require 'test_helper' require 'auth_token/auth_token_creator' class RegistrantApiRegistryLocksTest < ApplicationIntegrationTest def setup super @user = users(:registrant) @domain = domains(:airport) @auth_headers = { 'HTTP_AUTHORIZATION' => auth_token } end def test_can_lock_a_not_locked_domain post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED)) assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED)) assert(response_json[:statuses].include?(DomainStatus::SERVER_OBJ_UPDATE_PROHIBITED)) @domain.reload assert(@domain.locked_by_registrant?) end def test_locking_a_domain_creates_a_version_record assert_difference '@domain.versions.count', 1 do post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers end @domain.reload assert_equal(@domain.updator, @user) end def test_cannot_lock_a_domain_in_pending_state @domain.statuses << DomainStatus::PENDING_UPDATE @domain.save post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert_equal(422, response.status) assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json) end def test_cannot_lock_an_already_locked_domain @domain.apply_registry_lock(extensions_prohibited: false) assert(@domain.locked_by_registrant?) post '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert_equal(422, response.status) assert_equal({ errors: [{ base: ['Domain cannot be locked'] }] }, response_json) end def test_can_unlock_a_locked_domain @domain.apply_registry_lock(extensions_prohibited: false) delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert(response_json[:statuses].include?(DomainStatus::OK)) refute(response_json[:locked_by_registrant_at]) @domain.reload refute(@domain.locked_by_registrant?) end def test_cannot_unlock_a_not_locked_domain delete '/api/v1/registrant/domains/2df2c1a1-8f6a-490a-81be-8bdf29866880/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert_equal(422, response.status) assert_equal({ errors: [{ base: ['Domain is not locked'] }] }, response_json) end def test_returns_404_when_domain_is_not_found post '/api/v1/registrant/domains/random-uuid/registry_lock', headers: @auth_headers response_json = JSON.parse(response.body, symbolize_names: true) assert_equal(404, response.status) assert_equal({ errors: [{ base: ['Domain not found'] }] }, response_json) end def test_technical_contact_cannot_lock_a_domain domain = domains(:shop) contact = contacts(:john) domain.update!(registrant: contacts(:william).becomes(Registrant)) domain.tech_contacts = [contact] domain.admin_contacts.clear assert_equal 'US-1234', @user.registrant_ident assert_equal '1234', contact.ident assert_equal 'US', contact.ident_country_code post api_v1_registrant_domain_registry_lock_path(domain.uuid), headers: @auth_headers assert_response :unauthorized response_json = JSON.parse(response.body, symbolize_names: true) assert_equal({ errors: [{ base: ['Only administrative contacts can manage registry locks'] }] }, response_json) end def test_registrant_can_lock_a_domain post '/api/v1/registrant/domains/1b3ee442-e8fe-4922-9492-8fcb9dccc69c/registry_lock', headers: @auth_headers assert_equal(200, response.status) response_json = JSON.parse(response.body, symbolize_names: true) assert(response_json[:statuses].include?(DomainStatus::SERVER_DELETE_PROHIBITED)) assert(response_json[:statuses].include?(DomainStatus::SERVER_TRANSFER_PROHIBITED)) assert(response_json[:statuses].include?(DomainStatus::SERVER_OBJ_UPDATE_PROHIBITED)) end def test_locking_domains_returns_serialized_domain_object travel_to Time.zone.parse('2010-07-05') assert_equal 'Best Names', @domain.registrar.name assert_equal 'https://bestnames.test', @domain.registrar.website post '/api/v1/registrant/domains/1b3ee442-e8fe-4922-9492-8fcb9dccc69c/registry_lock', headers: @auth_headers assert_equal(200, response.status) response_json = JSON.parse(response.body, symbolize_names: true) assert_equal({ name: 'Best Names', website: 'https://bestnames.test' }, response_json[:registrar]) assert_equal({:name=>"John", :id=>"eb2f2766-b44c-4e14-9f16-32ab1a7cb957", :ident=>"1234", :ident_type=>"priv", :ident_country_code=>"US", :phone=>"+555.555", :email=>"john@inbox.test", :org=>false}, response_json[:registrant]) assert_equal([{name: 'Jane', id: '9db3de62-2414-4487-bee2-d5c155567768', email: 'jane@mail.test' }], response_json[:admin_contacts]) assert_equal([{name: 'William', id: '0aa54704-d6f7-4ca9-b8ca-2827d9a4e4eb', email: 'william@inbox.test'}, {name: 'Acme Ltd', id: 'f1dd365c-5be9-4b3d-a44e-3fa002465e4d', email: 'acme@outlook.test' }].to_set, response_json[:tech_contacts].to_set) assert_equal( [{hostname: 'ns1.bestnames.test', ipv4: ['192.0.2.1'], ipv6: ['2001:db8::1']}, {hostname: 'ns2.bestnames.test', ipv4: ['192.0.2.2'], ipv6: ['2001:db8::2']}].to_set, response_json[:nameservers].to_set) assert_equal(Time.zone.parse('2010-07-05'), response_json[:locked_by_registrant_at]) end private def auth_token token_creator = AuthTokenCreator.create_with_defaults(@user) hash = token_creator.token_in_hash "Bearer #{hash[:access_token]}" end end