mirror of
https://github.com/internetee/registry.git
synced 2025-07-03 01:33:36 +02:00
Merge branch 'master' of github.com:domify/registry
This commit is contained in:
commit
e8a4706e73
16 changed files with 147 additions and 98 deletions
|
@ -56,6 +56,15 @@ class Epp::SessionsController < EppController
|
|||
success = false
|
||||
end
|
||||
|
||||
if success && @api_user.cannot?(:create, :epp_login)
|
||||
epp_errors << {
|
||||
msg: 'Authentication error; server closing connection (API user does not have epp role)',
|
||||
code: '2501'
|
||||
}
|
||||
|
||||
success = false
|
||||
end
|
||||
|
||||
if success && !ip_white?
|
||||
epp_errors << {
|
||||
msg: 'Authentication error; server closing connection (IP is not whitelisted)',
|
||||
|
@ -105,7 +114,7 @@ class Epp::SessionsController < EppController
|
|||
end
|
||||
|
||||
def connection_limit_ok?
|
||||
return true if Rails.env.test?
|
||||
return true if Rails.env.test? || Rails.env.development?
|
||||
c = EppSession.where(
|
||||
'registrar_id = ? AND updated_at >= ?', @api_user.registrar_id, Time.zone.now - 5.minutes
|
||||
).count
|
||||
|
|
|
@ -71,7 +71,7 @@ class Registrar::SessionsController < Devise::SessionsController
|
|||
redirect_to :back and return
|
||||
end
|
||||
|
||||
if @api_user.can_make_api_calls?
|
||||
if @api_user.can?(:create, :epp_login)
|
||||
unless @api_user.registrar.api_ip_white?(request.ip)
|
||||
flash[:alert] = I18n.t(:ip_is_not_whitelisted)
|
||||
redirect_to :back and return
|
||||
|
|
|
@ -18,14 +18,14 @@ class RegistrarController < ApplicationController
|
|||
return
|
||||
end
|
||||
return if Rails.env.development?
|
||||
riw = current_user.registrar.registrar_ip_white?(request.ip)
|
||||
registrar_ip_whitelisted = current_user.registrar.registrar_ip_white?(request.ip)
|
||||
|
||||
aiw = true
|
||||
if current_user.can_make_api_calls?
|
||||
aiw = current_user.registrar.api_ip_white?(request.ip)
|
||||
api_ip_whitelisted = true
|
||||
if current_user.can?(:create, :epp_request)
|
||||
api_ip_whitelisted = current_user.registrar.api_ip_white?(request.ip)
|
||||
end
|
||||
|
||||
return if riw && aiw
|
||||
return if registrar_ip_whitelisted && api_ip_whitelisted
|
||||
flash[:alert] = t('ip_is_not_whitelisted')
|
||||
sign_out(current_user)
|
||||
redirect_to registrar_login_path and return
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue