zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-25 03:58:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/master' into log-bounced-emails

Browse source
This commit is contained in:
Karl Erik Õunapuu 2020-10-27 11:34:19 +02:00
commit fc34105c40
No known key found for this signature in database
GPG key ID: C9DD647298A34764
70 changed files with 791 additions and 4967 deletions
Download patch file Download diff file Expand all files Collapse all files

52
app/controllers/api/v1/registrant/companies_controller.rb Normal file
View file

@ -0,0 +1,52 @@
require 'serializers/registrant_api/company'
module Api
module V1
module Registrant
class CompaniesController < ::Api::V1::Registrant::BaseController
MAX_LIMIT = 200
MIN_OFFSET = 0
def index
result = error_result('limit') if limit > MAX_LIMIT || limit < 1
result = error_result('offset') if offset < MIN_OFFSET
result ||= companies_result(limit, offset)
render result
end
def current_user_companies
[:ok, current_registrant_user.companies]
rescue CompanyRegister::NotAvailableError
[:service_unavailable, []]
end
def limit
(params[:limit] || MAX_LIMIT).to_i
end
def offset
(params[:offset] || MIN_OFFSET).to_i
end
def error_result(attr_name)
{ json: { errors: [{ attr_name.to_sym => ['parameter is out of range'] }] },
status: :bad_request }
end
def companies_result(limit, offset)
status, all_companies = current_user_companies
@companies = all_companies.drop(offset).first(limit)
serialized_companies = @companies.map do |item|
country_code = current_registrant_user.country.alpha3
serializer = ::Serializers::RegistrantApi::Company.new(company: item,
country_code: country_code)
serializer.to_json
end
{ json: { companies: serialized_companies }, status: status }
end
end
end
end
end

2
app/controllers/api/v1/registrant/contacts_controller.rb
View file

@ -91,7 +91,7 @@ module Api
private
def current_user_contacts
current_registrant_user.contacts
current_registrant_user.contacts(representable: false)
rescue CompanyRegister::NotAvailableError
current_registrant_user.direct_contacts
end

4
app/controllers/epp/base_controller.rb
View file

@ -343,7 +343,9 @@ module Epp
end
def epp_session_id
cookies[:session] # Passed by mod_epp https://github.com/mod-epp/mod-epp#requestscript-interface
# Passed by EPP proxy
# https://github.com/internetee/epp_proxy#translation-of-epp-calls
cookies[:session]
end
def ensure_session_id_passed

75
app/controllers/registrant/sessions_controller.rb
View file

@ -1,81 +1,6 @@
class Registrant::SessionsController < Devise::SessionsController
layout 'registrant/application'
def login_mid
@user = User.new
end
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
# country_codes = {'+372' => 'EST'}
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end
@user = RegistrantUser.find_or_create_by_mid_data(response)
if @user.persisted?
session[:user_country] = response.user_country
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = RegistrantUser.find_by(registrant_ident: "#{session[:user_country]}-#{session[:user_id_code]}")
sign_in(:registrant_user, @user)
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{registrant_root_path}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end
private
def after_sign_in_path_for(_resource_or_scope)

96
app/controllers/registrar/sessions_controller.rb
View file

@ -49,102 +49,6 @@ class Registrar
end
end
def id_card
self.resource = warden.authenticate!(auth_options)
restricted_ip = Authorization::RestrictedIP.new(request.ip)
ip_allowed = restricted_ip.can_access_registrar_area?(resource.registrar)
unless ip_allowed
render plain: t('registrar.authorization.ip_not_allowed', ip: request.ip)
warden.logout(:registrar_user)
return
end
set_flash_message!(:notice, :signed_in)
sign_in(resource_name, resource)
yield resource if block_given?
respond_with resource, location: after_sign_in_path_for(resource)
end
def login_mid
@user = User.new
end
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
# country_codes = {'+372' => 'EST'}
phone.gsub!('+372', '')
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end
if Setting.registrar_ip_whitelist_enabled
@user = find_user_by_idc_and_allowed(response.user_id_code)
else
@user = find_user_by_idc(response.user_id_code)
end
if @user.persisted?
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = find_user_by_idc_and_allowed(session[:user_id_code])
sign_in(:registrar_user, @user)
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{after_sign_in_path_for(@user)}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end
private
def depp_controller?

40
app/controllers/sso/tara_controller.rb Normal file
View file

@ -0,0 +1,40 @@
module Sso
class TaraController < ApplicationController
skip_authorization_check
def registrant_callback
user = RegistrantUser.find_or_create_by_omniauth_data(user_hash)
callback(user, registrar: false)
end
def registrar_callback
user = ApiUser.from_omniauth(user_hash)
callback(user, registrar: true)
end
# rubocop:disable Style/AndOr
def callback(user, registrar: true)
session[:omniauth_hash] = user_hash
(show_error(registrar: registrar) and return) unless user
flash[:notice] = t(:signed_in_successfully)
sign_in_and_redirect(registrar ? :registrar_user : :registrant_user, user)
end
# rubocop:enable Style/AndOr
def cancel
redirect_to root_path, notice: t(:sign_in_cancelled)
end
def show_error(registrar: true)
path = registrar ? new_registrar_user_session_url : new_registrant_user_session_url
redirect_to path, alert: t(:no_such_user)
end
private
def user_hash
request.env['omniauth.auth']
end
end
end

8
app/models/api_user.rb
View file

@ -2,7 +2,7 @@ require 'open3'
class ApiUser < User
include EppErrors
devise :database_authenticatable, :trackable, :timeoutable, :id_card_authenticatable,
devise :database_authenticatable, :trackable, :timeoutable,
authentication_keys: [:username]
def epp_code_map
@ -47,12 +47,6 @@ class ApiUser < User
self.active = true unless saved_change_to_active?
end
class << self
def find_by_id_card(id_card)
find_by(identity_code: id_card.personal_code)
end
end
def to_s
username
end

2
app/models/concerns/job/force_delete_notify.rb
View file

@ -15,7 +15,7 @@ module Concerns
domain.registrar.notifications.create!(text: I18n.t('grace_period_started_domain',
domain_name: domain.name,
date: domain.force_delete_start))
send_mail(domain)
send_mail(domain) if domain.template_name.present?
domain.update(contact_notification_sent_date: Time.zone.today)
end

11
app/models/contact.rb
View file

@ -210,10 +210,13 @@ class Contact < ApplicationRecord
)
end
def registrant_user_contacts(registrant_user)
registrant_user_direct_contacts(registrant_user)
.or(registrant_user_company_contacts(registrant_user))
.or(registrant_user_indirect_contacts(registrant_user))
def registrant_user_contacts(registrant_user, representable: true)
represented_contacts = registrant_user_direct_contacts(registrant_user)
.or(registrant_user_company_contacts(registrant_user))
return represented_contacts if representable
represented_contacts.or(registrant_user_indirect_contacts(registrant_user))
end
def registrant_user_direct_contacts(registrant_user)

17
app/models/domain.rb
View file

@ -306,11 +306,7 @@ class Domain < ApplicationRecord
end
def renewable?
blocking_statuses = [DomainStatus::DELETE_CANDIDATE, DomainStatus::PENDING_RENEW,
DomainStatus::PENDING_TRANSFER, DomainStatus::DISPUTED,
DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_DELETE,
DomainStatus::PENDING_DELETE_CONFIRMATION]
return false if statuses.include_any? blocking_statuses
return false unless renew_blocking_statuses.empty?
return true unless Setting.days_to_renew_domain_before_expire != 0
# if you can renew domain at days_to_renew before domain expiration
@ -321,6 +317,15 @@ class Domain < ApplicationRecord
true
end
def renew_blocking_statuses
disallowed = [DomainStatus::DELETE_CANDIDATE, DomainStatus::PENDING_RENEW,
DomainStatus::PENDING_TRANSFER, DomainStatus::CLIENT_RENEW_PROHIBITED,
DomainStatus::PENDING_UPDATE, DomainStatus::PENDING_DELETE,
DomainStatus::PENDING_DELETE_CONFIRMATION, DomainStatus::SERVER_RENEW_PROHIBITED]
(statuses & disallowed)
end
def notify_registrar(message_key)
registrar.notifications.create!(
text: "#{I18n.t(message_key)}: #{name}",
@ -484,7 +489,7 @@ class Domain < ApplicationRecord
end
def pending_update?
statuses.include?(DomainStatus::PENDING_UPDATE) && !statuses.include?(DomainStatus::FORCE_DELETE)
statuses.include?(DomainStatus::PENDING_UPDATE)
end
# depricated not used, not valid

12
app/models/epp/domain.rb
View file

@ -581,11 +581,14 @@ class Epp::Domain < Domain
save(validate: false)
end
### RENEW ###
def renew(cur_exp_date, period, unit = 'y')
@is_renewal = true
validate_exp_dates(cur_exp_date)
add_epp_error('2105', nil, nil, I18n.t('object_is_not_eligible_for_renewal')) unless renewable?
add_renew_epp_errors unless renewable?
return false if errors.any?
period = period.to_i
@ -613,6 +616,13 @@ class Epp::Domain < Domain
save
end
def add_renew_epp_errors
if renew_blocking_statuses.any? && !renewable?
add_epp_error('2304', 'status', renew_blocking_statuses,
I18n.t('object_status_prohibits_operation'))
end
end
### TRANSFER ###
def transfer(frame, action, current_user)

6
app/models/id_card.rb
View file

@ -1,6 +0,0 @@
class IdCard
attr_accessor :first_name
attr_accessor :last_name
attr_accessor :personal_code
attr_accessor :country_code
end

28
app/models/registrant_user.rb
View file

@ -1,7 +1,7 @@
class RegistrantUser < User
attr_accessor :idc_data
devise :trackable, :timeoutable, :id_card_authenticatable
devise :trackable, :timeoutable
def ability
@ability ||= Ability.new(self)
@ -22,8 +22,8 @@ class RegistrantUser < User
citizen_country_code: country.alpha3)
end
def contacts
Contact.registrant_user_contacts(self)
def contacts(representable: true)
Contact.registrant_user_contacts(self, representable: representable)
end
def direct_contacts
@ -66,23 +66,19 @@ class RegistrantUser < User
find_or_create_by_user_data(user_data)
end
def find_or_create_by_mid_data(response)
user_data = { first_name: response.user_givenname, last_name: response.user_surname,
ident: response.user_id_code, country_code: response.user_country }
def find_or_create_by_omniauth_data(omniauth_hash)
uid = omniauth_hash['uid']
identity_code = uid.slice(2..-1)
country_code = uid.slice(0..1)
first_name = omniauth_hash.dig('info', 'first_name')
last_name = omniauth_hash.dig('info', 'last_name')
user_data = { first_name: first_name, last_name: last_name,
ident: identity_code, country_code: country_code }
find_or_create_by_user_data(user_data)
end
def find_by_id_card(id_card)
registrant_ident = "#{id_card.country_code}-#{id_card.personal_code}"
username = [id_card.first_name, id_card.last_name].join("\s")
user = find_or_initialize_by(registrant_ident: registrant_ident)
user.username = username
user.save!
user
end
private
def find_or_create_by_user_data(user_data = {})

7
app/models/user.rb
View file

@ -11,4 +11,11 @@ class User < ApplicationRecord
"#{self.id}-#{self.class}: #{self.username}"
end
def self.from_omniauth(omniauth_hash)
uid = omniauth_hash['uid']
identity_code = uid.slice(2..-1)
# country_code = uid.slice(0..1)
find_by(identity_code: identity_code)
end
end

4
app/views/admin/domain_versions/archive.haml
View file

@ -57,7 +57,7 @@
- if version
- attributes = only_present_fields(version, Domain)
- domain = Domain.new(attributes)
- attach_existing_fields(version, domain)
- attach_existing_fields(version, domain) unless version.event == 'destroy'
%tr
%td= link_to(domain.name, admin_domain_version_path(version.id))
@ -67,7 +67,7 @@
- else
- contact = Contact.all_versions_for([domain.registrant_id], version.created_at).first
- if contact.nil? && ver = ContactVersion.where(item_id: domain.registrant_id).last
- contact = Contact.new(ver.object.to_h.merge(ver.object_changes.to_h.each_with_object({}){|(k,v), o| o.public_send("#{k}=", v.last) } ))
- contact = Contact.new(ver.object.to_h.merge(ver.object_changes.to_h.each_with_object({}) {|(k,v), o| o[k] = v.last }))
= contact.try(:name)
= "&#160;".html_safe
= "(#{t(:deleted)})"

2
app/views/admin/domain_versions/show.haml
View file

@ -1,6 +1,6 @@
- present_fields = only_present_fields(@version, Domain)
- domain = Domain.new(present_fields)
- attach_existing_fields(@version, domain)
- attach_existing_fields(@version, domain) unless @version.event == 'destroy'
- if @version
- children = HashWithIndifferentAccess.new(@version.children)

40
app/views/registrant/sessions/login_mid.haml
View file

@ -1,40 +0,0 @@
.row
.form-signin.col-md-4.center-block.text-center
%h2.form-signin-heading.text-center= t '.header'
%hr
= form_for @user, url: registrant_mid_path, html: {class: 'form-signin'} do |f|
= f.text_field :phone, class: 'form-control',
placeholder: t(:phone_no), autocomplete: 'off', required: true
%button.btn.btn-lg.btn-primary.btn-block.js-login{:type => 'submit'}= t '.submit_btn'
- if ['development', 'alpha'].include?(Rails.env)
%div.text-center
00007, 60000007, 00000766
:coffee
load_listener = ->
$('.js-login').attr('disabled', false)
status_interval = null
mid_status = () ->
status_interval = setInterval((->
$.post('/registrant/login/mid_status').fail((data) ->
clearInterval(status_interval)
flash_alert(data.responseJSON.message)
$('.js-login').attr('disabled', false)
)
), 1000)
$('.js-login').on 'click', (e) ->
e.preventDefault();
$(this).attr('disabled', true)
$.post($('form').attr('action'), $('form').serialize()).done((data) ->
if data.message
flash_notice(data.message)
mid_status()
).fail((data) ->
flash_alert(data.responseJSON.message)
$('.js-login').attr('disabled', false)
)
window.addEventListener 'load', load_listener

9
app/views/registrant/sessions/new.html.erb
View file

@ -8,11 +8,6 @@
<%= t '.hint' %>
</div>
<br/>
<%= link_to '/registrant/login/mid' do %>
<%= image_tag 'mid.gif' %>
<% end %>
<%= link_to registrant_id_card_sign_in_path, method: :post do %>
<%= image_tag 'id_card.gif' %>
<% end %>
<%= link_to t(:sign_in), "/auth/rant_tara", method: :post, class: 'btn btn-lg btn-primary btn-block' %>
</div>
</div>
</div>

40
app/views/registrar/sessions/login_mid.haml
View file

@ -1,40 +0,0 @@
.row
.form-signin.col-md-4.center-block.text-center
%h2.form-signin-heading.text-center= t '.header'
%hr
= form_for @user, url: registrar_mid_path, html: {class: 'form-signin'} do |f|
= f.text_field :phone, class: 'form-control',
placeholder: t(:phone_no), autocomplete: 'off', required: true
%button.btn.btn-lg.btn-primary.btn-block.js-login{:type => 'submit'}= t '.submit_btn'
- if ['development', 'alpha'].include?(Rails.env)
%div.text-center
00007, 60000007, 00000766
:coffee
load_listener = ->
$('.js-login').attr('disabled', false)
status_interval = null
mid_status = () ->
status_interval = setInterval((->
$.post('/registrar/login/mid_status').fail((data) ->
clearInterval(status_interval)
flash_alert(data.responseJSON.message)
$('.js-login').attr('disabled', false)
)
), 1000)
$('.js-login').on 'click', (e) ->
e.preventDefault();
$(this).attr('disabled', true)
$.post($('form').attr('action'), $('form').serialize()).done((data) ->
if data.message
flash_notice(data.message)
mid_status()
).fail((data) ->
flash_alert(data.responseJSON.message)
$('.js-login').attr('disabled', false)
)
window.addEventListener 'load', load_listener

14
app/views/registrar/sessions/new.html.erb
View file

@ -19,12 +19,10 @@
<hr>
<%= link_to '/registrar/login/mid', id: 'login-with-mobile-id-btn' do %>
<%= image_tag 'mid.gif' %>
<% end %>
<%= link_to registrar_id_card_sign_in_path, method: :post do %>
<%= image_tag 'id_card.gif' %>
<% end %>
<div id="tara-sign-in" class="login-block ui segment">
<h3><%= t('.sign_in_with_identity_document') %></h3>
<p><%= t('.identity_document_text')%></p>
<%= link_to t(:sign_in), "/auth/tara", method: :post, class: 'btn btn-lg btn-primary btn-block' %>
</div>
</div>
</div>
</div>

0
app/views/registrar/tara/callback.html.erb Normal file
View file