diff --git a/core/src/main/java/google/registry/tools/DomainLockUtils.java b/core/src/main/java/google/registry/tools/DomainLockUtils.java
index c9abc8fe8..6c34ac94c 100644
--- a/core/src/main/java/google/registry/tools/DomainLockUtils.java
+++ b/core/src/main/java/google/registry/tools/DomainLockUtils.java
@@ -71,7 +71,7 @@ public final class DomainLockUtils {
/**
* Creates and persists a lock request when requested by a user.
*
- * The lock will not be applied until {@link #verifyAndApplyLock} is called.
+ *
The lock will not be applied until {@link #verifyVerificationCode} is called.
*/
public RegistryLock saveNewRegistryLockRequest(
String domainName, String registrarId, @Nullable String registrarPocId, boolean isAdmin) {
@@ -84,7 +84,7 @@ public final class DomainLockUtils {
/**
* Creates and persists an unlock request when requested by a user.
*
- *
The unlock will not be applied until {@link #verifyAndApplyUnlock} is called.
+ *
The unlock will not be applied until {@link #verifyVerificationCode} is called.
*/
public RegistryLock saveNewRegistryUnlockRequest(
String domainName, String registrarId, boolean isAdmin, Optional relockDuration) {
@@ -94,62 +94,32 @@ public final class DomainLockUtils {
createUnlockBuilder(domainName, registrarId, isAdmin, relockDuration).build()));
}
- /** Verifies and applies the lock request previously requested by a user. */
- public RegistryLock verifyAndApplyLock(String verificationCode, boolean isAdmin) {
- return tm().transact(
- () -> {
- DateTime now = tm().getTransactionTime();
- RegistryLock lock = getByVerificationCode(verificationCode);
-
- checkArgument(
- lock.getLockCompletionTime().isEmpty(),
- "Domain %s is already locked",
- lock.getDomainName());
-
- checkArgument(
- !lock.isLockRequestExpired(now),
- "The pending lock has expired; please try again");
-
- checkArgument(
- !lock.isSuperuser() || isAdmin, "Non-admin user cannot complete admin lock");
-
- RegistryLock newLock =
- RegistryLockDao.save(lock.asBuilder().setLockCompletionTime(now).build());
- setAsRelock(newLock);
- tm().transact(() -> applyLockStatuses(newLock, now, isAdmin));
- return newLock;
- });
- }
-
- /** Verifies and applies the unlock request previously requested by a user. */
- public RegistryLock verifyAndApplyUnlock(String verificationCode, boolean isAdmin) {
- RegistryLock lock =
+ /**
+ * Verifies and applies the lock/unlock request previously requested given a verification code.
+ *
+ * This assumes that the lock object / domain in question has a pending lock or unlock.
+ */
+ public RegistryLock verifyVerificationCode(String verificationCode, boolean isAdmin) {
+ RegistryLock result =
tm().transact(
() -> {
- DateTime now = tm().getTransactionTime();
- RegistryLock previousLock = getByVerificationCode(verificationCode);
- checkArgument(
- previousLock.getUnlockCompletionTime().isEmpty(),
- "Domain %s is already unlocked",
- previousLock.getDomainName());
-
- checkArgument(
- !previousLock.isUnlockRequestExpired(now),
- "The pending unlock has expired; please try again");
-
- checkArgument(
- isAdmin || !previousLock.isSuperuser(),
- "Non-admin user cannot complete admin unlock");
-
- RegistryLock newLock =
- RegistryLockDao.save(
- previousLock.asBuilder().setUnlockCompletionTime(now).build());
- tm().transact(() -> removeLockStatuses(newLock, isAdmin, now));
- return newLock;
+ RegistryLock lock = getByVerificationCode(verificationCode);
+ if (lock.getLockCompletionTime().isEmpty()) {
+ return verifyAndApplyLock(lock, isAdmin);
+ } else if (lock.getUnlockRequestTime().isPresent()
+ && lock.getUnlockCompletionTime().isEmpty()) {
+ return verifyAndApplyUnlock(lock, isAdmin);
+ } else {
+ throw new IllegalArgumentException(
+ String.format(
+ "Lock/unlock with code %s is already completed", verificationCode));
+ }
});
- // Submit relock outside the transaction to make sure that it fully succeeded
- submitRelockIfNecessary(lock);
- return lock;
+ if (result.getUnlockCompletionTime().isPresent()) {
+ // Submit relock outside the transaction to make sure that it fully succeeded
+ submitRelockIfNecessary(result);
+ }
+ return result;
}
/**
@@ -232,13 +202,36 @@ public final class DomainLockUtils {
countdown));
}
+ private RegistryLock verifyAndApplyLock(RegistryLock lock, boolean isAdmin) {
+ DateTime now = tm().getTransactionTime();
+ checkArgument(
+ !lock.isLockRequestExpired(now), "The pending lock has expired; please try again");
+
+ checkArgument(!lock.isSuperuser() || isAdmin, "Non-admin user cannot complete admin lock");
+
+ RegistryLock newLock =
+ RegistryLockDao.save(lock.asBuilder().setLockCompletionTime(now).build());
+ setAsRelock(newLock);
+ applyLockStatuses(newLock, now, isAdmin);
+ return newLock;
+ }
+
+ private RegistryLock verifyAndApplyUnlock(RegistryLock lock, boolean isAdmin) {
+ DateTime now = tm().getTransactionTime();
+ checkArgument(
+ !lock.isUnlockRequestExpired(now), "The pending unlock has expired; please try again");
+
+ checkArgument(isAdmin || !lock.isSuperuser(), "Non-admin user cannot complete admin unlock");
+
+ RegistryLock newLock =
+ RegistryLockDao.save(lock.asBuilder().setUnlockCompletionTime(now).build());
+ removeLockStatuses(newLock, isAdmin, now);
+ return newLock;
+ }
+
private void setAsRelock(RegistryLock newLock) {
- tm().transact(
- () ->
- RegistryLockDao.getMostRecentVerifiedUnlockByRepoId(newLock.getRepoId())
- .ifPresent(
- oldLock ->
- RegistryLockDao.save(oldLock.asBuilder().setRelock(newLock).build())));
+ RegistryLockDao.getMostRecentVerifiedUnlockByRepoId(newLock.getRepoId())
+ .ifPresent(oldLock -> RegistryLockDao.save(oldLock.asBuilder().setRelock(newLock).build()));
}
private RegistryLock.Builder createLockBuilder(
diff --git a/core/src/main/java/google/registry/ui/server/console/ConsoleRegistryLockAction.java b/core/src/main/java/google/registry/ui/server/console/ConsoleRegistryLockAction.java
index af3bbea88..ef8de8090 100644
--- a/core/src/main/java/google/registry/ui/server/console/ConsoleRegistryLockAction.java
+++ b/core/src/main/java/google/registry/ui/server/console/ConsoleRegistryLockAction.java
@@ -194,7 +194,6 @@ public class ConsoleRegistryLockAction extends ConsoleApiAction {
// TODO: replace this with the PATH in ConsoleRegistryLockVerifyAction once it exists
.setPath("/console-api/registry-lock-verify")
.setParameter("lockVerificationCode", lock.getVerificationCode())
- .setParameter("isLock", String.valueOf(isLock))
.build()
.toString();
String body = String.format(VERIFICATION_EMAIL_TEMPLATE, lock.getDomainName(), url);
diff --git a/core/src/main/java/google/registry/ui/server/registrar/RegistryLockPostAction.java b/core/src/main/java/google/registry/ui/server/registrar/RegistryLockPostAction.java
index ff3a12111..f984cfe1e 100644
--- a/core/src/main/java/google/registry/ui/server/registrar/RegistryLockPostAction.java
+++ b/core/src/main/java/google/registry/ui/server/registrar/RegistryLockPostAction.java
@@ -160,7 +160,6 @@ public class RegistryLockPostAction implements Runnable, JsonActionRunner.JsonAc
.setHost(req.getServerName())
.setPath("registry-lock-verify")
.setParameter("lockVerificationCode", lock.getVerificationCode())
- .setParameter("isLock", String.valueOf(isLock))
.build()
.toString();
String body = String.format(VERIFICATION_EMAIL_TEMPLATE, lock.getDomainName(), url);
diff --git a/core/src/main/java/google/registry/ui/server/registrar/RegistryLockVerifyAction.java b/core/src/main/java/google/registry/ui/server/registrar/RegistryLockVerifyAction.java
index 68f20a6e7..496d98c7c 100644
--- a/core/src/main/java/google/registry/ui/server/registrar/RegistryLockVerifyAction.java
+++ b/core/src/main/java/google/registry/ui/server/registrar/RegistryLockVerifyAction.java
@@ -50,29 +50,22 @@ public final class RegistryLockVerifyAction extends HtmlAction {
private final DomainLockUtils domainLockUtils;
private final String lockVerificationCode;
- private final Boolean isLock;
@Inject
public RegistryLockVerifyAction(
DomainLockUtils domainLockUtils,
- @Parameter("lockVerificationCode") String lockVerificationCode,
- @Parameter("isLock") Boolean isLock) {
+ @Parameter("lockVerificationCode") String lockVerificationCode) {
this.domainLockUtils = domainLockUtils;
this.lockVerificationCode = lockVerificationCode;
- this.isLock = isLock;
}
@Override
public void runAfterLogin(Map data) {
try {
boolean isAdmin = authResult.userAuthInfo().get().isUserAdmin();
- final RegistryLock resultLock;
- if (isLock) {
- resultLock = domainLockUtils.verifyAndApplyLock(lockVerificationCode, isAdmin);
- } else {
- resultLock = domainLockUtils.verifyAndApplyUnlock(lockVerificationCode, isAdmin);
- }
- data.put("isLock", isLock);
+ RegistryLock resultLock =
+ domainLockUtils.verifyVerificationCode(lockVerificationCode, isAdmin);
+ data.put("isLock", resultLock.getUnlockCompletionTime().isEmpty());
data.put("success", true);
data.put("domainName", resultLock.getDomainName());
} catch (Throwable t) {
diff --git a/core/src/test/java/google/registry/tools/DomainLockUtilsTest.java b/core/src/test/java/google/registry/tools/DomainLockUtilsTest.java
index d97637512..da456cba1 100644
--- a/core/src/test/java/google/registry/tools/DomainLockUtilsTest.java
+++ b/core/src/test/java/google/registry/tools/DomainLockUtilsTest.java
@@ -124,7 +124,7 @@ public final class DomainLockUtilsTest {
clock.advanceBy(standardDays(1));
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
verifyProperlyLockedDomain(false);
}
@@ -137,7 +137,7 @@ public final class DomainLockUtilsTest {
RegistryLock unlockRequest =
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
- domainLockUtils.verifyAndApplyUnlock(unlockRequest.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(unlockRequest.getVerificationCode(), false);
assertThat(loadByEntity(domain).getStatusValues()).containsNoneIn(REGISTRY_LOCK_STATUSES);
}
@@ -145,7 +145,7 @@ public final class DomainLockUtilsTest {
void testSuccess_applyLockDomain() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
verifyProperlyLockedDomain(false);
}
@@ -155,7 +155,7 @@ public final class DomainLockUtilsTest {
RegistryLock unlock =
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
- domainLockUtils.verifyAndApplyUnlock(unlock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(unlock.getVerificationCode(), false);
verifyProperlyUnlockedDomain(false);
}
@@ -163,7 +163,7 @@ public final class DomainLockUtilsTest {
void testSuccess_applyAdminLock_onlyHistoryEntry() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", null, true);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true);
verifyProperlyLockedDomain(true);
}
@@ -171,11 +171,11 @@ public final class DomainLockUtilsTest {
void testSuccess_applyAdminUnlock_onlyHistoryEntry() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", null, true);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true);
RegistryLock unlock =
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", true, Optional.empty());
- domainLockUtils.verifyAndApplyUnlock(unlock.getVerificationCode(), true);
+ domainLockUtils.verifyVerificationCode(unlock.getVerificationCode(), true);
verifyProperlyUnlockedDomain(true);
}
@@ -196,7 +196,7 @@ public final class DomainLockUtilsTest {
void testSuccess_administrativelyUnlock_nonAdmin() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
domainLockUtils.administrativelyApplyUnlock(
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
verifyProperlyUnlockedDomain(false);
@@ -206,7 +206,7 @@ public final class DomainLockUtilsTest {
void testSuccess_administrativelyUnlock_admin() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", null, true);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true);
domainLockUtils.administrativelyApplyUnlock(
DOMAIN_NAME, "TheRegistrar", true, Optional.empty());
verifyProperlyUnlockedDomain(true);
@@ -220,7 +220,7 @@ public final class DomainLockUtilsTest {
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
RegistryLock newLock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- newLock = domainLockUtils.verifyAndApplyLock(newLock.getVerificationCode(), false);
+ newLock = domainLockUtils.verifyVerificationCode(newLock.getVerificationCode(), false);
assertThat(
getRegistryLockByRevisionId(oldLock.getRevisionId()).get().getRelock().getRevisionId())
.isEqualTo(newLock.getRevisionId());
@@ -254,7 +254,7 @@ public final class DomainLockUtilsTest {
RegistryLock lock =
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", false, Optional.of(standardHours(6)));
- domainLockUtils.verifyAndApplyUnlock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
cloudTasksHelper.assertTasksEnqueued(
QUEUE_ASYNC_ACTIONS,
new TaskMatcher()
@@ -304,7 +304,7 @@ public final class DomainLockUtilsTest {
void testFailure_createUnlock_alreadyPendingUnlock() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
@@ -323,7 +323,7 @@ public final class DomainLockUtilsTest {
void testFailure_createUnlock_nonAdminUnlockingAdmin() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", null, true);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true);
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
@@ -387,13 +387,15 @@ public final class DomainLockUtilsTest {
void testFailure_applyLock_alreadyApplied() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
domain = loadByEntity(domain);
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
- () -> domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false));
- assertThat(thrown).hasMessageThat().isEqualTo("Domain example.tld is already locked");
+ () -> domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false));
+ assertThat(thrown)
+ .hasMessageThat()
+ .isEqualTo("Lock/unlock with code 123456789ABCDEFGHJKLMNPQRSTUVWXY is already completed");
assertNoDomainChanges();
}
@@ -405,7 +407,7 @@ public final class DomainLockUtilsTest {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
- () -> domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true));
+ () -> domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true));
assertThat(thrown).hasMessageThat().isEqualTo("The pending lock has expired; please try again");
assertNoDomainChanges();
}
@@ -417,7 +419,7 @@ public final class DomainLockUtilsTest {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
- () -> domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false));
+ () -> domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false));
assertThat(thrown).hasMessageThat().isEqualTo("Non-admin user cannot complete admin lock");
assertNoDomainChanges();
}
@@ -426,17 +428,19 @@ public final class DomainLockUtilsTest {
void testFailure_applyUnlock_alreadyUnlocked() {
RegistryLock lock =
domainLockUtils.saveNewRegistryLockRequest(DOMAIN_NAME, "TheRegistrar", POC_ID, false);
- domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), false);
RegistryLock unlock =
domainLockUtils.saveNewRegistryUnlockRequest(
DOMAIN_NAME, "TheRegistrar", false, Optional.empty());
- domainLockUtils.verifyAndApplyUnlock(unlock.getVerificationCode(), false);
+ domainLockUtils.verifyVerificationCode(unlock.getVerificationCode(), false);
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
- () -> domainLockUtils.verifyAndApplyUnlock(unlock.getVerificationCode(), false));
- assertThat(thrown).hasMessageThat().isEqualTo("Domain example.tld is already unlocked");
+ () -> domainLockUtils.verifyVerificationCode(unlock.getVerificationCode(), false));
+ assertThat(thrown)
+ .hasMessageThat()
+ .isEqualTo("Lock/unlock with code Zabcdefghijkmnopqrstuvwxyz123456 is already completed");
assertNoDomainChanges();
}
@@ -451,7 +455,7 @@ public final class DomainLockUtilsTest {
IllegalArgumentException thrown =
assertThrows(
IllegalArgumentException.class,
- () -> domainLockUtils.verifyAndApplyLock(verificationCode, false));
+ () -> domainLockUtils.verifyVerificationCode(verificationCode, false));
assertThat(thrown).hasMessageThat().isEqualTo("Domain example.tld is already locked");
// Failure during the lock acquisition portion shouldn't affect the SQL object
diff --git a/core/src/test/java/google/registry/tools/UnlockDomainCommandTest.java b/core/src/test/java/google/registry/tools/UnlockDomainCommandTest.java
index 0bd54c69b..0fbddd48d 100644
--- a/core/src/test/java/google/registry/tools/UnlockDomainCommandTest.java
+++ b/core/src/test/java/google/registry/tools/UnlockDomainCommandTest.java
@@ -60,7 +60,7 @@ class UnlockDomainCommandTest extends CommandTestCase {
Domain domain = persistResource(DatabaseHelper.newDomain(domainName));
RegistryLock lock =
command.domainLockUtils.saveNewRegistryLockRequest(domainName, registrarId, null, true);
- command.domainLockUtils.verifyAndApplyLock(lock.getVerificationCode(), true);
+ command.domainLockUtils.verifyVerificationCode(lock.getVerificationCode(), true);
return reloadResource(domain);
}
diff --git a/core/src/test/java/google/registry/ui/server/console/ConsoleRegistryLockActionTest.java b/core/src/test/java/google/registry/ui/server/console/ConsoleRegistryLockActionTest.java
index 4b2b42a0a..f4cf3d831 100644
--- a/core/src/test/java/google/registry/ui/server/console/ConsoleRegistryLockActionTest.java
+++ b/core/src/test/java/google/registry/ui/server/console/ConsoleRegistryLockActionTest.java
@@ -73,11 +73,13 @@ import org.mockito.quality.Strictness;
@MockitoSettings(strictness = Strictness.LENIENT)
public class ConsoleRegistryLockActionTest {
- private static final String EMAIL_MESSAGE_TEMPLATE =
- "Please click the link below to perform the lock \\/ unlock action on domain example.test."
- + " Note: this code will expire in one hour.\n\n"
- + "https:\\/\\/registrarconsole.tld\\/console-api\\/registry-lock-verify\\?lockVerificationCode="
- + "[0-9a-zA-Z_\\-]+&isLock=(true|false)";
+ private static final String EXPECTED_EMAIL_MESSAGE =
+ """
+ Please click the link below to perform the lock / unlock action on domain example.test. \
+ Note: this code will expire in one hour.
+
+ https://registrarconsole.tld/console-api/registry-lock-verify?lockVerificationCode=\
+ 123456789ABCDEFGHJKLMNPQRSTUVWXY""";
private static final Gson GSON = RequestModule.provideGson();
@@ -542,7 +544,7 @@ public class ConsoleRegistryLockActionTest {
verify(gmailClient).sendEmail(emailCaptor.capture());
EmailMessage sentMessage = emailCaptor.getValue();
assertThat(sentMessage.subject()).matches("Registry (un)?lock verification");
- assertThat(sentMessage.body()).matches(EMAIL_MESSAGE_TEMPLATE);
+ assertThat(sentMessage.body()).isEqualTo(EXPECTED_EMAIL_MESSAGE);
assertThat(sentMessage.recipients())
.containsExactly(new InternetAddress("registrylock@theregistrar.com"));
}
diff --git a/core/src/test/java/google/registry/ui/server/registrar/RegistryLockPostActionTest.java b/core/src/test/java/google/registry/ui/server/registrar/RegistryLockPostActionTest.java
index 27b7f6f06..85f408493 100644
--- a/core/src/test/java/google/registry/ui/server/registrar/RegistryLockPostActionTest.java
+++ b/core/src/test/java/google/registry/ui/server/registrar/RegistryLockPostActionTest.java
@@ -77,11 +77,13 @@ import org.mockito.quality.Strictness;
@MockitoSettings(strictness = Strictness.LENIENT)
final class RegistryLockPostActionTest {
- private static final String EMAIL_MESSAGE_TEMPLATE =
- "Please click the link below to perform the lock \\/ unlock action on domain example.tld. "
- + "Note: this code will expire in one hour.\n\n"
- + "https:\\/\\/registrarconsole.tld\\/registry-lock-verify\\?lockVerificationCode="
- + "[0-9a-zA-Z_\\-]+&isLock=(true|false)";
+ private static final String EXPECTED_EMAIL_MESSAGE =
+ """
+ Please click the link below to perform the lock / unlock action on domain example.tld. Note: \
+ this code will expire in one hour.
+
+ https://registrarconsole.tld/registry-lock-verify?lockVerificationCode=\
+ 123456789ABCDEFGHJKLMNPQRSTUVWXY""";
private final FakeClock clock = new FakeClock();
@@ -498,7 +500,7 @@ final class RegistryLockPostActionTest {
verify(gmailClient).sendEmail(emailCaptor.capture());
EmailMessage sentMessage = emailCaptor.getValue();
assertThat(sentMessage.subject()).matches("Registry (un)?lock verification");
- assertThat(sentMessage.body()).matches(EMAIL_MESSAGE_TEMPLATE);
+ assertThat(sentMessage.body()).isEqualTo(EXPECTED_EMAIL_MESSAGE);
assertThat(sentMessage.recipients()).containsExactly(new InternetAddress(recipient));
}
diff --git a/core/src/test/java/google/registry/ui/server/registrar/RegistryLockVerifyActionTest.java b/core/src/test/java/google/registry/ui/server/registrar/RegistryLockVerifyActionTest.java
index ab4ce42b4..f6931ce45 100644
--- a/core/src/test/java/google/registry/ui/server/registrar/RegistryLockVerifyActionTest.java
+++ b/core/src/test/java/google/registry/ui/server/registrar/RegistryLockVerifyActionTest.java
@@ -92,7 +92,7 @@ final class RegistryLockVerifyActionTest {
Host host = persistActiveHost("ns1.example.net");
domain = persistResource(DatabaseHelper.newDomain("example.tld", host));
when(request.getRequestURI()).thenReturn("https://registry.example/registry-lock-verification");
- action = createAction(lockId, true);
+ action = createAction(lockId);
}
@Test
@@ -113,9 +113,14 @@ final class RegistryLockVerifyActionTest {
@Test
void testSuccess_unlockDomain() {
- action = createAction(lockId, false);
+ action = createAction(lockId);
domain = persistResource(domain.asBuilder().setStatusValues(REGISTRY_LOCK_STATUSES).build());
- saveRegistryLock(createLock().asBuilder().setUnlockRequestTime(fakeClock.nowUtc()).build());
+ saveRegistryLock(
+ createLock()
+ .asBuilder()
+ .setLockCompletionTime(fakeClock.nowUtc())
+ .setUnlockRequestTime(fakeClock.nowUtc())
+ .build());
action.run();
assertThat(response.getStatus()).isEqualTo(SC_OK);
assertThat(response.getPayload()).contains("Success: unlock has been applied to example.tld");
@@ -154,7 +159,8 @@ final class RegistryLockVerifyActionTest {
void testFailure_alreadyVerified() {
saveRegistryLock(createLock().asBuilder().setLockCompletionTime(fakeClock.nowUtc()).build());
action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already locked");
+ assertThat(response.getPayload())
+ .contains("Lock/unlock with code 123456789ABCDEFGHJKLMNPQRSTUVWXY is already completed");
assertNoDomainChanges();
}
@@ -178,7 +184,7 @@ final class RegistryLockVerifyActionTest {
@Test
void testFailure_alreadyUnlocked() {
- action = createAction(lockId, false);
+ action = createAction(lockId);
saveRegistryLock(
createLock()
.asBuilder()
@@ -187,7 +193,8 @@ final class RegistryLockVerifyActionTest {
.setUnlockCompletionTime(fakeClock.nowUtc())
.build());
action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already unlocked");
+ assertThat(response.getPayload())
+ .contains("Lock/unlock with code 123456789ABCDEFGHJKLMNPQRSTUVWXY is already completed");
assertNoDomainChanges();
}
@@ -228,27 +235,6 @@ final class RegistryLockVerifyActionTest {
assertThat(afterAction).isEqualTo(lock);
}
- @Test
- void testFailure_isLockTrue_shouldBeFalse() {
- domain = persistResource(domain.asBuilder().setStatusValues(REGISTRY_LOCK_STATUSES).build());
- saveRegistryLock(
- createLock()
- .asBuilder()
- .setLockCompletionTime(fakeClock.nowUtc())
- .setUnlockRequestTime(fakeClock.nowUtc())
- .build());
- action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already locked");
- }
-
- @Test
- void testFailure_isLockFalse_shouldBeTrue() {
- action = createAction(lockId, false);
- saveRegistryLock(createLock());
- action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already unlocked");
- }
-
@Test
void testFailure_lock_unlock_lockAgain() {
RegistryLock lock = saveRegistryLock(createLock());
@@ -256,14 +242,15 @@ final class RegistryLockVerifyActionTest {
assertThat(response.getPayload()).contains("Success: lock has been applied to example.tld");
String unlockVerificationCode = "some-unlock-code";
saveRegistryLock(
- lock.asBuilder()
+ loadByEntity(lock)
+ .asBuilder()
.setVerificationCode(unlockVerificationCode)
.setUnlockRequestTime(fakeClock.nowUtc())
.build());
- action = createAction(unlockVerificationCode, false);
+ action = createAction(unlockVerificationCode);
action.run();
assertThat(response.getPayload()).contains("Success: unlock has been applied to example.tld");
- action = createAction(lockId, true);
+ action = createAction(lockId);
action.run();
assertThat(response.getPayload()).contains("Failed: Invalid verification code");
}
@@ -273,22 +260,29 @@ final class RegistryLockVerifyActionTest {
saveRegistryLock(createLock());
action.run();
assertThat(response.getPayload()).contains("Success: lock has been applied to example.tld");
- action = createAction(lockId, true);
+ action = createAction(lockId);
action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already locked");
+ assertThat(response.getPayload())
+ .contains("Lock/unlock with code 123456789ABCDEFGHJKLMNPQRSTUVWXY is already completed");
}
@Test
void testFailure_unlock_unlockAgain() {
- action = createAction(lockId, false);
+ action = createAction(lockId);
domain = persistResource(domain.asBuilder().setStatusValues(REGISTRY_LOCK_STATUSES).build());
- saveRegistryLock(createLock().asBuilder().setUnlockRequestTime(fakeClock.nowUtc()).build());
+ saveRegistryLock(
+ createLock()
+ .asBuilder()
+ .setLockCompletionTime(fakeClock.nowUtc())
+ .setUnlockRequestTime(fakeClock.nowUtc())
+ .build());
action.run();
assertThat(response.getStatus()).isEqualTo(SC_OK);
assertThat(response.getPayload()).contains("Success: unlock has been applied to example.tld");
- action = createAction(lockId, false);
+ action = createAction(lockId);
action.run();
- assertThat(response.getPayload()).contains("Failed: Domain example.tld is already unlocked");
+ assertThat(response.getPayload())
+ .contains("Lock/unlock with code 123456789ABCDEFGHJKLMNPQRSTUVWXY is already completed");
}
private RegistryLock createLock() {
@@ -323,14 +317,13 @@ final class RegistryLockVerifyActionTest {
.build());
}
- private RegistryLockVerifyAction createAction(String lockVerificationCode, Boolean isLock) {
+ private RegistryLockVerifyAction createAction(String lockVerificationCode) {
response = new FakeResponse();
RegistryLockVerifyAction action =
new RegistryLockVerifyAction(
new DomainLockUtils(
stringGenerator, "adminreg", cloudTasksHelper.getTestCloudTasksUtils()),
- lockVerificationCode,
- isLock);
+ lockVerificationCode);
authResult = AuthResult.createUser(UserAuthInfo.create(user, false));
action.req = request;
action.response = response;