#3766: Prevent registry domain creation on /admin domain page - [KMA] (#3900)

Co-authored-by: Rebecca Hsieh <rebecca.hsieh@truss.works>

src/registrar/admin.py

@@ -4126,13 +4126,13 @@ class DomainAdmin(ListHeaderAdmin, ImportExportRegistrarModelAdmin):
         return obj.domain_info.state_territory if obj.domain_info else None
 
     def dnssecdata(self, obj):
-        return "Yes" if obj.dnssecdata else "No"
+        return "No" if obj.state == Domain.State.UNKNOWN or not obj.dnssecdata else "Yes"
 
     dnssecdata.short_description = "DNSSEC enabled"  # type: ignore
 
     # Custom method to display formatted nameservers
     def nameservers(self, obj):
-        if not obj.nameservers:
+        if obj.state == Domain.State.UNKNOWN or not obj.nameservers:
             return "No nameservers"
 
         formatted_nameservers = []

src/registrar/models/domain.py

@@ -1557,7 +1557,7 @@ class Domain(TimeStampedModel, DomainHelper):
     # ForeignKey on DomainInvitation creates an "invitations" member for
     # all of the invitations that have been sent for this domain
 
-    def _get_or_create_domain(self):
+    def _get_or_create_domain_in_registry(self):
         """Try to fetch info about this domain. Create it if it does not exist."""
         already_tried_to_create = False
         exitEarly = False
@@ -2059,7 +2059,7 @@ class Domain(TimeStampedModel, DomainHelper):
     def _fetch_cache(self, fetch_hosts=False, fetch_contacts=False):
         """Contact registry for info about a domain."""
         try:
-            data_response = self._get_or_create_domain()
+            data_response = self._get_or_create_domain_in_registry()
             cache = self._extract_data_from_response(data_response)
             cleaned = self._clean_cache(cache, data_response)
             self._update_hosts_and_contacts(cleaned, fetch_hosts, fetch_contacts)

src/registrar/tests/test_admin.py

@@ -4621,3 +4621,45 @@ class TestTransferUser(WebTest):
         """Assert modal on page"""
         user_transfer_page = self.app.get(reverse("transfer_user", args=[self.user1.pk]))
         self.assertContains(user_transfer_page, "This action cannot be undone.")
+
+
+class TestDomainAdminState(TestCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.superuser = create_superuser()
+
+    def setUp(self):
+        super().setUp()
+        self.client = Client(HTTP_HOST="localhost:8080")
+        p = "adminpass"
+        self.client.login(username="superuser", password=p)
+
+    def test_domain_state_remains_unknown_on_refresh(self):
+        """
+        Making sure we do NOT do a domain registry lookup or creation
+        when we click into the domain in /admin
+        """
+
+        # 1. Create domain request
+        domain_request = completed_domain_request(
+            status=DomainRequest.DomainRequestStatus.IN_REVIEW, name="domain_stays_unknown.gov"
+        )
+
+        # 2. Approve the request + retrieve the domain
+        domain_request.approve()
+        domain_stays_unknown = domain_request.approved_domain
+
+        # 3. Confirm it's UNKNOWN state after approval
+        self.assertEqual(domain_stays_unknown.state, Domain.State.UNKNOWN)
+
+        # 4. Go to the admin "change" page for this domain
+        url = reverse("admin:registrar_domain_change", args=[domain_stays_unknown.pk])
+
+        response = self.client.get(url)
+        self.assertContains(response, "UNKNOWN")
+
+        # 5. Refresh and check that the state is still UNKNOWN
+        response = self.client.get(url)
+        self.assertContains(response, "UNKNOWN")
+        self.assertNotContains(response, "DNS NEEDED")