Modified white ip form and created mailer

app/controllers/repp/v1/base_controller.rb

@@ -130,6 +130,11 @@ module Repp
         render(json: @response, status: :unauthorized)
       end
 
+      def render_unauthorized_response
+        @response = { code: 2202, message: I18n.t('registrar.authorization.ip_not_allowed', ip: request.ip) }
+        render json: @response, status: :unauthorized
+      end
+
       def webclient_request?
         return false if Rails.env.test? || Rails.env.development?
 
@@ -144,8 +149,7 @@ module Repp
         webclient_cn = ENV['webclient_cert_common_name'] || 'webclient'
         return if request_name == webclient_cn
 
-        @response = { code: 2202,
-                      message: I18n.t('registrar.authorization.ip_not_allowed', ip: request.ip) }
+        @response = { code: 2202, message: 'Invalid webclient certificate' }
 
         render(json: @response, status: :unauthorized)
       end

app/controllers/repp/v1/white_ips_controller.rb

@@ -31,28 +31,34 @@ module Repp
           return
         end
 
+        notify_admins if @white_ip.interfaces.include? WhiteIp::API
         render_success(data: { ip: { id: @white_ip.id } })
       end
 
       api :PUT, '/repp/v1/white_ips/:id'
       desc 'Update whitelisted IP address'
       def update
+        api = @white_ip.interfaces.include? WhiteIp::API
         unless @white_ip.update(white_ip_params)
           handle_non_epp_errors(@white_ip)
           return
         end
 
+        notify_admins if @white_ip.interfaces.include? WhiteIp::API
+        notify_admins if api && !@white_ip.interfaces.include?(WhiteIp::API)
         render_success(data: { ip: { id: @white_ip.id } })
       end
 
       api :DELETE, '/repp/v1/white_ips/:id'
       desc 'Delete a specific whitelisted IP address'
       def destroy
+        ip = @white_ip
         unless @white_ip.destroy
           handle_non_epp_errors(@white_ip)
           return
         end
 
+        notify_admins(ip: ip, action: 'deleted') if ip.interfaces.include?(WhiteIp::API)
         render_success
       end
 
@@ -65,6 +71,19 @@ module Repp
       def white_ip_params
         params.require(:white_ip).permit(:address, interfaces: [])
       end
+
+      def notify_admins(ip: @white_ip, action: 'updated')
+        admin_users_emails = User.admin.pluck(:email).reject(&:blank?)
+
+        return if admin_users_emails.empty?
+
+        admin_users_emails.each do |email|
+          WhiteIpMailer.with(email: email, api_user: current_user,
+                             white_ip: ip)
+                       .send("api_ip_address_#{action}")
+                       .deliver_now
+        end
+      end
     end
   end
 end

app/mailers/white_ip_mailer.rb

@@ -0,0 +1,17 @@
+class WhiteIpMailer < ApplicationMailer
+  def api_ip_address_updated
+    email = params[:email]
+    @api_user = params[:api_user]
+    @white_ip = params[:white_ip]
+    subject = '[Important] Whitelisted IP Address Change Notification'
+    mail(to: email, subject: subject)
+  end
+
+  def api_ip_address_deleted
+    email = params[:email]
+    @api_user = params[:api_user]
+    @white_ip = params[:white_ip]
+    subject = '[Important] Whitelisted IP Address Removal Notification'
+    mail(to: email, subject: subject)
+  end
+end

app/models/white_ip.rb

@@ -7,8 +7,6 @@ class WhiteIp < ApplicationRecord
   attr_accessor :address
 
   validate :validate_address_format
-  validates :ipv4, uniqueness: { scope: :registrar_id }, if: :ipv4?
-  validates :ipv6, uniqueness: { scope: :registrar_id }, if: :ipv6?
   validate :validate_only_one_ip
   validate :valid_ipv4?
   validate :valid_ipv6?
@@ -68,7 +66,7 @@ class WhiteIp < ApplicationRecord
 
   API = 'api'.freeze
   REGISTRAR = 'registrar'.freeze
-  INTERFACES = [API, REGISTRAR].freeze
+  INTERFACES = [REGISTRAR, API].freeze
 
   scope :api, -> { where('interfaces @> ?::varchar[]', "{#{API}}") }
   scope :registrar_area, -> { where('interfaces @> ?::varchar[]', "{#{REGISTRAR}}") }

app/views/mailers/white_ip_mailer/api_ip_address_deleted.html.erb

@@ -0,0 +1,9 @@
+<p>This email is to inform you that an API Whitelisted IP address was deleted by Registrar Portal API user. Please review the details below:</p>
+
+<ul>
+  <li>API User: <%= @api_user.username  %></li>
+  <li>IP Address: <%= @white_ip.ipv4.presence || @white_ip.ipv6 %></li>
+  <li>Interface: <%= @white_ip.interfaces.join(', ') %></li>
+</ul>
+
+<p>Please take the necessary actions to ensure the security and integrity of the application's API access.</p>

app/views/mailers/white_ip_mailer/api_ip_address_deleted.text.erb

@@ -0,0 +1,7 @@
+This email is to inform you about an API Whitelisted IP address change by Registrar Portal API user. Please review the details below:
+
+API User: <%= @api_user.username  %>
+IP Address: <%= @white_ip.ipv4.presence || @white_ip.ipv6 %>
+Interface: <%= @white_ip.interfaces.join(', ') %>
+
+Please take the necessary actions to ensure the security and integrity of the application's API access.

app/views/mailers/white_ip_mailer/api_ip_address_updated.html.erb

@@ -0,0 +1,9 @@
+<p>This email is to inform you about an API Whitelisted IP address change by Registrar Portal API user. Please review the details below:</p>
+
+<ul>
+  <li>API User: <%= @api_user.username  %></li>
+  <li>IP Address: <%= @white_ip.ipv4.presence || @white_ip.ipv6 %></li>
+  <li>Interface: <%= @white_ip.interfaces.join(', ') %></li>
+</ul>
+
+<p>Please take the necessary actions to ensure the security and integrity of the application's API access.</p>

app/views/mailers/white_ip_mailer/api_ip_address_updated.text.erb

@@ -0,0 +1,7 @@
+This email is to inform you about an API Whitelisted IP address change by Registrar Portal API user. Please review the details below:
+
+API User: <%= @api_user.username  %>
+IP Address: <%= @white_ip.ipv4.presence || @white_ip.ipv6 %>
+Interface: <%= @white_ip.interfaces.join(', ') %>
+
+Please take the necessary actions to ensure the security and integrity of the application's API access.