From fda58e9a410f22c07766f05040b63e2ae3f9eee0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= <karlerik@kreative.ee>
Date: Mon, 18 Jan 2021 17:23:31 +0200
Subject: [PATCH] REPP Domains: Allow create/read/update for domain-scoped
 contacts

---
 .../repp/v1/domains/contacts_controller.rb    | 59 +++++++++++++++++++
 app/models/actions/domain_update.rb           |  2 +-
 config/routes.rb                              |  2 +
 3 files changed, 62 insertions(+), 1 deletion(-)

diff --git a/app/controllers/repp/v1/domains/contacts_controller.rb b/app/controllers/repp/v1/domains/contacts_controller.rb
index 75404e0c6..631916a67 100644
--- a/app/controllers/repp/v1/domains/contacts_controller.rb
+++ b/app/controllers/repp/v1/domains/contacts_controller.rb
@@ -4,6 +4,53 @@ module Repp
       class ContactsController < BaseController
         before_action :set_current_contact, only: [:update]
         before_action :set_new_contact, only: [:update]
+        before_action :set_domain, only: %i[index create destroy]
+
+        api :GET, '/repp/v1/domains/:domain_name/contacts'
+        desc "View domain's admin and tech contacts"
+        def index
+          admin_contacts = @domain.admin_domain_contacts.pluck(:contact_code_cache)
+          tech_contacts = @domain.tech_domain_contacts.pluck(:contact_code_cache)
+
+          data = { admin_contacts: admin_contacts, tech_contacts: tech_contacts }
+          render_success(data: data)
+        end
+
+        api :POST, '/repp/v1/domains/:domain_name/contacts'
+        desc "Link new contact(s) to domain"
+        param :contacts, Array, required: true, desc: 'Array of new linked contacts' do
+          param :code, String, required: true, desc: 'Contact code'
+          param :type, String, required: true, desc: 'Role of contact (admin/tech)'
+        end
+        def create
+          contact_create_params[:contacts].each { |c| c[:action] = 'add' }
+          action = Actions::DomainUpdate.new(@domain, contact_create_params, current_user)
+
+          unless action.call
+            handle_errors(@domain)
+            return
+          end
+
+          render_success(data: { domain: { name: @domain.name } })
+        end
+
+        api :DELETE, '/repp/v1/domains/:domain_name/contacts'
+        desc "Remove contact(s) from domain"
+        param :contacts, Array, required: true, desc: 'Array of new linked contacts' do
+          param :code, String, required: true, desc: 'Contact code'
+          param :type, String, required: true, desc: 'Role of contact (admin/tech)'
+        end
+        def destroy
+          contact_create_params[:contacts].each { |c| c[:action] = 'rem' }
+          action = Actions::DomainUpdate.new(@domain, contact_create_params, current_user)
+
+          unless action.call
+            handle_errors(@domain)
+            return
+          end
+
+          render_success(data: { domain: { name: @domain.name } })
+        end
 
         def set_current_contact
           @current_contact = current_user.registrar.contacts.find_by!(
@@ -32,6 +79,18 @@ module Repp
 
         private
 
+        def set_domain
+          registrar = current_user.registrar
+          @domain = Epp::Domain.find_by(registrar: registrar, name: params[:domain_id])
+          @domain ||= Epp::Domain.find_by!(registrar: registrar, name_puny: params[:domain_id])
+
+          @domain
+        end
+
+        def contact_create_params
+          params.permit!
+        end
+
         def contact_params
           params.require(%i[current_contact_id new_contact_id])
           params.permit(:current_contact_id, :new_contact_id)
diff --git a/app/models/actions/domain_update.rb b/app/models/actions/domain_update.rb
index 7dbdbd336..4b4549286 100644
--- a/app/models/actions/domain_update.rb
+++ b/app/models/actions/domain_update.rb
@@ -154,7 +154,7 @@ module Actions
     def assign_contact(obj, add: false, admin: true, code:)
       if obj.blank?
         domain.add_epp_error('2303', 'contact', code, %i[domain_contacts not_found])
-      elsif obj.org? && admin
+      elsif obj.try(:org?) && admin && add
         domain.add_epp_error('2306', 'contact', code,
                              %i[domain_contacts admin_contact_can_be_only_private_person])
       else
diff --git a/config/routes.rb b/config/routes.rb
index 4fbed13aa..bcef0fa8d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -62,7 +62,9 @@ Rails.application.routes.draw do
       resources :domains, constraints: { id: /.*/ } do
         resources :nameservers, only: %i[create destroy], constraints: { id: /.*/ }, controller: 'domains/nameservers'
         resources :dnssec, only: %i[index create], constraints: { id: /.*/ }, controller: 'domains/dnssec'
+        resources :contacts, only: %i[index create], constraints: { id: /.*/ }, controller: 'domains/contacts'
         match "dnssec", to: "domains/dnssec#destroy", via: "delete", defaults: { id: nil }
+        match "contacts", to: "domains/contacts#destroy", via: "delete", defaults: { id: nil }
         collection do
           get ':id/transfer_info', to: 'domains#transfer_info', constraints: { id: /.*/ }
           post 'transfer', to: 'domains#transfer'