1
0
mirror of https://github.com/google/nomulus synced 2026-06-09 16:33:02 +00:00

Compare commits

...

4 Commits

Author SHA1 Message Date
Lai Jiang 85272a30a2 Use login email instead of GAE user ID for RegistrarPoc (#1852)
Switch to using the login email address instead of GAE user ID to
identify console users. The primary use cases are:

1) When the user logged in the registrar console, need to figure out
   which registrars they have access to (in
   AuthenticatedReigstrarAccess).

2) When a user tries to apply a registry lock, needs to know if they
   can (in RegistryLockGetAction).

Both cases are tested in alpha with a personal email address to ensure
it does not get the permission due to being a GAE admin account.

Also verified that the soy templates includes the hidden login email
form field instead of GAE user ID when registrars are displayed on the
console; and consequently when a contact update is posted to the server,
the login email is part of the JSON payload. Even though it does not
look like it is used in any way by RegistrarSettingsAction, which
receives the POST request. Like GAE user ID, the field is hidden, so
cannot be changed by the user from the console, it is also not used to
identify the RegistryPoc entity, whose composite keys are the contact
email and the registrar ID associated with it.

The login email address is backfilled for all RegistrarPocs that have a
non-null GAE user ID. The backfilled addresses converted to the same ID
as stored in the database.
2022-11-29 17:16:19 -05:00
gbrodman e3944d5d52 Rename AppEngineConnection to ServiceConnection (#1857)
It doesn't actually use any App Engine libraries or code -- it's just a
generic connection with authentication to a service. This also involves
changing that block of config to be "gcpProject" instead of "appEngine"
since it's more generic.

Note: this will require an internal PR as well to change the
corresponding private config block
2022-11-28 15:46:51 -05:00
sarahcaseybot 124a3d83ba Remove package token on manual transfer approval (#1819)
* Remove package token on manual transfer approval

* remove extra variables

* Add back white space

* Don't overwrite existingDomain

* Format fixes, use available helper variables

* Use PACKAGE allocation tokens in tests

* Refactor

* Fix merge conflicts

* Dont overwrite existingRecurring
2022-11-28 15:30:55 -05:00
Pavlo Tkach 99cbb862dc remove jpaTransactionManagerType rde pipeline param (#1860) 2022-11-28 12:13:45 -05:00
64 changed files with 402 additions and 341 deletions
@@ -103,13 +103,13 @@ public final class RegistryConfig {
@Provides
@Config("projectId")
public static String provideProjectId(RegistryConfigSettings config) {
return config.appEngine.projectId;
return config.gcpProject.projectId;
}
@Provides
@Config("locationId")
public static String provideLocationId(RegistryConfigSettings config) {
return config.appEngine.locationId;
return config.gcpProject.locationId;
}
/**
@@ -1325,7 +1325,7 @@ public final class RegistryConfig {
/** Returns the App Engine project ID, which is based off the environment name. */
public static String getProjectId() {
return CONFIG_SETTINGS.get().appEngine.projectId;
return CONFIG_SETTINGS.get().gcpProject.projectId;
}
/**
@@ -1338,7 +1338,7 @@ public final class RegistryConfig {
}
public static boolean areServersLocal() {
return CONFIG_SETTINGS.get().appEngine.isLocal;
return CONFIG_SETTINGS.get().gcpProject.isLocal;
}
/**
@@ -1347,7 +1347,7 @@ public final class RegistryConfig {
* <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
*/
public static URL getDefaultServer() {
return makeUrl(CONFIG_SETTINGS.get().appEngine.defaultServiceUrl);
return makeUrl(CONFIG_SETTINGS.get().gcpProject.defaultServiceUrl);
}
/**
@@ -1356,7 +1356,7 @@ public final class RegistryConfig {
* <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
*/
public static URL getBackendServer() {
return makeUrl(CONFIG_SETTINGS.get().appEngine.backendServiceUrl);
return makeUrl(CONFIG_SETTINGS.get().gcpProject.backendServiceUrl);
}
/**
@@ -1365,7 +1365,7 @@ public final class RegistryConfig {
* <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
*/
public static URL getToolsServer() {
return makeUrl(CONFIG_SETTINGS.get().appEngine.toolsServiceUrl);
return makeUrl(CONFIG_SETTINGS.get().gcpProject.toolsServiceUrl);
}
/**
@@ -1374,7 +1374,7 @@ public final class RegistryConfig {
* <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
*/
public static URL getPubapiServer() {
return makeUrl(CONFIG_SETTINGS.get().appEngine.pubapiServiceUrl);
return makeUrl(CONFIG_SETTINGS.get().gcpProject.pubapiServiceUrl);
}
/** Returns the amount of time a singleton should be cached, before expiring. */
@@ -21,7 +21,7 @@ import java.util.Set;
/** The POJO that YAML config files are deserialized into. */
public class RegistryConfigSettings {
public AppEngine appEngine;
public GcpProject gcpProject;
public GSuite gSuite;
public OAuth oAuth;
public CredentialOAuth credentialOAuth;
@@ -45,8 +45,8 @@ public class RegistryConfigSettings {
public DnsUpdate dnsUpdate;
public PackageMonitoring packageMonitoring;
/** Configuration options that apply to the entire App Engine project. */
public static class AppEngine {
/** Configuration options that apply to the entire GCP project. */
public static class GcpProject {
public String projectId;
public String locationId;
public boolean isLocal;
@@ -5,12 +5,12 @@
# to override some of these values to configure and enable some services used in
# production environments.
appEngine:
# Globally unique App Engine project ID
gcpProject:
# Globally unique GCP project ID
projectId: registry-project-id
# Location of the App engine project, note that us-central1 and europe-west1 are special in that
# they are used without the trailing number in App Engine commands and Google Cloud Console.
# See: https://cloud.google.com/appengine/docs/locations
# Location of the GCP project, note that us-central1 and europe-west1 are special in that
# they are used without the trailing number in GCP commands and Google Cloud Console.
# See: https://cloud.google.com/appengine/docs/locations as an example
locationId: registry-location-id
# whether to use local/test credentials when connecting to the servers
@@ -2,7 +2,7 @@
# This is the same as what Google Registry runs in production, except with
# placeholders for Google-specific settings.
appEngine:
gcpProject:
projectId: placeholder
# Set to true if running against local servers (localhost)
isLocal: false
@@ -49,6 +49,7 @@ import google.registry.model.billing.BillingEvent;
import google.registry.model.billing.BillingEvent.Flag;
import google.registry.model.billing.BillingEvent.Reason;
import google.registry.model.billing.BillingEvent.Recurring;
import google.registry.model.billing.BillingEvent.RenewalPriceBehavior;
import google.registry.model.domain.Domain;
import google.registry.model.domain.DomainHistory;
import google.registry.model.domain.GracePeriod;
@@ -67,6 +68,7 @@ import google.registry.model.transfer.DomainTransferData;
import google.registry.model.transfer.TransferStatus;
import java.util.Optional;
import javax.inject.Inject;
import org.joda.money.Money;
import org.joda.time.DateTime;
/**
@@ -147,6 +149,8 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
Recurring existingRecurring = tm().loadByKey(existingDomain.getAutorenewBillingEvent());
HistoryEntryId domainHistoryId = createHistoryEntryId(existingDomain);
historyBuilder.setRevisionId(domainHistoryId.getRevisionId());
boolean hasPackageToken = existingDomain.getCurrentPackageToken().isPresent();
Money renewalPrice = hasPackageToken ? null : existingRecurring.getRenewalPrice().orElse(null);
Optional<BillingEvent.OneTime> billingEvent =
transferData.getTransferPeriod().getValue() == 0
? Optional.empty()
@@ -162,12 +166,16 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
Registry.get(tld),
targetId,
transferData.getTransferRequestTime(),
existingRecurring)
// When removing a domain from a package it should return to the
// default recurring billing behavior so the existing recurring
// billing event should not be passed in.
hasPackageToken ? null : existingRecurring)
.getRenewCost())
.setEventTime(now)
.setBillingTime(now.plus(Registry.get(tld).getTransferGracePeriodLength()))
.setDomainHistoryId(domainHistoryId)
.build());
ImmutableList.Builder<ImmutableObject> entitiesToSave = new ImmutableList.Builder<>();
// If we are within an autorenew grace period, cancel the autorenew billing event and don't
// increase the registration time, since the transfer subsumes the autorenew's extra year.
@@ -198,8 +206,11 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
.setTargetId(targetId)
.setRegistrarId(gainingRegistrarId)
.setEventTime(newExpirationTime)
.setRenewalPriceBehavior(existingRecurring.getRenewalPriceBehavior())
.setRenewalPrice(existingRecurring.getRenewalPrice().orElse(null))
.setRenewalPriceBehavior(
hasPackageToken
? RenewalPriceBehavior.DEFAULT
: existingRecurring.getRenewalPriceBehavior())
.setRenewalPrice(renewalPrice)
.setRecurrenceEndTime(END_OF_TIME)
.setDomainHistoryId(domainHistoryId)
.build();
@@ -243,7 +254,11 @@ public final class DomainTransferApproveFlow implements TransactionalFlow {
.orElseGet(ImmutableSet::of))
.setLastEppUpdateTime(now)
.setLastEppUpdateRegistrarId(registrarId)
// Even if the existing domain had a package token, that package token should be removed
// on transfer
.setCurrentPackageToken(null)
.build();
Registry registry = Registry.get(existingDomain.getTld());
DomainHistory domainHistory = buildDomainHistory(newDomain, registry, now, gainingRegistrarId);
// Create a poll message for the gaining client.
@@ -15,7 +15,6 @@
package google.registry.model;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import static com.google.common.collect.ImmutableList.toImmutableList;
import static google.registry.model.tld.Registry.TldState.GENERAL_AVAILABILITY;
@@ -30,7 +29,6 @@ import com.google.common.collect.ImmutableSortedMap;
import com.google.common.collect.Sets;
import com.google.common.collect.Streams;
import google.registry.config.RegistryEnvironment;
import google.registry.model.common.GaeUserIdConverter;
import google.registry.model.pricing.StaticPremiumListPricingEngine;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarAddress;
@@ -77,14 +75,14 @@ public final class OteAccountBuilder {
* Validation regex for registrar base client IDs (3-14 lowercase alphanumeric characters).
*
* <p>The base client ID is appended with numbers to create four different test registrar accounts
* (e.g. reg-1, reg-3, reg-4, reg-5). Registrar client IDs are of type clIDType in eppcom.xsd
* (e.g. reg-1, reg-3, reg-4, reg-5). Registrar client IDs are of type clIDType in eppcom.xsd
* which is limited to 16 characters, hence the limit of 14 here to account for the dash and
* numbers.
*
* <p>The base client ID is also used to generate the OT&E TLDs, hence the restriction to
* lowercase alphanumeric characters.
*/
private static final Pattern REGISTRAR_PATTERN = Pattern.compile("^[a-z0-9]{3,14}$");
private static final Pattern REGISTRAR_PATTERN = Pattern.compile("^[a-z\\d]{3,14}$");
// Durations are short so that registrars can test with quick transfer (etc.) turnaround.
private static final Duration SHORT_ADD_GRACE_PERIOD = Duration.standardMinutes(60);
@@ -179,17 +177,11 @@ public final class OteAccountBuilder {
* <p>NOTE: can be called more than once, adding multiple contacts. Each contact will have access
* to all OT&amp;E Registrars.
*
* @param email the contact email that will have web-console access to all the Registrars. Must be
* from "our G Suite domain" (we have to be able to get its GaeUserId)
* @param email the contact/login email that will have web-console access to all the Registrars.
* Must be from "our G Suite domain".
*/
public OteAccountBuilder addContact(String email) {
String gaeUserId =
checkNotNull(
GaeUserIdConverter.convertEmailAddressToGaeUserId(email),
"Email address %s is not associated with any GAE ID",
email);
registrars.forEach(
registrar -> contactsBuilder.add(createRegistrarContact(email, gaeUserId, registrar)));
registrars.forEach(registrar -> contactsBuilder.add(createRegistrarContact(email, registrar)));
return this;
}
@@ -304,7 +296,7 @@ public final class OteAccountBuilder {
TldState initialTldState,
boolean isEarlyAccess,
int roidSuffix) {
String tldNameAlphaNumerical = tldName.replaceAll("[^a-z0-9]", "");
String tldNameAlphaNumerical = tldName.replaceAll("[^a-z\\d]", "");
Optional<PremiumList> premiumList = PremiumListDao.getLatestRevision(DEFAULT_PREMIUM_LIST);
checkState(premiumList.isPresent(), "Couldn't find premium list %s.", DEFAULT_PREMIUM_LIST);
Registry.Builder builder =
@@ -348,13 +340,12 @@ public final class OteAccountBuilder {
.build();
}
private static RegistrarPoc createRegistrarContact(
String email, String gaeUserId, Registrar registrar) {
private static RegistrarPoc createRegistrarContact(String email, Registrar registrar) {
return new RegistrarPoc.Builder()
.setRegistrar(registrar)
.setName(email)
.setEmailAddress(email)
.setGaeUserId(gaeUserId)
.setLoginEmailAddress(email)
.build();
}
@@ -57,7 +57,7 @@ import javax.persistence.Table;
* set to true.
*/
@Entity
@Table(indexes = {@Index(columnList = "gaeUserId", name = "registrarpoc_gae_user_id_idx")})
@Table(indexes = @Index(columnList = "loginEmailAddress", name = "registrarpoc_login_email_idx"))
@IdClass(RegistrarPocId.class)
public class RegistrarPoc extends ImmutableObject implements Jsonifiable, UnsafeSerializable {
@@ -89,7 +89,7 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
}
Type(String display, boolean required) {
this.displayName = display;
displayName = display;
this.required = required;
}
}
@@ -97,7 +97,12 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
/** The name of the contact. */
String name;
/** The email address of the contact. */
/**
* The contact email address of the contact.
*
* <p>This is different from the login email which is assgined to the regstrar and cannot be
* changed.
*/
@Id String emailAddress;
@Id String registrarId;
@@ -118,13 +123,21 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
Set<Type> types;
/**
* A GAE user ID allowed to act as this registrar contact.
* A GAIA email address that was assigned to the registrar for console login purpose.
*
* <p>This can be derived from a known email address using http://email-to-gae-id.appspot.com.
* <p>We used to store the GAE user ID directly to identify the logged-in user in the registrar
* console, and relied on a hacky trick with datastore to get the ID from the email address when
* creating a {@link RegistrarPoc}. We switched to using the login email directly as each
* registrar is assigned a unique email address that is immutable (to them at least), so it is as
* good as an identifier as the ID itself, and it allows us to get rid of the datastore
* dependency.
*
* @see com.google.appengine.api.users.User#getUserId()
* <p>We backfilled all login email addresses for existing {@link RegistrarPoc}s that have a
* non-null GAE user ID. The backfill is done by first trying the {@link #emailAddress} field,
* then trying {@link #registrarId}+"@known-dasher_domain" and picking the ones that converted to
* the existing ID stored in the database.
*/
String gaeUserId;
String loginEmailAddress;
/**
* Whether this contact is publicly visible in WHOIS registrar query results as an Admin contact.
@@ -220,8 +233,8 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
return visibleInDomainWhoisAsAbuse;
}
public String getGaeUserId() {
return gaeUserId;
public String getLoginEmailAddress() {
return loginEmailAddress;
}
public Builder asBuilder() {
@@ -258,8 +271,8 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
* Types: [ADMIN, WHOIS]
* Visible in WHOIS as Admin contact: Yes
* Visible in WHOIS as Technical contact: No
* GAE-UserID: 1234567890
* Registrar-Console access: Yes
* Login Email Address: person@registry.example
* }</pre>
*/
public String toStringMultilinePlainText() {
@@ -289,10 +302,10 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
.append('\n');
result
.append("Registrar-Console access: ")
.append(getGaeUserId() != null ? "Yes" : "No")
.append(getLoginEmailAddress() != null ? "Yes" : "No")
.append('\n');
if (getGaeUserId() != null) {
result.append("GAE-UserID: ").append(getGaeUserId()).append('\n');
if (getLoginEmailAddress() != null) {
result.append("Login Email Address: ").append(getLoginEmailAddress()).append('\n');
}
return result.toString();
}
@@ -311,7 +324,7 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
.put("visibleInDomainWhoisAsAbuse", visibleInDomainWhoisAsAbuse)
.put("allowedToSetRegistryLockPassword", allowedToSetRegistryLockPassword)
.put("registryLockAllowed", isRegistryLockAllowed())
.put("gaeUserId", gaeUserId)
.put("loginEmailAddress", loginEmailAddress)
.build();
}
@@ -418,8 +431,8 @@ public class RegistrarPoc extends ImmutableObject implements Jsonifiable, Unsafe
return this;
}
public Builder setGaeUserId(String gaeUserId) {
getInstance().gaeUserId = gaeUserId;
public Builder setLoginEmailAddress(String loginEmailAddress) {
getInstance().loginEmailAddress = loginEmailAddress;
return this;
}
@@ -21,6 +21,7 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
import com.google.appengine.api.users.User;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Ascii;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.ImmutableSetMultimap;
import com.google.common.flogger.FluentLogger;
@@ -307,7 +308,7 @@ public class AuthenticatedRegistrarAccessor {
UserAuthInfo userAuthInfo = authResult.userAuthInfo().get();
if (userAuthInfo.appEngineUser().isPresent()) {
User user = userAuthInfo.appEngineUser().get();
logger.atInfo().log("Checking registrar contacts for user ID %s.", user.getUserId());
logger.atInfo().log("Checking registrar contacts for user ID %s.", user.getEmail());
// Find all registrars that have a registrar contact with this user's ID.
jpaTm()
@@ -315,11 +316,11 @@ public class AuthenticatedRegistrarAccessor {
() ->
jpaTm()
.query(
"SELECT r FROM Registrar r INNER JOIN RegistrarPoc rp ON "
+ "r.registrarId = rp.registrarId WHERE rp.gaeUserId = "
+ ":gaeUserId AND r.state != :state",
"SELECT r FROM Registrar r INNER JOIN RegistrarPoc rp ON r.registrarId ="
+ " rp.registrarId WHERE lower(rp.loginEmailAddress) = :email AND"
+ " r.state != :state",
Registrar.class)
.setParameter("gaeUserId", user.getUserId())
.setParameter("email", Ascii.toLowerCase(user.getEmail()))
.setParameter("state", State.DISABLED)
.getResultStream()
.forEach(registrar -> builder.put(registrar.getRegistrarId(), Role.OWNER)));
@@ -16,5 +16,5 @@ package google.registry.tools;
/** A command that can send HTTP requests to a backend module. */
public interface CommandWithConnection extends Command {
void setConnection(AppEngineConnection connection);
void setConnection(ServiceConnection connection);
}
@@ -51,10 +51,10 @@ final class CreateRegistrarCommand extends CreateOrUpdateRegistrarCommand
arity = 1)
boolean createGoogleGroups = true;
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -39,10 +39,10 @@ public class CreateRegistrarGroupsCommand extends ConfirmingCommand
private List<Registrar> registrars = new ArrayList<>();
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -66,7 +66,7 @@ public class CreateRegistrarGroupsCommand extends ConfirmingCommand
}
/** Calls the server endpoint to create groups for the specified registrar client id. */
static void executeOnServer(AppEngineConnection connection, String clientId) throws IOException {
static void executeOnServer(ServiceConnection connection, String clientId) throws IOException {
connection.sendPostRequest(
CreateGroupsAction.PATH,
ImmutableMap.of(CreateGroupsAction.CLIENT_ID_PARAM, clientId),
@@ -31,7 +31,7 @@ import java.util.List;
@Parameters(separators = " =", commandDescription = "Send an HTTP command to the nomulus server.")
class CurlCommand implements CommandWithConnection {
private AppEngineConnection connection;
private ServiceConnection connection;
// HTTP Methods that are acceptable for use as values for --method.
public enum Method {
@@ -76,7 +76,7 @@ class CurlCommand implements CommandWithConnection {
private Service service;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -90,7 +90,7 @@ class CurlCommand implements CommandWithConnection {
throw new IllegalArgumentException("You may not specify a body for a get method.");
}
AppEngineConnection connectionToService = connection.withService(service);
ServiceConnection connectionToService = connection.withService(service);
String response =
(method == Method.GET)
? connectionToService.sendGetRequest(path, ImmutableMap.<String, String>of())
@@ -60,7 +60,7 @@ abstract class EppToolCommand extends ConfirmingCommand
private List<XmlEppParameters> commands = new ArrayList<>();
private AppEngineConnection connection;
private ServiceConnection connection;
static class XmlEppParameters {
final String clientId;
@@ -97,7 +97,7 @@ abstract class EppToolCommand extends ConfirmingCommand
}
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -45,10 +45,10 @@ final class GenerateZoneFilesCommand implements CommandWithConnection, CommandWi
validateWith = DateParameter.class)
private DateTime exportDate = DateTime.now(UTC).minus(standardMinutes(2)).withTimeAtStartOfDay();
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -54,10 +54,10 @@ abstract class ListObjectsCommand implements CommandWithConnection, CommandWithR
description = "Whether to print full field names in header row (as opposed to aliases)")
private boolean fullFieldNames = false;
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -77,10 +77,10 @@ class LoadTestCommand extends ConfirmingCommand
description = "Time to run the load test in seconds.")
int runSeconds = DEFAULT_RUN_SECONDS;
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -19,7 +19,6 @@ import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Strings.isNullOrEmpty;
import static com.google.common.collect.ImmutableSet.toImmutableSet;
import static google.registry.util.CollectionUtils.nullToEmpty;
import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
import static google.registry.util.PreconditionsUtils.checkArgumentPresent;
import static java.nio.charset.StandardCharsets.UTF_8;
@@ -29,7 +28,6 @@ import com.google.common.base.Enums;
import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import google.registry.model.common.GaeUserIdConverter;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarPoc;
import google.registry.tools.params.OptionalPhoneNumberParameter;
@@ -48,6 +46,7 @@ import java.util.Set;
import javax.annotation.Nullable;
/** Command for CRUD operations on {@link Registrar} contact list fields. */
@SuppressWarnings("OptionalAssignedToNull")
@Parameters(
separators = " =",
commandDescription = "Create/read/update/delete the various contact lists for a Registrar.")
@@ -78,9 +77,19 @@ final class RegistrarPocCommand extends MutatingCommand {
private List<String> contactTypeNames;
@Nullable
@Parameter(names = "--email", description = "Contact email address.")
@Parameter(
names = "--email",
description =
"Contact email address. Required when creating a contact"
+ " and will be used as the console login email, if --login_email is not specified.")
String email;
@Nullable
@Parameter(
names = "--login_email",
description = "Console login email address. If not specified, --email will be used.")
String loginEmail;
@Nullable
@Parameter(
names = "--registry_lock_email",
@@ -168,13 +177,13 @@ final class RegistrarPocCommand extends MutatingCommand {
// If the contact_type parameter is not specified, we should not make any changes.
if (contactTypeNames == null) {
contactTypes = null;
// It appears that when the user specifies "--contact_type=" with no types following, JCommander
// sets contactTypeNames to a one-element list containing the empty string. This is strange, but
// we need to handle this by setting the contact types to the empty set. Also do this if
// contactTypeNames is empty, which is what I would hope JCommander would return in some future,
// better world.
// It appears that when the user specifies "--contact_type=" with no types following,
// JCommander sets contactTypeNames to a one-element list containing the empty string. This is
// strange, but we need to handle this by setting the contact types to the empty set. Also do
// this if contactTypeNames is empty, which is what I would hope JCommander would return in
// some future, better world.
} else if (contactTypeNames.isEmpty()
|| ((contactTypeNames.size() == 1) && contactTypeNames.get(0).isEmpty())) {
|| contactTypeNames.size() == 1 && contactTypeNames.get(0).isEmpty()) {
contactTypes = ImmutableSet.of();
} else {
contactTypes =
@@ -194,7 +203,7 @@ final class RegistrarPocCommand extends MutatingCommand {
break;
case CREATE:
stageEntityChange(null, createContact(registrar));
if ((visibleInDomainWhoisAsAbuse != null) && visibleInDomainWhoisAsAbuse) {
if (visibleInDomainWhoisAsAbuse != null && visibleInDomainWhoisAsAbuse) {
unsetOtherWhoisAbuseFlags(contacts, null);
}
break;
@@ -211,7 +220,7 @@ final class RegistrarPocCommand extends MutatingCommand {
"Cannot clear visible_in_domain_whois_as_abuse flag, as that would leave no domain"
+ " WHOIS abuse contacts; instead, set the flag on another contact");
stageEntityChange(oldContact, newContact);
if ((visibleInDomainWhoisAsAbuse != null) && visibleInDomainWhoisAsAbuse) {
if (visibleInDomainWhoisAsAbuse != null && visibleInDomainWhoisAsAbuse) {
unsetOtherWhoisAbuseFlags(contacts, oldContact.getEmailAddress());
}
break;
@@ -261,9 +270,7 @@ final class RegistrarPocCommand extends MutatingCommand {
builder.setTypes(nullToEmpty(contactTypes));
if (Objects.equals(allowConsoleAccess, Boolean.TRUE)) {
builder.setGaeUserId(checkArgumentNotNull(
GaeUserIdConverter.convertEmailAddressToGaeUserId(email),
String.format("Email address %s is not associated with any GAE ID", email)));
builder.setLoginEmailAddress(loginEmail == null ? email : loginEmail);
}
if (visibleInWhoisAsAdmin != null) {
builder.setVisibleInWhoisAsAdmin(visibleInWhoisAsAdmin);
@@ -311,11 +318,9 @@ final class RegistrarPocCommand extends MutatingCommand {
}
if (allowConsoleAccess != null) {
if (allowConsoleAccess.equals(Boolean.TRUE)) {
builder.setGaeUserId(checkArgumentNotNull(
GaeUserIdConverter.convertEmailAddressToGaeUserId(email),
String.format("Email address %s is not associated with any GAE ID", email)));
builder.setLoginEmailAddress(loginEmail == null ? email : loginEmail);
} else {
builder.setGaeUserId(null);
builder.setLoginEmailAddress(null);
}
}
if (allowedToSetRegistryLockPassword != null) {
@@ -80,7 +80,7 @@ final class RegistryCli implements AutoCloseable, CommandRunner {
RegistryToolComponent component;
// These are created lazily on first use.
private AppEngineConnection connection;
private ServiceConnection connection;
private RemoteApiInstaller installer;
// The "shell" command should only exist on first use - so that we can't run "shell" inside
@@ -225,10 +225,10 @@ final class RegistryCli implements AutoCloseable, CommandRunner {
}
}
private AppEngineConnection getConnection() {
private ServiceConnection getConnection() {
// Get the App Engine connection, advise the user if they are not currently logged in..
if (connection == null) {
connection = component.appEngineConnection();
connection = component.serviceConnection();
}
return connection;
}
@@ -176,7 +176,7 @@ interface RegistryToolComponent {
void inject(WhoisQueryCommand command);
AppEngineConnection appEngineConnection();
ServiceConnection serviceConnection();
@LocalCredentialJson
String googleCredentialJson();
@@ -106,7 +106,7 @@ public enum RegistryToolEnvironment {
// XXX: Kludge to stop processing once we reach what is *probably* the command name.
// This is necessary in order to allow commands to accept arguments named '-e'.
// This code should probably be updated, should any zero arity flags be added to
// RegistryCli, LoggingParameters, or AppEngineConnection.
// RegistryCli, LoggingParameters, or ServiceConnection.
if (args[i].startsWith("-")) {
expecting = !args[i].contains("=");
} else {
@@ -43,12 +43,12 @@ import javax.inject.Inject;
import org.json.simple.JSONValue;
/**
* An http connection to an appengine server.
* An HTTP connection to a service.
*
* <p>By default - connects to the TOOLS service. To create a Connection to another service, call
* the {@link #withService} function.
*/
public class AppEngineConnection {
public class ServiceConnection {
/** Pattern to heuristically extract title tag contents in HTML responses. */
private static final Pattern HTML_TITLE_TAG_PATTERN = Pattern.compile("<title>(.*?)</title>");
@@ -57,18 +57,18 @@ public class AppEngineConnection {
private final Service service;
@Inject
AppEngineConnection() {
ServiceConnection() {
service = Service.TOOLS;
}
private AppEngineConnection(Service service, HttpRequestFactory requestFactory) {
private ServiceConnection(Service service, HttpRequestFactory requestFactory) {
this.service = service;
this.requestFactory = requestFactory;
}
/** Returns a copy of this connection that talks to a different service. */
public AppEngineConnection withService(Service service) {
return new AppEngineConnection(service, requestFactory);
public ServiceConnection withService(Service service) {
return new ServiceConnection(service, requestFactory);
}
/** Returns the contents of the title tag in the given HTML, or null if not found. */
@@ -62,10 +62,10 @@ final class VerifyOteCommand implements CommandWithConnection, CommandWithRemote
description = "Only show a summary of information")
private boolean summarize;
private AppEngineConnection connection;
private ServiceConnection connection;
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -30,11 +30,11 @@ import google.registry.model.domain.Domain;
import google.registry.model.ofy.ObjectifyService;
import google.registry.model.reporting.HistoryEntry;
import google.registry.persistence.VKey;
import google.registry.tools.AppEngineConnection;
import google.registry.tools.CommandWithConnection;
import google.registry.tools.CommandWithRemoteApi;
import google.registry.tools.ConfirmingCommand;
import google.registry.tools.RemoteApiOptionsUtil;
import google.registry.tools.ServiceConnection;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URL;
@@ -88,7 +88,7 @@ public class CreateSyntheticDomainHistoriesCommand extends ConfirmingCommand
private static final ExecutorService executor = Executors.newFixedThreadPool(20);
private static final AtomicInteger numDomainsProcessed = new AtomicInteger();
private AppEngineConnection connection;
private ServiceConnection connection;
@Inject
@Config("registryAdminClientId")
@@ -170,7 +170,7 @@ public class CreateSyntheticDomainHistoriesCommand extends ConfirmingCommand
}
@Override
public void setConnection(AppEngineConnection connection) {
public void setConnection(ServiceConnection connection) {
this.connection = connection;
}
@@ -206,8 +206,8 @@ public final class RegistrarFormFields {
public static final FormField<String, String> CONTACT_FAX_NUMBER_FIELD =
FormFields.PHONE_NUMBER.asBuilderNamed("faxNumber").build();
public static final FormField<String, String> CONTACT_GAE_USER_ID_FIELD =
FormFields.NAME.asBuilderNamed("gaeUserId").build();
public static final FormField<String, String> CONTACT_LOGIN_EMAIL_ADDRESS_FIELD =
FormFields.NAME.asBuilderNamed("loginEmailAddress").build();
public static final FormField<Object, Boolean> CONTACT_ALLOWED_TO_SET_REGISTRY_LOCK_PASSWORD =
FormField.named("allowedToSetRegistryLockPassword", Object.class)
@@ -284,11 +284,15 @@ public final class RegistrarFormFields {
public static final FormField<Map<String, ?>, RegistrarAddress> L10N_ADDRESS_FIELD =
FormField.mapNamed("localizedAddress")
.transform(RegistrarAddress.class, (args) -> toNewAddress(
args, L10N_STREET_FIELD, L10N_CITY_FIELD, L10N_STATE_FIELD, L10N_ZIP_FIELD))
.transform(
RegistrarAddress.class,
args ->
toNewAddress(
args, L10N_STREET_FIELD, L10N_CITY_FIELD, L10N_STATE_FIELD, L10N_ZIP_FIELD))
.build();
private static @Nullable RegistrarAddress toNewAddress(
@Nullable
private static RegistrarAddress toNewAddress(
@Nullable Map<String, ?> args,
final FormField<List<String>, List<String>> streetField,
final FormField<String, String> cityField,
@@ -327,7 +331,8 @@ public final class RegistrarFormFields {
}
}
private static @Nullable String parseHostname(@Nullable String input) {
@Nullable
private static String parseHostname(@Nullable String input) {
if (input == null) {
return null;
}
@@ -337,7 +342,8 @@ public final class RegistrarFormFields {
return canonicalizeHostname(input);
}
public static @Nullable DateTime parseDateTime(@Nullable String input) {
@Nullable
public static DateTime parseDateTime(@Nullable String input) {
if (input == null) {
return null;
}
@@ -391,7 +397,8 @@ public final class RegistrarFormFields {
builder.setPhoneNumber(CONTACT_PHONE_NUMBER_FIELD.extractUntyped(args).orElse(null));
builder.setFaxNumber(CONTACT_FAX_NUMBER_FIELD.extractUntyped(args).orElse(null));
builder.setTypes(CONTACT_TYPES.extractUntyped(args).orElse(ImmutableSet.of()));
builder.setGaeUserId(CONTACT_GAE_USER_ID_FIELD.extractUntyped(args).orElse(null));
builder.setLoginEmailAddress(
CONTACT_LOGIN_EMAIL_ADDRESS_FIELD.extractUntyped(args).orElse(null));
// The parser is inconsistent with whether it retrieves boolean values as strings or booleans.
// As a result, use a potentially-redundant converter that can deal with both.
builder.setAllowedToSetRegistryLockPassword(
@@ -14,36 +14,40 @@
package google.registry.ui.server.registrar;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import static com.google.common.collect.ImmutableList.toImmutableList;
import static com.google.common.collect.ImmutableMap.toImmutableMap;
import static google.registry.model.common.GaeUserIdConverter.convertEmailAddressToGaeUserId;
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
import static google.registry.ui.server.SoyTemplateUtils.CSS_RENAMING_MAP_SUPPLIER;
import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
import com.google.common.base.Ascii;
import com.google.common.base.Splitter;
import com.google.common.base.Supplier;
import com.google.common.collect.ImmutableMap;
import com.google.common.flogger.FluentLogger;
import com.google.template.soy.tofu.SoyTofu;
import google.registry.config.RegistryEnvironment;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.Registrar.State;
import google.registry.model.registrar.RegistrarAddress;
import google.registry.model.registrar.RegistrarPoc;
import google.registry.request.Action;
import google.registry.request.Action.Method;
import google.registry.request.Action.Service;
import google.registry.request.Parameter;
import google.registry.request.auth.Auth;
import google.registry.request.auth.AuthenticatedRegistrarAccessor;
import google.registry.ui.server.SendEmailUtils;
import google.registry.ui.server.SoyTemplateUtils;
import google.registry.ui.soy.registrar.AnalyticsSoyInfo;
import google.registry.ui.soy.registrar.ConsoleSoyInfo;
import google.registry.ui.soy.registrar.ConsoleUtilsSoyInfo;
import google.registry.ui.soy.registrar.FormsSoyInfo;
import google.registry.ui.soy.registrar.RegistrarCreateConsoleSoyInfo;
import google.registry.util.StringGenerator;
import java.util.HashMap;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Stream;
import javax.inject.Inject;
import javax.inject.Named;
@@ -54,12 +58,9 @@ import org.joda.money.CurrencyUnit;
*
* <p>This Action does 2 things: - for GET, just returns the form that asks for the required
* information. - for POST, receives the information and creates the Registrar.
*
* <p>TODO(b/120201577): once we can have 2 different Actions with the same path (different
* Methods), separate this class to 2 Actions.
*/
@Action(
service = Action.Service.DEFAULT,
service = Service.DEFAULT,
path = ConsoleRegistrarCreatorAction.PATH,
method = {Method.POST, Method.GET},
auth = Auth.AUTH_PUBLIC)
@@ -74,11 +75,11 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
private static final Supplier<SoyTofu> TOFU_SUPPLIER =
SoyTemplateUtils.createTofuSupplier(
google.registry.ui.soy.registrar.AnalyticsSoyInfo.getInstance(),
google.registry.ui.soy.registrar.ConsoleSoyInfo.getInstance(),
google.registry.ui.soy.registrar.ConsoleUtilsSoyInfo.getInstance(),
google.registry.ui.soy.registrar.FormsSoyInfo.getInstance(),
google.registry.ui.soy.registrar.RegistrarCreateConsoleSoyInfo.getInstance());
AnalyticsSoyInfo.getInstance(),
ConsoleSoyInfo.getInstance(),
ConsoleUtilsSoyInfo.getInstance(),
FormsSoyInfo.getInstance(),
RegistrarCreateConsoleSoyInfo.getInstance());
@Inject AuthenticatedRegistrarAccessor registrarAccessor;
@Inject SendEmailUtils sendEmailUtils;
@@ -136,7 +137,7 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
return PATH;
}
private void checkPresent(Optional<?> value, String name) {
private static void checkPresent(Optional<?> value, String name) {
checkState(value.isPresent(), "Missing value for %s", name);
}
@@ -193,11 +194,6 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
optionalZip.ifPresent(zip -> data.put("zip", zip));
data.put("countryCode", countryCode.get());
String gaeUserId =
checkNotNull(
convertEmailAddressToGaeUserId(consoleUserEmail.get()),
"Email address %s is not associated with any GAE ID",
consoleUserEmail.get());
String password = optionalPassword.orElse(passwordGenerator.createString(PASSWORD_LENGTH));
String phonePasscode =
optionalPasscode.orElse(passcodeGenerator.createString(PASSCODE_LENGTH));
@@ -213,7 +209,7 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
.setType(Registrar.Type.REAL)
.setPassword(password)
.setPhonePasscode(phonePasscode)
.setState(Registrar.State.PENDING)
.setState(State.PENDING)
.setLocalizedAddress(
new RegistrarAddress.Builder()
.setStreet(
@@ -232,7 +228,7 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
.setRegistrar(registrar)
.setName(consoleUserEmail.get())
.setEmailAddress(consoleUserEmail.get())
.setGaeUserId(gaeUserId)
.setLoginEmailAddress(consoleUserEmail.get())
.build();
tm().transact(
() -> {
@@ -285,7 +281,7 @@ public final class ConsoleRegistrarCreatorAction extends HtmlAction {
.render());
}
private String toEmailLine(Optional<?> value, String name) {
private static String toEmailLine(Optional<?> value, String name) {
return String.format(" %s: %s\n", name, value.orElse(null));
}
private void sendExternalUpdates() {
@@ -24,6 +24,7 @@ import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
import com.google.appengine.api.users.User;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Ascii;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.flogger.FluentLogger;
@@ -123,16 +124,21 @@ public final class RegistryLockGetAction implements JsonGetAction {
static Optional<RegistrarPoc> getContactMatchingLogin(User user, Registrar registrar) {
ImmutableList<RegistrarPoc> matchingContacts =
registrar.getContacts().stream()
.filter(contact -> contact.getGaeUserId() != null)
.filter(contact -> Objects.equals(contact.getGaeUserId(), user.getUserId()))
.filter(contact -> contact.getLoginEmailAddress() != null)
.filter(
contact ->
Objects.equals(
Ascii.toLowerCase(contact.getLoginEmailAddress()),
Ascii.toLowerCase(user.getEmail())))
.collect(toImmutableList());
if (matchingContacts.size() > 1) {
ImmutableList<String> matchingEmails =
matchingContacts.stream().map(RegistrarPoc::getEmailAddress).collect(toImmutableList());
throw new IllegalArgumentException(
String.format(
"User ID %s had multiple matching contacts with email addresses %s",
user.getUserId(), matchingEmails));
"User with login email %s had multiple matching contacts with contact email addresses"
+ " %s",
user.getEmail(), matchingEmails));
}
return matchingContacts.stream().findFirst();
}
@@ -188,7 +194,7 @@ public final class RegistryLockGetAction implements JsonGetAction {
getLockedDomains(registrarId, isAdmin));
}
private ImmutableList<ImmutableMap<String, ?>> getLockedDomains(
private static ImmutableList<ImmutableMap<String, ?>> getLockedDomains(
String registrarId, boolean isAdmin) {
return jpaTm()
.transact(
@@ -199,7 +205,7 @@ public final class RegistryLockGetAction implements JsonGetAction {
.collect(toImmutableList()));
}
private ImmutableMap<String, ?> lockToMap(RegistryLock lock, boolean isAdmin) {
private static ImmutableMap<String, ?> lockToMap(RegistryLock lock, boolean isAdmin) {
DateTime now = jpaTm().getTransactionTime();
return new ImmutableMap.Builder<String, Object>()
.put(DOMAIN_NAME_PARAM, lock.getDomainName())
@@ -11,12 +11,6 @@
"^PRODUCTION|SANDBOX|CRASH|QA|ALPHA$"
]
},
{
"name": "jpaTransactionManagerType",
"label": "The type of JPA transaction manager to use",
"helpText": "The standard SQL instance or a read-only replica may be used",
"regexes": ["^REGULAR|READ_ONLY_REPLICA$"]
},
{
"name": "pendings",
"label": "The pendings deposits to generate.",
@@ -183,8 +183,8 @@
{/call}
{/if}
</table>
{if isNonnull($item['gaeUserId'])}
<input type="hidden" name="{$namePrefix}gaeUserId" value="{$item['gaeUserId']}">
{if isNonnull($item['loginEmailAddress'])}
<input type="hidden" name="{$namePrefix}loginEmailAddress" value="{$item['loginEmailAddress']}">
{/if}
</div>
{/template}
@@ -84,7 +84,7 @@ public class RelockDomainActionTest {
AppEngineExtension.builder()
.withCloudSql()
.withTaskQueue()
.withUserService(UserInfo.create(POC_ID, "12345"))
.withUserService(UserInfo.create(POC_ID))
.build();
private Domain domain;
@@ -169,7 +169,7 @@ public class SyncRegistrarsSheetTest {
// distinction to make sure we're not relying on it. Sigh.
.setVisibleInWhoisAsAdmin(false)
.setVisibleInWhoisAsTech(true)
.setGaeUserId("light")
.setLoginEmailAddress("john.doe@example.tld")
.build(),
new RegistrarPoc.Builder()
.setRegistrar(registrar)
@@ -217,7 +217,7 @@ public class SyncRegistrarsSheetTest {
+ "Phone number and email visible in domain WHOIS query as "
+ "Registrar Abuse contact info: No\n"
+ "Registrar-Console access: Yes\n"
+ "GAE-UserID: light\n");
+ "Login Email Address: john.doe@example.tld\n");
assertThat(row)
.containsEntry(
"techContacts",
@@ -262,7 +262,7 @@ public class SyncRegistrarsSheetTest {
+ "Phone number and email visible in domain WHOIS query as "
+ "Registrar Abuse contact info: No\n"
+ "Registrar-Console access: Yes\n"
+ "GAE-UserID: light\n");
+ "Login Email Address: john.doe@example.tld\n");
assertThat(row).containsEntry("emailAddress", "nowhere@example.org");
assertThat(row).containsEntry(
"address.street", "I get fallen back upon since there's no l10n addr");
@@ -16,6 +16,8 @@ package google.registry.flows.domain;
import static com.google.common.collect.MoreCollectors.onlyElement;
import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth8.assertThat;
import static google.registry.model.domain.token.AllocationToken.TokenType.PACKAGE;
import static google.registry.model.domain.token.AllocationToken.TokenType.SINGLE_USE;
import static google.registry.model.domain.token.AllocationToken.TokenType.UNLIMITED_USE;
import static google.registry.model.reporting.DomainTransactionRecord.TransactionReportField.NET_ADDS_4_YR;
@@ -374,11 +376,91 @@ class DomainTransferApproveFlowTest
dryRunFlowAssertResponse(loadFile("domain_transfer_approve_response.xml"));
}
@Test
void testDryRun_PackageDomain() throws Exception {
AllocationToken allocationToken =
persistResource(
new AllocationToken.Builder()
.setToken("abc123")
.setTokenType(PACKAGE)
.setRenewalPriceBehavior(RenewalPriceBehavior.SPECIFIED)
.setAllowedRegistrarIds(ImmutableSet.of("TheRegistrar"))
.build());
domain = reloadResourceByForeignKey();
persistResource(
loadByKey(domain.getAutorenewBillingEvent())
.asBuilder()
.setRenewalPriceBehavior(RenewalPriceBehavior.SPECIFIED)
.setRenewalPrice(Money.of(USD, new BigDecimal("10.00")))
.build());
persistResource(
domain.asBuilder().setCurrentPackageToken(allocationToken.createVKey()).build());
clock.advanceOneMilli();
setEppInput("domain_transfer_approve_wildcard.xml", ImmutableMap.of("DOMAIN", "example.tld"));
dryRunFlowAssertResponse(loadFile("domain_transfer_approve_response.xml"));
}
@Test
void testSuccess() throws Exception {
doSuccessfulTest("tld", "domain_transfer_approve.xml", "domain_transfer_approve_response.xml");
}
@Test
void testSuccess_removesPackageToken() throws Exception {
AllocationToken allocationToken =
persistResource(
new AllocationToken.Builder()
.setToken("abc123")
.setTokenType(PACKAGE)
.setRenewalPriceBehavior(RenewalPriceBehavior.SPECIFIED)
.setAllowedRegistrarIds(ImmutableSet.of("TheRegistrar"))
.build());
domain = reloadResourceByForeignKey();
persistResource(
loadByKey(domain.getAutorenewBillingEvent())
.asBuilder()
.setRenewalPriceBehavior(RenewalPriceBehavior.SPECIFIED)
.setRenewalPrice(Money.of(USD, new BigDecimal("10.00")))
.build());
persistResource(
domain.asBuilder().setCurrentPackageToken(allocationToken.createVKey()).build());
clock.advanceOneMilli();
setEppInput("domain_transfer_approve_wildcard.xml", ImmutableMap.of("DOMAIN", "example.tld"));
DateTime now = clock.nowUtc();
runFlowAssertResponse(loadFile("domain_transfer_approve_response.xml"));
domain = reloadResourceByForeignKey();
DomainHistory acceptHistory =
getOnlyHistoryEntryOfType(domain, DOMAIN_TRANSFER_APPROVE, DomainHistory.class);
assertBillingEventsForResource(
domain,
new BillingEvent.OneTime.Builder()
.setBillingTime(now.plusDays(5))
.setEventTime(now)
.setRegistrarId("NewRegistrar")
.setCost(Money.of(USD, new BigDecimal("11.00")))
.setDomainHistory(acceptHistory)
.setReason(Reason.TRANSFER)
.setPeriodYears(1)
.setTargetId("example.tld")
.build(),
getGainingClientAutorenewEvent()
.asBuilder()
.setRenewalPriceBehavior(RenewalPriceBehavior.DEFAULT)
.setRenewalPrice(null)
.setDomainHistory(acceptHistory)
.build(),
getLosingClientAutorenewEvent()
.asBuilder()
.setRecurrenceEndTime(now)
.setRenewalPriceBehavior(RenewalPriceBehavior.SPECIFIED)
.setRenewalPrice(Money.of(USD, new BigDecimal("10.00")))
.build());
assertThat(domain.getCurrentPackageToken()).isEmpty();
assertThat(domain.getCurrentSponsorRegistrarId()).isEqualTo("NewRegistrar");
assertThat(loadByKey(domain.getAutorenewBillingEvent()).getRenewalPriceBehavior())
.isEqualTo(RenewalPriceBehavior.DEFAULT);
}
@Test
void testSuccess_nonDefaultTransferGracePeriod() throws Exception {
// We have to set up a new domain in a different TLD so that the billing event will be persisted
@@ -64,7 +64,7 @@ public final class OteAccountBuilderTest {
persistPremiumList("default_sandbox_list", USD, "sandbox,USD 1000");
}
private void assertTldExists(String tld, TldState tldState, Money eapFee) {
private static void assertTldExists(String tld, TldState tldState, Money eapFee) {
Registry registry = Registry.get(tld);
assertThat(registry).isNotNull();
assertThat(registry.getPremiumListName()).hasValue("default_sandbox_list");
@@ -80,7 +80,7 @@ public final class OteAccountBuilderTest {
.isEqualTo(eapFee.getAmount());
}
private void assertRegistrarExists(String registrarId, String tld) {
private static void assertRegistrarExists(String registrarId, String tld) {
Registrar registrar = Registrar.loadByRegistrarId(registrarId).orElse(null);
assertThat(registrar).isNotNull();
assertThat(registrar.getType()).isEqualTo(Registrar.Type.OTE);
@@ -88,7 +88,7 @@ public final class OteAccountBuilderTest {
assertThat(registrar.getAllowedTlds()).containsExactly(tld);
}
private void assertContactExists(String registrarId, String email) {
private static void assertContactExists(String registrarId, String email) {
Registrar registrar = Registrar.loadByRegistrarId(registrarId).get();
assertThat(registrar.getContacts().stream().map(RegistrarPoc::getEmailAddress)).contains(email);
RegistrarPoc contact =
@@ -97,7 +97,7 @@ public final class OteAccountBuilderTest {
.findAny()
.get();
assertThat(contact.getEmailAddress()).isEqualTo(email);
assertThat(contact.getGaeUserId()).isNotEmpty();
assertThat(contact.getLoginEmailAddress()).isEqualTo(email);
}
@Test
@@ -43,7 +43,6 @@ import google.registry.util.Clock;
import java.io.File;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.sql.Connection;
import java.sql.Driver;
@@ -90,9 +89,6 @@ abstract class JpaTransactionManagerExtension implements BeforeEachCallback, Aft
// is documented in PSQL's official user guide.
private static final String CONNECTION_BACKEND_TYPE = "client backend";
private static final int ACTIVE_CONNECTIONS_CAP = 5;
public static final String NEW_REGISTRAR_GAE_USER_ID = "666";
public static final String THE_REGISTRAR_GAE_USER_ID = "31337";
public static final String MARLA_SINGER_GAE_USER_ID = "12345";
private final Clock clock;
private final Optional<String> initScriptPath;
@@ -171,7 +167,7 @@ abstract class JpaTransactionManagerExtension implements BeforeEachCallback, Aft
File tempSqlFile = File.createTempFile("tempSqlFile", ".sql");
tempSqlFile.deleteOnExit();
exporter.export(extraEntityClasses, tempSqlFile);
executeSql(new String(Files.readAllBytes(tempSqlFile.toPath()), StandardCharsets.UTF_8));
executeSql(Files.readString(tempSqlFile.toPath()));
}
assertReasonableNumDbConnections();
emf = createEntityManagerFactory(getJpaProperties());
@@ -308,7 +304,7 @@ abstract class JpaTransactionManagerExtension implements BeforeEachCallback, Aft
private static String getJdbcUrl() {
// Disable Postgres driver use of java.util.logging to reduce noise at startup time
return "jdbc:postgresql://"
+ database.getContainerIpAddress()
+ database.getHost()
+ ":"
+ database.getMappedPort(POSTGRESQL_PORT)
+ "/"
@@ -411,7 +407,7 @@ abstract class JpaTransactionManagerExtension implements BeforeEachCallback, Aft
.setEmailAddress("johndoe@theregistrar.com")
.setPhoneNumber("+1.1234567890")
.setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
.setGaeUserId(THE_REGISTRAR_GAE_USER_ID)
.setLoginEmailAddress("johndoe@theregistrar.com")
.build();
}
@@ -423,7 +419,7 @@ abstract class JpaTransactionManagerExtension implements BeforeEachCallback, Aft
.setRegistryLockEmailAddress("Marla.Singer.RegistryLock@crr.com")
.setPhoneNumber("+1.2128675309")
.setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
.setGaeUserId(MARLA_SINGER_GAE_USER_ID)
.setLoginEmailAddress("Marla.Singer@crr.com")
.setAllowedToSetRegistryLockPassword(true)
.setRegistryLockPassword("hi")
.build();
@@ -55,7 +55,7 @@ public final class RequestHandlerTest {
final AppEngineExtension appEngine =
AppEngineExtension.builder()
.withCloudSql()
.withUserService(UserInfo.create("test@example.com", "test@example.com"))
.withUserService(UserInfo.create("test@example.com"))
.build();
@Action(
@@ -17,7 +17,6 @@ package google.registry.request.auth;
import static com.google.common.truth.Truth.assertThat;
import static google.registry.request.auth.AuthenticatedRegistrarAccessor.Role.ADMIN;
import static google.registry.request.auth.AuthenticatedRegistrarAccessor.Role.OWNER;
import static google.registry.testing.AppEngineExtension.THE_REGISTRAR_GAE_USER_ID;
import static google.registry.testing.DatabaseHelper.loadRegistrar;
import static google.registry.testing.DatabaseHelper.persistResource;
import static google.registry.testing.LogsSubject.assertAboutLogs;
@@ -94,14 +93,7 @@ class AuthenticatedRegistrarAccessorTest {
private static AuthResult createAuthResult(boolean isAdmin) {
return AuthResult.create(
AuthLevel.USER,
UserAuthInfo.create(
new User(
String.format(
"%s@gmail.com",
isAdmin ? "admin" : "user"),
"gmail.com",
THE_REGISTRAR_GAE_USER_ID),
isAdmin));
UserAuthInfo.create(new User("johndoe@theregistrar.com", "theregistrar.com"), isAdmin));
}
@BeforeEach
@@ -195,7 +187,8 @@ class AuthenticatedRegistrarAccessorTest {
*/
@Test
void getAllRegistrarIdWithAccess_userInSupportGroup() {
when(groupsConnection.isMemberOfGroup("user@gmail.com", SUPPORT_GROUP.get())).thenReturn(true);
when(groupsConnection.isMemberOfGroup("johndoe@theregistrar.com", SUPPORT_GROUP.get()))
.thenReturn(true);
AuthenticatedRegistrarAccessor registrarAccessor =
new AuthenticatedRegistrarAccessor(
USER, ADMIN_REGISTRAR_ID, SUPPORT_GROUP, lazyGroupsConnection);
@@ -233,7 +226,7 @@ class AuthenticatedRegistrarAccessorTest {
new AuthenticatedRegistrarAccessor(
USER, ADMIN_REGISTRAR_ID, SUPPORT_GROUP, lazyGroupsConnection);
verify(groupsConnection).isMemberOfGroup("user@gmail.com", SUPPORT_GROUP.get());
verify(groupsConnection).isMemberOfGroup("johndoe@theregistrar.com", SUPPORT_GROUP.get());
assertThat(registrarAccessor.getAllRegistrarIdsWithRoles())
.containsExactly(REGISTRAR_ID_WITH_CONTACT, OWNER);
verify(lazyGroupsConnection).get();
@@ -245,7 +238,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarFailure(
REAL_REGISTRAR_ID_WITHOUT_CONTACT,
USER,
"user user@gmail.com doesn't have access to registrar NewRegistrar");
"user johndoe@theregistrar.com doesn't have access to registrar NewRegistrar");
verify(lazyGroupsConnection).get();
}
@@ -260,7 +253,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarFailure(
REGISTRAR_ID_WITH_CONTACT,
USER,
"user user@gmail.com doesn't have access to registrar TheRegistrar");
"user johndoe@theregistrar.com doesn't have access to registrar TheRegistrar");
verify(lazyGroupsConnection).get();
}
@@ -270,7 +263,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarFailure(
OTE_REGISTRAR_ID_WITHOUT_CONTACT,
USER,
"user user@gmail.com doesn't have access to registrar OteRegistrar");
"user johndoe@theregistrar.com doesn't have access to registrar OteRegistrar");
verify(lazyGroupsConnection).get();
}
@@ -290,7 +283,19 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarSuccess(
REGISTRAR_ID_WITH_CONTACT,
USER,
"user user@gmail.com has [OWNER] access to registrar TheRegistrar");
"user johndoe@theregistrar.com has [OWNER] access to registrar TheRegistrar");
verify(lazyGroupsConnection).get();
}
/** Succeed loading registrar if user has access to it. Email address is case-insensitive */
@Test
void testGetRegistrarForUser_inContacts_isNotAdmin_caseInsensitive() throws Exception {
expectGetRegistrarSuccess(
REGISTRAR_ID_WITH_CONTACT,
AuthResult.create(
AuthLevel.USER,
UserAuthInfo.create(new User("JohnDoe@theregistrar.com", "theregistrar.com"), false)),
"user JohnDoe@theregistrar.com has [OWNER] access to registrar TheRegistrar");
verify(lazyGroupsConnection).get();
}
@@ -300,7 +305,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarSuccess(
REGISTRAR_ID_WITH_CONTACT,
GAE_ADMIN,
"admin admin@gmail.com has [OWNER, ADMIN] access to registrar TheRegistrar");
"admin johndoe@theregistrar.com has [OWNER, ADMIN] access to registrar TheRegistrar");
verifyNoInteractions(lazyGroupsConnection);
}
@@ -310,7 +315,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarSuccess(
REAL_REGISTRAR_ID_WITHOUT_CONTACT,
GAE_ADMIN,
"admin admin@gmail.com has [ADMIN] access to registrar NewRegistrar.");
"admin johndoe@theregistrar.com has [ADMIN] access to registrar NewRegistrar.");
verifyNoInteractions(lazyGroupsConnection);
}
@@ -325,7 +330,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarSuccess(
REAL_REGISTRAR_ID_WITHOUT_CONTACT,
GAE_ADMIN,
"admin admin@gmail.com has [OWNER, ADMIN] access to registrar NewRegistrar.");
"admin johndoe@theregistrar.com has [OWNER, ADMIN] access to registrar NewRegistrar.");
verifyNoInteractions(lazyGroupsConnection);
}
@@ -335,7 +340,7 @@ class AuthenticatedRegistrarAccessorTest {
expectGetRegistrarSuccess(
OTE_REGISTRAR_ID_WITHOUT_CONTACT,
GAE_ADMIN,
"admin admin@gmail.com has [OWNER, ADMIN] access to registrar OteRegistrar.");
"admin johndoe@theregistrar.com has [OWNER, ADMIN] access to registrar OteRegistrar.");
verifyNoInteractions(lazyGroupsConnection);
}
@@ -56,11 +56,6 @@ public final class RegistryTestServerMain {
description = "Login email address for App Engine Local User Service.")
private String loginEmail = "Marla.Singer@crr.com";
@Parameter(
names = "--login_user_id",
description = "GAE User ID for App Engine Local User Service.")
private String loginUserId = AppEngineExtension.MARLA_SINGER_GAE_USER_ID;
@Parameter(
names = "--login_is_admin",
description = "Should logged in user be an admin for App Engine Local User Service.",
@@ -140,9 +135,7 @@ public final class RegistryTestServerMain {
.withTaskQueue()
.withLocalModules()
.withUserService(
loginIsAdmin
? UserInfo.createAdmin(loginEmail, loginUserId)
: UserInfo.create(loginEmail, loginUserId))
loginIsAdmin ? UserInfo.createAdmin(loginEmail) : UserInfo.create(loginEmail))
.build();
appEngine.setUp();
new JpaTestExtensions.Builder().buildIntegrationTestExtension().beforeEach(null);
@@ -81,10 +81,6 @@ import org.junit.jupiter.api.io.TempDir;
*/
public final class AppEngineExtension implements BeforeEachCallback, AfterEachCallback {
public static final String NEW_REGISTRAR_GAE_USER_ID = "666";
public static final String THE_REGISTRAR_GAE_USER_ID = "31337";
public static final String MARLA_SINGER_GAE_USER_ID = "12345";
/**
* The GAE testing library requires queue.xml to be a file, not a resource in a jar, so we read it
* in here and write it to a temporary file later.
@@ -336,7 +332,7 @@ public final class AppEngineExtension implements BeforeEachCallback, AfterEachCa
.setEmailAddress("johndoe@theregistrar.com")
.setPhoneNumber("+1.1234567890")
.setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
.setGaeUserId(THE_REGISTRAR_GAE_USER_ID)
.setLoginEmailAddress("johndoe@theregistrar.com")
.build();
}
@@ -348,7 +344,7 @@ public final class AppEngineExtension implements BeforeEachCallback, AfterEachCa
.setRegistryLockEmailAddress("Marla.Singer.RegistryLock@crr.com")
.setPhoneNumber("+1.2128675309")
.setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
.setGaeUserId(MARLA_SINGER_GAE_USER_ID)
.setLoginEmailAddress("Marla.Singer@crr.com")
.setAllowedToSetRegistryLockPassword(true)
.setRegistryLockPassword("hi")
.build();
@@ -435,11 +431,6 @@ public final class AppEngineExtension implements BeforeEachCallback, AfterEachCa
// Set top-level properties on LocalServiceTestConfig for user login.
helper
.setEnvIsLoggedIn(userInfo.isLoggedIn())
// This envAttributes thing is the only way to set userId.
// see https://code.google.com/p/googleappengine/issues/detail?id=3579
.setEnvAttributes(
ImmutableMap.of(
"com.google.appengine.api.users.UserService.user_id_key", userInfo.gaeUserId()))
.setEnvAuthDomain(userInfo.authDomain())
.setEnvEmail(userInfo.email())
.setEnvIsAdmin(userInfo.isAdmin());
@@ -24,25 +24,24 @@ public abstract class UserInfo {
abstract String email();
abstract String authDomain();
abstract String gaeUserId();
abstract boolean isAdmin();
abstract boolean isLoggedIn();
/** Creates a new logged-in non-admin user instance. */
public static UserInfo create(String email, String gaeUserId) {
public static UserInfo create(String email) {
String authDomain = email.substring(email.indexOf('@') + 1);
return new AutoValue_UserInfo(email, authDomain, gaeUserId, false, true);
return new AutoValue_UserInfo(email, authDomain, false, true);
}
/** Creates a new logged-in admin user instance. */
public static UserInfo createAdmin(String email, String gaeUserId) {
public static UserInfo createAdmin(String email) {
String authDomain = email.substring(email.indexOf('@') + 1);
return new AutoValue_UserInfo(email, authDomain, gaeUserId, true, true);
return new AutoValue_UserInfo(email, authDomain, true, true);
}
/** Returns a logged-out user instance. */
public static UserInfo loggedOut() {
return new AutoValue_UserInfo("", "", "", false, false);
return new AutoValue_UserInfo("", "", false, false);
}
UserInfo() {}
@@ -54,8 +54,7 @@ import org.mockito.Mock;
/** Unit tests for {@link CreateRegistrarCommand}. */
class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand> {
@Mock private AppEngineConnection connection;
@Mock private ServiceConnection connection;
@BeforeEach
void beforeEach() {
@@ -28,7 +28,7 @@ import org.mockito.Mock;
/** Unit tests for {@link CreateRegistrarGroupsCommand}. */
class CreateRegistrarGroupsCommandTest extends CommandTestCase<CreateRegistrarGroupsCommand> {
@Mock private AppEngineConnection connection;
@Mock private ServiceConnection connection;
@BeforeEach
void beforeEach() {
@@ -40,8 +40,8 @@ import org.mockito.quality.Strictness;
/** Unit tests for {@link CurlCommand}. */
class CurlCommandTest extends CommandTestCase<CurlCommand> {
@Mock private AppEngineConnection connection;
@Mock private AppEngineConnection connectionForService;
@Mock private ServiceConnection connection;
@Mock private ServiceConnection connectionForService;
@BeforeEach
void beforeEach() {
@@ -79,7 +79,7 @@ public final class DomainLockUtilsTest {
.withCloudSql()
.withClock(clock)
.withTaskQueue()
.withUserService(UserInfo.create(POC_ID, "12345"))
.withUserService(UserInfo.create(POC_ID))
.build();
private Domain domain;
@@ -36,9 +36,8 @@ import org.mockito.ArgumentCaptor;
/**
* Class for verifying EPP commands sent to the server via the tool endpoint.
*
* <p>Provides its own (mock) {@link AppEngineConnection} that will be monitored for EPP
* transmission. This Connection needs to be registered with the tool endpoint - something like
* this:
* <p>Provides its own (mock) {@link ServiceConnection} that will be monitored for EPP transmission.
* This Connection needs to be registered with the tool endpoint - something like this:
*
* <pre>{@code
* SomeToolCommand command = ...;
@@ -49,7 +48,7 @@ import org.mockito.ArgumentCaptor;
*/
public class EppToolVerifier {
private final AppEngineConnection connection = mock(AppEngineConnection.class);
private final ServiceConnection connection = mock(ServiceConnection.class);
private String registrarId;
private boolean superuser;
@@ -196,7 +195,7 @@ public class EppToolVerifier {
}
/** Returns the (mock) Connection that is being monitored by this verifier. */
private AppEngineConnection getConnection() {
private ServiceConnection getConnection() {
return connection;
}
}
@@ -33,11 +33,11 @@ import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
/** Unit tests for {@link google.registry.tools.AppEngineConnection}. */
/** Unit tests for {@link ServiceConnection}. */
@ExtendWith(MockitoExtension.class)
final class AppEngineConnectionTest {
final class GcpProjectConnectionTest {
private AppEngineConnection connection;
private ServiceConnection connection;
private TestHttpTransport httpTransport;
private TestLowLevelHttpRequest lowLevelHttpRequest;
@Mock LowLevelHttpResponse lowLevelHttpResponse;
@@ -84,7 +84,7 @@ final class AppEngineConnectionTest {
.thenReturn(new ByteArrayInputStream("MyContent".getBytes(UTF_8)));
when(lowLevelHttpResponse.getStatusCode()).thenReturn(200);
connection = new AppEngineConnection();
connection = new ServiceConnection();
httpTransport = new TestHttpTransport();
connection.requestFactory = httpTransport.createRequestFactory();
}
@@ -37,7 +37,7 @@ import org.mockito.Mock;
public abstract class ListObjectsCommandTestCase<C extends ListObjectsCommand>
extends CommandTestCase<C> {
@Mock AppEngineConnection connection;
@Mock ServiceConnection connection;
/** Where to find the servlet task; set by the subclass. */
abstract String getTaskPath();
@@ -30,7 +30,7 @@ import org.mockito.Mock;
/** Unit tests for {@link LoadTestCommand}. */
class LoadTestCommandTest extends CommandTestCase<LoadTestCommand> {
@Mock private AppEngineConnection connection;
@Mock private ServiceConnection connection;
@BeforeEach
void beforeEach() {
@@ -132,10 +132,33 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
"NewRegistrar");
RegistrarPoc registrarPoc =
loadRegistrar("NewRegistrar").getContacts().stream()
.filter(rc -> rc.getEmailAddress().equals("jane.doe@example.com"))
.filter(rc -> "jane.doe@example.com".equals(rc.getEmailAddress()))
.findFirst()
.get();
assertThat(registrarPoc.getGaeUserId()).matches("-?[0-9]+");
assertThat(registrarPoc.getLoginEmailAddress()).isEqualTo("jane.doe@example.com");
}
@Test
void testUpdate_enableConsoleAccess_specifyLoginEmail() throws Exception {
Registrar registrar = loadRegistrar("NewRegistrar");
persistSimpleResource(
new RegistrarPoc.Builder()
.setRegistrar(registrar)
.setName("Jane Doe")
.setEmailAddress("jane.doe@example.com")
.build());
runCommandForced(
"--mode=UPDATE",
"--email=jane.doe@example.com",
"--login_email=jim.doe@example.com",
"--allow_console_access=true",
"NewRegistrar");
RegistrarPoc registrarPoc =
loadRegistrar("NewRegistrar").getContacts().stream()
.filter(rc -> "jane.doe@example.com".equals(rc.getEmailAddress()))
.findFirst()
.get();
assertThat(registrarPoc.getLoginEmailAddress()).isEqualTo("jim.doe@example.com");
}
@Test
@@ -146,7 +169,6 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setRegistrar(registrar)
.setName("Judith Doe")
.setEmailAddress("judith.doe@example.com")
.setGaeUserId("11111")
.build());
runCommandForced(
"--mode=UPDATE",
@@ -154,7 +176,7 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
"--allow_console_access=false",
"NewRegistrar");
RegistrarPoc registrarPoc = loadRegistrar("NewRegistrar").getContacts().asList().get(1);
assertThat(registrarPoc.getGaeUserId()).isNull();
assertThat(registrarPoc.getLoginEmailAddress()).isNull();
}
@Test
@@ -165,14 +187,12 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setRegistrar(registrar)
.setName("John Doe")
.setEmailAddress("john.doe@example.com")
.setGaeUserId("11111")
.build());
persistSimpleResource(
new RegistrarPoc.Builder()
.setRegistrar(registrar)
.setName("Johnna Doe")
.setEmailAddress("johnna.doe@example.com")
.setGaeUserId("11112")
.setVisibleInDomainWhoisAsAbuse(true)
.build());
runCommandForced(
@@ -183,7 +203,7 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
ImmutableList<RegistrarPoc> registrarPocs =
loadRegistrar("NewRegistrar").getContacts().asList();
for (RegistrarPoc registrarPoc : registrarPocs) {
if (registrarPoc.getName().equals("John Doe")) {
if ("John Doe".equals(registrarPoc.getName())) {
assertThat(registrarPoc.getVisibleInDomainWhoisAsAbuse()).isTrue();
} else {
assertThat(registrarPoc.getVisibleInDomainWhoisAsAbuse()).isFalse();
@@ -199,7 +219,6 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setRegistrar(registrar)
.setName("John Doe")
.setEmailAddress("john.doe@example.com")
.setGaeUserId("11111")
.setVisibleInDomainWhoisAsAbuse(true)
.build());
IllegalArgumentException thrown =
@@ -227,7 +246,6 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setRegistrar(registrar)
.setName("John Doe")
.setEmailAddress("john.doe@example.com")
.setGaeUserId("11111")
.setPhoneNumber("123-456-7890")
.setFaxNumber("123-456-7890")
.setTypes(ImmutableSet.of(ADMIN, ABUSE))
@@ -239,7 +257,6 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
RegistrarPoc registrarPoc = loadRegistrar("NewRegistrar").getContacts().asList().get(1);
assertThat(registrarPoc.getEmailAddress()).isEqualTo(existingContact.getEmailAddress());
assertThat(registrarPoc.getName()).isEqualTo(existingContact.getName());
assertThat(registrarPoc.getGaeUserId()).isEqualTo(existingContact.getGaeUserId());
assertThat(registrarPoc.getPhoneNumber()).isEqualTo(existingContact.getPhoneNumber());
assertThat(registrarPoc.getFaxNumber()).isEqualTo(existingContact.getFaxNumber());
assertThat(registrarPoc.getTypes()).isEqualTo(existingContact.getTypes());
@@ -259,7 +276,6 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setRegistrar(registrar)
.setName("John Doe")
.setEmailAddress("john.doe@example.com")
.setGaeUserId("11111")
.setPhoneNumber("123-456-7890")
.setFaxNumber("123-456-7890")
.setTypes(ImmutableSet.of(ADMIN, ABUSE))
@@ -287,10 +303,7 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setTypes(ImmutableSet.of(ADMIN, ABUSE))
.build());
runCommandForced(
"--mode=UPDATE",
"--email=john.doe@example.com",
"--contact_type=",
"NewRegistrar");
"--mode=UPDATE", "--email=john.doe@example.com", "--contact_type=", "NewRegistrar");
RegistrarPoc registrarPoc = loadRegistrar("NewRegistrar").getContacts().asList().get(1);
assertThat(registrarPoc.getTypes()).isEmpty();
}
@@ -321,16 +334,13 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
.setVisibleInWhoisAsTech(false)
.setVisibleInDomainWhoisAsAbuse(true)
.build());
assertThat(registrarPoc.getGaeUserId()).isNull();
assertThat(registrarPoc.getLoginEmailAddress()).isNull();
}
@Test
void testDelete() throws Exception {
assertThat(loadRegistrar("NewRegistrar").getContacts()).isNotEmpty();
runCommandForced(
"--mode=DELETE",
"--email=janedoe@theregistrar.com",
"NewRegistrar");
runCommandForced("--mode=DELETE", "--email=janedoe@theregistrar.com", "NewRegistrar");
assertThat(loadRegistrar("NewRegistrar").getContacts()).isEmpty();
}
@@ -358,7 +368,21 @@ class RegistrarPocCommandTest extends CommandTestCase<RegistrarPocCommand> {
"--contact_type=ADMIN,ABUSE",
"NewRegistrar");
RegistrarPoc registrarPoc = loadRegistrar("NewRegistrar").getContacts().asList().get(1);
assertThat(registrarPoc.getGaeUserId()).matches("-?[0-9]+");
assertThat(registrarPoc.getEmailAddress()).isEqualTo("jim.doe@example.com");
}
@Test
void testCreate_withConsoleAccessEnabled_specifyLoginEmail() throws Exception {
runCommandForced(
"--mode=CREATE",
"--name=Jim Doe",
"--email=jim.doe@example.com",
"--login_email=jane.doe@example.com",
"--allow_console_access=true",
"--contact_type=ADMIN,ABUSE",
"NewRegistrar");
RegistrarPoc registrarPoc = loadRegistrar("NewRegistrar").getContacts().asList().get(1);
assertThat(registrarPoc.getLoginEmailAddress()).isEqualTo("jane.doe@example.com");
}
@Test
@@ -53,8 +53,8 @@ public class RequestFactoryModuleTest {
@Test
void test_provideHttpRequestFactory_localhost() throws Exception {
// Make sure that localhost creates a request factory with an initializer.
boolean origIsLocal = RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal;
RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal = true;
boolean origIsLocal = RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal;
RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal = true;
try {
HttpRequestFactory factory =
RequestFactoryModule.provideHttpRequestFactory(credentialsBundle);
@@ -64,7 +64,7 @@ public class RequestFactoryModuleTest {
initializer.initialize(request);
verifyNoInteractions(httpRequestInitializer);
} finally {
RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal = origIsLocal;
RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal = origIsLocal;
}
}
@@ -72,8 +72,8 @@ public class RequestFactoryModuleTest {
void test_provideHttpRequestFactory_remote() throws Exception {
when(credentialsBundle.getHttpRequestInitializer()).thenReturn(httpRequestInitializer);
// Make sure that example.com creates a request factory with the UNITTEST client id but no
boolean origIsLocal = RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal;
RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal = false;
boolean origIsLocal = RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal;
RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal = false;
try {
HttpRequestFactory factory =
RequestFactoryModule.provideHttpRequestFactory(credentialsBundle);
@@ -86,7 +86,7 @@ public class RequestFactoryModuleTest {
assertThat(request.getReadTimeout()).isEqualTo(REQUEST_TIMEOUT_MS);
verifyNoMoreInteractions(httpRequestInitializer);
} finally {
RegistryConfig.CONFIG_SETTINGS.get().appEngine.isLocal = origIsLocal;
RegistryConfig.CONFIG_SETTINGS.get().gcpProject.isLocal = origIsLocal;
}
}
}
@@ -114,7 +114,7 @@ class SetupOteCommandTest extends CommandTestCase<SetupOteCommand> {
RegistrarPoc registrarPoc = registrarPocs.stream().findAny().get();
assertThat(registrarPoc.getEmailAddress()).isEqualTo(email);
assertThat(registrarPoc.getName()).isEqualTo(email);
assertThat(registrarPoc.getGaeUserId()).isNotNull();
assertThat(registrarPoc.getLoginEmailAddress()).isEqualTo(email);
}
@Test
@@ -36,7 +36,7 @@ import org.mockito.quality.Strictness;
/** Unit tests for {@link VerifyOteCommand}. */
class VerifyOteCommandTest extends CommandTestCase<VerifyOteCommand> {
@Mock private AppEngineConnection connection;
@Mock private ServiceConnection connection;
@BeforeEach
void beforeEach() throws Exception {
@@ -16,7 +16,6 @@ package google.registry.ui.server.registrar;
import static com.google.common.net.HttpHeaders.LOCATION;
import static com.google.common.truth.Truth.assertThat;
import static google.registry.model.common.GaeUserIdConverter.convertEmailAddressToGaeUserId;
import static google.registry.model.registrar.Registrar.loadByRegistrarId;
import static google.registry.testing.DatabaseHelper.persistPremiumList;
import static javax.servlet.http.HttpServletResponse.SC_MOVED_TEMPORARILY;
@@ -67,7 +66,7 @@ final class ConsoleRegistrarCreatorActionTest {
final AppEngineExtension appEngineExtension = AppEngineExtension.builder().withCloudSql().build();
@RegisterExtension
@Order(value = Integer.MAX_VALUE)
@Order(Integer.MAX_VALUE)
final SystemPropertyExtension systemPropertyExtension = new SystemPropertyExtension();
private final FakeResponse response = new FakeResponse();
@@ -217,10 +216,9 @@ final class ConsoleRegistrarCreatorActionTest {
.containsExactly(
new RegistrarPoc.Builder()
.setRegistrar(registrar)
.setGaeUserId("-1509175207")
.setGaeUserId(convertEmailAddressToGaeUserId("myclientid@registry.example"))
.setName("myclientid@registry.example")
.setEmailAddress("myclientid@registry.example")
.setLoginEmailAddress("myclientid@registry.example")
.build());
}
@@ -52,7 +52,7 @@ class ConsoleUiActionTest {
final AppEngineExtension appEngineExtension =
AppEngineExtension.builder()
.withCloudSql()
.withUserService(UserInfo.create("marla.singer@example.com", "12345"))
.withUserService(UserInfo.create("marla.singer@example.com"))
.build();
private final HttpServletRequest request = mock(HttpServletRequest.class);
@@ -72,7 +72,7 @@ final class RegistryLockGetActionTest {
@BeforeEach
void beforeEach() {
user = userFromRegistrarPoc(AppEngineExtension.makeRegistrarContact3());
user = userFromRegistrarPoc(makeRegistrarContact3());
fakeClock.setTo(DateTime.parse("2000-06-08T22:00:00.0Z"));
authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user, false));
accessor =
@@ -335,7 +335,7 @@ final class RegistryLockGetActionTest {
// Locks are allowed for admins even when they're not enabled for the registrar
persistResource(makeRegistrar2().asBuilder().setRegistryLockAllowed(false).build());
// disallow the other user
persistResource(makeRegistrarContact2().asBuilder().setGaeUserId(null).build());
persistResource(makeRegistrarContact2().asBuilder().setLoginEmailAddress(null).build());
authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user, true));
accessor =
AuthenticatedRegistrarAccessor.createForTesting(
@@ -361,9 +361,9 @@ final class RegistryLockGetActionTest {
}
@Test
void testSuccess_linkedToContactEmail() {
// Even though the user is some.email@gmail.com the contact is still Marla Singer
user = new User("some.email@gmail.com", "gmail.com", user.getUserId());
void testSuccess_linkedToLoginContactEmail() {
// Note that the email address is case-insensitive.
user = new User("marla.singer@crr.com", "crr.com", user.getUserId());
authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user, false));
action =
new RegistryLockGetAction(
@@ -413,6 +413,6 @@ final class RegistryLockGetActionTest {
}
static User userFromRegistrarPoc(RegistrarPoc registrarPoc) {
return new User(registrarPoc.getEmailAddress(), "gmail.com", registrarPoc.getGaeUserId());
return new User(registrarPoc.getLoginEmailAddress(), "gmail.com");
}
}
@@ -159,10 +159,8 @@ final class RegistryLockPostActionTest {
}
@Test
void testSuccess_linkedToContactEmail() throws Exception {
// Even though the user is some.email@gmail.com the contact is still Marla Singer
userWithLockPermission =
new User("some.email@gmail.com", "gmail.com", userWithLockPermission.getUserId());
void testSuccess_linkedToLoginEmail() throws Exception {
userWithLockPermission = new User("Marla.Singer@crr.com", "crr.com");
action =
createAction(
AuthResult.create(AuthLevel.USER, UserAuthInfo.create(userWithLockPermission, false)));
@@ -70,7 +70,7 @@ final class RegistryLockVerifyActionTest {
AppEngineExtension.builder()
.withCloudSql()
.withClock(fakeClock)
.withUserService(UserInfo.create("marla.singer@example.com", "12345"))
.withUserService(UserInfo.create("marla.singer@example.com"))
.build();
private final HttpServletRequest request = mock(HttpServletRequest.class);
@@ -59,16 +59,4 @@ public class OteSetupConsoleScreenshotTest extends WebDriverTestCase {
driver.waitForDisplayedElement(By.tagName("h1"));
driver.diffPage("oteResult");
}
@RetryingTest(3)
void get_admin_fails_badEmail() throws Throwable {
server.setIsAdmin(true);
driver.get(server.getUrl("/registrar-ote-setup"));
driver.waitForDisplayedElement(By.tagName("h1"));
driver.findElement(By.id("clientId")).sendKeys("acmereg");
driver.findElement(By.id("email")).sendKeys("bad email");
driver.findElement(By.id("submit-button")).click();
driver.waitForDisplayedElement(By.tagName("h1"));
driver.diffPage("oteResultFailed");
}
}
@@ -62,7 +62,6 @@ class RegistrarConsoleScreenshotTest extends WebDriverTestCase {
.setFilters(ObjectifyFilter.class, OfyFilter.class)
.setFixtures(BASIC)
.setEmail("Marla.Singer@crr.com") // from AppEngineExtension.makeRegistrarContact3
.setGaeUserId("12345") // from AppEngineExtension.makeRegistrarContact3
.build();
@RetryingTest(3)
@@ -45,7 +45,7 @@ public class RegistrarConsoleWebTest extends WebDriverTestCase {
route("/registrar-settings", FrontendServlet.class))
.setFilters(ObjectifyFilter.class, OfyFilter.class)
.setFixtures(BASIC)
.setEmail("Marla.Singer@google.com")
.setEmail("Marla.Singer@crr.com")
.build();
/** Checks the identified element has the given text content. */
@@ -72,28 +72,4 @@ class RegistrarCreateConsoleScreenshotTest extends WebDriverTestCase {
driver.waitForDisplayedElement(By.tagName("h1"));
driver.diffPage("createResult");
}
@RetryingTest(3)
void get_admin_fails_badEmail() throws Throwable {
server.setIsAdmin(true);
driver.get(server.getUrl("/registrar-create"));
driver.waitForDisplayedElement(By.tagName("h1"));
driver.findElement(By.id("clientId")).sendKeys("my-name");
driver.findElement(By.id("name")).sendKeys("registrar name");
driver
.findElement(By.id("billingAccount"))
.sendKeys(""
+ "USD=12345678-abcd-1234-5678-cba987654321\n"
+ "JPY=aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee");
driver.findElement(By.id("driveId")).sendKeys("drive-id");
driver.findElement(By.id("ianaId")).sendKeys("15263");
driver.findElement(By.id("referralEmail")).sendKeys("email@icann.example");
driver.findElement(By.id("consoleUserEmail")).sendKeys("bad email");
driver.findElement(By.id("street1")).sendKeys("123 Street st.");
driver.findElement(By.id("city")).sendKeys("Citysville");
driver.findElement(By.id("countryCode")).sendKeys("fr");
driver.findElement(By.id("submit-button")).click();
driver.waitForDisplayedElement(By.tagName("h1"));
driver.diffPage("createResultFailed");
}
}
@@ -16,10 +16,8 @@ package google.registry.webdriver;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
import static google.registry.testing.AppEngineExtension.THE_REGISTRAR_GAE_USER_ID;
import static google.registry.util.NetworkUtils.getExternalAddressOfLocalSystem;
import static google.registry.util.NetworkUtils.pickUnusedPort;
import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
@@ -35,7 +33,6 @@ import java.net.URL;
import java.net.UnknownHostException;
import java.nio.file.Path;
import java.time.Duration;
import java.util.Optional;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.Callable;
import java.util.concurrent.FutureTask;
@@ -72,8 +69,7 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
ImmutableList<Route> routes,
ImmutableList<Class<? extends Filter>> filters,
ImmutableList<Fixture> fixtures,
String email,
Optional<String> gaeUserId) {
String email) {
this.runfiles = runfiles;
this.routes = routes;
this.filters = filters;
@@ -86,8 +82,7 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
.withLocalModules()
.withUrlFetch()
.withTaskQueue()
.withUserService(
UserInfo.createAdmin(email, gaeUserId.orElse(THE_REGISTRAR_GAE_USER_ID)))
.withUserService(UserInfo.createAdmin(email))
.build();
}
@@ -178,7 +173,7 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
private final class Server implements Runnable {
private ExtensionContext context;
private final ExtensionContext context;
Server(ExtensionContext context) {
this.context = context;
@@ -254,7 +249,6 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
ImmutableList<Class<? extends Filter>> filters;
private ImmutableList<Fixture> fixtures = ImmutableList.of();
private String email;
private Optional<String> gaeUserId = Optional.empty();
/** Sets the directories containing the static files for {@link TestServer}. */
Builder setRunfiles(ImmutableMap<String, Path> runfiles) {
@@ -292,13 +286,6 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
return this;
}
/** Optionally, sets the GAE user ID for the logged in user. */
public Builder setGaeUserId(String gaeUserId) {
this.gaeUserId =
Optional.of(checkArgumentNotNull(gaeUserId, "Must specify a non-null GAE user ID"));
return this;
}
/** Returns a new {@link TestServerExtension} instance. */
public TestServerExtension build() {
return new TestServerExtension(
@@ -306,8 +293,7 @@ public final class TestServerExtension implements BeforeEachCallback, AfterEachC
checkNotNull(this.routes),
checkNotNull(this.filters),
checkNotNull(this.fixtures),
checkNotNull(this.email),
this.gaeUserId);
checkNotNull(this.email));
}
}
}
@@ -16,7 +16,7 @@
"name": "Extra Terrestrial",
"visibleInWhoisAsTech": false,
"emailAddress": "etphonehome@example.com",
"gaeUserId": null,
"loginEmailAddress": null,
"types": "ADMIN,BILLING,TECH,WHOIS"
},
{
@@ -27,7 +27,7 @@
"visibleInWhoisAsTech": false,
"emailAddress": "Marla.Singer@crr.com",
"registryLockEmailAddress": "Marla.Singer.RegistryLock@crr.com",
"gaeUserId": "12345",
"loginEmailAddress": "Marla.Singer@crr.com",
"types": "TECH"
}
],
@@ -16,7 +16,7 @@
"name": "Extra Terrestrial",
"visibleInWhoisAsTech": false,
"emailAddress": "etphonehome@example.com",
"gaeUserId": null,
"loginEmailAddress": null,
"types": "ADMIN,BILLING,TECH,WHOIS"
},
{
@@ -26,7 +26,7 @@
"name": "E.T.",
"visibleInWhoisAsTech": false,
"emailAddress": "etphonehome@example.com",
"gaeUserId": null,
"loginEmailAddress": null,
"types": "MARKETING"
}
],
@@ -11,9 +11,9 @@ emailAddress: the.registrar@example.com -> thase@the.registrar
url: http://my.fake.url -> http://my.new.url
contacts:
ADDED:
{name=Extra Terrestrial, emailAddress=etphonehome@example.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.2345678901, faxNumber=null, types=[ADMIN, BILLING, TECH, WHOIS], gaeUserId=null, visibleInWhoisAsAdmin=true, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
{name=Extra Terrestrial, emailAddress=etphonehome@example.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.2345678901, faxNumber=null, types=[ADMIN, BILLING, TECH, WHOIS], loginEmailAddress=null, visibleInWhoisAsAdmin=true, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
REMOVED:
{name=John Doe, emailAddress=johndoe@theregistrar.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.1234567890, faxNumber=null, types=[ADMIN], gaeUserId=31337, visibleInWhoisAsAdmin=false, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
{name=John Doe, emailAddress=johndoe@theregistrar.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.1234567890, faxNumber=null, types=[ADMIN], loginEmailAddress=johndoe@theregistrar.com, visibleInWhoisAsAdmin=false, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
FINAL CONTENTS:
{name=Extra Terrestrial, emailAddress=etphonehome@example.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.2345678901, faxNumber=null, types=[ADMIN, BILLING, TECH, WHOIS], gaeUserId=null, visibleInWhoisAsAdmin=true, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false},
{name=Marla Singer, emailAddress=Marla.Singer@crr.com, registrarId=TheRegistrar, registryLockEmailAddress=Marla.Singer.RegistryLock@crr.com, phoneNumber=+1.2128675309, faxNumber=null, types=[TECH], gaeUserId=12345, visibleInWhoisAsAdmin=false, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
{name=Extra Terrestrial, emailAddress=etphonehome@example.com, registrarId=TheRegistrar, registryLockEmailAddress=null, phoneNumber=+1.2345678901, faxNumber=null, types=[ADMIN, BILLING, TECH, WHOIS], loginEmailAddress=null, visibleInWhoisAsAdmin=true, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false},
{name=Marla Singer, emailAddress=Marla.Singer@crr.com, registrarId=TheRegistrar, registryLockEmailAddress=Marla.Singer.RegistryLock@crr.com, phoneNumber=+1.2128675309, faxNumber=null, types=[TECH], loginEmailAddress=Marla.Singer@crr.com, visibleInWhoisAsAdmin=false, visibleInWhoisAsTech=false, visibleInDomainWhoisAsAbuse=false, allowedToSetRegistryLockPassword=false}
@@ -614,7 +614,7 @@
registrar_id text not null,
allowed_to_set_registry_lock_password boolean not null,
fax_number text,
gae_user_id text,
login_email_address text,
name text,
phone_number text,
registry_lock_email_address text,
@@ -828,7 +828,7 @@ create index IDXaydgox62uno9qx8cjlj5lauye on "PollMessage" (event_time);
create index premiumlist_name_idx on "PremiumList" (name);
create index registrar_name_idx on "Registrar" (registrar_name);
create index registrar_iana_identifier_idx on "Registrar" (iana_identifier);
create index registrarpoc_gae_user_id_idx on "RegistrarPoc" (gae_user_id);
create index registrarpoc_login_email_idx on "RegistrarPoc" (login_email_address);
create index idx_registry_lock_verification_code on "RegistryLock" (verification_code);
create index idx_registry_lock_registrar_id on "RegistryLock" (registrar_id);