zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-28 05:26:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add rate limiting to all EPP actions

Browse source
This commit is contained in:
Thiago Youssef 2022-08-02 06:14:21 -03:00 committed by olegphenomenon
parent 1a8d8b52e7
commit fb60466194
14 changed files with 629 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/epp/contacts_controller.rb
View file

@ -5,7 +5,7 @@ module Epp
before_action :find_contact, only: [:info, :update, :delete] before_action :find_contact, only: [:info, :update, :delete]
before_action :find_password, only: [:info, :update, :delete] before_action :find_password, only: [:info, :update, :delete]
THROTTLED_ACTIONS = %i[info renew update transfer delete].freeze THROTTLED_ACTIONS = %i[info check create renew update transfer delete].freeze
include Shunter::Integration::Throttle include Shunter::Integration::Throttle
def info def info

2
app/controllers/epp/domains_controller.rb
View file

@ -6,7 +6,7 @@ module Epp
before_action :set_paper_trail_whodunnit before_action :set_paper_trail_whodunnit
before_action :parse_schemas_prefix_and_version before_action :parse_schemas_prefix_and_version
THROTTLED_ACTIONS = %i[info renew update transfer delete].freeze THROTTLED_ACTIONS = %i[info create check renew update transfer delete].freeze
include Shunter::Integration::Throttle include Shunter::Integration::Throttle
def info def info

3
app/controllers/epp/polls_controller.rb
View file

@ -1,5 +1,8 @@
module Epp module Epp
class PollsController < BaseController class PollsController < BaseController
THROTTLED_ACTIONS = %i[poll].freeze
include Shunter::Integration::Throttle
def poll def poll
authorize! :manage, :poll authorize! :manage, :poll
req_poll if params[:parsed_frame].css('poll').first['op'] == 'req' req_poll if params[:parsed_frame].css('poll').first['op'] == 'req'

3
app/controllers/epp/sessions_controller.rb
View file

@ -3,6 +3,9 @@ module Epp
skip_authorization_check only: [:hello, :login, :logout] skip_authorization_check only: [:hello, :login, :logout]
before_action :set_paper_trail_whodunnit before_action :set_paper_trail_whodunnit
THROTTLED_ACTIONS = %i[login].freeze
include Shunter::Integration::Throttle
def hello def hello
render_epp_response('greeting') render_epp_response('greeting')
end end

56
test/integration/epp/contact/check/base_test.rb
View file

@ -3,6 +3,9 @@ require 'test_helper'
class EppContactCheckBaseTest < EppTestCase class EppContactCheckBaseTest < EppTestCase
setup do setup do
@contact = contacts(:john) @contact = contacts(:john)
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end end
def test_returns_valid_response def test_returns_valid_response
@ -157,6 +160,59 @@ class EppContactCheckBaseTest < EppTestCase
# assert_equal 'in use', response_xml.at_xpath('//contact:reason', contact: xml_schema).text # assert_equal 'in use', response_xml.at_xpath('//contact:reason', contact: xml_schema).text
end end
def test_returns_valid_response_if_not_throttled
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<check>
<contact:check xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
</contact:check>
</check>
</command>
</epp>
XML
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<check>
<contact:check xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
</contact:check>
</check>
</command>
</epp>
XML
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def xml_schema def xml_schema

83
test/integration/epp/contact/create/base_test.rb
View file

@ -1,6 +1,11 @@
require 'test_helper' require 'test_helper'
class EppContactCreateBaseTest < EppTestCase class EppContactCreateBaseTest < EppTestCase
setup do
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end
def test_creates_new_contact_with_required_attributes def test_creates_new_contact_with_required_attributes
name = 'new' name = 'new'
email = 'new@registrar.test' email = 'new@registrar.test'
@ -362,4 +367,82 @@ class EppContactCreateBaseTest < EppTestCase
assert_equal country_code, contact.country_code assert_equal country_code, contact.country_code
assert_equal state, contact.state assert_equal state, contact.state
end end
def test_returns_valid_response_if_not_throttled
name = 'new'
email = 'new@registrar.test'
phone = '+1.2'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<create>
<contact:create xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:postalInfo>
<contact:name>#{name}</contact:name>
</contact:postalInfo>
<contact:voice>#{phone}</contact:voice>
<contact:email>#{email}</contact:email>
</contact:create>
</create>
<extension>
<eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
<eis:ident type="priv" cc="US">any</eis:ident>
</eis:extdata>
</extension>
</command>
</epp>
XML
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
name = 'new'
email = 'new@registrar.test'
phone = '+1.2'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<create>
<contact:create xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:postalInfo>
<contact:name>#{name}</contact:name>
</contact:postalInfo>
<contact:voice>#{phone}</contact:voice>
<contact:email>#{email}</contact:email>
</contact:create>
</create>
<extension>
<eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
<eis:ident type="priv" cc="US">any</eis:ident>
</eis:extdata>
</extension>
</command>
</epp>
XML
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
end end

59
test/integration/epp/contact/info/base_test.rb
View file

@ -3,6 +3,9 @@ require 'test_helper'
class EppContactInfoBaseTest < EppTestCase class EppContactInfoBaseTest < EppTestCase
setup do setup do
@contact = contacts(:john) @contact = contacts(:john)
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end end
def test_returns_valid_response def test_returns_valid_response
@ -129,6 +132,62 @@ class EppContactInfoBaseTest < EppTestCase
assert_equal 'No access', response_xml.at_xpath('//contact:name', contact: xml_schema).text assert_equal 'No access', response_xml.at_xpath('//contact:name', contact: xml_schema).text
end end
def test_returns_valid_response_if_not_throttled
@contact.update_columns(code: @contact.code.upcase)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<info>
<contact:info xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
</contact:info>
</info>
</command>
</epp>
XML
post epp_info_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
@contact.update_columns(code: @contact.code.upcase)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<info>
<contact:info xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
</contact:info>
</info>
</command>
</epp>
XML
post epp_info_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_info_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def xml_schema def xml_schema

73
test/integration/epp/contact/update/base_test.rb
View file

@ -6,6 +6,9 @@ class EppContactUpdateBaseTest < EppTestCase
setup do setup do
@contact = contacts(:john) @contact = contacts(:john)
ActionMailer::Base.deliveries.clear ActionMailer::Base.deliveries.clear
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end end
def test_updates_contact def test_updates_contact
@ -470,6 +473,76 @@ class EppContactUpdateBaseTest < EppTestCase
assert_equal '+123.4', @contact.phone assert_equal '+123.4', @contact.phone
end end
def test_returns_valid_response_if_not_throttled
@contact.update_columns(code: @contact.code.upcase)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<contact:update xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
<contact:chg>
<contact:postalInfo>
<contact:name>new name</contact:name>
</contact:postalInfo>
<contact:voice>+123.4</contact:voice>
<contact:email>new-email@inbox.test</contact:email>
</contact:chg>
</contact:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
@contact.update_columns(code: @contact.code.upcase)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<contact:update xmlns:contact="#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}">
<contact:id>john-001</contact:id>
<contact:chg>
<contact:postalInfo>
<contact:name>new name</contact:name>
</contact:postalInfo>
<contact:voice>+123.4</contact:voice>
<contact:email>new-email@inbox.test</contact:email>
</contact:chg>
</contact:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def make_contact_free_of_domains_where_it_acts_as_a_registrant(contact) def make_contact_free_of_domains_where_it_acts_as_a_registrant(contact)

57
test/integration/epp/domain/check/base_test.rb
View file

@ -1,6 +1,11 @@
require 'test_helper' require 'test_helper'
class EppDomainCheckBaseTest < EppTestCase class EppDomainCheckBaseTest < EppTestCase
setup do
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end
def test_returns_valid_response def test_returns_valid_response
request_xml = <<-XML request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <?xml version="1.0" encoding="UTF-8" standalone="no"?>
@ -193,4 +198,56 @@ class EppDomainCheckBaseTest < EppTestCase
assert_correct_against_schema response_xml assert_correct_against_schema response_xml
assert_equal 3, response_xml.xpath('//domain:cd', 'domain' => "#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}").size assert_equal 3, response_xml.xpath('//domain:cd', 'domain' => "#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}").size
end end
def test_returns_valid_response_if_not_throttled
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<check>
<domain:check xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>some.test</domain:name>
</domain:check>
</check>
</command>
</epp>
XML
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<check>
<domain:check xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>some.test</domain:name>
</domain:check>
</check>
</command>
</epp>
XML
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_check_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
end end

85
test/integration/epp/domain/create/base_test.rb
View file

@ -1,6 +1,10 @@
require 'test_helper' require 'test_helper'
class EppDomainCreateBaseTest < EppTestCase class EppDomainCreateBaseTest < EppTestCase
setup do
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end
def test_illegal_chars_in_dns_key def test_illegal_chars_in_dns_key
name = "new.#{dns_zones(:one).origin}" name = "new.#{dns_zones(:one).origin}"
@ -852,4 +856,85 @@ class EppDomainCreateBaseTest < EppTestCase
assert_correct_against_schema response_xml assert_correct_against_schema response_xml
assert_epp_response :completed_successfully assert_epp_response :completed_successfully
end end
def test_returns_valid_response_if_not_throttled
now = Time.zone.parse('2010-07-05')
travel_to now
disputed_domain = disputes(:active)
password = disputed_domain.password
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<create>
<domain:create xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>#{disputed_domain.domain_name}</domain:name>
<domain:registrant>#{contacts(:john).code}</domain:registrant>
</domain:create>
</create>
<extension>
<eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
<eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
<eis:reserved>
<eis:pw>#{password}</eis:pw>
</eis:reserved>
</eis:extdata>
</extension>
</command>
</epp>
XML
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
now = Time.zone.parse('2010-07-05')
travel_to now
disputed_domain = disputes(:active)
password = disputed_domain.password
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<create>
<domain:create xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>#{disputed_domain.domain_name}</domain:name>
<domain:registrant>#{contacts(:john).code}</domain:registrant>
</domain:create>
</create>
<extension>
<eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
<eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
<eis:reserved>
<eis:pw>#{password}</eis:pw>
</eis:reserved>
</eis:extdata>
</extension>
</command>
</epp>
XML
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_create_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
end end

1
test/integration/epp/domain/info/base_test.rb
View file

@ -234,6 +234,7 @@ class EppDomainInfoBaseTest < EppTestCase
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body) response_xml = Nokogiri::XML(response.body)
# binding.pry
assert_epp_response :session_limit_exceeded_server_closing_connection assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message) assert response.body.include?(Shunter.default_error_message)

85
test/integration/epp/domain/update/base_test.rb
View file

@ -10,6 +10,9 @@ class EppDomainUpdateBaseTest < EppTestCase
@original_registrant_change_verification = @original_registrant_change_verification =
Setting.request_confirmation_on_registrant_change_enabled Setting.request_confirmation_on_registrant_change_enabled
ActionMailer::Base.deliveries.clear ActionMailer::Base.deliveries.clear
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end end
teardown do teardown do
@ -882,6 +885,88 @@ class EppDomainUpdateBaseTest < EppTestCase
assert_epp_response :object_does_not_exist assert_epp_response :object_does_not_exist
end end
def test_returns_valid_response_if_not_throttled
ENV['obj_and_extensions_prohibited'] = 'true'
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_EXTENSION_UPDATE_PROHIBITED
@domain.save
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>shop.test</domain:name>
<domain:rem>
<domain:ns>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns1).hostname}</domain:hostName>
</domain:hostAttr>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns2).hostname}</domain:hostName>
</domain:hostAttr>
</domain:ns>
</domain:rem>
</domain:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
ENV['obj_and_extensions_prohibited'] = 'true'
@domain = domains(:shop)
@domain.statuses << DomainStatus::SERVER_EXTENSION_UPDATE_PROHIBITED
@domain.save
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<update>
<domain:update xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
<domain:name>shop.test</domain:name>
<domain:rem>
<domain:ns>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns1).hostname}</domain:hostName>
</domain:hostAttr>
<domain:hostAttr>
<domain:hostName>#{nameservers(:shop_ns2).hostname}</domain:hostName>
</domain:hostAttr>
</domain:ns>
</domain:rem>
</domain:update>
</update>
</command>
</epp>
XML
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_update_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def assert_verification_and_notification_emails def assert_verification_and_notification_emails

82
test/integration/epp/login_test.rb
View file

@ -3,6 +3,11 @@ require 'test_helper'
class EppLoginTest < EppTestCase class EppLoginTest < EppTestCase
setup do setup do
@original_sessions_per_registrar_setting = EppSession.sessions_per_registrar @original_sessions_per_registrar_setting = EppSession.sessions_per_registrar
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
end end
teardown do teardown do
@ -181,6 +186,83 @@ class EppLoginTest < EppTestCase
assert_epp_response :session_limit_exceeded_server_closing_connection assert_epp_response :session_limit_exceeded_server_closing_connection
end end
def test_returns_valid_response_if_not_throttled
ENV["shunter_enabled"] = 'true'
user = users(:api_bestnames)
new_session_id = 'new-session-id'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<login>
<clID>#{user.username}</clID>
<pw>#{user.plain_text_password}</pw>
<options>
<version>1.0</version>
<lang>en</lang>
</options>
<svcs>
<objURI>#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}</objURI>
<objURI>#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}</objURI>
<objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:keyrelay-1.0</objURI>
</svcs>
</login>
</command>
</epp>
XML
post '/epp/session/login', params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => "session=#{new_session_id}" }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
user = users(:api_bestnames)
new_session_id = 'new-session-id'
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<login>
<clID>#{user.username}</clID>
<pw>#{user.plain_text_password}</pw>
<options>
<version>1.0</version>
<lang>en</lang>
</options>
<svcs>
<objURI>#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}</objURI>
<objURI>#{Xsd::Schema.filename(for_prefix: 'contact-ee', for_version: '1.1')}</objURI>
<objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:keyrelay-1.0</objURI>
</svcs>
</login>
</command>
</epp>
XML
post '/epp/session/login', params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => "session=#{new_session_id}" }
post '/epp/session/login', params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => "session=#{new_session_id}" }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def eliminate_effect_of_existing_epp_sessions def eliminate_effect_of_existing_epp_sessions

40
test/integration/epp/poll_test.rb
View file

@ -2,6 +2,8 @@ require 'test_helper'
class EppPollTest < EppTestCase class EppPollTest < EppTestCase
setup do setup do
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
@notification = notifications(:complete) @notification = notifications(:complete)
end end
@ -149,6 +151,44 @@ class EppPollTest < EppTestCase
assert_epp_response :authorization_error assert_epp_response :authorization_error
end end
def test_returns_valid_response_if_not_throttled
notification = notifications(:greeting)
request_xml = <<-XML
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
<command>
<poll op="ack" msgID="#{notification.id}"/>
</command>
</epp>
XML
post epp_poll_path, params: { frame: request_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :completed_successfully
assert_correct_against_schema response_xml
end
def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '1'
ENV["shunter_enabled"] = 'true'
post epp_poll_path, params: { frame: request_req_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
post epp_poll_path, params: { frame: request_req_xml },
headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
response_xml = Nokogiri::XML(response.body)
assert_epp_response :session_limit_exceeded_server_closing_connection
assert_correct_against_schema response_xml
assert response.body.include?(Shunter.default_error_message)
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
private private
def request_req_xml def request_req_xml