mirror of
https://github.com/google/nomulus
synced 2026-01-08 15:21:46 +00:00
Allow console access for FTE globar role (#2419)
This commit is contained in:
Pavlo Tkach
GitHub
@@ -28,6 +28,8 @@ import org.joda.time.DateTime;
|
||||
*/
|
||||
public interface Response {
|
||||
|
||||
void sendRedirect(String url) throws IOException;
|
||||
|
||||
/** Sets the HTTP status code. */
|
||||
void setStatus(int status);
|
||||
|
||||
|
||||
@@ -32,6 +32,11 @@ public final class ResponseImpl implements Response {
|
||||
this.rsp = rsp;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sendRedirect(String url) throws IOException {
|
||||
rsp.sendRedirect(url);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setStatus(int status) {
|
||||
rsp.setStatus(status);
|
||||
|
||||
@@ -17,10 +17,15 @@ package google.registry.ui.server.console;
|
||||
import static google.registry.request.Action.Method.GET;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import google.registry.model.console.GlobalRole;
|
||||
import google.registry.model.console.User;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.security.XsrfTokenManager;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.ConsoleUiAction;
|
||||
import google.registry.util.RegistryEnvironment;
|
||||
import jakarta.servlet.http.Cookie;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Optional;
|
||||
|
||||
@@ -35,11 +40,26 @@ public abstract class ConsoleApiAction implements Runnable {
|
||||
@Override
|
||||
public final void run() {
|
||||
// Shouldn't be even possible because of Auth annotations on the various implementing classes
|
||||
if (consoleApiParams.authResult().userAuthInfo().get().consoleUser().isEmpty()) {
|
||||
AuthResult authResult = consoleApiParams.authResult();
|
||||
if (authResult.userAuthInfo().isEmpty()
|
||||
|| authResult.userAuthInfo().get().consoleUser().isEmpty()) {
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
return;
|
||||
}
|
||||
User user = consoleApiParams.authResult().userAuthInfo().get().consoleUser().get();
|
||||
|
||||
// This allows us to enable console to a selected cohort of users with release
|
||||
// We can ignore it in tests
|
||||
if (RegistryEnvironment.get() != RegistryEnvironment.UNITTEST
|
||||
&& !GlobalRole.FTE.equals(user.getUserRoles().getGlobalRole())) {
|
||||
try {
|
||||
consoleApiParams.response().sendRedirect(ConsoleUiAction.PATH);
|
||||
return;
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
if (consoleApiParams.request().getMethod().equals(GET.toString())) {
|
||||
getHandler(user);
|
||||
} else {
|
||||
@@ -75,4 +95,5 @@ public abstract class ConsoleApiAction implements Runnable {
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -24,11 +24,8 @@ import google.registry.model.console.User;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
|
||||
@@ -37,55 +34,41 @@ import javax.inject.Inject;
|
||||
service = Action.Service.DEFAULT,
|
||||
path = ConsoleDomainGetAction.PATH,
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class ConsoleDomainGetAction implements JsonGetAction {
|
||||
public class ConsoleDomainGetAction extends ConsoleApiAction {
|
||||
|
||||
public static final String PATH = "/console-api/domain";
|
||||
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final String paramDomain;
|
||||
|
||||
@Inject
|
||||
public ConsoleDomainGetAction(
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
Gson gson,
|
||||
@Parameter("consoleDomain") String paramDomain) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
this.gson = gson;
|
||||
super(consoleApiParams);
|
||||
this.paramDomain = paramDomain;
|
||||
this.gson = gson;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
if (!authResult.isAuthenticated() || authResult.userAuthInfo().isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
return;
|
||||
}
|
||||
UserAuthInfo authInfo = authResult.userAuthInfo().get();
|
||||
if (authInfo.consoleUser().isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
return;
|
||||
}
|
||||
User user = authInfo.consoleUser().get();
|
||||
protected void getHandler(User user) {
|
||||
Optional<Domain> possibleDomain =
|
||||
tm().transact(
|
||||
() ->
|
||||
EppResourceUtils.loadByForeignKeyCached(
|
||||
Domain.class, paramDomain, tm().getTransactionTime()));
|
||||
if (possibleDomain.isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
return;
|
||||
}
|
||||
Domain domain = possibleDomain.get();
|
||||
if (!user.getUserRoles()
|
||||
.hasPermission(domain.getCurrentSponsorRegistrarId(), ConsolePermission.DOWNLOAD_DOMAINS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
return;
|
||||
}
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
response.setPayload(gson.toJson(domain));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setPayload(gson.toJson(domain));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,10 +27,8 @@ import google.registry.model.console.User;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
@@ -43,7 +41,7 @@ import org.joda.time.DateTime;
|
||||
path = ConsoleDomainListAction.PATH,
|
||||
method = Action.Method.GET,
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class ConsoleDomainListAction implements JsonGetAction {
|
||||
public class ConsoleDomainListAction extends ConsoleApiAction {
|
||||
|
||||
public static final String PATH = "/console-api/domain-list";
|
||||
|
||||
@@ -54,8 +52,6 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
private static final String SEARCH_TERM_QUERY = " AND LOWER(domainName) LIKE :searchTerm";
|
||||
private static final String ORDER_BY_STATEMENT = " ORDER BY creationTime DESC";
|
||||
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final String registrarId;
|
||||
private final Optional<DateTime> checkpointTime;
|
||||
@@ -66,8 +62,7 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
|
||||
@Inject
|
||||
public ConsoleDomainListAction(
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
Gson gson,
|
||||
@Parameter("registrarId") String registrarId,
|
||||
@Parameter("checkpointTime") Optional<DateTime> checkpointTime,
|
||||
@@ -75,8 +70,7 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
@Parameter("resultsPerPage") Optional<Integer> resultsPerPage,
|
||||
@Parameter("totalResults") Optional<Long> totalResults,
|
||||
@Parameter("searchTerm") Optional<String> searchTerm) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
super(consoleApiParams);
|
||||
this.gson = gson;
|
||||
this.registrarId = registrarId;
|
||||
this.checkpointTime = checkpointTime;
|
||||
@@ -87,19 +81,20 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
User user = authResult.userAuthInfo().get().consoleUser().get();
|
||||
protected void getHandler(User user) {
|
||||
if (!user.getUserRoles().hasPermission(registrarId, DOWNLOAD_DOMAINS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
if (resultsPerPage < 1 || resultsPerPage > 500) {
|
||||
writeBadRequest("Results per page must be between 1 and 500 inclusive");
|
||||
setFailedResponse(
|
||||
"Results per page must be between 1 and 500 inclusive",
|
||||
HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
return;
|
||||
}
|
||||
if (pageNumber < 0) {
|
||||
writeBadRequest("Page number must be non-negative");
|
||||
setFailedResponse(
|
||||
"Page number must be non-negative", HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -130,8 +125,10 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
.setFirstResult(numResultsToSkip)
|
||||
.setMaxResults(resultsPerPage)
|
||||
.getResultList();
|
||||
response.setPayload(gson.toJson(new DomainListResult(domains, checkpoint, actualTotalResults)));
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams
|
||||
.response()
|
||||
.setPayload(gson.toJson(new DomainListResult(domains, checkpoint, actualTotalResults)));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
}
|
||||
|
||||
/** Creates the query to get the total number of matching domains, interpolating as necessary. */
|
||||
@@ -154,11 +151,6 @@ public class ConsoleDomainListAction implements JsonGetAction {
|
||||
return tm().query(DOMAIN_QUERY_TEMPLATE + ORDER_BY_STATEMENT, Domain.class);
|
||||
}
|
||||
|
||||
private void writeBadRequest(String message) {
|
||||
response.setPayload(message);
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
}
|
||||
|
||||
/** Container result class that allows for pagination. */
|
||||
@VisibleForTesting
|
||||
static final class DomainListResult {
|
||||
|
||||
@@ -31,12 +31,9 @@ import google.registry.model.registrar.RegistrarBase.State;
|
||||
import google.registry.model.registrar.RegistrarPoc;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.util.StringGenerator;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Named;
|
||||
@@ -46,50 +43,33 @@ import javax.inject.Named;
|
||||
path = RegistrarsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class RegistrarsAction implements JsonGetAction {
|
||||
public class RegistrarsAction extends ConsoleApiAction {
|
||||
private static final int PASSWORD_LENGTH = 16;
|
||||
private static final int PASSCODE_LENGTH = 5;
|
||||
static final String PATH = "/console-api/registrars";
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final HttpServletRequest req;
|
||||
private Optional<Registrar> registrar;
|
||||
private StringGenerator passwordGenerator;
|
||||
private StringGenerator passcodeGenerator;
|
||||
|
||||
@Inject
|
||||
public RegistrarsAction(
|
||||
HttpServletRequest req,
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
Gson gson,
|
||||
@Parameter("registrar") Optional<Registrar> registrar,
|
||||
@Named("base58StringGenerator") StringGenerator passwordGenerator,
|
||||
@Named("digitOnlyStringGenerator") StringGenerator passcodeGenerator) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
super(consoleApiParams);
|
||||
this.gson = gson;
|
||||
this.registrar = registrar;
|
||||
this.req = req;
|
||||
this.passcodeGenerator = passcodeGenerator;
|
||||
this.passwordGenerator = passwordGenerator;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
User user = authResult.userAuthInfo().get().consoleUser().get();
|
||||
if (req.getMethod().equals(GET.toString())) {
|
||||
getHandler(user);
|
||||
} else {
|
||||
postHandler(user);
|
||||
}
|
||||
}
|
||||
|
||||
private void getHandler(User user) {
|
||||
protected void getHandler(User user) {
|
||||
if (!user.getUserRoles().hasGlobalPermission(ConsolePermission.VIEW_REGISTRARS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
ImmutableList<Registrar> registrars =
|
||||
@@ -97,19 +77,20 @@ public class RegistrarsAction implements JsonGetAction {
|
||||
.filter(r -> r.getType() == Registrar.Type.REAL)
|
||||
.collect(ImmutableList.toImmutableList());
|
||||
|
||||
response.setPayload(gson.toJson(registrars));
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setPayload(gson.toJson(registrars));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
}
|
||||
|
||||
private void postHandler(User user) {
|
||||
@Override
|
||||
protected void postHandler(User user) {
|
||||
if (!user.getUserRoles().isAdmin()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
if (registrar.isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(gson.toJson("'registrar' parameter is not present"));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
consoleApiParams.response().setPayload(gson.toJson("'registrar' parameter is not present"));
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -171,11 +152,9 @@ public class RegistrarsAction implements JsonGetAction {
|
||||
});
|
||||
|
||||
} catch (IllegalArgumentException e) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(gson.toJson(e.getMessage()));
|
||||
setFailedResponse(e.getMessage(), HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
} catch (Throwable e) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_SERVER_ERROR);
|
||||
response.setPayload(gson.toJson(e.getMessage()));
|
||||
setFailedResponse(e.getMessage(), HttpStatusCodes.STATUS_CODE_SERVER_ERROR);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -31,13 +31,11 @@ import google.registry.model.registrar.RegistrarPoc;
|
||||
import google.registry.persistence.transaction.QueryComposer.Comparator;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.ui.forms.FormException;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.console.ConsoleApiAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.RegistrarSettingsAction;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.util.Collections;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
@@ -47,45 +45,29 @@ import javax.inject.Inject;
|
||||
path = ContactAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class ContactAction implements JsonGetAction {
|
||||
public class ContactAction extends ConsoleApiAction {
|
||||
static final String PATH = "/console-api/settings/contacts";
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
private final HttpServletRequest req;
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final Optional<ImmutableSet<RegistrarPoc>> contacts;
|
||||
private final String registrarId;
|
||||
|
||||
@Inject
|
||||
public ContactAction(
|
||||
HttpServletRequest req,
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
Gson gson,
|
||||
@Parameter("registrarId") String registrarId,
|
||||
@Parameter("contacts") Optional<ImmutableSet<RegistrarPoc>> contacts) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
super(consoleApiParams);
|
||||
this.gson = gson;
|
||||
this.registrarId = registrarId;
|
||||
this.contacts = contacts;
|
||||
this.req = req;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
User user = authResult.userAuthInfo().get().consoleUser().get();
|
||||
if (req.getMethod().equals(GET.toString())) {
|
||||
getHandler(user);
|
||||
} else {
|
||||
postHandler(user);
|
||||
}
|
||||
}
|
||||
|
||||
private void getHandler(User user) {
|
||||
protected void getHandler(User user) {
|
||||
if (!user.getUserRoles().hasPermission(registrarId, ConsolePermission.VIEW_REGISTRAR_DETAILS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -99,19 +81,20 @@ public class ContactAction implements JsonGetAction {
|
||||
.filter(r -> !r.getTypes().isEmpty())
|
||||
.collect(toImmutableList()));
|
||||
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
response.setPayload(gson.toJson(am));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setPayload(gson.toJson(am));
|
||||
}
|
||||
|
||||
private void postHandler(User user) {
|
||||
@Override
|
||||
protected void postHandler(User user) {
|
||||
if (!user.getUserRoles().hasPermission(registrarId, ConsolePermission.EDIT_REGISTRAR_DETAILS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
if (contacts.isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(gson.toJson("Contacts parameter is not present"));
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
consoleApiParams.response().setPayload(gson.toJson("Contacts parameter is not present"));
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -137,12 +120,12 @@ public class ContactAction implements JsonGetAction {
|
||||
} catch (FormException e) {
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Error processing contacts post request for registrar: %s", registrarId);
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(e.getMessage());
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
consoleApiParams.response().setPayload(e.getMessage());
|
||||
return;
|
||||
}
|
||||
|
||||
RegistrarPoc.updateContacts(registrar, updatedContacts);
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,7 +18,6 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
|
||||
import static google.registry.request.Action.Method.POST;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import com.google.gson.Gson;
|
||||
import google.registry.flows.certs.CertificateChecker;
|
||||
import google.registry.flows.certs.CertificateChecker.InsecureCertificateException;
|
||||
import google.registry.model.console.ConsolePermission;
|
||||
@@ -26,12 +25,11 @@ import google.registry.model.console.User;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor.RegistrarAccessDeniedException;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.console.ConsoleApiAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
|
||||
@@ -40,12 +38,9 @@ import javax.inject.Inject;
|
||||
path = SecurityAction.PATH,
|
||||
method = {POST},
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class SecurityAction implements JsonGetAction {
|
||||
public class SecurityAction extends ConsoleApiAction {
|
||||
|
||||
static final String PATH = "/console-api/settings/security";
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final String registrarId;
|
||||
private final AuthenticatedRegistrarAccessor registrarAccessor;
|
||||
private final Optional<Registrar> registrar;
|
||||
@@ -53,16 +48,12 @@ public class SecurityAction implements JsonGetAction {
|
||||
|
||||
@Inject
|
||||
public SecurityAction(
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
Gson gson,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
CertificateChecker certificateChecker,
|
||||
AuthenticatedRegistrarAccessor registrarAccessor,
|
||||
@Parameter("registrarId") String registrarId,
|
||||
@Parameter("registrar") Optional<Registrar> registrar) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
this.gson = gson;
|
||||
super(consoleApiParams);
|
||||
this.registrarId = registrarId;
|
||||
this.registrarAccessor = registrarAccessor;
|
||||
this.registrar = registrar;
|
||||
@@ -70,16 +61,15 @@ public class SecurityAction implements JsonGetAction {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
User user = authResult.userAuthInfo().get().consoleUser().get();
|
||||
protected void postHandler(User user) {
|
||||
if (!user.getUserRoles().hasPermission(registrarId, ConsolePermission.EDIT_REGISTRAR_DETAILS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
if (registrar.isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(gson.toJson("'registrar' parameter is not present"));
|
||||
setFailedResponse(
|
||||
"'registrar' parameter is not present", HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -87,8 +77,7 @@ public class SecurityAction implements JsonGetAction {
|
||||
try {
|
||||
savedRegistrar = registrarAccessor.getRegistrar(registrarId);
|
||||
} catch (RegistrarAccessDeniedException e) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
response.setPayload(e.getMessage());
|
||||
setFailedResponse(e.getMessage(), HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -122,12 +111,12 @@ public class SecurityAction implements JsonGetAction {
|
||||
}
|
||||
}
|
||||
} catch (InsecureCertificateException e) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload("Invalid certificate in parameter");
|
||||
setFailedResponse(
|
||||
"Invalid certificate in parameter", HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
return;
|
||||
}
|
||||
|
||||
tm().put(updatedRegistrar.build());
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,18 +18,16 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
|
||||
import static google.registry.request.Action.Method.POST;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import com.google.gson.Gson;
|
||||
import google.registry.model.console.ConsolePermission;
|
||||
import google.registry.model.console.User;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor.RegistrarAccessDeniedException;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
import google.registry.ui.server.console.ConsoleApiAction;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
|
||||
@@ -44,42 +42,34 @@ import javax.inject.Inject;
|
||||
path = WhoisRegistrarFieldsAction.PATH,
|
||||
method = {POST},
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
public class WhoisRegistrarFieldsAction implements JsonGetAction {
|
||||
public class WhoisRegistrarFieldsAction extends ConsoleApiAction {
|
||||
|
||||
static final String PATH = "/console-api/settings/whois-fields";
|
||||
private final AuthResult authResult;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private AuthenticatedRegistrarAccessor registrarAccessor;
|
||||
private Optional<Registrar> registrar;
|
||||
|
||||
@Inject
|
||||
public WhoisRegistrarFieldsAction(
|
||||
AuthResult authResult,
|
||||
Response response,
|
||||
Gson gson,
|
||||
ConsoleApiParams consoleApiParams,
|
||||
AuthenticatedRegistrarAccessor registrarAccessor,
|
||||
@Parameter("registrar") Optional<Registrar> registrar) {
|
||||
this.authResult = authResult;
|
||||
this.response = response;
|
||||
this.gson = gson;
|
||||
super(consoleApiParams);
|
||||
this.registrarAccessor = registrarAccessor;
|
||||
this.registrar = registrar;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
protected void postHandler(User user) {
|
||||
if (registrar.isEmpty()) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
response.setPayload(gson.toJson("'registrar' parameter is not present"));
|
||||
setFailedResponse(
|
||||
"'registrar' parameter is not present", HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
return;
|
||||
}
|
||||
|
||||
User user = authResult.userAuthInfo().get().consoleUser().get();
|
||||
if (!user.getUserRoles()
|
||||
.hasPermission(
|
||||
registrar.get().getRegistrarId(), ConsolePermission.EDIT_REGISTRAR_DETAILS)) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -92,8 +82,8 @@ public class WhoisRegistrarFieldsAction implements JsonGetAction {
|
||||
// reload to make sure the object has all the correct fields
|
||||
savedRegistrar = registrarAccessor.getRegistrar(providedRegistrar.getRegistrarId());
|
||||
} catch (RegistrarAccessDeniedException e) {
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
response.setPayload(e.getMessage());
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
consoleApiParams.response().setPayload(e.getMessage());
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -102,6 +92,6 @@ public class WhoisRegistrarFieldsAction implements JsonGetAction {
|
||||
newRegistrar.setUrl(providedRegistrar.getUrl());
|
||||
newRegistrar.setLocalizedAddress(providedRegistrar.getLocalizedAddress());
|
||||
tm().put(newRegistrar.build());
|
||||
response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
consoleApiParams.response().setStatus(HttpStatusCodes.STATUS_CODE_OK);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,6 +67,12 @@ public final class FakeResponse implements Response {
|
||||
return writer;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sendRedirect(String url) throws IOException {
|
||||
status = 302;
|
||||
this.payload = String.format("Redirected to %s", url);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setStatus(int status) {
|
||||
checkArgument(status >= 100);
|
||||
|
||||
@@ -17,6 +17,7 @@ package google.registry.ui.server.console;
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static google.registry.testing.DatabaseHelper.createTld;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
@@ -25,11 +26,15 @@ import google.registry.model.console.RegistrarRole;
|
||||
import google.registry.model.console.User;
|
||||
import google.registry.model.console.UserRoles;
|
||||
import google.registry.persistence.transaction.JpaTestExtensions;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.RequestModule;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.DatabaseHelper;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.Optional;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
@@ -38,7 +43,7 @@ import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
public class ConsoleDomainGetActionTest {
|
||||
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
private static final FakeResponse RESPONSE = new FakeResponse();
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
|
||||
@RegisterExtension
|
||||
final JpaTestExtensions.JpaIntegrationTestExtension jpa =
|
||||
@@ -63,8 +68,9 @@ public class ConsoleDomainGetActionTest {
|
||||
.build()))),
|
||||
"exists.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(RESPONSE.getPayload())
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo(
|
||||
"{\"domainName\":\"exists.tld\",\"adminContact\":{\"key\":\"3-ROID\",\"kind\":"
|
||||
+ "\"google.registry.model.contact.Contact\"},\"techContact\":{\"key\":\"3-ROID\","
|
||||
@@ -82,7 +88,8 @@ public class ConsoleDomainGetActionTest {
|
||||
void testFailure_emptyAuth() {
|
||||
ConsoleDomainGetAction action = createAction(AuthResult.NOT_AUTHENTICATED, "exists.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -90,7 +97,8 @@ public class ConsoleDomainGetActionTest {
|
||||
ConsoleDomainGetAction action =
|
||||
createAction(AuthResult.createApp("service@registry.example"), "exists.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -101,7 +109,8 @@ public class ConsoleDomainGetActionTest {
|
||||
UserAuthInfo.create(mock(com.google.appengine.api.users.User.class), false)),
|
||||
"exists.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -111,7 +120,8 @@ public class ConsoleDomainGetActionTest {
|
||||
AuthResult.createUser(UserAuthInfo.create(createUser(new UserRoles.Builder().build()))),
|
||||
"exists.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -122,7 +132,8 @@ public class ConsoleDomainGetActionTest {
|
||||
UserAuthInfo.create(createUser(new UserRoles.Builder().setIsAdmin(true).build()))),
|
||||
"nonexistent.tld");
|
||||
action.run();
|
||||
assertThat(RESPONSE.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
|
||||
}
|
||||
|
||||
private User createUser(UserRoles userRoles) {
|
||||
@@ -133,6 +144,8 @@ public class ConsoleDomainGetActionTest {
|
||||
}
|
||||
|
||||
private ConsoleDomainGetAction createAction(AuthResult authResult, String domain) {
|
||||
return new ConsoleDomainGetAction(authResult, RESPONSE, GSON, domain);
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.GET.toString());
|
||||
return new ConsoleDomainGetAction(consoleApiParams, GSON, domain);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,6 +20,7 @@ import static google.registry.testing.DatabaseHelper.createAdminUser;
|
||||
import static google.registry.testing.DatabaseHelper.createTld;
|
||||
import static google.registry.testing.DatabaseHelper.persistActiveDomain;
|
||||
import static google.registry.testing.DatabaseHelper.persistDomainAsDeleted;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import com.google.common.collect.Iterables;
|
||||
@@ -27,13 +28,16 @@ import com.google.gson.Gson;
|
||||
import google.registry.model.EppResourceUtils;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.persistence.transaction.JpaTestExtensions;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.DatabaseHelper;
|
||||
import google.registry.testing.FakeClock;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.tools.GsonUtils;
|
||||
import google.registry.ui.server.console.ConsoleDomainListAction.DomainListResult;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import java.util.Optional;
|
||||
import javax.annotation.Nullable;
|
||||
import org.joda.time.DateTime;
|
||||
@@ -48,7 +52,7 @@ public class ConsoleDomainListActionTest {
|
||||
|
||||
private final FakeClock clock = new FakeClock(DateTime.parse("2023-10-20T00:00:00.000Z"));
|
||||
|
||||
private FakeResponse response;
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
|
||||
@RegisterExtension
|
||||
final JpaTestExtensions.JpaIntegrationTestExtension jpa =
|
||||
@@ -68,7 +72,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_allDomains() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).hasSize(10);
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
assertThat(result.checkpointTime).isEqualTo(clock.nowUtc());
|
||||
@@ -80,7 +86,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_noDomains() {
|
||||
ConsoleDomainListAction action = createAction("NewRegistrar");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).hasSize(0);
|
||||
assertThat(result.totalResults).isEqualTo(0);
|
||||
assertThat(result.checkpointTime).isEqualTo(clock.nowUtc());
|
||||
@@ -91,7 +99,9 @@ public class ConsoleDomainListActionTest {
|
||||
// Two pages of results should go in reverse chronological order
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, null);
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains.stream().map(Domain::getDomainName).collect(toImmutableList()))
|
||||
.containsExactly("9exists.tld", "8exists.tld", "7exists.tld", "6exists.tld", "5exists.tld");
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
@@ -99,7 +109,9 @@ public class ConsoleDomainListActionTest {
|
||||
// Now do the second page
|
||||
action = createAction("TheRegistrar", result.checkpointTime, 1, 5, 10L, null);
|
||||
action.run();
|
||||
result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains.stream().map(Domain::getDomainName).collect(toImmutableList()))
|
||||
.containsExactly("4exists.tld", "3exists.tld", "2exists.tld", "1exists.tld", "0exists.tld");
|
||||
}
|
||||
@@ -108,7 +120,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_partialPage() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 1, 8, null, null);
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains.stream().map(Domain::getDomainName).collect(toImmutableList()))
|
||||
.containsExactly("1exists.tld", "0exists.tld");
|
||||
}
|
||||
@@ -118,7 +132,9 @@ public class ConsoleDomainListActionTest {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 10, null, null);
|
||||
action.run();
|
||||
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).hasSize(10);
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
|
||||
@@ -128,7 +144,9 @@ public class ConsoleDomainListActionTest {
|
||||
// Even though we persisted a new domain, the old checkpoint should return no more results
|
||||
action = createAction("TheRegistrar", result.checkpointTime, 1, 10, null, null);
|
||||
action.run();
|
||||
result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).isEmpty();
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
}
|
||||
@@ -137,7 +155,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_checkpointTime_deletion() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, null);
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
|
||||
clock.advanceOneMilli();
|
||||
Domain toDelete =
|
||||
@@ -147,7 +167,9 @@ public class ConsoleDomainListActionTest {
|
||||
// Second page should include the domain that is now deleted due to the checkpoint time
|
||||
action = createAction("TheRegistrar", result.checkpointTime, 1, 5, null, null);
|
||||
action.run();
|
||||
result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains.stream().map(Domain::getDomainName).collect(toImmutableList()))
|
||||
.containsExactly("4exists.tld", "3exists.tld", "2exists.tld", "1exists.tld", "0exists.tld");
|
||||
}
|
||||
@@ -156,7 +178,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_searchTerm_oneMatch() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, "0");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(Iterables.getOnlyElement(result.domains).getDomainName()).isEqualTo("0exists.tld");
|
||||
}
|
||||
|
||||
@@ -164,7 +188,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_searchTerm_returnsNone() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, "deleted");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).isEmpty();
|
||||
}
|
||||
|
||||
@@ -172,7 +198,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_searchTerm_caseInsensitive() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, "eXiStS");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).hasSize(5);
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
}
|
||||
@@ -181,7 +209,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testSuccess_searchTerm_tld() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 5, null, "tld");
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).hasSize(5);
|
||||
assertThat(result.totalResults).isEqualTo(10);
|
||||
}
|
||||
@@ -190,7 +220,9 @@ public class ConsoleDomainListActionTest {
|
||||
void testPartialSuccess_pastEnd() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 5, 5, null, null);
|
||||
action.run();
|
||||
DomainListResult result = GSON.fromJson(response.getPayload(), DomainListResult.class);
|
||||
DomainListResult result =
|
||||
GSON.fromJson(
|
||||
((FakeResponse) consoleApiParams.response()).getPayload(), DomainListResult.class);
|
||||
assertThat(result.domains).isEmpty();
|
||||
}
|
||||
|
||||
@@ -198,14 +230,16 @@ public class ConsoleDomainListActionTest {
|
||||
void testFailure_invalidResultsPerPage() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, 0, 0, null, null);
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(response.getPayload())
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo("Results per page must be between 1 and 500 inclusive");
|
||||
|
||||
action = createAction("TheRegistrar", null, 0, 501, null, null);
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(response.getPayload())
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo("Results per page must be between 1 and 500 inclusive");
|
||||
}
|
||||
|
||||
@@ -213,8 +247,10 @@ public class ConsoleDomainListActionTest {
|
||||
void testFailure_invalidPageNumber() {
|
||||
ConsoleDomainListAction action = createAction("TheRegistrar", null, -1, 10, null, null);
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(response.getPayload()).isEqualTo("Page number must be non-negative");
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo("Page number must be non-negative");
|
||||
}
|
||||
|
||||
private ConsoleDomainListAction createAction(String registrarId) {
|
||||
@@ -228,12 +264,12 @@ public class ConsoleDomainListActionTest {
|
||||
@Nullable Integer resultsPerPage,
|
||||
@Nullable Long totalResults,
|
||||
@Nullable String searchTerm) {
|
||||
response = new FakeResponse();
|
||||
AuthResult authResult =
|
||||
AuthResult.createUser(UserAuthInfo.create(createAdminUser("email@email.example")));
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.GET.toString());
|
||||
return new ConsoleDomainListAction(
|
||||
authResult,
|
||||
response,
|
||||
consoleApiParams,
|
||||
GSON,
|
||||
registrarId,
|
||||
Optional.ofNullable(checkpointTime),
|
||||
|
||||
@@ -45,7 +45,6 @@ import google.registry.testing.FakeResponse;
|
||||
import google.registry.tools.GsonUtils;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.util.EmailMessage;
|
||||
import jakarta.servlet.http.Cookie;
|
||||
import java.util.Optional;
|
||||
import javax.mail.internet.AddressException;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
@@ -197,12 +196,7 @@ class ConsoleEppPasswordActionTest {
|
||||
AuthenticatedRegistrarAccessor authenticatedRegistrarAccessor =
|
||||
AuthenticatedRegistrarAccessor.createForTesting(
|
||||
ImmutableSetMultimap.of("registrarId", OWNER));
|
||||
Cookie cookie =
|
||||
new Cookie(
|
||||
consoleApiParams.xsrfTokenManager().X_CSRF_TOKEN,
|
||||
consoleApiParams.xsrfTokenManager().generateToken(""));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.POST.toString());
|
||||
when(consoleApiParams.request().getCookies()).thenReturn(new Cookie[] {cookie});
|
||||
|
||||
return new ConsoleEppPasswordAction(
|
||||
consoleApiParams, authenticatedRegistrarAccessor, gmailClient);
|
||||
|
||||
@@ -21,7 +21,6 @@ import static google.registry.testing.DatabaseHelper.persistNewRegistrar;
|
||||
import static google.registry.testing.DatabaseHelper.persistResource;
|
||||
import static google.registry.testing.SqlHelper.saveRegistrar;
|
||||
import static org.mockito.Mockito.doReturn;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
@@ -40,10 +39,11 @@ import google.registry.request.RequestModule;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.DeterministicStringGenerator;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.RegistrarConsoleModule;
|
||||
import google.registry.util.StringGenerator;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
@@ -56,9 +56,8 @@ import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
/** Tests for {@link google.registry.ui.server.console.RegistrarsAction}. */
|
||||
class RegistrarsActionTest {
|
||||
|
||||
private final HttpServletRequest request = mock(HttpServletRequest.class);
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
private FakeResponse response;
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
|
||||
private StringGenerator passwordGenerator =
|
||||
new DeterministicStringGenerator("abcdefghijklmnopqrstuvwxyz");
|
||||
@@ -112,8 +111,9 @@ class RegistrarsActionTest {
|
||||
createUser(
|
||||
new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_LEAD).build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
String payload = response.getPayload();
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
String payload = ((FakeResponse) consoleApiParams.response()).getPayload();
|
||||
assertThat(
|
||||
ImmutableList.of("\"registrarId\":\"NewRegistrar\"", "\"registrarId\":\"TheRegistrar\"")
|
||||
.stream()
|
||||
@@ -131,8 +131,9 @@ class RegistrarsActionTest {
|
||||
UserAuthInfo.create(
|
||||
createUser(new UserRoles.Builder().setGlobalRole(GlobalRole.FTE).build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
String payload = response.getPayload();
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
String payload = ((FakeResponse) consoleApiParams.response()).getPayload();
|
||||
assertThat(
|
||||
ImmutableList.of(
|
||||
"\"registrarId\":\"NewRegistrar\"",
|
||||
@@ -151,7 +152,8 @@ class RegistrarsActionTest {
|
||||
AuthResult.createUser(
|
||||
UserAuthInfo.create(createUser(new UserRoles.Builder().setIsAdmin(true).build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
Registrar r = loadRegistrar("regIdTest");
|
||||
assertThat(r).isNotNull();
|
||||
assertThat(
|
||||
@@ -180,12 +182,12 @@ class RegistrarsActionTest {
|
||||
UserAuthInfo.create(
|
||||
createUser(new UserRoles.Builder().setIsAdmin(true).build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(response.getPayload())
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo(
|
||||
GSON.toJson(
|
||||
String.format(
|
||||
"Missing value for %s", userFriendlyKeysToRegistrarKeys.get(key))));
|
||||
String.format(
|
||||
"Missing value for %s", userFriendlyKeysToRegistrarKeys.get(key)));
|
||||
});
|
||||
}
|
||||
|
||||
@@ -198,9 +200,10 @@ class RegistrarsActionTest {
|
||||
AuthResult.createUser(
|
||||
UserAuthInfo.create(createUser(new UserRoles.Builder().setIsAdmin(true).build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(response.getPayload())
|
||||
.isEqualTo(GSON.toJson("Registrar with registrarId regIdTest already exists"));
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo("Registrar with registrarId regIdTest already exists");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -219,7 +222,8 @@ class RegistrarsActionTest {
|
||||
RegistrarRole.ACCOUNT_MANAGER_WITH_REGISTRY_LOCK))
|
||||
.build()))));
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
}
|
||||
|
||||
private User createUser(UserRoles userRoles) {
|
||||
@@ -230,27 +234,19 @@ class RegistrarsActionTest {
|
||||
}
|
||||
|
||||
private RegistrarsAction createAction(Action.Method method, AuthResult authResult) {
|
||||
response = new FakeResponse();
|
||||
when(request.getMethod()).thenReturn(method.toString());
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(method.toString());
|
||||
if (method.equals(Action.Method.GET)) {
|
||||
return new RegistrarsAction(
|
||||
request,
|
||||
authResult,
|
||||
response,
|
||||
GSON,
|
||||
Optional.ofNullable(null),
|
||||
passwordGenerator,
|
||||
passcodeGenerator);
|
||||
consoleApiParams, GSON, Optional.ofNullable(null), passwordGenerator, passcodeGenerator);
|
||||
} else {
|
||||
try {
|
||||
doReturn(new BufferedReader(new StringReader(registrarParamMap.toString())))
|
||||
.when(request)
|
||||
.when(consoleApiParams.request())
|
||||
.getReader();
|
||||
} catch (IOException e) {
|
||||
return new RegistrarsAction(
|
||||
request,
|
||||
authResult,
|
||||
response,
|
||||
consoleApiParams,
|
||||
GSON,
|
||||
Optional.ofNullable(null),
|
||||
passwordGenerator,
|
||||
@@ -258,15 +254,9 @@ class RegistrarsActionTest {
|
||||
}
|
||||
Optional<Registrar> maybeRegistrar =
|
||||
RegistrarConsoleModule.provideRegistrar(
|
||||
GSON, RequestModule.provideJsonBody(request, GSON));
|
||||
GSON, RequestModule.provideJsonBody(consoleApiParams.request(), GSON));
|
||||
return new RegistrarsAction(
|
||||
request,
|
||||
authResult,
|
||||
response,
|
||||
GSON,
|
||||
maybeRegistrar,
|
||||
passwordGenerator,
|
||||
passcodeGenerator);
|
||||
consoleApiParams, GSON, maybeRegistrar, passwordGenerator, passcodeGenerator);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@ import static google.registry.testing.DatabaseHelper.createAdminUser;
|
||||
import static google.registry.testing.DatabaseHelper.insertInDb;
|
||||
import static google.registry.testing.DatabaseHelper.loadAllOf;
|
||||
import static google.registry.testing.SqlHelper.saveRegistrar;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.doReturn;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
@@ -38,9 +38,10 @@ import google.registry.request.Action;
|
||||
import google.registry.request.RequestModule;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.RegistrarConsoleModule;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
@@ -69,10 +70,9 @@ class ContactActionTest {
|
||||
+ "\"visibleInWhoisAsTech\":false,\"visibleInDomainWhoisAsAbuse\":false}";
|
||||
|
||||
private Registrar testRegistrar;
|
||||
private final HttpServletRequest request = mock(HttpServletRequest.class);
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
private RegistrarPoc testRegistrarPoc;
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
private FakeResponse response;
|
||||
|
||||
@RegisterExtension
|
||||
final JpaTestExtensions.JpaIntegrationTestExtension jpa =
|
||||
@@ -80,7 +80,6 @@ class ContactActionTest {
|
||||
|
||||
@BeforeEach
|
||||
void beforeEach() {
|
||||
response = new FakeResponse();
|
||||
testRegistrar = saveRegistrar("registrarId");
|
||||
testRegistrarPoc =
|
||||
new RegistrarPoc.Builder()
|
||||
@@ -106,8 +105,10 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
null);
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(response.getPayload()).isEqualTo("[" + jsonRegistrar1 + "]");
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload())
|
||||
.isEqualTo("[" + jsonRegistrar1 + "]");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -121,8 +122,9 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
null);
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(response.getPayload()).isEqualTo("[]");
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getPayload()).isEqualTo("[]");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -134,7 +136,8 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
"[" + jsonRegistrar1 + "," + jsonRegistrar2 + "]");
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(
|
||||
loadAllOf(RegistrarPoc.class).stream()
|
||||
.filter(r -> r.registrarId.equals(testRegistrar.getRegistrarId()))
|
||||
@@ -154,7 +157,8 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
"[" + jsonRegistrar1 + "," + jsonRegistrar2 + "]");
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
HashMap<String, String> testResult = new HashMap<>();
|
||||
loadAllOf(RegistrarPoc.class).stream()
|
||||
.filter(r -> r.registrarId.equals(testRegistrar.getRegistrarId()))
|
||||
@@ -177,7 +181,8 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
"[" + jsonRegistrar2 + "]");
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(
|
||||
loadAllOf(RegistrarPoc.class).stream()
|
||||
.filter(r -> r.registrarId.equals(testRegistrar.getRegistrarId()))
|
||||
@@ -207,21 +212,25 @@ class ContactActionTest {
|
||||
testRegistrar.getRegistrarId(),
|
||||
"[" + jsonRegistrar2 + "]");
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
}
|
||||
|
||||
private ContactAction createAction(
|
||||
Action.Method method, AuthResult authResult, String registrarId, String contacts)
|
||||
throws IOException {
|
||||
when(request.getMethod()).thenReturn(method.toString());
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(method.toString());
|
||||
if (method.equals(Action.Method.GET)) {
|
||||
return new ContactAction(request, authResult, response, GSON, registrarId, Optional.empty());
|
||||
return new ContactAction(consoleApiParams, GSON, registrarId, Optional.empty());
|
||||
} else {
|
||||
when(request.getReader()).thenReturn(new BufferedReader(new StringReader(contacts)));
|
||||
doReturn(new BufferedReader(new StringReader(contacts)))
|
||||
.when(consoleApiParams.request())
|
||||
.getReader();
|
||||
Optional<ImmutableSet<RegistrarPoc>> maybeContacts =
|
||||
RegistrarConsoleModule.provideContacts(
|
||||
GSON, RequestModule.provideJsonBody(request, GSON));
|
||||
return new ContactAction(request, authResult, response, GSON, registrarId, maybeContacts);
|
||||
GSON, RequestModule.provideJsonBody(consoleApiParams.request(), GSON));
|
||||
return new ContactAction(consoleApiParams, GSON, registrarId, maybeContacts);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,7 +20,7 @@ import static google.registry.testing.DatabaseHelper.loadRegistrar;
|
||||
import static google.registry.testing.SqlHelper.saveRegistrar;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static org.mockito.Mockito.doReturn;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
@@ -30,15 +30,17 @@ import com.google.gson.Gson;
|
||||
import google.registry.flows.certs.CertificateChecker;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.persistence.transaction.JpaTestExtensions;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.RequestModule;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.DatabaseHelper;
|
||||
import google.registry.testing.FakeClock;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.RegistrarConsoleModule;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
@@ -57,10 +59,9 @@ class SecurityActionTest {
|
||||
+ " \"ipAddressAllowList\": [\"192.168.1.1/32\"]}",
|
||||
SAMPLE_CERT2);
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
private final HttpServletRequest request = mock(HttpServletRequest.class);
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
private final FakeClock clock = new FakeClock();
|
||||
private Registrar testRegistrar;
|
||||
private FakeResponse response = new FakeResponse();
|
||||
|
||||
private AuthenticatedRegistrarAccessor registrarAccessor =
|
||||
AuthenticatedRegistrarAccessor.createForTesting(
|
||||
@@ -93,7 +94,8 @@ class SecurityActionTest {
|
||||
UserAuthInfo.create(DatabaseHelper.createAdminUser("email@email.com"))),
|
||||
testRegistrar.getRegistrarId());
|
||||
action.run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
Registrar r = loadRegistrar(testRegistrar.getRegistrarId());
|
||||
assertThat(r.getClientCertificateHash().get())
|
||||
.isEqualTo("GNd6ZP8/n91t9UTnpxR8aH7aAW4+CpvufYx9ViGbcMY");
|
||||
@@ -103,16 +105,15 @@ class SecurityActionTest {
|
||||
|
||||
private SecurityAction createAction(AuthResult authResult, String registrarId)
|
||||
throws IOException {
|
||||
doReturn(new BufferedReader(new StringReader(jsonRegistrar1))).when(request).getReader();
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.POST.toString());
|
||||
doReturn(new BufferedReader(new StringReader(jsonRegistrar1)))
|
||||
.when(consoleApiParams.request())
|
||||
.getReader();
|
||||
Optional<Registrar> maybeRegistrar =
|
||||
RegistrarConsoleModule.provideRegistrar(GSON, RequestModule.provideJsonBody(request, GSON));
|
||||
return new SecurityAction(
|
||||
authResult,
|
||||
response,
|
||||
GSON,
|
||||
certificateChecker,
|
||||
registrarAccessor,
|
||||
registrarId,
|
||||
maybeRegistrar);
|
||||
RegistrarConsoleModule.provideRegistrar(
|
||||
GSON, RequestModule.provideJsonBody(consoleApiParams.request(), GSON));
|
||||
return new SecurityAction(
|
||||
consoleApiParams, certificateChecker, registrarAccessor, registrarId, maybeRegistrar);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,7 +16,7 @@ package google.registry.ui.server.console.settings;
|
||||
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static google.registry.model.ImmutableObjectSubject.assertAboutImmutableObjects;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.doReturn;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.google.api.client.http.HttpStatusCodes;
|
||||
@@ -30,6 +30,7 @@ import google.registry.model.console.User;
|
||||
import google.registry.model.console.UserRoles;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.persistence.transaction.JpaTestExtensions;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.RequestModule;
|
||||
import google.registry.request.auth.AuthResult;
|
||||
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
|
||||
@@ -37,13 +38,15 @@ import google.registry.request.auth.AuthenticatedRegistrarAccessor.Role;
|
||||
import google.registry.request.auth.UserAuthInfo;
|
||||
import google.registry.testing.DatabaseHelper;
|
||||
import google.registry.testing.FakeClock;
|
||||
import google.registry.testing.FakeConsoleApiParams;
|
||||
import google.registry.testing.FakeResponse;
|
||||
import google.registry.ui.server.registrar.ConsoleApiParams;
|
||||
import google.registry.ui.server.registrar.RegistrarConsoleModule;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
import java.util.HashMap;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
@@ -51,10 +54,9 @@ import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
/** Tests for {@link WhoisRegistrarFieldsAction}. */
|
||||
public class WhoisRegistrarFieldsActionTest {
|
||||
|
||||
private ConsoleApiParams consoleApiParams;
|
||||
private static final Gson GSON = RequestModule.provideGson();
|
||||
private final FakeClock clock = new FakeClock(DateTime.parse("2023-08-01T00:00:00.000Z"));
|
||||
private final FakeResponse fakeResponse = new FakeResponse();
|
||||
private final HttpServletRequest request = mock(HttpServletRequest.class);
|
||||
private final AuthenticatedRegistrarAccessor registrarAccessor =
|
||||
AuthenticatedRegistrarAccessor.createForTesting(
|
||||
ImmutableSetMultimap.of("TheRegistrar", Role.OWNER, "NewRegistrar", Role.OWNER));
|
||||
@@ -110,7 +112,8 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
+ " \"NL\", \"zip\": \"10011\", \"countryCode\": \"CA\"}"));
|
||||
WhoisRegistrarFieldsAction action = createAction();
|
||||
action.run();
|
||||
assertThat(fakeResponse.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
|
||||
Registrar newRegistrar = Registrar.loadByRegistrarId("TheRegistrar").get(); // skip cache
|
||||
assertThat(newRegistrar.getWhoisServer()).isEqualTo("whois.nic.google");
|
||||
assertThat(newRegistrar.getUrl()).isEqualTo("https://newurl.example");
|
||||
@@ -138,7 +141,8 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
uiRegistrarMap.put("registrarId", "NewRegistrar");
|
||||
WhoisRegistrarFieldsAction action = createAction(onlyTheRegistrar);
|
||||
action.run();
|
||||
assertThat(fakeResponse.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
assertThat(((FakeResponse) consoleApiParams.response()).getStatus())
|
||||
.isEqualTo(HttpStatusCodes.STATUS_CODE_FORBIDDEN);
|
||||
// should be no change
|
||||
assertThat(DatabaseHelper.loadByEntity(newRegistrar)).isEqualTo(newRegistrar);
|
||||
}
|
||||
@@ -153,14 +157,15 @@ public class WhoisRegistrarFieldsActionTest {
|
||||
}
|
||||
|
||||
private WhoisRegistrarFieldsAction createAction(AuthResult authResult) throws IOException {
|
||||
when(request.getReader())
|
||||
.thenReturn(new BufferedReader(new StringReader(uiRegistrarMap.toString())));
|
||||
consoleApiParams = FakeConsoleApiParams.get(Optional.of(authResult));
|
||||
when(consoleApiParams.request().getMethod()).thenReturn(Action.Method.POST.toString());
|
||||
doReturn(new BufferedReader(new StringReader(uiRegistrarMap.toString())))
|
||||
.when(consoleApiParams.request())
|
||||
.getReader();
|
||||
return new WhoisRegistrarFieldsAction(
|
||||
authResult,
|
||||
fakeResponse,
|
||||
GSON,
|
||||
consoleApiParams,
|
||||
registrarAccessor,
|
||||
RegistrarConsoleModule.provideRegistrar(
|
||||
GSON, RequestModule.provideJsonBody(request, GSON)));
|
||||
GSON, RequestModule.provideJsonBody(consoleApiParams.request(), GSON)));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user