diff --git a/app/controllers/concerns/epp/common.rb b/app/controllers/concerns/epp/common.rb index 788ef91be..d66fb0cb6 100644 --- a/app/controllers/concerns/epp/common.rb +++ b/app/controllers/concerns/epp/common.rb @@ -3,6 +3,7 @@ module Epp::Common included do protect_from_forgery with: :null_session + helper_method :current_epp_user end def proxy @@ -12,4 +13,12 @@ module Epp::Common def parsed_frame Nokogiri::XML(params[:frame]).remove_namespaces! end + + def epp_session + EppSession.find_or_initialize_by(session_id: cookies['session']) + end + + def current_epp_user + @current_epp_user ||= EppUser.find(epp_session[:epp_user_id]) if epp_session[:epp_user_id] + end end diff --git a/app/controllers/epp/sessions_controller.rb b/app/controllers/epp/sessions_controller.rb index cb17374ae..b7da9b0c8 100644 --- a/app/controllers/epp/sessions_controller.rb +++ b/app/controllers/epp/sessions_controller.rb @@ -11,6 +11,7 @@ class Epp::SessionsController < ApplicationController @epp_user = EppUser.find_by(login_params) if @epp_user.try(:active) + epp_session[:epp_user_id] = @epp_user.id render 'login_success' else response.headers['X-EPP-Returncode'] = '2200' @@ -19,6 +20,7 @@ class Epp::SessionsController < ApplicationController end def logout + epp_session[:epp_user_id] = nil response.headers['X-EPP-Returncode'] = '1500' render 'logout' end diff --git a/app/helpers/epp/domains_helper.rb b/app/helpers/epp/domains_helper.rb index 5357e612c..b0fbe32ae 100644 --- a/app/helpers/epp/domains_helper.rb +++ b/app/helpers/epp/domains_helper.rb @@ -8,7 +8,7 @@ module Epp::DomainsHelper cp = command_params { name: cp[:name], - registrar: nil, #well come from current_epp_user + registrar_id: current_epp_user.registrar.try(:id), registered_at: Time.now, valid_from: Date.today, valid_to: Date.today + cp[:period].to_i.years, diff --git a/app/models/epp_session.rb b/app/models/epp_session.rb new file mode 100644 index 000000000..5c5ab1126 --- /dev/null +++ b/app/models/epp_session.rb @@ -0,0 +1,31 @@ +class EppSession < ActiveRecord::Base + before_save :marshal_data! + + def data + @data ||= self.class.unmarshal(read_attribute(:data)) || {} + end + + def [](key) + data[key.to_sym] + end + + def []=(key, value) + data[key.to_sym] = value + save! + end + + def marshal_data! + self.data = self.class.marshal(data) + end + + class << self + def marshal(data) + ::Base64.encode64(Marshal.dump(data)) if data + end + + def unmarshal(data) + return data unless data.is_a? String + Marshal.load(::Base64.decode64(data)) if data + end + end +end diff --git a/db/migrate/20140627082711_create_epp_sessions.rb b/db/migrate/20140627082711_create_epp_sessions.rb new file mode 100644 index 000000000..83240a274 --- /dev/null +++ b/db/migrate/20140627082711_create_epp_sessions.rb @@ -0,0 +1,12 @@ +class CreateEppSessions < ActiveRecord::Migration + def change + create_table :epp_sessions do |t| + t.string :session_id + t.text :data + t.timestamps + end + + add_index :epp_sessions, :session_id, :unique => true + add_index :epp_sessions, :updated_at + end +end diff --git a/db/schema.rb b/db/schema.rb index 1ca6da654..50d6413df 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20140620130107) do +ActiveRecord::Schema.define(version: 20140627082711) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -61,6 +61,16 @@ ActiveRecord::Schema.define(version: 20140620130107) do t.datetime "updated_at" end + create_table "epp_sessions", force: true do |t| + t.string "session_id" + t.text "data" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "epp_sessions", ["session_id"], name: "index_epp_sessions_on_session_id", unique: true, using: :btree + add_index "epp_sessions", ["updated_at"], name: "index_epp_sessions_on_updated_at", using: :btree + create_table "epp_users", force: true do |t| t.integer "registrar_id" t.string "username" diff --git a/spec/epp/domain_spec.rb b/spec/epp/domain_spec.rb index 2eecf0d4e..e5aa76dfe 100644 --- a/spec/epp/domain_spec.rb +++ b/spec/epp/domain_spec.rb @@ -10,6 +10,7 @@ describe 'EPP Domain', epp: true do response = epp_request('create_domain.xml') expect(response[:result_code]).to eq('1000') expect(response[:msg]).to eq('Command completed successfully') + expect(Domain.first.registrar.name).to eq('Zone Media OÜ') end end diff --git a/spec/fabricators/epp_session_fabricator.rb b/spec/fabricators/epp_session_fabricator.rb new file mode 100644 index 000000000..1b4921d21 --- /dev/null +++ b/spec/fabricators/epp_session_fabricator.rb @@ -0,0 +1,4 @@ +Fabricator(:epp_session) do + session_id 'test' + data { {epp_user_id: 1} } +end diff --git a/spec/models/epp_session.rb b/spec/models/epp_session.rb new file mode 100644 index 000000000..0a06e391d --- /dev/null +++ b/spec/models/epp_session.rb @@ -0,0 +1,21 @@ +require "rails_helper" + +describe EppSession do + let(:epp_session) { Fabricate(:epp_session) } + + it 'has encrypted data' do + expect(epp_session.read_attribute(:data)).to_not be_blank + expect(epp_session.read_attribute(:data).class).to eq(String) + expect(epp_session.data.class).to eq(Hash) + end + + it 'stores data' do + expect(epp_session[:epp_user_id]).to eq(1) + + epp_session[:epp_user_id] = 3 + expect(epp_session[:epp_user_id]).to eq(3) + + epp_session = EppSession.find_by(session_id: 'test') + expect(epp_session[:epp_user_id]).to eq(3) + end +end