diff --git a/app/models/epp/domain.rb b/app/models/epp/domain.rb index c50203dd9..6eab37079 100644 --- a/app/models/epp/domain.rb +++ b/app/models/epp/domain.rb @@ -475,13 +475,13 @@ class Epp::Domain < Domain self.up_date = Time.zone.now end - same_registrant_as_current = true + registrant_verification_needed = false # registrant block may not be present, so we need this to rule out false positives if frame.css('registrant').text.present? - same_registrant_as_current = (registrant.code == frame.css('registrant').text) + registrant_verification_needed = (registrant.code != frame.css('registrant').text) end - if !same_registrant_as_current && disputed? + if registrant_verification_needed && disputed? disputed_pw = frame.css('reserved > pw').text if disputed_pw.blank? add_epp_error('2304', nil, nil, 'Required parameter missing; reserved' \ @@ -490,6 +490,7 @@ class Epp::Domain < Domain dispute = Dispute.active.find_by(domain_name: name, password: disputed_pw) if dispute Dispute.close_by_domain(name) + registrant_verification_needed = false # Prevent asking current registrant confirmation else add_epp_error('2202', nil, nil, 'Invalid authorization information; '\ 'invalid reserved>pw value') @@ -500,7 +501,7 @@ class Epp::Domain < Domain unverified_registrant_params = frame.css('registrant').present? && frame.css('registrant').attr('verified').to_s.downcase != 'yes' - if !same_registrant_as_current && errors.empty? && verify && + if registrant_verification_needed && errors.empty? && verify && Setting.request_confrimation_on_registrant_change_enabled && unverified_registrant_params registrant_verification_asked!(frame.to_s, current_user.id) unless disputed? diff --git a/test/fixtures/disputes.yml b/test/fixtures/disputes.yml index a999fa0a1..222897ecc 100644 --- a/test/fixtures/disputes.yml +++ b/test/fixtures/disputes.yml @@ -9,7 +9,7 @@ future: starts_at: <%= Date.parse '2010-10-05' %> expires_at: <%= Date.parse '2013-10-05' %> expired: - domain_name: expired-dispute.test + domain_name: shop.test password: active-001 starts_at: <%= Date.parse '2010-07-05' %> expires_at: <%= Date.parse '2013-07-05' %> diff --git a/test/integration/epp/domain/update/base_test.rb b/test/integration/epp/domain/update/base_test.rb index b645df95a..0e435030a 100644 --- a/test/integration/epp/domain/update/base_test.rb +++ b/test/integration/epp/domain/update/base_test.rb @@ -194,6 +194,49 @@ class EppDomainUpdateBaseTest < EppTestCase assert_no_emails end + def test_skips_verification_when_registrant_changed_with_dispute_password + Setting.request_confrimation_on_registrant_change_enabled = true + dispute = disputes(:expired) + dispute.update!(starts_at: Time.zone.now, expires_at: Time.zone.now + 5.days, closed: nil) + new_registrant = contacts(:william) + + assert @domain.disputed? + + request_xml = <<-XML + + + + + + #{@domain.name} + + #{new_registrant.code} + + + + + + #{'test' * 2000} + + #{dispute.password} + + + + + + XML + + post epp_update_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + @domain.reload + + assert_epp_response :completed_successfully + assert new_registrant, @domain.registrant + assert_not @domain.registrant_verification_asked? + assert_not @domain.disputed? + assert_no_emails + end + def test_skips_verification_when_disabled Setting.request_confrimation_on_registrant_change_enabled = false new_registrant = contacts(:william).becomes(Registrant)