Merge remote-tracking branch 'origin/master' into log-bounced-emails

app/controllers/api/v1/registrant/companies_controller.rb

@@ -0,0 +1,52 @@
+require 'serializers/registrant_api/company'
+
+module Api
+  module V1
+    module Registrant
+      class CompaniesController < ::Api::V1::Registrant::BaseController
+        MAX_LIMIT = 200
+        MIN_OFFSET = 0
+
+        def index
+          result = error_result('limit') if limit > MAX_LIMIT || limit < 1
+          result = error_result('offset') if offset < MIN_OFFSET
+          result ||= companies_result(limit, offset)
+
+          render result
+        end
+
+        def current_user_companies
+          [:ok, current_registrant_user.companies]
+        rescue CompanyRegister::NotAvailableError
+          [:service_unavailable, []]
+        end
+
+        def limit
+          (params[:limit] || MAX_LIMIT).to_i
+        end
+
+        def offset
+          (params[:offset] || MIN_OFFSET).to_i
+        end
+
+        def error_result(attr_name)
+          { json: { errors: [{ attr_name.to_sym => ['parameter is out of range'] }] },
+            status: :bad_request }
+        end
+
+        def companies_result(limit, offset)
+          status, all_companies = current_user_companies
+          @companies = all_companies.drop(offset).first(limit)
+
+          serialized_companies = @companies.map do |item|
+            country_code = current_registrant_user.country.alpha3
+            serializer = ::Serializers::RegistrantApi::Company.new(company: item,
+                                                                   country_code: country_code)
+            serializer.to_json
+          end
+          { json: { companies: serialized_companies }, status: status }
+        end
+      end
+    end
+  end
+end

app/controllers/api/v1/registrant/contacts_controller.rb

@@ -91,7 +91,7 @@ module Api
         private
 
         def current_user_contacts
-          current_registrant_user.contacts
+          current_registrant_user.contacts(representable: false)
         rescue CompanyRegister::NotAvailableError
           current_registrant_user.direct_contacts
         end

app/controllers/epp/base_controller.rb

@@ -343,7 +343,9 @@ module Epp
     end
 
     def epp_session_id
-      cookies[:session] # Passed by mod_epp https://github.com/mod-epp/mod-epp#requestscript-interface
+      # Passed by EPP proxy
+      # https://github.com/internetee/epp_proxy#translation-of-epp-calls
+      cookies[:session]
     end
 
     def ensure_session_id_passed

app/controllers/registrant/sessions_controller.rb

@@ -1,81 +1,6 @@
 class Registrant::SessionsController < Devise::SessionsController
   layout 'registrant/application'
 
-  def login_mid
-    @user = User.new
-  end
-
-  def mid
-    phone = params[:user][:phone]
-    endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
-    client = Digidoc::Client.new(endpoint)
-    client.logger = Rails.application.config.logger unless Rails.env.test?
-
-    # country_codes = {'+372' => 'EST'}
-    response = client.authenticate(
-      phone: "+372#{phone}",
-      message_to_display: 'Authenticating',
-      service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
-    )
-
-    if response.faultcode
-      render json: { message: response.detail.message }, status: :unauthorized
-      return
-    end
-
-    @user = RegistrantUser.find_or_create_by_mid_data(response)
-
-    if @user.persisted?
-      session[:user_country] = response.user_country
-      session[:user_id_code] = response.user_id_code
-      session[:mid_session_code] = client.session_code
-
-      render json: {
-        message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
-      }, status: :ok
-    else
-      render json: { message: t(:no_such_user) }, status: :unauthorized
-    end
-  end
-
-  def mid_status
-    endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
-    client = Digidoc::Client.new(endpoint)
-    client.logger = Rails.application.config.logger unless Rails.env.test?
-    client.session_code = session[:mid_session_code]
-    auth_status = client.authentication_status
-
-    case auth_status.status
-    when 'OUTSTANDING_TRANSACTION'
-      render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
-    when 'USER_AUTHENTICATED'
-      @user = RegistrantUser.find_by(registrant_ident: "#{session[:user_country]}-#{session[:user_id_code]}")
-
-      sign_in(:registrant_user, @user)
-      flash[:notice] = t(:welcome)
-      flash.keep(:notice)
-      render js: "window.location = '#{registrant_root_path}'"
-    when 'NOT_VALID'
-      render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
-    when 'EXPIRED_TRANSACTION'
-      render json: { message: t(:session_timeout) }, status: :bad_request
-    when 'USER_CANCEL'
-      render json: { message: t(:user_cancelled) }, status: :bad_request
-    when 'MID_NOT_READY'
-      render json: { message: t(:mid_not_ready) }, status: :bad_request
-    when 'PHONE_ABSENT'
-      render json: { message: t(:phone_absent) }, status: :bad_request
-    when 'SENDING_ERROR'
-      render json: { message: t(:sending_error) }, status: :bad_request
-    when 'SIM_ERROR'
-      render json: { message: t(:sim_error) }, status: :bad_request
-    when 'INTERNAL_ERROR'
-      render json: { message: t(:internal_error) }, status: :bad_request
-    else
-      render json: { message: t(:internal_error) }, status: :bad_request
-    end
-  end
-
   private
 
   def after_sign_in_path_for(_resource_or_scope)

app/controllers/registrar/sessions_controller.rb

@@ -49,102 +49,6 @@ class Registrar
       end
     end
 
-    def id_card
-      self.resource = warden.authenticate!(auth_options)
-
-      restricted_ip = Authorization::RestrictedIP.new(request.ip)
-      ip_allowed = restricted_ip.can_access_registrar_area?(resource.registrar)
-
-      unless ip_allowed
-        render plain: t('registrar.authorization.ip_not_allowed', ip: request.ip)
-        warden.logout(:registrar_user)
-        return
-      end
-
-      set_flash_message!(:notice, :signed_in)
-      sign_in(resource_name, resource)
-      yield resource if block_given?
-      respond_with resource, location: after_sign_in_path_for(resource)
-    end
-
-    def login_mid
-      @user = User.new
-    end
-
-    def mid
-      phone = params[:user][:phone]
-      endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
-      client = Digidoc::Client.new(endpoint)
-      client.logger = Rails.application.config.logger unless Rails.env.test?
-
-      # country_codes = {'+372' => 'EST'}
-      phone.gsub!('+372', '')
-      response = client.authenticate(
-        phone: "+372#{phone}",
-        message_to_display: 'Authenticating',
-        service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
-      )
-
-      if response.faultcode
-        render json: { message: response.detail.message }, status: :unauthorized
-        return
-      end
-
-      if Setting.registrar_ip_whitelist_enabled
-        @user = find_user_by_idc_and_allowed(response.user_id_code)
-      else
-        @user = find_user_by_idc(response.user_id_code)
-      end
-
-      if @user.persisted?
-        session[:user_id_code] = response.user_id_code
-        session[:mid_session_code] = client.session_code
-
-        render json: {
-          message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
-        }, status: :ok
-      else
-        render json: { message: t(:no_such_user) }, status: :unauthorized
-      end
-    end
-
-    def mid_status
-      endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
-      client = Digidoc::Client.new(endpoint)
-      client.logger = Rails.application.config.logger unless Rails.env.test?
-      client.session_code = session[:mid_session_code]
-      auth_status = client.authentication_status
-
-      case auth_status.status
-        when 'OUTSTANDING_TRANSACTION'
-          render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
-        when 'USER_AUTHENTICATED'
-          @user = find_user_by_idc_and_allowed(session[:user_id_code])
-          sign_in(:registrar_user, @user)
-          flash[:notice] = t(:welcome)
-          flash.keep(:notice)
-          render js: "window.location = '#{after_sign_in_path_for(@user)}'"
-        when 'NOT_VALID'
-          render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
-        when 'EXPIRED_TRANSACTION'
-          render json: { message: t(:session_timeout) }, status: :bad_request
-        when 'USER_CANCEL'
-          render json: { message: t(:user_cancelled) }, status: :bad_request
-        when 'MID_NOT_READY'
-          render json: { message: t(:mid_not_ready) }, status: :bad_request
-        when 'PHONE_ABSENT'
-          render json: { message: t(:phone_absent) }, status: :bad_request
-        when 'SENDING_ERROR'
-          render json: { message: t(:sending_error) }, status: :bad_request
-        when 'SIM_ERROR'
-          render json: { message: t(:sim_error) }, status: :bad_request
-        when 'INTERNAL_ERROR'
-          render json: { message: t(:internal_error) }, status: :bad_request
-        else
-          render json: { message: t(:internal_error) }, status: :bad_request
-      end
-    end
-
     private
 
     def depp_controller?

app/controllers/sso/tara_controller.rb

@@ -0,0 +1,40 @@
+module Sso
+  class TaraController < ApplicationController
+    skip_authorization_check
+
+    def registrant_callback
+      user = RegistrantUser.find_or_create_by_omniauth_data(user_hash)
+      callback(user, registrar: false)
+    end
+
+    def registrar_callback
+      user = ApiUser.from_omniauth(user_hash)
+      callback(user, registrar: true)
+    end
+
+    # rubocop:disable Style/AndOr
+    def callback(user, registrar: true)
+      session[:omniauth_hash] = user_hash
+      (show_error(registrar: registrar) and return) unless user
+
+      flash[:notice] = t(:signed_in_successfully)
+      sign_in_and_redirect(registrar ? :registrar_user : :registrant_user, user)
+    end
+    # rubocop:enable Style/AndOr
+
+    def cancel
+      redirect_to root_path, notice: t(:sign_in_cancelled)
+    end
+
+    def show_error(registrar: true)
+      path = registrar ? new_registrar_user_session_url : new_registrant_user_session_url
+      redirect_to path, alert: t(:no_such_user)
+    end
+
+    private
+
+    def user_hash
+      request.env['omniauth.auth']
+    end
+  end
+end