Registrant domain update confirmation

2025-08-06 01:35:10 +02:00 · 2015-05-19 15:05:52 +03:00 · 2015-05-19 15:05:52 +03:00 · ee39181094
commit ee39181094
parent 254849494f
16 changed files with 236 additions and 10 deletions
--- a/app/assets/stylesheets/registrant/registrant.sass
+++ b/app/assets/stylesheets/registrant/registrant.sass
@ -32,3 +32,15 @@ h1, h2, h3, h4

 .semifooter
  padding: 42px 0 80px 0
+
+.confirmation
+  padding: 40px 0 20px 0
+  .column-keys
+    text-align: right
+    width: 49%
+    float: left
+  .column-values
+    float: right
+    font-weight: bold
+    text-align: left
+    width: 49%
--- a/app/controllers/registrant/domain_delete_confirms_controller.rb
+++ b/app/controllers/registrant/domain_delete_confirms_controller.rb
@ -0,0 +1,12 @@
+class Registrant::DomainDeleteConfirmsController < RegistrantController
+  skip_before_action :authenticate_user!, only: [:show, :create]
+  skip_authorization_check only: [:show, :create]
+
+  def show
+    @domain = Domain.find(params[:id])
+    @domain = nil unless @domain.registrant_delete_confirmable?(params[:token])
+  end
+
+  def create
+  end
+end
--- a/app/controllers/registrant/domain_update_confirms_controller.rb
+++ b/app/controllers/registrant/domain_update_confirms_controller.rb
@ -1,12 +1,40 @@
 class Registrant::DomainUpdateConfirmsController < RegistrantController
-  skip_before_action :authenticate_user!, only: [:show, :create]
-  skip_authorization_check only: [:show, :create]
+  skip_before_action :authenticate_user!, only: [:show, :update]
+  skip_authorization_check only: [:show, :update]

  def show
+    return if params[:confirmed] || params[:rejected]
    @domain = Domain.find(params[:id])
    @domain = nil unless @domain.registrant_update_confirmable?(params[:token])
  end

-  def create
+  def update
+    @domain = Domain.find(params[:id])
+    unless @domain.registrant_update_confirmable?(params[:token])
+      flash[:alert] = t(:registrant_domain_verification_failed)
+      return render 'show'
+    end
+
+    @registrant_verification = RegistrantVerification.new(domain_id: @domain.id,
+                                                          domain_name: @domain.name,
+                                                          verification_token: params[:token])
+
+    if params[:rejected]
+      if @registrant_verification.domain_registrant_change_reject!
+        flash[:notice] = t(:registrant_domain_verification_rejected)
+        redirect_to registrant_domain_update_confirm_path(@domain.id, rejected: true)
+      else
+        flash[:alert] = t(:registrant_domain_verification_rejected_failed)
+        return render 'show'
+      end
+    elsif params[:confirmed]
+      if @registrant_verification.domain_registrant_change_confirm!
+        flash[:notice] = t(:registrant_domain_verification_confirmed)
+        redirect_to registrant_domain_update_confirm_path(@domain.id, confirmed: true)
+      else
+        flash[:alert] = t(:registrant_domain_verification_confirmed_failed)
+        return render 'show'
+      end
+    end
  end
 end
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@ -198,6 +198,15 @@ class Domain < ActiveRecord::Base
    true
  end

+  def registrant_delete_confirmable?(token)
+    return false unless pending_delete?
+    return false if registrant_verification_token.blank?
+    return false if registrant_verification_asked_at.blank?
+    return false if token.blank?
+    return false if registrant_verification_token != token
+    true
+  end
+
  def registrant_verification_asked?
    registrant_verification_asked_at.present? && registrant_verification_token.present?
  end
@ -275,6 +284,15 @@ class Domain < ActiveRecord::Base
    name
  end

+  def pending_registrant_name
+    return '' if pending_json.blank?
+    return '' if pending_json['domain'].blank?
+    return '' if pending_json['domain']['registrant_id'].blank?
+    registrant = Registrant.find_by(id: pending_json['domain']['registrant_id'].last)
+    registrant.try(:name)
+  end
+
+
  # rubocop:disable Lint/Loop
  def generate_auth_info
    begin
--- a/app/models/registrant_verification.rb
+++ b/app/models/registrant_verification.rb
@ -1,5 +1,28 @@
 # Used in Registrant portal to collect registrant verifications
 # Registrant postgres user can access this table directly.
 class RegistrantVerification < ActiveRecord::Base
-  validates :verification_token, :domain_name, presence: true
+  # actions
+  CONFIRMED = 'confirmed'
+  REJECTED  = 'rejected'
+  
+  # action types
+  DOMAIN_REGISTRANT_CHANGE = 'domain_registrant_change'
+  DOMAIN_DELETE = 'domain_delete'
+
+  belongs_to :domain
+
+  validates :verification_token, :domain_name, :domain, :action, :action_type, presence: true
+  validates :domain, uniqueness: { scope: [:domain_id, :verification_token] }
+
+  def domain_registrant_change_confirm!
+    self.action_type = DOMAIN_REGISTRANT_CHANGE
+    self.action = CONFIRMED
+    save
+  end
+
+  def domain_registrant_change_reject!
+    self.action_type = DOMAIN_REGISTRANT_CHANGE
+    self.action = REJECTED
+    save
+  end
 end
--- a/app/views/registrant/domain_delete_confirms/show.haml
+++ b/app/views/registrant/domain_delete_confirms/show.haml
@ -0,0 +1,4 @@
+- if @domain.present?
+- else
+  %h1= t(:not_valid_domain_verification_title).html_safe
+  %p=  t(:not_valid_domain_verification_body).html_safe
--- a/app/views/registrant/domain_update_confirms/show.haml
+++ b/app/views/registrant/domain_update_confirms/show.haml
@ -1,4 +1,46 @@
- if @domain.present?
+- if params[:confirmed].present?
+  .row
+    .col-md-12
+      %h1= t(:domain_registrant_change_confirmed_title)
+  .row
+    .col-md-12
+      %p=  t(:domain_registrant_change_confirmed_body)
+- elsif params[:rejected].present?
+  .row
+    .col-md-12
+      %h1= t(:domain_registrant_change_rejected_title)
+  .row
+    .col-md-12
+      %p=  t(:domain_registrant_change_rejected_body)
 - else
-  %h1= t(:not_valid_domain_verification_title).html_safe
-  %p=  t(:not_valid_domain_verification_body).html_safe
+  - if @domain.present?
+    .row
+      .col-md-12
+        %h1= t(:domain_registrant_change_title)
+    .row
+      .col-md-12
+        %p=  t(:domain_registrant_change_body)
+
+    %hr
+    .row
+      .col-md-12.text-center.confirmation
+        .column-keys
+          %p= t(:domain_name) + ':' 
+          %p= t(:current_registrant) + ':'
+          %p= t(:new_pending_registrant) + ':'
+        .column-values
+          %p= @domain.name
+          %p= @domain.registrant_name
+          %p= @domain.pending_registrant_name
+        
+    .row
+      .col-md-12.text-center
+        .confirmation
+          = form_for registrant_domain_update_confirm_path(@domain.id), method: :patch do |f|
+            = hidden_field_tag :token, params[:token]
+            = f.button t(:confirm_domain_registrant_update), name: 'confirmed', class: 'btn btn-primary'
+            = f.button t(:reject_domain_registrant_update), name: 'rejected', class: 'btn btn-warning'
+    %hr
+  - else
+    %h1= t(:not_valid_domain_verification_title).html_safe
+    %p=  t(:not_valid_domain_verification_body).html_safe