mirror of
https://github.com/google/nomulus
synced 2026-01-07 14:05:44 +00:00
Disable console whois (#2741)
This commit is contained in:
Pavlo Tkach
GitHub
@@ -127,8 +127,8 @@ import google.registry.ui.server.console.ConsoleUsersAction;
|
||||
import google.registry.ui.server.console.RegistrarsAction;
|
||||
import google.registry.ui.server.console.domains.ConsoleBulkDomainAction;
|
||||
import google.registry.ui.server.console.settings.ContactAction;
|
||||
import google.registry.ui.server.console.settings.RdapRegistrarFieldsAction;
|
||||
import google.registry.ui.server.console.settings.SecurityAction;
|
||||
import google.registry.ui.server.console.settings.WhoisRegistrarFieldsAction;
|
||||
import google.registry.whois.WhoisAction;
|
||||
import google.registry.whois.WhoisHttpAction;
|
||||
import google.registry.whois.WhoisModule;
|
||||
@@ -337,7 +337,7 @@ interface RequestComponent {
|
||||
|
||||
WhoisHttpAction whoisHttpAction();
|
||||
|
||||
WhoisRegistrarFieldsAction whoisRegistrarFieldsAction();
|
||||
RdapRegistrarFieldsAction rdapRegistrarFieldsAction();
|
||||
|
||||
WipeOutContactHistoryPiiAction wipeOutContactHistoryPiiAction();
|
||||
|
||||
|
||||
@@ -41,8 +41,8 @@ import google.registry.ui.server.console.ConsoleUsersAction;
|
||||
import google.registry.ui.server.console.RegistrarsAction;
|
||||
import google.registry.ui.server.console.domains.ConsoleBulkDomainAction;
|
||||
import google.registry.ui.server.console.settings.ContactAction;
|
||||
import google.registry.ui.server.console.settings.RdapRegistrarFieldsAction;
|
||||
import google.registry.ui.server.console.settings.SecurityAction;
|
||||
import google.registry.ui.server.console.settings.WhoisRegistrarFieldsAction;
|
||||
|
||||
/** Dagger component with per-request lifetime for "default" App Engine module. */
|
||||
@RequestScope
|
||||
@@ -92,7 +92,7 @@ public interface FrontendRequestComponent {
|
||||
|
||||
SecurityAction securityAction();
|
||||
|
||||
WhoisRegistrarFieldsAction whoisRegistrarFieldsAction();
|
||||
RdapRegistrarFieldsAction rdapRegistrarFieldsAction();
|
||||
|
||||
@Subcomponent.Builder
|
||||
abstract class Builder implements RequestComponentBuilder<FrontendRequestComponent> {
|
||||
|
||||
@@ -17,7 +17,6 @@ package google.registry.ui.server.console.settings;
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static google.registry.request.Action.Method.POST;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_FORBIDDEN;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_OK;
|
||||
|
||||
@@ -36,7 +35,6 @@ import google.registry.request.auth.AuthenticatedRegistrarAccessor.RegistrarAcce
|
||||
import google.registry.ui.server.console.ConsoleApiAction;
|
||||
import google.registry.ui.server.console.ConsoleApiParams;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
@@ -48,17 +46,17 @@ import java.util.Optional;
|
||||
@Action(
|
||||
service = GaeService.DEFAULT,
|
||||
gkeService = GkeService.CONSOLE,
|
||||
path = WhoisRegistrarFieldsAction.PATH,
|
||||
path = RdapRegistrarFieldsAction.PATH,
|
||||
method = {POST},
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class WhoisRegistrarFieldsAction extends ConsoleApiAction {
|
||||
public class RdapRegistrarFieldsAction extends ConsoleApiAction {
|
||||
|
||||
static final String PATH = "/console-api/settings/whois-fields";
|
||||
static final String PATH = "/console-api/settings/rdap-fields";
|
||||
private final AuthenticatedRegistrarAccessor registrarAccessor;
|
||||
private final Optional<Registrar> registrar;
|
||||
|
||||
@Inject
|
||||
public WhoisRegistrarFieldsAction(
|
||||
public RdapRegistrarFieldsAction(
|
||||
ConsoleApiParams consoleApiParams,
|
||||
AuthenticatedRegistrarAccessor registrarAccessor,
|
||||
@Parameter("registrar") Optional<Registrar> registrar) {
|
||||
@@ -72,10 +70,10 @@ public class WhoisRegistrarFieldsAction extends ConsoleApiAction {
|
||||
checkArgument(registrar.isPresent(), "'registrar' parameter is not present");
|
||||
checkPermission(
|
||||
user, registrar.get().getRegistrarId(), ConsolePermission.EDIT_REGISTRAR_DETAILS);
|
||||
tm().transact(() -> loadAndModifyRegistrar(registrar.get(), user));
|
||||
tm().transact(() -> loadAndModifyRegistrar(registrar.get()));
|
||||
}
|
||||
|
||||
private void loadAndModifyRegistrar(Registrar providedRegistrar, User user) {
|
||||
private void loadAndModifyRegistrar(Registrar providedRegistrar) {
|
||||
Registrar savedRegistrar;
|
||||
try {
|
||||
// reload to make sure the object has all the correct fields
|
||||
@@ -85,24 +83,12 @@ public class WhoisRegistrarFieldsAction extends ConsoleApiAction {
|
||||
return;
|
||||
}
|
||||
|
||||
// icannReferralEmail can't be updated by partners, only by global users with
|
||||
// EDIT_REGISTRAR_DETAILS permission
|
||||
if (!Objects.equals(
|
||||
savedRegistrar.getIcannReferralEmail(), providedRegistrar.getIcannReferralEmail())
|
||||
&& !user.getUserRoles().hasGlobalPermission(ConsolePermission.EDIT_REGISTRAR_DETAILS)) {
|
||||
setFailedResponse(
|
||||
"Icann Referral Email update is not permitted for this user", SC_BAD_REQUEST);
|
||||
}
|
||||
|
||||
Registrar newRegistrar =
|
||||
savedRegistrar
|
||||
.asBuilder()
|
||||
.setWhoisServer(providedRegistrar.getWhoisServer())
|
||||
.setUrl(providedRegistrar.getUrl())
|
||||
.setLocalizedAddress(providedRegistrar.getLocalizedAddress())
|
||||
.setPhoneNumber(providedRegistrar.getPhoneNumber())
|
||||
.setFaxNumber(providedRegistrar.getFaxNumber())
|
||||
.setIcannReferralEmail(providedRegistrar.getIcannReferralEmail())
|
||||
.setEmailAddress(providedRegistrar.getEmailAddress())
|
||||
.build();
|
||||
tm().put(newRegistrar);
|
||||
@@ -53,8 +53,8 @@ import org.joda.time.DateTime;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
|
||||
/** Tests for {@link WhoisRegistrarFieldsAction}. */
|
||||
public class WhoisRegistrarFieldsActionTest {
|
||||
/** Tests for {@link RdapRegistrarFieldsAction}. */
|
||||
public class RdapRegistrarFieldsActionTest {
|
||||
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
@@ -89,8 +89,6 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
@Test
|
||||
void testSuccess_setsAllFields() throws Exception {
|
||||
Registrar oldRegistrar = Registrar.loadRequiredRegistrarCached("TheRegistrar");
|
||||
assertThat(oldRegistrar.getWhoisServer()).isEqualTo("whois.nic.fakewhois.example");
|
||||
assertThat(oldRegistrar.getUrl()).isEqualTo("http://my.fake.url");
|
||||
ImmutableMap<String, Object> addressMap =
|
||||
ImmutableMap.of(
|
||||
"street",
|
||||
@@ -105,33 +103,26 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
"CA");
|
||||
uiRegistrarMap.putAll(
|
||||
ImmutableMap.of(
|
||||
"whoisServer",
|
||||
"whois.nic.google",
|
||||
"icannReferralEmail",
|
||||
"lol@sloth.test",
|
||||
"phoneNumber",
|
||||
"+1.4155552671",
|
||||
"faxNumber",
|
||||
"+1.4155552672",
|
||||
"url",
|
||||
"\"https://newurl.example\"",
|
||||
"localizedAddress",
|
||||
"{\"street\": [\"123 Fake St\"], \"city\": \"Fakeville\", \"state\":"
|
||||
+ " \"NL\", \"zip\": \"10011\", \"countryCode\": \"CA\"}"));
|
||||
WhoisRegistrarFieldsAction action = createAction();
|
||||
RdapRegistrarFieldsAction action = createAction();
|
||||
action.run();
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus()).isEqualTo(SC_OK);
|
||||
Registrar newRegistrar = Registrar.loadByRegistrarId("TheRegistrar").get(); // skip cache
|
||||
assertThat(newRegistrar.getWhoisServer()).isEqualTo("whois.nic.google");
|
||||
assertThat(newRegistrar.getUrl()).isEqualTo("https://newurl.example");
|
||||
assertThat(newRegistrar.getLocalizedAddress().toJsonMap()).isEqualTo(addressMap);
|
||||
assertThat(newRegistrar.getPhoneNumber()).isEqualTo("+1.4155552671");
|
||||
assertThat(newRegistrar.getFaxNumber()).isEqualTo("+1.4155552672");
|
||||
// the non-changed fields should be the same
|
||||
assertAboutImmutableObjects()
|
||||
.that(newRegistrar)
|
||||
.isEqualExceptFields(
|
||||
oldRegistrar, "whoisServer", "url", "localizedAddress", "phoneNumber", "faxNumber");
|
||||
.isEqualExceptFields(oldRegistrar, "localizedAddress", "phoneNumber", "faxNumber");
|
||||
SimpleConsoleUpdateHistory history = loadSingleton(SimpleConsoleUpdateHistory.class).get();
|
||||
assertThat(history.getType()).isEqualTo(ConsoleUpdateHistory.Type.REGISTRAR_UPDATE);
|
||||
assertThat(history.getDescription()).hasValue("TheRegistrar");
|
||||
@@ -151,7 +142,7 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
.build())
|
||||
.build());
|
||||
uiRegistrarMap.put("registrarId", "NewRegistrar");
|
||||
WhoisRegistrarFieldsAction action = createAction(onlyTheRegistrar);
|
||||
RdapRegistrarFieldsAction action = createAction(onlyTheRegistrar);
|
||||
action.run();
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus()).isEqualTo(SC_FORBIDDEN);
|
||||
// should be no change
|
||||
@@ -162,17 +153,17 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
return AuthResult.createUser(DatabaseHelper.createAdminUser("email@email.example"));
|
||||
}
|
||||
|
||||
private WhoisRegistrarFieldsAction createAction() throws IOException {
|
||||
private RdapRegistrarFieldsAction createAction() throws IOException {
|
||||
return createAction(defaultUserAuth());
|
||||
}
|
||||
|
||||
private WhoisRegistrarFieldsAction createAction(AuthResult authResult) throws IOException {
|
||||
private RdapRegistrarFieldsAction createAction(AuthResult authResult) throws IOException {
|
||||
consoleApiParams = ConsoleApiParamsUtils.createFake(authResult);
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.POST.toString());
|
||||
doReturn(new BufferedReader(new StringReader(uiRegistrarMap.toString())))
|
||||
.when(consoleApiParams.request())
|
||||
.getReader();
|
||||
return new WhoisRegistrarFieldsAction(
|
||||
return new RdapRegistrarFieldsAction(
|
||||
consoleApiParams,
|
||||
registrarAccessor,
|
||||
ConsoleModule.provideRegistrar(
|
||||
@@ -101,7 +101,7 @@ public class ConsoleScreenshotTest extends WebDriverTestCase {
|
||||
driver.diffPage("noRegistrarSelected");
|
||||
selectRegistrar();
|
||||
driver.diffPage("registrarSelected_contacts");
|
||||
driver.findElement(By.cssSelector("a[routerLink=\"whois\"]")).click();
|
||||
driver.findElement(By.cssSelector("a[routerLink=\"rdap\"]")).click();
|
||||
Thread.sleep(500);
|
||||
driver.diffPage("registrarSelected_whois");
|
||||
driver.findElement(By.cssSelector("a[routerLink=\"security\"]")).click();
|
||||
|
||||
@@ -1,19 +1,19 @@
|
||||
SERVICE PATH CLASS METHODS OK MIN USER_POLICY
|
||||
FRONTEND /_dr/epp EppTlsAction POST n APP ADMIN
|
||||
FRONTEND /ready/frontend ReadinessProbeActionFrontend GET n NONE PUBLIC
|
||||
CONSOLE /console-api/bulk-domain ConsoleBulkDomainAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/domain ConsoleDomainGetAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/domain-list ConsoleDomainListAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/dum-download ConsoleDumDownloadAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/eppPassword ConsoleEppPasswordAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/ote ConsoleOteAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registrar ConsoleUpdateRegistrarAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/registrars RegistrarsAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registry-lock ConsoleRegistryLockAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registry-lock-verify ConsoleRegistryLockVerifyAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/settings/contacts ContactAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/security SecurityAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/whois-fields WhoisRegistrarFieldsAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/userdata ConsoleUserDataAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/users ConsoleUsersAction GET,POST,DELETE,PUT n USER PUBLIC
|
||||
CONSOLE /ready/console ReadinessProbeConsoleAction GET n NONE PUBLIC
|
||||
SERVICE PATH CLASS METHODS OK MIN USER_POLICY
|
||||
FRONTEND /_dr/epp EppTlsAction POST n APP ADMIN
|
||||
FRONTEND /ready/frontend ReadinessProbeActionFrontend GET n NONE PUBLIC
|
||||
CONSOLE /console-api/bulk-domain ConsoleBulkDomainAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/domain ConsoleDomainGetAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/domain-list ConsoleDomainListAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/dum-download ConsoleDumDownloadAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/eppPassword ConsoleEppPasswordAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/ote ConsoleOteAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registrar ConsoleUpdateRegistrarAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/registrars RegistrarsAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registry-lock ConsoleRegistryLockAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registry-lock-verify ConsoleRegistryLockVerifyAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/settings/contacts ContactAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/rdap-fields RdapRegistrarFieldsAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/security SecurityAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/userdata ConsoleUserDataAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/users ConsoleUsersAction GET,POST,DELETE,PUT n USER PUBLIC
|
||||
CONSOLE /ready/console ReadinessProbeConsoleAction GET n NONE PUBLIC
|
||||
@@ -80,8 +80,8 @@ CONSOLE /console-api/registrars RegistrarsAction
|
||||
CONSOLE /console-api/registry-lock ConsoleRegistryLockAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/registry-lock-verify ConsoleRegistryLockVerifyAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/settings/contacts ContactAction GET,POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/rdap-fields RdapRegistrarFieldsAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/security SecurityAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/settings/whois-fields WhoisRegistrarFieldsAction POST n USER PUBLIC
|
||||
CONSOLE /console-api/userdata ConsoleUserDataAction GET n USER PUBLIC
|
||||
CONSOLE /console-api/users ConsoleUsersAction GET,POST,DELETE,PUT n USER PUBLIC
|
||||
CONSOLE /ready/console ReadinessProbeConsoleAction GET n NONE PUBLIC
|
||||
CONSOLE /ready/console ReadinessProbeConsoleAction GET n NONE PUBLIC
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 39 KiB After Width: | Height: | Size: 38 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 57 KiB After Width: | Height: | Size: 57 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 76 KiB After Width: | Height: | Size: 76 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 76 KiB After Width: | Height: | Size: 62 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 42 KiB After Width: | Height: | Size: 42 KiB |
Reference in New Issue
Block a user