a3b884935 100644 --- a/lib/tasks/import.rake +++ b/lib/tasks/import.rake @@ -145,7 +145,7 @@ namespace :import do if y.try(:cert) == 'idkaart' id_users << ApiUser.new({ username: y.try(:password) ? y.try(:password) : y.try(:password), - password: ('a'..'z').to_a.shuffle.first(8).join, + plain_text_password: ('a'..'z').to_a.shuffle.first(8).join, identity_code: y.try(:password) ? y.try(:password) : y.try(:password), registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id), roles: ['billing'], @@ -154,7 +154,7 @@ namespace :import do else temp << ApiUser.new({ username: x.handle.try(:strip), - password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join, + plain_text_password: y.try(:password) ? y.try(:password) : ('a'..'z').to_a.shuffle.first(8).join, registrar_id: Registrar.find_by(legacy_id: x.try(:id)).try(:id), roles: ['epp'], legacy_id: y.try(:id) diff --git a/spec/api/repp/contact_v1_spec.rb b/spec/api/repp/contact_v1_spec.rb index 716eb40cc..77ce38d2e 100644 --- a/spec/api/repp/contact_v1_spec.rb +++ b/spec/api/repp/contact_v1_spec.rb @@ -45,6 +45,6 @@ RSpec.describe Repp::ContactV1, db: true do end def http_auth_key - ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.password) + ActionController::HttpAuthentication::Basic.encode_credentials(user.username, user.plain_text_password) end end diff --git a/spec/factories/api_user.rb b/spec/factories/api_user.rb index a3f9623b6..01ba0f8da 100644 --- a/spec/factories/api_user.rb +++ b/spec/factories/api_user.rb @@ -1,7 +1,7 @@ FactoryBot.define do factory :api_user do sequence(:username) { |n| "test#{n}" } - password 'a' * ApiUser.min_password_length + plain_text_password 'a' * ApiUser.min_password_length roles ['super'] registrar diff --git a/spec/support/features/session_helpers.rb b/spec/support/features/session_helpers.rb index 70ebce981..1667db48c 100644 --- a/spec/support/features/session_helpers.rb +++ b/spec/support/features/session_helpers.rb @@ -13,7 +13,7 @@ module Features visit new_registrar_user_session_url fill_in 'depp_user_tag', with: user.username - fill_in 'depp_user_password', with: user.password + fill_in 'depp_user_password', with: user.plain_text_password click_button 'Login' end diff --git a/spec/support/requests/session_helpers.rb b/spec/support/requests/session_helpers.rb index 6c30c00c9..01e7ae674 100644 --- a/spec/support/requests/session_helpers.rb +++ b/spec/support/requests/session_helpers.rb @@ -5,7 +5,7 @@ module Requests end def sign_in_to_registrar_area(user: create(:api_user)) - post registrar_user_session_path, { depp_user: { tag: user.username, password: user.password } } + post registrar_user_session_path, { depp_user: { tag: user.username, password: user.plain_text_password } } end end end \ No newline at end of file diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 494cadd24..034af0484 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -1,6 +1,6 @@ api_bestnames: username: test_bestnames - password: testtest + plain_text_password: testtest type: ApiUser registrar: bestnames active: true @@ -9,7 +9,7 @@ api_bestnames: api_goodnames: username: test_goodnames - password: testtest + plain_text_password: testtest type: ApiUser registrar: goodnames active: true From 7a054ca8930cd2ea672e6c393cafb0e4ea113b95 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Fri, 13 Jul 2018 23:12:01 +0300 Subject: [PATCH 26/72] Fix tests and specs --- spec/requests/registrar/ip_restriction_spec.rb | 7 ++----- spec/requests/registrar/linked_users_spec.rb | 8 -------- test/system/registrar/sign_in_test.rb | 2 +- 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/spec/requests/registrar/ip_restriction_spec.rb b/spec/requests/registrar/ip_restriction_spec.rb index e43b7946b..49a04428a 100644 --- a/spec/requests/registrar/ip_restriction_spec.rb +++ b/spec/requests/registrar/ip_restriction_spec.rb @@ -2,11 +2,11 @@ require 'rails_helper' RSpec.describe 'Registrar area IP restriction', settings: false do before do - @original_registrar_ip_whitelist_enabled = Setting.registrar_ip_whitelist_enabled + @original_registrar_ip_whitelist_enabled_setting = Setting.registrar_ip_whitelist_enabled end after do - Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled + Setting.registrar_ip_whitelist_enabled = @original_registrar_ip_whitelist_enabled_setting end context 'when authenticated' do @@ -27,7 +27,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do specify do get registrar_root_url - follow_redirect! expect(response).to be_success end end @@ -35,7 +34,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do context 'when ip is not allowed' do it 'signs the user out' do get registrar_root_url - follow_redirect! expect(controller.current_registrar_user).to be_nil end @@ -49,7 +47,6 @@ RSpec.describe 'Registrar area IP restriction', settings: false do context 'when IP restriction is disabled' do specify do get registrar_root_url - follow_redirect! expect(response).to be_success end end diff --git a/spec/requests/registrar/linked_users_spec.rb b/spec/requests/registrar/linked_users_spec.rb index 352508f6d..05cf10600 100644 --- a/spec/requests/registrar/linked_users_spec.rb +++ b/spec/requests/registrar/linked_users_spec.rb @@ -40,14 +40,6 @@ RSpec.describe 'Registrar area linked users', db: false do put '/registrar/current_user/switch/2', nil, { HTTP_REFERER: registrar_contacts_path } end.to raise_error('Cannot switch to unlinked user') end - - it 'does not sign in as a new user' do - suppress StandardError do - put '/registrar/current_user/switch/2', nil, { HTTP_REFERER: registrar_contacts_path } - end - - expect(controller.current_user.id).to eq(1) - end end end diff --git a/test/system/registrar/sign_in_test.rb b/test/system/registrar/sign_in_test.rb index 9af5522f9..840839ccc 100644 --- a/test/system/registrar/sign_in_test.rb +++ b/test/system/registrar/sign_in_test.rb @@ -20,7 +20,7 @@ class RegistrarAreaSignInTest < JavaScriptApplicationSystemTestCase mock_client.expect(:session_code, 1234) Digidoc::Client.stub(:new, mock_client) do - visit registrar_login_path + visit new_registrar_user_session_path click_on 'login-with-mobile-id-btn' From f6ad22156ee01d3a2a80dc5c7dbc4e9d8a904778 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Fri, 13 Jul 2018 23:13:58 +0300 Subject: [PATCH 27/72] Supply PaperTrail with current user --- app/controllers/admin/base_controller.rb | 2 +- app/controllers/admin/sessions_controller.rb | 4 ++++ app/controllers/registrar/base_controller.rb | 2 +- app/controllers/registrar/sessions_controller.rb | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb index 52ff6aa7c..fe652b2db 100644 --- a/app/controllers/admin/base_controller.rb +++ b/app/controllers/admin/base_controller.rb @@ -14,7 +14,7 @@ module Admin end def user_for_paper_trail - current_admin_user.present? ? current_admin_user.id_role_username : 'public' + current_admin_user ? current_admin_user.id_role_username : 'guest' end end end \ No newline at end of file diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index 1e9be9eb7..7c396845c 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -31,5 +31,9 @@ module Admin def after_sign_out_path_for(resource_or_scope) new_admin_user_session_path end + + def user_for_paper_trail + current_admin_user ? current_admin_user.id_role_username : 'guest' + end end end \ No newline at end of file diff --git a/app/controllers/registrar/base_controller.rb b/app/controllers/registrar/base_controller.rb index 2bd2eb492..23a5a9954 100644 --- a/app/controllers/registrar/base_controller.rb +++ b/app/controllers/registrar/base_controller.rb @@ -36,7 +36,7 @@ class Registrar end def user_for_paper_trail - current_registrar_user.present? ? current_registrar_user.id_role_username : 'public' + current_registrar_user ? current_registrar_user.id_role_username : 'guest' end end end diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index a600869f8..e1c98785b 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -178,5 +178,9 @@ class Registrar def after_sign_out_path_for(resource_or_scope) new_registrar_user_session_path end + + def user_for_paper_trail + current_registrar_user ? current_registrar_user.id_role_username : 'guest' + end end end \ No newline at end of file From c7e426b8edd3a7fb62ca30cc9ce09bf94757386f Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sat, 14 Jul 2018 23:46:18 +0300 Subject: [PATCH 28/72] Extract translations --- config/locales/api_users.en.yml | 13 +++++++++++++ config/locales/en.yml | 10 ---------- 2 files changed, 13 insertions(+), 10 deletions(-) create mode 100644 config/locales/api_users.en.yml diff --git a/config/locales/api_users.en.yml b/config/locales/api_users.en.yml new file mode 100644 index 000000000..724306e4a --- /dev/null +++ b/config/locales/api_users.en.yml @@ -0,0 +1,13 @@ +en: + activerecord: + errors: + models: + api_user: + attributes: + username: + blank: 'Username is missing' + taken: 'Username already exists' + password: + blank: 'Password is missing' + registrar: + blank: 'Registrar is missing' \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 2afbb45a5..6efaab51f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -135,16 +135,6 @@ en: registrar: blank: 'Registrar is missing' - api_user: - attributes: - username: - blank: 'Username is missing' - taken: 'Username already exists' - password: - blank: 'Password is missing' - registrar: - blank: 'Registrar is missing' - dnskey: attributes: alg: From 28393adfb12950991903155e1e1f23750ba906f6 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 15 Jul 2018 00:36:04 +0300 Subject: [PATCH 29/72] Fix translation --- config/locales/api_users.en.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/config/locales/api_users.en.yml b/config/locales/api_users.en.yml index 724306e4a..757ded049 100644 --- a/config/locales/api_users.en.yml +++ b/config/locales/api_users.en.yml @@ -1,5 +1,8 @@ en: activerecord: + attributes: + api_user: + plain_text_password: Password errors: models: api_user: @@ -7,7 +10,7 @@ en: username: blank: 'Username is missing' taken: 'Username already exists' - password: + plain_text_password: blank: 'Password is missing' registrar: blank: 'Registrar is missing' \ No newline at end of file From 84bf96778089737a8e966065bcfb8442b802b243 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 15 Jul 2018 19:01:33 +0300 Subject: [PATCH 30/72] Fix template --- app/views/admin/api_users/_form.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/admin/api_users/_form.haml b/app/views/admin/api_users/_form.haml index 2e837b22a..12ea322aa 100644 --- a/app/views/admin/api_users/_form.haml +++ b/app/views/admin/api_users/_form.haml @@ -11,7 +11,7 @@ = f.text_field :username, required: true, autofocus: true, class: 'form-control' .form-group .col-md-4.control-label - = f.label :password, nil, class: 'required' + = f.label :plain_text_password, nil, class: 'required' .col-md-7 = f.text_field :plain_text_password, required: true, class: 'form-control' From 02aad0d7813e43bcc5e56278acf37811cbca728f Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 15 Jul 2018 19:01:43 +0300 Subject: [PATCH 31/72] Add tests --- test/integration/admin/api_user/new_test.rb | 25 +++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 test/integration/admin/api_user/new_test.rb diff --git a/test/integration/admin/api_user/new_test.rb b/test/integration/admin/api_user/new_test.rb new file mode 100644 index 000000000..32b2e1188 --- /dev/null +++ b/test/integration/admin/api_user/new_test.rb @@ -0,0 +1,25 @@ +require 'test_helper' + +class AdminAreaNewApiUserTest < ActionDispatch::IntegrationTest + setup do + sign_in users(:admin) + end + + def test_new_api_user_creation_with_required_params + visit admin_api_users_url + click_link_or_button 'New API user' + + fill_in 'Username', with: 'newtest' + fill_in 'Password', with: 'testtest' + find('#api_user_registrar_id', visible: false).set(registrars(:bestnames).id) + + assert_difference 'ApiUser.count' do + click_link_or_button 'Save' + end + + assert_current_path admin_api_user_path(ApiUser.last) + assert_text 'Record created' + assert_text 'Username newtest' + assert_text 'Password testtest' + end +end \ No newline at end of file From a651ac8cabdc49ecff141bb3dabbe3a3d0a8d626 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 15 Jul 2018 19:26:43 +0300 Subject: [PATCH 32/72] Fix Rubocop warnings --- app/controllers/admin/api_users_controller.rb | 5 ++++- app/controllers/admin/dashboard_controller.rb | 3 +-- app/controllers/admin/sessions_controller.rb | 4 ++-- .../registrant/domain_delete_confirms_controller.rb | 3 ++- .../registrant/domain_update_confirms_controller.rb | 3 ++- app/controllers/registrant/sessions_controller.rb | 7 +++---- app/controllers/registrar/dashboard_controller.rb | 3 +-- app/controllers/registrar/domain_transfers_controller.rb | 3 ++- app/controllers/registrar/invoices_controller.rb | 3 ++- app/controllers/registrar/nameservers_controller.rb | 3 ++- app/controllers/registrar/sessions_controller.rb | 4 ++-- app/controllers/registrar/tech_contacts_controller.rb | 3 ++- app/models/api_user.rb | 2 +- 13 files changed, 26 insertions(+), 20 deletions(-) diff --git a/app/controllers/admin/api_users_controller.rb b/app/controllers/admin/api_users_controller.rb index 7f6eb1a3d..bbf0a8a4e 100644 --- a/app/controllers/admin/api_users_controller.rb +++ b/app/controllers/admin/api_users_controller.rb @@ -32,7 +32,10 @@ module Admin end def update - params[:api_user].delete(:plain_text_password) if params[:api_user][:plain_text_password].blank? + if params[:api_user][:plain_text_password].blank? + params[:api_user].delete(:plain_text_password) + end + if @api_user.update(api_user_params) flash[:notice] = I18n.t('record_updated') redirect_to [:admin, @api_user] diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb index 35efab599..f48698780 100644 --- a/app/controllers/admin/dashboard_controller.rb +++ b/app/controllers/admin/dashboard_controller.rb @@ -2,7 +2,6 @@ module Admin class DashboardController < BaseController authorize_resource class: false - def show - end + def show; end end end \ No newline at end of file diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index 7c396845c..c0b47e687 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -24,11 +24,11 @@ module Admin private - def after_sign_in_path_for(resource_or_scope) + def after_sign_in_path_for(_resource_or_scope) admin_root_path end - def after_sign_out_path_for(resource_or_scope) + def after_sign_out_path_for(_resource_or_scope) new_admin_user_session_path end diff --git a/app/controllers/registrant/domain_delete_confirms_controller.rb b/app/controllers/registrant/domain_delete_confirms_controller.rb index a57c6178a..d6e4666c7 100644 --- a/app/controllers/registrant/domain_delete_confirms_controller.rb +++ b/app/controllers/registrant/domain_delete_confirms_controller.rb @@ -19,7 +19,8 @@ class Registrant::DomainDeleteConfirmsController < RegistrantController domain_name: @domain.name, verification_token: params[:token]) - initiator = current_registrant_user ? current_registrant_user.username : t(:user_not_authenticated) + initiator = current_registrant_user ? current_registrant_user.username : + t(:user_not_authenticated) if params[:rejected] if @registrant_verification.domain_registrant_delete_reject!("email link #{initiator}") diff --git a/app/controllers/registrant/domain_update_confirms_controller.rb b/app/controllers/registrant/domain_update_confirms_controller.rb index 8c91db6ac..413ac43ff 100644 --- a/app/controllers/registrant/domain_update_confirms_controller.rb +++ b/app/controllers/registrant/domain_update_confirms_controller.rb @@ -19,7 +19,8 @@ class Registrant::DomainUpdateConfirmsController < RegistrantController domain_name: @domain.name, verification_token: params[:token]) - initiator = current_registrant_user ? current_registrant_user.username : t(:user_not_authenticated) + initiator = current_registrant_user ? current_registrant_user.username : + t(:user_not_authenticated) if params[:rejected] if @registrant_verification.domain_registrant_change_reject!("email link, #{initiator}") diff --git a/app/controllers/registrant/sessions_controller.rb b/app/controllers/registrant/sessions_controller.rb index c29c920b0..38efe9406 100644 --- a/app/controllers/registrant/sessions_controller.rb +++ b/app/controllers/registrant/sessions_controller.rb @@ -1,8 +1,7 @@ class Registrant::SessionsController < Devise::SessionsController layout 'registrant/application' - def new - end + def new; end def id id_code, id_issuer = request.env['SSL_CLIENT_S_DN'], request.env['SSL_CLIENT_I_DN_O'] @@ -99,11 +98,11 @@ class Registrant::SessionsController < Devise::SessionsController private - def after_sign_in_path_for(resource_or_scope) + def after_sign_in_path_for(_resource_or_scope) registrant_root_path end - def after_sign_out_path_for(resource_or_scope) + def after_sign_out_path_for(_resource_or_scope) new_registrant_user_session_path end end \ No newline at end of file diff --git a/app/controllers/registrar/dashboard_controller.rb b/app/controllers/registrar/dashboard_controller.rb index 468c7513a..2b8fd2430 100644 --- a/app/controllers/registrar/dashboard_controller.rb +++ b/app/controllers/registrar/dashboard_controller.rb @@ -2,7 +2,6 @@ class Registrar class DashboardController < BaseController authorize_resource class: false - def show - end + def show; end end end \ No newline at end of file diff --git a/app/controllers/registrar/domain_transfers_controller.rb b/app/controllers/registrar/domain_transfers_controller.rb index 71cbb306d..acacc3ef4 100644 --- a/app/controllers/registrar/domain_transfers_controller.rb +++ b/app/controllers/registrar/domain_transfers_controller.rb @@ -21,7 +21,8 @@ class Registrar uri = URI.parse("#{ENV['repp_url']}domain_transfers") request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json') request.body = { data: { domainTransfers: domain_transfers } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) + request.basic_auth(current_registrar_user.username, + current_registrar_user.plain_text_password) if Rails.env.test? diff --git a/app/controllers/registrar/invoices_controller.rb b/app/controllers/registrar/invoices_controller.rb index 548e47ebe..c29558e0f 100644 --- a/app/controllers/registrar/invoices_controller.rb +++ b/app/controllers/registrar/invoices_controller.rb @@ -6,7 +6,8 @@ class Registrar def index params[:q] ||= {} - invoices = current_registrar_user.registrar.invoices.includes(:invoice_items, :account_activity) + invoices = current_registrar_user.registrar.invoices + .includes(:invoice_items, :account_activity) normalize_search_parameters do @q = invoices.search(params[:q]) diff --git a/app/controllers/registrar/nameservers_controller.rb b/app/controllers/registrar/nameservers_controller.rb index af2e00f7f..95da7e329 100644 --- a/app/controllers/registrar/nameservers_controller.rb +++ b/app/controllers/registrar/nameservers_controller.rb @@ -12,7 +12,8 @@ class Registrar attributes: { hostname: params[:new_hostname], ipv4: ipv4, ipv6: ipv6 } } }.to_json - request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) + request.basic_auth(current_registrar_user.username, + current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index e1c98785b..b3998f046 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -171,11 +171,11 @@ class Registrar render text: t('registrar.authorization.ip_not_allowed', ip: request.ip) end - def after_sign_in_path_for(resource_or_scope) + def after_sign_in_path_for(_resource_or_scope) registrar_root_path end - def after_sign_out_path_for(resource_or_scope) + def after_sign_out_path_for(_resource_or_scope) new_registrar_user_session_path end diff --git a/app/controllers/registrar/tech_contacts_controller.rb b/app/controllers/registrar/tech_contacts_controller.rb index 22d667a41..1d459ef0f 100644 --- a/app/controllers/registrar/tech_contacts_controller.rb +++ b/app/controllers/registrar/tech_contacts_controller.rb @@ -8,7 +8,8 @@ class Registrar request = Net::HTTP::Patch.new(uri) request.set_form_data(current_contact_id: params[:current_contact_id], new_contact_id: params[:new_contact_id]) - request.basic_auth(current_registrar_user.username, current_registrar_user.plain_text_password) + request.basic_auth(current_registrar_user.username, + current_registrar_user.plain_text_password) if Rails.env.test? response = Net::HTTP.start(uri.hostname, uri.port, diff --git a/app/models/api_user.rb b/app/models/api_user.rb index da3497dd8..ccc71eac0 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -7,7 +7,7 @@ class ApiUser < User def epp_code_map { '2306' => [ # Parameter policy error - [:plain_text_password, :blank] + %i[plain_text_password blank] ] } end From 6f0c8862360cf811274375e36133f76a57e25d20 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 16 Jul 2018 00:58:22 +0300 Subject: [PATCH 33/72] Add tests --- .../epp/login/password_change_test.rb | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 test/integration/epp/login/password_change_test.rb diff --git a/test/integration/epp/login/password_change_test.rb b/test/integration/epp/login/password_change_test.rb new file mode 100644 index 000000000..4851d2bd8 --- /dev/null +++ b/test/integration/epp/login/password_change_test.rb @@ -0,0 +1,33 @@ +require 'test_helper' + +class EppLoginCredentialsTest < ActionDispatch::IntegrationTest + def test_password_change + request_xml = <<-XML + + + + + test_bestnames + testtest + new-password + + 1.0 + en + + + https://epp.tld.ee/schema/domain-eis-1.0.xsd + https://epp.tld.ee/schema/contact-ee-1.1.xsd + urn:ietf:params:xml:ns:host-1.0 + urn:ietf:params:xml:ns:keyrelay-1.0 + + + + + XML + + post '/epp/session/login', { frame: request_xml }, { 'HTTP_COOKIE' => 'session=new_session_id' } + assert_equal 'new-password', users(:api_bestnames).plain_text_password + assert_equal '1000', Nokogiri::XML(response.body).at_css('result')[:code] + assert_equal 1, Nokogiri::XML(response.body).css('result').size + end +end \ No newline at end of file From f1cbdec8e778815534690725b38282f81bc9828f Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 16 Jul 2018 01:06:30 +0300 Subject: [PATCH 34/72] Supply PaperTrail with current user --- app/controllers/application_controller.rb | 4 ---- app/controllers/registrant/sessions_controller.rb | 4 ++++ app/controllers/registrant_controller.rb | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 518b752b7..dec34acbf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -32,8 +32,4 @@ class ApplicationController < ActionController::Base def available_languages { en: 'English', et: 'Estonian' }.invert end - - def user_for_paper_trail - current_user.present? ? current_user.id_role_username : 'public' - end end \ No newline at end of file diff --git a/app/controllers/registrant/sessions_controller.rb b/app/controllers/registrant/sessions_controller.rb index 38efe9406..6dabd8e8c 100644 --- a/app/controllers/registrant/sessions_controller.rb +++ b/app/controllers/registrant/sessions_controller.rb @@ -105,4 +105,8 @@ class Registrant::SessionsController < Devise::SessionsController def after_sign_out_path_for(_resource_or_scope) new_registrant_user_session_path end + + def user_for_paper_trail + current_registrant_user.present? ? current_registrant_user.id_role_username : 'guest' + end end \ No newline at end of file diff --git a/app/controllers/registrant_controller.rb b/app/controllers/registrant_controller.rb index 76be97a1f..2d5d3f0d7 100644 --- a/app/controllers/registrant_controller.rb +++ b/app/controllers/registrant_controller.rb @@ -17,6 +17,6 @@ class RegistrantController < ApplicationController end def user_for_paper_trail - current_registrant_user.present? ? current_registrant_user.id_role_username : 'public' + current_registrant_user.present? ? current_registrant_user.id_role_username : 'guest' end end \ No newline at end of file From 989bb3254843b4945ab7018cbf016f3a98f7f0d4 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Mon, 16 Jul 2018 01:31:36 +0300 Subject: [PATCH 35/72] Improve readability --- app/controllers/admin/base_controller.rb | 2 +- app/controllers/admin/sessions_controller.rb | 2 +- app/controllers/registrant/sessions_controller.rb | 2 +- app/controllers/registrant_controller.rb | 2 +- app/controllers/registrar/base_controller.rb | 2 +- app/controllers/registrar/sessions_controller.rb | 2 +- test/integration/admin/protected_area_test.rb | 2 +- test/integration/registrar/protected_area_test.rb | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb index fe652b2db..17e75785a 100644 --- a/app/controllers/admin/base_controller.rb +++ b/app/controllers/admin/base_controller.rb @@ -14,7 +14,7 @@ module Admin end def user_for_paper_trail - current_admin_user ? current_admin_user.id_role_username : 'guest' + current_admin_user ? current_admin_user.id_role_username : 'anonymous' end end end \ No newline at end of file diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index c0b47e687..a4a286cc1 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -33,7 +33,7 @@ module Admin end def user_for_paper_trail - current_admin_user ? current_admin_user.id_role_username : 'guest' + current_admin_user ? current_admin_user.id_role_username : 'anonymous' end end end \ No newline at end of file diff --git a/app/controllers/registrant/sessions_controller.rb b/app/controllers/registrant/sessions_controller.rb index 6dabd8e8c..db403b2a5 100644 --- a/app/controllers/registrant/sessions_controller.rb +++ b/app/controllers/registrant/sessions_controller.rb @@ -107,6 +107,6 @@ class Registrant::SessionsController < Devise::SessionsController end def user_for_paper_trail - current_registrant_user.present? ? current_registrant_user.id_role_username : 'guest' + current_registrant_user.present? ? current_registrant_user.id_role_username : 'anonymous' end end \ No newline at end of file diff --git a/app/controllers/registrant_controller.rb b/app/controllers/registrant_controller.rb index 2d5d3f0d7..9e8c1998e 100644 --- a/app/controllers/registrant_controller.rb +++ b/app/controllers/registrant_controller.rb @@ -17,6 +17,6 @@ class RegistrantController < ApplicationController end def user_for_paper_trail - current_registrant_user.present? ? current_registrant_user.id_role_username : 'guest' + current_registrant_user.present? ? current_registrant_user.id_role_username : 'anonymous' end end \ No newline at end of file diff --git a/app/controllers/registrar/base_controller.rb b/app/controllers/registrar/base_controller.rb index 23a5a9954..499d44594 100644 --- a/app/controllers/registrar/base_controller.rb +++ b/app/controllers/registrar/base_controller.rb @@ -36,7 +36,7 @@ class Registrar end def user_for_paper_trail - current_registrar_user ? current_registrar_user.id_role_username : 'guest' + current_registrar_user ? current_registrar_user.id_role_username : 'anonymous' end end end diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index b3998f046..5a7bce72f 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -180,7 +180,7 @@ class Registrar end def user_for_paper_trail - current_registrar_user ? current_registrar_user.id_role_username : 'guest' + current_registrar_user ? current_registrar_user.id_role_username : 'anonymous' end end end \ No newline at end of file diff --git a/test/integration/admin/protected_area_test.rb b/test/integration/admin/protected_area_test.rb index b13e335ce..59edb04c3 100644 --- a/test/integration/admin/protected_area_test.rb +++ b/test/integration/admin/protected_area_test.rb @@ -1,7 +1,7 @@ require 'test_helper' class AdminAreaProtectedAreaTest < ActionDispatch::IntegrationTest - def test_unauthenticated_user_is_asked_to_authenticate_when_navigating_to_protected_area + def test_anonymous_user_is_asked_to_authenticate_when_navigating_to_protected_area visit admin_domains_url assert_text 'You need to sign in before continuing' assert_current_path new_admin_user_session_path diff --git a/test/integration/registrar/protected_area_test.rb b/test/integration/registrar/protected_area_test.rb index 967a37dec..48de0bbb8 100644 --- a/test/integration/registrar/protected_area_test.rb +++ b/test/integration/registrar/protected_area_test.rb @@ -1,7 +1,7 @@ require 'test_helper' class RegistrarAreaProtectedAreaTest < ActionDispatch::IntegrationTest - def test_unauthenticated_user_is_asked_to_authenticate_when_navigating_to_protected_area + def test_anonymous_user_is_asked_to_authenticate_when_navigating_to_protected_area visit registrar_domains_url assert_text 'You need to sign in before continuing' assert_current_path new_registrar_user_session_path From a2451f4a13149ae6386d05e9bfba2585c273690a Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 18 Jul 2018 12:14:24 +0300 Subject: [PATCH 36/72] Fix test name --- test/integration/epp/login/password_change_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/epp/login/password_change_test.rb b/test/integration/epp/login/password_change_test.rb index 4851d2bd8..69c3140b6 100644 --- a/test/integration/epp/login/password_change_test.rb +++ b/test/integration/epp/login/password_change_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class EppLoginCredentialsTest < ActionDispatch::IntegrationTest +class EppLoginPasswordChangeTest < ActionDispatch::IntegrationTest def test_password_change request_xml = <<-XML From 5561825584f1f187b25b75e81966745f7ce9da92 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 18 Jul 2018 20:02:05 +0300 Subject: [PATCH 37/72] Use standard Devise sessions controller in admin area Fixes a bug when retrying to login with correct credentials --- app/controllers/admin/sessions_controller.rb | 22 -------------- app/models/admin_user.rb | 3 +- app/views/admin/sessions/_links.html.erb | 29 +++++++++++++++++++ app/views/admin/sessions/new.haml | 15 ---------- app/views/admin/sessions/new.html.erb | 30 ++++++++++++++++++++ app/views/admin/shared/_errors.haml | 5 ---- config/locales/admin/sessions.en.yml | 6 ++++ test/integration/admin/login_test.rb | 25 +++++++++++++--- 8 files changed, 88 insertions(+), 47 deletions(-) create mode 100644 app/views/admin/sessions/_links.html.erb delete mode 100644 app/views/admin/sessions/new.haml create mode 100644 app/views/admin/sessions/new.html.erb delete mode 100644 app/views/admin/shared/_errors.haml create mode 100644 config/locales/admin/sessions.en.yml diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index a4a286cc1..f4feefc3a 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -1,27 +1,5 @@ module Admin class SessionsController < Devise::SessionsController - def new - @admin_user = AdminUser.new - end - - def create - if params[:admin_user].blank? - @admin_user = AdminUser.new - flash[:alert] = 'Something went wrong' - return render :new - end - - @admin_user = AdminUser.find_by(username: params[:admin_user][:username]) - @admin_user ||= AdminUser.new(username: params[:admin_user][:username]) - - if @admin_user.valid_password?(params[:admin_user][:password]) - sign_in_and_redirect(:admin_user, @admin_user, event: :authentication) - else - flash[:alert] = 'Authorization error' - render :new - end - end - private def after_sign_in_path_for(_resource_or_scope) diff --git a/app/models/admin_user.rb b/app/models/admin_user.rb index b53d6531a..07686e921 100644 --- a/app/models/admin_user.rb +++ b/app/models/admin_user.rb @@ -9,7 +9,8 @@ class AdminUser < User ROLES = %w(user customer_service admin) # should not match to api_users roles - devise :database_authenticatable, :trackable, :validatable, :timeoutable + devise :database_authenticatable, :trackable, :validatable, :timeoutable, + authentication_keys: [:username] def self.min_password_length Devise.password_length.min diff --git a/app/views/admin/sessions/_links.html.erb b/app/views/admin/sessions/_links.html.erb new file mode 100644 index 000000000..93dadb0d8 --- /dev/null +++ b/app/views/admin/sessions/_links.html.erb @@ -0,0 +1,29 @@ +<%- if controller_name != 'sessions' %> + <%= link_to "Log in", new_session_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.registerable? && controller_name != 'registrations' %> + <%= link_to "Sign up", new_registration_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.recoverable? && controller_name != 'passwords' && + controller_name != 'registrations' %> + <%= link_to "Forgot your password?", new_password_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %> + <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %> +
+<% end -%> + +<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && + controller_name != 'unlocks' %> + <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %>
+<% end -%> + +<%- if devise_mapping.omniauthable? %> + <%- resource_class.omniauth_providers.each do |provider| %> + <%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", + omniauth_authorize_path(resource_name, provider) %>
+ <% end -%> +<% end -%> diff --git a/app/views/admin/sessions/new.haml b/app/views/admin/sessions/new.haml deleted file mode 100644 index d37461c85..000000000 --- a/app/views/admin/sessions/new.haml +++ /dev/null @@ -1,15 +0,0 @@ -.row - .form-signin.col-md-6.center-block.text-center - %h2.form-signin-heading.text-center Eesti Interneti SA - %hr - .form-signin - = form_for(@admin_user, url: admin_user_session_path, html: {class: 'form-signin'}) do |f| - = render 'admin/shared/errors', object: f.object - - - error_class = f.object.errors.any? ? 'has-error' : '' - %div{class: error_class} - = f.text_field :username, class: 'form-control', placeholder: t(:username), required: true - = f.password_field :password, class: 'form-control', - autocomplete: 'off', placeholder: t(:password), required: true - %button.btn.btn-lg.btn-primary.btn-block{:type => 'submit'}= t(:log_in) - diff --git a/app/views/admin/sessions/new.html.erb b/app/views/admin/sessions/new.html.erb new file mode 100644 index 000000000..5e655d9a6 --- /dev/null +++ b/app/views/admin/sessions/new.html.erb @@ -0,0 +1,30 @@ +
+ <%= form_for resource, as: resource_name, url: session_path(resource_name), + html: { class: 'col-md-6 form-signin center-block text-center' } do |f| %> + + +
+ + <%= f.label :username, class: 'sr-only' %> + <%= f.text_field :username, placeholder: AdminUser.human_attribute_name(:username), + required: true, + autofocus: true, + class: 'form-control' %> + + <%= f.label :password, class: 'sr-only' %> + <%= f.password_field :password, placeholder: AdminUser.human_attribute_name(:password), + required: true, + autocomplete: 'off', + class: 'form-control' %> + + <% if devise_mapping.rememberable? -%> +
+ +
+ <% end -%> + + <%= f.submit t('.sign_in_btn'), class: 'btn btn-lg btn-primary btn-block' %> + <% end %> +
+ +<%= render 'links' %> \ No newline at end of file diff --git a/app/views/admin/shared/_errors.haml b/app/views/admin/shared/_errors.haml deleted file mode 100644 index 50eb6de12..000000000 --- a/app/views/admin/shared/_errors.haml +++ /dev/null @@ -1,5 +0,0 @@ -- if object.errors.any? - %p.text-danger - - object.errors.each do |attr, err| - = err - %br diff --git a/config/locales/admin/sessions.en.yml b/config/locales/admin/sessions.en.yml new file mode 100644 index 000000000..154227b65 --- /dev/null +++ b/config/locales/admin/sessions.en.yml @@ -0,0 +1,6 @@ +en: + admin: + sessions: + new: + sign_in_btn: Sign in + remember_checkbox: Remember me \ No newline at end of file diff --git a/test/integration/admin/login_test.rb b/test/integration/admin/login_test.rb index 898c8b148..c5aa98a11 100644 --- a/test/integration/admin/login_test.rb +++ b/test/integration/admin/login_test.rb @@ -9,9 +9,9 @@ class AdminAreaLoginTest < ActionDispatch::IntegrationTest visit new_admin_user_session_url fill_in 'admin_user_username', with: @user.username fill_in 'admin_user_password', with: 'testtest' - click_button 'Log in' + click_button 'Sign in' - assert_text 'Log out' + assert_text 'Signed in successfully' assert_current_path admin_root_path end @@ -19,9 +19,26 @@ class AdminAreaLoginTest < ActionDispatch::IntegrationTest visit new_admin_user_session_url fill_in 'admin_user_username', with: @user.username fill_in 'admin_user_password', with: 'wrong' - click_button 'Log in' + click_button 'Sign in' - assert_text 'Authorization error' + assert_text 'Invalid Username or password' assert_current_path new_admin_user_session_path end + + def test_retry_with_correct_credentials + visit new_admin_user_session_url + fill_in 'admin_user_username', with: @user.username + fill_in 'admin_user_password', with: 'wrong' + click_button 'Sign in' + + assert_text 'Invalid Username or password' + assert_current_path new_admin_user_session_path + + fill_in 'admin_user_username', with: @user.username + fill_in 'admin_user_password', with: 'testtest' + click_button 'Sign in' + + assert_text 'Signed in successfully' + assert_current_path admin_root_path + end end \ No newline at end of file From 7e356730e27ef551e6b268591f69b3104b29f8ab Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 18 Jul 2018 22:52:21 +0300 Subject: [PATCH 38/72] Fix spec helper --- spec/support/features/session_helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/support/features/session_helpers.rb b/spec/support/features/session_helpers.rb index 1667db48c..b0e7668fe 100644 --- a/spec/support/features/session_helpers.rb +++ b/spec/support/features/session_helpers.rb @@ -6,7 +6,7 @@ module Features fill_in 'admin_user[username]', with: user.username fill_in 'admin_user[password]', with: user.password - click_button 'Log in' + click_button 'Sign in' end def sign_in_to_registrar_area(user: create(:api_user)) From 2e1ed2733ac19801ffc01d2058e75a079daea6ab Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 18 Jul 2018 23:24:56 +0300 Subject: [PATCH 39/72] Extract translation --- app/views/admin/sessions/new.html.erb | 2 +- config/locales/admin/sessions.en.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/views/admin/sessions/new.html.erb b/app/views/admin/sessions/new.html.erb index 5e655d9a6..5160cf945 100644 --- a/app/views/admin/sessions/new.html.erb +++ b/app/views/admin/sessions/new.html.erb @@ -1,7 +1,7 @@
<%= form_for resource, as: resource_name, url: session_path(resource_name), html: { class: 'col-md-6 form-signin center-block text-center' } do |f| %> - +

<%= t '.header_html' %>

diff --git a/config/locales/admin/sessions.en.yml b/config/locales/admin/sessions.en.yml index 154227b65..b3a47b553 100644 --- a/config/locales/admin/sessions.en.yml +++ b/config/locales/admin/sessions.en.yml @@ -2,5 +2,6 @@ en: admin: sessions: new: + header_html: Eesti Interneti SA
Admin portal sign_in_btn: Sign in remember_checkbox: Remember me \ No newline at end of file From e369d90e200f9f9def4247a2ce71c547b74d4d2f Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 00:23:17 +0300 Subject: [PATCH 40/72] Make UI consistent --- app/views/admin/base/_menu.haml | 2 +- config/locales/admin/base.en.yml | 5 +++++ test/integration/admin/logout_test.rb | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 config/locales/admin/base.en.yml diff --git a/app/views/admin/base/_menu.haml b/app/views/admin/base/_menu.haml index 957b7826d..833efb889 100644 --- a/app/views/admin/base/_menu.haml +++ b/app/views/admin/base/_menu.haml @@ -41,4 +41,4 @@ - if signed_in? %ul.nav.navbar-nav.navbar-right - %li= link_to t(:log_out, user: current_admin_user), destroy_admin_user_session_path, method: :delete, class: 'navbar-link' + %li= link_to t('.sign_out'), destroy_admin_user_session_path, method: :delete, class: 'navbar-link' diff --git a/config/locales/admin/base.en.yml b/config/locales/admin/base.en.yml new file mode 100644 index 000000000..c092815cf --- /dev/null +++ b/config/locales/admin/base.en.yml @@ -0,0 +1,5 @@ +en: + admin: + base: + menu: + sign_out: Sign out \ No newline at end of file diff --git a/test/integration/admin/logout_test.rb b/test/integration/admin/logout_test.rb index f15776993..159dc8de3 100644 --- a/test/integration/admin/logout_test.rb +++ b/test/integration/admin/logout_test.rb @@ -7,7 +7,7 @@ class AdminAreaLogoutTest < ActionDispatch::IntegrationTest def test_logout visit admin_root_url - click_on 'Log out' + click_on 'Sign out' assert_text 'Signed out successfully' assert_current_path new_admin_user_session_path From 2374d947148de8cd8645fda2064bfa72ff884295 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 00:24:10 +0300 Subject: [PATCH 41/72] Remove unneeded condition --- app/views/admin/base/_menu.haml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/admin/base/_menu.haml b/app/views/admin/base/_menu.haml index 833efb889..6c8e15201 100644 --- a/app/views/admin/base/_menu.haml +++ b/app/views/admin/base/_menu.haml @@ -39,6 +39,6 @@ %li= link_to t('.repp_log'), admin_repp_logs_path(created_after: 'today') %li= link_to t('.que'), '/admin/que' - - if signed_in? - %ul.nav.navbar-nav.navbar-right - %li= link_to t('.sign_out'), destroy_admin_user_session_path, method: :delete, class: 'navbar-link' + %ul.nav.navbar-nav.navbar-right + %li= link_to t('.sign_out'), destroy_admin_user_session_path, method: :delete, + class: 'navbar-link' \ No newline at end of file From bf33565d0edd8db9b0c2d3d8a403212af75e92be Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 00:40:43 +0300 Subject: [PATCH 42/72] Improve readability --- test/integration/admin/login_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/admin/login_test.rb b/test/integration/admin/login_test.rb index c5aa98a11..364b6a0ba 100644 --- a/test/integration/admin/login_test.rb +++ b/test/integration/admin/login_test.rb @@ -25,7 +25,7 @@ class AdminAreaLoginTest < ActionDispatch::IntegrationTest assert_current_path new_admin_user_session_path end - def test_retry_with_correct_credentials + def test_retry_with_correct_username_and_password visit new_admin_user_session_url fill_in 'admin_user_username', with: @user.username fill_in 'admin_user_password', with: 'wrong' From 8606775035daed70459e9a7a9a808fa296f415bf Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 14:45:18 +0300 Subject: [PATCH 43/72] Fix registrar area login URL --- config/routes.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/config/routes.rb b/config/routes.rb index ba7804de3..a2554817d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -22,7 +22,9 @@ Rails.application.routes.draw do namespace :registrar do root 'dashboard#show' - devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, + # /registrar/sessions path is hardcoded in Apache config for certificate-based authentication + # See https://github.com/internetee/registry/blob/master/README.md#installation + devise_for :users, path: 'sessions', path_names: { sign_in: 'login', sign_out: 'logout' }, class_name: 'ApiUser' devise_scope :registrar_user do get 'login/mid' => 'sessions#login_mid' From 2fce31e81b294871a5e08cfb3f2522e71e6dbc30 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 14:51:09 +0300 Subject: [PATCH 44/72] Remove Devise route customizations --- config/routes.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index a2554817d..4dc186cde 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -24,8 +24,7 @@ Rails.application.routes.draw do # /registrar/sessions path is hardcoded in Apache config for certificate-based authentication # See https://github.com/internetee/registry/blob/master/README.md#installation - devise_for :users, path: 'sessions', path_names: { sign_in: 'login', sign_out: 'logout' }, - class_name: 'ApiUser' + devise_for :users, path: 'sessions', class_name: 'ApiUser' devise_scope :registrar_user do get 'login/mid' => 'sessions#login_mid' post 'login/mid' => 'sessions#mid' @@ -100,8 +99,7 @@ Rails.application.routes.draw do namespace :registrant do root 'domains#index' - devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, - class_name: 'RegistrantUser' + devise_for :users, path: '', class_name: 'RegistrantUser' devise_scope :registrant_user do get 'login/mid' => 'sessions#login_mid' post 'login/mid' => 'sessions#mid' @@ -141,8 +139,7 @@ Rails.application.routes.draw do # ADMIN ROUTES namespace :admin do root 'dashboard#show' - devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, - class_name: 'AdminUser' + devise_for :users, path: '', class_name: 'AdminUser' resources :keyrelays resources :zonefiles From 7dcfdb0a5ac7db5727dbacc073844587bafac2de Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 15:22:42 +0300 Subject: [PATCH 45/72] Remove dead code --- config/routes.rb | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index 4dc186cde..1eddf4c6c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -122,18 +122,6 @@ Rails.application.routes.draw do resources :domain_update_confirms, only: %i[show update] resources :domain_delete_confirms, only: %i[show update] - - devise_scope :user do - get 'login' => 'sessions#login' - get 'login/mid' => 'sessions#login_mid' - post 'login/mid' => 'sessions#mid' - post 'login/mid_status' => 'sessions#mid_status' - - post 'sessions' => 'sessions#create' - post 'mid' => 'sessions#mid' - post 'id' => 'sessions#id' - get 'logout' => '/devise/sessions#destroy' - end end # ADMIN ROUTES From 1babdf33af70c70254a281cbbcf466ffcf40029f Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 16:32:47 +0300 Subject: [PATCH 46/72] Add comment --- config/routes.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/config/routes.rb b/config/routes.rb index 1eddf4c6c..7988b7a66 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -99,6 +99,7 @@ Rails.application.routes.draw do namespace :registrant do root 'domains#index' + # POST /registrant/sign_in is not used devise_for :users, path: '', class_name: 'RegistrantUser' devise_scope :registrant_user do get 'login/mid' => 'sessions#login_mid' From 97650e2a6a3da27d066c2ade480ef259d7877bb0 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 16:55:42 +0300 Subject: [PATCH 47/72] Fix root route --- config/routes.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/routes.rb b/config/routes.rb index 7988b7a66..8ecfd9360 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -235,5 +235,6 @@ Rails.application.routes.draw do end end - root to: redirect('admin/login') + # To prevent users seeing the default welcome message "Welcome aboard" from Rails + root to: redirect('admin/sign_in') end \ No newline at end of file From c1066f12c6e2270bc7d0ad6f8093066ab3757b8d Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 21:40:01 +0300 Subject: [PATCH 48/72] Fix registrar area authenticated root path --- app/controllers/registrar/sessions_controller.rb | 10 +++++++++- test/integration/registrar/login_test.rb | 2 +- test/integration/registrar/protected_area_test.rb | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/app/controllers/registrar/sessions_controller.rb b/app/controllers/registrar/sessions_controller.rb index 5a7bce72f..c45c930e1 100644 --- a/app/controllers/registrar/sessions_controller.rb +++ b/app/controllers/registrar/sessions_controller.rb @@ -171,8 +171,16 @@ class Registrar render text: t('registrar.authorization.ip_not_allowed', ip: request.ip) end + def current_ability + @current_ability ||= Ability.new(current_registrar_user, request.remote_ip) + end + def after_sign_in_path_for(_resource_or_scope) - registrar_root_path + if can?(:show, :poll) + registrar_poll_path + else + registrar_root_path + end end def after_sign_out_path_for(_resource_or_scope) diff --git a/test/integration/registrar/login_test.rb b/test/integration/registrar/login_test.rb index bfacd3c16..a70a9cf25 100644 --- a/test/integration/registrar/login_test.rb +++ b/test/integration/registrar/login_test.rb @@ -12,7 +12,7 @@ class RegistrarAreaLoginTest < ActionDispatch::IntegrationTest click_button 'Login' assert_text 'Log out' - assert_current_path registrar_root_path + assert_current_path registrar_poll_path end def test_wrong_password diff --git a/test/integration/registrar/protected_area_test.rb b/test/integration/registrar/protected_area_test.rb index 48de0bbb8..dd7f46980 100644 --- a/test/integration/registrar/protected_area_test.rb +++ b/test/integration/registrar/protected_area_test.rb @@ -17,6 +17,6 @@ class RegistrarAreaProtectedAreaTest < ActionDispatch::IntegrationTest sign_in users(:api_bestnames) visit new_registrar_user_session_url assert_text 'You are already signed in' - assert_current_path registrar_root_path + assert_current_path registrar_poll_path end end \ No newline at end of file From b9d431427affd86c79eca0c587565ea70b347e35 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 21:52:02 +0300 Subject: [PATCH 49/72] Convert HAML to ERB --- app/views/registrant/sessions/new.haml | 11 ----------- app/views/registrant/sessions/new.html.erb | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 11 deletions(-) delete mode 100644 app/views/registrant/sessions/new.haml create mode 100644 app/views/registrant/sessions/new.html.erb diff --git a/app/views/registrant/sessions/new.haml b/app/views/registrant/sessions/new.haml deleted file mode 100644 index c24b19aca..000000000 --- a/app/views/registrant/sessions/new.haml +++ /dev/null @@ -1,11 +0,0 @@ -.row - .form-signin.col-md-6.center-block.text-center - %h2.form-signin-heading.text-center= t(:log_in) - %hr - .row - =t "only_estonian_residets_can_signin" - %br - = link_to '/registrant/login/mid' do - = image_tag 'mid.gif' - = link_to '/registrant/id', method: :post do - = image_tag 'id_card.gif' diff --git a/app/views/registrant/sessions/new.html.erb b/app/views/registrant/sessions/new.html.erb new file mode 100644 index 000000000..712139f43 --- /dev/null +++ b/app/views/registrant/sessions/new.html.erb @@ -0,0 +1,18 @@ +
+ +
From abe3df24e23fe5fa69887587441c3e77e7b0a22c Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 19 Jul 2018 21:57:27 +0300 Subject: [PATCH 50/72] Extract translations --- app/views/registrant/sessions/new.html.erb | 6 +++--- config/locales/en.yml | 1 - config/locales/registrant/sessions.en.yml | 8 ++++++++ 3 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 config/locales/registrant/sessions.en.yml diff --git a/app/views/registrant/sessions/new.html.erb b/app/views/registrant/sessions/new.html.erb index 712139f43..d711601b3 100644 --- a/app/views/registrant/sessions/new.html.erb +++ b/app/views/registrant/sessions/new.html.erb @@ -1,11 +1,11 @@
-
+
\ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 6efaab51f..525baee17 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -731,7 +731,6 @@ en: test_registrar: "Test registrar" verified_confirm: 'Verified status is for cases when current registrant is the one applying for the update. Legal document signed by the registrant is required. Are you sure this update is properly verified with the registrant?' verified: 'Verified' - only_estonian_residets_can_signin: "Access currently available only to Estonian citizens and e-residents with Estonian ID-card or Mobile-ID." deleted: 'Deleted' cant_match_version: 'Impossible match version with request' user_not_authenticated: "user not authenticated" diff --git a/config/locales/registrant/sessions.en.yml b/config/locales/registrant/sessions.en.yml new file mode 100644 index 000000000..37d03e442 --- /dev/null +++ b/config/locales/registrant/sessions.en.yml @@ -0,0 +1,8 @@ +en: + registrant: + sessions: + new: + header: Log in + hint: >- + Access currently available only to Estonian citizens and e-residents with Estonian ID-card + or Mobile-ID. \ No newline at end of file From 024a9935470ecf8fa86549ec8f410cc4bf657e9d Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sat, 28 Jul 2018 22:21:21 +0300 Subject: [PATCH 51/72] Use standard UI --- app/views/admin/domains/edit.html.erb | 26 ++++++++++++++------------ config/locales/admin/domains.en.yml | 2 +- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/app/views/admin/domains/edit.html.erb b/app/views/admin/domains/edit.html.erb index 3f831e86b..30028e09e 100644 --- a/app/views/admin/domains/edit.html.erb +++ b/app/views/admin/domains/edit.html.erb @@ -1,20 +1,22 @@ <% domain = DomainPresenter.new(domain: @domain, view: self) %> -
-
-

- Edit: <%= domain.name %> -

-
-
-

+
    +
  1. <%= link_to t('admin.domains.index.header'), admin_domains_path %>
    2. +
  2. <%= link_to @domain, admin_domain_path(@domain) %>
    3. +
+ +
+
+
+

<%= t '.header', domain: domain.name %>

+
+ +
<%= link_to t('.add_new_status_btn'), '#', class: 'btn btn-primary js-add-status' %> <%= domain.force_delete_toggle_btn %> - <%= link_to t('.back_btn'), [:admin, @domain], class: 'btn btn-default' %> -

+
-
<%= render 'form' %> -<%= render 'force_delete_dialog', domain: @domain, templates: force_delete_templates %> +<%= render 'force_delete_dialog', domain: @domain, templates: force_delete_templates %> \ No newline at end of file diff --git a/config/locales/admin/domains.en.yml b/config/locales/admin/domains.en.yml index 78f862ec4..415995f48 100644 --- a/config/locales/admin/domains.en.yml +++ b/config/locales/admin/domains.en.yml @@ -13,8 +13,8 @@ en: reset_btn: Reset edit: + header: "Edit: %{domain}" add_new_status_btn: Add new status - back_btn: Back to domain force_delete_dialog: title: Force delete From cc36e3cceafa5c551512a2b437b3527cd5a2a697 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Sun, 29 Jul 2018 20:42:29 +0300 Subject: [PATCH 52/72] Forbid cancelling force delete procedure when a domain is discarded --- app/models/concerns/domain/force_delete.rb | 4 +++- app/presenters/domain_presenter.rb | 7 ++++++- config/locales/admin/domains.en.yml | 2 ++ test/integration/admin/domains/force_delete_test.rb | 12 ++++++++++-- test/models/domain/force_delete_test.rb | 13 +------------ 5 files changed, 22 insertions(+), 16 deletions(-) diff --git a/app/models/concerns/domain/force_delete.rb b/app/models/concerns/domain/force_delete.rb index 45f45dab6..406b67924 100644 --- a/app/models/concerns/domain/force_delete.rb +++ b/app/models/concerns/domain/force_delete.rb @@ -16,7 +16,9 @@ module Concerns::Domain::ForceDelete end def cancel_force_delete - raise 'Domain must be discarded before cancelling force delete procedure' unless discarded? + if discarded? + raise StandardError, 'Force delete procedure cannot be cancelled while a domain is discarded' + end restore_statuses_before_force_delete remove_force_delete_statuses diff --git a/app/presenters/domain_presenter.rb b/app/presenters/domain_presenter.rb index f83febba7..40cd50c41 100644 --- a/app/presenters/domain_presenter.rb +++ b/app/presenters/domain_presenter.rb @@ -58,12 +58,17 @@ class DomainPresenter target: '.domain-edit-force-delete-dialog', } ) - else + elsif !domain.discarded? view.link_to(view.t('admin.domains.force_delete_toggle_btn.cancel'), view.admin_domain_force_delete_path(domain), method: :delete, data: { confirm: view.t('admin.domains.force_delete_toggle_btn.cancel_confirm') }, class: 'btn btn-primary') + else + view.content_tag(:button, view.t('admin.domains.force_delete_toggle_btn.cancel'), + class: 'btn btn-default ', + title: view.t('admin.domains.force_delete_toggle_btn.unable_to_cancel'), + disabled: true) end end diff --git a/config/locales/admin/domains.en.yml b/config/locales/admin/domains.en.yml index 415995f48..c569a22fa 100644 --- a/config/locales/admin/domains.en.yml +++ b/config/locales/admin/domains.en.yml @@ -47,3 +47,5 @@ en: schedule: Schedule force delete cancel: Cancel force delete cancel_confirm: Are you sure you want cancel force delete procedure? + unable_to_cancel: > + Force delete procedure cannot be cancelled while a domain has deleteCandidate status diff --git a/test/integration/admin/domains/force_delete_test.rb b/test/integration/admin/domains/force_delete_test.rb index d48444fb9..387394429 100644 --- a/test/integration/admin/domains/force_delete_test.rb +++ b/test/integration/admin/domains/force_delete_test.rb @@ -44,7 +44,6 @@ class AdminAreaDomainForceDeleteTest < ActionDispatch::IntegrationTest end def test_cancels_scheduled_domain_force_delete - @domain.discard @domain.schedule_force_delete visit edit_admin_domain_url(@domain) @@ -55,4 +54,13 @@ class AdminAreaDomainForceDeleteTest < ActionDispatch::IntegrationTest assert_current_path edit_admin_domain_path(@domain) assert_text 'Force delete procedure has been cancelled' end -end + + def test_force_delete_cannot_be_cancelled_when_a_domain_is_discarded + @domain.discard + @domain.schedule_force_delete + + visit edit_admin_domain_url(@domain) + assert_no_button 'Cancel force delete' + assert_no_link 'Cancel force delete' + end +end \ No newline at end of file diff --git a/test/models/domain/force_delete_test.rb b/test/models/domain/force_delete_test.rb index 535ad84d8..c353cc582 100644 --- a/test/models/domain/force_delete_test.rb +++ b/test/models/domain/force_delete_test.rb @@ -73,16 +73,8 @@ class DomainForceDeleteTest < ActiveSupport::TestCase assert @domain.force_delete_scheduled? end - def test_cancelling_force_delete_on_a_discarded_domain + def test_force_delete_cannot_be_cancelled_when_a_domain_is_discarded @domain.discard - @domain.schedule_force_delete - @domain.cancel_force_delete - @domain.reload - assert_not @domain.force_delete_scheduled? - assert_nil @domain.force_delete_at - end - - def test_cancelling_force_delete_requires_a_domain_to_be_discarded @domain.schedule_force_delete assert_raises StandardError do @domain.cancel_force_delete @@ -91,7 +83,6 @@ class DomainForceDeleteTest < ActiveSupport::TestCase def test_cancelling_force_delete_bypasses_validation @domain = domains(:invalid) - @domain.discard @domain.schedule_force_delete @domain.cancel_force_delete assert_not @domain.force_delete_scheduled? @@ -106,7 +97,6 @@ class DomainForceDeleteTest < ActiveSupport::TestCase DomainStatus::PENDING_DELETE, DomainStatus::SERVER_MANUAL_INZONE ] - @domain.discard @domain.statuses = @domain.statuses + statuses @domain.schedule_force_delete @@ -117,7 +107,6 @@ class DomainForceDeleteTest < ActiveSupport::TestCase end def test_cancelling_force_delete_restores_statuses_that_a_domain_had_before_force_delete - @domain.discard @domain.statuses_before_force_delete = ['test1', DomainStatus::DELETE_CANDIDATE] @domain.cancel_force_delete From 6de31605d99710d887bd84e7245a1ec66ed3c9c5 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 8 Aug 2018 19:36:14 +0300 Subject: [PATCH 53/72] Integrate master branch --- .../api_user => system/admin_area/api_users}/new_test.rb | 2 +- .../admin => system/admin_area}/protected_area_test.rb | 2 +- .../admin/login_test.rb => system/admin_area/sign_in_test.rb} | 2 +- .../logout_test.rb => system/admin_area/sign_out_test.rb} | 2 +- .../registrar_area}/protected_area_test.rb | 2 +- .../{sign_in_test.rb => sign_in/mobile_id_test.rb} | 4 ++-- .../registrar_area/sign_in/password_test.rb} | 2 +- .../logout_test.rb => system/registrar_area/sign_out_test.rb} | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) rename test/{integration/admin/api_user => system/admin_area/api_users}/new_test.rb (90%) rename test/{integration/admin => system/admin_area}/protected_area_test.rb (90%) rename test/{integration/admin/login_test.rb => system/admin_area/sign_in_test.rb} (95%) rename test/{integration/admin/logout_test.rb => system/admin_area/sign_out_test.rb} (79%) rename test/{integration/registrar => system/registrar_area}/protected_area_test.rb (90%) rename test/system/registrar_area/{sign_in_test.rb => sign_in/mobile_id_test.rb} (89%) rename test/{integration/registrar/login_test.rb => system/registrar_area/sign_in/password_test.rb} (93%) rename test/{integration/registrar/logout_test.rb => system/registrar_area/sign_out_test.rb} (79%) diff --git a/test/integration/admin/api_user/new_test.rb b/test/system/admin_area/api_users/new_test.rb similarity index 90% rename from test/integration/admin/api_user/new_test.rb rename to test/system/admin_area/api_users/new_test.rb index 32b2e1188..aed012fdc 100644 --- a/test/integration/admin/api_user/new_test.rb +++ b/test/system/admin_area/api_users/new_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class AdminAreaNewApiUserTest < ActionDispatch::IntegrationTest +class AdminAreaNewApiUserTest < ApplicationSystemTestCase setup do sign_in users(:admin) end diff --git a/test/integration/admin/protected_area_test.rb b/test/system/admin_area/protected_area_test.rb similarity index 90% rename from test/integration/admin/protected_area_test.rb rename to test/system/admin_area/protected_area_test.rb index 59edb04c3..8aea012f0 100644 --- a/test/integration/admin/protected_area_test.rb +++ b/test/system/admin_area/protected_area_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class AdminAreaProtectedAreaTest < ActionDispatch::IntegrationTest +class AdminAreaProtectedAreaTest < ApplicationSystemTestCase def test_anonymous_user_is_asked_to_authenticate_when_navigating_to_protected_area visit admin_domains_url assert_text 'You need to sign in before continuing' diff --git a/test/integration/admin/login_test.rb b/test/system/admin_area/sign_in_test.rb similarity index 95% rename from test/integration/admin/login_test.rb rename to test/system/admin_area/sign_in_test.rb index 364b6a0ba..dcef0e3aa 100644 --- a/test/integration/admin/login_test.rb +++ b/test/system/admin_area/sign_in_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class AdminAreaLoginTest < ActionDispatch::IntegrationTest +class AdminAreaSignInTest < ApplicationSystemTestCase def setup @user = users(:admin) end diff --git a/test/integration/admin/logout_test.rb b/test/system/admin_area/sign_out_test.rb similarity index 79% rename from test/integration/admin/logout_test.rb rename to test/system/admin_area/sign_out_test.rb index 159dc8de3..046abba95 100644 --- a/test/integration/admin/logout_test.rb +++ b/test/system/admin_area/sign_out_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class AdminAreaLogoutTest < ActionDispatch::IntegrationTest +class AdminAreaSignOutTest < ApplicationSystemTestCase def setup sign_in users(:admin) end diff --git a/test/integration/registrar/protected_area_test.rb b/test/system/registrar_area/protected_area_test.rb similarity index 90% rename from test/integration/registrar/protected_area_test.rb rename to test/system/registrar_area/protected_area_test.rb index dd7f46980..08dd6a63e 100644 --- a/test/integration/registrar/protected_area_test.rb +++ b/test/system/registrar_area/protected_area_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class RegistrarAreaProtectedAreaTest < ActionDispatch::IntegrationTest +class RegistrarAreaProtectedAreaTest < ApplicationSystemTestCase def test_anonymous_user_is_asked_to_authenticate_when_navigating_to_protected_area visit registrar_domains_url assert_text 'You need to sign in before continuing' diff --git a/test/system/registrar_area/sign_in_test.rb b/test/system/registrar_area/sign_in/mobile_id_test.rb similarity index 89% rename from test/system/registrar_area/sign_in_test.rb rename to test/system/registrar_area/sign_in/mobile_id_test.rb index 840839ccc..ecca00c56 100644 --- a/test/system/registrar_area/sign_in_test.rb +++ b/test/system/registrar_area/sign_in/mobile_id_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class RegistrarAreaSignInTest < JavaScriptApplicationSystemTestCase +class RegistrarAreaMobileIDSignInTest < JavaScriptApplicationSystemTestCase def setup super WebMock.allow_net_connect! @@ -10,7 +10,7 @@ class RegistrarAreaSignInTest < JavaScriptApplicationSystemTestCase @user.save end - def test_mobile_id_sign_in_page + def test_valid_phone_number mock_client = Minitest::Mock.new mock_client.expect(:authenticate, OpenStruct.new(user_id_code: '1234', challenge_id: '1234'), diff --git a/test/integration/registrar/login_test.rb b/test/system/registrar_area/sign_in/password_test.rb similarity index 93% rename from test/integration/registrar/login_test.rb rename to test/system/registrar_area/sign_in/password_test.rb index a70a9cf25..6878cd119 100644 --- a/test/integration/registrar/login_test.rb +++ b/test/system/registrar_area/sign_in/password_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class RegistrarAreaLoginTest < ActionDispatch::IntegrationTest +class RegistrarAreaPasswordSignInTest < ApplicationSystemTestCase def setup @user = users(:api_bestnames) end diff --git a/test/integration/registrar/logout_test.rb b/test/system/registrar_area/sign_out_test.rb similarity index 79% rename from test/integration/registrar/logout_test.rb rename to test/system/registrar_area/sign_out_test.rb index 9f2bba9dd..029167d48 100644 --- a/test/integration/registrar/logout_test.rb +++ b/test/system/registrar_area/sign_out_test.rb @@ -1,6 +1,6 @@ require 'test_helper' -class RegistrarAreaLogoutTest < ActionDispatch::IntegrationTest +class RegistrarAreaSignOutTest < ApplicationSystemTestCase def setup sign_in users(:api_bestnames) end From 096035ae115e77e517daae6184cb0a79c52547f1 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 8 Aug 2018 19:50:50 +0300 Subject: [PATCH 54/72] Revert old behaviour --- app/controllers/admin/sessions_controller.rb | 2 +- test/system/admin_area/protected_area_test.rb | 2 +- test/system/admin_area/sign_in_test.rb | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index f4feefc3a..57d702059 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -3,7 +3,7 @@ module Admin private def after_sign_in_path_for(_resource_or_scope) - admin_root_path + admin_domains_path end def after_sign_out_path_for(_resource_or_scope) diff --git a/test/system/admin_area/protected_area_test.rb b/test/system/admin_area/protected_area_test.rb index 8aea012f0..9390348f0 100644 --- a/test/system/admin_area/protected_area_test.rb +++ b/test/system/admin_area/protected_area_test.rb @@ -17,6 +17,6 @@ class AdminAreaProtectedAreaTest < ApplicationSystemTestCase sign_in users(:admin) visit new_admin_user_session_url assert_text 'You are already signed in' - assert_current_path admin_root_path + assert_current_path admin_domains_path end end \ No newline at end of file diff --git a/test/system/admin_area/sign_in_test.rb b/test/system/admin_area/sign_in_test.rb index dcef0e3aa..09c1f7549 100644 --- a/test/system/admin_area/sign_in_test.rb +++ b/test/system/admin_area/sign_in_test.rb @@ -12,7 +12,7 @@ class AdminAreaSignInTest < ApplicationSystemTestCase click_button 'Sign in' assert_text 'Signed in successfully' - assert_current_path admin_root_path + assert_current_path admin_domains_path end def test_wrong_password @@ -39,6 +39,6 @@ class AdminAreaSignInTest < ApplicationSystemTestCase click_button 'Sign in' assert_text 'Signed in successfully' - assert_current_path admin_root_path + assert_current_path admin_domains_path end end \ No newline at end of file From 0d770137b604cec14905a584e2800edf3f242a46 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Wed, 8 Aug 2018 22:47:51 +0300 Subject: [PATCH 55/72] Convert HAML to ERB --- app/views/registrar/sessions/new.haml | 22 ------------------- app/views/registrar/sessions/new.html.erb | 26 +++++++++++++++++++++++ 2 files changed, 26 insertions(+), 22 deletions(-) delete mode 100644 app/views/registrar/sessions/new.haml create mode 100644 app/views/registrar/sessions/new.html.erb diff --git a/app/views/registrar/sessions/new.haml b/app/views/registrar/sessions/new.haml deleted file mode 100644 index 4d273c9f4..000000000 --- a/app/views/registrar/sessions/new.haml +++ /dev/null @@ -1,22 +0,0 @@ -.row - .form-signin.col-md-6.center-block.text-center - %h2.form-signin-heading.text-center= t(:log_in) - %hr - = form_for @depp_user, url: registrar_user_session_path, html: {class: 'form-signin'} do |f| - = render 'registrar/shared/errors', object: f.object - - - error_class = f.object.errors.any? ? 'has-error' : '' - %div{class: error_class} - = f.text_field :tag, class: 'form-control', placeholder: t(:username), required: true - = f.password_field :password, class: 'form-control', - autocomplete: 'off', placeholder: t(:password), required: true - - %button.btn.btn-lg.btn-primary.btn-block{:type => 'submit'}= t('.login_btn') - - %hr - = link_to '/registrar/login/mid', id: 'login-with-mobile-id-btn' do - = image_tag 'mid.gif' - = link_to '/registrar/id', method: :post do - = image_tag 'id_card.gif' - - diff --git a/app/views/registrar/sessions/new.html.erb b/app/views/registrar/sessions/new.html.erb new file mode 100644 index 000000000..e3f8d6128 --- /dev/null +++ b/app/views/registrar/sessions/new.html.erb @@ -0,0 +1,26 @@ +
+ +
\ No newline at end of file From 080defa228e240ff57155d2551acff2a721e89ca Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 9 Aug 2018 13:39:48 +0300 Subject: [PATCH 56/72] Fix home page URL for anonymous users of registrar area --- app/views/layouts/registrar/sessions.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/layouts/registrar/sessions.html.erb b/app/views/layouts/registrar/sessions.html.erb index 4632e477c..985b6ccea 100644 --- a/app/views/layouts/registrar/sessions.html.erb +++ b/app/views/layouts/registrar/sessions.html.erb @@ -17,7 +17,7 @@