Don't always require contacts in CreateDomainCommand (#2755)

If contacts are optional, they should be optional in the command too.

console-webapp/src/app/app.component.spec.ts

@@ -14,30 +14,71 @@
 
 import { provideHttpClient } from '@angular/common/http';
 import { provideHttpClientTesting } from '@angular/common/http/testing';
-import { TestBed } from '@angular/core/testing';
-import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
+import { ComponentFixture, fakeAsync, TestBed } from '@angular/core/testing';
+import { NoopAnimationsModule } from '@angular/platform-browser/animations';
 import { AppComponent } from './app.component';
-import { MaterialModule } from './material.module';
-import { BackendService } from './shared/services/backend.service';
-import { AppRoutingModule } from './app-routing.module';
+import { routes } from './app-routing.module';
 import { AppModule } from './app.module';
+import { PocReminderComponent } from './shared/components/pocReminder/pocReminder.component';
+import { RouterModule } from '@angular/router';
+import { MatSnackBar, MatSnackBarModule } from '@angular/material/snack-bar';
+import { UserData, UserDataService } from './shared/services/userData.service';
+import { Registrar, RegistrarService } from './registrar/registrar.service';
+import { MatSidenavModule } from '@angular/material/sidenav';
+import { signal, WritableSignal } from '@angular/core';
 
 describe('AppComponent', () => {
+  let component: AppComponent;
+  let fixture: ComponentFixture<AppComponent>;
+  let mockRegistrarService: {
+    registrar: WritableSignal<Partial<Registrar> | null | undefined>;
+    registrarId: WritableSignal<string>;
+    registrars: WritableSignal<Array<Partial<Registrar>>>;
+  };
+  let mockUserDataService: { userData: WritableSignal<Partial<UserData>> };
+  let mockSnackBar: jasmine.SpyObj<MatSnackBar>;
+
+  const dummyPocReminderComponent = class {}; // Dummy class for type checking
+
   beforeEach(async () => {
+    mockRegistrarService = {
+      registrar: signal<Registrar | null | undefined>(undefined),
+      registrarId: signal('123'),
+      registrars: signal([]),
+    };
+
+    mockUserDataService = {
+      userData: signal({
+        globalRole: 'NONE',
+      }),
+    };
+
+    mockSnackBar = jasmine.createSpyObj('MatSnackBar', ['openFromComponent']);
+
     await TestBed.configureTestingModule({
-      declarations: [AppComponent],
       imports: [
-        MaterialModule,
-        BrowserAnimationsModule,
-        AppRoutingModule,
+        MatSidenavModule,
+        NoopAnimationsModule,
+        MatSnackBarModule,
         AppModule,
+        RouterModule.forRoot(routes),
       ],
       providers: [
-        BackendService,
+        { provide: RegistrarService, useValue: mockRegistrarService },
+        { provide: UserDataService, useValue: mockUserDataService },
+        { provide: MatSnackBar, useValue: mockSnackBar },
+        { provide: PocReminderComponent, useClass: dummyPocReminderComponent },
         provideHttpClient(),
         provideHttpClientTesting(),
       ],
     }).compileComponents();
+
+    fixture = TestBed.createComponent(AppComponent);
+    component = fixture.componentInstance;
+  });
+
+  afterEach(() => {
+    jasmine.clock().uninstall();
   });
 
   it('should create the app', () => {
@@ -46,4 +87,51 @@ describe('AppComponent', () => {
     const app = fixture.componentInstance;
     expect(app).toBeTruthy();
   });
+
+  describe('PoC Verification Reminder', () => {
+    beforeEach(() => {
+      jasmine.clock().install();
+    });
+
+    it('should open snackbar if lastPocVerificationDate is older than one year', fakeAsync(() => {
+      const MOCK_TODAY = new Date('2024-07-15T10:00:00.000Z');
+      jasmine.clock().mockDate(MOCK_TODAY);
+
+      const twoYearsAgo = new Date(MOCK_TODAY);
+      twoYearsAgo.setFullYear(MOCK_TODAY.getFullYear() - 2);
+
+      mockRegistrarService.registrar.set({
+        lastPocVerificationDate: twoYearsAgo.toISOString(),
+      });
+
+      fixture.detectChanges();
+      TestBed.flushEffects();
+
+      expect(mockSnackBar.openFromComponent).toHaveBeenCalledWith(
+        PocReminderComponent,
+        {
+          horizontalPosition: 'center',
+          verticalPosition: 'top',
+          duration: 1000000000,
+        }
+      );
+    }));
+
+    it('should NOT open snackbar if lastPocVerificationDate is within last year', fakeAsync(() => {
+      const MOCK_TODAY = new Date('2024-07-15T10:00:00.000Z');
+      jasmine.clock().mockDate(MOCK_TODAY);
+
+      const sixMonthsAgo = new Date(MOCK_TODAY);
+      sixMonthsAgo.setMonth(MOCK_TODAY.getMonth() - 6);
+
+      mockRegistrarService.registrar.set({
+        lastPocVerificationDate: sixMonthsAgo.toISOString(),
+      });
+
+      fixture.detectChanges();
+      TestBed.flushEffects();
+
+      expect(mockSnackBar.openFromComponent).not.toHaveBeenCalled();
+    }));
+  });
 });

console-webapp/src/app/app.component.ts

@@ -12,13 +12,15 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { AfterViewInit, Component, ViewChild } from '@angular/core';
+import { AfterViewInit, Component, effect, ViewChild } from '@angular/core';
 import { MatSidenav } from '@angular/material/sidenav';
 import { NavigationEnd, Router } from '@angular/router';
 import { RegistrarService } from './registrar/registrar.service';
 import { BreakPointObserverService } from './shared/services/breakPoint.service';
 import { GlobalLoaderService } from './shared/services/globalLoader.service';
 import { UserDataService } from './shared/services/userData.service';
+import { MatSnackBar } from '@angular/material/snack-bar';
+import { PocReminderComponent } from './shared/components/pocReminder/pocReminder.component';
 
 @Component({
   selector: 'app-root',
@@ -35,8 +37,28 @@ export class AppComponent implements AfterViewInit {
     protected userDataService: UserDataService,
     protected globalLoader: GlobalLoaderService,
     protected breakpointObserver: BreakPointObserverService,
-    private router: Router
-  ) {}
+    private router: Router,
+    private _snackBar: MatSnackBar
+  ) {
+    effect(() => {
+      const registrar = this.registrarService.registrar();
+      const oneYearAgo = new Date();
+      oneYearAgo.setFullYear(oneYearAgo.getFullYear() - 1);
+      oneYearAgo.setHours(0, 0, 0, 0);
+      if (
+        registrar &&
+        registrar.lastPocVerificationDate &&
+        new Date(registrar.lastPocVerificationDate) < oneYearAgo &&
+        this.userDataService?.userData()?.globalRole === 'NONE'
+      ) {
+        this._snackBar.openFromComponent(PocReminderComponent, {
+          horizontalPosition: 'center',
+          verticalPosition: 'top',
+          duration: 1000000000,
+        });
+      }
+    });
+  }
 
   ngAfterViewInit() {
     this.router.events.subscribe((event) => {

console-webapp/src/app/app.module.ts

@@ -60,6 +60,7 @@ import { TldsComponent } from './tlds/tlds.component';
 import { ForceFocusDirective } from './shared/directives/forceFocus.directive';
 import RdapComponent from './settings/rdap/rdap.component';
 import RdapEditComponent from './settings/rdap/rdapEdit.component';
+import { PocReminderComponent } from './shared/components/pocReminder/pocReminder.component';
 
 @NgModule({
   declarations: [SelectedRegistrarWrapper],
@@ -86,6 +87,7 @@ export class SelectedRegistrarModule {}
     RdapComponent,
     RdapEditComponent,
     ReasonDialogComponent,
+    PocReminderComponent,
     RegistrarComponent,
     RegistrarDetailsComponent,
     RegistrarSelectorComponent,

console-webapp/src/app/navigation/navigation.component.ts

@@ -57,7 +57,7 @@ export class NavigationComponent {
   }
 
   ngOnDestroy() {
-    this.subscription.unsubscribe();
+    this.subscription && this.subscription.unsubscribe();
   }
 
   getElementId(node: RouteWithIcon) {

console-webapp/src/app/registrar/registrar.service.ts

@@ -71,6 +71,7 @@ export interface Registrar
   registrarName: string;
   registryLockAllowed?: boolean;
   type?: string;
+  lastPocVerificationDate?: string;
 }
 
 @Injectable({

console-webapp/src/app/settings/contact/contact.component.ts

@@ -16,11 +16,7 @@ import { Component, effect, ViewEncapsulation } from '@angular/core';
 import { MatTableDataSource } from '@angular/material/table';
 import { take } from 'rxjs';
 import { RegistrarService } from 'src/app/registrar/registrar.service';
-import {
-  ContactService,
-  contactTypeToViewReadyContact,
-  ViewReadyContact,
-} from './contact.service';
+import { ContactService, ViewReadyContact } from './contact.service';
 
 @Component({
   selector: 'app-contact',

console-webapp/src/app/settings/contact/contact.service.ts

@@ -83,7 +83,7 @@ export class ContactService {
       : contactTypeToViewReadyContact({
           emailAddress: '',
           name: '',
-          types: ['ADMIN'],
+          types: ['TECH'],
           faxNumber: '',
           phoneNumber: '',
           registrarId: '',

console-webapp/src/app/settings/contact/contactDetails.component.html

@@ -56,6 +56,7 @@
           [required]="true"
           [(ngModel)]="contactService.contactInEdit.emailAddress"
           [ngModelOptions]="{ standalone: true }"
+          [disabled]="emailAddressIsDisabled()"
         />
       </mat-form-field>
 
@@ -85,14 +86,18 @@
         <mat-icon color="accent">error</mat-icon>Required to select at least one
       </p>
       <div class="">
-        <mat-checkbox
+        <ng-container
           *ngFor="let contactType of contactTypeToTextMap | keyvalue"
-          [checked]="checkboxIsChecked(contactType.key)"
-          (change)="checkboxOnChange($event, contactType.key)"
-          [disabled]="checkboxIsDisabled(contactType.key)"
         >
-          {{ contactType.value }}
-        </mat-checkbox>
+          <mat-checkbox
+            *ngIf="shouldDisplayCheckbox(contactType.key)"
+            [checked]="checkboxIsChecked(contactType.key)"
+            (change)="checkboxOnChange($event, contactType.key)"
+            [disabled]="checkboxIsDisabled(contactType.key)"
+          >
+            {{ contactType.value }}
+          </mat-checkbox>
+        </ng-container>
       </div>
     </section>
 

console-webapp/src/app/settings/contact/contactDetails.component.ts

@@ -82,6 +82,10 @@ export class ContactDetailsComponent {
     });
   }
 
+  shouldDisplayCheckbox(type: string) {
+    return type !== 'ADMIN' || this.checkboxIsChecked(type);
+  }
+
   checkboxIsChecked(type: string) {
     return this.contactService.contactInEdit.types.includes(
       type as contactType
@@ -89,6 +93,9 @@ export class ContactDetailsComponent {
   }
 
   checkboxIsDisabled(type: string) {
+    if (type === 'ADMIN') {
+      return true;
+    }
     return (
       this.contactService.contactInEdit.types.length === 1 &&
       this.contactService.contactInEdit.types[0] === (type as contactType)
@@ -105,4 +112,8 @@ export class ContactDetailsComponent {
         );
     }
   }
+
+  emailAddressIsDisabled() {
+    return this.contactService.contactInEdit.types.includes('ADMIN');
+  }
 }

console-webapp/src/app/shared/components/pocReminder/pocReminder.component.html

@@ -0,0 +1,14 @@
+<div class="console-app__pocReminder">
+  <p class="">
+    Please take a moment to complete annual review of
+    <a routerLink="/settings">contacts</a>.
+  </p>
+  <span matSnackBarActions>
+    <button mat-button matSnackBarAction (click)="confirmReviewed()">
+      Confirm reviewed
+    </button>
+    <button mat-button matSnackBarAction (click)="snackBarRef.dismiss()">
+      Close
+    </button>
+  </span>
+</div>

console-webapp/src/app/shared/components/pocReminder/pocReminder.component.scss

@@ -0,0 +1,5 @@
+.console-app__pocReminder {
+  a {
+    color: white !important;
+  }
+}

console-webapp/src/app/shared/components/pocReminder/pocReminder.component.ts

@@ -0,0 +1,53 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import { Component } from '@angular/core';
+import { MatSnackBar, MatSnackBarRef } from '@angular/material/snack-bar';
+import { RegistrarService } from '../../../registrar/registrar.service';
+import { HttpErrorResponse } from '@angular/common/http';
+
+@Component({
+  selector: 'app-poc-reminder',
+  templateUrl: './pocReminder.component.html',
+  styleUrls: ['./pocReminder.component.scss'],
+  standalone: false,
+})
+export class PocReminderComponent {
+  constructor(
+    public snackBarRef: MatSnackBarRef<PocReminderComponent>,
+    private registrarService: RegistrarService,
+    private _snackBar: MatSnackBar
+  ) {}
+
+  confirmReviewed() {
+    if (this.registrarService.registrar()) {
+      const todayMidnight = new Date();
+      todayMidnight.setHours(0, 0, 0, 0);
+      this.registrarService
+        // @ts-ignore - if check  above won't allow empty object to be submitted
+        .updateRegistrar({
+          ...this.registrarService.registrar(),
+          lastPocVerificationDate: todayMidnight.toISOString(),
+        })
+        .subscribe({
+          error: (err: HttpErrorResponse) => {
+            this._snackBar.open(err.error || err.message);
+          },
+          next: () => {
+            this.snackBarRef.dismiss();
+          },
+        });
+    }
+  }
+}

core/build.gradle

@@ -61,6 +61,7 @@ def fragileTestPatterns = [
     // Currently changes a global configuration parameter that for some reason
     // results in timestamp inversions for other tests.  TODO(mmuller): fix.
     "google/registry/flows/host/HostInfoFlowTest.*",
+    "google/registry/beam/common/RegistryPipelineWorkerInitializerTest.*",
 ] + dockerIncompatibleTestPatterns
 
 sourceSets {

core/src/main/java/google/registry/batch/SendExpiringCertificateNotificationEmailAction.java

@@ -33,7 +33,7 @@ import google.registry.flows.certs.CertificateChecker;
 import google.registry.groups.GmailClient;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase.Type;
+import google.registry.model.registrar.RegistrarPoc.Type;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
 import google.registry.request.Response;

core/src/main/java/google/registry/beam/billing/BillingEvent.java

@@ -172,7 +172,7 @@ public record BillingEvent(
                 .minusDays(1)
                 .toString(),
         billingId(),
-        registrarId(),
+        "",
         String.format("%s | TLD: %s | TERM: %d-year", action(), tld(), years()),
         amount(),
         currency(),

core/src/main/java/google/registry/beam/billing/ExpandBillingRecurrencesPipeline.java

@@ -36,8 +36,6 @@ import google.registry.config.RegistryConfig.ConfigModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
 import google.registry.flows.custom.CustomLogicModule;
 import google.registry.flows.domain.DomainPricingLogic;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForCurrencyException;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
 import google.registry.model.ImmutableObject;
 import google.registry.model.billing.BillingBase.Flag;
 import google.registry.model.billing.BillingCancellation;
@@ -389,38 +387,30 @@ public class ExpandBillingRecurrencesPipeline implements Serializable {
       // It is OK to always create a OneTime, even though the domain might be deleted or transferred
       // later during autorenew grace period, as a cancellation will always be written out in those
       // instances.
-      BillingEvent billingEvent = null;
-      try {
-        billingEvent =
-            new BillingEvent.Builder()
-                .setBillingTime(billingTime)
-                .setRegistrarId(billingRecurrence.getRegistrarId())
-                // Determine the cost for a one-year renewal.
-                .setCost(
-                    domainPricingLogic
-                        .getRenewPrice(
-                            tld,
-                            billingRecurrence.getTargetId(),
-                            eventTime,
-                            1,
-                            billingRecurrence,
-                            Optional.empty())
-                        .getRenewCost())
-                .setEventTime(eventTime)
-                .setFlags(union(billingRecurrence.getFlags(), Flag.SYNTHETIC))
-                .setDomainHistory(historyEntry)
-                .setPeriodYears(1)
-                .setReason(billingRecurrence.getReason())
-                .setSyntheticCreationTime(endTime)
-                .setCancellationMatchingBillingEvent(billingRecurrence)
-                .setTargetId(billingRecurrence.getTargetId())
-                .build();
-      } catch (AllocationTokenInvalidForCurrencyException
-          | AllocationTokenInvalidForPremiumNameException e) {
-        // This should not be reached since we are not using an allocation token
-        return;
-      }
-      results.add(billingEvent);
+      results.add(
+          new BillingEvent.Builder()
+              .setBillingTime(billingTime)
+              .setRegistrarId(billingRecurrence.getRegistrarId())
+              // Determine the cost for a one-year renewal.
+              .setCost(
+                  domainPricingLogic
+                      .getRenewPrice(
+                          tld,
+                          billingRecurrence.getTargetId(),
+                          eventTime,
+                          1,
+                          billingRecurrence,
+                          Optional.empty())
+                      .getRenewCost())
+              .setEventTime(eventTime)
+              .setFlags(union(billingRecurrence.getFlags(), Flag.SYNTHETIC))
+              .setDomainHistory(historyEntry)
+              .setPeriodYears(1)
+              .setReason(billingRecurrence.getReason())
+              .setSyntheticCreationTime(endTime)
+              .setCancellationMatchingBillingEvent(billingRecurrence)
+              .setTargetId(billingRecurrence.getTargetId())
+              .build());
     }
     results.add(
         billingRecurrence

core/src/main/java/google/registry/beam/common/RegistryPipelineWorkerInitializer.java

@@ -40,6 +40,8 @@ public class RegistryPipelineWorkerInitializer implements JvmInitializer {
 
   @Override
   public void beforeProcessing(PipelineOptions options) {
+    // TODO(b/416299900): remove next line after GAE is removed.
+    System.setProperty("google.registry.jetty", "true");
     RegistryPipelineOptions registryOptions = options.as(RegistryPipelineOptions.class);
     RegistryEnvironment environment = registryOptions.getRegistryEnvironment();
     if (environment == null || environment.equals(RegistryEnvironment.UNITTEST)) {

core/src/main/java/google/registry/beam/rde/RdePipeline.java

@@ -58,7 +58,7 @@ import google.registry.model.host.Host;
 import google.registry.model.host.HostHistory;
 import google.registry.model.rde.RdeMode;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.Type;
+import google.registry.model.registrar.Registrar.Type;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
 import google.registry.persistence.PersistenceModule.TransactionIsolationLevel;

core/src/main/java/google/registry/config/CredentialModule.java

@@ -144,7 +144,6 @@ public abstract class CredentialModule {
       Duration tokenRefreshDelay,
       Clock clock) {
     GoogleCredentials signer = credentialsBundle.getGoogleCredentials();
-
     checkArgument(
         signer instanceof ServiceAccountSigner,
         "Expecting a ServiceAccountSigner, found %s.",

core/src/main/java/google/registry/dns/PublishDnsUpdatesAction.java

@@ -50,7 +50,6 @@ import google.registry.model.domain.Domain;
 import google.registry.model.host.Host;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.model.tld.Tld;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
@@ -296,7 +295,7 @@ public final class PublishDnsUpdatesAction implements Runnable, Callable<Void> {
 
       ImmutableList<InternetAddress> recipients =
           registrar.get().getContacts().stream()
-              .filter(c -> c.getTypes().contains(RegistrarPocBase.Type.ADMIN))
+              .filter(c -> c.getTypes().contains(RegistrarPoc.Type.ADMIN))
               .map(RegistrarPoc::getEmailAddress)
               .map(PublishDnsUpdatesAction::emailToInternetAddress)
               .collect(toImmutableList());

core/src/main/java/google/registry/export/SyncGroupMembersAction.java

@@ -33,7 +33,6 @@ import google.registry.groups.GroupsConnection;
 import google.registry.groups.GroupsConnection.Role;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
@@ -101,7 +100,7 @@ public final class SyncGroupMembersAction implements Runnable {
    * Returns the Google Groups email address for the given registrar ID and RegistrarContact.Type.
    */
   public static String getGroupEmailAddressForContactType(
-      String registrarId, RegistrarPocBase.Type type, String gSuiteDomainName) {
+      String registrarId, RegistrarPoc.Type type, String gSuiteDomainName) {
     // Take the registrar's ID, make it lowercase, and remove all characters that aren't
     // alphanumeric, hyphens, or underscores.
     return String.format(
@@ -176,7 +175,7 @@ public final class SyncGroupMembersAction implements Runnable {
       Set<RegistrarPoc> registrarPocs = registrar.getContacts();
       long totalAdded = 0;
       long totalRemoved = 0;
-      for (final RegistrarPocBase.Type type : RegistrarPocBase.Type.values()) {
+      for (final RegistrarPoc.Type type : RegistrarPoc.Type.values()) {
         groupKey =
             getGroupEmailAddressForContactType(registrar.getRegistrarId(), type, gSuiteDomainName);
         Set<String> currentMembers = groupsConnection.getMembersOfGroup(groupKey);

core/src/main/java/google/registry/export/sheet/SyncRegistrarsSheet.java

@@ -17,13 +17,13 @@ package google.registry.export.sheet;
 import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.collect.ImmutableList.toImmutableList;
 import static google.registry.model.common.Cursor.CursorType.SYNC_REGISTRAR_SHEET;
-import static google.registry.model.registrar.RegistrarPocBase.Type.ABUSE;
-import static google.registry.model.registrar.RegistrarPocBase.Type.ADMIN;
-import static google.registry.model.registrar.RegistrarPocBase.Type.BILLING;
-import static google.registry.model.registrar.RegistrarPocBase.Type.LEGAL;
-import static google.registry.model.registrar.RegistrarPocBase.Type.MARKETING;
-import static google.registry.model.registrar.RegistrarPocBase.Type.TECH;
-import static google.registry.model.registrar.RegistrarPocBase.Type.WHOIS;
+import static google.registry.model.registrar.RegistrarPoc.Type.ABUSE;
+import static google.registry.model.registrar.RegistrarPoc.Type.ADMIN;
+import static google.registry.model.registrar.RegistrarPoc.Type.BILLING;
+import static google.registry.model.registrar.RegistrarPoc.Type.LEGAL;
+import static google.registry.model.registrar.RegistrarPoc.Type.MARKETING;
+import static google.registry.model.registrar.RegistrarPoc.Type.TECH;
+import static google.registry.model.registrar.RegistrarPoc.Type.WHOIS;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
 
@@ -36,7 +36,6 @@ import google.registry.model.common.Cursor;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.util.Clock;
 import google.registry.util.DateTimeUtils;
 import jakarta.inject.Inject;
@@ -174,7 +173,7 @@ class SyncRegistrarsSheet {
     return result.toString();
   }
 
-  private static Predicate<RegistrarPoc> byType(final RegistrarPocBase.Type type) {
+  private static Predicate<RegistrarPoc> byType(final RegistrarPoc.Type type) {
     return contact -> contact.getTypes().contains(type);
   }
 

core/src/main/java/google/registry/flows/domain/DomainCheckFlow.java

@@ -14,7 +14,6 @@
 
 package google.registry.flows.domain;
 
-import static com.google.common.base.Strings.emptyToNull;
 import static com.google.common.collect.ImmutableList.toImmutableList;
 import static com.google.common.collect.ImmutableMap.toImmutableMap;
 import static com.google.common.collect.ImmutableSet.toImmutableSet;
@@ -42,6 +41,7 @@ import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Maps;
+import com.google.common.flogger.FluentLogger;
 import com.google.common.net.InternetDomainName;
 import google.registry.config.RegistryConfig;
 import google.registry.config.RegistryConfig.Config;
@@ -55,14 +55,7 @@ import google.registry.flows.annotations.ReportingSpec;
 import google.registry.flows.custom.DomainCheckFlowCustomLogic;
 import google.registry.flows.custom.DomainCheckFlowCustomLogic.BeforeResponseParameters;
 import google.registry.flows.custom.DomainCheckFlowCustomLogic.BeforeResponseReturnData;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
-import google.registry.flows.domain.token.AllocationTokenDomainCheckResults;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForCommandException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
 import google.registry.model.EppResource;
 import google.registry.model.ForeignKeyUtils;
 import google.registry.model.billing.BillingRecurrence;
@@ -87,7 +80,6 @@ import google.registry.model.tld.Tld;
 import google.registry.model.tld.Tld.TldState;
 import google.registry.model.tld.label.ReservationType;
 import google.registry.persistence.VKey;
-import google.registry.pricing.PricingEngineProxy;
 import google.registry.util.Clock;
 import jakarta.inject.Inject;
 import java.util.Collection;
@@ -131,6 +123,8 @@ import org.joda.time.DateTime;
 @ReportingSpec(ActivityReportField.DOMAIN_CHECK)
 public final class DomainCheckFlow implements TransactionalFlow {
 
+  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
+
   private static final String STANDARD_FEE_RESPONSE_CLASS = "STANDARD";
   private static final String STANDARD_PROMOTION_FEE_RESPONSE_CLASS = "STANDARD PROMOTION";
 
@@ -146,7 +140,6 @@ public final class DomainCheckFlow implements TransactionalFlow {
   @Inject @Superuser boolean isSuperuser;
   @Inject Clock clock;
   @Inject EppResponse.Builder responseBuilder;
-  @Inject AllocationTokenFlowUtils allocationTokenFlowUtils;
   @Inject DomainCheckFlowCustomLogic flowCustomLogic;
   @Inject DomainPricingLogic pricingLogic;
 
@@ -195,36 +188,15 @@ public final class DomainCheckFlow implements TransactionalFlow {
         existingDomains.size() == parsedDomains.size()
             ? ImmutableSet.of()
             : getBsaBlockedDomains(parsedDomains.values(), now);
-    Optional<AllocationTokenExtension> allocationTokenExtension =
-        eppInput.getSingleExtension(AllocationTokenExtension.class);
-    Optional<AllocationTokenDomainCheckResults> tokenDomainCheckResults =
-        allocationTokenExtension.map(
-            tokenExtension ->
-                allocationTokenFlowUtils.checkDomainsWithToken(
-                    ImmutableList.copyOf(parsedDomains.values()),
-                    tokenExtension.getAllocationToken(),
-                    registrarId,
-                    now));
 
     ImmutableList.Builder<DomainCheck> checksBuilder = new ImmutableList.Builder<>();
     ImmutableSet.Builder<String> availableDomains = new ImmutableSet.Builder<>();
     ImmutableMap<String, TldState> tldStates =
         Maps.toMap(seenTlds, tld -> Tld.get(tld).getTldState(now));
-    ImmutableMap<InternetDomainName, String> domainCheckResults =
-        tokenDomainCheckResults
-            .map(AllocationTokenDomainCheckResults::domainCheckResults)
-            .orElse(ImmutableMap.of());
-    Optional<AllocationToken> allocationToken =
-        tokenDomainCheckResults.flatMap(AllocationTokenDomainCheckResults::token);
     for (String domainName : domainNames) {
       Optional<String> message =
           getMessageForCheck(
-              parsedDomains.get(domainName),
-              existingDomains,
-              bsaBlockedDomainNames,
-              domainCheckResults,
-              tldStates,
-              allocationToken);
+              domainName, existingDomains, bsaBlockedDomainNames, tldStates, parsedDomains, now);
       boolean isAvailable = message.isEmpty();
       checksBuilder.add(DomainCheck.create(isAvailable, domainName, message.orElse(null)));
       if (isAvailable) {
@@ -237,11 +209,7 @@ public final class DomainCheckFlow implements TransactionalFlow {
                 .setDomainChecks(checksBuilder.build())
                 .setResponseExtensions(
                     getResponseExtensions(
-                        parsedDomains,
-                        existingDomains,
-                        availableDomains.build(),
-                        now,
-                        allocationToken))
+                        parsedDomains, existingDomains, availableDomains.build(), now))
                 .setAsOfDate(now)
                 .build());
     return responseBuilder
@@ -251,10 +219,39 @@ public final class DomainCheckFlow implements TransactionalFlow {
   }
 
   private Optional<String> getMessageForCheck(
+      String domainName,
+      ImmutableMap<String, VKey<Domain>> existingDomains,
+      ImmutableSet<InternetDomainName> bsaBlockedDomainNames,
+      ImmutableMap<String, TldState> tldStates,
+      ImmutableMap<String, InternetDomainName> parsedDomains,
+      DateTime now) {
+    InternetDomainName idn = parsedDomains.get(domainName);
+    Optional<AllocationToken> token;
+    try {
+      // Which token we use may vary based on the domain -- a provided token may be invalid for
+      // some domains, or there may be DEFAULT PROMO tokens only applicable on some domains
+      token =
+          AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+              registrarId,
+              now,
+              eppInput.getSingleExtension(AllocationTokenExtension.class),
+              Tld.get(idn.parent().toString()),
+              domainName,
+              FeeQueryCommandExtensionItem.CommandName.CREATE);
+    } catch (AllocationTokenFlowUtils.NonexistentAllocationTokenException
+        | AllocationTokenFlowUtils.AllocationTokenInvalidException e) {
+      // The provided token was catastrophically invalid in some way
+      logger.atInfo().withCause(e).log("Cannot load/use allocation token.");
+      return Optional.of(e.getMessage());
+    }
+    return getMessageForCheckWithToken(
+        idn, existingDomains, bsaBlockedDomainNames, tldStates, token);
+  }
+
+  private Optional<String> getMessageForCheckWithToken(
       InternetDomainName domainName,
       ImmutableMap<String, VKey<Domain>> existingDomains,
       ImmutableSet<InternetDomainName> bsaBlockedDomains,
-      ImmutableMap<InternetDomainName, String> tokenCheckResults,
       ImmutableMap<String, TldState> tldStates,
       Optional<AllocationToken> allocationToken) {
     if (existingDomains.containsKey(domainName.toString())) {
@@ -271,11 +268,6 @@ public final class DomainCheckFlow implements TransactionalFlow {
         }
       }
     }
-    Optional<String> tokenResult =
-        Optional.ofNullable(emptyToNull(tokenCheckResults.get(domainName)));
-    if (tokenResult.isPresent()) {
-      return tokenResult;
-    }
     if (isRegisterBsaCreate(domainName, allocationToken)
         || !bsaBlockedDomains.contains(domainName)) {
       return Optional.empty();
@@ -290,8 +282,7 @@ public final class DomainCheckFlow implements TransactionalFlow {
       ImmutableMap<String, InternetDomainName> domainNames,
       ImmutableMap<String, VKey<Domain>> existingDomains,
       ImmutableSet<String> availableDomains,
-      DateTime now,
-      Optional<AllocationToken> allocationToken)
+      DateTime now)
       throws EppException {
     Optional<FeeCheckCommandExtension> feeCheckOpt =
         eppInput.getSingleExtension(FeeCheckCommandExtension.class);
@@ -309,84 +300,24 @@ public final class DomainCheckFlow implements TransactionalFlow {
         RegistryConfig.getTieredPricingPromotionRegistrarIds().contains(registrarId);
     for (FeeCheckCommandExtensionItem feeCheckItem : feeCheck.getItems()) {
       for (String domainName : getDomainNamesToCheckForFee(feeCheckItem, domainNames.keySet())) {
-        Optional<AllocationToken> defaultToken =
-            DomainFlowUtils.checkForDefaultToken(
-                Tld.get(InternetDomainName.from(domainName).parent().toString()),
-                domainName,
-                feeCheckItem.getCommandName(),
-                registrarId,
-                now);
         FeeCheckResponseExtensionItem.Builder<?> builder = feeCheckItem.createResponseBuilder();
         Optional<Domain> domain = Optional.ofNullable(domainObjs.get(domainName));
+        Tld tld = Tld.get(domainNames.get(domainName).parent().toString());
+        Optional<AllocationToken> token;
         try {
-          if (allocationToken.isPresent()) {
-            AllocationTokenFlowUtils.validateToken(
-                InternetDomainName.from(domainName),
-                allocationToken.get(),
-                feeCheckItem.getCommandName(),
-                registrarId,
-                PricingEngineProxy.isDomainPremium(domainName, now),
-                now);
-          }
-          handleFeeRequest(
-              feeCheckItem,
-              builder,
-              domainNames.get(domainName),
-              domain,
-              feeCheck.getCurrency(),
-              now,
-              pricingLogic,
-              allocationToken.isPresent() ? allocationToken : defaultToken,
-              availableDomains.contains(domainName),
-              recurrences.getOrDefault(domainName, null));
-          // In the case of a registrar that is running a tiered pricing promotion, we issue two
-          // responses for the CREATE fee check command: one (the default response) with the
-          // non-promotional price, and one (an extra STANDARD PROMO response) with the actual
-          // promotional price.
-          if (defaultToken.isPresent()
-              && shouldUseTieredPricingPromotion
-              && feeCheckItem
-                  .getCommandName()
-                  .equals(FeeQueryCommandExtensionItem.CommandName.CREATE)) {
-            // First, set the promotional (real) price under the STANDARD PROMO class
-            builder
-                .setClass(STANDARD_PROMOTION_FEE_RESPONSE_CLASS)
-                .setCommand(
-                    FeeQueryCommandExtensionItem.CommandName.CUSTOM,
-                    feeCheckItem.getPhase(),
-                    feeCheckItem.getSubphase());
-
-            // Next, get the non-promotional price and set it as the standard response to the CREATE
-            // fee check command
-            FeeCheckResponseExtensionItem.Builder<?> nonPromotionalBuilder =
-                feeCheckItem.createResponseBuilder();
-            handleFeeRequest(
-                feeCheckItem,
-                nonPromotionalBuilder,
-                domainNames.get(domainName),
-                domain,
-                feeCheck.getCurrency(),
-                now,
-                pricingLogic,
-                allocationToken,
-                availableDomains.contains(domainName),
-                recurrences.getOrDefault(domainName, null));
-            responseItems.add(
-                nonPromotionalBuilder
-                    .setClass(STANDARD_FEE_RESPONSE_CLASS)
-                    .setDomainNameIfSupported(domainName)
-                    .build());
-          }
-          responseItems.add(builder.setDomainNameIfSupported(domainName).build());
-        } catch (AllocationTokenInvalidForPremiumNameException
-            | AllocationTokenNotValidForCommandException
-            | AllocationTokenNotValidForDomainException
-            | AllocationTokenNotValidForRegistrarException
-            | AllocationTokenNotValidForTldException
-            | AllocationTokenNotInPromotionException e) {
-          // Allocation token is either not an active token or it is not valid for the EPP command,
-          // registrar, domain, or TLD.
-          Tld tld = Tld.get(InternetDomainName.from(domainName).parent().toString());
+          // The precise token to use for this fee request may vary based on the domain or even the
+          // precise command issued (some tokens may be valid only for certain actions)
+          token =
+              AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                  registrarId,
+                  now,
+                  eppInput.getSingleExtension(AllocationTokenExtension.class),
+                  tld,
+                  domainName,
+                  feeCheckItem.getCommandName());
+        } catch (AllocationTokenFlowUtils.NonexistentAllocationTokenException
+            | AllocationTokenFlowUtils.AllocationTokenInvalidException e) {
+          // The provided token was catastrophically invalid in some way
           responseItems.add(
               builder
                   .setDomainNameIfSupported(domainName)
@@ -398,7 +329,60 @@ public final class DomainCheckFlow implements TransactionalFlow {
                   .setCurrencyIfSupported(tld.getCurrency())
                   .setClass("token-not-supported")
                   .build());
+          continue;
         }
+        handleFeeRequest(
+            feeCheckItem,
+            builder,
+            domainNames.get(domainName),
+            domain,
+            feeCheck.getCurrency(),
+            now,
+            pricingLogic,
+            token,
+            availableDomains.contains(domainName),
+            recurrences.getOrDefault(domainName, null));
+        // In the case of a registrar that is running a tiered pricing promotion, we issue two
+        // responses for the CREATE fee check command: one (the default response) with the
+        // non-promotional price, and one (an extra STANDARD PROMO response) with the actual
+        // promotional price.
+        if (token
+                .map(t -> t.getTokenType().equals(AllocationToken.TokenType.DEFAULT_PROMO))
+                .orElse(false)
+            && shouldUseTieredPricingPromotion
+            && feeCheckItem
+                .getCommandName()
+                .equals(FeeQueryCommandExtensionItem.CommandName.CREATE)) {
+          // First, set the promotional (real) price under the STANDARD PROMO class
+          builder
+              .setClass(STANDARD_PROMOTION_FEE_RESPONSE_CLASS)
+              .setCommand(
+                  FeeQueryCommandExtensionItem.CommandName.CUSTOM,
+                  feeCheckItem.getPhase(),
+                  feeCheckItem.getSubphase());
+
+          // Next, get the non-promotional price and set it as the standard response to the CREATE
+          // fee check command
+          FeeCheckResponseExtensionItem.Builder<?> nonPromotionalBuilder =
+              feeCheckItem.createResponseBuilder();
+          handleFeeRequest(
+              feeCheckItem,
+              nonPromotionalBuilder,
+              domainNames.get(domainName),
+              domain,
+              feeCheck.getCurrency(),
+              now,
+              pricingLogic,
+              Optional.empty(),
+              availableDomains.contains(domainName),
+              recurrences.getOrDefault(domainName, null));
+          responseItems.add(
+              nonPromotionalBuilder
+                  .setClass(STANDARD_FEE_RESPONSE_CLASS)
+                  .setDomainNameIfSupported(domainName)
+                  .build());
+        }
+        responseItems.add(builder.setDomainNameIfSupported(domainName).build());
       }
     }
     return ImmutableList.of(feeCheck.createResponse(responseItems.build()));

core/src/main/java/google/registry/flows/domain/DomainCreateFlow.java

@@ -133,11 +133,8 @@ import org.joda.time.Duration;
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException}
  * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException}
- * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
- * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.NonexistentAllocationTokenException}
  * @error {@link google.registry.flows.exceptions.OnlyToolCanPassMetadataException}
  * @error {@link ResourceAlreadyExistsForThisClientException}
  * @error {@link ResourceCreateContentionException}
@@ -205,7 +202,6 @@ import org.joda.time.Duration;
  * @error {@link DomainFlowUtils.UnexpectedClaimsNoticeException}
  * @error {@link DomainFlowUtils.UnsupportedFeeAttributeException}
  * @error {@link DomainFlowUtils.UnsupportedMarkTypeException}
- * @error {@link DomainPricingLogic.AllocationTokenInvalidForPremiumNameException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_CREATE)
 public final class DomainCreateFlow implements MutatingFlow {
@@ -221,7 +217,6 @@ public final class DomainCreateFlow implements MutatingFlow {
   @Inject @Superuser boolean isSuperuser;
   @Inject DomainHistory.Builder historyBuilder;
   @Inject EppResponse.Builder responseBuilder;
-  @Inject AllocationTokenFlowUtils allocationTokenFlowUtils;
   @Inject DomainCreateFlowCustomLogic flowCustomLogic;
   @Inject DomainFlowTmchUtils tmchUtils;
   @Inject DomainPricingLogic pricingLogic;
@@ -264,25 +259,20 @@ public final class DomainCreateFlow implements MutatingFlow {
     }
     boolean isSunriseCreate = hasSignedMarks && (tldState == START_DATE_SUNRISE);
     Optional<AllocationToken> allocationToken =
-        allocationTokenFlowUtils.verifyAllocationTokenCreateIfPresent(
-            command,
-            tld,
+        AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
             registrarId,
             now,
-            eppInput.getSingleExtension(AllocationTokenExtension.class));
-    boolean defaultTokenUsed = false;
-    if (allocationToken.isEmpty()) {
-      allocationToken =
-          DomainFlowUtils.checkForDefaultToken(
-              tld, command.getDomainName(), CommandName.CREATE, registrarId, now);
-      if (allocationToken.isPresent()) {
-        defaultTokenUsed = true;
-      }
-    }
+            eppInput.getSingleExtension(AllocationTokenExtension.class),
+            tld,
+            command.getDomainName(),
+            CommandName.CREATE);
+    boolean defaultTokenUsed =
+        allocationToken.map(t -> t.getTokenType().equals(TokenType.DEFAULT_PROMO)).orElse(false);
     boolean isAnchorTenant =
         isAnchorTenant(
             domainName, allocationToken, eppInput.getSingleExtension(MetadataExtension.class));
     verifyAnchorTenantValidPeriod(isAnchorTenant, years);
+
     // Superusers can create reserved domains, force creations on domains that require a claims
     // notice without specifying a claims key, ignore the registry phase, and override blocks on
     // registering premium domains.
@@ -416,7 +406,7 @@ public final class DomainCreateFlow implements MutatingFlow {
     entitiesToSave.add(domain, domainHistory);
     if (allocationToken.isPresent() && allocationToken.get().getTokenType().isOneTimeUse()) {
       entitiesToSave.add(
-          allocationTokenFlowUtils.redeemToken(
+          AllocationTokenFlowUtils.redeemToken(
               allocationToken.get(), domainHistory.getHistoryEntryId()));
     }
     if (domain.shouldPublishToDns()) {

core/src/main/java/google/registry/flows/domain/DomainFlowUtils.java

@@ -42,7 +42,6 @@ import static google.registry.model.tld.label.ReservationType.RESERVED_FOR_ANCHO
 import static google.registry.model.tld.label.ReservationType.RESERVED_FOR_SPECIFIC_USE;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.pricing.PricingEngineProxy.isDomainPremium;
-import static google.registry.util.CollectionUtils.isNullOrEmpty;
 import static google.registry.util.CollectionUtils.nullToEmpty;
 import static google.registry.util.DateTimeUtils.END_OF_TIME;
 import static google.registry.util.DateTimeUtils.isAtOrAfter;
@@ -67,7 +66,6 @@ import com.google.common.collect.Sets;
 import com.google.common.collect.Streams;
 import com.google.common.net.InternetDomainName;
 import google.registry.flows.EppException;
-import google.registry.flows.EppException.AssociationProhibitsOperationException;
 import google.registry.flows.EppException.AuthorizationErrorException;
 import google.registry.flows.EppException.CommandUseErrorException;
 import google.registry.flows.EppException.ObjectDoesNotExistException;
@@ -77,8 +75,6 @@ import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
 import google.registry.flows.EppException.RequiredParameterMissingException;
 import google.registry.flows.EppException.StatusProhibitsOperationException;
 import google.registry.flows.EppException.UnimplementedOptionException;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils;
 import google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedException;
 import google.registry.model.EppResource;
 import google.registry.model.billing.BillingBase.Flag;
@@ -101,7 +97,6 @@ import google.registry.model.domain.fee.BaseFee.FeeType;
 import google.registry.model.domain.fee.Credit;
 import google.registry.model.domain.fee.Fee;
 import google.registry.model.domain.fee.FeeQueryCommandExtensionItem;
-import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
 import google.registry.model.domain.fee.FeeQueryResponseExtensionItem;
 import google.registry.model.domain.fee.FeeTransformCommandExtension;
 import google.registry.model.domain.fee.FeeTransformResponseExtension;
@@ -124,7 +119,7 @@ import google.registry.model.eppoutput.EppResponse.ResponseExtension;
 import google.registry.model.host.Host;
 import google.registry.model.poll.PollMessage.Autorenew;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.DomainTransactionRecord.TransactionReportField;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
@@ -1233,52 +1228,6 @@ public class DomainFlowUtils {
         .getResultList();
   }
 
-  /**
-   * Checks if there is a valid default token to be used for a domain create command.
-   *
-   * <p>If there is more than one valid default token for the registration, only the first valid
-   * token found on the TLD's default token list will be returned.
-   */
-  public static Optional<AllocationToken> checkForDefaultToken(
-      Tld tld, String domainName, CommandName commandName, String registrarId, DateTime now)
-      throws EppException {
-    if (isNullOrEmpty(tld.getDefaultPromoTokens())) {
-      return Optional.empty();
-    }
-    Map<VKey<AllocationToken>, Optional<AllocationToken>> tokens =
-        AllocationToken.getAll(tld.getDefaultPromoTokens());
-    ImmutableList<Optional<AllocationToken>> tokenList =
-        tld.getDefaultPromoTokens().stream()
-            .map(tokens::get)
-            .filter(Optional::isPresent)
-            .collect(toImmutableList());
-    checkState(
-        !isNullOrEmpty(tokenList),
-        "Failure while loading default TLD promotions from the database");
-    // Check if any of the tokens are valid for this domain registration
-    for (Optional<AllocationToken> token : tokenList) {
-      try {
-        AllocationTokenFlowUtils.validateToken(
-            InternetDomainName.from(domainName),
-            token.get(),
-            commandName,
-            registrarId,
-            isDomainPremium(domainName, now),
-            now);
-      } catch (AssociationProhibitsOperationException
-          | StatusProhibitsOperationException
-          | AllocationTokenInvalidForPremiumNameException e) {
-        // Allocation token was not valid for this registration, continue to check the next token in
-        // the list
-        continue;
-      }
-      // Only use the first valid token in the list
-      return token;
-    }
-    // No valid default token found
-    return Optional.empty();
-  }
-
   /** Resource linked to this domain does not exist. */
   static class LinkedResourcesDoNotExistException extends ObjectDoesNotExistException {
     public LinkedResourcesDoNotExistException(Class<?> type, ImmutableSet<String> resourceIds) {

core/src/main/java/google/registry/flows/domain/DomainInfoFlow.java

@@ -31,6 +31,7 @@ import google.registry.flows.ExtensionManager;
 import google.registry.flows.FlowModule.RegistrarId;
 import google.registry.flows.FlowModule.Superuser;
 import google.registry.flows.FlowModule.TargetId;
+import google.registry.flows.MutatingFlow;
 import google.registry.flows.TransactionalFlow;
 import google.registry.flows.annotations.ReportingSpec;
 import google.registry.flows.custom.DomainInfoFlowCustomLogic;
@@ -53,6 +54,8 @@ import google.registry.model.eppinput.ResourceCommand;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.eppoutput.EppResponse.ResponseExtension;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
+import google.registry.persistence.IsolationLevel;
+import google.registry.persistence.PersistenceModule;
 import google.registry.util.Clock;
 import jakarta.inject.Inject;
 import java.util.Optional;
@@ -62,8 +65,12 @@ import org.joda.time.DateTime;
  * An EPP flow that returns information about a domain.
  *
  * <p>The registrar that owns the domain, and any registrar presenting a valid authInfo for the
- * domain, will get a rich result with all of the domain's fields. All other requests will be
- * answered with a minimal result containing only basic information about the domain.
+ * domain, will get a rich result with all the domain's fields. All other requests will be answered
+ * with a minimal result containing only basic information about the domain.
+ *
+ * <p>This implements {@link MutatingFlow} instead of {@link TransactionalFlow} as a workaround so
+ * that the common workflow of "create domain, then immediately get domain info" does not run into
+ * replication lag issues where the info command claims the domain does not exist.
  *
  * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
  * @error {@link google.registry.flows.FlowUtils.UnknownCurrencyEppException}
@@ -76,7 +83,8 @@ import org.joda.time.DateTime;
  * @error {@link DomainFlowUtils.TransfersAreAlwaysForOneYearException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_INFO)
-public final class DomainInfoFlow implements TransactionalFlow {
+@IsolationLevel(PersistenceModule.TransactionIsolationLevel.TRANSACTION_REPEATABLE_READ)
+public final class DomainInfoFlow implements MutatingFlow {
 
   @Inject ExtensionManager extensionManager;
   @Inject ResourceCommand resourceCommand;

core/src/main/java/google/registry/flows/domain/DomainPricingLogic.java

@@ -16,14 +16,13 @@ package google.registry.flows.domain;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static google.registry.flows.domain.DomainFlowUtils.zeroInCurrency;
-import static google.registry.flows.domain.token.AllocationTokenFlowUtils.validateTokenForPossiblePremiumName;
+import static google.registry.flows.domain.token.AllocationTokenFlowUtils.discountTokenInvalidForPremiumName;
 import static google.registry.pricing.PricingEngineProxy.getPricesForDomainName;
 import static google.registry.util.PreconditionsUtils.checkArgumentPresent;
 
 import com.google.common.net.InternetDomainName;
 import google.registry.config.RegistryConfig;
 import google.registry.flows.EppException;
-import google.registry.flows.EppException.CommandUseErrorException;
 import google.registry.flows.custom.DomainPricingCustomLogic;
 import google.registry.flows.custom.DomainPricingCustomLogic.CreatePriceParameters;
 import google.registry.flows.custom.DomainPricingCustomLogic.RenewPriceParameters;
@@ -129,9 +128,7 @@ public final class DomainPricingLogic {
       DateTime dateTime,
       int years,
       @Nullable BillingRecurrence billingRecurrence,
-      Optional<AllocationToken> allocationToken)
-      throws AllocationTokenInvalidForCurrencyException,
-          AllocationTokenInvalidForPremiumNameException {
+      Optional<AllocationToken> allocationToken) {
     checkArgument(years > 0, "Number of years must be positive");
     Money renewCost;
     DomainPrices domainPrices = getPricesForDomainName(domainName, dateTime);
@@ -260,8 +257,7 @@ public final class DomainPricingLogic {
 
   /** Returns the domain create cost with allocation-token-related discounts applied. */
   private Money getDomainCreateCostWithDiscount(
-      DomainPrices domainPrices, int years, Optional<AllocationToken> allocationToken, Tld tld)
-      throws EppException {
+      DomainPrices domainPrices, int years, Optional<AllocationToken> allocationToken, Tld tld) {
     return getDomainCostWithDiscount(
         domainPrices.isPremium(),
         years,
@@ -277,9 +273,7 @@ public final class DomainPricingLogic {
       DomainPrices domainPrices,
       DateTime dateTime,
       int years,
-      Optional<AllocationToken> allocationToken)
-      throws AllocationTokenInvalidForCurrencyException,
-          AllocationTokenInvalidForPremiumNameException {
+      Optional<AllocationToken> allocationToken) {
     // Short-circuit if the user sent an anchor-tenant or otherwise NONPREMIUM-renewal token
     if (allocationToken.isPresent()) {
       AllocationToken token = allocationToken.get();
@@ -315,44 +309,41 @@ public final class DomainPricingLogic {
       Optional<AllocationToken> allocationToken,
       Money firstYearCost,
       Optional<Money> subsequentYearCost,
-      Tld tld)
-      throws AllocationTokenInvalidForCurrencyException,
-          AllocationTokenInvalidForPremiumNameException {
+      Tld tld) {
     checkArgument(years > 0, "Registration years to get cost for must be positive.");
-    validateTokenForPossiblePremiumName(allocationToken, isPremium);
     Money totalDomainFlowCost =
         firstYearCost.plus(subsequentYearCost.orElse(firstYearCost).multipliedBy(years - 1));
+    if (allocationToken.isEmpty()) {
+      return totalDomainFlowCost;
+    }
+    AllocationToken token = allocationToken.get();
+    if (discountTokenInvalidForPremiumName(token, isPremium)) {
+      return totalDomainFlowCost;
+    }
+    if (!token.getTokenBehavior().equals(TokenBehavior.DEFAULT)) {
+      return totalDomainFlowCost;
+    }
 
     // Apply the allocation token discount, if applicable.
-    if (allocationToken.isPresent()
-        && allocationToken.get().getTokenBehavior().equals(TokenBehavior.DEFAULT)) {
-      if (allocationToken.get().getDiscountPrice().isPresent()) {
-        if (!tld.getCurrency()
-            .equals(allocationToken.get().getDiscountPrice().get().getCurrencyUnit())) {
-          throw new AllocationTokenInvalidForCurrencyException();
-        }
-
-        int nonDiscountedYears = Math.max(0, years - allocationToken.get().getDiscountYears());
-        totalDomainFlowCost =
-            allocationToken
-                .get()
-                .getDiscountPrice()
-                .get()
-                .multipliedBy(allocationToken.get().getDiscountYears())
-                .plus(subsequentYearCost.orElse(firstYearCost).multipliedBy(nonDiscountedYears));
-      } else {
-        // Assumes token has discount fraction set.
-        int discountedYears = Math.min(years, allocationToken.get().getDiscountYears());
+    if (token.getDiscountPrice().isPresent()
+        && tld.getCurrency().equals(token.getDiscountPrice().get().getCurrencyUnit())) {
+      int nonDiscountedYears = Math.max(0, years - token.getDiscountYears());
+      totalDomainFlowCost =
+          token
+              .getDiscountPrice()
+              .get()
+              .multipliedBy(token.getDiscountYears())
+              .plus(subsequentYearCost.orElse(firstYearCost).multipliedBy(nonDiscountedYears));
+    } else if (token.getDiscountFraction() > 0) {
+      int discountedYears = Math.min(years, token.getDiscountYears());
         if (discountedYears > 0) {
-          var discount =
-              firstYearCost
-                  .plus(subsequentYearCost.orElse(firstYearCost).multipliedBy(discountedYears - 1))
-                  .multipliedBy(
-                      allocationToken.get().getDiscountFraction(), RoundingMode.HALF_EVEN);
+        var discount =
+            firstYearCost
+                .plus(subsequentYearCost.orElse(firstYearCost).multipliedBy(discountedYears - 1))
+                .multipliedBy(token.getDiscountFraction(), RoundingMode.HALF_EVEN);
           totalDomainFlowCost = totalDomainFlowCost.minus(discount);
         }
       }
-    }
     return totalDomainFlowCost;
   }
 
@@ -376,18 +367,4 @@ public final class DomainPricingLogic {
                 : domainPrices.getRenewCost();
     return DomainPrices.create(isPremium, createCost, renewCost);
   }
-
-  /** An allocation token was provided that is invalid for premium domains. */
-  public static class AllocationTokenInvalidForPremiumNameException
-      extends CommandUseErrorException {
-    public AllocationTokenInvalidForPremiumNameException() {
-      super("Token not valid for premium name");
-    }
-  }
-
-  public static class AllocationTokenInvalidForCurrencyException extends CommandUseErrorException {
-    public AllocationTokenInvalidForCurrencyException() {
-      super("Token and domain currencies do not match.");
-    }
-  }
 }

core/src/main/java/google/registry/flows/domain/DomainRenewFlow.java

@@ -31,7 +31,7 @@ import static google.registry.flows.domain.DomainFlowUtils.validateRegistrationP
 import static google.registry.flows.domain.DomainFlowUtils.verifyRegistrarIsActive;
 import static google.registry.flows.domain.DomainFlowUtils.verifyUnitIsYears;
 import static google.registry.flows.domain.token.AllocationTokenFlowUtils.maybeApplyBulkPricingRemovalToken;
-import static google.registry.flows.domain.token.AllocationTokenFlowUtils.verifyTokenAllowedOnDomain;
+import static google.registry.flows.domain.token.AllocationTokenFlowUtils.verifyBulkTokenAllowedOnDomain;
 import static google.registry.model.reporting.HistoryEntry.Type.DOMAIN_RENEW;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.util.DateTimeUtils.leapSafeAddYears;
@@ -124,15 +124,12 @@ import org.joda.time.Duration;
  * @error {@link RemoveBulkPricingTokenOnNonBulkPricingDomainException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException}
- * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.NonexistentAllocationTokenException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException}
  * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException}
- * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_RENEW)
@@ -154,7 +151,6 @@ public final class DomainRenewFlow implements MutatingFlow {
   @Inject @Superuser boolean isSuperuser;
   @Inject DomainHistory.Builder historyBuilder;
   @Inject EppResponse.Builder responseBuilder;
-  @Inject AllocationTokenFlowUtils allocationTokenFlowUtils;
   @Inject DomainRenewFlowCustomLogic flowCustomLogic;
   @Inject DomainPricingLogic pricingLogic;
   @Inject DomainRenewFlow() {}
@@ -174,22 +170,17 @@ public final class DomainRenewFlow implements MutatingFlow {
     String tldStr = existingDomain.getTld();
     Tld tld = Tld.get(tldStr);
     Optional<AllocationToken> allocationToken =
-        allocationTokenFlowUtils.verifyAllocationTokenIfPresent(
-            existingDomain,
-            tld,
+        AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
             registrarId,
             now,
-            CommandName.RENEW,
-            eppInput.getSingleExtension(AllocationTokenExtension.class));
-    boolean defaultTokenUsed = false;
-    if (allocationToken.isEmpty()) {
-      allocationToken =
-          DomainFlowUtils.checkForDefaultToken(
-              tld, existingDomain.getDomainName(), CommandName.RENEW, registrarId, now);
-      if (allocationToken.isPresent()) {
-        defaultTokenUsed = true;
-      }
-    }
+            eppInput.getSingleExtension(AllocationTokenExtension.class),
+            tld,
+            existingDomain.getDomainName(),
+            CommandName.RENEW);
+    boolean defaultTokenUsed =
+        allocationToken
+            .map(t -> t.getTokenType().equals(AllocationToken.TokenType.DEFAULT_PROMO))
+            .orElse(false);
     verifyRenewAllowed(authInfo, existingDomain, command, allocationToken);
 
     // If client passed an applicable static token this updates the domain
@@ -259,7 +250,7 @@ public final class DomainRenewFlow implements MutatingFlow {
         newDomain, domainHistory, explicitRenewEvent, newAutorenewEvent, newAutorenewPollMessage);
     if (allocationToken.isPresent() && allocationToken.get().getTokenType().isOneTimeUse()) {
       entitiesToSave.add(
-          allocationTokenFlowUtils.redeemToken(
+          AllocationTokenFlowUtils.redeemToken(
               allocationToken.get(), domainHistory.getHistoryEntryId()));
     }
     EntityChanges entityChanges =
@@ -327,7 +318,7 @@ public final class DomainRenewFlow implements MutatingFlow {
     }
     verifyUnitIsYears(command.getPeriod());
     // We only allow __REMOVE_BULK_PRICING__ token on bulk pricing domains for now
-    verifyTokenAllowedOnDomain(existingDomain, allocationToken);
+    verifyBulkTokenAllowedOnDomain(existingDomain, allocationToken);
     // If the date they specify doesn't match the expiration, fail. (This is an idempotence check).
     if (!command.getCurrentExpirationDate().equals(
         existingDomain.getRegistrationExpirationTime().toLocalDate())) {

core/src/main/java/google/registry/flows/domain/DomainTransferApproveFlow.java

@@ -54,7 +54,6 @@ import google.registry.model.billing.BillingRecurrence;
 import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.domain.GracePeriod;
-import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
 import google.registry.model.domain.metadata.MetadataExtension;
 import google.registry.model.domain.rgp.GracePeriodStatus;
 import google.registry.model.domain.token.AllocationTokenExtension;
@@ -94,15 +93,12 @@ import org.joda.time.DateTime;
  * @error {@link DomainFlowUtils.NotAuthorizedForTldException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException}
- * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.NonexistentAllocationTokenException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException}
  * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException}
- * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_TRANSFER_APPROVE)
@@ -116,7 +112,6 @@ public final class DomainTransferApproveFlow implements MutatingFlow {
   @Inject DomainHistory.Builder historyBuilder;
   @Inject EppResponse.Builder responseBuilder;
   @Inject DomainPricingLogic pricingLogic;
-  @Inject AllocationTokenFlowUtils allocationTokenFlowUtils;
   @Inject EppInput eppInput;
 
   @Inject DomainTransferApproveFlow() {}
@@ -132,13 +127,8 @@ public final class DomainTransferApproveFlow implements MutatingFlow {
     extensionManager.validate();
     DateTime now = tm().getTransactionTime();
     Domain existingDomain = loadAndVerifyExistence(Domain.class, targetId, now);
-    allocationTokenFlowUtils.verifyAllocationTokenIfPresent(
-        existingDomain,
-        Tld.get(existingDomain.getTld()),
-        registrarId,
-        now,
-        CommandName.TRANSFER,
-        eppInput.getSingleExtension(AllocationTokenExtension.class));
+    AllocationTokenFlowUtils.loadAllocationTokenFromExtension(
+        registrarId, targetId, now, eppInput.getSingleExtension(AllocationTokenExtension.class));
     verifyOptionalAuthInfo(authInfo, existingDomain);
     verifyHasPendingTransfer(existingDomain);
     verifyResourceOwnership(registrarId, existingDomain);

core/src/main/java/google/registry/flows/domain/DomainTransferRequestFlow.java

@@ -58,7 +58,6 @@ import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainCommand.Transfer;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.domain.Period;
-import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
 import google.registry.model.domain.fee.FeeTransferCommandExtension;
 import google.registry.model.domain.fee.FeeTransformResponseExtension;
 import google.registry.model.domain.metadata.MetadataExtension;
@@ -123,15 +122,12 @@ import org.joda.time.DateTime;
  * @error {@link DomainFlowUtils.UnsupportedFeeAttributeException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException}
- * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.NonexistentAllocationTokenException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException}
  * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException}
  * @error {@link
- *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException}
- * @error {@link
  *     google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_TRANSFER_REQUEST)
@@ -154,7 +150,6 @@ public final class DomainTransferRequestFlow implements MutatingFlow {
   @Inject AsyncTaskEnqueuer asyncTaskEnqueuer;
   @Inject EppResponse.Builder responseBuilder;
   @Inject DomainPricingLogic pricingLogic;
-  @Inject AllocationTokenFlowUtils allocationTokenFlowUtils;
 
   @Inject DomainTransferRequestFlow() {}
 
@@ -170,12 +165,10 @@ public final class DomainTransferRequestFlow implements MutatingFlow {
     extensionManager.validate();
     DateTime now = tm().getTransactionTime();
     Domain existingDomain = loadAndVerifyExistence(Domain.class, targetId, now);
-    allocationTokenFlowUtils.verifyAllocationTokenIfPresent(
-        existingDomain,
-        Tld.get(existingDomain.getTld()),
+    AllocationTokenFlowUtils.loadAllocationTokenFromExtension(
         gainingClientId,
+        targetId,
         now,
-        CommandName.TRANSFER,
         eppInput.getSingleExtension(AllocationTokenExtension.class));
     Optional<DomainTransferRequestSuperuserExtension> superuserExtension =
         eppInput.getSingleExtension(DomainTransferRequestSuperuserExtension.class);

core/src/main/java/google/registry/flows/domain/token/AllocationTokenFlowUtils.java

@@ -15,218 +15,97 @@
 package google.registry.flows.domain.token;
 
 import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkState;
+import static com.google.common.collect.ImmutableList.toImmutableList;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.pricing.PricingEngineProxy.isDomainPremium;
+import static google.registry.util.CollectionUtils.isNullOrEmpty;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Strings;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Maps;
+import com.google.common.collect.ImmutableList;
 import com.google.common.net.InternetDomainName;
 import google.registry.flows.EppException;
 import google.registry.flows.EppException.AssociationProhibitsOperationException;
 import google.registry.flows.EppException.AuthorizationErrorException;
 import google.registry.flows.EppException.StatusProhibitsOperationException;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
-import google.registry.model.billing.BillingBase.RenewalPriceBehavior;
+import google.registry.model.billing.BillingBase;
 import google.registry.model.billing.BillingRecurrence;
 import google.registry.model.domain.Domain;
-import google.registry.model.domain.DomainCommand;
 import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
 import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.AllocationToken.TokenBehavior;
-import google.registry.model.domain.token.AllocationToken.TokenStatus;
 import google.registry.model.domain.token.AllocationTokenExtension;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
 import google.registry.model.tld.Tld;
 import google.registry.persistence.VKey;
-import jakarta.inject.Inject;
-import java.util.List;
+import java.util.Map;
 import java.util.Optional;
 import org.joda.time.DateTime;
 
 /** Utility functions for dealing with {@link AllocationToken}s in domain flows. */
 public class AllocationTokenFlowUtils {
 
-  @Inject
-  public AllocationTokenFlowUtils() {}
-
-  /**
-   * Checks if the allocation token applies to the given domain names, used for domain checks.
-   *
-   * @return A map of domain names to domain check error response messages. If a message is present
-   *     for a a given domain then it does not validate with this allocation token; domains that do
-   *     validate have blank messages (i.e. no error).
-   */
-  public AllocationTokenDomainCheckResults checkDomainsWithToken(
-      List<InternetDomainName> domainNames, String token, String registrarId, DateTime now) {
-    // If the token is completely invalid, return the error message for all domain names
-    AllocationToken tokenEntity;
-    try {
-      tokenEntity = loadToken(token);
-    } catch (EppException e) {
-      return new AllocationTokenDomainCheckResults(
-          Optional.empty(), Maps.toMap(domainNames, ignored -> e.getMessage()));
-    }
-
-    // If the token is only invalid for some domain names (e.g. an invalid TLD), include those error
-    // results for only those domain names
-    ImmutableMap.Builder<InternetDomainName, String> resultsBuilder = new ImmutableMap.Builder<>();
-    for (InternetDomainName domainName : domainNames) {
-      try {
-        validateToken(
-            domainName,
-            tokenEntity,
-            CommandName.CREATE,
-            registrarId,
-            isDomainPremium(domainName.toString(), now),
-            now);
-        resultsBuilder.put(domainName, "");
-      } catch (EppException e) {
-        resultsBuilder.put(domainName, e.getMessage());
-      }
-    }
-    return new AllocationTokenDomainCheckResults(Optional.of(tokenEntity), resultsBuilder.build());
-  }
+  private AllocationTokenFlowUtils() {}
 
   /** Redeems a SINGLE_USE {@link AllocationToken}, returning the redeemed copy. */
-  public AllocationToken redeemToken(AllocationToken token, HistoryEntryId redemptionHistoryId) {
+  public static AllocationToken redeemToken(
+      AllocationToken token, HistoryEntryId redemptionHistoryId) {
     checkArgument(
         token.getTokenType().isOneTimeUse(), "Only SINGLE_USE tokens can be marked as redeemed");
     return token.asBuilder().setRedemptionHistoryId(redemptionHistoryId).build();
   }
 
-  /**
-   * Validates a given token. The token could be invalid if it has allowed client IDs or TLDs that
-   * do not include this client ID / TLD, or if the token has a promotion that is not currently
-   * running, or the token is not valid for a premium name when necessary.
-   *
-   * @throws EppException if the token is invalid in any way
-   */
-  public static void validateToken(
-      InternetDomainName domainName,
-      AllocationToken token,
-      CommandName commandName,
-      String registrarId,
-      boolean isPremium,
-      DateTime now)
-      throws EppException {
-
-    // Only tokens with default behavior require validation
-    if (!TokenBehavior.DEFAULT.equals(token.getTokenBehavior())) {
-      return;
-    }
-    validateTokenForPossiblePremiumName(Optional.of(token), isPremium);
-    if (!token.getAllowedEppActions().isEmpty()
-        && !token.getAllowedEppActions().contains(commandName)) {
-      throw new AllocationTokenNotValidForCommandException();
-    }
-    if (!token.getAllowedRegistrarIds().isEmpty()
-        && !token.getAllowedRegistrarIds().contains(registrarId)) {
-      throw new AllocationTokenNotValidForRegistrarException();
-    }
-    if (!token.getAllowedTlds().isEmpty()
-        && !token.getAllowedTlds().contains(domainName.parent().toString())) {
-      throw new AllocationTokenNotValidForTldException();
-    }
-    if (token.getDomainName().isPresent()
-        && !token.getDomainName().get().equals(domainName.toString())) {
-      throw new AllocationTokenNotValidForDomainException();
-    }
-    // Tokens without status transitions will just have a single-entry NOT_STARTED map, so only
-    // check the status transitions map if it's non-trivial.
-    if (token.getTokenStatusTransitions().size() > 1
-        && !TokenStatus.VALID.equals(token.getTokenStatusTransitions().getValueAtTime(now))) {
-      throw new AllocationTokenNotInPromotionException();
-    }
-  }
-
-  /** Validates that the given token is valid for a premium name if the name is premium. */
-  public static void validateTokenForPossiblePremiumName(
-      Optional<AllocationToken> token, boolean isPremium)
-      throws AllocationTokenInvalidForPremiumNameException {
-    if (token.isPresent()
-        && (token.get().getDiscountFraction() != 0.0 || token.get().getDiscountPrice().isPresent())
+  /** Don't apply discounts on premium domains if the token isn't configured that way. */
+  public static boolean discountTokenInvalidForPremiumName(
+      AllocationToken token, boolean isPremium) {
+    return (token.getDiscountFraction() != 0.0 || token.getDiscountPrice().isPresent())
         && isPremium
-        && !token.get().shouldDiscountPremiums()) {
-      throw new AllocationTokenInvalidForPremiumNameException();
-    }
+        && !token.shouldDiscountPremiums();
   }
 
-  /** Loads a given token and validates that it is not redeemed */
-  private static AllocationToken loadToken(String token) throws EppException {
-    if (Strings.isNullOrEmpty(token)) {
-      // We load the token directly from the input XML. If it's null or empty we should throw
-      // an InvalidAllocationTokenException before the database load attempt fails.
-      // See https://tools.ietf.org/html/draft-ietf-regext-allocation-token-04#section-2.1
-      throw new InvalidAllocationTokenException();
-    }
-
-    Optional<AllocationToken> maybeTokenEntity = AllocationToken.maybeGetStaticTokenInstance(token);
-    if (maybeTokenEntity.isPresent()) {
-      return maybeTokenEntity.get();
-    }
-
-    // TODO(b/368069206): `reTransact` needed by tests only.
-    maybeTokenEntity =
-        tm().reTransact(() -> tm().loadByKeyIfPresent(VKey.create(AllocationToken.class, token)));
-
-    if (maybeTokenEntity.isEmpty()) {
-      throw new InvalidAllocationTokenException();
-    }
-    if (maybeTokenEntity.get().isRedeemed()) {
-      throw new AlreadyRedeemedAllocationTokenException();
-    }
-    return maybeTokenEntity.get();
-  }
-
-  /** Verifies and returns the allocation token if one is specified, otherwise does nothing. */
-  public Optional<AllocationToken> verifyAllocationTokenCreateIfPresent(
-      DomainCommand.Create command,
-      Tld tld,
+  /** Loads and verifies the allocation token if one is specified, otherwise does nothing. */
+  public static Optional<AllocationToken> loadAllocationTokenFromExtension(
       String registrarId,
+      String domainName,
       DateTime now,
       Optional<AllocationTokenExtension> extension)
-      throws EppException {
+      throws NonexistentAllocationTokenException, AllocationTokenInvalidException {
     if (extension.isEmpty()) {
       return Optional.empty();
     }
-    AllocationToken tokenEntity = loadToken(extension.get().getAllocationToken());
-    validateToken(
-        InternetDomainName.from(command.getDomainName()),
-        tokenEntity,
-        CommandName.CREATE,
-        registrarId,
-        isDomainPremium(command.getDomainName(), now),
-        now);
-    return Optional.of(tokenEntity);
+    return Optional.of(
+        loadAndValidateToken(extension.get().getAllocationToken(), registrarId, domainName, now));
   }
 
-  /** Verifies and returns the allocation token if one is specified, otherwise does nothing. */
-  public Optional<AllocationToken> verifyAllocationTokenIfPresent(
-      Domain existingDomain,
-      Tld tld,
+  /**
+   * Loads the relevant token, if present, for the given extension + request.
+   *
+   * <p>This may be the allocation token provided in the request, if it is present and valid for the
+   * request. Otherwise, it may be a default allocation token if one is present and valid for the
+   * request.
+   */
+  public static Optional<AllocationToken> loadTokenFromExtensionOrGetDefault(
       String registrarId,
       DateTime now,
-      CommandName commandName,
-      Optional<AllocationTokenExtension> extension)
-      throws EppException {
-    if (extension.isEmpty()) {
-      return Optional.empty();
+      Optional<AllocationTokenExtension> extension,
+      Tld tld,
+      String domainName,
+      CommandName commandName)
+      throws NonexistentAllocationTokenException, AllocationTokenInvalidException {
+    Optional<AllocationToken> fromExtension =
+        loadAllocationTokenFromExtension(registrarId, domainName, now, extension);
+    if (fromExtension.isPresent()
+        && tokenIsValidAgainstDomain(
+            InternetDomainName.from(domainName), fromExtension.get(), commandName, now)) {
+      return fromExtension;
     }
-    AllocationToken tokenEntity = loadToken(extension.get().getAllocationToken());
-    validateToken(
-        InternetDomainName.from(existingDomain.getDomainName()),
-        tokenEntity,
-        commandName,
-        registrarId,
-        isDomainPremium(existingDomain.getDomainName(), now),
-        now);
-    return Optional.of(tokenEntity);
+    return checkForDefaultToken(tld, domainName, commandName, registrarId, now);
   }
 
-  public static void verifyTokenAllowedOnDomain(
+  /** Verifies that the given domain can have a bulk pricing token removed from it. */
+  public static void verifyBulkTokenAllowedOnDomain(
       Domain domain, Optional<AllocationToken> allocationToken) throws EppException {
-
     boolean domainHasBulkToken = domain.getCurrentBulkToken().isPresent();
     boolean hasRemoveBulkPricingToken =
         allocationToken.isPresent()
@@ -239,6 +118,11 @@ public class AllocationTokenFlowUtils {
     }
   }
 
+  /**
+   * Removes the bulk pricing token from the provided domain, if applicable.
+   *
+   * @param allocationToken the (possibly) REMOVE_BULK_PRICING token provided by the client.
+   */
   public static Domain maybeApplyBulkPricingRemovalToken(
       Domain domain, Optional<AllocationToken> allocationToken) {
     if (allocationToken.isEmpty()
@@ -249,7 +133,7 @@ public class AllocationTokenFlowUtils {
     BillingRecurrence newBillingRecurrence =
         tm().loadByKey(domain.getAutorenewBillingEvent())
             .asBuilder()
-            .setRenewalPriceBehavior(RenewalPriceBehavior.DEFAULT)
+            .setRenewalPriceBehavior(BillingBase.RenewalPriceBehavior.DEFAULT)
             .setRenewalPrice(null)
             .build();
 
@@ -267,35 +151,139 @@ public class AllocationTokenFlowUtils {
         .build();
   }
 
+  /**
+   * Checks if the given token is valid for the given request.
+   *
+   * <p>Note that if the token is not valid, that is not a catastrophic error -- we may move on to
+   * trying a different token or skip token usage entirely.
+   */
+  @VisibleForTesting
+  static boolean tokenIsValidAgainstDomain(
+      InternetDomainName domainName, AllocationToken token, CommandName commandName, DateTime now) {
+    if (discountTokenInvalidForPremiumName(token, isDomainPremium(domainName.toString(), now))) {
+      return false;
+    }
+    if (!token.getAllowedEppActions().isEmpty()
+        && !token.getAllowedEppActions().contains(commandName)) {
+      return false;
+    }
+    if (!token.getAllowedTlds().isEmpty()
+        && !token.getAllowedTlds().contains(domainName.parent().toString())) {
+      return false;
+    }
+    return token.getDomainName().isEmpty()
+        || token.getDomainName().get().equals(domainName.toString());
+  }
+
+  /**
+   * Checks if there is a valid default token to be used for a domain create command.
+   *
+   * <p>If there is more than one valid default token for the registration, only the first valid
+   * token found on the TLD's default token list will be returned.
+   */
+  private static Optional<AllocationToken> checkForDefaultToken(
+      Tld tld, String domainName, CommandName commandName, String registrarId, DateTime now) {
+    ImmutableList<VKey<AllocationToken>> tokensFromTld = tld.getDefaultPromoTokens();
+    if (isNullOrEmpty(tokensFromTld)) {
+      return Optional.empty();
+    }
+    Map<VKey<AllocationToken>, Optional<AllocationToken>> tokens =
+        AllocationToken.getAll(tokensFromTld);
+    checkState(
+        !isNullOrEmpty(tokens), "Failure while loading default TLD tokens from the database");
+    // Iterate over the list to maintain token ordering (since we return the first valid token)
+    ImmutableList<AllocationToken> tokenList =
+        tokensFromTld.stream()
+            .map(tokens::get)
+            .filter(Optional::isPresent)
+            .map(Optional::get)
+            .collect(toImmutableList());
+
+    // Check if any of the tokens are valid for this domain registration
+    for (AllocationToken token : tokenList) {
+      try {
+        validateTokenEntity(token, registrarId, domainName, now);
+      } catch (AllocationTokenInvalidException e) {
+        // Token is not valid for this registrar, etc. -- continue trying tokens
+        continue;
+      }
+      if (tokenIsValidAgainstDomain(InternetDomainName.from(domainName), token, commandName, now)) {
+        return Optional.of(token);
+      }
+    }
+    // No valid default token found
+    return Optional.empty();
+  }
+
+  /** Loads a given token and validates it against the registrar, time, etc */
+  private static AllocationToken loadAndValidateToken(
+      String token, String registrarId, String domainName, DateTime now)
+      throws NonexistentAllocationTokenException, AllocationTokenInvalidException {
+    if (Strings.isNullOrEmpty(token)) {
+      // We load the token directly from the input XML. If it's null or empty we should throw
+      // an NonexistentAllocationTokenException before the database load attempt fails.
+      // See https://tools.ietf.org/html/draft-ietf-regext-allocation-token-04#section-2.1
+      throw new NonexistentAllocationTokenException();
+    }
+
+    Optional<AllocationToken> maybeTokenEntity = AllocationToken.maybeGetStaticTokenInstance(token);
+    if (maybeTokenEntity.isPresent()) {
+      return maybeTokenEntity.get();
+    }
+
+    maybeTokenEntity = AllocationToken.get(VKey.create(AllocationToken.class, token));
+    if (maybeTokenEntity.isEmpty()) {
+      throw new NonexistentAllocationTokenException();
+    }
+    AllocationToken tokenEntity = maybeTokenEntity.get();
+    validateTokenEntity(tokenEntity, registrarId, domainName, now);
+    return tokenEntity;
+  }
+
+  private static void validateTokenEntity(
+      AllocationToken token, String registrarId, String domainName, DateTime now)
+      throws AllocationTokenInvalidException {
+    if (token.isRedeemed()) {
+      throw new AlreadyRedeemedAllocationTokenException();
+    }
+    if (!token.getAllowedRegistrarIds().isEmpty()
+        && !token.getAllowedRegistrarIds().contains(registrarId)) {
+      throw new AllocationTokenNotValidForRegistrarException();
+    }
+    // Tokens without status transitions will just have a single-entry NOT_STARTED map, so only
+    // check the status transitions map if it's non-trivial.
+    if (token.getTokenStatusTransitions().size() > 1
+        && !AllocationToken.TokenStatus.VALID.equals(
+            token.getTokenStatusTransitions().getValueAtTime(now))) {
+      throw new AllocationTokenNotInPromotionException();
+    }
+
+    if (token.getDomainName().isPresent() && !token.getDomainName().get().equals(domainName)) {
+      throw new AllocationTokenNotValidForDomainException();
+    }
+  }
+
   // Note: exception messages should be <= 32 characters long for domain check results
 
+  /** The allocation token exists but is not valid, e.g. the wrong registrar. */
+  public abstract static class AllocationTokenInvalidException
+      extends StatusProhibitsOperationException {
+    AllocationTokenInvalidException(String message) {
+      super(message);
+    }
+  }
+
   /** The allocation token is not currently valid. */
   public static class AllocationTokenNotInPromotionException
-      extends StatusProhibitsOperationException {
+      extends AllocationTokenInvalidException {
     AllocationTokenNotInPromotionException() {
       super("Alloc token not in promo period");
     }
   }
 
-  /** The allocation token is not valid for this TLD. */
-  public static class AllocationTokenNotValidForTldException
-      extends AssociationProhibitsOperationException {
-    AllocationTokenNotValidForTldException() {
-      super("Alloc token invalid for TLD");
-    }
-  }
-
-  /** The allocation token is not valid for this domain. */
-  public static class AllocationTokenNotValidForDomainException
-      extends AssociationProhibitsOperationException {
-    AllocationTokenNotValidForDomainException() {
-      super("Alloc token invalid for domain");
-    }
-  }
-
   /** The allocation token is not valid for this registrar. */
   public static class AllocationTokenNotValidForRegistrarException
-      extends AssociationProhibitsOperationException {
+      extends AllocationTokenInvalidException {
     AllocationTokenNotValidForRegistrarException() {
       super("Alloc token invalid for client");
     }
@@ -303,23 +291,23 @@ public class AllocationTokenFlowUtils {
 
   /** The allocation token was already redeemed. */
   public static class AlreadyRedeemedAllocationTokenException
-      extends AssociationProhibitsOperationException {
+      extends AllocationTokenInvalidException {
     AlreadyRedeemedAllocationTokenException() {
       super("Alloc token was already redeemed");
     }
   }
 
-  /** The allocation token is not valid for this EPP command. */
-  public static class AllocationTokenNotValidForCommandException
-      extends AssociationProhibitsOperationException {
-    AllocationTokenNotValidForCommandException() {
-      super("Allocation token not valid for the EPP command");
+  /** The allocation token is not valid for this domain. */
+  public static class AllocationTokenNotValidForDomainException
+      extends AllocationTokenInvalidException {
+    AllocationTokenNotValidForDomainException() {
+      super("Alloc token invalid for domain");
+    }
     }
-  }
 
   /** The allocation token is invalid. */
-  public static class InvalidAllocationTokenException extends AuthorizationErrorException {
-    InvalidAllocationTokenException() {
+  public static class NonexistentAllocationTokenException extends AuthorizationErrorException {
+    NonexistentAllocationTokenException() {
       super("The allocation token is invalid");
     }
   }

core/src/main/java/google/registry/model/console/ConsoleEppActionHistory.java

@@ -1,99 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import google.registry.model.reporting.HistoryEntry;
-import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
-import google.registry.persistence.VKey;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.AttributeOverride;
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.Index;
-import jakarta.persistence.Table;
-
-/**
- * A persisted history object representing an EPP action via the console.
- *
- * <p>In addition to the generic history fields (time, URL, etc.) we also persist a reference to the
- * history entry so that we can refer to it if necessary.
- */
-@Access(AccessType.FIELD)
-@Entity
-@Table(
-    indexes = {
-      @Index(columnList = "historyActingUser"),
-      @Index(columnList = "repoId"),
-      @Index(columnList = "revisionId")
-    })
-public class ConsoleEppActionHistory extends ConsoleUpdateHistory {
-
-  @AttributeOverride(name = "repoId", column = @Column(nullable = false))
-  HistoryEntryId historyEntryId;
-
-  @Column(nullable = false)
-  Class<? extends HistoryEntry> historyEntryClass;
-
-  public HistoryEntryId getHistoryEntryId() {
-    return historyEntryId;
-  }
-
-  public Class<? extends HistoryEntry> getHistoryEntryClass() {
-    return historyEntryClass;
-  }
-
-  /** Creates a {@link VKey} instance for this entity. */
-  @Override
-  public VKey<ConsoleEppActionHistory> createVKey() {
-    return VKey.create(ConsoleEppActionHistory.class, getRevisionId());
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  /** Builder for the immutable UserUpdateHistory. */
-  public static class Builder
-      extends ConsoleUpdateHistory.Builder<ConsoleEppActionHistory, Builder> {
-
-    public Builder() {}
-
-    public Builder(ConsoleEppActionHistory instance) {
-      super(instance);
-    }
-
-    @Override
-    public ConsoleEppActionHistory build() {
-      checkArgumentNotNull(getInstance().historyEntryId, "History entry ID must be specified");
-      checkArgumentNotNull(
-          getInstance().historyEntryClass, "History entry class must be specified");
-      return super.build();
-    }
-
-    public Builder setHistoryEntryId(HistoryEntryId historyEntryId) {
-      getInstance().historyEntryId = historyEntryId;
-      return this;
-    }
-
-    public Builder setHistoryEntryClass(Class<? extends HistoryEntry> historyEntryClass) {
-      getInstance().historyEntryClass = historyEntryClass;
-      return this;
-    }
-  }
-}

core/src/main/java/google/registry/model/console/ConsoleUpdateHistory.java

@@ -1,4 +1,4 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -19,26 +19,87 @@ import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
 import google.registry.model.Buildable;
 import google.registry.model.ImmutableObject;
 import google.registry.model.annotations.IdAllocation;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
+import google.registry.persistence.WithVKey;
 import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
 import jakarta.persistence.EnumType;
 import jakarta.persistence.Enumerated;
 import jakarta.persistence.Id;
+import jakarta.persistence.Index;
 import jakarta.persistence.JoinColumn;
 import jakarta.persistence.ManyToOne;
-import jakarta.persistence.MappedSuperclass;
+import jakarta.persistence.Table;
+import java.util.Optional;
 import org.joda.time.DateTime;
 
-/**
- * A record of a resource that was updated through the console.
- *
- * <p>This abstract class has several subclasses that (mostly) include the modified resource itself
- * so that the entire object history is persisted to SQL.
- */
-@Access(AccessType.FIELD)
-@MappedSuperclass
-public abstract class ConsoleUpdateHistory extends ImmutableObject implements Buildable {
+@Entity
+@WithVKey(Long.class)
+@Table(
+    indexes = {
+      @Index(columnList = "actingUser", name = "idx_console_update_history_acting_user"),
+      @Index(columnList = "type", name = "idx_console_update_history_type"),
+      @Index(columnList = "modificationTime", name = "idx_console_update_history_modification_time")
+    })
+public class ConsoleUpdateHistory extends ImmutableObject implements Buildable {
+
+  @Id @IdAllocation @Column Long revisionId;
+
+  @Column(nullable = false)
+  DateTime modificationTime;
+
+  /** The HTTP method (e.g. POST, PUT) used to make this modification. */
+  @Column(nullable = false)
+  String method;
+
+  /** The type of modification. */
+  @Column(nullable = false)
+  @Enumerated(EnumType.STRING)
+  Type type;
+
+  /** The URL of the action that was used to make the modification. */
+  @Column(nullable = false)
+  String url;
+
+  /** An optional further description of the action. */
+  String description;
+
+  /** The user that performed the modification. */
+  @JoinColumn(name = "actingUser", referencedColumnName = "emailAddress", nullable = false)
+  @ManyToOne
+  User actingUser;
+
+  public Long getRevisionId() {
+    return revisionId;
+  }
+
+  public DateTime getModificationTime() {
+    return modificationTime;
+  }
+
+  public Optional<String> getDescription() {
+    return Optional.ofNullable(description);
+  }
+
+  public String getMethod() {
+    return method;
+  }
+
+  public Type getType() {
+    return type;
+  }
+
+  public String getUrl() {
+    return url;
+  }
+
+  public User getActingUser() {
+    return actingUser;
+  }
+
+  @Override
+  public Builder asBuilder() {
+    return new Builder(clone(this));
+  }
 
   public enum Type {
     DOMAIN_DELETE,
@@ -53,118 +114,51 @@ public abstract class ConsoleUpdateHistory extends ImmutableObject implements Bu
     USER_UPDATE
   }
 
-  /** Autogenerated ID of this event. */
-  @Id
-  @IdAllocation
-  @Column(nullable = false, name = "historyRevisionId")
-  protected Long revisionId;
+  public static class Builder extends Buildable.Builder<ConsoleUpdateHistory> {
+    public Builder() {}
 
-  /** The user that performed the modification. */
-  @JoinColumn(name = "historyActingUser", referencedColumnName = "emailAddress", nullable = false)
-  @ManyToOne
-  User actingUser;
-
-  /** The URL of the action that was used to make the modification. */
-  @Column(nullable = false, name = "historyUrl")
-  String url;
-
-  /** The HTTP method (e.g. POST, PUT) used to make this modification. */
-  @Column(nullable = false, name = "historyMethod")
-  String method;
-
-  /** The raw body of the request that was used to make this modification. */
-  @Column(name = "historyRequestBody")
-  String requestBody;
-
-  /** The time at which the modification was mode. */
-  @Column(nullable = false, name = "historyModificationTime")
-  DateTime modificationTime;
-
-  /** The type of modification. */
-  @Column(nullable = false, name = "historyType")
-  @Enumerated(EnumType.STRING)
-  Type type;
-
-  public long getRevisionId() {
-    return revisionId;
-  }
-
-  public User getActingUser() {
-    return actingUser;
-  }
-
-  public String getUrl() {
-    return url;
-  }
-
-  public String getMethod() {
-    return method;
-  }
-
-  public String getRequestBody() {
-    return requestBody;
-  }
-
-  public DateTime getModificationTime() {
-    return modificationTime;
-  }
-
-  public Type getType() {
-    return type;
-  }
-
-  @Override
-  public abstract Builder<? extends ConsoleUpdateHistory, ?> asBuilder();
-
-  /** Builder for the immutable ConsoleUpdateHistory. */
-  public abstract static class Builder<
-          T extends ConsoleUpdateHistory, B extends ConsoleUpdateHistory.Builder<?, ?>>
-      extends GenericBuilder<T, B> {
-
-    protected Builder() {}
-
-    protected Builder(T instance) {
+    private Builder(ConsoleUpdateHistory instance) {
       super(instance);
     }
 
     @Override
-    public T build() {
+    public ConsoleUpdateHistory build() {
+      checkArgumentNotNull(getInstance().modificationTime, "Modification time must be specified");
       checkArgumentNotNull(getInstance().actingUser, "Acting user must be specified");
       checkArgumentNotNull(getInstance().url, "URL must be specified");
       checkArgumentNotNull(getInstance().method, "HTTP method must be specified");
-      checkArgumentNotNull(getInstance().modificationTime, "modificationTime must be specified");
-      checkArgumentNotNull(getInstance().type, "Console History type must be specified");
+      checkArgumentNotNull(getInstance().type, "ConsoleUpdateHistory type must be specified");
       return super.build();
     }
 
-    public B setActingUser(User actingUser) {
-      getInstance().actingUser = actingUser;
-      return thisCastToDerived();
-    }
-
-    public B setUrl(String url) {
-      getInstance().url = url;
-      return thisCastToDerived();
-    }
-
-    public B setMethod(String method) {
-      getInstance().method = method;
-      return thisCastToDerived();
-    }
-
-    public B setRequestBody(String requestBody) {
-      getInstance().requestBody = requestBody;
-      return thisCastToDerived();
-    }
-
-    public B setModificationTime(DateTime modificationTime) {
+    public Builder setModificationTime(DateTime modificationTime) {
       getInstance().modificationTime = modificationTime;
-      return thisCastToDerived();
+      return this;
     }
 
-    public B setType(Type type) {
+    public Builder setActingUser(User actingUser) {
+      getInstance().actingUser = actingUser;
+      return this;
+    }
+
+    public Builder setUrl(String url) {
+      getInstance().url = url;
+      return this;
+    }
+
+    public Builder setMethod(String method) {
+      getInstance().method = method;
+      return this;
+    }
+
+    public Builder setDescription(String description) {
+      getInstance().description = description;
+      return this;
+    }
+
+    public Builder setType(Type type) {
       getInstance().type = type;
-      return thisCastToDerived();
+      return this;
     }
   }
 }

core/src/main/java/google/registry/model/console/RegistrarPocUpdateHistory.java

@@ -1,99 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
-import google.registry.persistence.VKey;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.Index;
-import jakarta.persistence.PostLoad;
-import jakarta.persistence.Table;
-
-/**
- * A persisted history object representing an update to a RegistrarPoc.
- *
- * <p>In addition to the generic history fields (time, URL, etc.) we also persist a copy of the
- * modified RegistrarPoc object at this point in time.
- */
-@Access(AccessType.FIELD)
-@Entity
-@Table(
-    indexes = {
-      @Index(columnList = "historyActingUser"),
-      @Index(columnList = "emailAddress"),
-      @Index(columnList = "registrarId")
-    })
-public class RegistrarPocUpdateHistory extends ConsoleUpdateHistory {
-
-  RegistrarPocBase registrarPoc;
-
-  // These fields exist so that they can be populated in the SQL table
-  @Column(nullable = false)
-  String emailAddress;
-
-  @Column(nullable = false)
-  String registrarId;
-
-  public RegistrarPocBase getRegistrarPoc() {
-    return registrarPoc;
-  }
-
-  @PostLoad
-  void postLoad() {
-    registrarPoc.setEmailAddress(emailAddress);
-    registrarPoc.setRegistrarId(registrarId);
-  }
-
-  /** Creates a {@link VKey} instance for this entity. */
-  @Override
-  public VKey<RegistrarPocUpdateHistory> createVKey() {
-    return VKey.create(RegistrarPocUpdateHistory.class, getRevisionId());
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  /** Builder for the immutable UserUpdateHistory. */
-  public static class Builder
-      extends ConsoleUpdateHistory.Builder<RegistrarPocUpdateHistory, Builder> {
-
-    public Builder() {}
-
-    public Builder(RegistrarPocUpdateHistory instance) {
-      super(instance);
-    }
-
-    @Override
-    public RegistrarPocUpdateHistory build() {
-      checkArgumentNotNull(getInstance().registrarPoc, "Registrar POC must be specified");
-      return super.build();
-    }
-
-    public Builder setRegistrarPoc(RegistrarPoc registrarPoc) {
-      getInstance().registrarPoc = registrarPoc;
-      getInstance().registrarId = registrarPoc.getRegistrarId();
-      getInstance().emailAddress = registrarPoc.getEmailAddress();
-      return this;
-    }
-  }
-}

core/src/main/java/google/registry/model/console/RegistrarUpdateHistory.java

@@ -1,89 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import google.registry.model.registrar.RegistrarBase;
-import google.registry.persistence.VKey;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.Index;
-import jakarta.persistence.PostLoad;
-import jakarta.persistence.Table;
-
-/**
- * A persisted history object representing an update to a Registrar.
- *
- * <p>In addition to the generic history fields (time, URL, etc.) we also persist a copy of the
- * modified Registrar object at this point in time.
- */
-@Access(AccessType.FIELD)
-@Entity
-@Table(indexes = {@Index(columnList = "historyActingUser"), @Index(columnList = "registrarId")})
-public class RegistrarUpdateHistory extends ConsoleUpdateHistory {
-
-  RegistrarBase registrar;
-
-  // This field exists so that it exists in the SQL table
-  @Column(nullable = false)
-  @SuppressWarnings("unused")
-  private String registrarId;
-
-  public RegistrarBase getRegistrar() {
-    return registrar;
-  }
-
-  @PostLoad
-  void postLoad() {
-    registrar.setRegistrarId(registrarId);
-  }
-
-  /** Creates a {@link VKey} instance for this entity. */
-  @Override
-  public VKey<RegistrarUpdateHistory> createVKey() {
-    return VKey.create(RegistrarUpdateHistory.class, getRevisionId());
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new RegistrarUpdateHistory.Builder(clone(this));
-  }
-
-  /** Builder for the immutable UserUpdateHistory. */
-  public static class Builder
-      extends ConsoleUpdateHistory.Builder<RegistrarUpdateHistory, Builder> {
-
-    public Builder() {}
-
-    public Builder(RegistrarUpdateHistory instance) {
-      super(instance);
-    }
-
-    @Override
-    public RegistrarUpdateHistory build() {
-      checkArgumentNotNull(getInstance().registrar, "Registrar must be specified");
-      return super.build();
-    }
-
-    public Builder setRegistrar(RegistrarBase registrar) {
-      getInstance().registrar = registrar;
-      getInstance().registrarId = registrar.getRegistrarId();
-      return this;
-    }
-  }
-}

core/src/main/java/google/registry/model/console/SimpleConsoleUpdateHistory.java

@@ -1,153 +0,0 @@
-// Copyright 2025 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import google.registry.model.Buildable;
-import google.registry.model.ImmutableObject;
-import google.registry.model.annotations.IdAllocation;
-import google.registry.persistence.WithVKey;
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.EnumType;
-import jakarta.persistence.Enumerated;
-import jakarta.persistence.Id;
-import jakarta.persistence.Index;
-import jakarta.persistence.JoinColumn;
-import jakarta.persistence.ManyToOne;
-import jakarta.persistence.Table;
-import java.util.Optional;
-import org.joda.time.DateTime;
-
-@Entity
-@WithVKey(Long.class)
-@Table(
-    name = "ConsoleUpdateHistory",
-    indexes = {
-      @Index(columnList = "actingUser", name = "idx_console_update_history_acting_user"),
-      @Index(columnList = "type", name = "idx_console_update_history_type"),
-      @Index(columnList = "modificationTime", name = "idx_console_update_history_modification_time")
-    })
-// TODO: rename this to ConsoleUpdateHistory when that class is removed
-public class SimpleConsoleUpdateHistory extends ImmutableObject implements Buildable {
-
-  @Id @IdAllocation @Column Long revisionId;
-
-  @Column(nullable = false)
-  DateTime modificationTime;
-
-  /** The HTTP method (e.g. POST, PUT) used to make this modification. */
-  @Column(nullable = false)
-  String method;
-
-  /** The type of modification. */
-  @Column(nullable = false)
-  @Enumerated(EnumType.STRING)
-  ConsoleUpdateHistory.Type type;
-
-  /** The URL of the action that was used to make the modification. */
-  @Column(nullable = false)
-  String url;
-
-  /** An optional further description of the action. */
-  String description;
-
-  /** The user that performed the modification. */
-  @JoinColumn(name = "actingUser", referencedColumnName = "emailAddress", nullable = false)
-  @ManyToOne
-  User actingUser;
-
-  public Long getRevisionId() {
-    return revisionId;
-  }
-
-  public DateTime getModificationTime() {
-    return modificationTime;
-  }
-
-  public Optional<String> getDescription() {
-    return Optional.ofNullable(description);
-  }
-
-  public String getMethod() {
-    return method;
-  }
-
-  public ConsoleUpdateHistory.Type getType() {
-    return type;
-  }
-
-  public String getUrl() {
-    return url;
-  }
-
-  public User getActingUser() {
-    return actingUser;
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  public static class Builder extends Buildable.Builder<SimpleConsoleUpdateHistory> {
-    public Builder() {}
-
-    private Builder(SimpleConsoleUpdateHistory instance) {
-      super(instance);
-    }
-
-    @Override
-    public SimpleConsoleUpdateHistory build() {
-      checkArgumentNotNull(getInstance().modificationTime, "Modification time must be specified");
-      checkArgumentNotNull(getInstance().actingUser, "Acting user must be specified");
-      checkArgumentNotNull(getInstance().url, "URL must be specified");
-      checkArgumentNotNull(getInstance().method, "HTTP method must be specified");
-      checkArgumentNotNull(getInstance().type, "ConsoleUpdateHistory type must be specified");
-      return super.build();
-    }
-
-    public Builder setModificationTime(DateTime modificationTime) {
-      getInstance().modificationTime = modificationTime;
-      return this;
-    }
-
-    public Builder setActingUser(User actingUser) {
-      getInstance().actingUser = actingUser;
-      return this;
-    }
-
-    public Builder setUrl(String url) {
-      getInstance().url = url;
-      return this;
-    }
-
-    public Builder setMethod(String method) {
-      getInstance().method = method;
-      return this;
-    }
-
-    public Builder setDescription(String description) {
-      getInstance().description = description;
-      return this;
-    }
-
-    public Builder setType(ConsoleUpdateHistory.Type type) {
-      getInstance().type = type;
-      return this;
-    }
-  }
-}

core/src/main/java/google/registry/model/console/User.java

@@ -1,4 +1,4 @@
-// Copyright 2022 The Nomulus Authors. All Rights Reserved.
+// Copyright 2024 The Nomulus Authors. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -15,23 +15,30 @@
 package google.registry.model.console;
 
 import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Strings.isNullOrEmpty;
+import static com.google.common.io.BaseEncoding.base64;
+import static google.registry.model.registrar.Registrar.checkValidEmail;
 import static google.registry.tools.server.UpdateUserGroupAction.GROUP_UPDATE_QUEUE;
+import static google.registry.util.PasswordUtils.SALT_SUPPLIER;
+import static google.registry.util.PasswordUtils.hashPassword;
+import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
 
 import com.google.cloud.tasks.v2.Task;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableMultimap;
 import com.google.common.flogger.FluentLogger;
 import com.google.common.net.MediaType;
+import com.google.gson.annotations.Expose;
 import google.registry.batch.CloudTasksUtils;
-import google.registry.persistence.VKey;
+import google.registry.model.Buildable;
+import google.registry.model.UpdateAutoTimestampEntity;
 import google.registry.request.Action;
 import google.registry.tools.IamClient;
 import google.registry.tools.ServiceConnection;
 import google.registry.tools.server.UpdateUserGroupAction;
-import google.registry.tools.server.UpdateUserGroupAction.Mode;
+import google.registry.util.PasswordUtils;
 import google.registry.util.RegistryEnvironment;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
+import jakarta.persistence.Column;
 import jakarta.persistence.Embeddable;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
@@ -44,11 +51,33 @@ import javax.annotation.Nullable;
 @Embeddable
 @Entity
 @Table
-public class User extends UserBase {
+public class User extends UpdateAutoTimestampEntity implements Buildable {
 
   public static final String IAP_SECURED_WEB_APP_USER_ROLE = "roles/iap.httpsResourceAccessor";
+
+  private static final long serialVersionUID = 6936728603828566721L;
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
 
+  /** Email address of the user in question. */
+  @Id @Expose String emailAddress;
+
+  /** Optional external email address to use for registry lock confirmation emails. */
+  @Column String registryLockEmailAddress;
+
+  /** Roles (which grant permissions) associated with this user. */
+  @Expose
+  @Column(nullable = false)
+  UserRoles userRoles;
+
+  /**
+   * A hashed password that exists iff this contact is registry-lock-enabled. The hash is a base64
+   * encoded SHA256 string.
+   */
+  String registryLockPasswordHash;
+
+  /** Randomly generated hash salt. */
+  String registryLockPasswordSalt;
+
   /**
    * Grants the user permission to pass IAP.
    *
@@ -113,9 +142,13 @@ public class User extends UserBase {
       logger.atInfo().log("Removing %s from group %s", emailAddress, groupEmailAddress.get());
       if (cloudTasksUtils != null) {
         modifyGroupMembershipAsync(
-            emailAddress, groupEmailAddress.get(), cloudTasksUtils, Mode.REMOVE);
+            emailAddress,
+            groupEmailAddress.get(),
+            cloudTasksUtils,
+            UpdateUserGroupAction.Mode.REMOVE);
       } else {
-        modifyGroupMembershipSync(emailAddress, groupEmailAddress.get(), connection, Mode.REMOVE);
+        modifyGroupMembershipSync(
+            emailAddress, groupEmailAddress.get(), connection, UpdateUserGroupAction.Mode.REMOVE);
       }
     }
   }
@@ -124,7 +157,7 @@ public class User extends UserBase {
       String userEmailAddress,
       String groupEmailAddress,
       CloudTasksUtils cloudTasksUtils,
-      Mode mode) {
+      UpdateUserGroupAction.Mode mode) {
     Task task =
         cloudTasksUtils.createTask(
             UpdateUserGroupAction.class,
@@ -140,7 +173,10 @@ public class User extends UserBase {
   }
 
   private static void modifyGroupMembershipSync(
-      String userEmailAddress, String groupEmailAddress, ServiceConnection connection, Mode mode) {
+      String userEmailAddress,
+      String groupEmailAddress,
+      ServiceConnection connection,
+      UpdateUserGroupAction.Mode mode) {
     try {
       connection.sendPostRequest(
           UpdateUserGroupAction.PATH,
@@ -158,30 +194,117 @@ public class User extends UserBase {
     }
   }
 
-  @Id
-  @Override
-  @Access(AccessType.PROPERTY)
+  /**
+   * Sets the user email address.
+   *
+   * <p>This should only be used for restoring an object being loaded in a PostLoad method
+   * (effectively, when it is still under construction by Hibernate). In all other cases, the object
+   * should be regarded as immutable and changes should go through a Builder.
+   *
+   * <p>In addition to this special case use, this method must exist to satisfy Hibernate.
+   */
+  void setEmailAddress(String emailAddress) {
+    this.emailAddress = emailAddress;
+  }
+
   public String getEmailAddress() {
-    return super.getEmailAddress();
+    return emailAddress;
+  }
+
+  public Optional<String> getRegistryLockEmailAddress() {
+    return Optional.ofNullable(registryLockEmailAddress);
+  }
+
+  public UserRoles getUserRoles() {
+    return userRoles;
+  }
+
+  public boolean hasRegistryLockPassword() {
+    return !isNullOrEmpty(registryLockPasswordHash) && !isNullOrEmpty(registryLockPasswordSalt);
+  }
+
+  public boolean verifyRegistryLockPassword(String registryLockPassword) {
+    if (isNullOrEmpty(registryLockPassword)
+        || isNullOrEmpty(registryLockPasswordSalt)
+        || isNullOrEmpty(registryLockPasswordHash)) {
+      return false;
+    }
+    return PasswordUtils.verifyPassword(
+        registryLockPassword, registryLockPasswordHash, registryLockPasswordSalt);
+  }
+
+  /**
+   * Whether the user has the registry lock permission on any registrar or globally.
+   *
+   * <p>If so, they should be allowed to (re)set their registry lock password.
+   */
+  public boolean hasAnyRegistryLockPermission() {
+    if (userRoles == null) {
+      return false;
+    }
+    if (userRoles.isAdmin() || userRoles.hasGlobalPermission(ConsolePermission.REGISTRY_LOCK)) {
+      return true;
+    }
+    return userRoles.getRegistrarRoles().values().stream()
+        .anyMatch(role -> role.hasPermission(ConsolePermission.REGISTRY_LOCK));
   }
 
   @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  @Override
-  public VKey<User> createVKey() {
-    return VKey.create(User.class, getEmailAddress());
+  public Builder<? extends User, ?> asBuilder() {
+    return new Builder<>(clone(this));
   }
 
   /** Builder for constructing immutable {@link User} objects. */
-  public static class Builder extends UserBase.Builder<User, Builder> {
+  public static class Builder<T extends User, B extends Builder<T, B>>
+      extends GenericBuilder<T, B> {
 
     public Builder() {}
 
-    public Builder(User user) {
-      super(user);
+    public Builder(T abstractUser) {
+      super(abstractUser);
+    }
+
+    @Override
+    public T build() {
+      checkArgumentNotNull(getInstance().emailAddress, "Email address cannot be null");
+      checkArgumentNotNull(getInstance().userRoles, "User roles cannot be null");
+      return super.build();
+    }
+
+    public B setEmailAddress(String emailAddress) {
+      getInstance().emailAddress = checkValidEmail(emailAddress);
+      return thisCastToDerived();
+    }
+
+    public B setRegistryLockEmailAddress(@Nullable String registryLockEmailAddress) {
+      getInstance().registryLockEmailAddress =
+          registryLockEmailAddress == null ? null : checkValidEmail(registryLockEmailAddress);
+      return thisCastToDerived();
+    }
+
+    public B setUserRoles(UserRoles userRoles) {
+      checkArgumentNotNull(userRoles, "User roles cannot be null");
+      getInstance().userRoles = userRoles;
+      return thisCastToDerived();
+    }
+
+    public B removeRegistryLockPassword() {
+      getInstance().registryLockPasswordHash = null;
+      getInstance().registryLockPasswordSalt = null;
+      return thisCastToDerived();
+    }
+
+    public B setRegistryLockPassword(String registryLockPassword) {
+      checkArgument(
+          getInstance().hasAnyRegistryLockPermission(), "User has no registry lock permission");
+      checkArgument(
+          !getInstance().hasRegistryLockPassword(), "User already has a password, remove it first");
+      checkArgument(
+          !isNullOrEmpty(registryLockPassword), "Registry lock password was null or empty");
+      byte[] salt = SALT_SUPPLIER.get();
+      getInstance().registryLockPasswordSalt = base64().encode(salt);
+      getInstance().registryLockPasswordHash = hashPassword(registryLockPassword, salt);
+      return thisCastToDerived();
     }
   }
 }

core/src/main/java/google/registry/model/console/UserBase.java

@@ -1,186 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static com.google.common.base.Preconditions.checkArgument;
-import static com.google.common.base.Strings.isNullOrEmpty;
-import static com.google.common.io.BaseEncoding.base64;
-import static google.registry.model.registrar.Registrar.checkValidEmail;
-import static google.registry.util.PasswordUtils.SALT_SUPPLIER;
-import static google.registry.util.PasswordUtils.hashPassword;
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import com.google.gson.annotations.Expose;
-import google.registry.model.Buildable;
-import google.registry.model.UpdateAutoTimestampEntity;
-import google.registry.util.PasswordUtils;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.Column;
-import jakarta.persistence.Embeddable;
-import jakarta.persistence.Id;
-import jakarta.persistence.MappedSuperclass;
-import jakarta.persistence.Transient;
-import java.util.Optional;
-import javax.annotation.Nullable;
-
-/**
- * A console user, either a registry employee or a registrar partner.
- *
- * <p>This class deliberately does not include an {@link Id} so that any foreign-keyed fields can
- * refer to the proper parent entity's ID, whether we're storing this in the DB itself or as part of
- * another entity.
- */
-@Access(AccessType.FIELD)
-@Embeddable
-@MappedSuperclass
-public class UserBase extends UpdateAutoTimestampEntity implements Buildable {
-
-  private static final long serialVersionUID = 6936728603828566721L;
-
-  /** Email address of the user in question. */
-  @Transient @Expose String emailAddress;
-
-  /** Optional external email address to use for registry lock confirmation emails. */
-  @Column String registryLockEmailAddress;
-
-  /** Roles (which grant permissions) associated with this user. */
-  @Expose
-  @Column(nullable = false)
-  UserRoles userRoles;
-
-  /**
-   * A hashed password that exists iff this contact is registry-lock-enabled. The hash is a base64
-   * encoded SHA256 string.
-   */
-  String registryLockPasswordHash;
-
-  /** Randomly generated hash salt. */
-  String registryLockPasswordSalt;
-
-  /**
-   * Sets the user email address.
-   *
-   * <p>This should only be used for restoring an object being loaded in a PostLoad method
-   * (effectively, when it is still under construction by Hibernate). In all other cases, the object
-   * should be regarded as immutable and changes should go through a Builder.
-   *
-   * <p>In addition to this special case use, this method must exist to satisfy Hibernate.
-   */
-  void setEmailAddress(String emailAddress) {
-    this.emailAddress = emailAddress;
-  }
-
-  public String getEmailAddress() {
-    return emailAddress;
-  }
-
-  public Optional<String> getRegistryLockEmailAddress() {
-    return Optional.ofNullable(registryLockEmailAddress);
-  }
-
-  public UserRoles getUserRoles() {
-    return userRoles;
-  }
-
-  public boolean hasRegistryLockPassword() {
-    return !isNullOrEmpty(registryLockPasswordHash) && !isNullOrEmpty(registryLockPasswordSalt);
-  }
-
-  public boolean verifyRegistryLockPassword(String registryLockPassword) {
-    if (isNullOrEmpty(registryLockPassword)
-        || isNullOrEmpty(registryLockPasswordSalt)
-        || isNullOrEmpty(registryLockPasswordHash)) {
-      return false;
-    }
-    return PasswordUtils.verifyPassword(
-        registryLockPassword, registryLockPasswordHash, registryLockPasswordSalt);
-  }
-
-  /**
-   * Whether the user has the registry lock permission on any registrar or globally.
-   *
-   * <p>If so, they should be allowed to (re)set their registry lock password.
-   */
-  public boolean hasAnyRegistryLockPermission() {
-    if (userRoles == null) {
-      return false;
-    }
-    if (userRoles.isAdmin() || userRoles.hasGlobalPermission(ConsolePermission.REGISTRY_LOCK)) {
-      return true;
-    }
-    return userRoles.getRegistrarRoles().values().stream()
-        .anyMatch(role -> role.hasPermission(ConsolePermission.REGISTRY_LOCK));
-  }
-
-  @Override
-  public Builder<? extends UserBase, ?> asBuilder() {
-    return new Builder<>(clone(this));
-  }
-
-  /** Builder for constructing immutable {@link UserBase} objects. */
-  public static class Builder<T extends UserBase, B extends Builder<T, B>>
-      extends GenericBuilder<T, B> {
-
-    public Builder() {}
-
-    public Builder(T abstractUser) {
-      super(abstractUser);
-    }
-
-    @Override
-    public T build() {
-      checkArgumentNotNull(getInstance().emailAddress, "Email address cannot be null");
-      checkArgumentNotNull(getInstance().userRoles, "User roles cannot be null");
-      return super.build();
-    }
-
-    public B setEmailAddress(String emailAddress) {
-      getInstance().emailAddress = checkValidEmail(emailAddress);
-      return thisCastToDerived();
-    }
-
-    public B setRegistryLockEmailAddress(@Nullable String registryLockEmailAddress) {
-      getInstance().registryLockEmailAddress =
-          registryLockEmailAddress == null ? null : checkValidEmail(registryLockEmailAddress);
-      return thisCastToDerived();
-    }
-
-    public B setUserRoles(UserRoles userRoles) {
-      checkArgumentNotNull(userRoles, "User roles cannot be null");
-      getInstance().userRoles = userRoles;
-      return thisCastToDerived();
-    }
-
-    public B removeRegistryLockPassword() {
-      getInstance().registryLockPasswordHash = null;
-      getInstance().registryLockPasswordSalt = null;
-      return thisCastToDerived();
-    }
-
-    public B setRegistryLockPassword(String registryLockPassword) {
-      checkArgument(
-          getInstance().hasAnyRegistryLockPermission(), "User has no registry lock permission");
-      checkArgument(
-          !getInstance().hasRegistryLockPassword(), "User already has a password, remove it first");
-      checkArgument(
-          !isNullOrEmpty(registryLockPassword), "Registry lock password was null or empty");
-      byte[] salt = SALT_SUPPLIER.get();
-      getInstance().registryLockPasswordSalt = base64().encode(salt);
-      getInstance().registryLockPasswordHash = hashPassword(registryLockPassword, salt);
-      return thisCastToDerived();
-    }
-  }
-}

core/src/main/java/google/registry/model/console/UserUpdateHistory.java

@@ -1,85 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
-
-import google.registry.persistence.VKey;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.Index;
-import jakarta.persistence.PostLoad;
-import jakarta.persistence.Table;
-
-/**
- * A persisted history object representing an update to a User.
- *
- * <p>In addition to the generic history fields (time, URL, etc.) we also persist a copy of the
- * modified User object at this point in time.
- */
-@Access(AccessType.FIELD)
-@Entity
-@Table(indexes = {@Index(columnList = "historyActingUser"), @Index(columnList = "emailAddress")})
-public class UserUpdateHistory extends ConsoleUpdateHistory {
-
-  UserBase user;
-
-  @Column(nullable = false, name = "emailAddress")
-  String emailAddress;
-
-  public UserBase getUser() {
-    return user;
-  }
-
-  @PostLoad
-  void postLoad() {
-    user.setEmailAddress(emailAddress);
-  }
-
-  /** Creates a {@link VKey} instance for this entity. */
-  @Override
-  public VKey<UserUpdateHistory> createVKey() {
-    return VKey.create(UserUpdateHistory.class, getRevisionId());
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  /** Builder for the immutable UserUpdateHistory. */
-  public static class Builder extends ConsoleUpdateHistory.Builder<UserUpdateHistory, Builder> {
-
-    public Builder() {}
-
-    public Builder(UserUpdateHistory instance) {
-      super(instance);
-    }
-
-    @Override
-    public UserUpdateHistory build() {
-      checkArgumentNotNull(getInstance().user, "User must be specified");
-      return super.build();
-    }
-
-    public Builder setUser(User user) {
-      getInstance().user = user;
-      getInstance().emailAddress = user.getEmailAddress();
-      return this;
-    }
-  }
-}

core/src/main/java/google/registry/model/registrar/RegistrarPoc.java

@@ -1,4 +1,4 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+// Copyright 2024 The Nomulus Authors. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -14,17 +14,40 @@
 
 package google.registry.model.registrar;
 
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+import static com.google.common.base.Strings.isNullOrEmpty;
+import static com.google.common.collect.ImmutableSet.toImmutableSet;
+import static com.google.common.io.BaseEncoding.base64;
+import static google.registry.model.registrar.Registrar.checkValidEmail;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
+import static google.registry.util.CollectionUtils.nullToEmptyImmutableSortedCopy;
+import static google.registry.util.PasswordUtils.SALT_SUPPLIER;
+import static google.registry.util.PasswordUtils.hashPassword;
+import static java.util.stream.Collectors.joining;
 
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.ImmutableSortedSet;
+import com.google.gson.annotations.Expose;
+import google.registry.model.Buildable.GenericBuilder;
 import google.registry.model.ImmutableObject;
-import google.registry.model.registrar.RegistrarPoc.RegistrarPocId;
+import google.registry.model.JsonMapBuilder;
+import google.registry.model.Jsonifiable;
+import google.registry.model.UnsafeSerializable;
 import google.registry.persistence.VKey;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
+import google.registry.util.PasswordUtils;
+import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
 import jakarta.persistence.Id;
 import jakarta.persistence.IdClass;
 import java.io.Serializable;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+import javax.annotation.Nullable;
 
 /**
  * A contact for a Registrar. Note, equality, hashCode and comparable have been overridden to only
@@ -35,21 +58,244 @@ import java.io.Serializable;
  * set to true.
  */
 @Entity
-@IdClass(RegistrarPocId.class)
-@Access(AccessType.FIELD)
-public class RegistrarPoc extends RegistrarPocBase {
+@IdClass(RegistrarPoc.RegistrarPocId.class)
+public class RegistrarPoc extends ImmutableObject implements Jsonifiable, UnsafeSerializable {
+  /**
+   * Registrar contacts types for partner communication tracking.
+   *
+   * <p><b>Note:</b> These types only matter to the registry. They are not meant to be used for
+   * WHOIS or RDAP results.
+   */
+  public enum Type {
+    ABUSE("abuse", true),
+    ADMIN("primary", true),
+    BILLING("billing", true),
+    LEGAL("legal", true),
+    MARKETING("marketing", false),
+    TECH("technical", true),
+    WHOIS("whois-inquiry", true);
+
+    private final String displayName;
+
+    private final boolean required;
+
+    public String getDisplayName() {
+      return displayName;
+    }
+
+    public boolean isRequired() {
+      return required;
+    }
+
+    Type(String display, boolean required) {
+      displayName = display;
+      this.required = required;
+    }
+  }
+
+  /** The name of the contact. */
+  @Expose String name;
+
+  /** The contact email address of the contact. */
+  @Id @Expose String emailAddress;
+
+  @Id @Expose public String registrarId;
+
+  /** External email address of this contact used for registry lock confirmations. */
+  String registryLockEmailAddress;
+
+  /** The voice number of the contact. */
+  @Expose String phoneNumber;
+
+  /** The fax number of the contact. */
+  @Expose String faxNumber;
+
+  /**
+   * Multiple types are used to associate the registrar contact with various mailing groups. This
+   * data is internal to the registry.
+   */
+  @Enumerated(EnumType.STRING)
+  @Expose
+  Set<Type> types;
+
+  /**
+   * Whether this contact is publicly visible in WHOIS registrar query results as an Admin contact.
+   */
+  @Column(nullable = false)
+  @Expose
+  boolean visibleInWhoisAsAdmin = false;
+
+  /**
+   * Whether this contact is publicly visible in WHOIS registrar query results as a Technical
+   * contact.
+   */
+  @Column(nullable = false)
+  @Expose
+  boolean visibleInWhoisAsTech = false;
+
+  /**
+   * Whether this contact's phone number and email address is publicly visible in WHOIS domain query
+   * results as registrar abuse contact info.
+   */
+  @Column(nullable = false)
+  @Expose
+  boolean visibleInDomainWhoisAsAbuse = false;
+
+  /**
+   * Whether the contact is allowed to set their registry lock password through the registrar
+   * console. This will be set to false on contact creation and when the user sets a password.
+   */
+  @Column(nullable = false)
+  boolean allowedToSetRegistryLockPassword = false;
+
+  /**
+   * A hashed password that exists iff this contact is registry-lock-enabled. The hash is a base64
+   * encoded SHA256 string.
+   */
+  String registryLockPasswordHash;
+
+  /** Randomly generated hash salt. */
+  String registryLockPasswordSalt;
+
+  /**
+   * Helper to update the contacts associated with a Registrar. This requires querying for the
+   * existing contacts, deleting existing contacts that are not part of the given {@code contacts}
+   * set, and then saving the given {@code contacts}.
+   *
+   * <p>IMPORTANT NOTE: If you call this method then it is your responsibility to also persist the
+   * relevant Registrar entity with the {@link Registrar#contactsRequireSyncing} field set to true.
+   */
+  public static void updateContacts(
+      final Registrar registrar, final ImmutableSet<RegistrarPoc> contacts) {
+    ImmutableSet<String> emailAddressesToKeep =
+        contacts.stream().map(RegistrarPoc::getEmailAddress).collect(toImmutableSet());
+    tm().query(
+            "DELETE FROM RegistrarPoc WHERE registrarId = :registrarId AND "
+                + "emailAddress NOT IN :emailAddressesToKeep")
+        .setParameter("registrarId", registrar.getRegistrarId())
+        .setParameter("emailAddressesToKeep", emailAddressesToKeep)
+        .executeUpdate();
+
+    tm().putAll(contacts);
+  }
+
+  public String getName() {
+    return name;
+  }
 
-  @Id
-  @Access(AccessType.PROPERTY)
-  @Override
   public String getEmailAddress() {
     return emailAddress;
   }
 
-  @Id
-  @Access(AccessType.PROPERTY)
-  public String getRegistrarId() {
-    return registrarId;
+  public Optional<String> getRegistryLockEmailAddress() {
+    return Optional.ofNullable(registryLockEmailAddress);
+  }
+
+  public String getPhoneNumber() {
+    return phoneNumber;
+  }
+
+  public String getFaxNumber() {
+    return faxNumber;
+  }
+
+  public ImmutableSortedSet<Type> getTypes() {
+    return nullToEmptyImmutableSortedCopy(types);
+  }
+
+  public boolean getVisibleInWhoisAsAdmin() {
+    return visibleInWhoisAsAdmin;
+  }
+
+  public boolean getVisibleInWhoisAsTech() {
+    return visibleInWhoisAsTech;
+  }
+
+  public boolean getVisibleInDomainWhoisAsAbuse() {
+    return visibleInDomainWhoisAsAbuse;
+  }
+
+  public Builder<? extends RegistrarPoc, ?> asBuilder() {
+    return new Builder<>(clone(this));
+  }
+
+  public boolean isAllowedToSetRegistryLockPassword() {
+    return allowedToSetRegistryLockPassword;
+  }
+
+  public boolean isRegistryLockAllowed() {
+    return !isNullOrEmpty(registryLockPasswordHash) && !isNullOrEmpty(registryLockPasswordSalt);
+  }
+
+  public boolean verifyRegistryLockPassword(String registryLockPassword) {
+    if (isNullOrEmpty(registryLockPassword)
+        || isNullOrEmpty(registryLockPasswordSalt)
+        || isNullOrEmpty(registryLockPasswordHash)) {
+      return false;
+    }
+    return PasswordUtils.verifyPassword(
+        registryLockPassword, registryLockPasswordHash, registryLockPasswordSalt);
+  }
+
+  /**
+   * Returns a string representation that's human friendly.
+   *
+   * <p>The output will look something like this:
+   *
+   * <pre>{@code
+   * Some Person
+   * person@example.com
+   * Tel: +1.2125650666
+   * Types: [ADMIN, WHOIS]
+   * Visible in WHOIS as Admin contact: Yes
+   * Visible in WHOIS as Technical contact: No
+   * Registrar-Console access: Yes
+   * Login Email Address: person@registry.example
+   * }</pre>
+   */
+  public String toStringMultilinePlainText() {
+    StringBuilder result = new StringBuilder(256);
+    result.append(getName()).append('\n');
+    result.append(getEmailAddress()).append('\n');
+    if (phoneNumber != null) {
+      result.append("Tel: ").append(getPhoneNumber()).append('\n');
+    }
+    if (faxNumber != null) {
+      result.append("Fax: ").append(getFaxNumber()).append('\n');
+    }
+    result.append("Types: ").append(getTypes()).append('\n');
+    result
+        .append("Visible in registrar WHOIS query as Admin contact: ")
+        .append(getVisibleInWhoisAsAdmin() ? "Yes" : "No")
+        .append('\n');
+    result
+        .append("Visible in registrar WHOIS query as Technical contact: ")
+        .append(getVisibleInWhoisAsTech() ? "Yes" : "No")
+        .append('\n');
+    result
+        .append(
+            "Phone number and email visible in domain WHOIS query as "
+                + "Registrar Abuse contact info: ")
+        .append(getVisibleInDomainWhoisAsAbuse() ? "Yes" : "No")
+        .append('\n');
+    return result.toString();
+  }
+
+  @Override
+  public Map<String, Object> toJsonMap() {
+    return new JsonMapBuilder()
+        .put("name", name)
+        .put("emailAddress", emailAddress)
+        .put("registryLockEmailAddress", registryLockEmailAddress)
+        .put("phoneNumber", phoneNumber)
+        .put("faxNumber", faxNumber)
+        .put("types", getTypes().stream().map(Object::toString).collect(joining(",")))
+        .put("visibleInWhoisAsAdmin", visibleInWhoisAsAdmin)
+        .put("visibleInWhoisAsTech", visibleInWhoisAsTech)
+        .put("visibleInDomainWhoisAsAbuse", visibleInDomainWhoisAsAbuse)
+        .put("allowedToSetRegistryLockPassword", allowedToSetRegistryLockPassword)
+        .put("registryLockAllowed", isRegistryLockAllowed())
+        .build();
   }
 
   @Override
@@ -57,9 +303,124 @@ public class RegistrarPoc extends RegistrarPocBase {
     return VKey.create(RegistrarPoc.class, new RegistrarPocId(emailAddress, registrarId));
   }
 
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
+  /**
+   * These methods set the email address and registrar ID
+   *
+   * <p>This should only be used for restoring the fields of an object being loaded in a PostLoad
+   * method (effectively, when it is still under construction by Hibernate). In all other cases, the
+   * object should be regarded as immutable and changes should go through a Builder.
+   *
+   * <p>In addition to this special case use, this method must exist to satisfy Hibernate.
+   */
+  public void setEmailAddress(String emailAddress) {
+    this.emailAddress = emailAddress;
+  }
+
+  public void setRegistrarId(String registrarId) {
+    this.registrarId = registrarId;
+  }
+
+  /** A builder for constructing a {@link RegistrarPoc}, since it is immutable. */
+  public static class Builder<T extends RegistrarPoc, B extends Builder<T, B>>
+      extends GenericBuilder<T, B> {
+    public Builder() {}
+
+    protected Builder(T instance) {
+      super(instance);
+    }
+
+    /** Build the registrar, nullifying empty fields. */
+    @Override
+    public T build() {
+      checkNotNull(getInstance().registrarId, "Registrar ID cannot be null");
+      checkValidEmail(getInstance().emailAddress);
+      // Check allowedToSetRegistryLockPassword here because if we want to allow the user to set
+      // a registry lock password, we must also set up the correct registry lock email concurrently
+      // or beforehand.
+      if (getInstance().allowedToSetRegistryLockPassword) {
+        checkArgument(
+            !isNullOrEmpty(getInstance().registryLockEmailAddress),
+            "Registry lock email must not be null if allowing registry lock access");
+      }
+      return cloneEmptyToNull(super.build());
+    }
+
+    public B setName(String name) {
+      getInstance().name = name;
+      return thisCastToDerived();
+    }
+
+    public B setEmailAddress(String emailAddress) {
+      getInstance().emailAddress = emailAddress;
+      return thisCastToDerived();
+    }
+
+    public B setRegistryLockEmailAddress(@Nullable String registryLockEmailAddress) {
+      getInstance().registryLockEmailAddress = registryLockEmailAddress;
+      return thisCastToDerived();
+    }
+
+    public B setPhoneNumber(String phoneNumber) {
+      getInstance().phoneNumber = phoneNumber;
+      return thisCastToDerived();
+    }
+
+    public B setRegistrarId(String registrarId) {
+      getInstance().registrarId = registrarId;
+      return thisCastToDerived();
+    }
+
+    public B setRegistrar(Registrar registrar) {
+      getInstance().registrarId = registrar.getRegistrarId();
+      return thisCastToDerived();
+    }
+
+    public B setFaxNumber(String faxNumber) {
+      getInstance().faxNumber = faxNumber;
+      return thisCastToDerived();
+    }
+
+    public B setTypes(Iterable<Type> types) {
+      getInstance().types = ImmutableSet.copyOf(types);
+      return thisCastToDerived();
+    }
+
+    public B setVisibleInWhoisAsAdmin(boolean visible) {
+      getInstance().visibleInWhoisAsAdmin = visible;
+      return thisCastToDerived();
+    }
+
+    public B setVisibleInWhoisAsTech(boolean visible) {
+      getInstance().visibleInWhoisAsTech = visible;
+      return thisCastToDerived();
+    }
+
+    public B setVisibleInDomainWhoisAsAbuse(boolean visible) {
+      getInstance().visibleInDomainWhoisAsAbuse = visible;
+      return thisCastToDerived();
+    }
+
+    public B setAllowedToSetRegistryLockPassword(boolean allowedToSetRegistryLockPassword) {
+      if (allowedToSetRegistryLockPassword) {
+        getInstance().registryLockPasswordSalt = null;
+        getInstance().registryLockPasswordHash = null;
+      }
+      getInstance().allowedToSetRegistryLockPassword = allowedToSetRegistryLockPassword;
+      return thisCastToDerived();
+    }
+
+    public B setRegistryLockPassword(String registryLockPassword) {
+      checkArgument(
+          getInstance().allowedToSetRegistryLockPassword,
+          "Not allowed to set registry lock password for this contact");
+      checkArgument(
+          !isNullOrEmpty(registryLockPassword), "Registry lock password was null or empty");
+      byte[] salt = SALT_SUPPLIER.get();
+      getInstance().registryLockPasswordSalt = base64().encode(salt);
+      getInstance().registryLockPasswordHash = hashPassword(registryLockPassword, salt);
+      getInstance().allowedToSetRegistryLockPassword = false;
+      return thisCastToDerived();
+    }
   }
 
   /** Class to represent the composite primary key for {@link RegistrarPoc} entity. */
@@ -90,13 +451,4 @@ public class RegistrarPoc extends RegistrarPocBase {
       return registrarId;
     }
   }
-
-  public static class Builder extends RegistrarPocBase.Builder<RegistrarPoc, Builder> {
-
-    public Builder() {}
-
-    public Builder(RegistrarPoc registrarPoc) {
-      super(registrarPoc);
-    }
-  }
 }

core/src/main/java/google/registry/model/registrar/RegistrarPocBase.java

@@ -1,425 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.registrar;
-
-import static com.google.common.base.Preconditions.checkArgument;
-import static com.google.common.base.Preconditions.checkNotNull;
-import static com.google.common.base.Strings.isNullOrEmpty;
-import static com.google.common.collect.ImmutableSet.toImmutableSet;
-import static com.google.common.io.BaseEncoding.base64;
-import static google.registry.model.registrar.RegistrarBase.checkValidEmail;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static google.registry.util.CollectionUtils.nullToEmptyImmutableSortedCopy;
-import static google.registry.util.PasswordUtils.SALT_SUPPLIER;
-import static google.registry.util.PasswordUtils.hashPassword;
-import static java.util.stream.Collectors.joining;
-
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.ImmutableSortedSet;
-import com.google.gson.annotations.Expose;
-import google.registry.model.Buildable.GenericBuilder;
-import google.registry.model.ImmutableObject;
-import google.registry.model.JsonMapBuilder;
-import google.registry.model.Jsonifiable;
-import google.registry.model.UnsafeSerializable;
-import google.registry.util.PasswordUtils;
-import jakarta.persistence.Access;
-import jakarta.persistence.AccessType;
-import jakarta.persistence.Column;
-import jakarta.persistence.Embeddable;
-import jakarta.persistence.EnumType;
-import jakarta.persistence.Enumerated;
-import jakarta.persistence.Id;
-import jakarta.persistence.MappedSuperclass;
-import jakarta.persistence.Transient;
-import java.util.Map;
-import java.util.Optional;
-import java.util.Set;
-import javax.annotation.Nullable;
-
-/**
- * A contact for a Registrar. Note, equality, hashCode and comparable have been overridden to only
- * enable key equality.
- *
- * <p>IMPORTANT NOTE: Any time that you change, update, or delete RegistrarContact entities, you
- * *MUST* also modify the persisted Registrar entity with {@link Registrar#contactsRequireSyncing}
- * set to true.
- *
- * <p>This class deliberately does not include an {@link Id} so that any foreign-keyed fields can
- * refer to the proper parent entity's ID, whether we're storing this in the DB itself or as part of
- * another entity.
- */
-@Access(AccessType.FIELD)
-@Embeddable
-@MappedSuperclass
-public class RegistrarPocBase extends ImmutableObject implements Jsonifiable, UnsafeSerializable {
-  /**
-   * Registrar contacts types for partner communication tracking.
-   *
-   * <p><b>Note:</b> These types only matter to the registry. They are not meant to be used for
-   * WHOIS or RDAP results.
-   */
-  public enum Type {
-    ABUSE("abuse", true),
-    ADMIN("primary", true),
-    BILLING("billing", true),
-    LEGAL("legal", true),
-    MARKETING("marketing", false),
-    TECH("technical", true),
-    WHOIS("whois-inquiry", true);
-
-    private final String displayName;
-
-    private final boolean required;
-
-    public String getDisplayName() {
-      return displayName;
-    }
-
-    public boolean isRequired() {
-      return required;
-    }
-
-    Type(String display, boolean required) {
-      displayName = display;
-      this.required = required;
-    }
-  }
-
-  /** The name of the contact. */
-  @Expose String name;
-
-  /** The contact email address of the contact. */
-  @Expose @Transient String emailAddress;
-
-  @Expose @Transient public String registrarId;
-
-  /** External email address of this contact used for registry lock confirmations. */
-  String registryLockEmailAddress;
-
-  /** The voice number of the contact. */
-  @Expose String phoneNumber;
-
-  /** The fax number of the contact. */
-  @Expose String faxNumber;
-
-  /**
-   * Multiple types are used to associate the registrar contact with various mailing groups. This
-   * data is internal to the registry.
-   */
-  @Enumerated(EnumType.STRING)
-  @Expose
-  Set<Type> types;
-
-  /**
-   * Whether this contact is publicly visible in WHOIS registrar query results as an Admin contact.
-   */
-  @Column(nullable = false)
-  @Expose
-  boolean visibleInWhoisAsAdmin = false;
-
-  /**
-   * Whether this contact is publicly visible in WHOIS registrar query results as a Technical
-   * contact.
-   */
-  @Column(nullable = false)
-  @Expose
-  boolean visibleInWhoisAsTech = false;
-
-  /**
-   * Whether this contact's phone number and email address is publicly visible in WHOIS domain query
-   * results as registrar abuse contact info.
-   */
-  @Column(nullable = false)
-  @Expose
-  boolean visibleInDomainWhoisAsAbuse = false;
-
-  /**
-   * Whether the contact is allowed to set their registry lock password through the registrar
-   * console. This will be set to false on contact creation and when the user sets a password.
-   */
-  @Column(nullable = false)
-  boolean allowedToSetRegistryLockPassword = false;
-
-  /**
-   * A hashed password that exists iff this contact is registry-lock-enabled. The hash is a base64
-   * encoded SHA256 string.
-   */
-  String registryLockPasswordHash;
-
-  /** Randomly generated hash salt. */
-  String registryLockPasswordSalt;
-
-  /**
-   * Helper to update the contacts associated with a Registrar. This requires querying for the
-   * existing contacts, deleting existing contacts that are not part of the given {@code contacts}
-   * set, and then saving the given {@code contacts}.
-   *
-   * <p>IMPORTANT NOTE: If you call this method then it is your responsibility to also persist the
-   * relevant Registrar entity with the {@link Registrar#contactsRequireSyncing} field set to true.
-   */
-  public static void updateContacts(
-      final Registrar registrar, final ImmutableSet<RegistrarPoc> contacts) {
-    ImmutableSet<String> emailAddressesToKeep =
-        contacts.stream().map(RegistrarPoc::getEmailAddress).collect(toImmutableSet());
-    tm().query(
-            "DELETE FROM RegistrarPoc WHERE registrarId = :registrarId AND "
-                + "emailAddress NOT IN :emailAddressesToKeep")
-        .setParameter("registrarId", registrar.getRegistrarId())
-        .setParameter("emailAddressesToKeep", emailAddressesToKeep)
-        .executeUpdate();
-
-    tm().putAll(contacts);
-  }
-
-  public String getName() {
-    return name;
-  }
-
-  public String getEmailAddress() {
-    return emailAddress;
-  }
-
-  public Optional<String> getRegistryLockEmailAddress() {
-    return Optional.ofNullable(registryLockEmailAddress);
-  }
-
-  public String getPhoneNumber() {
-    return phoneNumber;
-  }
-
-  public String getFaxNumber() {
-    return faxNumber;
-  }
-
-  public ImmutableSortedSet<Type> getTypes() {
-    return nullToEmptyImmutableSortedCopy(types);
-  }
-
-  public boolean getVisibleInWhoisAsAdmin() {
-    return visibleInWhoisAsAdmin;
-  }
-
-  public boolean getVisibleInWhoisAsTech() {
-    return visibleInWhoisAsTech;
-  }
-
-  public boolean getVisibleInDomainWhoisAsAbuse() {
-    return visibleInDomainWhoisAsAbuse;
-  }
-
-  public Builder<? extends RegistrarPocBase, ?> asBuilder() {
-    return new Builder<>(clone(this));
-  }
-
-  public boolean isAllowedToSetRegistryLockPassword() {
-    return allowedToSetRegistryLockPassword;
-  }
-
-  public boolean isRegistryLockAllowed() {
-    return !isNullOrEmpty(registryLockPasswordHash) && !isNullOrEmpty(registryLockPasswordSalt);
-  }
-
-  public boolean verifyRegistryLockPassword(String registryLockPassword) {
-    if (isNullOrEmpty(registryLockPassword)
-        || isNullOrEmpty(registryLockPasswordSalt)
-        || isNullOrEmpty(registryLockPasswordHash)) {
-      return false;
-    }
-    return PasswordUtils.verifyPassword(
-        registryLockPassword, registryLockPasswordHash, registryLockPasswordSalt);
-  }
-
-  /**
-   * Returns a string representation that's human friendly.
-   *
-   * <p>The output will look something like this:
-   *
-   * <pre>{@code
-   * Some Person
-   * person@example.com
-   * Tel: +1.2125650666
-   * Types: [ADMIN, WHOIS]
-   * Visible in WHOIS as Admin contact: Yes
-   * Visible in WHOIS as Technical contact: No
-   * Registrar-Console access: Yes
-   * Login Email Address: person@registry.example
-   * }</pre>
-   */
-  public String toStringMultilinePlainText() {
-    StringBuilder result = new StringBuilder(256);
-    result.append(getName()).append('\n');
-    result.append(getEmailAddress()).append('\n');
-    if (phoneNumber != null) {
-      result.append("Tel: ").append(getPhoneNumber()).append('\n');
-    }
-    if (faxNumber != null) {
-      result.append("Fax: ").append(getFaxNumber()).append('\n');
-    }
-    result.append("Types: ").append(getTypes()).append('\n');
-    result
-        .append("Visible in registrar WHOIS query as Admin contact: ")
-        .append(getVisibleInWhoisAsAdmin() ? "Yes" : "No")
-        .append('\n');
-    result
-        .append("Visible in registrar WHOIS query as Technical contact: ")
-        .append(getVisibleInWhoisAsTech() ? "Yes" : "No")
-        .append('\n');
-    result
-        .append(
-            "Phone number and email visible in domain WHOIS query as "
-                + "Registrar Abuse contact info: ")
-        .append(getVisibleInDomainWhoisAsAbuse() ? "Yes" : "No")
-        .append('\n');
-    return result.toString();
-  }
-
-  @Override
-  public Map<String, Object> toJsonMap() {
-    return new JsonMapBuilder()
-        .put("name", name)
-        .put("emailAddress", emailAddress)
-        .put("registryLockEmailAddress", registryLockEmailAddress)
-        .put("phoneNumber", phoneNumber)
-        .put("faxNumber", faxNumber)
-        .put("types", getTypes().stream().map(Object::toString).collect(joining(",")))
-        .put("visibleInWhoisAsAdmin", visibleInWhoisAsAdmin)
-        .put("visibleInWhoisAsTech", visibleInWhoisAsTech)
-        .put("visibleInDomainWhoisAsAbuse", visibleInDomainWhoisAsAbuse)
-        .put("allowedToSetRegistryLockPassword", allowedToSetRegistryLockPassword)
-        .put("registryLockAllowed", isRegistryLockAllowed())
-        .build();
-  }
-
-  /**
-   * These methods set the email address and registrar ID
-   *
-   * <p>This should only be used for restoring the fields of an object being loaded in a PostLoad
-   * method (effectively, when it is still under construction by Hibernate). In all other cases, the
-   * object should be regarded as immutable and changes should go through a Builder.
-   *
-   * <p>In addition to this special case use, this method must exist to satisfy Hibernate.
-   */
-  public void setEmailAddress(String emailAddress) {
-    this.emailAddress = emailAddress;
-  }
-
-  public void setRegistrarId(String registrarId) {
-    this.registrarId = registrarId;
-  }
-
-  /** A builder for constructing a {@link RegistrarPoc}, since it is immutable. */
-  public static class Builder<T extends RegistrarPocBase, B extends Builder<T, B>>
-      extends GenericBuilder<T, B> {
-    public Builder() {}
-
-    protected Builder(T instance) {
-      super(instance);
-    }
-
-    /** Build the registrar, nullifying empty fields. */
-    @Override
-    public T build() {
-      checkNotNull(getInstance().registrarId, "Registrar ID cannot be null");
-      checkValidEmail(getInstance().emailAddress);
-      // Check allowedToSetRegistryLockPassword here because if we want to allow the user to set
-      // a registry lock password, we must also set up the correct registry lock email concurrently
-      // or beforehand.
-      if (getInstance().allowedToSetRegistryLockPassword) {
-        checkArgument(
-            !isNullOrEmpty(getInstance().registryLockEmailAddress),
-            "Registry lock email must not be null if allowing registry lock access");
-      }
-      return cloneEmptyToNull(super.build());
-    }
-
-    public B setName(String name) {
-      getInstance().name = name;
-      return thisCastToDerived();
-    }
-
-    public B setEmailAddress(String emailAddress) {
-      getInstance().emailAddress = emailAddress;
-      return thisCastToDerived();
-    }
-
-    public B setRegistryLockEmailAddress(@Nullable String registryLockEmailAddress) {
-      getInstance().registryLockEmailAddress = registryLockEmailAddress;
-      return thisCastToDerived();
-    }
-
-    public B setPhoneNumber(String phoneNumber) {
-      getInstance().phoneNumber = phoneNumber;
-      return thisCastToDerived();
-    }
-
-    public B setRegistrarId(String registrarId) {
-      getInstance().registrarId = registrarId;
-      return thisCastToDerived();
-    }
-
-    public B setRegistrar(Registrar registrar) {
-      getInstance().registrarId = registrar.getRegistrarId();
-      return thisCastToDerived();
-    }
-
-    public B setFaxNumber(String faxNumber) {
-      getInstance().faxNumber = faxNumber;
-      return thisCastToDerived();
-    }
-
-    public B setTypes(Iterable<Type> types) {
-      getInstance().types = ImmutableSet.copyOf(types);
-      return thisCastToDerived();
-    }
-
-    public B setVisibleInWhoisAsAdmin(boolean visible) {
-      getInstance().visibleInWhoisAsAdmin = visible;
-      return thisCastToDerived();
-    }
-
-    public B setVisibleInWhoisAsTech(boolean visible) {
-      getInstance().visibleInWhoisAsTech = visible;
-      return thisCastToDerived();
-    }
-
-    public B setVisibleInDomainWhoisAsAbuse(boolean visible) {
-      getInstance().visibleInDomainWhoisAsAbuse = visible;
-      return thisCastToDerived();
-    }
-
-    public B setAllowedToSetRegistryLockPassword(boolean allowedToSetRegistryLockPassword) {
-      if (allowedToSetRegistryLockPassword) {
-        getInstance().registryLockPasswordSalt = null;
-        getInstance().registryLockPasswordHash = null;
-      }
-      getInstance().allowedToSetRegistryLockPassword = allowedToSetRegistryLockPassword;
-      return thisCastToDerived();
-    }
-
-    public B setRegistryLockPassword(String registryLockPassword) {
-      checkArgument(
-          getInstance().allowedToSetRegistryLockPassword,
-          "Not allowed to set registry lock password for this contact");
-      checkArgument(
-          !isNullOrEmpty(registryLockPassword), "Registry lock password was null or empty");
-      byte[] salt = SALT_SUPPLIER.get();
-      getInstance().registryLockPasswordSalt = base64().encode(salt);
-      getInstance().registryLockPasswordHash = hashPassword(registryLockPassword, salt);
-      getInstance().allowedToSetRegistryLockPassword = false;
-      return thisCastToDerived();
-    }
-  }
-}

core/src/main/java/google/registry/persistence/transaction/JpaTransactionManagerImpl.java

@@ -276,10 +276,6 @@ public class JpaTransactionManagerImpl implements JpaTransactionManager {
       }
       T result = work.call();
       txn.commit();
-      long duration = clock.nowUtc().getMillis() - txnInfo.transactionTime.getMillis();
-      if (duration >= 100) {
-        logger.atInfo().log("Transaction duration: %d milliseconds", duration);
-      }
       return result;
     } catch (Throwable e) {
       // Catch a Throwable here so even Errors would lead to a rollback.

core/src/main/java/google/registry/rde/RegistrarToXjcConverter.java

@@ -19,9 +19,8 @@ import static com.google.common.base.Preconditions.checkState;
 
 import com.google.common.collect.ImmutableMap;
 import google.registry.model.registrar.Registrar;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.registrar.RegistrarAddress;
-import google.registry.model.registrar.RegistrarBase;
-import google.registry.model.registrar.RegistrarBase.State;
 import google.registry.xjc.contact.XjcContactE164Type;
 import google.registry.xjc.rderegistrar.XjcRdeRegistrar;
 import google.registry.xjc.rderegistrar.XjcRdeRegistrarAddrType;
@@ -41,7 +40,7 @@ final class RegistrarToXjcConverter {
   private static final String UNKNOWN_CC = "US";
 
   /** A conversion map between internal Registrar states and external RDE states. */
-  private static final ImmutableMap<RegistrarBase.State, XjcRdeRegistrarStatusType>
+  private static final ImmutableMap<Registrar.State, XjcRdeRegistrarStatusType>
       REGISTRAR_STATUS_CONVERSIONS =
           ImmutableMap.of(
               State.ACTIVE, XjcRdeRegistrarStatusType.OK,

core/src/main/java/google/registry/request/auth/AuthenticatedRegistrarAccessor.java

@@ -27,7 +27,7 @@ import google.registry.config.RegistryConfig.Config;
 import google.registry.groups.GroupsConnection;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import jakarta.inject.Inject;
 import java.util.Optional;
 import javax.annotation.concurrent.Immutable;

core/src/main/java/google/registry/tools/CreateDomainCommand.java

@@ -16,6 +16,7 @@ package google.registry.tools;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Strings.isNullOrEmpty;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.pricing.PricingEngineProxy.getPricesForDomainName;
 import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
 import static org.joda.time.DateTimeZone.UTC;
@@ -23,6 +24,7 @@ import static org.joda.time.DateTimeZone.UTC;
 import com.beust.jcommander.Parameter;
 import com.beust.jcommander.Parameters;
 import com.google.template.soy.data.SoyMapData;
+import google.registry.model.common.FeatureFlag;
 import google.registry.model.pricing.PremiumPricingEngine.DomainPrices;
 import google.registry.tools.soy.DomainCreateSoyInfo;
 import google.registry.util.StringGenerator;
@@ -58,9 +60,15 @@ final class CreateDomainCommand extends CreateOrUpdateDomainCommand {
 
   @Override
   protected void initMutatingEppToolCommand() {
-    checkArgumentNotNull(registrant, "Registrant must be specified");
-    checkArgument(!admins.isEmpty(), "At least one admin must be specified");
-    checkArgument(!techs.isEmpty(), "At least one tech must be specified");
+    tm().transact(
+            () -> {
+              if (!FeatureFlag.isActiveNowOrElse(
+                  FeatureFlag.FeatureName.MINIMUM_DATASET_CONTACTS_OPTIONAL, false)) {
+                checkArgumentNotNull(registrant, "Registrant must be specified");
+                checkArgument(!admins.isEmpty(), "At least one admin must be specified");
+                checkArgument(!techs.isEmpty(), "At least one tech must be specified");
+              }
+            });
     if (isNullOrEmpty(password)) {
       password = passwordGenerator.createString(PASSWORD_LENGTH);
     }

core/src/main/java/google/registry/tools/CreateOrUpdateRegistrarCommand.java

@@ -30,7 +30,6 @@ import com.google.common.collect.ImmutableSet;
 import google.registry.flows.certs.CertificateChecker;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
-import google.registry.model.registrar.RegistrarBase;
 import google.registry.tools.params.KeyValueMapParameter.CurrencyUnitToStringMap;
 import google.registry.tools.params.OptionalLongParameter;
 import google.registry.tools.params.OptionalPhoneNumberParameter;
@@ -61,11 +60,11 @@ abstract class CreateOrUpdateRegistrarCommand extends MutatingCommand {
   List<String> mainParameters;
 
   @Parameter(names = "--registrar_type", description = "Type of the registrar")
-  RegistrarBase.Type registrarType;
+  Registrar.Type registrarType;
 
   @Nullable
   @Parameter(names = "--registrar_state", description = "Initial state of the registrar")
-  RegistrarBase.State registrarState;
+  Registrar.State registrarState;
 
   @Parameter(
       names = "--allowed_tlds",

core/src/main/java/google/registry/tools/CreateRegistrarCommand.java

@@ -18,7 +18,7 @@ import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkState;
 import static com.google.common.base.Strings.emptyToNull;
 import static com.google.common.collect.Iterables.getOnlyElement;
-import static google.registry.model.registrar.RegistrarBase.State.ACTIVE;
+import static google.registry.model.registrar.Registrar.State.ACTIVE;
 import static google.registry.tools.RegistryToolEnvironment.PRODUCTION;
 import static google.registry.tools.RegistryToolEnvironment.SANDBOX;
 import static google.registry.tools.RegistryToolEnvironment.UNITTEST;

core/src/main/java/google/registry/tools/RegistrarPocCommand.java

@@ -29,7 +29,6 @@ import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.tools.params.OptionalPhoneNumberParameter;
 import google.registry.tools.params.PathParameter;
 import google.registry.tools.params.StringListParameter;
@@ -153,7 +152,7 @@ final class RegistrarPocCommand extends MutatingCommand {
   private static final ImmutableSet<Mode> MODES_REQUIRING_CONTACT_SYNC =
       ImmutableSet.of(Mode.CREATE, Mode.UPDATE, Mode.DELETE);
 
-  @Nullable private ImmutableSet<RegistrarPocBase.Type> contactTypes;
+  @Nullable private ImmutableSet<RegistrarPoc.Type> contactTypes;
 
   @Override
   protected void init() throws Exception {
@@ -169,7 +168,7 @@ final class RegistrarPocCommand extends MutatingCommand {
     } else {
       contactTypes =
           contactTypeNames.stream()
-              .map(Enums.stringConverter(RegistrarPocBase.Type.class))
+              .map(Enums.stringConverter(RegistrarPoc.Type.class))
               .collect(toImmutableSet());
     }
     ImmutableSet<RegistrarPoc> contacts = registrar.getContacts();

core/src/main/java/google/registry/tools/server/CreateGroupsAction.java

@@ -24,7 +24,7 @@ import google.registry.config.RegistryConfig.Config;
 import google.registry.groups.GroupsConnection;
 import google.registry.groups.GroupsConnection.Role;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarPocBase;
+import google.registry.model.registrar.RegistrarPoc;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
 import google.registry.request.HttpException.BadRequestException;
@@ -65,7 +65,7 @@ public class CreateGroupsAction implements Runnable {
     if (registrar == null) {
       return;
     }
-    List<RegistrarPocBase.Type> types = asList(RegistrarPocBase.Type.values());
+    List<RegistrarPoc.Type> types = asList(RegistrarPoc.Type.values());
     // Concurrently create the groups for each RegistrarContact.Type, collecting the results from
     // each call (which are either an Exception if it failed, or absent() if it succeeded).
     List<Optional<Exception>> results =

core/src/main/java/google/registry/ui/server/RegistrarFormFields.java

@@ -29,7 +29,6 @@ import com.google.re2j.Pattern;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.ui.forms.FormException;
 import google.registry.ui.forms.FormField;
 import google.registry.ui.forms.FormFieldException;
@@ -201,10 +200,10 @@ public final class RegistrarFormFields {
   public static final FormField<String, String> CONTACT_REGISTRY_LOCK_PASSWORD_FIELD =
       FormFields.NAME.asBuilderNamed("registryLockPassword").build();
 
-  public static final FormField<String, Set<RegistrarPocBase.Type>> CONTACT_TYPES =
+  public static final FormField<String, Set<RegistrarPoc.Type>> CONTACT_TYPES =
       FormField.named("types")
           .uppercased()
-          .asEnum(RegistrarPocBase.Type.class)
+          .asEnum(RegistrarPoc.Type.class)
           .asSet(Splitter.on(',').omitEmptyStrings().trimResults())
           .build();
 

core/src/main/java/google/registry/ui/server/console/ConsoleApiAction.java

@@ -37,11 +37,10 @@ import google.registry.batch.CloudTasksUtils;
 import google.registry.config.RegistryConfig;
 import google.registry.export.sheet.SyncRegistrarsSheetAction;
 import google.registry.model.console.ConsolePermission;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
+import google.registry.model.console.ConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.request.HttpException;
 import google.registry.security.XsrfTokenManager;
 import google.registry.util.DiffUtils;
@@ -218,7 +217,7 @@ public abstract class ConsoleApiAction implements Runnable {
                 consoleApiParams.authResult().userIdForLogging(),
                 DiffUtils.prettyPrintDiffedMap(diffs, null)),
             contacts.stream()
-                .filter(c -> c.getTypes().contains(RegistrarPocBase.Type.ADMIN))
+                .filter(c -> c.getTypes().contains(RegistrarPoc.Type.ADMIN))
                 .map(RegistrarPoc::getEmailAddress)
                 .collect(toImmutableList()));
   }
@@ -262,7 +261,7 @@ public abstract class ConsoleApiAction implements Runnable {
     }
   }
 
-  protected void finishAndPersistConsoleUpdateHistory(SimpleConsoleUpdateHistory.Builder builder) {
+  protected void finishAndPersistConsoleUpdateHistory(ConsoleUpdateHistory.Builder builder) {
     builder.setActingUser(consoleApiParams.authResult().user().get());
     builder.setUrl(consoleApiParams.request().getRequestURI());
     builder.setMethod(consoleApiParams.request().getMethod());

core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java

@@ -28,7 +28,6 @@ import com.google.gson.annotations.Expose;
 import google.registry.flows.EppException.AuthenticationErrorException;
 import google.registry.flows.PasswordOnlyTransportCredentials;
 import google.registry.model.console.ConsoleUpdateHistory;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
@@ -108,7 +107,7 @@ public class ConsoleEppPasswordAction extends ConsoleApiAction {
                   registrar.asBuilder().setPassword(eppRequestBody.newPassword()).build();
               tm().put(updatedRegistrar);
               finishAndPersistConsoleUpdateHistory(
-                  new SimpleConsoleUpdateHistory.Builder()
+                  new ConsoleUpdateHistory.Builder()
                       .setType(ConsoleUpdateHistory.Type.EPP_PASSWORD_UPDATE)
                       .setDescription(registrar.getRegistrarId()));
               sendExternalUpdates(

core/src/main/java/google/registry/ui/server/console/ConsoleOteAction.java

@@ -35,7 +35,6 @@ import google.registry.model.OteStats.StatType;
 import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase;
 import google.registry.request.Action;
 import google.registry.request.Action.GkeService;
 import google.registry.request.Parameter;
@@ -140,7 +139,7 @@ public class ConsoleOteAction extends ConsoleApiAction {
                     SC_BAD_REQUEST);
                 return;
               }
-              if (!RegistrarBase.Type.OTE.equals(registrar.get().getType())) {
+              if (!Registrar.Type.OTE.equals(registrar.get().getType())) {
                 setFailedResponse(
                     String.format("Registrar with ID %s is not an OT&E registrar", registrarId),
                     SC_BAD_REQUEST);

core/src/main/java/google/registry/ui/server/console/ConsoleUpdateRegistrarAction.java

@@ -17,6 +17,7 @@ package google.registry.ui.server.console;
 import static com.google.common.base.Preconditions.checkArgument;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.request.Action.Method.POST;
+import static google.registry.util.DateTimeUtils.START_OF_TIME;
 import static google.registry.util.PreconditionsUtils.checkArgumentPresent;
 import static org.apache.http.HttpStatus.SC_OK;
 
@@ -24,7 +25,6 @@ import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.ConsoleUpdateHistory;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
@@ -38,6 +38,7 @@ import google.registry.util.RegistryEnvironment;
 import jakarta.inject.Inject;
 import java.util.Optional;
 import java.util.stream.Collectors;
+import org.joda.time.DateTime;
 
 @Action(
     service = GaeService.DEFAULT,
@@ -89,20 +90,38 @@ public class ConsoleUpdateRegistrarAction extends ConsoleApiAction {
                 }
               }
 
-              Registrar updatedRegistrar =
+              DateTime now = tm().getTransactionTime();
+              DateTime newLastPocVerificationDate =
+                  registrarParam.getLastPocVerificationDate() == null
+                      ? START_OF_TIME
+                      : registrarParam.getLastPocVerificationDate();
+
+              checkArgument(
+                  newLastPocVerificationDate.isBefore(now),
+                  "Invalid value of LastPocVerificationDate - value is in the future");
+
+              var updatedRegistrarBuilder =
                   existingRegistrar
                       .get()
                       .asBuilder()
-                      .setAllowedTlds(
-                          registrarParam.getAllowedTlds().stream()
-                              .map(DomainNameUtils::canonicalizeHostname)
-                              .collect(Collectors.toSet()))
-                      .setRegistryLockAllowed(registrarParam.isRegistryLockAllowed())
-                      .build();
+                      .setLastPocVerificationDate(newLastPocVerificationDate);
 
+              if (user.getUserRoles()
+                  .hasGlobalPermission(ConsolePermission.EDIT_REGISTRAR_DETAILS)) {
+                updatedRegistrarBuilder =
+                    updatedRegistrarBuilder
+                        .setAllowedTlds(
+                            registrarParam.getAllowedTlds().stream()
+                                .map(DomainNameUtils::canonicalizeHostname)
+                                .collect(Collectors.toSet()))
+                        .setRegistryLockAllowed(registrarParam.isRegistryLockAllowed())
+                        .setLastPocVerificationDate(newLastPocVerificationDate);
+              }
+
+              var updatedRegistrar = updatedRegistrarBuilder.build();
               tm().put(updatedRegistrar);
               finishAndPersistConsoleUpdateHistory(
-                  new SimpleConsoleUpdateHistory.Builder()
+                  new ConsoleUpdateHistory.Builder()
                       .setType(ConsoleUpdateHistory.Type.REGISTRAR_UPDATE)
                       .setDescription(updatedRegistrar.getRegistrarId()));
               sendExternalUpdatesIfNecessary(

core/src/main/java/google/registry/ui/server/console/ConsoleUsersAction.java

@@ -165,7 +165,7 @@ public class ConsoleUsersAction extends ConsoleApiAction {
     User updatedUser = updateUserRegistrarRoles(email, registrarId, null);
 
     // User has no registrars assigned
-    if (updatedUser.getUserRoles().getRegistrarRoles().size() == 0) {
+    if (updatedUser.getUserRoles().getRegistrarRoles().isEmpty()) {
       try {
         directory.users().delete(email).execute();
       } catch (IOException e) {

core/src/main/java/google/registry/ui/server/console/RegistrarsAction.java

@@ -28,11 +28,9 @@ import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Streams;
 import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.ConsoleUpdateHistory;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.registrar.RegistrarPoc;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
@@ -55,8 +53,8 @@ import java.util.Optional;
 public class RegistrarsAction extends ConsoleApiAction {
   private static final int PASSWORD_LENGTH = 16;
   private static final int PASSCODE_LENGTH = 5;
-  private static final ImmutableList<RegistrarBase.Type> allowedRegistrarTypes =
-      ImmutableList.of(Registrar.Type.REAL, RegistrarBase.Type.OTE);
+  private static final ImmutableList<Registrar.Type> allowedRegistrarTypes =
+      ImmutableList.of(Registrar.Type.REAL, Registrar.Type.OTE);
   private static final String SQL_TEMPLATE =
       """
             SELECT * FROM "Registrar"
@@ -174,7 +172,7 @@ public class RegistrarsAction extends ConsoleApiAction {
                   registrar.getRegistrarId());
               tm().putAll(registrar, contact);
               finishAndPersistConsoleUpdateHistory(
-                  new SimpleConsoleUpdateHistory.Builder()
+                  new ConsoleUpdateHistory.Builder()
                       .setType(ConsoleUpdateHistory.Type.REGISTRAR_CREATE)
                       .setDescription(registrar.getRegistrarId()));
             });

core/src/main/java/google/registry/ui/server/console/domains/ConsoleBulkDomainAction.java

@@ -26,7 +26,7 @@ import google.registry.flows.EppController;
 import google.registry.flows.EppRequestSource;
 import google.registry.flows.PasswordOnlyTransportCredentials;
 import google.registry.flows.StatelessRequestSessionMetadata;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
+import google.registry.model.console.ConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.eppcommon.ProtocolDefinition;
 import google.registry.model.eppoutput.EppOutput;
@@ -113,7 +113,7 @@ public class ConsoleBulkDomainAction extends ConsoleApiAction {
                     .forEach(
                         e ->
                             finishAndPersistConsoleUpdateHistory(
-                                new SimpleConsoleUpdateHistory.Builder()
+                                new ConsoleUpdateHistory.Builder()
                                     .setDescription(e.getKey())
                                     .setType(actionType.getConsoleUpdateHistoryType()))));
   }

core/src/main/java/google/registry/ui/server/console/settings/ContactAction.java

@@ -32,7 +32,7 @@ import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase.Type;
+import google.registry.model.registrar.RegistrarPoc.Type;
 import google.registry.persistence.transaction.QueryComposer.Comparator;
 import google.registry.request.Action;
 import google.registry.request.Action.GaeService;
@@ -169,6 +169,7 @@ public class ContactAction extends ConsoleApiAction {
         throw new ContactRequirementException(t);
       }
     }
+    enforcePrimaryContactRestrictions(oldContactsByType, newContactsByType);
     ensurePhoneNumberNotRemovedForContactTypes(oldContactsByType, newContactsByType, Type.TECH);
     Optional<RegistrarPoc> domainWhoisAbuseContact =
         getDomainWhoisVisibleAbuseContact(updatedContacts);
@@ -187,6 +188,23 @@ public class ContactAction extends ConsoleApiAction {
     checkContactRegistryLockRequirements(existingContacts, updatedContacts);
   }
 
+  private static void enforcePrimaryContactRestrictions(
+      Multimap<Type, RegistrarPoc> oldContactsByType,
+      Multimap<Type, RegistrarPoc> newContactsByType) {
+    ImmutableSet<String> oldAdminEmails =
+        oldContactsByType.get(Type.ADMIN).stream()
+            .map(RegistrarPoc::getEmailAddress)
+            .collect(toImmutableSet());
+    ImmutableSet<String> newAdminEmails =
+        newContactsByType.get(Type.ADMIN).stream()
+            .map(RegistrarPoc::getEmailAddress)
+            .collect(toImmutableSet());
+    if (!newAdminEmails.containsAll(oldAdminEmails)) {
+      throw new ContactRequirementException(
+          "Cannot remove or change the email address of primary contacts");
+    }
+  }
+
   private static void checkContactRegistryLockRequirements(
       ImmutableSet<RegistrarPoc> existingContacts, ImmutableSet<RegistrarPoc> updatedContacts) {
     // Any contact(s) with new passwords must be allowed to set them

core/src/main/java/google/registry/ui/server/console/settings/RdapRegistrarFieldsAction.java

@@ -22,7 +22,6 @@ import static jakarta.servlet.http.HttpServletResponse.SC_OK;
 
 import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.ConsoleUpdateHistory;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
@@ -93,7 +92,7 @@ public class RdapRegistrarFieldsAction extends ConsoleApiAction {
             .build();
     tm().put(newRegistrar);
     finishAndPersistConsoleUpdateHistory(
-        new SimpleConsoleUpdateHistory.Builder()
+        new ConsoleUpdateHistory.Builder()
             .setType(ConsoleUpdateHistory.Type.REGISTRAR_UPDATE)
             .setDescription(newRegistrar.getRegistrarId()));
     sendExternalUpdatesIfNecessary(

core/src/main/java/google/registry/ui/server/console/settings/SecurityAction.java

@@ -26,7 +26,6 @@ import google.registry.flows.certs.CertificateChecker;
 import google.registry.flows.certs.CertificateChecker.InsecureCertificateException;
 import google.registry.model.console.ConsolePermission;
 import google.registry.model.console.ConsoleUpdateHistory;
-import google.registry.model.console.SimpleConsoleUpdateHistory;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
@@ -120,7 +119,7 @@ public class SecurityAction extends ConsoleApiAction {
     Registrar updatedRegistrar = updatedRegistrarBuilder.build();
     tm().put(updatedRegistrar);
     finishAndPersistConsoleUpdateHistory(
-        new SimpleConsoleUpdateHistory.Builder()
+        new ConsoleUpdateHistory.Builder()
             .setType(ConsoleUpdateHistory.Type.REGISTRAR_SECURITY_UPDATE)
             .setDescription(registrarId));
 

core/src/main/resources/META-INF/persistence.xml

@@ -47,12 +47,8 @@
     <class>google.registry.model.billing.BillingRecurrence</class>
     <class>google.registry.model.common.Cursor</class>
     <class>google.registry.model.common.DnsRefreshRequest</class>
-    <class>google.registry.model.console.ConsoleEppActionHistory</class>
-    <class>google.registry.model.console.RegistrarPocUpdateHistory</class>
-    <class>google.registry.model.console.RegistrarUpdateHistory</class>
-    <class>google.registry.model.console.SimpleConsoleUpdateHistory</class>
+    <class>google.registry.model.console.ConsoleUpdateHistory</class>
     <class>google.registry.model.console.User</class>
-    <class>google.registry.model.console.UserUpdateHistory</class>
     <class>google.registry.model.contact.ContactHistory</class>
     <class>google.registry.model.contact.Contact</class>
     <class>google.registry.model.domain.Domain</class>

core/src/main/resources/google/registry/tools/soy/DomainCreate.soy

@@ -20,9 +20,9 @@
   {@param domain: string}
   {@param period: int}
   {@param nameservers: list<string>}
-  {@param registrant: string}
-  {@param admins: list<string>}
-  {@param techs: list<string>}
+  {@param? registrant: string|null}
+  {@param? admins: list<string>|null}
+  {@param? techs: list<string>|null}
   {@param password: string}
   {@param? currency: string|null}
   {@param? price: string|null}
@@ -45,13 +45,19 @@
               {/for}
             </domain:ns>
           {/if}
-          <domain:registrant>{$registrant}</domain:registrant>
-          {for $admin in $admins}
-            <domain:contact type="admin">{$admin}</domain:contact>
-          {/for}
-          {for $tech in $techs}
-            <domain:contact type="tech">{$tech}</domain:contact>
-          {/for}
+          {if $registrant != null}
+            <domain:registrant>{$registrant}</domain:registrant>
+          {/if}
+          {if $admins != null}
+            {for $admin in $admins}
+              <domain:contact type="admin">{$admin}</domain:contact>
+            {/for}
+          {/if}
+          {if $techs != null}
+            {for $tech in $techs}
+              <domain:contact type="tech">{$tech}</domain:contact>
+            {/for}
+          {/if}
           <domain:authInfo>
             <domain:pw>{$password}</domain:pw>
           </domain:authInfo>

core/src/test/java/google/registry/batch/SendExpiringCertificateNotificationEmailActionTest.java

@@ -36,8 +36,7 @@ import google.registry.groups.GmailClient;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
-import google.registry.model.registrar.RegistrarPocBase.Type;
+import google.registry.model.registrar.RegistrarPoc.Type;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.testing.FakeClock;
@@ -57,13 +56,13 @@ class SendExpiringCertificateNotificationEmailActionTest {
 
   private static final String EXPIRATION_WARNING_EMAIL_BODY_TEXT =
       """
-           Dear %1$s,
+       Dear %1$s,
 
-          We would like to inform you that your %2$s certificate will expire at %3$s.
-           Kind update your account using the following steps:
-            1. Navigate to support and login using your %4$s@registry.example credentials.
-            2. Click Settings -> Privacy on the top left corner.
-            3. Click Edit and enter certificate string.  3. Click SaveRegards,Example Registry""";
+      We would like to inform you that your %2$s certificate will expire at %3$s.
+       Kind update your account using the following steps:
+        1. Navigate to support and login using your %4$s@registry.example credentials.
+        2. Click Settings -> Privacy on the top left corner.
+        3. Click Edit and enter certificate string.  3. Click SaveRegards,Example Registry""";
 
   private static final String EXPIRATION_WARNING_EMAIL_SUBJECT_TEXT = "Expiration Warning Email";
 
@@ -220,7 +219,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("will@example-registrar.tld")
                 .setPhoneNumber("+1.3105551213")
                 .setFaxNumber("+1.3105551213")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .setVisibleInWhoisAsAdmin(true)
                 .setVisibleInWhoisAsTech(false)
                 .build());
@@ -510,7 +509,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("jd@example-registrar.tld")
                 .setPhoneNumber("+1.3105551213")
                 .setFaxNumber("+1.3105551213")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .setVisibleInWhoisAsAdmin(true)
                 .setVisibleInWhoisAsTech(false)
                 .build(),
@@ -520,7 +519,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("js@example-registrar.tld")
                 .setPhoneNumber("+1.1111111111")
                 .setFaxNumber("+1.1111111111")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .build(),
             new RegistrarPoc.Builder()
                 .setRegistrar(registrar)
@@ -528,7 +527,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("will@example-registrar.tld")
                 .setPhoneNumber("+1.3105551213")
                 .setFaxNumber("+1.3105551213")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .setVisibleInWhoisAsAdmin(true)
                 .setVisibleInWhoisAsTech(false)
                 .build(),
@@ -538,7 +537,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("mike@example-registrar.tld")
                 .setPhoneNumber("+1.1111111111")
                 .setFaxNumber("+1.1111111111")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
                 .build(),
             new RegistrarPoc.Builder()
                 .setRegistrar(registrar)
@@ -546,7 +545,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
                 .setEmailAddress("john@example-registrar.tld")
                 .setPhoneNumber("+1.3105551215")
                 .setFaxNumber("+1.3105551216")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
                 .setVisibleInWhoisAsTech(true)
                 .build());
     persistSimpleResources(contacts);
@@ -700,7 +699,7 @@ class SendExpiringCertificateNotificationEmailActionTest {
 
   /** Returns persisted sample contacts with a customized contact email type. */
   private static ImmutableList<RegistrarPoc> persistSampleContacts(
-      Registrar registrar, RegistrarPocBase.Type emailType) {
+      Registrar registrar, RegistrarPoc.Type emailType) {
     return persistSimpleResources(
         ImmutableList.of(
             new RegistrarPoc.Builder()

core/src/test/java/google/registry/beam/billing/BillingEventTest.java

@@ -85,7 +85,7 @@ class BillingEventTest {
     assertThat(invoiceKey.startDate()).isEqualTo("2017-10-01");
     assertThat(invoiceKey.endDate()).isEqualTo("2022-09-30");
     assertThat(invoiceKey.productAccountKey()).isEqualTo("12345-CRRHELLO");
-    assertThat(invoiceKey.usageGroupingKey()).isEqualTo("myRegistrar");
+    assertThat(invoiceKey.usageGroupingKey()).isEqualTo("");
     assertThat(invoiceKey.description()).isEqualTo("RENEW | TLD: test | TERM: 5-year");
     assertThat(invoiceKey.unitPrice()).isEqualTo(20.5);
     assertThat(invoiceKey.unitPriceCurrency()).isEqualTo("USD");
@@ -106,7 +106,7 @@ class BillingEventTest {
     assertThat(invoiceKey.toCsv(3L))
         .isEqualTo(
             "2017-10-01,2022-09-30,12345-CRRHELLO,61.50,USD,10125,1,PURCHASE,"
-                + "myRegistrar,3,RENEW | TLD: test | TERM: 5-year,20.50,USD,");
+                + ",3,RENEW | TLD: test | TERM: 5-year,20.50,USD,");
   }
 
   @Test
@@ -116,7 +116,7 @@ class BillingEventTest {
     assertThat(invoiceKey.toCsv(3L))
         .isEqualTo(
             "2017-10-01,,12345-CRRHELLO,61.50,USD,10125,1,PURCHASE,"
-                + "myRegistrar,3,RENEW | TLD: test | TERM: 0-year,20.50,USD,");
+                + ",3,RENEW | TLD: test | TERM: 0-year,20.50,USD,");
   }
 
   @Test

core/src/test/java/google/registry/beam/billing/InvoicingPipelineTest.java

@@ -199,6 +199,36 @@ class InvoicingPipelineTest {
               0,
               "USD",
               20.0,
+              ""),
+          google.registry.beam.billing.BillingEvent.create(
+              15,
+              DateTime.parse("2017-10-02T00:00:00.0Z"),
+              DateTime.parse("2017-10-04T00:00:00.0Z"),
+              "theRegistrarCopy",
+              "234",
+              "",
+              "test",
+              "CREATE",
+              "mydomainfromanotherclient.test",
+              "REPO-ID",
+              5,
+              "JPY",
+              70.0,
+              ""),
+          google.registry.beam.billing.BillingEvent.create(
+              16,
+              DateTime.parse("2017-10-04T00:00:00Z"),
+              DateTime.parse("2017-10-04T00:00:00Z"),
+              "theRegistrarCopy",
+              "234",
+              "",
+              "test",
+              "RENEW",
+              "mydomain2fromanotherclient.test",
+              "REPO-ID",
+              3,
+              "USD",
+              20.5,
               ""));
 
   private static final ImmutableMap<String, ImmutableList<String>> EXPECTED_DETAILED_REPORT_MAP =
@@ -224,18 +254,26 @@ class InvoicingPipelineTest {
           "invoice_details_2017-10_anotherRegistrar_test.csv",
           ImmutableList.of(
               "5,2017-10-04 00:00:00 UTC,2017-10-04 00:00:00 UTC,anotherRegistrar,789,,"
-                  + "test,CREATE,mydomain5.test,REPO-ID,1,USD,0.00,SUNRISE ANCHOR_TENANT"));
+                  + "test,CREATE,mydomain5.test,REPO-ID,1,USD,0.00,SUNRISE ANCHOR_TENANT"),
+          "invoice_details_2017-10_theRegistrarCopy_test.csv",
+          ImmutableList.of(
+              "15,2017-10-02 00:00:00 UTC,2017-10-04 00:00:00"
+                  + " UTC,theRegistrarCopy,234,,test,CREATE,mydomainfromanotherclient.test,REPO-ID,5,JPY,70.00,",
+              "16,2017-10-04 00:00:00 UTC,2017-10-04 00:00:00"
+                  + " UTC,theRegistrarCopy,234,,test,RENEW,mydomain2fromanotherclient.test,REPO-ID,3,USD,20.50,"));
 
   private static final ImmutableList<String> EXPECTED_INVOICE_OUTPUT =
       ImmutableList.of(
-          "2017-10-01,2020-09-30,234,41.00,USD,10125,1,PURCHASE,theRegistrar,2,"
+          "2017-10-01,2020-09-30,234,61.50,USD,10125,1,PURCHASE,,3,"
               + "RENEW | TLD: test | TERM: 3-year,20.50,USD,",
-          "2017-10-01,2022-09-30,234,70.00,JPY,10125,1,PURCHASE,theRegistrar,1,"
+          "2017-10-01,2022-09-30,234,70.00,JPY,10125,1,PURCHASE,,1,"
               + "CREATE | TLD: hello | TERM: 5-year,70.00,JPY,",
-          "2017-10-01,,234,20.00,USD,10125,1,PURCHASE,theRegistrar,1,"
+          "2017-10-01,,234,20.00,USD,10125,1,PURCHASE,,1,"
               + "SERVER_STATUS | TLD: test | TERM: 0-year,20.00,USD,",
-          "2017-10-01,2018-09-30,456,20.50,USD,10125,1,PURCHASE,bestdomains,1,"
-              + "RENEW | TLD: test | TERM: 1-year,20.50,USD,116688");
+          "2017-10-01,2018-09-30,456,20.50,USD,10125,1,PURCHASE,,1,"
+              + "RENEW | TLD: test | TERM: 1-year,20.50,USD,116688",
+          "2017-10-01,2022-09-30,234,70.00,JPY,10125,1,PURCHASE,,1,CREATE | TLD: test | TERM:"
+              + " 5-year,70.00,JPY,");
 
   private final InvoicingPipelineOptions options =
       PipelineOptionsFactory.create().as(InvoicingPipelineOptions.class);
@@ -355,21 +393,21 @@ class InvoicingPipelineTest {
         .isEqualTo(
             """
 
-      SELECT b, r FROM BillingEvent b
-      JOIN Registrar r ON b.clientId = r.registrarId
-      JOIN Domain d ON b.domainRepoId = d.repoId
-      JOIN Tld t ON t.tldStr = d.tld
-      LEFT JOIN BillingCancellation c ON b.id = c.billingEvent
-      LEFT JOIN BillingCancellation cr ON b.cancellationMatchingBillingEvent = cr.billingRecurrence
-      WHERE r.billingAccountMap IS NOT NULL
-      AND r.type = 'REAL'
-      AND t.invoicingEnabled IS TRUE
-      AND CAST(b.billingTime AS timestamp)
-          BETWEEN CAST('2017-10-01T00:00:00Z' AS timestamp)
-          AND CAST('2017-11-01T00:00:00Z' AS timestamp)
-      AND c.id IS NULL
-      AND cr.id IS NULL
-      """);
+SELECT b, r FROM BillingEvent b
+JOIN Registrar r ON b.clientId = r.registrarId
+JOIN Domain d ON b.domainRepoId = d.repoId
+JOIN Tld t ON t.tldStr = d.tld
+LEFT JOIN BillingCancellation c ON b.id = c.billingEvent
+LEFT JOIN BillingCancellation cr ON b.cancellationMatchingBillingEvent = cr.billingRecurrence
+WHERE r.billingAccountMap IS NOT NULL
+AND r.type = 'REAL'
+AND t.invoicingEnabled IS TRUE
+AND CAST(b.billingTime AS timestamp)
+    BETWEEN CAST('2017-10-01T00:00:00Z' AS timestamp)
+    AND CAST('2017-11-01T00:00:00Z' AS timestamp)
+AND c.id IS NULL
+AND cr.id IS NULL
+""");
   }
 
   /** Returns the text contents of a file under the beamBucket/results directory. */
@@ -391,6 +429,13 @@ class InvoicingPipelineTest {
             .setBillingAccountMap(ImmutableMap.of(JPY, "234", USD, "234"))
             .build();
     persistResource(registrar1);
+    Registrar registrar11 = persistNewRegistrar("theRegistrarCopy");
+    registrar11 =
+        registrar11
+            .asBuilder()
+            .setBillingAccountMap(ImmutableMap.of(JPY, "234", USD, "234"))
+            .build();
+    persistResource(registrar11);
     Registrar registrar2 = persistNewRegistrar("bestdomains");
     registrar2 =
         registrar2
@@ -547,6 +592,21 @@ class InvoicingPipelineTest {
             .setDomainHistory(domainHistoryRecurrence)
             .build();
     persistResource(cancellationRecurrence);
+
+    // Domains created for registrar with = key but != client id.
+    Domain domain14 = persistActiveDomain("mydomainfromanotherclient.test");
+    Domain domain15 = persistActiveDomain("mydomain2fromanotherclient.test");
+
+    persistBillingEvent(
+        15,
+        domain14,
+        registrar11,
+        Reason.CREATE,
+        5,
+        Money.ofMajor(JPY, 70),
+        DateTime.parse("2017-10-04T00:00:00.0Z"),
+        DateTime.parse("2017-10-02T00:00:00.0Z"));
+    persistBillingEvent(16, domain15, registrar11, Reason.RENEW, 3, Money.of(USD, 20.5));
   }
 
   private static DomainHistory persistDomainHistory(Domain domain, Registrar registrar) {

core/src/test/java/google/registry/beam/common/RegistryPipelineWorkerInitializerTest.java

@@ -0,0 +1,36 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.beam.common;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import google.registry.util.RegistryEnvironment;
+import org.apache.beam.sdk.options.PipelineOptionsFactory;
+import org.junit.jupiter.api.Test;
+
+public class RegistryPipelineWorkerInitializerTest {
+
+  @Test
+  void test() {
+    RegistryPipelineOptions options =
+        PipelineOptionsFactory.fromArgs(
+                "--registryEnvironment=ALPHA", "--isolationOverride=TRANSACTION_SERIALIZABLE")
+            .withValidation()
+            .as(RegistryPipelineOptions.class);
+    new RegistryPipelineWorkerInitializer().beforeProcessing(options);
+    assertThat(RegistryEnvironment.isOnJetty()).isTrue();
+    System.clearProperty("google.registry.jetty");
+  }
+}

core/src/test/java/google/registry/beam/rde/RdePipelineTest.java

@@ -70,7 +70,7 @@ import google.registry.model.rde.RdeMode;
 import google.registry.model.rde.RdeRevision;
 import google.registry.model.rde.RdeRevision.RdeRevisionId;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.DomainTransactionRecord.TransactionReportField;
 import google.registry.model.reporting.HistoryEntry;
@@ -388,22 +388,22 @@ public class RdePipelineTest {
                       assertThat(domainFrags.stream().findFirst().get().xml().strip())
                           .isEqualTo(
                               """
-                          <rdeDomain:domain>
-                              <rdeDomain:name>cat.fun</rdeDomain:name>
-                              <rdeDomain:roid>15-FUN</rdeDomain:roid>
-                              <rdeDomain:uName>cat.fun</rdeDomain:uName>
-                              <rdeDomain:status s="ok"/>
-                              <rdeDomain:contact type="admin">contact456</rdeDomain:contact>
-                              <rdeDomain:contact type="tech">contact456</rdeDomain:contact>
-                              <rdeDomain:ns>
-                                  <domain:hostObj>ns1.external.tld</domain:hostObj>
-                                  <domain:hostObj>ns1.hello.soy</domain:hostObj>
-                              </rdeDomain:ns>
-                              <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
-                              <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
-                              <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
-                              <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
-                          </rdeDomain:domain>""");
+                              <rdeDomain:domain>
+                                  <rdeDomain:name>cat.fun</rdeDomain:name>
+                                  <rdeDomain:roid>15-FUN</rdeDomain:roid>
+                                  <rdeDomain:uName>cat.fun</rdeDomain:uName>
+                                  <rdeDomain:status s="ok"/>
+                                  <rdeDomain:contact type="admin">contact456</rdeDomain:contact>
+                                  <rdeDomain:contact type="tech">contact456</rdeDomain:contact>
+                                  <rdeDomain:ns>
+                                      <domain:hostObj>ns1.external.tld</domain:hostObj>
+                                      <domain:hostObj>ns1.hello.soy</domain:hostObj>
+                                  </rdeDomain:ns>
+                                  <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
+                                  <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
+                                  <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
+                                  <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
+                              </rdeDomain:domain>""");
                     }
                     if (kv.getKey().mode().equals(FULL)) {
                       // Contact fragments for hello.soy.
@@ -425,23 +425,23 @@ public class RdePipelineTest {
                         assertThat(domainFrags.stream().findFirst().get().xml().strip())
                             .isEqualTo(
                                 """
-                          <rdeDomain:domain>
-                              <rdeDomain:name>hello.soy</rdeDomain:name>
-                              <rdeDomain:roid>E-SOY</rdeDomain:roid>
-                              <rdeDomain:uName>hello.soy</rdeDomain:uName>
-                              <rdeDomain:status s="ok"/>
-                              <rdeDomain:registrant>contact1234</rdeDomain:registrant>
-                              <rdeDomain:contact type="admin">contact789</rdeDomain:contact>
-                              <rdeDomain:contact type="tech">contact1234</rdeDomain:contact>
-                              <rdeDomain:ns>
-                                  <domain:hostObj>ns1.external.tld</domain:hostObj>
-                                  <domain:hostObj>ns1.lol.cat</domain:hostObj>
-                              </rdeDomain:ns>
-                              <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
-                              <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
-                              <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
-                              <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
-                          </rdeDomain:domain>""");
+                                <rdeDomain:domain>
+                                    <rdeDomain:name>hello.soy</rdeDomain:name>
+                                    <rdeDomain:roid>E-SOY</rdeDomain:roid>
+                                    <rdeDomain:uName>hello.soy</rdeDomain:uName>
+                                    <rdeDomain:status s="ok"/>
+                                    <rdeDomain:registrant>contact1234</rdeDomain:registrant>
+                                    <rdeDomain:contact type="admin">contact789</rdeDomain:contact>
+                                    <rdeDomain:contact type="tech">contact1234</rdeDomain:contact>
+                                    <rdeDomain:ns>
+                                        <domain:hostObj>ns1.external.tld</domain:hostObj>
+                                        <domain:hostObj>ns1.lol.cat</domain:hostObj>
+                                    </rdeDomain:ns>
+                                    <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
+                                    <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
+                                    <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
+                                    <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
+                                </rdeDomain:domain>""");
                       } else {
                         // Contact fragments for cat.fun.
                         assertThat(
@@ -471,20 +471,20 @@ public class RdePipelineTest {
                       assertThat(domainFrags.stream().findFirst().get().xml().strip())
                           .isEqualTo(
                               """
-                          <rdeDomain:domain>
-                              <rdeDomain:name>hello.soy</rdeDomain:name>
-                              <rdeDomain:roid>E-SOY</rdeDomain:roid>
-                              <rdeDomain:uName>hello.soy</rdeDomain:uName>
-                              <rdeDomain:status s="ok"/>
-                              <rdeDomain:ns>
-                                  <domain:hostObj>ns1.external.tld</domain:hostObj>
-                                  <domain:hostObj>ns1.lol.cat</domain:hostObj>
-                              </rdeDomain:ns>
-                              <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
-                              <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
-                              <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
-                              <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
-                          </rdeDomain:domain>""");
+                              <rdeDomain:domain>
+                                  <rdeDomain:name>hello.soy</rdeDomain:name>
+                                  <rdeDomain:roid>E-SOY</rdeDomain:roid>
+                                  <rdeDomain:uName>hello.soy</rdeDomain:uName>
+                                  <rdeDomain:status s="ok"/>
+                                  <rdeDomain:ns>
+                                      <domain:hostObj>ns1.external.tld</domain:hostObj>
+                                      <domain:hostObj>ns1.lol.cat</domain:hostObj>
+                                  </rdeDomain:ns>
+                                  <rdeDomain:clID>TheRegistrar</rdeDomain:clID>
+                                  <rdeDomain:crRr>TheRegistrar</rdeDomain:crRr>
+                                  <rdeDomain:crDate>1970-01-01T00:00:00Z</rdeDomain:crDate>
+                                  <rdeDomain:exDate>294247-01-10T04:00:54Z</rdeDomain:exDate>
+                              </rdeDomain:domain>""");
                     }
                   });
               return null;

core/src/test/java/google/registry/export/SyncGroupMembersActionTest.java

@@ -16,9 +16,9 @@ package google.registry.export;
 
 import static com.google.common.truth.Truth.assertThat;
 import static google.registry.export.SyncGroupMembersAction.getGroupEmailAddressForContactType;
-import static google.registry.model.registrar.RegistrarPocBase.Type.ADMIN;
-import static google.registry.model.registrar.RegistrarPocBase.Type.MARKETING;
-import static google.registry.model.registrar.RegistrarPocBase.Type.TECH;
+import static google.registry.model.registrar.RegistrarPoc.Type.ADMIN;
+import static google.registry.model.registrar.RegistrarPoc.Type.MARKETING;
+import static google.registry.model.registrar.RegistrarPoc.Type.TECH;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.testing.DatabaseHelper.loadRegistrar;
 import static google.registry.testing.DatabaseHelper.persistResource;

core/src/test/java/google/registry/export/sheet/SyncRegistrarsSheetTest.java

@@ -38,7 +38,6 @@ import google.registry.model.common.Cursor;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.testing.DatabaseHelper;
@@ -158,8 +157,7 @@ public class SyncRegistrarsSheetTest {
                 .setName("Jane Doe")
                 .setEmailAddress("contact@example.com")
                 .setPhoneNumber("+1.1234567890")
-                .setTypes(
-                    ImmutableSet.of(RegistrarPocBase.Type.ADMIN, RegistrarPocBase.Type.BILLING))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN, RegistrarPoc.Type.BILLING))
                 .build(),
             new RegistrarPoc.Builder()
                 .setRegistrar(registrar)
@@ -167,7 +165,7 @@ public class SyncRegistrarsSheetTest {
                 .setEmailAddress("john.doe@example.tld")
                 .setPhoneNumber("+1.1234567890")
                 .setFaxNumber("+1.1234567891")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
                 // Purposely flip the internal/external admin/tech
                 // distinction to make sure we're not relying on it.  Sigh.
                 .setVisibleInWhoisAsAdmin(false)
@@ -177,7 +175,7 @@ public class SyncRegistrarsSheetTest {
                 .setRegistrar(registrar)
                 .setName("Jane Smith")
                 .setEmailAddress("pride@example.net")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .build());
     // Use registrar key for contacts' parent.
     DateTime registrarCreationTime = persistResource(registrar).getCreationTime();
@@ -199,37 +197,37 @@ public class SyncRegistrarsSheetTest {
         .containsEntry(
             "primaryContacts",
             """
-                Jane Doe
-                contact@example.com
-                Tel: +1.1234567890
-                Types: [ADMIN, BILLING]
-                Visible in registrar WHOIS query as Admin contact: No
-                Visible in registrar WHOIS query as Technical contact: No
-                Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
-                 info: No
+            Jane Doe
+            contact@example.com
+            Tel: +1.1234567890
+            Types: [ADMIN, BILLING]
+            Visible in registrar WHOIS query as Admin contact: No
+            Visible in registrar WHOIS query as Technical contact: No
+            Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
+             info: No
 
-                John Doe
-                john.doe@example.tld
-                Tel: +1.1234567890
-                Fax: +1.1234567891
-                Types: [ADMIN]
-                Visible in registrar WHOIS query as Admin contact: No
-                Visible in registrar WHOIS query as Technical contact: Yes
-                Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
-                 info: No
-                """);
+            John Doe
+            john.doe@example.tld
+            Tel: +1.1234567890
+            Fax: +1.1234567891
+            Types: [ADMIN]
+            Visible in registrar WHOIS query as Admin contact: No
+            Visible in registrar WHOIS query as Technical contact: Yes
+            Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
+             info: No
+            """);
     assertThat(row)
         .containsEntry(
             "techContacts",
             """
-                Jane Smith
-                pride@example.net
-                Types: [TECH]
-                Visible in registrar WHOIS query as Admin contact: No
-                Visible in registrar WHOIS query as Technical contact: No
-                Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
-                 info: No
-                """);
+            Jane Smith
+            pride@example.net
+            Types: [TECH]
+            Visible in registrar WHOIS query as Admin contact: No
+            Visible in registrar WHOIS query as Technical contact: No
+            Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
+             info: No
+            """);
     assertThat(row).containsEntry("marketingContacts", "");
     assertThat(row).containsEntry("abuseContacts", "");
     assertThat(row).containsEntry("whoisInquiryContacts", "");
@@ -238,30 +236,30 @@ public class SyncRegistrarsSheetTest {
         .containsEntry(
             "billingContacts",
             """
-                Jane Doe
-                contact@example.com
-                Tel: +1.1234567890
-                Types: [ADMIN, BILLING]
-                Visible in registrar WHOIS query as Admin contact: No
-                Visible in registrar WHOIS query as Technical contact: No
-                Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
-                 info: No
-                """);
+            Jane Doe
+            contact@example.com
+            Tel: +1.1234567890
+            Types: [ADMIN, BILLING]
+            Visible in registrar WHOIS query as Admin contact: No
+            Visible in registrar WHOIS query as Technical contact: No
+            Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
+             info: No
+            """);
     assertThat(row).containsEntry("contactsMarkedAsWhoisAdmin", "");
     assertThat(row)
         .containsEntry(
             "contactsMarkedAsWhoisTech",
             """
-                John Doe
-                john.doe@example.tld
-                Tel: +1.1234567890
-                Fax: +1.1234567891
-                Types: [ADMIN]
-                Visible in registrar WHOIS query as Admin contact: No
-                Visible in registrar WHOIS query as Technical contact: Yes
-                Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
-                 info: No
-                """);
+            John Doe
+            john.doe@example.tld
+            Tel: +1.1234567890
+            Fax: +1.1234567891
+            Types: [ADMIN]
+            Visible in registrar WHOIS query as Admin contact: No
+            Visible in registrar WHOIS query as Technical contact: Yes
+            Phone number and email visible in domain WHOIS query as Registrar Abuse contact\
+             info: No
+            """);
     assertThat(row).containsEntry("emailAddress", "nowhere@example.org");
     assertThat(row).containsEntry(
         "address.street", "I get fallen back upon since there's no l10n addr");

core/src/test/java/google/registry/flows/FlowModuleTest.java

@@ -58,7 +58,7 @@ public class FlowModuleTest {
 
   @Test
   void givenNonMutatingFlow_thenReplicaTmIsUsed() throws EppException {
-    String eppInputXmlFilename = "domain_info.xml";
+    String eppInputXmlFilename = "domain_check.xml";
     FlowModule flowModule =
         new FlowModule.Builder().setEppInput(getEppInput(eppInputXmlFilename)).build();
     JpaTransactionManager tm =

core/src/test/java/google/registry/flows/domain/DomainCheckFlowTest.java

@@ -211,8 +211,8 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     doCheckTest(
         create(true, "example1.tld", null),
         create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Reserved; alloc. token required"));
+        create(false, "reserved.tld", "Alloc token invalid for domain"),
+        create(false, "specificuse.tld", "Alloc token invalid for domain"));
   }
 
   @Test
@@ -230,8 +230,8 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     doCheckTest(
         create(false, "example1.tld", "Blocked by a GlobalBlock service"),
         create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Reserved; alloc. token required"));
+        create(false, "reserved.tld", "Alloc token invalid for domain"),
+        create(false, "specificuse.tld", "Alloc token invalid for domain"));
   }
 
   @Test
@@ -257,17 +257,6 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
         create(true, "example3.tld", null));
   }
 
-  @Test
-  void testSuccess_oneExists_allocationTokenIsInvalid() throws Exception {
-    setEppInput("domain_check_allocationtoken.xml");
-    persistActiveDomain("example1.tld");
-    doCheckTest(
-        create(false, "example1.tld", "In use"),
-        create(false, "example2.tld", "The allocation token is invalid"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Reserved; alloc. token required"));
-  }
-
   @Test
   void testSuccess_oneExists_allocationTokenIsValid() throws Exception {
     setEppInput("domain_check_allocationtoken.xml");
@@ -300,24 +289,6 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     runFlowAssertResponse(loadFile("domain_check_allocationtoken_fee_anchor_response.xml"));
   }
 
-  @Test
-  void testSuccess_oneExists_allocationTokenIsRedeemed() throws Exception {
-    setEppInput("domain_check_allocationtoken.xml");
-    Domain domain = persistActiveDomain("example1.tld");
-    HistoryEntryId historyEntryId = new HistoryEntryId(domain.getRepoId(), 1L);
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setRedemptionHistoryId(historyEntryId)
-            .build());
-    doCheckTest(
-        create(false, "example1.tld", "In use"),
-        create(false, "example2.tld", "Alloc token was already redeemed"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Reserved; alloc. token required"));
-  }
-
   @Test
   void testSuccess_oneExists_allocationTokenForReservedDomain() throws Exception {
     setEppInput("domain_check_allocationtoken.xml");
@@ -329,9 +300,9 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
             .setTokenType(SINGLE_USE)
             .build());
     doCheckTest(
-        create(false, "example1.tld", "In use"),
+        create(false, "example1.tld", "Alloc token invalid for domain"),
         create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
+        create(false, "reserved.tld", "Alloc token invalid for domain"),
         create(true, "specificuse.tld", null));
   }
 
@@ -350,23 +321,6 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     runFlowAssertResponse(loadFile("domain_check_allocationtoken_fee_specificuse_response.xml"));
   }
 
-  @Test
-  void testSuccess_oneExists_allocationTokenForWrongDomain() throws Exception {
-    setEppInput("domain_check_allocationtoken.xml");
-    persistActiveDomain("example1.tld");
-    persistResource(
-        new AllocationToken.Builder()
-            .setDomainName("someotherdomain.tld")
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .build());
-    doCheckTest(
-        create(false, "example1.tld", "In use"),
-        create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Reserved; alloc. token required"));
-  }
-
   @Test
   void testSuccess_notOutOfDateToken_forSpecificDomain() throws Exception {
     setEppInput("domain_check_allocationtoken.xml");
@@ -385,44 +339,10 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     doCheckTest(
         create(false, "example1.tld", "Alloc token invalid for domain"),
         create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
+        create(false, "reserved.tld", "Alloc token invalid for domain"),
         create(true, "specificuse.tld", null));
   }
 
-  @Test
-  void testSuccess_outOfDateToken_forSpecificDomain() throws Exception {
-    setEppInput("domain_check_allocationtoken.xml");
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setDomainName("specificuse.tld")
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, TokenStatus.NOT_STARTED)
-                    .put(clock.nowUtc().minusDays(2), TokenStatus.VALID)
-                    .put(clock.nowUtc().minusDays(1), TokenStatus.ENDED)
-                    .build())
-            .build());
-    doCheckTest(
-        create(false, "example1.tld", "Alloc token invalid for domain"),
-        create(false, "example2.tld", "Alloc token invalid for domain"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "specificuse.tld", "Alloc token not in promo period"));
-  }
-
-  @Test
-  void testSuccess_nothingExists_reservationsOverrideInvalidAllocationTokens() throws Exception {
-    setEppInput("domain_check_reserved_allocationtoken.xml");
-    // Fill out these reasons
-    doCheckTest(
-        create(false, "collision.tld", "Cannot be delegated"),
-        create(false, "reserved.tld", "Reserved"),
-        create(false, "anchor.tld", "Reserved; alloc. token required"),
-        create(false, "allowedinsunrise.tld", "Reserved"),
-        create(false, "premiumcollision.tld", "Cannot be delegated"));
-  }
-
   @Test
   void testSuccess_allocationTokenPromotion_singleYear() throws Exception {
     createTld("example");
@@ -500,7 +420,75 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
   }
 
   @Test
-  void testFailure_allocationTokenPromotion_PremiumsNotSet() throws Exception {
+  void testSuccess_allocationTokenInvalid_overridesOtherErrors() throws Exception {
+    setEppInput("domain_check_allocationtoken.xml");
+    persistActiveDomain("example1.tld");
+    doCheckTest(
+        create(false, "example1.tld", "The allocation token is invalid"),
+        create(false, "example2.tld", "The allocation token is invalid"),
+        create(false, "reserved.tld", "The allocation token is invalid"),
+        create(false, "specificuse.tld", "The allocation token is invalid"));
+  }
+
+  @Test
+  void testSuccess_allocationTokenForWrongDomain_overridesOtherConcerns() throws Exception {
+    setEppInput("domain_check_allocationtoken.xml");
+    persistActiveDomain("example1.tld");
+    persistResource(
+        new AllocationToken.Builder()
+            .setDomainName("someotherdomain.tld")
+            .setToken("abc123")
+            .setTokenType(SINGLE_USE)
+            .build());
+    doCheckTest(
+        create(false, "example1.tld", "Alloc token invalid for domain"),
+        create(false, "example2.tld", "Alloc token invalid for domain"),
+        create(false, "reserved.tld", "Alloc token invalid for domain"),
+        create(false, "specificuse.tld", "Alloc token invalid for domain"));
+  }
+
+  @Test
+  void testSuccess_outOfDateToken_overridesOtherIssues() throws Exception {
+    setEppInput("domain_check_allocationtoken.xml");
+    persistResource(
+        new AllocationToken.Builder()
+            .setToken("abc123")
+            .setTokenType(SINGLE_USE)
+            .setDomainName("specificuse.tld")
+            .setTokenStatusTransitions(
+                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
+                    .put(START_OF_TIME, TokenStatus.NOT_STARTED)
+                    .put(clock.nowUtc().minusDays(2), TokenStatus.VALID)
+                    .put(clock.nowUtc().minusDays(1), TokenStatus.ENDED)
+                    .build())
+            .build());
+    doCheckTest(
+        create(false, "example1.tld", "Alloc token not in promo period"),
+        create(false, "example2.tld", "Alloc token not in promo period"),
+        create(false, "reserved.tld", "Alloc token not in promo period"),
+        create(false, "specificuse.tld", "Alloc token not in promo period"));
+  }
+
+  @Test
+  void testSuccess_redeemedTokenOverridesOtherConcerns() throws Exception {
+    setEppInput("domain_check_allocationtoken.xml");
+    Domain domain = persistActiveDomain("example1.tld");
+    HistoryEntryId historyEntryId = new HistoryEntryId(domain.getRepoId(), 1L);
+    persistResource(
+        new AllocationToken.Builder()
+            .setToken("abc123")
+            .setTokenType(SINGLE_USE)
+            .setRedemptionHistoryId(historyEntryId)
+            .build());
+    doCheckTest(
+        create(false, "example1.tld", "Alloc token was already redeemed"),
+        create(false, "example2.tld", "Alloc token was already redeemed"),
+        create(false, "reserved.tld", "Alloc token was already redeemed"),
+        create(false, "specificuse.tld", "Alloc token was already redeemed"));
+  }
+
+  @Test
+  void testSuccess_allocationTokenPromotion_noPremium_stillPasses() throws Exception {
     createTld("example");
     persistResource(
         new AllocationToken.Builder()
@@ -515,7 +503,7 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
         ImmutableMap.of("DOMAIN", "rich.example"));
     doCheckTest(
         create(true, "example1.example", null),
-        create(false, "rich.example", "Token not valid for premium name"),
+        create(true, "rich.example", null),
         create(true, "example3.example", null));
   }
 
@@ -572,7 +560,8 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     doCheckTest(
         create(false, "example1.tld", "Alloc token not in promo period"),
         create(false, "example2.example", "Alloc token not in promo period"),
-        create(false, "reserved.tld", "Reserved"));
+        create(false, "reserved.tld", "Alloc token not in promo period"),
+        create(false, "rich.example", "Alloc token not in promo period"));
   }
 
   @Test
@@ -593,9 +582,10 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
             .build());
     setEppInput("domain_check_allocationtoken_fee.xml");
     doCheckTest(
-        create(false, "example1.tld", "Alloc token invalid for TLD"),
+        create(true, "example1.tld", null),
         create(true, "example2.example", null),
-        create(false, "reserved.tld", "Reserved"));
+        create(false, "reserved.tld", "Reserved"),
+        create(true, "rich.example", null));
   }
 
   @Test
@@ -618,7 +608,8 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
     doCheckTest(
         create(false, "example1.tld", "Alloc token invalid for client"),
         create(false, "example2.example", "Alloc token invalid for client"),
-        create(false, "reserved.tld", "Reserved"));
+        create(false, "reserved.tld", "Alloc token invalid for client"),
+        create(false, "rich.example", "Alloc token invalid for client"));
   }
 
   @Test
@@ -999,6 +990,7 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
             .setToken("abc123")
             .setTokenType(UNLIMITED_USE)
             .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE, CommandName.TRANSFER))
+            .setDiscountFraction(0.1)
             .build());
     setEppInput("domain_check_fee_multiple_commands_allocationtoken_v06.xml");
     runFlowAssertResponse(
@@ -1028,6 +1020,7 @@ class DomainCheckFlowTest extends ResourceCheckFlowTestCase<DomainCheckFlow, Dom
             .setToken("abc123")
             .setTokenType(UNLIMITED_USE)
             .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE, CommandName.TRANSFER))
+            .setDiscountFraction(0.1)
             .build());
     setEppInput("domain_check_fee_multiple_commands_allocationtoken_v12.xml");
     runFlowAssertResponse(

core/src/test/java/google/registry/flows/domain/DomainCreateFlowTest.java

@@ -141,13 +141,10 @@ import google.registry.flows.domain.DomainFlowUtils.TrailingDashException;
 import google.registry.flows.domain.DomainFlowUtils.UnexpectedClaimsNoticeException;
 import google.registry.flows.domain.DomainFlowUtils.UnsupportedFeeAttributeException;
 import google.registry.flows.domain.DomainFlowUtils.UnsupportedMarkTypeException;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.flows.exceptions.OnlyToolCanPassMetadataException;
 import google.registry.flows.exceptions.ResourceAlreadyExistsForThisClientException;
 import google.registry.flows.exceptions.ResourceCreateContentionException;
@@ -174,7 +171,7 @@ import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.poll.PendingActionNotificationResponse.DomainPendingActionNotificationResponse;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.DomainTransactionRecord.TransactionReportField;
 import google.registry.model.reporting.HistoryEntry;
@@ -529,51 +526,10 @@ class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow, Domain
         "domain_create_allocationtoken.xml",
         ImmutableMap.of("DOMAIN", "example.tld", "YEARS", "2"));
     persistContactsAndHosts();
-    EppException thrown = assertThrows(InvalidAllocationTokenException.class, this::runFlow);
+    EppException thrown = assertThrows(NonexistentAllocationTokenException.class, this::runFlow);
     assertAboutEppExceptions().that(thrown).marshalsToXml();
   }
 
-  @Test
-  void testFailure_reservedDomainCreate_allocationTokenIsForADifferentDomain() {
-    // Try to register a reserved domain name with an allocation token valid for a different domain
-    // name.
-    setEppInput(
-        "domain_create_allocationtoken.xml", ImmutableMap.of("DOMAIN", "resdom.tld", "YEARS", "2"));
-    persistContactsAndHosts();
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setDomainName("otherdomain.tld")
-            .build());
-    clock.advanceOneMilli();
-    EppException thrown =
-        assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
-    assertAllocationTokenWasNotRedeemed("abc123");
-  }
-
-  @Test
-  void testFailure_nonreservedDomainCreate_allocationTokenIsForADifferentDomain() {
-    // Try to register a non-reserved domain name with an allocation token valid for a different
-    // domain name.
-    setEppInput(
-        "domain_create_allocationtoken.xml",
-        ImmutableMap.of("DOMAIN", "example.tld", "YEARS", "2"));
-    persistContactsAndHosts();
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setDomainName("otherdomain.tld")
-            .build());
-    clock.advanceOneMilli();
-    EppException thrown =
-        assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
-    assertAllocationTokenWasNotRedeemed("abc123");
-  }
-
   @Test
   void testFailure_alreadyRedemeedAllocationToken() {
     setEppInput(
@@ -1704,32 +1660,6 @@ class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow, Domain
     assertThat(billingEvent.getCost()).isEqualTo(Money.of(USD, 204.44));
   }
 
-  @Test
-  void testSuccess_promotionDoesNotApplyToPremiumPrice() {
-    // Discounts only apply to premium domains if the token is explicitly configured to allow it.
-    createTld("example");
-    persistContactsAndHosts();
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(UNLIMITED_USE)
-            .setDiscountFraction(0.5)
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, TokenStatus.NOT_STARTED)
-                    .put(clock.nowUtc().plusMillis(1), TokenStatus.VALID)
-                    .put(clock.nowUtc().plusSeconds(1), TokenStatus.ENDED)
-                    .build())
-            .build());
-    clock.advanceOneMilli();
-    setEppInput(
-        "domain_create_premium_allocationtoken.xml",
-        ImmutableMap.of("YEARS", "2", "FEE", "193.50"));
-    assertAboutEppExceptions()
-        .that(assertThrows(AllocationTokenInvalidForPremiumNameException.class, this::runFlow))
-        .marshalsToXml();
-  }
-
   @Test
   void testSuccess_token_premiumDomainZeroPrice_noFeeExtension() throws Exception {
     createTld("example");
@@ -1774,30 +1704,6 @@ class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow, Domain
         .marshalsToXml();
   }
 
-  @Test
-  void testSuccess_promoTokenNotValidForTld() {
-    persistContactsAndHosts();
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(UNLIMITED_USE)
-            .setAllowedTlds(ImmutableSet.of("example"))
-            .setDiscountFraction(0.5)
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, TokenStatus.NOT_STARTED)
-                    .put(clock.nowUtc().minusDays(1), TokenStatus.VALID)
-                    .put(clock.nowUtc().plusDays(1), TokenStatus.ENDED)
-                    .build())
-            .build());
-    setEppInput(
-        "domain_create_allocationtoken.xml",
-        ImmutableMap.of("DOMAIN", "example.tld", "YEARS", "2"));
-    assertAboutEppExceptions()
-        .that(assertThrows(AllocationTokenNotValidForTldException.class, this::runFlow))
-        .marshalsToXml();
-  }
-
   @Test
   void testSuccess_promoTokenNotValidForRegistrar() {
     persistContactsAndHosts();
@@ -3671,22 +3577,6 @@ class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow, Domain
     assertThrows(MissingClaimsNoticeException.class, this::runFlow);
   }
 
-  @Test
-  void testFailure_anchorTenant_mismatchedName_viaToken() throws Exception {
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setRegistrationBehavior(RegistrationBehavior.ANCHOR_TENANT)
-            .setDomainName("example.tld")
-            .build());
-    persistContactsAndHosts();
-    setEppInput(
-        "domain_create_allocationtoken.xml",
-        ImmutableMap.of("DOMAIN", "example-one.tld", "YEARS", "2"));
-    assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
-  }
-
   @Test
   void testSuccess_bulkToken_addsTokenToDomain() throws Exception {
     AllocationToken token =

core/src/test/java/google/registry/flows/domain/DomainInfoFlowTest.java

@@ -179,7 +179,7 @@ class DomainInfoFlowTest extends ResourceFlowTestCase<DomainInfoFlow, Domain> {
       ImmutableMap<String, String> substitutions,
       boolean expectHistoryAndBilling)
       throws Exception {
-    assertMutatingFlow(false);
+    assertMutatingFlow(true);
     String expected =
         loadFile(expectedXmlFilename, updateSubstitutions(substitutions, "ROID", "2FF-TLD"));
     if (inactive) {

core/src/test/java/google/registry/flows/domain/DomainPricingLogicTest.java

@@ -28,7 +28,6 @@ import static google.registry.testing.DatabaseHelper.persistPremiumList;
 import static google.registry.testing.DatabaseHelper.persistResource;
 import static google.registry.util.DateTimeUtils.END_OF_TIME;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
-import static org.joda.money.CurrencyUnit.JPY;
 import static org.joda.money.CurrencyUnit.USD;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 
@@ -39,8 +38,6 @@ import google.registry.flows.EppException;
 import google.registry.flows.HttpSessionMetadata;
 import google.registry.flows.SessionMetadata;
 import google.registry.flows.custom.DomainPricingCustomLogic;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForCurrencyException;
-import google.registry.flows.domain.DomainPricingLogic.AllocationTokenInvalidForPremiumNameException;
 import google.registry.model.billing.BillingBase.Reason;
 import google.registry.model.billing.BillingBase.RenewalPriceBehavior;
 import google.registry.model.billing.BillingRecurrence;
@@ -214,32 +211,6 @@ public class DomainPricingLogicTest {
                 .build());
   }
 
-  @Test
-  void
-      testGetDomainCreatePrice_withDiscountPriceToken_domainCurrencyDoesNotMatchTokensCurrency_throwsException() {
-    AllocationToken allocationToken =
-        persistResource(
-            new AllocationToken.Builder()
-                .setToken("abc123")
-                .setTokenType(SINGLE_USE)
-                .setDiscountPrice(Money.of(JPY, new BigDecimal("250")))
-                .setDiscountPremiums(false)
-                .build());
-
-    // Domain's currency is not JPY (is USD).
-    assertThrows(
-        AllocationTokenInvalidForCurrencyException.class,
-        () ->
-            domainPricingLogic.getCreatePrice(
-                tld,
-                "default.example",
-                clock.nowUtc(),
-                3,
-                false,
-                false,
-                Optional.of(allocationToken)));
-  }
-
   @Test
   void testGetDomainRenewPrice_oneYear_standardDomain_noBilling_isStandardPrice()
       throws EppException {
@@ -335,77 +306,6 @@ public class DomainPricingLogicTest {
                 .build());
   }
 
-  @Test
-  void
-      testGetDomainRenewPrice_oneYear_premiumDomain_default_withTokenNotValidForPremiums_throwsException() {
-    AllocationToken allocationToken =
-        persistResource(
-            new AllocationToken.Builder()
-                .setToken("abc123")
-                .setTokenType(SINGLE_USE)
-                .setDiscountFraction(0.5)
-                .setDiscountPremiums(false)
-                .build());
-    assertThrows(
-        AllocationTokenInvalidForPremiumNameException.class,
-        () ->
-            domainPricingLogic.getRenewPrice(
-                tld,
-                "premium.example",
-                clock.nowUtc(),
-                1,
-                persistDomainAndSetRecurrence("premium.example", DEFAULT, Optional.empty()),
-                Optional.of(allocationToken)));
-  }
-
-  @Test
-  void
-      testGetDomainRenewPrice_oneYear_premiumDomain_default_withDiscountPriceToken_throwsException() {
-    AllocationToken allocationToken =
-        persistResource(
-            new AllocationToken.Builder()
-                .setToken("abc123")
-                .setTokenType(SINGLE_USE)
-                .setDiscountPrice(Money.of(USD, 5))
-                .setDiscountPremiums(false)
-                .build());
-    assertThrows(
-        AllocationTokenInvalidForPremiumNameException.class,
-        () ->
-            domainPricingLogic.getRenewPrice(
-                tld,
-                "premium.example",
-                clock.nowUtc(),
-                1,
-                persistDomainAndSetRecurrence("premium.example", DEFAULT, Optional.empty()),
-                Optional.of(allocationToken)));
-  }
-
-  @Test
-  void
-      testGetDomainRenewPrice_withDiscountPriceToken_domainCurrencyDoesNotMatchTokensCurrency_throwsException() {
-    AllocationToken allocationToken =
-        persistResource(
-            new AllocationToken.Builder()
-                .setToken("abc123")
-                .setTokenType(SINGLE_USE)
-                .setDiscountPrice(Money.of(JPY, new BigDecimal("250")))
-                .setDiscountPremiums(false)
-                .build());
-
-    // Domain's currency is not JPY (is USD).
-    assertThrows(
-        AllocationTokenInvalidForCurrencyException.class,
-        () ->
-            domainPricingLogic.getRenewPrice(
-                tld,
-                "default.example",
-                clock.nowUtc(),
-                1,
-                persistDomainAndSetRecurrence("default.example", DEFAULT, Optional.empty()),
-                Optional.of(allocationToken)));
-  }
-
   @Test
   void testGetDomainRenewPrice_multiYear_premiumDomain_default_isPremiumCost() throws EppException {
     assertThat(
@@ -450,30 +350,6 @@ public class DomainPricingLogicTest {
                 .build());
   }
 
-  @Test
-  void
-      testGetDomainRenewPrice_multiYear_premiumDomain_default_withTokenNotValidForPremiums_throwsException() {
-    AllocationToken allocationToken =
-        persistResource(
-            new AllocationToken.Builder()
-                .setToken("abc123")
-                .setTokenType(SINGLE_USE)
-                .setDiscountFraction(0.5)
-                .setDiscountPremiums(false)
-                .setDiscountYears(2)
-                .build());
-    assertThrows(
-        AllocationTokenInvalidForPremiumNameException.class,
-        () ->
-            domainPricingLogic.getRenewPrice(
-                tld,
-                "premium.example",
-                clock.nowUtc(),
-                5,
-                persistDomainAndSetRecurrence("premium.example", DEFAULT, Optional.empty()),
-                Optional.of(allocationToken)));
-  }
-
   @Test
   void testGetDomainRenewPrice_oneYear_standardDomain_default_isNonPremiumPrice()
       throws EppException {

core/src/test/java/google/registry/flows/domain/DomainRenewFlowTest.java

@@ -69,13 +69,12 @@ import google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException
 import google.registry.flows.domain.DomainFlowUtils.RegistrarMustBeActiveForThisOperationException;
 import google.registry.flows.domain.DomainFlowUtils.UnsupportedFeeAttributeException;
 import google.registry.flows.domain.DomainRenewFlow.IncorrectCurrentExpirationDateException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.MissingRemoveBulkPricingTokenOnBulkPricingDomainException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.RemoveBulkPricingTokenOnNonBulkPricingDomainException;
 import google.registry.flows.exceptions.ResourceStatusProhibitsOperationException;
 import google.registry.model.billing.BillingBase.Flag;
@@ -93,7 +92,7 @@ import google.registry.model.domain.token.AllocationToken.TokenStatus;
 import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.DomainTransactionRecord.TransactionReportField;
 import google.registry.model.reporting.HistoryEntry;
@@ -459,10 +458,14 @@ class DomainRenewFlowTest extends ResourceFlowTestCase<DomainRenewFlow, Domain>
     ImmutableMap<String, String> customFeeMap =
         updateSubstitutions(
             FEE_06_MAP,
-            "NAME", "costly-renew.tld",
-            "PERIOD", "1",
-            "EX_DATE", "2001-04-03T22:00:00.0Z",
-            "FEE", "111.00");
+            "NAME",
+            "costly-renew.tld",
+            "PERIOD",
+            "1",
+            "EX_DATE",
+            "2001-04-03T22:00:00.0Z",
+            "FEE",
+            "111.00");
     setEppInput("domain_renew_fee.xml", customFeeMap);
     persistDomain();
     doSuccessfulTest(
@@ -694,7 +697,7 @@ class DomainRenewFlowTest extends ResourceFlowTestCase<DomainRenewFlow, Domain>
         "domain_renew_allocationtoken.xml",
         ImmutableMap.of("DOMAIN", "example.tld", "YEARS", "2", "TOKEN", "abc123"));
     persistDomain();
-    EppException thrown = assertThrows(InvalidAllocationTokenException.class, this::runFlow);
+    EppException thrown = assertThrows(NonexistentAllocationTokenException.class, this::runFlow);
     assertAboutEppExceptions().that(thrown).marshalsToXml();
   }
 
@@ -711,9 +714,12 @@ class DomainRenewFlowTest extends ResourceFlowTestCase<DomainRenewFlow, Domain>
             .setDomainName("otherdomain.tld")
             .build());
     clock.advanceOneMilli();
-    EppException thrown =
-        assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
+    assertAboutEppExceptions()
+        .that(
+            assertThrows(
+                AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException.class,
+                this::runFlow))
+        .marshalsToXml();
     assertAllocationTokenWasNotRedeemed("abc123");
   }
 
@@ -784,9 +790,10 @@ class DomainRenewFlowTest extends ResourceFlowTestCase<DomainRenewFlow, Domain>
                     .put(clock.nowUtc().plusDays(1), TokenStatus.ENDED)
                     .build())
             .build());
-    assertAboutEppExceptions()
-        .that(assertThrows(AllocationTokenNotValidForTldException.class, this::runFlow))
-        .marshalsToXml();
+    runFlowAssertResponse(
+        loadFile(
+            "domain_renew_response.xml",
+            ImmutableMap.of("DOMAIN", "example.tld", "EXDATE", "2002-04-03T22:00:00.0Z")));
     assertAllocationTokenWasNotRedeemed("abc123");
   }
 

core/src/test/java/google/registry/flows/domain/DomainRestoreRequestFlowTest.java

@@ -69,7 +69,7 @@ import google.registry.model.domain.rgp.GracePeriodStatus;
 import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.DomainTransactionRecord.TransactionReportField;
 import google.registry.model.reporting.HistoryEntry;

core/src/test/java/google/registry/flows/domain/DomainTransferApproveFlowTest.java

@@ -52,12 +52,11 @@ import google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException;
 import google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException;
 import google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException;
 import google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.flows.exceptions.NotPendingTransferException;
 import google.registry.model.billing.BillingBase;
 import google.registry.model.billing.BillingBase.Reason;
@@ -897,7 +896,7 @@ class DomainTransferApproveFlowTest
   @Test
   void testFailure_invalidAllocationToken() throws Exception {
     setEppInput("domain_transfer_approve_allocation_token.xml");
-    EppException thrown = assertThrows(InvalidAllocationTokenException.class, this::runFlow);
+    EppException thrown = assertThrows(NonexistentAllocationTokenException.class, this::runFlow);
     assertAboutEppExceptions().that(thrown).marshalsToXml();
   }
 
@@ -910,9 +909,12 @@ class DomainTransferApproveFlowTest
             .setDomainName("otherdomain.tld")
             .build());
     setEppInput("domain_transfer_approve_allocation_token.xml");
-    EppException thrown =
-        assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
+    assertAboutEppExceptions()
+        .that(
+            assertThrows(
+                AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException.class,
+                this::runFlow))
+        .marshalsToXml();
   }
 
   @Test
@@ -971,8 +973,7 @@ class DomainTransferApproveFlowTest
                     .build())
             .build());
     setEppInput("domain_transfer_approve_allocation_token.xml");
-    EppException thrown = assertThrows(AllocationTokenNotValidForTldException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
+    runFlowAssertResponse(loadFile("domain_transfer_approve_response.xml"));
   }
 
   @Test

core/src/test/java/google/registry/flows/domain/DomainTransferRequestFlowTest.java

@@ -79,11 +79,9 @@ import google.registry.flows.domain.DomainFlowUtils.PremiumNameBlockedException;
 import google.registry.flows.domain.DomainFlowUtils.RegistrarMustBeActiveForThisOperationException;
 import google.registry.flows.domain.DomainFlowUtils.UnsupportedFeeAttributeException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.flows.exceptions.AlreadyPendingTransferException;
 import google.registry.flows.exceptions.InvalidTransferPeriodValueException;
 import google.registry.flows.exceptions.MissingTransferRequestAuthInfoException;
@@ -114,7 +112,7 @@ import google.registry.model.eppcommon.Trid;
 import google.registry.model.poll.PendingActionNotificationResponse;
 import google.registry.model.poll.PollMessage;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
@@ -505,7 +503,7 @@ class DomainTransferRequestFlowTest
         implicitTransferTime,
         transferCost,
         originalGracePeriods,
-        /* expectTransferBillingEvent = */ true,
+        /* expectTransferBillingEvent= */ true,
         extraExpectedBillingEvents);
 
     assertPollMessagesEmitted(expectedExpirationTime, implicitTransferTime);
@@ -1859,22 +1857,7 @@ class DomainTransferRequestFlowTest
   void testFailure_invalidAllocationToken() throws Exception {
     setupDomain("example", "tld");
     setEppInput("domain_transfer_request_allocation_token.xml", ImmutableMap.of("TOKEN", "abc123"));
-    EppException thrown = assertThrows(InvalidAllocationTokenException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
-  }
-
-  @Test
-  void testFailure_allocationTokenIsForDifferentName() throws Exception {
-    setupDomain("example", "tld");
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(SINGLE_USE)
-            .setDomainName("otherdomain.tld")
-            .build());
-    setEppInput("domain_transfer_request_allocation_token.xml", ImmutableMap.of("TOKEN", "abc123"));
-    EppException thrown =
-        assertThrows(AllocationTokenNotValidForDomainException.class, this::runFlow);
+    EppException thrown = assertThrows(NonexistentAllocationTokenException.class, this::runFlow);
     assertAboutEppExceptions().that(thrown).marshalsToXml();
   }
 
@@ -1920,27 +1903,6 @@ class DomainTransferRequestFlowTest
     assertAboutEppExceptions().that(thrown).marshalsToXml();
   }
 
-  @Test
-  void testFailure_allocationTokenNotValidForTld() throws Exception {
-    setupDomain("example", "tld");
-    persistResource(
-        new AllocationToken.Builder()
-            .setToken("abc123")
-            .setTokenType(UNLIMITED_USE)
-            .setAllowedTlds(ImmutableSet.of("example"))
-            .setDiscountFraction(0.5)
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, TokenStatus.NOT_STARTED)
-                    .put(clock.nowUtc().minusDays(1), TokenStatus.VALID)
-                    .put(clock.nowUtc().plusDays(1), TokenStatus.ENDED)
-                    .build())
-            .build());
-    setEppInput("domain_transfer_request_allocation_token.xml", ImmutableMap.of("TOKEN", "abc123"));
-    EppException thrown = assertThrows(AllocationTokenNotValidForTldException.class, this::runFlow);
-    assertAboutEppExceptions().that(thrown).marshalsToXml();
-  }
-
   @Test
   void testFailure_allocationTokenAlreadyRedeemed() throws Exception {
     setupDomain("example", "tld");

core/src/test/java/google/registry/flows/domain/token/AllocationTokenFlowUtilsTest.java

@@ -19,31 +19,25 @@ import static google.registry.model.domain.token.AllocationToken.TokenStatus.CAN
 import static google.registry.model.domain.token.AllocationToken.TokenStatus.ENDED;
 import static google.registry.model.domain.token.AllocationToken.TokenStatus.NOT_STARTED;
 import static google.registry.model.domain.token.AllocationToken.TokenStatus.VALID;
+import static google.registry.model.domain.token.AllocationToken.TokenType.DEFAULT_PROMO;
 import static google.registry.model.domain.token.AllocationToken.TokenType.SINGLE_USE;
 import static google.registry.model.domain.token.AllocationToken.TokenType.UNLIMITED_USE;
 import static google.registry.testing.DatabaseHelper.createTld;
-import static google.registry.testing.DatabaseHelper.persistActiveDomain;
 import static google.registry.testing.DatabaseHelper.persistResource;
 import static google.registry.testing.EppExceptionSubject.assertAboutEppExceptions;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
-import static org.joda.time.DateTimeZone.UTC;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
 import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.ImmutableSortedMap;
 import com.google.common.net.InternetDomainName;
 import google.registry.flows.EppException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotInPromotionException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForCommandException;
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForRegistrarException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.AllocationTokenNotValidForTldException;
-import google.registry.flows.domain.token.AllocationTokenFlowUtils.InvalidAllocationTokenException;
-import google.registry.model.domain.Domain;
-import google.registry.model.domain.DomainCommand;
+import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
 import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.AllocationToken.TokenStatus;
@@ -52,7 +46,7 @@ import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
 import google.registry.model.tld.Tld;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
-import google.registry.testing.DatabaseHelper;
+import google.registry.testing.FakeClock;
 import java.util.Optional;
 import org.joda.time.DateTime;
 import org.junit.jupiter.api.BeforeEach;
@@ -62,319 +56,322 @@ import org.junit.jupiter.api.extension.RegisterExtension;
 /** Unit tests for {@link AllocationTokenFlowUtils}. */
 class AllocationTokenFlowUtilsTest {
 
-  private final AllocationTokenFlowUtils flowUtils = new AllocationTokenFlowUtils();
+  private final FakeClock clock = new FakeClock(DateTime.parse("2025-01-10T01:00:00.000Z"));
 
   @RegisterExtension
   final JpaIntegrationTestExtension jpa =
-      new JpaTestExtensions.Builder().buildIntegrationTestExtension();
+      new JpaTestExtensions.Builder().withClock(clock).buildIntegrationTestExtension();
 
   private final AllocationTokenExtension allocationTokenExtension =
       mock(AllocationTokenExtension.class);
 
+  private Tld tld;
+
   @BeforeEach
   void beforeEach() {
-    createTld("tld");
+    tld = createTld("tld");
   }
 
   @Test
-  void test_validateToken_successfullyVerifiesValidTokenOnCreate() throws Exception {
+  void testSuccess_redeemsToken() {
+    HistoryEntryId historyEntryId = new HistoryEntryId("repoId", 10L);
+    assertThat(
+            AllocationTokenFlowUtils.redeemToken(singleUseTokenBuilder().build(), historyEntryId)
+                .getRedemptionHistoryId())
+        .hasValue(historyEntryId);
+  }
+
+  @Test
+  void testInvalidForPremiumName_validForPremium() {
+    AllocationToken token = singleUseTokenBuilder().setDiscountPremiums(true).build();
+    assertThat(AllocationTokenFlowUtils.discountTokenInvalidForPremiumName(token, true)).isFalse();
+  }
+
+  @Test
+  void testInvalidForPremiumName_notPremium() {
+    assertThat(
+            AllocationTokenFlowUtils.discountTokenInvalidForPremiumName(
+                singleUseTokenBuilder().build(), false))
+        .isFalse();
+  }
+
+  @Test
+  void testInvalidForPremiumName_invalidForPremium() {
+    assertThat(
+            AllocationTokenFlowUtils.discountTokenInvalidForPremiumName(
+                singleUseTokenBuilder().build(), true))
+        .isTrue();
+  }
+
+  @Test
+  void testSuccess_loadFromExtension() throws Exception {
     AllocationToken token =
         persistResource(
             new AllocationToken.Builder()
                 .setToken("tokeN")
-                .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE, CommandName.RESTORE))
+                .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE))
                 .setTokenType(SINGLE_USE)
                 .build());
     when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
     assertThat(
-            flowUtils
-                .verifyAllocationTokenCreateIfPresent(
-                    createCommand("blah.tld"),
-                    Tld.get("tld"),
-                    "TheRegistrar",
-                    DateTime.now(UTC),
-                    Optional.of(allocationTokenExtension))
-                .get())
-        .isEqualTo(token);
+            AllocationTokenFlowUtils.loadAllocationTokenFromExtension(
+                "TheRegistrar",
+                "example.tld",
+                clock.nowUtc(),
+                Optional.of(allocationTokenExtension)))
+        .hasValue(token);
   }
 
   @Test
-  void test_validateToken_successfullyVerifiesValidTokenExistingDomain() throws Exception {
+  void testSuccess_loadOrDefault_fromExtensionEvenWhenDefaultPresent() throws Exception {
+    persistDefaultToken();
     AllocationToken token =
         persistResource(
             new AllocationToken.Builder()
                 .setToken("tokeN")
-                .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE, CommandName.RENEW))
+                .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE))
                 .setTokenType(SINGLE_USE)
                 .build());
     when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
     assertThat(
-            flowUtils
-                .verifyAllocationTokenIfPresent(
-                    DatabaseHelper.newDomain("blah.tld"),
-                    Tld.get("tld"),
-                    "TheRegistrar",
-                    DateTime.now(UTC),
-                    CommandName.RENEW,
-                    Optional.of(allocationTokenExtension))
-                .get())
-        .isEqualTo(token);
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.of(allocationTokenExtension),
+                tld,
+                "example.tld",
+                CommandName.CREATE))
+        .hasValue(token);
   }
 
-  void test_validateToken_emptyAllowedEppActions_successfullyVerifiesValidTokenExistingDomain()
-      throws Exception {
-    AllocationToken token =
-        persistResource(
-            new AllocationToken.Builder().setToken("tokeN").setTokenType(SINGLE_USE).build());
-    when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
+  @Test
+  void testSuccess_loadOrDefault_defaultWhenNonePresent() throws Exception {
+    AllocationToken defaultToken = persistDefaultToken();
     assertThat(
-            flowUtils
-                .verifyAllocationTokenIfPresent(
-                    DatabaseHelper.newDomain("blah.tld"),
-                    Tld.get("tld"),
-                    "TheRegistrar",
-                    DateTime.now(UTC),
-                    CommandName.RENEW,
-                    Optional.of(allocationTokenExtension))
-                .get())
-        .isEqualTo(token);
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.empty(),
+                tld,
+                "example.tld",
+                CommandName.CREATE))
+        .hasValue(defaultToken);
   }
 
   @Test
-  void test_validateTokenCreate_failsOnNonexistentToken() {
-    assertValidateCreateThrowsEppException(InvalidAllocationTokenException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_failsOnNonexistentToken() {
-    assertValidateExistingDomainThrowsEppException(InvalidAllocationTokenException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_failsOnNullToken() {
-    assertAboutEppExceptions()
-        .that(
-            assertThrows(
-                InvalidAllocationTokenException.class,
-                () ->
-                    flowUtils.verifyAllocationTokenCreateIfPresent(
-                        createCommand("blah.tld"),
-                        Tld.get("tld"),
-                        "TheRegistrar",
-                        DateTime.now(UTC),
-                        Optional.of(allocationTokenExtension))))
-        .marshalsToXml();
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_failsOnNullToken() {
-    assertAboutEppExceptions()
-        .that(
-            assertThrows(
-                InvalidAllocationTokenException.class,
-                () ->
-                    flowUtils.verifyAllocationTokenIfPresent(
-                        DatabaseHelper.newDomain("blah.tld"),
-                        Tld.get("tld"),
-                        "TheRegistrar",
-                        DateTime.now(UTC),
-                        CommandName.RENEW,
-                        Optional.of(allocationTokenExtension))))
-        .marshalsToXml();
-  }
-
-  @Test
-  void test_validateTokenCreate_invalidForClientId() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedRegistrarIds(ImmutableSet.of("NewRegistrar"))
-            .build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotValidForRegistrarException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_invalidForClientId() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedRegistrarIds(ImmutableSet.of("NewRegistrar"))
-            .build());
-    assertValidateExistingDomainThrowsEppException(
-        AllocationTokenNotValidForRegistrarException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_invalidForTld() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedTlds(ImmutableSet.of("nottld"))
-            .build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotValidForTldException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_invalidForTld() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedTlds(ImmutableSet.of("nottld"))
-            .build());
-    assertValidateExistingDomainThrowsEppException(AllocationTokenNotValidForTldException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_beforePromoStart() {
-    persistResource(createOneMonthPromoTokenBuilder(DateTime.now(UTC).plusDays(1)).build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_beforePromoStart() {
-    persistResource(createOneMonthPromoTokenBuilder(DateTime.now(UTC).plusDays(1)).build());
-    assertValidateExistingDomainThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_afterPromoEnd() {
-    persistResource(createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusMonths(2)).build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_afterPromoEnd() {
-    persistResource(createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusMonths(2)).build());
-    assertValidateExistingDomainThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_promoCancelled() {
-    // the promo would be valid, but it was cancelled 12 hours ago
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, NOT_STARTED)
-                    .put(DateTime.now(UTC).minusMonths(1), VALID)
-                    .put(DateTime.now(UTC).minusHours(12), CANCELLED)
-                    .build())
-            .build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_promoCancelled() {
-    // the promo would be valid, but it was cancelled 12 hours ago
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setTokenStatusTransitions(
-                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
-                    .put(START_OF_TIME, NOT_STARTED)
-                    .put(DateTime.now(UTC).minusMonths(1), VALID)
-                    .put(DateTime.now(UTC).minusHours(12), CANCELLED)
-                    .build())
-            .build());
-    assertValidateExistingDomainThrowsEppException(AllocationTokenNotInPromotionException.class);
-  }
-
-  @Test
-  void test_validateTokenCreate_invalidCommand() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedEppActions(ImmutableSet.of(CommandName.RENEW))
-            .build());
-    assertValidateCreateThrowsEppException(AllocationTokenNotValidForCommandException.class);
-  }
-
-  @Test
-  void test_validateTokenExistingDomain_invalidCommand() {
-    persistResource(
-        createOneMonthPromoTokenBuilder(DateTime.now(UTC).minusDays(1))
-            .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE))
-            .build());
-    assertValidateExistingDomainThrowsEppException(
-        AllocationTokenNotValidForCommandException.class);
-  }
-
-  @Test
-  void test_checkDomainsWithToken_successfullyVerifiesValidToken() {
-    persistResource(
-        new AllocationToken.Builder().setToken("tokeN").setTokenType(SINGLE_USE).build());
-    assertThat(
-            flowUtils
-                .checkDomainsWithToken(
-                    ImmutableList.of(
-                        InternetDomainName.from("blah.tld"), InternetDomainName.from("blah2.tld")),
-                    "tokeN",
-                    "TheRegistrar",
-                    DateTime.now(UTC))
-                .domainCheckResults())
-        .containsExactlyEntriesIn(
-            ImmutableMap.of(
-                InternetDomainName.from("blah.tld"), "", InternetDomainName.from("blah2.tld"), ""))
-        .inOrder();
-  }
-
-  @Test
-  void test_checkDomainsWithToken_showsFailureMessageForRedeemedToken() {
-    Domain domain = persistActiveDomain("example.tld");
-    HistoryEntryId historyEntryId = new HistoryEntryId(domain.getRepoId(), 1051L);
+  void testSuccess_loadOrDefault_defaultWhenTokenIsPresentButNotApplicable() throws Exception {
+    AllocationToken defaultToken = persistDefaultToken();
     persistResource(
         new AllocationToken.Builder()
             .setToken("tokeN")
+            .setAllowedEppActions(ImmutableSet.of(CommandName.CREATE))
             .setTokenType(SINGLE_USE)
-            .setRedemptionHistoryId(historyEntryId)
+            .setAllowedTlds(ImmutableSet.of("othertld"))
             .build());
+    when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
     assertThat(
-            flowUtils
-                .checkDomainsWithToken(
-                    ImmutableList.of(
-                        InternetDomainName.from("blah.tld"), InternetDomainName.from("blah2.tld")),
-                    "tokeN",
-                    "TheRegistrar",
-                    DateTime.now(UTC))
-                .domainCheckResults())
-        .containsExactlyEntriesIn(
-            ImmutableMap.of(
-                InternetDomainName.from("blah.tld"),
-                "Alloc token was already redeemed",
-                InternetDomainName.from("blah2.tld"),
-                "Alloc token was already redeemed"))
-        .inOrder();
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.of(allocationTokenExtension),
+                tld,
+                "example.tld",
+                CommandName.CREATE))
+        .hasValue(defaultToken);
   }
 
-  private void assertValidateCreateThrowsEppException(Class<? extends EppException> clazz) {
+  @Test
+  void testValidAgainstDomain_validAllReasons() {
+    AllocationToken token = singleUseTokenBuilder().setDiscountPremiums(true).build();
+    assertThat(
+            AllocationTokenFlowUtils.tokenIsValidAgainstDomain(
+                InternetDomainName.from("rich.tld"), token, CommandName.CREATE, clock.nowUtc()))
+        .isTrue();
+  }
+
+  @Test
+  void testValidAgainstDomain_invalidPremium() {
+    AllocationToken token = singleUseTokenBuilder().build();
+    assertThat(
+            AllocationTokenFlowUtils.tokenIsValidAgainstDomain(
+                InternetDomainName.from("rich.tld"), token, CommandName.CREATE, clock.nowUtc()))
+        .isFalse();
+  }
+
+  @Test
+  void testValidAgainstDomain_invalidAction() {
+    AllocationToken token =
+        singleUseTokenBuilder().setAllowedEppActions(ImmutableSet.of(CommandName.RESTORE)).build();
+    assertThat(
+            AllocationTokenFlowUtils.tokenIsValidAgainstDomain(
+                InternetDomainName.from("domain.tld"), token, CommandName.CREATE, clock.nowUtc()))
+        .isFalse();
+  }
+
+  @Test
+  void testValidAgainstDomain_invalidTld() {
+    createTld("othertld");
+    AllocationToken token = singleUseTokenBuilder().build();
+    assertThat(
+            AllocationTokenFlowUtils.tokenIsValidAgainstDomain(
+                InternetDomainName.from("domain.othertld"),
+                token,
+                CommandName.CREATE,
+                clock.nowUtc()))
+        .isFalse();
+  }
+
+  @Test
+  void testValidAgainstDomain_invalidDomain() {
+    AllocationToken token = singleUseTokenBuilder().setDomainName("anchor.tld").build();
+    assertThat(
+            AllocationTokenFlowUtils.tokenIsValidAgainstDomain(
+                InternetDomainName.from("domain.tld"), token, CommandName.CREATE, clock.nowUtc()))
+        .isFalse();
+  }
+
+  @Test
+  void testFailure_redeemToken_nonSingleUse() {
+    assertThrows(
+        IllegalArgumentException.class,
+        () ->
+            AllocationTokenFlowUtils.redeemToken(
+                createOneMonthPromoTokenBuilder(clock.nowUtc()).build(),
+                new HistoryEntryId("repoId", 10L)));
+  }
+
+  @Test
+  void testFailure_loadFromExtension_nonexistentToken() {
+    assertLoadTokenFromExtensionThrowsException(NonexistentAllocationTokenException.class);
+  }
+
+  @Test
+  void testFailure_loadFromExtension_nullToken() {
+    when(allocationTokenExtension.getAllocationToken()).thenReturn(null);
+    assertLoadTokenFromExtensionThrowsException(NonexistentAllocationTokenException.class);
+  }
+
+  @Test
+  void testFailure_tokenInvalidForRegistrar() {
+    persistResource(
+        createOneMonthPromoTokenBuilder(clock.nowUtc().minusDays(1))
+            .setAllowedRegistrarIds(ImmutableSet.of("NewRegistrar"))
+            .build());
+    assertLoadTokenFromExtensionThrowsException(AllocationTokenNotValidForRegistrarException.class);
+  }
+
+  @Test
+  void testFailure_beforePromoStart() {
+    persistResource(createOneMonthPromoTokenBuilder(clock.nowUtc().plusDays(1)).build());
+    assertLoadTokenFromExtensionThrowsException(AllocationTokenNotInPromotionException.class);
+  }
+
+  @Test
+  void testFailure_afterPromoEnd() {
+    persistResource(createOneMonthPromoTokenBuilder(clock.nowUtc().minusMonths(2)).build());
+    assertLoadTokenFromExtensionThrowsException(AllocationTokenNotInPromotionException.class);
+  }
+
+  @Test
+  void testFailure_promoCancelled() {
+    // the promo would be valid, but it was cancelled 12 hours ago
+    persistResource(
+        createOneMonthPromoTokenBuilder(clock.nowUtc().minusDays(1))
+            .setTokenStatusTransitions(
+                ImmutableSortedMap.<DateTime, TokenStatus>naturalOrder()
+                    .put(START_OF_TIME, NOT_STARTED)
+                    .put(clock.nowUtc().minusMonths(1), VALID)
+                    .put(clock.nowUtc().minusHours(12), CANCELLED)
+                    .build())
+            .build());
+    assertLoadTokenFromExtensionThrowsException(AllocationTokenNotInPromotionException.class);
+  }
+
+  @Test
+  void testFailure_loadOrDefault_badTokenProvided() throws Exception {
+    when(allocationTokenExtension.getAllocationToken()).thenReturn("asdf");
+    assertThrows(
+        NonexistentAllocationTokenException.class,
+        () ->
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.of(allocationTokenExtension),
+                tld,
+                "example.tld",
+                CommandName.CREATE));
+  }
+
+  @Test
+  void testFailure_loadOrDefault_noValidTokens() throws Exception {
+    assertThat(
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.empty(),
+                tld,
+                "example.tld",
+                CommandName.CREATE))
+        .isEmpty();
+  }
+
+  @Test
+  void testFailure_loadOrDefault_badDomainName() throws Exception {
+    // Tokens tied to a domain should throw a catastrophic exception if used for a different domain
+    persistResource(singleUseTokenBuilder().setDomainName("someotherdomain.tld").build());
+    when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
+    assertThrows(
+        AllocationTokenFlowUtils.AllocationTokenNotValidForDomainException.class,
+        () ->
+            AllocationTokenFlowUtils.loadTokenFromExtensionOrGetDefault(
+                "TheRegistrar",
+                clock.nowUtc(),
+                Optional.of(allocationTokenExtension),
+                tld,
+                "example.tld",
+                CommandName.CREATE));
+  }
+
+  private AllocationToken persistDefaultToken() {
+    AllocationToken defaultToken =
+        persistResource(
+            new AllocationToken.Builder()
+                .setToken("defaultToken")
+                .setDiscountFraction(0.1)
+                .setAllowedTlds(ImmutableSet.of("tld"))
+                .setAllowedRegistrarIds(ImmutableSet.of("TheRegistrar"))
+                .setTokenType(DEFAULT_PROMO)
+                .build());
+    tld =
+        persistResource(
+            tld.asBuilder()
+                .setDefaultPromoTokens(ImmutableList.of(defaultToken.createVKey()))
+                .build());
+    return defaultToken;
+  }
+
+  private void assertLoadTokenFromExtensionThrowsException(Class<? extends EppException> clazz) {
     assertAboutEppExceptions()
         .that(
             assertThrows(
                 clazz,
                 () ->
-                    flowUtils.verifyAllocationTokenCreateIfPresent(
-                        createCommand("blah.tld"),
-                        Tld.get("tld"),
+                    AllocationTokenFlowUtils.loadAllocationTokenFromExtension(
                         "TheRegistrar",
-                        DateTime.now(UTC),
+                        "example.tld",
+                        clock.nowUtc(),
                         Optional.of(allocationTokenExtension))))
         .marshalsToXml();
   }
 
-  private void assertValidateExistingDomainThrowsEppException(Class<? extends EppException> clazz) {
-    assertAboutEppExceptions()
-        .that(
-            assertThrows(
-                clazz,
-                () ->
-                    flowUtils.verifyAllocationTokenIfPresent(
-                        DatabaseHelper.newDomain("blah.tld"),
-                        Tld.get("tld"),
-                        "TheRegistrar",
-                        DateTime.now(UTC),
-                        CommandName.RENEW,
-                        Optional.of(allocationTokenExtension))))
-        .marshalsToXml();
-  }
-
-  private static DomainCommand.Create createCommand(String domainName) {
-    DomainCommand.Create command = mock(DomainCommand.Create.class);
-    when(command.getDomainName()).thenReturn(domainName);
-    return command;
+  private AllocationToken.Builder singleUseTokenBuilder() {
+    when(allocationTokenExtension.getAllocationToken()).thenReturn("tokeN");
+    return new AllocationToken.Builder()
+        .setTokenType(SINGLE_USE)
+        .setToken("tokeN")
+        .setAllowedTlds(ImmutableSet.of("tld"))
+        .setDiscountFraction(0.1)
+        .setAllowedRegistrarIds(ImmutableSet.of("TheRegistrar"));
   }
 
   private AllocationToken.Builder createOneMonthPromoTokenBuilder(DateTime promoStart) {

core/src/test/java/google/registry/flows/session/LoginFlowTestCase.java

@@ -36,7 +36,7 @@ import google.registry.flows.session.LoginFlow.TooManyFailedLoginsException;
 import google.registry.flows.session.LoginFlow.UnsupportedLanguageException;
 import google.registry.model.eppoutput.EppOutput;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.testing.DatabaseHelper;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;

core/src/test/java/google/registry/model/console/ConsoleEppActionHistoryTest.java

@@ -1,68 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static com.google.common.collect.Iterables.getOnlyElement;
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static google.registry.testing.DatabaseHelper.createTld;
-import static google.registry.testing.DatabaseHelper.persistActiveContact;
-import static google.registry.testing.DatabaseHelper.persistDomainWithDependentResources;
-
-import google.registry.model.EntityTestCase;
-import google.registry.model.domain.DomainHistory;
-import google.registry.testing.DatabaseHelper;
-import google.registry.util.DateTimeUtils;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-
-/** Tests for {@link ConsoleEppActionHistory}. */
-public class ConsoleEppActionHistoryTest extends EntityTestCase {
-
-  ConsoleEppActionHistoryTest() {
-    super(JpaEntityCoverageCheck.ENABLED);
-  }
-
-  @BeforeEach
-  void beforeEach() {
-    createTld("tld");
-    persistDomainWithDependentResources(
-        "example",
-        "tld",
-        persistActiveContact("contact1234"),
-        fakeClock.nowUtc(),
-        fakeClock.nowUtc(),
-        DateTimeUtils.END_OF_TIME);
-  }
-
-  @Test
-  void testPersistence() {
-    User user = DatabaseHelper.createAdminUser("email@email.com");
-    DomainHistory domainHistory = getOnlyElement(DatabaseHelper.loadAllOf(DomainHistory.class));
-    ConsoleEppActionHistory history =
-        new ConsoleEppActionHistory.Builder()
-            .setType(ConsoleUpdateHistory.Type.DOMAIN_DELETE)
-            .setActingUser(user)
-            .setModificationTime(fakeClock.nowUtc())
-            .setMethod("POST")
-            .setUrl("https://some/url/for/creating/a/domain")
-            .setHistoryEntryClass(DomainHistory.class)
-            .setHistoryEntryId(domainHistory.getHistoryEntryId())
-            .build();
-    tm().transact(() -> tm().put(history));
-    assertThat(getOnlyElement(DatabaseHelper.loadAllOf(ConsoleEppActionHistory.class)))
-        .isEqualTo(history);
-  }
-}

core/src/test/java/google/registry/model/console/ConsoleUpdateHistoryTest.java

@@ -27,8 +27,8 @@ import google.registry.util.DateTimeUtils;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
-public class SimpleConsoleUpdateHistoryTest extends EntityTestCase {
-  SimpleConsoleUpdateHistoryTest() {
+public class ConsoleUpdateHistoryTest extends EntityTestCase {
+  ConsoleUpdateHistoryTest() {
     super(JpaEntityCoverageCheck.ENABLED);
   }
 
@@ -47,8 +47,8 @@ public class SimpleConsoleUpdateHistoryTest extends EntityTestCase {
   @Test
   void testPersistence() {
     User user = persistResource(DatabaseHelper.createAdminUser("email@email.com"));
-    SimpleConsoleUpdateHistory history =
-        new SimpleConsoleUpdateHistory.Builder()
+    ConsoleUpdateHistory history =
+        new ConsoleUpdateHistory.Builder()
             .setType(ConsoleUpdateHistory.Type.DOMAIN_SUSPEND)
             .setActingUser(user)
             .setMethod("POST")

core/src/test/java/google/registry/model/console/RegistrarPocUpdateHistoryTest.java

@@ -1,61 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-
-import com.google.common.collect.Iterables;
-import google.registry.model.EntityTestCase;
-import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPoc.RegistrarPocId;
-import google.registry.persistence.VKey;
-import google.registry.testing.DatabaseHelper;
-import org.junit.jupiter.api.Test;
-
-/** Tests for {@link RegistrarPocUpdateHistory}. */
-public class RegistrarPocUpdateHistoryTest extends EntityTestCase {
-
-  RegistrarPocUpdateHistoryTest() {
-    super(JpaEntityCoverageCheck.ENABLED);
-  }
-
-  @Test
-  void testPersistence() {
-    User user = DatabaseHelper.createAdminUser("email@email.com");
-    RegistrarPoc registrarPoc =
-        DatabaseHelper.loadByKey(
-            VKey.create(
-                RegistrarPoc.class,
-                new RegistrarPocId("johndoe@theregistrar.com", "TheRegistrar")));
-    RegistrarPocUpdateHistory history =
-        new RegistrarPocUpdateHistory.Builder()
-            .setRegistrarPoc(registrarPoc)
-            .setActingUser(user)
-            .setModificationTime(fakeClock.nowUtc())
-            .setType(ConsoleUpdateHistory.Type.USER_UPDATE)
-            .setMethod("POST")
-            .setUrl("someUrl")
-            .build();
-    tm().transact(() -> tm().put(history));
-
-    // Change the POC and make sure the history stays the same
-    tm().transact(() -> tm().put(registrarPoc.asBuilder().setName("Some Othername").build()));
-
-    RegistrarPocUpdateHistory fromDb =
-        Iterables.getOnlyElement(DatabaseHelper.loadAllOf(RegistrarPocUpdateHistory.class));
-    assertThat(fromDb.getRegistrarPoc().getName()).isEqualTo("John Doe");
-  }
-}

core/src/test/java/google/registry/model/console/RegistrarUpdateHistoryTest.java

@@ -1,55 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-
-import com.google.common.collect.Iterables;
-import google.registry.model.EntityTestCase;
-import google.registry.model.registrar.Registrar;
-import google.registry.testing.DatabaseHelper;
-import org.junit.jupiter.api.Test;
-
-/** Tests for {@link RegistrarUpdateHistory}. */
-public class RegistrarUpdateHistoryTest extends EntityTestCase {
-
-  RegistrarUpdateHistoryTest() {
-    super(JpaEntityCoverageCheck.ENABLED);
-  }
-
-  @Test
-  void testPersistence() {
-    User user = DatabaseHelper.createAdminUser("email@email.com");
-    Registrar theRegistrar = DatabaseHelper.loadRegistrar("TheRegistrar");
-    RegistrarUpdateHistory history =
-        new RegistrarUpdateHistory.Builder()
-            .setRegistrar(theRegistrar)
-            .setActingUser(user)
-            .setModificationTime(fakeClock.nowUtc())
-            .setType(ConsoleUpdateHistory.Type.USER_UPDATE)
-            .setMethod("POST")
-            .setUrl("someUrl")
-            .build();
-    tm().transact(() -> tm().put(history));
-
-    // Change the registrar and make sure the history stays the same
-    tm().transact(() -> tm().put(theRegistrar.asBuilder().setUrl("https://other.url").build()));
-
-    RegistrarUpdateHistory fromDb =
-        Iterables.getOnlyElement(DatabaseHelper.loadAllOf(RegistrarUpdateHistory.class));
-    assertThat(fromDb.getRegistrar().getUrl()).isEqualTo("http://my.fake.url");
-  }
-}

core/src/test/java/google/registry/model/console/UserUpdateHistoryTest.java

@@ -1,65 +0,0 @@
-// Copyright 2024 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.console;
-
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static google.registry.testing.DatabaseHelper.loadAllOf;
-
-import com.google.common.collect.Iterables;
-import google.registry.model.EntityTestCase;
-import google.registry.testing.DatabaseHelper;
-import org.junit.jupiter.api.Test;
-
-/** Tests for {@link UserUpdateHistory}. */
-public class UserUpdateHistoryTest extends EntityTestCase {
-
-  UserUpdateHistoryTest() {
-    super(JpaEntityCoverageCheck.ENABLED);
-  }
-
-  @Test
-  void testPersistence() {
-    User user = DatabaseHelper.createAdminUser("email@email.com");
-    User otherUser = DatabaseHelper.createAdminUser("otherEmail@email.com");
-    UserUpdateHistory history =
-        new UserUpdateHistory.Builder()
-            .setUser(otherUser)
-            .setActingUser(user)
-            .setModificationTime(fakeClock.nowUtc())
-            .setType(ConsoleUpdateHistory.Type.USER_UPDATE)
-            .setMethod("POST")
-            .setUrl("someUrl")
-            .build();
-    tm().transact(() -> tm().put(history));
-
-    // Change the acted-upon user and make sure that nothing changed in the history DB
-    tm().transact(
-            () ->
-                tm().put(
-                        otherUser
-                            .asBuilder()
-                            .setUserRoles(
-                                otherUser
-                                    .getUserRoles()
-                                    .asBuilder()
-                                    .setGlobalRole(GlobalRole.SUPPORT_LEAD)
-                                    .build())
-                            .build()));
-
-    UserUpdateHistory fromDb = Iterables.getOnlyElement(loadAllOf(UserUpdateHistory.class));
-    assertThat(fromDb.getUser().getUserRoles().getGlobalRole()).isEqualTo(GlobalRole.FTE);
-  }
-}

core/src/test/java/google/registry/model/registrar/RegistrarTest.java

@@ -39,8 +39,8 @@ import com.google.common.collect.ImmutableSortedMap;
 import com.google.common.collect.ImmutableSortedSet;
 import google.registry.config.RegistryConfig;
 import google.registry.model.EntityTestCase;
-import google.registry.model.registrar.RegistrarBase.State;
-import google.registry.model.registrar.RegistrarBase.Type;
+import google.registry.model.registrar.Registrar.State;
+import google.registry.model.registrar.Registrar.Type;
 import google.registry.model.tld.Tld;
 import google.registry.model.tld.Tld.TldType;
 import google.registry.model.tld.Tlds;
@@ -129,7 +129,7 @@ class RegistrarTest extends EntityTestCase {
             .setVisibleInWhoisAsTech(false)
             .setPhoneNumber("+1.2125551213")
             .setFaxNumber("+1.2125551213")
-            .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ABUSE, RegistrarPocBase.Type.ADMIN))
+            .setTypes(ImmutableSet.of(RegistrarPoc.Type.ABUSE, RegistrarPoc.Type.ADMIN))
             .build();
     persistSimpleResources(
         ImmutableList.of(
@@ -140,8 +140,7 @@ class RegistrarTest extends EntityTestCase {
                 .setEmailAddress("johndoe@example.com")
                 .setPhoneNumber("+1.2125551213")
                 .setFaxNumber("+1.2125551213")
-                .setTypes(
-                    ImmutableSet.of(RegistrarPocBase.Type.LEGAL, RegistrarPocBase.Type.MARKETING))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.LEGAL, RegistrarPoc.Type.MARKETING))
                 .build()));
   }
 
@@ -327,7 +326,7 @@ class RegistrarTest extends EntityTestCase {
                 .setVisibleInWhoisAsTech(true)
                 .setPhoneNumber("+1.2125551213")
                 .setFaxNumber("+1.2125551213")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
                 .build());
     RegistrarPoc newTechAbuseContact =
         persistSimpleResource(
@@ -339,13 +338,13 @@ class RegistrarTest extends EntityTestCase {
                 .setVisibleInWhoisAsTech(true)
                 .setPhoneNumber("+1.2125551213")
                 .setFaxNumber("+1.2125551213")
-                .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH, RegistrarPocBase.Type.ABUSE))
+                .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH, RegistrarPoc.Type.ABUSE))
                 .build());
     ImmutableSortedSet<RegistrarPoc> techContacts =
-        registrar.getContactsOfType(RegistrarPocBase.Type.TECH);
+        registrar.getContactsOfType(RegistrarPoc.Type.TECH);
     assertThat(techContacts).containsExactly(newTechContact, newTechAbuseContact).inOrder();
     ImmutableSortedSet<RegistrarPoc> abuseContacts =
-        registrar.getContactsOfType(RegistrarPocBase.Type.ABUSE);
+        registrar.getContactsOfType(RegistrarPoc.Type.ABUSE);
     assertThat(abuseContacts).containsExactly(newTechAbuseContact, abuseAdminContact).inOrder();
   }
 
@@ -497,6 +496,28 @@ class RegistrarTest extends EntityTestCase {
         .isEqualTo(fakeClock.nowUtc());
   }
 
+  @Test
+  void testSuccess_setLastPocVerificationDate() {
+    assertThat(
+            registrar
+                .asBuilder()
+                .setLastPocVerificationDate(fakeClock.nowUtc())
+                .build()
+                .getLastPocVerificationDate())
+        .isEqualTo(fakeClock.nowUtc());
+  }
+
+  @Test
+  void testFailure_setLastPocVerificationDate_nullDate() {
+    IllegalArgumentException thrown =
+        assertThrows(
+            IllegalArgumentException.class,
+            () -> new Registrar.Builder().setLastPocVerificationDate(null).build());
+    assertThat(thrown)
+        .hasMessageThat()
+        .isEqualTo("Registrar lastPocVerificationDate cannot be null");
+  }
+
   @Test
   void testFailure_setLastExpiringFailoverCertNotificationSentDate_nullDate() {
     IllegalArgumentException thrown =

core/src/test/java/google/registry/module/frontend/FrontendTestComponent.java

@@ -0,0 +1,60 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.module.frontend;
+
+import dagger.Component;
+import google.registry.config.CloudTasksUtilsModule;
+import google.registry.config.CredentialModule;
+import google.registry.config.RegistryConfig;
+import google.registry.flows.ServerTridProviderModule;
+import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.groups.GmailModule;
+import google.registry.groups.GroupsModule;
+import google.registry.groups.GroupssettingsModule;
+import google.registry.keyring.KeyringModule;
+import google.registry.keyring.api.KeyModule;
+import google.registry.monitoring.whitebox.StackdriverModule;
+import google.registry.privileges.secretmanager.SecretManagerModule;
+import google.registry.request.Modules;
+import google.registry.request.auth.AuthModule;
+import google.registry.ui.ConsoleDebug;
+import google.registry.util.UtilsModule;
+import jakarta.inject.Singleton;
+
+@Singleton
+@Component(
+    modules = {
+      AuthModule.class,
+      CloudTasksUtilsModule.class,
+      RegistryConfig.ConfigModule.class,
+      ConsoleDebug.ConsoleConfigModule.class,
+      CredentialModule.class,
+      CustomLogicFactoryModule.class,
+      CloudTasksUtilsModule.class,
+      FrontendRequestComponent.FrontendRequestComponentModule.class,
+      GmailModule.class,
+      GroupsModule.class,
+      GroupssettingsModule.class,
+      MockDirectoryModule.class,
+      Modules.GsonModule.class,
+      KeyModule.class,
+      KeyringModule.class,
+      Modules.NetHttpTransportModule.class,
+      SecretManagerModule.class,
+      ServerTridProviderModule.class,
+      StackdriverModule.class,
+      UtilsModule.class
+    })
+interface FrontendTestComponent extends FrontendComponent {}

core/src/test/java/google/registry/module/frontend/FrontendTestServlet.java

@@ -0,0 +1,30 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.module.frontend;
+
+import com.google.monitoring.metrics.MetricReporter;
+import dagger.Lazy;
+import google.registry.module.ServletBase;
+
+public class FrontendTestServlet extends ServletBase {
+
+  private static final FrontendTestComponent component = DaggerFrontendTestComponent.create();
+  private static final FrontendRequestHandler requestHandler = component.requestHandler();
+  private static final Lazy<MetricReporter> metricReporter = component.metricReporter();
+
+  public FrontendTestServlet() {
+    super(requestHandler, metricReporter);
+  }
+}

core/src/test/java/google/registry/module/frontend/MockDirectoryModule.java

@@ -0,0 +1,45 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.module.frontend;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import com.google.api.services.directory.Directory;
+import com.google.api.services.directory.model.User;
+import dagger.Module;
+import dagger.Provides;
+import java.io.IOException;
+
+@Module
+public class MockDirectoryModule {
+  @Provides
+  static Directory provideDirectory() {
+    Directory directory = mock(Directory.class);
+    Directory.Users users = mock(Directory.Users.class);
+    Directory.Users.Insert insert = mock(Directory.Users.Insert.class);
+    Directory.Users.Delete delete = mock(Directory.Users.Delete.class);
+    when(directory.users()).thenReturn(users);
+    try {
+      when(users.insert(any(User.class))).thenReturn(insert);
+      when(users.delete(anyString())).thenReturn(delete);
+    } catch (IOException e) {
+      throw new RuntimeException(e);
+    }
+    return directory;
+  }
+}

core/src/test/java/google/registry/persistence/converter/StringValueEnumeratedTest.java

@@ -19,7 +19,7 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
 import static google.registry.testing.DatabaseHelper.insertInDb;
 
 import google.registry.model.ImmutableObject;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaUnitTestExtension;
 import jakarta.persistence.Entity;

core/src/test/java/google/registry/persistence/transaction/JpaTransactionManagerExtension.java

@@ -30,10 +30,9 @@ import com.google.common.collect.Maps;
 import com.google.common.collect.Streams;
 import com.google.common.io.Resources;
 import google.registry.model.registrar.Registrar;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.registrar.RegistrarAddress;
-import google.registry.model.registrar.RegistrarBase.State;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.persistence.HibernateSchemaExporter;
 import google.registry.persistence.NomulusPostgreSql;
 import google.registry.persistence.PersistenceModule;
@@ -410,7 +409,7 @@ public abstract class JpaTransactionManagerExtension
         .setVisibleInWhoisAsTech(false)
         .setEmailAddress("janedoe@theregistrar.com")
         .setPhoneNumber("+1.1234567890")
-        .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+        .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
         .build();
   }
 
@@ -424,7 +423,7 @@ public abstract class JpaTransactionManagerExtension
         .setName("John Doe")
         .setEmailAddress("johndoe@theregistrar.com")
         .setPhoneNumber("+1.1234567890")
-        .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+        .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
         .build();
   }
 
@@ -435,7 +434,7 @@ public abstract class JpaTransactionManagerExtension
         .setEmailAddress("Marla.Singer@crr.com")
         .setRegistryLockEmailAddress("Marla.Singer.RegistryLock@crr.com")
         .setPhoneNumber("+1.2128675309")
-        .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH))
+        .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH))
         .setAllowedToSetRegistryLockPassword(true)
         .setRegistryLockPassword("hi")
         .build();

core/src/test/java/google/registry/rdap/RdapJsonFormatterTest.java

@@ -39,7 +39,6 @@ import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.host.Host;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
-import google.registry.model.registrar.RegistrarPocBase;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.transfer.DomainTransferData;
 import google.registry.model.transfer.TransferStatus;
@@ -261,7 +260,7 @@ class RdapJsonFormatterTest {
             .setEmailAddress("babydoe@example.com")
             .setPhoneNumber("+1.2125551217")
             .setFaxNumber("+1.2125551218")
-            .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+            .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
             .setVisibleInWhoisAsAdmin(false)
             .setVisibleInWhoisAsTech(false)
             .build(),
@@ -270,7 +269,7 @@ class RdapJsonFormatterTest {
             .setName("John Doe")
             .setEmailAddress("johndoe@example.com")
             .setFaxNumber("+1.2125551213")
-            .setTypes(ImmutableSet.of(RegistrarPocBase.Type.ADMIN))
+            .setTypes(ImmutableSet.of(RegistrarPoc.Type.ADMIN))
             .setVisibleInWhoisAsAdmin(false)
             .setVisibleInWhoisAsTech(true)
             .build(),
@@ -279,7 +278,7 @@ class RdapJsonFormatterTest {
             .setName("Jane Doe")
             .setEmailAddress("janedoe@example.com")
             .setPhoneNumber("+1.2125551215")
-            .setTypes(ImmutableSet.of(RegistrarPocBase.Type.TECH, RegistrarPocBase.Type.ADMIN))
+            .setTypes(ImmutableSet.of(RegistrarPoc.Type.TECH, RegistrarPoc.Type.ADMIN))
             .setVisibleInWhoisAsAdmin(true)
             .setVisibleInWhoisAsTech(false)
             .build(),
@@ -289,7 +288,7 @@ class RdapJsonFormatterTest {
             .setEmailAddress("playdoe@example.com")
             .setPhoneNumber("+1.2125551217")
             .setFaxNumber("+1.2125551218")
-            .setTypes(ImmutableSet.of(RegistrarPocBase.Type.BILLING))
+            .setTypes(ImmutableSet.of(RegistrarPoc.Type.BILLING))
             .setVisibleInWhoisAsAdmin(true)
             .setVisibleInWhoisAsTech(true)
             .build());

core/src/test/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsActionTest.java

@@ -30,7 +30,6 @@ import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
-import google.registry.model.registrar.RegistrarBase;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.request.HttpException.InternalServerErrorException;
@@ -50,22 +49,22 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   // This reply simulates part of the actual IANA CSV reply
   private static final String CSV_REPLY =
       """
-          "ID",Registrar Name,Status,RDAP Base URL
-          1,Reserved,Reserved,
-          81,Gandi SAS,Accredited,https://rdap.gandi.net/
-          100,Whois Corp.,Accredited,https://www.yesnic.com/rdap/
-          134,BB-Online UK Limited,Accredited,https://rdap.bb-online.com/
-          1316,"Xiamen 35.Com Technology Co., Ltd.",Accredited,https://rdap.35.com/rdap/
-          1448,Blacknight Internet Solutions Ltd.,Accredited,https://rdap.blacknight.com/
-          1463,"Global Domains International, Inc. DBA DomainCostClub.com",Accredited,\
-          https://rdap.domaincostclub.com/
-          1556,"Chengdu West Dimension Digital Technology Co., Ltd.",Accredited,\
-          https://rdap.west.cn/rdap/
-          2288,Metaregistrar BV,Accredited,https://rdap.metaregistrar.com/
-          4000,Gname 031 Inc,Accredited,
-          9999,Reserved for non-billable transactions where Registry Operator acts as\
-           Registrar,Reserved,
-          """;
+      "ID",Registrar Name,Status,RDAP Base URL
+      1,Reserved,Reserved,
+      81,Gandi SAS,Accredited,https://rdap.gandi.net/
+      100,Whois Corp.,Accredited,https://www.yesnic.com/rdap/
+      134,BB-Online UK Limited,Accredited,https://rdap.bb-online.com/
+      1316,"Xiamen 35.Com Technology Co., Ltd.",Accredited,https://rdap.35.com/rdap/
+      1448,Blacknight Internet Solutions Ltd.,Accredited,https://rdap.blacknight.com/
+      1463,"Global Domains International, Inc. DBA DomainCostClub.com",Accredited,\
+      https://rdap.domaincostclub.com/
+      1556,"Chengdu West Dimension Digital Technology Co., Ltd.",Accredited,\
+      https://rdap.west.cn/rdap/
+      2288,Metaregistrar BV,Accredited,https://rdap.metaregistrar.com/
+      4000,Gname 031 Inc,Accredited,
+      9999,Reserved for non-billable transactions where Registry Operator acts as\
+       Registrar,Reserved,
+      """;
 
   @RegisterExtension
   public JpaIntegrationTestExtension jpa =
@@ -94,7 +93,7 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   }
 
   private static void persistRegistrar(
-      String registrarId, Long ianaId, RegistrarBase.Type type, String... rdapBaseUrls) {
+      String registrarId, Long ianaId, Registrar.Type type, String... rdapBaseUrls) {
     persistSimpleResource(
         new Registrar.Builder()
             .setRegistrarId(registrarId)

core/src/test/java/google/registry/rde/RegistrarToXjcConverterTest.java

@@ -22,8 +22,8 @@ import static java.nio.charset.StandardCharsets.UTF_8;
 
 import com.google.common.collect.ImmutableList;
 import google.registry.model.registrar.Registrar;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.model.registrar.RegistrarAddress;
-import google.registry.model.registrar.RegistrarBase.State;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.testing.FakeClock;

core/src/test/java/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java

@@ -38,7 +38,7 @@ import google.registry.model.console.GlobalRole;
 import google.registry.model.console.User;
 import google.registry.model.console.UserRoles;
 import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarBase.State;
+import google.registry.model.registrar.Registrar.State;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.request.auth.AuthenticatedRegistrarAccessor.RegistrarAccessDeniedException;

core/src/test/java/google/registry/schema/integration/SqlIntegrationTestSuite.java

@@ -24,12 +24,8 @@ import google.registry.model.billing.BillingBaseTest;
 import google.registry.model.common.CursorTest;
 import google.registry.model.common.DnsRefreshRequestTest;
 import google.registry.model.common.FeatureFlagTest;
-import google.registry.model.console.ConsoleEppActionHistoryTest;
-import google.registry.model.console.RegistrarPocUpdateHistoryTest;
-import google.registry.model.console.RegistrarUpdateHistoryTest;
-import google.registry.model.console.SimpleConsoleUpdateHistoryTest;
+import google.registry.model.console.ConsoleUpdateHistoryTest;
 import google.registry.model.console.UserTest;
-import google.registry.model.console.UserUpdateHistoryTest;
 import google.registry.model.contact.ContactTest;
 import google.registry.model.domain.DomainSqlTest;
 import google.registry.model.domain.token.AllocationTokenTest;
@@ -98,7 +94,7 @@ import org.junit.runner.RunWith;
   BsaUnblockableDomainTest.class,
   BulkPricingPackageTest.class,
   ClaimsListDaoTest.class,
-  ConsoleEppActionHistoryTest.class,
+  ConsoleUpdateHistoryTest.class,
   ContactHistoryTest.class,
   ContactTest.class,
   CursorTest.class,
@@ -112,18 +108,14 @@ import org.junit.runner.RunWith;
   PremiumListDaoTest.class,
   RdeRevisionTest.class,
   RegistrarDaoTest.class,
-  RegistrarPocUpdateHistoryTest.class,
-  RegistrarUpdateHistoryTest.class,
   ReservedListDaoTest.class,
   RegistryLockDaoTest.class,
   ServerSecretTest.class,
-  SimpleConsoleUpdateHistoryTest.class,
   SignedMarkRevocationListDaoTest.class,
   Spec11ThreatMatchTest.class,
   TldTest.class,
   TmchCrlTest.class,
   UserTest.class,
-  UserUpdateHistoryTest.class,
   // AfterSuiteTest must be the last entry. See class javadoc for details.
   AfterSuiteTest.class
 })

core/src/test/java/google/registry/schema/registrar/RegistrarPocTest.java

@@ -15,7 +15,7 @@
 package google.registry.schema.registrar;
 
 import static com.google.common.truth.Truth.assertThat;
-import static google.registry.model.registrar.RegistrarPocBase.Type.WHOIS;
+import static google.registry.model.registrar.RegistrarPoc.Type.WHOIS;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.testing.DatabaseHelper.insertInDb;
 import static google.registry.testing.DatabaseHelper.loadByEntity;

core/src/test/java/google/registry/server/Fixture.java

@@ -26,8 +26,12 @@ import static google.registry.testing.DatabaseHelper.persistResource;
 import static org.joda.money.CurrencyUnit.USD;
 
 import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.OteStatsTestHelper;
+import google.registry.model.console.RegistrarRole;
+import google.registry.model.console.User;
+import google.registry.model.console.UserRoles;
 import google.registry.model.contact.Contact;
 import google.registry.model.contact.ContactAddress;
 import google.registry.model.contact.PostalInfo;
@@ -166,6 +170,30 @@ public enum Fixture {
               .asBuilder()
               .setAllowedTlds(ImmutableSet.of("example", "xn--q9jyb4c"))
               .build());
+
+      persistResource(
+          new User.Builder()
+              .setEmailAddress("primary@registry.example")
+              .setRegistryLockEmailAddress("primary@theregistrar.com")
+              .setUserRoles(
+                  new UserRoles.Builder()
+                      .setRegistrarRoles(
+                          ImmutableMap.of("TheRegistrar", RegistrarRole.PRIMARY_CONTACT))
+                      .build())
+              .setRegistryLockPassword("registryLockPassword")
+              .build());
+      persistResource(
+          new User.Builder()
+              .setEmailAddress("accountmanager@registry.example")
+              .setRegistryLockEmailAddress("accountmanager@theregistrar.com")
+              .setUserRoles(
+                  new UserRoles.Builder()
+                      .setRegistrarRoles(
+                          ImmutableMap.of(
+                              "TheRegistrar", RegistrarRole.ACCOUNT_MANAGER_WITH_REGISTRY_LOCK))
+                      .build())
+              .setRegistryLockPassword("registryLockPassword")
+              .build());
     }
   };