Merge remote-tracking branch 'origin/add-registrant-api-token-log' into add-role-filter-to-registrant-api

test/integration/api/domain_admin_contacts_test.rb

@@ -0,0 +1,153 @@
+require 'test_helper'
+
+class APIDomainAdminContactsTest < ApplicationIntegrationTest
+  setup do
+    @admin_current = domains(:shop).admin_contacts.find_by(code: 'jane-001')
+    domain = domains(:airport)
+    domain.admin_contacts << @admin_current
+    @admin_new = contacts(:william)
+
+    @admin_new.update(ident: @admin_current.ident,
+                      ident_type: @admin_current.ident_type,
+                      ident_country_code: @admin_current.ident_country_code)
+  end
+
+  def test_replace_all_admin_contacts_when_ident_data_doesnt_match
+    @admin_new.update(ident: '777' ,
+                      ident_type: 'priv',
+                      ident_country_code: 'LV')
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :bad_request
+    assert_equal ({ code: 2304, message: 'Admin contacts must be identical', data: {} }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_replace_all_admin_contacts_of_the_current_registrar
+    assert @admin_new.identical_to?(@admin_current)
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_nil domains(:shop).admin_contacts.find_by(code: @admin_current.code)
+    assert domains(:shop).admin_contacts.find_by(code: @admin_new.code)
+    assert domains(:airport).admin_contacts.find_by(code: @admin_new.code)
+  end
+
+  def test_skip_discarded_domains
+    domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).admin_contacts.find_by(code: @admin_current.code)
+  end
+
+  def test_return_affected_domains_in_alphabetical_order
+    domain = domains(:airport)
+    domain.admin_contacts = [@admin_current]
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000, message: 'Command completed successfully', data: { affected_domains: %w[airport.test shop.test],
+                    skipped_domains: [] }}),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_return_skipped_domains_in_alphabetical_order
+    domains(:shop).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+    domains(:airport).update!(statuses: [DomainStatus::DELETE_CANDIDATE])
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal %w[airport.test shop.test], JSON.parse(response.body,
+                                                        symbolize_names: true)[:data][:skipped_domains]
+  end
+
+  def test_keep_other_admin_contacts_intact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).admin_contacts.find_by(code: 'john-001')
+  end
+
+  def test_keep_tech_contacts_intact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert domains(:airport).tech_contacts.find_by(code: 'william-001')
+  end
+
+  def test_restrict_contacts_to_the_current_registrar
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'william-002' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_non_existent_current_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: 'non-existent',
+                                                 new_contact_id: @admin_new.code},
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :not_found
+    assert_equal ({ code: 2303, message: 'Object does not exist' }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_non_existent_new_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'non-existent' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :not_found
+    assert_equal ({code: 2303, message: 'Object does not exist'}),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_disallow_invalid_new_contact
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: 'invalid' },
+          headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+    assert_response :bad_request
+    assert_equal ({ code: 2304, message: 'New contact must be valid', data: {} }),
+                 JSON.parse(response.body, symbolize_names: true)
+  end
+
+  def test_admin_bulk_changed_when_domain_update_prohibited
+    domains(:shop).update!(statuses: [DomainStatus::SERVER_UPDATE_PROHIBITED])
+    domains(:airport).admin_contacts = [@admin_current]
+
+    shop_admin_contact = Contact.find_by(code: 'jane-001')
+    assert domains(:shop).admin_contacts.include?(shop_admin_contact)
+
+    patch '/repp/v1/domains/admin_contacts', params: { current_contact_id: @admin_current.code,
+                                                 new_contact_id: @admin_new.code },
+                                                 headers: { 'HTTP_AUTHORIZATION' => http_auth_key }
+
+    assert_response :ok
+    assert_equal ({ code: 1000,
+                    message: 'Command completed successfully',
+                    data: { affected_domains: ["airport.test"],
+                    skipped_domains: ["shop.test"] }}),
+            JSON.parse(response.body, symbolize_names: true)
+  end
+
+  private
+
+  def http_auth_key
+    ActionController::HttpAuthentication::Basic.encode_credentials('test_bestnames', 'testtest')
+  end
+end

test/integration/api/v1/bounces/create_test.rb

@@ -2,7 +2,7 @@ require 'test_helper'
 
 class BouncesApiV1CreateTest < ActionDispatch::IntegrationTest
   def setup
-    @api_key = "Basic #{ENV['api_shared_key']}"
+    @api_key = "Basic #{ENV['rwhois_bounces_api_shared_key']}"
     @headers = { "Authorization": "#{@api_key}" }
     @json_body = { "data": valid_bounce_request }.as_json
   end

test/integration/api/v1/contact_requests_test.rb

@@ -0,0 +1,68 @@
+require 'test_helper'
+
+class ApiV1ContactRequestTest < ActionDispatch::IntegrationTest
+  def setup
+    @api_key = "Basic #{ENV['rwhois_internal_api_shared_key']}"
+    @headers = { "Authorization": "#{@api_key}" }
+    @json_create = { "contact_request": valid_contact_request_create }.as_json
+    @json_update = { "contact_request": valid_contact_request_update }.as_json
+    @contact_request = contact_requests(:new)
+  end
+
+  def test_authorizes_api_request
+    post api_v1_contact_requests_path, params: @json_create, headers: @headers
+    assert_response :created
+
+    invalid_headers = { "Authorization": "Basic invalid_api_key" }
+    post api_v1_contact_requests_path, params: @json_create, headers: invalid_headers
+    assert_response :unauthorized
+  end
+
+  def test_saves_new_contact_request
+    request_body = @json_create.dup
+    random_mail = "#{rand(10000..99999)}@registry.test"
+    request_body['contact_request']['email'] = random_mail
+
+    post api_v1_contact_requests_path, params: request_body, headers: @headers
+    assert_response :created
+
+    contact_request = ContactRequest.last
+    assert_equal contact_request.email, random_mail
+    assert ContactRequest::STATUS_NEW, contact_request.status
+  end
+
+  def test_updates_existing_contact_request
+    request_body = @json_update.dup
+
+    put api_v1_contact_request_path(@contact_request.id), params: request_body, headers: @headers
+    assert_response :ok
+
+    @contact_request.reload
+    assert ContactRequest::STATUS_CONFIRMED, @contact_request.status
+  end
+
+  def test_not_updates_if_status_error
+    request_body = @json_update.dup
+    request_body['contact_request']['status'] = 'some_error_status'
+
+    put api_v1_contact_request_path(@contact_request.id), params: request_body, headers: @headers
+    assert_response 400
+
+    @contact_request.reload
+    assert ContactRequest::STATUS_NEW, @contact_request.status
+  end
+
+  def valid_contact_request_create
+    {
+      "email": "aaa@bbb.com",
+      "whois_record_id": "1",
+      "name": "test"
+    }.as_json
+  end
+
+  def valid_contact_request_update
+    {
+      "status": "#{ContactRequest::STATUS_CONFIRMED}",
+    }.as_json
+  end
+end