zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-23 19:20:37 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/master' into repp-domains

Browse source
This commit is contained in:
Karl Erik Õunapuu 2021-03-22 14:05:42 +02:00
commit e2f377f1c2
No known key found for this signature in database
GPG key ID: C9DD647298A34764
187 changed files with 1934 additions and 2552 deletions
Download patch file Download diff file Expand all files Collapse all files

12
app/controllers/admin/contact_versions_controller.rb
View file

@ -2,12 +2,12 @@ module Admin
class ContactVersionsController < BaseController
include ObjectVersionsHelper
load_and_authorize_resource
load_and_authorize_resource class: Version::ContactVersion
def index
params[:q] ||= {}
@q = ContactVersion.search(params[:q])
@q = Version::ContactVersion.search(params[:q])
@versions = @q.result.page(params[:page])
search_params = params[:q].deep_dup
@ -23,7 +23,7 @@ module Admin
end
end
versions = ContactVersion.includes(:item).where(whereS).order(created_at: :desc, id: :desc)
versions = Version::ContactVersion.includes(:item).where(whereS).order(created_at: :desc, id: :desc)
@q = versions.search(params[:q])
@versions = @q.result.page(params[:page])
@versions = @versions.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
@ -32,8 +32,8 @@ module Admin
def show
per_page = 7
@version = ContactVersion.find(params[:id])
@versions = ContactVersion.where(item_id: @version.item_id).order(created_at: :desc, id: :desc)
@version = Version::ContactVersion.find(params[:id])
@versions = Version::ContactVersion.where(item_id: @version.item_id).order(created_at: :desc, id: :desc)
@versions_map = @versions.all.map(&:id)
# what we do is calc amount of results until needed version
@ -49,7 +49,7 @@ module Admin
end
def search
render json: ContactVersion.search_by_query(params[:q])
render json: Version::ContactVersion.search_by_query(params[:q])
end
def create_where_string(key, value)

12
app/controllers/admin/domain_versions_controller.rb
View file

@ -2,12 +2,12 @@ module Admin
class DomainVersionsController < BaseController
include ObjectVersionsHelper
load_and_authorize_resource
load_and_authorize_resource class: Version::DomainVersion
def index
params[:q] ||= {}
@q = DomainVersion.includes(:item).search(params[:q])
@q = Version::DomainVersion.includes(:item).search(params[:q])
@versions = @q.result.page(params[:page])
search_params = params[:q].deep_dup
@ -40,7 +40,7 @@ module Admin
whereS += " AND object->>'registrar_id' IN (#{registrars.map { |r| "'#{r.id.to_s}'" }.join ','})" if registrars.present?
whereS += " AND 1=0" if registrars == []
versions = DomainVersion.includes(:item).where(whereS).order(created_at: :desc, id: :desc)
versions = Version::DomainVersion.includes(:item).where(whereS).order(created_at: :desc, id: :desc)
@q = versions.search(params[:q])
@versions = @q.result.page(params[:page])
@versions = @versions.per(params[:results_per_page]) if params[:results_per_page].to_i.positive?
@ -50,8 +50,8 @@ module Admin
def show
per_page = 7
@version = DomainVersion.find(params[:id])
@versions = DomainVersion.where(item_id: @version.item_id).order(created_at: :desc, id: :desc)
@version = Version::DomainVersion.find(params[:id])
@versions = Version::DomainVersion.where(item_id: @version.item_id).order(created_at: :desc, id: :desc)
@versions_map = @versions.all.map(&:id)
# what we do is calc amount of results until needed version
@ -67,7 +67,7 @@ module Admin
end
def search
render json: DomainVersion.search_by_query(params[:q])
render json: Version::DomainVersion.search_by_query(params[:q])
end
def create_where_string(key, value)

5
app/controllers/api/v1/contact_requests_controller.rb
View file

@ -23,14 +23,15 @@ module Api
record = ContactRequest.find_by(id: id)
return :not_found unless record
record.update_status(contact_request_params)
record.update_record(contact_request_params)
render json: record, status: :ok
rescue StandardError
head :bad_request
end
def contact_request_params
params.require(:contact_request).permit(:email, :whois_record_id, :name, :status, :ip)
params.require(:contact_request).permit(:email, :whois_record_id, :name, :status, :ip,
:message_id)
end
end
end

5
app/controllers/api/v1/registrant/auth_controller.rb
View file

@ -19,6 +19,9 @@ module Api
token = create_token(user)
if token
msg = "Bearer for #{eid_params[:first_name]} #{eid_params[:last_name]} " \
"(#{eid_params[:ident]}) - '#{token[:access_token]}'"
ToStdout.msg(msg) unless Rails.env.production?
render json: token
else
render json: { errors: [{ base: ['Cannot create generate session token'] }] }
@ -37,7 +40,7 @@ module Api
obj.require(key)
end
params.permit(required_params)
params.permit(required_params + [:country_code])
end
def create_token(user)

23
app/controllers/api/v1/registrant/domains_controller.rb
View file

@ -4,6 +4,8 @@ module Api
module V1
module Registrant
class DomainsController < ::Api::V1::Registrant::BaseController
before_action :set_tech_flag, only: [:show]
def index
limit = params[:limit] || 200
offset = params[:offset] || 0
@ -25,7 +27,8 @@ module Api
serializer.to_json
end
render json: { count: domains.count, domains: serialized_domains }
render json: { total: current_user_domains_total_count, count: domains.count,
domains: serialized_domains }
end
def show
@ -41,10 +44,22 @@ module Api
private
def current_user_domains
current_registrant_user.domains
def set_tech_flag
# current_user_domains scope depends on tech flag
# However, if it's not present, tech contact can not see specific domain entry at all.
params.merge!(tech: 'true')
end
def current_user_domains_total_count
current_registrant_user.domains.count
rescue CompanyRegister::NotAvailableError
current_registrant_user.direct_domains
current_registrant_user.direct_domains.count
end
def current_user_domains
current_registrant_user.domains(admin: params[:tech] != 'true')
rescue CompanyRegister::NotAvailableError
current_registrant_user.direct_domains(admin: params[:tech] != 'true')
end
end
end

10
app/controllers/epp/polls_controller.rb
View file

@ -12,9 +12,11 @@ module Epp
@notification = current_user.unread_notifications.order('created_at DESC').take
render_epp_response 'epp/poll/poll_no_messages' and return unless @notification
if @notification.attached_obj_type && @notification.attached_obj_id
begin
@object = Object.const_get(@notification.attached_obj_type).find(@notification.attached_obj_id)
@object = object_by_type(@notification.attached_obj_type)
.find(@notification.attached_obj_id)
rescue => problem
# the data model might be inconsistent; or ...
# this could happen if the registrar does not dequeue messages, and then the domain was deleted
@ -31,6 +33,12 @@ module Epp
render_epp_response 'epp/poll/poll_req'
end
def object_by_type(object_type)
Object.const_get(object_type)
rescue NameError
Object.const_get("Version::#{object_type}")
end
def ack_poll
@notification = current_user.unread_notifications.find_by(id: params[:parsed_frame].css('poll').first['msgID'])

115
app/controllers/registrant/contacts_controller.rb
View file

@ -1,115 +0,0 @@
class Registrant::ContactsController < RegistrantController
helper_method :domain
helper_method :fax_enabled?
helper_method :domain_filter_params
skip_authorization_check only: %i[edit update]
before_action :set_contact, only: [:show]
def show
@requester_contact = Contact.find_by(ident: current_registrant_user.ident)
authorize! :read, @contact
end
def edit
@contact = current_user_contacts.find(params[:id])
end
def update
@contact = current_user_contacts.find(params[:id])
@contact.attributes = contact_params
response = update_contact_via_api(@contact.uuid)
updated = response.is_a?(Net::HTTPSuccess)
if updated
redirect_to registrant_domain_contact_url(domain, @contact), notice: t('.updated')
else
parsed_response = JSON.parse(response.body, symbolize_names: true)
@errors = parsed_response[:errors]
render :edit
end
end
private
def set_contact
id = params[:id]
contact = domain.contacts.find_by(id: id) || current_user_contacts.find_by(id: id)
contact ||= Contact.find_by(id: id, ident: domain.registrant.ident)
@contact = contact
end
def domain
current_user_domains.find(params[:domain_id])
end
def contact_params
permitted = %i[
name
email
phone
]
permitted << :fax if fax_enabled?
permitted += %i[street zip city state country_code] if Contact.address_processing?
params.require(:contact).permit(*permitted)
end
def access_token
uri = URI.parse("#{ENV['registrant_api_base_url']}/api/v1/registrant/auth/eid")
request = Net::HTTP::Post.new(uri)
request.form_data = access_token_request_params
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: (uri.scheme == 'https')) do |http|
http.request(request)
end
json_doc = JSON.parse(response.body, symbolize_names: true)
json_doc[:access_token]
end
def access_token_request_params
{ ident: current_registrant_user.ident,
first_name: current_registrant_user.first_name,
last_name: current_registrant_user.last_name }
end
def fax_enabled?
ENV['fax_enabled'] == 'true'
end
def contact_update_api_params
params = contact_params
params = normalize_address_attributes_for_api(params) if Contact.address_processing?
params
end
def normalize_address_attributes_for_api(params)
normalized = params
address_parts = {}
Contact.address_attribute_names.each do |attr|
attr = attr.to_sym
address_parts[attr] = params[attr]
normalized.delete(attr)
end
normalized[:address] = address_parts
normalized
end
def update_contact_via_api(uuid)
uri = URI.parse("#{ENV['registrant_api_base_url']}/api/v1/registrant/contacts/#{uuid}")
request = Net::HTTP::Patch.new(uri)
request['Authorization'] = "Bearer #{access_token}"
request['Content-type'] = 'application/json'
request.body = contact_update_api_params.to_json
Net::HTTP.start(uri.hostname, uri.port, use_ssl: (uri.scheme == 'https')) do |http|
http.request(request)
end
end
def domain_filter_params
params.permit(:domain_filter)
end
end

44
app/controllers/registrant/domain_delete_confirms_controller.rb
View file

@ -1,44 +0,0 @@
class Registrant::DomainDeleteConfirmsController < RegistrantController
skip_before_action :authenticate_registrant_user!, only: [:show, :update]
skip_authorization_check only: [:show, :update]
def show
return if params[:confirmed] || params[:rejected]
@domain = Domain.find(params[:id])
@domain = nil unless @domain.registrant_delete_confirmable?(params[:token])
end
def update
@domain = Domain.find(params[:id])
unless @domain.registrant_delete_confirmable?(params[:token])
flash[:alert] = t(:registrant_domain_verification_failed)
return render 'show'
end
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
verification_token: params[:token])
initiator = current_registrant_user ? current_registrant_user.username :
t(:user_not_authenticated)
confirmed = params[:confirmed] ? true : false
action = if confirmed
@registrant_verification.domain_registrant_delete_confirm!("email link #{initiator}")
else
@registrant_verification.domain_registrant_delete_reject!("email link #{initiator}")
end
fail_msg = t("registrant_domain_delete_#{confirmed ? 'confirmed' : 'rejected'}_failed".to_sym)
success_msg = t("registrant_domain_verification_#{confirmed ? 'confirmed' : 'rejected'}".to_sym)
flash[:alert] = action ? success_msg : fail_msg
(render 'show' && return) unless action
if confirmed
redirect_to registrant_domain_delete_confirm_path(@domain.id, confirmed: true)
else
redirect_to registrant_domain_delete_confirm_path(@domain.id, rejected: true)
end
end
end

44
app/controllers/registrant/domain_update_confirms_controller.rb
View file

@ -1,44 +0,0 @@
class Registrant::DomainUpdateConfirmsController < RegistrantController
skip_before_action :authenticate_registrant_user!, only: %i[show update]
skip_authorization_check only: %i[show update]
def show
return if params[:confirmed] || params[:rejected]
@domain = Domain.find(params[:id])
@domain = nil unless @domain.registrant_update_confirmable?(params[:token])
end
def update
@domain = Domain.find(params[:id])
unless @domain.registrant_update_confirmable?(params[:token])
flash[:alert] = t(:registrant_domain_verification_failed)
return render 'show'
end
@registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
verification_token: params[:token])
initiator = current_registrant_user ? current_registrant_user.username :
t(:user_not_authenticated)
if params[:rejected]
if @registrant_verification.domain_registrant_change_reject!("email link, #{initiator}")
flash[:notice] = t(:registrant_domain_verification_rejected)
redirect_to registrant_domain_update_confirm_path(@domain.id, rejected: true)
else
flash[:alert] = t(:registrant_domain_verification_rejected_failed)
return render 'show'
end
elsif params[:confirmed]
if @registrant_verification.domain_registrant_change_confirm!("email link, #{initiator}")
Dispute.close_by_domain(@domain.name) if @domain.disputed?
flash[:notice] = t(:registrant_domain_verification_confirmed)
redirect_to registrant_domain_update_confirm_path(@domain.id, confirmed: true)
else
flash[:alert] = t(:registrant_domain_verification_confirmed_failed)
return render 'show'
end
end
end
end

79
app/controllers/registrant/domains_controller.rb
View file

@ -1,79 +0,0 @@
class Registrant::DomainsController < RegistrantController
def index
authorize! :view, :registrant_domains
params[:q] ||= {}
normalize_search_parameters do
@q = current_user_domains.search(search_params)
end
domains = @q.result
respond_to do |format|
format.html do
@domains = domains.page(params[:page])
domains_per_page = params[:results_per_page].to_i
@domains = @domains.per(domains_per_page) if domains_per_page.positive?
end
format.csv do
raw_csv = @q.result.to_csv
send_data raw_csv, filename: 'domains.csv', type: "#{Mime[:csv]}; charset=utf-8"
end
format.pdf do
view = ActionView::Base.new(ActionController::Base.view_paths, domains: domains)
raw_html = view.render(file: 'registrant/domains/list_pdf', layout: false)
raw_pdf = domains.pdf(raw_html)
send_data raw_pdf, filename: 'domains.pdf'
end
end
end
def show
@domain = current_user_domains.find(params[:id])
authorize! :read, @domain
end
def confirmation
authorize! :view, :registrant_domains
domain = current_user_domains.find(params[:id])
if (domain.statuses.include?(DomainStatus::PENDING_UPDATE) ||
domain.statuses.include?(DomainStatus::PENDING_DELETE_CONFIRMATION)) &&
domain.pending_json.present?
@domain = domain
@confirmation_url = confirmation_url(domain)
else
flash[:warning] = I18n.t('available_verification_url_not_found')
redirect_to registrant_domain_path(domain)
end
end
private
def normalize_search_parameters
ca_cache = params[:q][:valid_to_lteq]
begin
end_time = params[:q][:valid_to_lteq].try(:to_date)
params[:q][:valid_to_lteq] = end_time.try(:end_of_day)
rescue
logger.warn('Invalid date')
end
yield
params[:q][:valid_to_lteq] = ca_cache
end
def confirmation_url(domain)
if domain.statuses.include?(DomainStatus::PENDING_UPDATE)
registrant_domain_update_confirm_url(token: domain.registrant_verification_token)
elsif domain.statuses.include?(DomainStatus::PENDING_DELETE_CONFIRMATION)
registrant_domain_delete_confirm_url(token: domain.registrant_verification_token)
end
end
def search_params
params.require(:q).permit(:name_matches, :registrant_ident_eq, :valid_to_gteq, :valid_to_lteq,
:results_per_page)
end
end

6
app/controllers/registrant/registrars_controller.rb
View file

@ -1,6 +0,0 @@
class Registrant::RegistrarsController < RegistrantController
def show
@registrar = Registrar.find(params[:id])
authorize! :read, @registrar
end
end

17
app/controllers/registrant/sessions_controller.rb
View file

@ -1,17 +0,0 @@
class Registrant::SessionsController < Devise::SessionsController
layout 'registrant/application'
private
def after_sign_in_path_for(_resource_or_scope)
registrant_root_path
end
def after_sign_out_path_for(_resource_or_scope)
new_registrant_user_session_path
end
def user_for_paper_trail
current_registrant_user.present? ? current_registrant_user.id_role_username : 'anonymous'
end
end

2
app/controllers/registrar/base_controller.rb
View file

@ -17,7 +17,7 @@ class Registrar
private
def check_ip_restriction
ip_restriction = Authorization::RestrictedIP.new(request.ip)
ip_restriction = Authorization::RestrictedIp.new(request.ip)
allowed = ip_restriction.can_access_registrar_area?(current_registrar_user.registrar)
return if allowed

2
app/controllers/registrar/domains_controller.rb
View file

@ -49,7 +49,7 @@ class Registrar
domain_presenters << ::DomainPresenter.new(domain: domain, view: view_context)
end
raw_csv = Registrar::DomainListCSVPresenter.new(domains: domain_presenters,
raw_csv = Registrar::DomainListCsvPresenter.new(domains: domain_presenters,
view: view_context).to_s
filename = "Domains_#{l(Time.zone.now, format: :filename)}.csv"
send_data raw_csv, filename: filename, type: "#{Mime[:csv]}; charset=utf-8"

2
app/controllers/registrar/sessions_controller.rb
View file

@ -72,7 +72,7 @@ class Registrar
end
def check_ip_restriction
ip_restriction = Authorization::RestrictedIP.new(request.ip)
ip_restriction = Authorization::RestrictedIp.new(request.ip)
allowed = ip_restriction.can_access_registrar_area_sign_in_page?
return if allowed

20
app/controllers/repp/v1/accounts_controller.rb
View file

@ -6,8 +6,28 @@ module Repp
def balance
resp = { balance: current_user.registrar.cash_account.balance,
currency: current_user.registrar.cash_account.currency }
resp[:transactions] = activities if params[:detailed] == 'true'
render_success(data: resp)
end
def activities
arr = []
registrar_activities.each do |a|
arr << { created_at: a.created_at, description: a.description,
type: a.activity_type == 'add_credit' ? 'credit' : 'debit',
sum: a.sum, balance: a.new_balance }
end
arr
end
def registrar_activities
activities = current_user.registrar.cash_account.activities.order(created_at: :desc)
activities = activities.where('created_at >= ?', params[:from]) if params[:from]
activities = activities.where('created_at <= ?', params[:until]) if params[:until]
activities
end
end
end
end

2
app/controllers/sso/tara_controller.rb
View file

@ -14,7 +14,7 @@ module Sso
# rubocop:disable Style/AndOr
def callback(user, registrar: true)
session[:omniauth_hash] = user_hash
session[:omniauth_hash] = user_hash.delete_if { |key, _| key == 'credentials' }
(show_error(registrar: registrar) and return) unless user
flash[:notice] = t(:signed_in_successfully)