Merge branch 'master' of github.com:domify/registry

2025-05-18 18:29:40 +02:00 · 2015-07-31 13:53:21 +03:00 · 2015-07-31 13:53:21 +03:00 · e313f2c756
commit e313f2c756
parent ddd3551015 19f61dd30f
9 changed files with 145 additions and 29 deletions
--- a/app/controllers/admin/settings_controller.rb
+++ b/app/controllers/admin/settings_controller.rb
@ -68,7 +68,9 @@ class Admin::SettingsController < AdminController
      :key_data_allowed,
      :client_side_status_editing_enabled,
      :registrar_ip_whitelist_enabled,
-      :api_ip_whitelist_enabled
+      :api_ip_whitelist_enabled,
+      :request_confrimation_on_registrant_change_enabled,
+      :request_confirmation_on_domain_deletion_enabled
    ]

    params[:settings].each do |k, v|
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@ -62,19 +62,20 @@ class Domain < ActiveRecord::Base
  before_create :generate_auth_info
  before_create :set_validity_dates
  before_create -> { self.reserved = in_reserved_list?; nil }
-  before_update :manage_statuses
-  def manage_statuses
-    return unless registrant_id_changed?
-    pending_update! if registrant_verification_asked?
-    true
-  end

  before_save :manage_automatic_statuses
-
  before_save :touch_always_version
  def touch_always_version
    self.updated_at = Time.zone.now
  end
+
+  before_update :manage_statuses
+  def manage_statuses
+    return unless registrant_id_changed? # rollback has not yet happened
+    pending_update! if registrant_verification_asked?
+    true
+  end
+
  after_save :update_whois_record

  after_create :update_reserved_domains
@ -353,10 +354,6 @@ class Domain < ActiveRecord::Base
    save
  end

-  def pending_update?
-    statuses.include?(DomainStatus::PENDING_UPDATE)
-  end
-
  def pending_update!
    return true if pending_update?
    self.epp_pending_update = true # for epp
@ -378,11 +375,17 @@ class Domain < ActiveRecord::Base
    self.pending_json = pending_json_cache
    self.registrant_verification_token = token
    self.registrant_verification_asked_at = asked_at
-    self.statuses = [DomainStatus::PENDING_UPDATE]
+    set_pending_update
    pending_json[:domain] = changes_cache
    pending_json[:new_registrant_id]    = new_registrant_id
    pending_json[:new_registrant_email] = new_registrant_email
    pending_json[:new_registrant_name]  = new_registrant_name
+
+    # This pending_update! method is triggered by before_update
+    # Note, all before_save callbacks are excecuted before before_update,
+    # thus automatic statuses has already excectued by this point
+    # and we need to trigger automatic statuses manually (second time).
+    manage_automatic_statuses
  end

  # rubocop: disable Metrics/CyclomaticComplexity
@ -422,16 +425,12 @@ class Domain < ActiveRecord::Base
    self.registrant_verification_token = SecureRandom.hex(42)
  end

-  def pending_delete?
-    statuses.include?(DomainStatus::PENDING_DELETE)
-  end
-
  def pending_delete!
    return true if pending_delete?
    self.epp_pending_delete = true # for epp

    return true unless registrant_verification_asked?
-    self.statuses = [DomainStatus::PENDING_DELETE]
+    set_pending_delete
    save(validate: false) # should check if this did succeed

    DomainMailer.pending_deleted(self).deliver_now
@ -570,6 +569,60 @@ class Domain < ActiveRecord::Base
    save(validate: false)
  end

+  def pending_update?
+    statuses.include?(DomainStatus::PENDING_UPDATE)
+  end
+
+  def update_prohibited?
+    pending_update_prohibited? && pending_delete_prohibited?
+  end
+
+  # TODO: Review the list and disallow epp calls
+  def pending_update_prohibited?
+    (statuses & [
+      DomainStatus::CLIENT_UPDATE_PROHIBITED,
+      DomainStatus::SERVER_UPDATE_PROHIBITED,
+      DomainStatus::PENDING_CREATE,
+      DomainStatus::PENDING_UPDATE,
+      DomainStatus::PENDING_DELETE,
+      DomainStatus::PENDING_RENEW,
+      DomainStatus::PENDING_TRANSFER
+    ]).present?
+  end
+
+  def set_pending_update
+    if pending_update_prohibited?
+      logger.info "DOMAIN STATUS UPDATE ISSUE ##{id}: PENDING_UPDATE not allowed to set. [#{statuses}]"
+      return nil
+    end
+    statuses << DomainStatus::PENDING_UPDATE
+  end
+
+  def pending_delete?
+    statuses.include?(DomainStatus::PENDING_DELETE)
+  end
+
+  # TODO: Review the list and disallow epp calls
+  def pending_delete_prohibited?
+    (statuses & [
+      DomainStatus::CLIENT_DELETE_PROHIBITED,
+      DomainStatus::SERVER_DELETE_PROHIBITED,
+      DomainStatus::PENDING_CREATE,
+      DomainStatus::PENDING_UPDATE,
+      DomainStatus::PENDING_DELETE,
+      DomainStatus::PENDING_RENEW,
+      DomainStatus::PENDING_TRANSFER
+    ]).present?
+  end
+
+  def set_pending_delete
+    if pending_delete_prohibited?
+      logger.info "DOMAIN STATUS UPDATE ISSUE ##{id}: PENDING_DELETE not allowed to set. [#{statuses}]"
+      return nil
+    end
+    statuses << DomainStatus::PENDING_DELETE
+  end
+
  def manage_automatic_statuses
    # domain_statuses.create(value: DomainStatus::DELETE_CANDIDATE) if delete_candidateable?
    if statuses.empty? && valid?
--- a/app/models/epp/domain.rb
+++ b/app/models/epp/domain.rb
@ -4,7 +4,7 @@ class Epp::Domain < Domain

  before_validation :manage_permissions
  def manage_permissions
-    return unless pending_update? || pending_delete?
+    return unless update_prohibited?
    add_epp_error('2304', nil, nil, I18n.t(:object_status_prohibits_operation))
    false
  end
@ -411,7 +411,9 @@ class Epp::Domain < Domain

    # at[:statuses] += at_add[:domain_statuses_attributes]

-    if verify && frame.css('registrant').present? && frame.css('registrant').attr('verified').to_s.downcase != 'yes'
+    if verify && Setting.request_confrimation_on_registrant_change_enabled && 
+      frame.css('registrant').present? && 
+      frame.css('registrant').attr('verified').to_s.downcase != 'yes'
      registrant_verification_asked!(frame.to_s, current_user.id)
    end
    self.deliver_emails = true # turn on email delivery for epp
@ -455,7 +457,10 @@ class Epp::Domain < Domain
  def epp_destroy(frame, user_id, verify = true)
    return false unless valid?

-    if verify && frame.css('delete').attr('verified').to_s.downcase != 'yes'
+    if verify && 
+      Setting.request_confirmation_on_domain_deletion_enabled &&
+      frame.css('delete').attr('verified').to_s.downcase != 'yes'
+
      registrant_verification_asked!(frame.to_s, user_id)
      self.deliver_emails = true # turn on email delivery for epp
      pending_delete!
--- a/app/views/admin/settings/index.haml
+++ b/app/views/admin/settings/index.haml
@ -52,6 +52,8 @@
          = render 'setting_row', var: :client_side_status_editing_enabled
          = render 'setting_row', var: :api_ip_whitelist_enabled
          = render 'setting_row', var: :registrar_ip_whitelist_enabled
+          = render 'setting_row', var: :request_confrimation_on_registrant_change_enabled
+          = render 'setting_row', var: :request_confirmation_on_domain_deletion_enabled

  .panel.panel-default
    .panel-heading.clearfix
--- a/app/views/mailers/domain_mailer/pending_update_notification_for_new_registrant.html.erb
+++ b/app/views/mailers/domain_mailer/pending_update_notification_for_new_registrant.html.erb
@ -17,9 +17,7 @@ Riik: <%= @domain.registrant_country %>
 <br><br>
 Juhime Teie tähelepanu asjaolule, et omanikuvahetuse protseduur viiaks lõpule vaid juhul, kui domeeni hetkel kehtiv registreerija <%= @old_registrant.name %> omanikuvahetuse tähtaegselt kinnitab.
 <br><br>
-Juhul kui <%= @old_registrant.name %> lükkab omanikuvahtuse taotluse tagasi või ei anna kinnitust enne <%= Setting.expire_pending_confirmation %> tundi, omanikuvahetuse protseduur tühistatakse.<br>
-<br><br>
-Taotlus on aktiivne <%= Setting.expire_pending_confirmation %> tundi ja lükatakse automaatselt tagasi kui te seda enne ise ei kinnita või tagasi lükka.
+Juhul kui <%= @old_registrant.name %> lükkab omanikuvahtuse taotluse tagasi või ei anna kinnitust enne <%= Setting.expire_pending_confirmation %> tundi, omanikuvahetuse protseduur tühistatakse.
 <br><br>
 Küsimuste korral palun võtke ühendust registripidajaga <%= @domain.registrar_name %>, kelle kontaktid leiate http://internet.ee/registripidajad/akrediteeritud-registripidajad
 <br><br>
@ -41,7 +39,7 @@ Business Registry code: <%= @domain.registrant_ident %><br>
 <% end %>
 Street: <%= @domain.registrant_street %><br>
 City: <%= @domain.registrant_city %><br>
-Country: <%= @domain.registrant_country %><br>
+Country: <%= @domain.registrant_country %>
 <br><br>
 Please contact to your registrar <%= @domain.registrar_name %> if you have any questions.
 <br><br>
--- a/app/views/mailers/domain_mailer/pending_update_notification_for_new_registrant.text.erb
+++ b/app/views/mailers/domain_mailer/pending_update_notification_for_new_registrant.text.erb
@ -19,8 +19,6 @@ Juhime Teie tähelepanu asjaolule, et omanikuvahetuse protseduur viiaks lõpule

 Juhul kui <%= @old_registrant.name %> lükkab omanikuvahtuse taotluse tagasi või ei anna kinnitust enne <%= Setting.expire_pending_confirmation %> tundi, omanikuvahetuse protseduur tühistatakse.

-Taotlus on aktiivne <%= Setting.expire_pending_confirmation %> tundi ja lükatakse automaatselt tagasi kui te seda enne ise ei kinnita või tagasi lükka.
-
 Küsimuste korral palun võtke ühendust registripidajaga <%= @domain.registrar_name %>, kelle kontaktid leiate http://internet.ee/registripidajad/akrediteeritud-registripidajad

 Lugupidamisega
--- a/app/views/mailers/domain_mailer/pending_update_request_for_old_registrant.html.erb
+++ b/app/views/mailers/domain_mailer/pending_update_request_for_old_registrant.html.erb
@ -13,7 +13,8 @@ Tänav: <%= @domain.registrant_street %><br>
 Linn: <%= @domain.registrant_city %><br>
 Riik: <%= @domain.registrant_country %>
 <br><br>
-Taotlus on aktiivne <%= Setting.expire_pending_confirmation %> tundi ja lükatakse automaatselt tagasi kui te seda enne ise ei kinnita või tagasi lükka.<br>
+Taotlus on aktiivne <%= Setting.expire_pending_confirmation %> tundi ja lükatakse automaatselt tagasi kui te seda enne ise ei kinnita või tagasi lükka.
+<br><br>
 Muudatuse kinnitamiseks külastage palun allolevat võrgulehekülge, kontrollige uuesti üle muudatuse andmed ning vajutage nuppu kinnitan:<br>

 <%= link_to @verification_url, @verification_url %>
@ -38,7 +39,8 @@ Street: <%= @domain.registrant_street %><br>
 City: <%= @domain.registrant_city %><br>
 Country: <%= @domain.registrant_country %>
 <br><br>
-The application will remain in pending status for <%= Setting.expire_pending_confirmation %> hrs and will be automaticcally rejected if it is not approved nor rejected before.<br>
+The application will remain in pending status for <%= Setting.expire_pending_confirmation %> hrs and will be automaticcally rejected if it is not approved nor rejected before.
+<br><br>
 To confirm the update please visit this website, once again review the data and press approve:<br>
 <%= link_to @verification_url, @verification_url %>
 <br><br>
--- a/config/initializers/initial_settings.rb
+++ b/config/initializers/initial_settings.rb
@ -22,6 +22,8 @@ if con.present? && con.table_exists?('settings')
  Setting.save_default(:ns_max_count, 11)

  Setting.save_default(:transfer_wait_time, 0)
+  Setting.save_default(:request_confrimation_on_registrant_change_enabled, true)
+  Setting.save_default(:request_confirmation_on_domain_deletion_enabled, true)

  Setting.save_default(:client_side_status_editing_enabled, false)

--- a/spec/models/domain_spec.rb
+++ b/spec/models/domain_spec.rb
@ -37,6 +37,22 @@ describe Domain do
    it 'should not be registrant update confirm ready' do
      @domain.registrant_update_confirmable?('123').should == false
    end
+
+    it 'should not have pending update' do
+      @domain.pending_update?.should == false
+    end
+
+    it 'should allow pending update' do
+      @domain.pending_update_prohibited?.should == false
+    end
+
+    it 'should not have pending delete' do
+      @domain.pending_delete?.should == false
+    end
+
+    it 'should allow pending delete' do
+      @domain.pending_delete_prohibited?.should == false
+    end
  end

  context 'with valid attributes' do
@ -328,6 +344,44 @@ describe Domain do
      domain.pricelist('renew').price.amount.should == 6.1
    end

+    it 'should set pending update' do
+      @domain.statuses = DomainStatus::OK # restore
+      @domain.pending_update?.should == false
+
+      @domain.set_pending_update
+      @domain.pending_update?.should == true
+      @domain.statuses = DomainStatus::OK # restore
+    end
+
+    it 'should not set pending update' do
+      @domain.statuses = DomainStatus::OK # restore
+      @domain.statuses << DomainStatus::CLIENT_UPDATE_PROHIBITED
+
+      @domain.set_pending_update.should == nil # not updated
+      @domain.pending_update?.should == false
+      @domain.statuses = DomainStatus::OK # restore
+    end
+
+    it 'should set pending delete' do
+      @domain.statuses = DomainStatus::OK # restore
+      @domain.pending_delete?.should == false
+
+      @domain.set_pending_delete.should == ['pendingDelete']
+      @domain.pending_delete?.should == true
+      @domain.statuses = DomainStatus::OK # restore
+    end
+
+    it 'should not set pending delele' do
+      @domain.statuses = DomainStatus::OK # restore
+      @domain.pending_delete?.should == false
+      @domain.statuses << DomainStatus::CLIENT_DELETE_PROHIBITED
+
+      @domain.set_pending_delete.should == nil
+
+      @domain.pending_delete?.should == false
+      @domain.statuses = DomainStatus::OK # restore
+    end
+
    context 'about registrant update confirm' do
      before :all do
        @domain.registrant_verification_token = 123