mirror of
https://github.com/google/nomulus
synced 2026-01-08 07:11:44 +00:00
Make the superuser flag bypass TLD access checks
The --superuser command in the nomulus command-line tool should be bypassing checks on whether the passed-in registrar client ID has access to the TLD in question, but currently it is not. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=158974462
This commit is contained in:
Ben McIlwain
@@ -89,9 +89,9 @@ public final class ClaimsCheckFlow implements Flow {
|
||||
String tld = domainName.parent().toString();
|
||||
// Only validate access to a TLD the first time it is encountered.
|
||||
if (seenTlds.add(tld)) {
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
Registry registry = Registry.get(tld);
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
Registry registry = Registry.get(tld);
|
||||
DateTime now = clock.nowUtc();
|
||||
verifyNotInPredelegation(registry, now);
|
||||
if (registry.getTldState(now) == TldState.SUNRISE) {
|
||||
|
||||
@@ -203,7 +203,10 @@ public final class DomainApplicationCreateFlow implements TransactionalFlow {
|
||||
InternetDomainName domainName = validateDomainName(targetId);
|
||||
String idnTableName = validateDomainNameWithIdnTables(domainName);
|
||||
String tld = domainName.parent().toString();
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
if (!isSuperuser) {
|
||||
// Access to the TLD should be checked before the subsequent checks as it is a greater concern
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
}
|
||||
Registry registry = Registry.get(tld);
|
||||
FeesAndCredits feesAndCredits =
|
||||
pricingLogic.getCreatePrice(registry, targetId, now, command.getPeriod().getValue());
|
||||
|
||||
@@ -88,8 +88,8 @@ public final class DomainApplicationDeleteFlow implements TransactionalFlow {
|
||||
verifyApplicationDomainMatchesTargetId(existingApplication, targetId);
|
||||
verifyOptionalAuthInfo(authInfo, existingApplication);
|
||||
String tld = existingApplication.getTld();
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
Registry registry = Registry.get(tld);
|
||||
verifyRegistryStateAllowsLaunchFlows(registry, now);
|
||||
verifyLaunchPhaseMatchesRegistryPhase(
|
||||
|
||||
@@ -174,13 +174,13 @@ public class DomainApplicationUpdateFlow implements TransactionalFlow {
|
||||
DomainApplication existingApplication, Update command, DateTime now) throws EppException {
|
||||
AddRemove add = command.getInnerAdd();
|
||||
AddRemove remove = command.getInnerRemove();
|
||||
String tld = existingApplication.getTld();
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(clientId, existingApplication);
|
||||
verifyClientUpdateNotProhibited(command, existingApplication);
|
||||
verifyAllStatusesAreClientSettable(union(add.getStatusValues(), remove.getStatusValues()));
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
}
|
||||
String tld = existingApplication.getTld();
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
if (UPDATE_DISALLOWED_APPLICATION_STATUSES
|
||||
.contains(existingApplication.getApplicationStatus())) {
|
||||
throw new ApplicationStatusProhibitsUpdateException(
|
||||
|
||||
@@ -136,11 +136,10 @@ public final class DomainCheckFlow implements Flow {
|
||||
// This validation is moderately expensive, so cache the results.
|
||||
domains.put(targetId, domainName);
|
||||
String tld = domainName.parent().toString();
|
||||
if (seenTlds.add(tld)) {
|
||||
boolean tldFirstTimeSeen = seenTlds.add(tld);
|
||||
if (tldFirstTimeSeen && !isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
if (!isSuperuser) {
|
||||
verifyNotInPredelegation(Registry.get(tld), now);
|
||||
}
|
||||
verifyNotInPredelegation(Registry.get(tld), now);
|
||||
}
|
||||
}
|
||||
ImmutableMap<String, InternetDomainName> domainNames = domains.build();
|
||||
|
||||
@@ -211,8 +211,8 @@ public final class DomainDeleteFlow implements TransactionalFlow {
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
verifyNotInPredelegation(registry, now);
|
||||
checkAllowedAccessToTld(clientId, registry.getTld().toString());
|
||||
}
|
||||
checkAllowedAccessToTld(clientId, registry.getTld().toString());
|
||||
if (!existingDomain.getSubordinateHosts().isEmpty()) {
|
||||
throw new DomainToDeleteHasHostsException();
|
||||
}
|
||||
|
||||
@@ -219,8 +219,8 @@ public final class DomainRenewFlow implements TransactionalFlow {
|
||||
verifyNoDisallowedStatuses(existingDomain, RENEW_DISALLOWED_STATUSES);
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
}
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
verifyUnitIsYears(command.getPeriod());
|
||||
// If the date they specify doesn't match the expiration, fail. (This is an idempotence check).
|
||||
if (!command.getCurrentExpirationDate().equals(
|
||||
|
||||
@@ -188,6 +188,7 @@ public final class DomainRestoreRequestFlow implements TransactionalFlow {
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
verifyNotReserved(InternetDomainName.from(targetId), false);
|
||||
verifyPremiumNameIsNotBlocked(targetId, now, clientId);
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
}
|
||||
// No other changes can be specified on a restore request.
|
||||
if (!command.noChangesPresent()) {
|
||||
@@ -197,7 +198,6 @@ public final class DomainRestoreRequestFlow implements TransactionalFlow {
|
||||
if (!existingDomain.getGracePeriodStatuses().contains(GracePeriodStatus.REDEMPTION)) {
|
||||
throw new DomainNotEligibleForRestoreException();
|
||||
}
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
validateFeeChallenge(targetId, existingDomain.getTld(), now, feeUpdate, feesAndCredits);
|
||||
}
|
||||
|
||||
|
||||
@@ -36,6 +36,7 @@ import com.googlecode.objectify.Key;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.ClientId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
@@ -83,6 +84,7 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @ClientId String clientId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject HistoryEntry.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
@Inject DomainTransferApproveFlow() {}
|
||||
@@ -102,7 +104,9 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
|
||||
verifyHasPendingTransfer(existingDomain);
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
String tld = existingDomain.getTld();
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
}
|
||||
TransferData transferData = existingDomain.getTransferData();
|
||||
String gainingClientId = transferData.getGainingClientId();
|
||||
HistoryEntry historyEntry = historyBuilder
|
||||
|
||||
@@ -32,6 +32,7 @@ import com.googlecode.objectify.Key;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.ClientId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
@@ -71,6 +72,7 @@ public final class DomainTransferCancelFlow implements TransactionalFlow {
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @ClientId String clientId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject HistoryEntry.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
@Inject DomainTransferCancelFlow() {}
|
||||
@@ -85,7 +87,9 @@ public final class DomainTransferCancelFlow implements TransactionalFlow {
|
||||
verifyOptionalAuthInfo(authInfo, existingDomain);
|
||||
verifyHasPendingTransfer(existingDomain);
|
||||
verifyTransferInitiator(clientId, existingDomain);
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
}
|
||||
HistoryEntry historyEntry = historyBuilder
|
||||
.setType(HistoryEntry.Type.DOMAIN_TRANSFER_CANCEL)
|
||||
.setOtherClientId(existingDomain.getTransferData().getLosingClientId())
|
||||
|
||||
@@ -32,6 +32,7 @@ import com.googlecode.objectify.Key;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.ClientId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
@@ -71,6 +72,7 @@ public final class DomainTransferRejectFlow implements TransactionalFlow {
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @ClientId String clientId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject HistoryEntry.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
@Inject DomainTransferRejectFlow() {}
|
||||
@@ -91,7 +93,9 @@ public final class DomainTransferRejectFlow implements TransactionalFlow {
|
||||
verifyOptionalAuthInfo(authInfo, existingDomain);
|
||||
verifyHasPendingTransfer(existingDomain);
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(clientId, existingDomain.getTld());
|
||||
}
|
||||
DomainResource newDomain =
|
||||
denyPendingTransfer(existingDomain, TransferStatus.CLIENT_REJECTED, now);
|
||||
ofy().save().<ImmutableObject>entities(
|
||||
|
||||
@@ -217,9 +217,9 @@ public final class DomainTransferRequestFlow implements TransactionalFlow {
|
||||
if (gainingClientId.equals(existingDomain.getCurrentSponsorClientId())) {
|
||||
throw new ObjectAlreadySponsoredException();
|
||||
}
|
||||
checkAllowedAccessToTld(gainingClientId, existingDomain.getTld());
|
||||
verifyTransferPeriodIsOneYear(period);
|
||||
if (!isSuperuser) {
|
||||
checkAllowedAccessToTld(gainingClientId, existingDomain.getTld());
|
||||
verifyPremiumNameIsNotBlocked(targetId, now, gainingClientId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -212,14 +212,14 @@ public final class DomainUpdateFlow implements TransactionalFlow {
|
||||
verifyOptionalAuthInfo(authInfo, existingDomain);
|
||||
AddRemove add = command.getInnerAdd();
|
||||
AddRemove remove = command.getInnerRemove();
|
||||
String tld = existingDomain.getTld();
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(clientId, existingDomain);
|
||||
verifyClientUpdateNotProhibited(command, existingDomain);
|
||||
verifyAllStatusesAreClientSettable(union(add.getStatusValues(), remove.getStatusValues()));
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
}
|
||||
String tld = existingDomain.getTld();
|
||||
Registry registry = Registry.get(tld);
|
||||
checkAllowedAccessToTld(clientId, tld);
|
||||
FeeTransformCommandExtension feeUpdate =
|
||||
eppInput.getSingleExtension(FeeUpdateCommandExtension.class);
|
||||
// If the fee extension is present, validate it (even if the cost is zero, to check for price
|
||||
|
||||
Reference in New Issue
Block a user