mirror of
https://github.com/google/nomulus
synced 2026-02-21 12:29:11 +00:00
Compare commits
50 Commits
proxy-2025
...
nomulus-20
| Author | SHA1 | Date | |
|---|---|---|---|
|
ee8746c857 | ||
|
|
c7f2db177b | ||
|
6747cc894d | ||
|
|
e4c4149033 | ||
|
|
e24c90fea6 | ||
|
|
8ff4d7dc8a | ||
|
|
88906f1bd9 | ||
|
bca05f3982 | ||
|
763630bca5 | ||
|
|
140b19e919 | ||
|
|
a787660b27 | ||
|
|
4aadcf818a | ||
|
|
ab29e481fa | ||
|
|
f2f9694a94 | ||
|
|
3f8145b44f | ||
|
|
1fdacf25dc | ||
|
|
41d26d8385 | ||
|
71c9407f07 | ||
|
|
a138806199 | ||
|
|
a5c1412aac | ||
|
|
41393e5f8d | ||
|
|
a7387e975b | ||
|
|
5c6667507b | ||
|
|
c187c92ae4 | ||
|
|
22ca4e3f2b | ||
|
|
f27136458a | ||
|
|
d8e647316e | ||
|
|
d6e0a7b979 | ||
|
|
5725eb95e0 | ||
|
aa12998276 | ||
|
|
d415416bc5 | ||
|
|
3a1068f313 | ||
|
|
69e5d40f04 | ||
|
|
64f6cd9af4 | ||
|
|
40184689ca | ||
|
|
826ad85d20 | ||
|
|
2b47bc9b0a | ||
|
|
9555dca8c6 | ||
|
|
49484c06d3 | ||
|
|
81d222e7d6 | ||
|
|
7e9d4c27d1 | ||
|
|
f9c22ff1c5 | ||
|
|
2562d582f3 | ||
|
|
6f0bc1ded9 | ||
|
|
db9fc3271d | ||
|
|
84491fde70 | ||
|
|
0519e2ffcf | ||
|
|
85f75494ab | ||
|
|
cbba91558a | ||
|
|
c24f09febc |
@@ -56,7 +56,7 @@ PROPERTIES_HEADER = """\
|
||||
# nom_build), run ./nom_build --help.
|
||||
#
|
||||
# DO NOT EDIT THIS FILE BY HAND
|
||||
org.gradle.jvmargs=-Xmx2048m
|
||||
org.gradle.jvmargs=-Xmx4096m
|
||||
org.gradle.caching=true
|
||||
org.gradle.parallel=true
|
||||
"""
|
||||
|
||||
@@ -98,8 +98,8 @@ PRESUBMITS = {
|
||||
"File did not include the license header.",
|
||||
|
||||
# Files must end in a newline
|
||||
PresubmitCheck(r".*\n$", ("java", "js", "soy", "sql", "py", "sh", "gradle", "ts"),
|
||||
{"node_modules/"}, REQUIRED):
|
||||
PresubmitCheck(r".*\n$", ("java", "js", "soy", "sql", "py", "sh", "gradle", "ts", "xml"),
|
||||
{"node_modules/", ".idea"}, REQUIRED):
|
||||
"Source files must end in a newline.",
|
||||
|
||||
# System.(out|err).println should only appear in tools/ or load-testing/
|
||||
|
||||
@@ -569,11 +569,6 @@ if (environment == 'alpha') {
|
||||
mainClass: 'google.registry.beam.resave.ResaveAllEppResourcesPipeline',
|
||||
metaData: 'google/registry/beam/resave_all_epp_resources_pipeline_metadata.json'
|
||||
],
|
||||
wipeOutContactHistoryPii:
|
||||
[
|
||||
mainClass: 'google.registry.beam.wipeout.WipeOutContactHistoryPiiPipeline',
|
||||
metaData: 'google/registry/beam/wipe_out_contact_history_pii_pipeline_metadata.json'
|
||||
],
|
||||
]
|
||||
project.tasks.create("stageBeamPipelines") {
|
||||
doLast {
|
||||
|
||||
@@ -131,12 +131,6 @@ public class BatchModule {
|
||||
return extractOptionalDatetimeParameter(req, ExpandBillingRecurrencesAction.PARAM_END_TIME);
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Parameter(WipeOutContactHistoryPiiAction.PARAM_CUTOFF_TIME)
|
||||
static Optional<DateTime> provideCutoffTime(HttpServletRequest req) {
|
||||
return extractOptionalDatetimeParameter(req, WipeOutContactHistoryPiiAction.PARAM_CUTOFF_TIME);
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Parameter(ExpandBillingRecurrencesAction.PARAM_ADVANCE_CURSOR)
|
||||
static boolean provideAdvanceCursor(HttpServletRequest req) {
|
||||
|
||||
@@ -29,7 +29,6 @@ import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.flows.poll.PollFlowUtils;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.EppResourceUtils;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
@@ -94,7 +93,6 @@ public class DeleteLoadTestDataAction implements Runnable {
|
||||
TRANSACTION_REPEATABLE_READ,
|
||||
() -> {
|
||||
LOAD_TEST_REGISTRARS.forEach(this::deletePollMessages);
|
||||
tm().loadAllOfStream(Contact.class).forEach(this::deleteContact);
|
||||
tm().loadAllOfStream(Host.class).forEach(this::deleteHost);
|
||||
});
|
||||
}
|
||||
@@ -110,21 +108,6 @@ public class DeleteLoadTestDataAction implements Runnable {
|
||||
}
|
||||
}
|
||||
|
||||
private void deleteContact(Contact contact) {
|
||||
if (!LOAD_TEST_REGISTRARS.contains(contact.getPersistedCurrentSponsorRegistrarId())) {
|
||||
return;
|
||||
}
|
||||
// We cannot remove contacts from domains in the general case, so we cannot delete contacts
|
||||
// that are linked to domains (since it would break the foreign keys)
|
||||
if (EppResourceUtils.isLinked(contact.createVKey(), clock.nowUtc())) {
|
||||
logger.atWarning().log(
|
||||
"Cannot delete contact with repo ID %s since it is referenced from a domain.",
|
||||
contact.getRepoId());
|
||||
return;
|
||||
}
|
||||
deleteResource(contact);
|
||||
}
|
||||
|
||||
private void deleteHost(Host host) {
|
||||
if (!LOAD_TEST_REGISTRARS.contains(host.getPersistedCurrentSponsorRegistrarId())) {
|
||||
return;
|
||||
|
||||
@@ -1,238 +0,0 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.batch;
|
||||
|
||||
import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
|
||||
import static google.registry.flows.FlowUtils.marshalWithLenientRetry;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static google.registry.util.DateTimeUtils.END_OF_TIME;
|
||||
import static google.registry.util.ResourceUtils.readResourceUtf8;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_NO_CONTENT;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_OK;
|
||||
import static java.nio.charset.StandardCharsets.US_ASCII;
|
||||
|
||||
import com.google.common.base.Ascii;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import com.google.common.util.concurrent.RateLimiter;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.flows.EppController;
|
||||
import google.registry.flows.EppRequestSource;
|
||||
import google.registry.flows.PasswordOnlyTransportCredentials;
|
||||
import google.registry.flows.StatelessRequestSessionMetadata;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.DesignatedContact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.eppcommon.ProtocolDefinition;
|
||||
import google.registry.model.eppoutput.EppOutput;
|
||||
import google.registry.persistence.VKey;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.request.lock.LockHandler;
|
||||
import jakarta.inject.Inject;
|
||||
import jakarta.inject.Named;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Callable;
|
||||
import java.util.logging.Level;
|
||||
import javax.annotation.Nullable;
|
||||
import org.joda.time.Duration;
|
||||
|
||||
/**
|
||||
* An action that removes all contacts from all active (non-deleted) domains.
|
||||
*
|
||||
* <p>This implements part 1 of phase 3 of the Minimum Dataset migration, wherein we remove all uses
|
||||
* of contact objects in preparation for later removing all contact data from the system.
|
||||
*
|
||||
* <p>This runs as a singly threaded, resumable action that loads batches of domains still
|
||||
* containing contacts, and runs a superuser domain update on each one to remove the contacts,
|
||||
* leaving behind a record recording that update.
|
||||
*/
|
||||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = RemoveAllDomainContactsAction.PATH,
|
||||
method = Action.Method.POST,
|
||||
auth = Auth.AUTH_ADMIN)
|
||||
public class RemoveAllDomainContactsAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/removeAllDomainContacts";
|
||||
private static final String LOCK_NAME = "Remove all domain contacts";
|
||||
private static final String CONTACT_FMT = "<domain:contact type=\"%s\">%s</domain:contact>";
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
private final EppController eppController;
|
||||
private final String registryAdminClientId;
|
||||
private final LockHandler lockHandler;
|
||||
private final RateLimiter rateLimiter;
|
||||
private final Response response;
|
||||
private final String updateDomainXml;
|
||||
private int successes = 0;
|
||||
private int failures = 0;
|
||||
|
||||
private static final int BATCH_SIZE = 10000;
|
||||
|
||||
@Inject
|
||||
RemoveAllDomainContactsAction(
|
||||
EppController eppController,
|
||||
@Config("registryAdminClientId") String registryAdminClientId,
|
||||
LockHandler lockHandler,
|
||||
@Named("standardRateLimiter") RateLimiter rateLimiter,
|
||||
Response response) {
|
||||
this.eppController = eppController;
|
||||
this.registryAdminClientId = registryAdminClientId;
|
||||
this.lockHandler = lockHandler;
|
||||
this.rateLimiter = rateLimiter;
|
||||
this.response = response;
|
||||
this.updateDomainXml =
|
||||
readResourceUtf8(RemoveAllDomainContactsAction.class, "domain_remove_contacts.xml");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
response.setContentType(PLAIN_TEXT_UTF_8);
|
||||
Callable<Void> runner =
|
||||
() -> {
|
||||
try {
|
||||
runLocked();
|
||||
response.setStatus(SC_OK);
|
||||
} catch (Exception e) {
|
||||
logger.atSevere().withCause(e).log("Errored out during execution.");
|
||||
response.setStatus(SC_INTERNAL_SERVER_ERROR);
|
||||
response.setPayload(String.format("Errored out with cause: %s", e));
|
||||
}
|
||||
return null;
|
||||
};
|
||||
|
||||
if (!lockHandler.executeWithLocks(runner, null, Duration.standardHours(1), LOCK_NAME)) {
|
||||
// Send a 200-series status code to prevent this conflicting action from retrying.
|
||||
response.setStatus(SC_NO_CONTENT);
|
||||
response.setPayload("Could not acquire lock; already running?");
|
||||
}
|
||||
}
|
||||
|
||||
private void runLocked() {
|
||||
logger.atInfo().log("Removing contacts on all active domains.");
|
||||
|
||||
List<String> domainRepoIdsBatch;
|
||||
do {
|
||||
domainRepoIdsBatch =
|
||||
tm().<List<String>>transact(
|
||||
() ->
|
||||
tm().getEntityManager()
|
||||
.createQuery(
|
||||
"""
|
||||
SELECT repoId FROM Domain WHERE deletionTime = :end_of_time AND NOT (
|
||||
adminContact IS NULL AND billingContact IS NULL
|
||||
AND registrantContact IS NULL AND techContact IS NULL)
|
||||
""")
|
||||
.setParameter("end_of_time", END_OF_TIME)
|
||||
.setMaxResults(BATCH_SIZE)
|
||||
.getResultList());
|
||||
|
||||
for (String domainRepoId : domainRepoIdsBatch) {
|
||||
rateLimiter.acquire();
|
||||
runDomainUpdateFlow(domainRepoId);
|
||||
}
|
||||
} while (!domainRepoIdsBatch.isEmpty());
|
||||
String msg =
|
||||
String.format(
|
||||
"Finished; %d domains were successfully updated and %d errored out.",
|
||||
successes, failures);
|
||||
logger.at(failures == 0 ? Level.INFO : Level.WARNING).log(msg);
|
||||
response.setPayload(msg);
|
||||
}
|
||||
|
||||
private void runDomainUpdateFlow(String repoId) {
|
||||
// Create a new transaction that the flow's execution will be enlisted in that loads the domain
|
||||
// transactionally. This way we can ensure that nothing else has modified the domain in question
|
||||
// in the intervening period since the query above found it. If a single domain update fails
|
||||
// permanently, log it and move on to not block processing all the other domains.
|
||||
try {
|
||||
boolean success = tm().transact(() -> runDomainUpdateFlowInner(repoId));
|
||||
if (success) {
|
||||
successes++;
|
||||
} else {
|
||||
failures++;
|
||||
}
|
||||
} catch (Throwable t) {
|
||||
logger.atWarning().withCause(t).log(
|
||||
"Failed updating domain with repoId %s; skipping.", repoId);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Runs the actual domain update flow and returns whether the contact removals were successful.
|
||||
*/
|
||||
private boolean runDomainUpdateFlowInner(String repoId) {
|
||||
Domain domain = tm().loadByKey(VKey.create(Domain.class, repoId));
|
||||
if (!domain.getDeletionTime().equals(END_OF_TIME)) {
|
||||
// Domain has been deleted since the action began running; nothing further to be
|
||||
// done here.
|
||||
logger.atInfo().log("Nothing to process for deleted domain '%s'.", domain.getDomainName());
|
||||
return false;
|
||||
}
|
||||
logger.atInfo().log("Attempting to remove contacts on domain '%s'.", domain.getDomainName());
|
||||
|
||||
StringBuilder sb = new StringBuilder();
|
||||
ImmutableMap<VKey<? extends Contact>, Contact> contacts =
|
||||
tm().loadByKeys(
|
||||
domain.getContacts().stream()
|
||||
.map(DesignatedContact::getContactKey)
|
||||
.collect(ImmutableSet.toImmutableSet()));
|
||||
|
||||
// Collect all the (non-registrant) contacts referenced by the domain and compile an EPP XML
|
||||
// string that removes each one.
|
||||
for (DesignatedContact designatedContact : domain.getContacts()) {
|
||||
@Nullable Contact contact = contacts.get(designatedContact.getContactKey());
|
||||
if (contact == null) {
|
||||
logger.atWarning().log(
|
||||
"Domain '%s' referenced contact with repo ID '%s' that couldn't be" + " loaded.",
|
||||
domain.getDomainName(), designatedContact.getContactKey().getKey());
|
||||
continue;
|
||||
}
|
||||
sb.append(
|
||||
String.format(
|
||||
CONTACT_FMT,
|
||||
Ascii.toLowerCase(designatedContact.getType().name()),
|
||||
contact.getContactId()))
|
||||
.append("\n");
|
||||
}
|
||||
|
||||
String compiledXml =
|
||||
updateDomainXml
|
||||
.replace("%DOMAIN%", domain.getDomainName())
|
||||
.replace("%CONTACTS%", sb.toString());
|
||||
EppOutput output =
|
||||
eppController.handleEppCommand(
|
||||
new StatelessRequestSessionMetadata(
|
||||
registryAdminClientId, ProtocolDefinition.getVisibleServiceExtensionUris()),
|
||||
new PasswordOnlyTransportCredentials(),
|
||||
EppRequestSource.BACKEND,
|
||||
false,
|
||||
true,
|
||||
compiledXml.getBytes(US_ASCII));
|
||||
if (output.isSuccess()) {
|
||||
logger.atInfo().log(
|
||||
"Successfully removed contacts from domain '%s'.", domain.getDomainName());
|
||||
} else {
|
||||
logger.atWarning().log(
|
||||
"Failed removing contacts from domain '%s' with error %s.",
|
||||
domain.getDomainName(), new String(marshalWithLenientRetry(output), US_ASCII));
|
||||
}
|
||||
return output.isSuccess();
|
||||
}
|
||||
}
|
||||
@@ -1,142 +0,0 @@
|
||||
// Copyright 2021 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.batch;
|
||||
|
||||
import static google.registry.beam.BeamUtils.createJobName;
|
||||
import static google.registry.request.RequestParameters.PARAM_DRY_RUN;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
|
||||
import static jakarta.servlet.http.HttpServletResponse.SC_OK;
|
||||
|
||||
import com.google.api.services.dataflow.Dataflow;
|
||||
import com.google.api.services.dataflow.model.LaunchFlexTemplateParameter;
|
||||
import com.google.api.services.dataflow.model.LaunchFlexTemplateRequest;
|
||||
import com.google.api.services.dataflow.model.LaunchFlexTemplateResponse;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import com.google.common.net.MediaType;
|
||||
import google.registry.beam.wipeout.WipeOutContactHistoryPiiPipeline;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import google.registry.util.Clock;
|
||||
import google.registry.util.RegistryEnvironment;
|
||||
import jakarta.inject.Inject;
|
||||
import java.io.IOException;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An action that launches {@link WipeOutContactHistoryPiiPipeline} to wipe out Personal
|
||||
* Identifiable Information (PII) fields of {@link ContactHistory} entities.
|
||||
*
|
||||
* <p>{@link ContactHistory} entities should be retained in the database for only certain amount of
|
||||
* time.
|
||||
*/
|
||||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = WipeOutContactHistoryPiiAction.PATH,
|
||||
auth = Auth.AUTH_ADMIN)
|
||||
public class WipeOutContactHistoryPiiAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/wipeOutContactHistoryPii";
|
||||
public static final String PARAM_CUTOFF_TIME = "wipeoutTime";
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
private static final String PIPELINE_NAME = "wipe_out_contact_history_pii_pipeline";
|
||||
|
||||
private final Clock clock;
|
||||
private final boolean isDryRun;
|
||||
private final Optional<DateTime> maybeCutoffTime;
|
||||
private final int minMonthsBeforeWipeOut;
|
||||
private final String stagingBucketUrl;
|
||||
private final String projectId;
|
||||
private final String jobRegion;
|
||||
private final Dataflow dataflow;
|
||||
private final Response response;
|
||||
|
||||
@Inject
|
||||
public WipeOutContactHistoryPiiAction(
|
||||
Clock clock,
|
||||
@Parameter(PARAM_DRY_RUN) boolean isDryRun,
|
||||
@Parameter(PARAM_CUTOFF_TIME) Optional<DateTime> maybeCutoffTime,
|
||||
@Config("minMonthsBeforeWipeOut") int minMonthsBeforeWipeOut,
|
||||
@Config("beamStagingBucketUrl") String stagingBucketUrl,
|
||||
@Config("projectId") String projectId,
|
||||
@Config("defaultJobRegion") String jobRegion,
|
||||
Dataflow dataflow,
|
||||
Response response) {
|
||||
this.clock = clock;
|
||||
this.isDryRun = isDryRun;
|
||||
this.maybeCutoffTime = maybeCutoffTime;
|
||||
this.minMonthsBeforeWipeOut = minMonthsBeforeWipeOut;
|
||||
this.stagingBucketUrl = stagingBucketUrl;
|
||||
this.projectId = projectId;
|
||||
this.jobRegion = jobRegion;
|
||||
this.dataflow = dataflow;
|
||||
this.response = response;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
response.setContentType(MediaType.PLAIN_TEXT_UTF_8);
|
||||
DateTime cutoffTime =
|
||||
maybeCutoffTime.orElse(clock.nowUtc().minusMonths(minMonthsBeforeWipeOut));
|
||||
LaunchFlexTemplateParameter launchParameter =
|
||||
new LaunchFlexTemplateParameter()
|
||||
.setJobName(
|
||||
createJobName(
|
||||
String.format(
|
||||
"contact-history-pii-wipeout-%s",
|
||||
cutoffTime.toString("yyyy-MM-dd't'HH-mm-ss'z'")),
|
||||
clock))
|
||||
.setContainerSpecGcsPath(
|
||||
String.format("%s/%s_metadata.json", stagingBucketUrl, PIPELINE_NAME))
|
||||
.setParameters(
|
||||
ImmutableMap.of(
|
||||
"registryEnvironment",
|
||||
RegistryEnvironment.get().name(),
|
||||
"cutoffTime",
|
||||
cutoffTime.toString("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"),
|
||||
"isDryRun",
|
||||
Boolean.toString(isDryRun)));
|
||||
logger.atInfo().log(
|
||||
"Launching Beam pipeline to wipe out all PII of contact history entities prior to %s%s.",
|
||||
cutoffTime, " in dry run mode");
|
||||
try {
|
||||
LaunchFlexTemplateResponse launchResponse =
|
||||
dataflow
|
||||
.projects()
|
||||
.locations()
|
||||
.flexTemplates()
|
||||
.launch(
|
||||
projectId,
|
||||
jobRegion,
|
||||
new LaunchFlexTemplateRequest().setLaunchParameter(launchParameter))
|
||||
.execute();
|
||||
logger.atInfo().log("Got response: %s", launchResponse.getJob().toPrettyString());
|
||||
response.setStatus(SC_OK);
|
||||
response.setPayload(
|
||||
String.format(
|
||||
"Launched contact history PII wipeout pipeline: %s",
|
||||
launchResponse.getJob().getId()));
|
||||
} catch (IOException e) {
|
||||
logger.atWarning().withCause(e).log("Pipeline Launch failed");
|
||||
response.setStatus(SC_INTERNAL_SERVER_ERROR);
|
||||
response.setPayload(String.format("Pipeline launch failed: %s", e.getMessage()));
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -50,8 +50,6 @@ import google.registry.config.CredentialModule;
|
||||
import google.registry.config.RegistryConfig.ConfigModule;
|
||||
import google.registry.gcs.GcsUtils;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.host.Host;
|
||||
@@ -73,7 +71,6 @@ import jakarta.inject.Inject;
|
||||
import jakarta.inject.Singleton;
|
||||
import java.io.IOException;
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import org.apache.beam.sdk.Pipeline;
|
||||
import org.apache.beam.sdk.PipelineResult;
|
||||
import org.apache.beam.sdk.coders.KvCoder;
|
||||
@@ -138,25 +135,21 @@ import org.joda.time.DateTime;
|
||||
* pairs of (contact/host repo ID: pending deposit) for all RDE pending deposits for further
|
||||
* processing.
|
||||
*
|
||||
* <h3>{@link Contact}</h3>
|
||||
*
|
||||
* We first join most recent contact histories, represented by (contact repo ID: contact history
|
||||
* revision ID) pairs, with referenced contacts, represented by (contact repo ID: pending deposit)
|
||||
* pairs, on the contact repo ID, to remove unreferenced contact histories. Contact resources are
|
||||
* then loaded from the remaining referenced contact histories, and marshalled into (pending
|
||||
* deposit: deposit fragment) pairs.
|
||||
*
|
||||
* <h3>{@link Host}</h3>
|
||||
*
|
||||
* Similar to {@link Contact}, we join the most recent host history with referenced hosts to find
|
||||
* most recent referenced hosts. For external hosts we do the same treatment as we did on contacts
|
||||
* and obtain the (pending deposit: deposit fragment) pairs. For subordinate hosts, we need to find
|
||||
* the superordinate domain in order to properly handle pending transfer in the deposit as well. So
|
||||
* we first find the superordinate domain repo ID from the host and join the (superordinate domain
|
||||
* repo ID: (subordinate host repo ID: (pending deposit: revision ID))) pair with the (domain repo
|
||||
* ID: revision ID) pair obtained from the domain history query in order to map the host at
|
||||
* watermark to the domain at watermark. We then proceed to create the (pending deposit: deposit
|
||||
* fragment) pair for subordinate hosts using the added domain information.
|
||||
* <p>We first join most recent host histories, represented by (host repo ID: host history revision
|
||||
* ID) pairs, with referenced hosts, represented by (host repo ID: pending deposit) pairs, on the
|
||||
* host repo ID, to remove unreferenced host histories. Host resources are then loaded from the
|
||||
* remaining referenced host histories, and marshalled into (pending deposit: deposit fragment)
|
||||
* pairs.
|
||||
*
|
||||
* <p>For subordinate hosts, we need to find the superordinate domain in order to properly handle
|
||||
* pending transfer in the deposit as well. So we first find the superordinate domain repo ID from
|
||||
* the host and join the (superordinate domain repo ID: (subordinate host repo ID: (pending deposit:
|
||||
* revision ID))) pair with the (domain repo ID: revision ID) pair obtained from the domain history
|
||||
* query in order to map the host at watermark to the domain at watermark. We then proceed to create
|
||||
* the (pending deposit: deposit fragment) pair for subordinate hosts using the added domain
|
||||
* information.
|
||||
*
|
||||
* <h2>Processing {@link DepositFragment}</h2>
|
||||
*
|
||||
@@ -184,10 +177,10 @@ public class RdePipeline implements Serializable {
|
||||
private final CloudTasksUtils cloudTasksUtils;
|
||||
private final RdeMarshaller marshaller;
|
||||
|
||||
// Registrars to be excluded from data escrow. Not including the sandbox-only OTE type so that
|
||||
// if sneaks into production we would get an extra signal.
|
||||
// Registrars to be excluded from data escrow (i.e. all registrar types that have a null IANA
|
||||
// identifier and thus would not be valid according to the RDE schema).
|
||||
private static final ImmutableSet<Type> IGNORED_REGISTRAR_TYPES =
|
||||
Sets.immutableEnumSet(Registrar.Type.MONITORING, Registrar.Type.TEST);
|
||||
Sets.immutableEnumSet(Registrar.Type.MONITORING, Registrar.Type.OTE, Registrar.Type.TEST);
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
@@ -230,9 +223,6 @@ public class RdePipeline implements Serializable {
|
||||
PCollection<KV<String, Long>> domainHistories =
|
||||
getMostRecentHistoryEntries(pipeline, DomainHistory.class);
|
||||
|
||||
PCollection<KV<String, Long>> contactHistories =
|
||||
getMostRecentHistoryEntries(pipeline, ContactHistory.class);
|
||||
|
||||
PCollection<KV<String, Long>> hostHistories =
|
||||
getMostRecentHistoryEntries(pipeline, HostHistory.class);
|
||||
|
||||
@@ -241,10 +231,6 @@ public class RdePipeline implements Serializable {
|
||||
PCollection<KV<PendingDeposit, DepositFragment>> domainFragments =
|
||||
processedDomainHistories.get(DOMAIN_FRAGMENTS);
|
||||
|
||||
PCollection<KV<PendingDeposit, DepositFragment>> contactFragments =
|
||||
processContactHistories(
|
||||
processedDomainHistories.get(REFERENCED_CONTACTS), contactHistories);
|
||||
|
||||
PCollectionTuple processedHosts =
|
||||
processHostHistories(processedDomainHistories.get(REFERENCED_HOSTS), hostHistories);
|
||||
|
||||
@@ -256,7 +242,6 @@ public class RdePipeline implements Serializable {
|
||||
|
||||
return PCollectionList.of(registrarFragments)
|
||||
.and(domainFragments)
|
||||
.and(contactFragments)
|
||||
.and(externalHostFragments)
|
||||
.and(subordinateHostFragments)
|
||||
.apply(
|
||||
@@ -437,7 +422,6 @@ public class RdePipeline implements Serializable {
|
||||
private PCollectionTuple processDomainHistories(PCollection<KV<String, Long>> domainHistories) {
|
||||
Counter activeDomainCounter = Metrics.counter("RDE", "ActiveDomainBase");
|
||||
Counter domainFragmentCounter = Metrics.counter("RDE", "DomainFragment");
|
||||
Counter referencedContactCounter = Metrics.counter("RDE", "ReferencedContact");
|
||||
Counter referencedHostCounter = Metrics.counter("RDE", "ReferencedHost");
|
||||
return domainHistories.apply(
|
||||
"Map DomainHistory to DepositFragment " + "and emit referenced Contact and Host",
|
||||
@@ -463,19 +447,8 @@ public class RdePipeline implements Serializable {
|
||||
KV.of(
|
||||
pendingDeposit,
|
||||
marshaller.marshalDomain(domain, pendingDeposit.mode())));
|
||||
// Contacts and hosts are only deposited in RDE, not BRDA.
|
||||
// Hosts are only deposited in RDE, not BRDA.
|
||||
if (pendingDeposit.mode() == RdeMode.FULL) {
|
||||
HashSet<Serializable> contacts = new HashSet<>();
|
||||
domain.getAdminContact().ifPresent(c -> contacts.add(c.getKey()));
|
||||
domain.getTechContact().ifPresent(c -> contacts.add(c.getKey()));
|
||||
domain.getRegistrant().ifPresent(c -> contacts.add(c.getKey()));
|
||||
domain.getBillingContact().ifPresent(c -> contacts.add(c.getKey()));
|
||||
referencedContactCounter.inc(contacts.size());
|
||||
contacts.forEach(
|
||||
contactRepoId ->
|
||||
receiver
|
||||
.get(REFERENCED_CONTACTS)
|
||||
.output(KV.of((String) contactRepoId, pendingDeposit)));
|
||||
if (domain.getNsHosts() != null) {
|
||||
referencedHostCounter.inc(domain.getNsHosts().size());
|
||||
domain
|
||||
@@ -497,38 +470,6 @@ public class RdePipeline implements Serializable {
|
||||
DOMAIN_FRAGMENTS, TupleTagList.of(REFERENCED_CONTACTS).and(REFERENCED_HOSTS)));
|
||||
}
|
||||
|
||||
private PCollection<KV<PendingDeposit, DepositFragment>> processContactHistories(
|
||||
PCollection<KV<String, PendingDeposit>> referencedContacts,
|
||||
PCollection<KV<String, Long>> contactHistories) {
|
||||
Counter contactFragmentCounter = Metrics.counter("RDE", "ContactFragment");
|
||||
return removeUnreferencedResource(referencedContacts, contactHistories, Contact.class)
|
||||
.apply(
|
||||
"Map Contact to DepositFragment",
|
||||
FlatMapElements.into(
|
||||
kvs(
|
||||
TypeDescriptor.of(PendingDeposit.class),
|
||||
TypeDescriptor.of(DepositFragment.class)))
|
||||
.via(
|
||||
(KV<String, CoGbkResult> kv) -> {
|
||||
Contact contact =
|
||||
(Contact)
|
||||
loadResourceByHistoryEntryId(
|
||||
ContactHistory.class,
|
||||
kv.getKey(),
|
||||
kv.getValue().getAll(REVISION_ID));
|
||||
DepositFragment fragment = marshaller.marshalContact(contact);
|
||||
ImmutableSet<KV<PendingDeposit, DepositFragment>> fragments =
|
||||
Streams.stream(kv.getValue().getAll(PENDING_DEPOSIT))
|
||||
// The same contact could be used by multiple domains, therefore
|
||||
// matched to the same pending deposit multiple times.
|
||||
.distinct()
|
||||
.map(pendingDeposit -> KV.of(pendingDeposit, fragment))
|
||||
.collect(toImmutableSet());
|
||||
contactFragmentCounter.inc(fragments.size());
|
||||
return fragments;
|
||||
}));
|
||||
}
|
||||
|
||||
private PCollectionTuple processHostHistories(
|
||||
PCollection<KV<String, PendingDeposit>> referencedHosts,
|
||||
PCollection<KV<String, Long>> hostHistories) {
|
||||
|
||||
@@ -25,7 +25,6 @@ import com.google.common.collect.Streams;
|
||||
import google.registry.beam.common.RegistryJpaIO;
|
||||
import google.registry.beam.common.RegistryJpaIO.Read;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainBase;
|
||||
import google.registry.model.host.Host;
|
||||
@@ -56,7 +55,7 @@ import org.joda.time.DateTime;
|
||||
public class ResaveAllEppResourcesPipeline implements Serializable {
|
||||
|
||||
private static final ImmutableSet<Class<? extends EppResource>> EPP_RESOURCE_CLASSES =
|
||||
ImmutableSet.of(Contact.class, Domain.class, Host.class);
|
||||
ImmutableSet.of(Domain.class, Host.class);
|
||||
|
||||
/**
|
||||
* There exist three possible situations where we know we'll want to project domains to the
|
||||
@@ -92,25 +91,12 @@ public class ResaveAllEppResourcesPipeline implements Serializable {
|
||||
|
||||
void setupPipeline(Pipeline pipeline) {
|
||||
if (options.getFast()) {
|
||||
fastResaveContacts(pipeline);
|
||||
fastResaveDomains(pipeline);
|
||||
} else {
|
||||
EPP_RESOURCE_CLASSES.forEach(clazz -> forceResaveAllResources(pipeline, clazz));
|
||||
}
|
||||
}
|
||||
|
||||
/** Projects to the current time and saves any contacts with expired transfers. */
|
||||
private void fastResaveContacts(Pipeline pipeline) {
|
||||
Read<String, String> repoIdRead =
|
||||
RegistryJpaIO.read(
|
||||
"SELECT repoId FROM Contact WHERE transferData.transferStatus = 'PENDING' AND"
|
||||
+ " transferData.pendingTransferExpirationTime < current_timestamp()",
|
||||
String.class,
|
||||
r -> r)
|
||||
.withCoder(StringUtf8Coder.of());
|
||||
projectAndResaveResources(pipeline, Contact.class, repoIdRead);
|
||||
}
|
||||
|
||||
/**
|
||||
* Projects to the current time and saves any domains with expired pending actions (e.g.
|
||||
* transfers, grace periods).
|
||||
|
||||
@@ -1,166 +0,0 @@
|
||||
// Copyright 2023 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.beam.wipeout;
|
||||
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static org.apache.beam.sdk.values.TypeDescriptors.voids;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.Streams;
|
||||
import google.registry.beam.common.RegistryJpaIO;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
|
||||
import google.registry.persistence.PersistenceModule.TransactionIsolationLevel;
|
||||
import google.registry.persistence.VKey;
|
||||
import java.io.Serializable;
|
||||
import org.apache.beam.sdk.Pipeline;
|
||||
import org.apache.beam.sdk.PipelineResult;
|
||||
import org.apache.beam.sdk.coders.KvCoder;
|
||||
import org.apache.beam.sdk.coders.StringUtf8Coder;
|
||||
import org.apache.beam.sdk.coders.VarLongCoder;
|
||||
import org.apache.beam.sdk.metrics.Counter;
|
||||
import org.apache.beam.sdk.metrics.Metrics;
|
||||
import org.apache.beam.sdk.options.PipelineOptionsFactory;
|
||||
import org.apache.beam.sdk.transforms.MapElements;
|
||||
import org.apache.beam.sdk.transforms.join.CoGroupByKey;
|
||||
import org.apache.beam.sdk.transforms.join.KeyedPCollectionTuple;
|
||||
import org.apache.beam.sdk.values.KV;
|
||||
import org.apache.beam.sdk.values.PCollection;
|
||||
import org.apache.beam.sdk.values.TupleTag;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* Definition of a Dataflow Flex pipeline template, which finds out {@link ContactHistory} entries
|
||||
* that are older than a given age (excluding the most recent one, even if it falls with the range)
|
||||
* and wipe out PII information in them.
|
||||
*
|
||||
* <p>To stage this template locally, run {@code ./nom_build :core:sBP --environment=alpha \
|
||||
* --pipeline=wipeOutContactHistoryPii}.
|
||||
*
|
||||
* <p>Then, you can run the staged template via the API client library, gCloud or a raw REST call.
|
||||
*/
|
||||
public class WipeOutContactHistoryPiiPipeline implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = -4111052675715913820L;
|
||||
private static final TupleTag<Long> REVISIONS_TO_WIPE = new TupleTag<>();
|
||||
private static final TupleTag<Long> MOST_RECENT_REVISION = new TupleTag<>();
|
||||
|
||||
private final DateTime cutoffTime;
|
||||
private final boolean dryRun;
|
||||
private final Counter contactsInScope =
|
||||
Metrics.counter("WipeOutContactHistoryPii", "contacts in scope");
|
||||
private final Counter historiesToWipe =
|
||||
Metrics.counter("WipeOutContactHistoryPii", "contact histories to wipe PII from");
|
||||
private final Counter historiesWiped =
|
||||
Metrics.counter("WipeOutContactHistoryPii", "contact histories actually updated");
|
||||
|
||||
WipeOutContactHistoryPiiPipeline(WipeOutContactHistoryPiiPipelineOptions options) {
|
||||
dryRun = options.getIsDryRun();
|
||||
cutoffTime = DateTime.parse(options.getCutoffTime());
|
||||
}
|
||||
|
||||
void setup(Pipeline pipeline) {
|
||||
KeyedPCollectionTuple.of(REVISIONS_TO_WIPE, getHistoryEntriesToWipe(pipeline))
|
||||
.and(MOST_RECENT_REVISION, getMostRecentHistoryEntries(pipeline))
|
||||
.apply("Group by contact", CoGroupByKey.create())
|
||||
.apply(
|
||||
"Wipe out PII",
|
||||
MapElements.into(voids())
|
||||
.via(
|
||||
kv -> {
|
||||
String repoId = kv.getKey();
|
||||
long mostRecentRevision = kv.getValue().getOnly(MOST_RECENT_REVISION);
|
||||
ImmutableList<Long> revisionsToWipe =
|
||||
Streams.stream(kv.getValue().getAll(REVISIONS_TO_WIPE))
|
||||
.filter(e -> e != mostRecentRevision)
|
||||
.collect(toImmutableList());
|
||||
if (revisionsToWipe.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
contactsInScope.inc();
|
||||
tm().transact(
|
||||
() -> {
|
||||
for (long revisionId : revisionsToWipe) {
|
||||
historiesToWipe.inc();
|
||||
ContactHistory history =
|
||||
tm().loadByKey(
|
||||
VKey.create(
|
||||
ContactHistory.class,
|
||||
new HistoryEntryId(repoId, revisionId)));
|
||||
// In the unlikely case where multiple pipelines run at the
|
||||
// same time, or where the runner decides to rerun a particular
|
||||
// transform, we might have a history entry that has already been
|
||||
// wiped at this point. There's no need to wipe it again.
|
||||
if (!dryRun
|
||||
&& history.getContactBase().isPresent()
|
||||
&& history.getContactBase().get().getEmailAddress() != null) {
|
||||
historiesWiped.inc();
|
||||
tm().update(history.asBuilder().wipeOutPii().build());
|
||||
}
|
||||
}
|
||||
});
|
||||
return null;
|
||||
}));
|
||||
}
|
||||
|
||||
PCollection<KV<String, Long>> getHistoryEntriesToWipe(Pipeline pipeline) {
|
||||
return pipeline.apply(
|
||||
"Find contact histories to wipee",
|
||||
// Email is one of the required fields in EPP, meaning it's initially not null when it
|
||||
// is set by EPP flows (even though it is nullalbe in the SQL schema). Therefore,
|
||||
// checking if it's null is one way to avoid processing contact history entities that
|
||||
// have been processed previously. Refer to RFC 5733 for more information.
|
||||
RegistryJpaIO.read(
|
||||
"SELECT repoId, revisionId FROM ContactHistory WHERE resource.email IS NOT NULL"
|
||||
+ " AND modificationTime < :cutoffTime",
|
||||
ImmutableMap.of("cutoffTime", cutoffTime),
|
||||
Object[].class,
|
||||
row -> KV.of((String) row[0], (long) row[1]))
|
||||
.withCoder(KvCoder.of(StringUtf8Coder.of(), VarLongCoder.of())));
|
||||
}
|
||||
|
||||
PCollection<KV<String, Long>> getMostRecentHistoryEntries(Pipeline pipeline) {
|
||||
return pipeline.apply(
|
||||
"Find the most recent historiy entry for each contact",
|
||||
RegistryJpaIO.read(
|
||||
"SELECT repoId, revisionId FROM ContactHistory"
|
||||
+ " WHERE (repoId, modificationTime) IN"
|
||||
+ " (SELECT repoId, MAX(modificationTime) FROM ContactHistory GROUP BY repoId)",
|
||||
ImmutableMap.of(),
|
||||
Object[].class,
|
||||
row -> KV.of((String) row[0], (long) row[1]))
|
||||
.withCoder(KvCoder.of(StringUtf8Coder.of(), VarLongCoder.of())));
|
||||
}
|
||||
|
||||
PipelineResult run(Pipeline pipeline) {
|
||||
setup(pipeline);
|
||||
return pipeline.run();
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
PipelineOptionsFactory.register(WipeOutContactHistoryPiiPipelineOptions.class);
|
||||
WipeOutContactHistoryPiiPipelineOptions options =
|
||||
PipelineOptionsFactory.fromArgs(args)
|
||||
.withValidation()
|
||||
.as(WipeOutContactHistoryPiiPipelineOptions.class);
|
||||
// Repeatable read should be more than enough since we are dealing with old history entries that
|
||||
// are otherwise immutable.
|
||||
options.setIsolationOverride(TransactionIsolationLevel.TRANSACTION_REPEATABLE_READ);
|
||||
Pipeline pipeline = Pipeline.create(options);
|
||||
new WipeOutContactHistoryPiiPipeline(options).run(pipeline);
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
// Copyright 2023 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.beam.wipeout;
|
||||
|
||||
import google.registry.beam.common.RegistryPipelineOptions;
|
||||
import org.apache.beam.sdk.options.Default;
|
||||
import org.apache.beam.sdk.options.Description;
|
||||
|
||||
public interface WipeOutContactHistoryPiiPipelineOptions extends RegistryPipelineOptions {
|
||||
|
||||
@Description(
|
||||
"A contact history entry with a history modification time before this time will have its PII"
|
||||
+ " wiped, unless it is the most entry for the contact.")
|
||||
String getCutoffTime();
|
||||
|
||||
void setCutoffTime(String value);
|
||||
|
||||
@Description(
|
||||
"If true, the wiped out billing events will not be saved but the pipeline metrics counter"
|
||||
+ " will still be updated.")
|
||||
@Default.Boolean(false)
|
||||
boolean getIsDryRun();
|
||||
|
||||
void setIsDryRun(boolean value);
|
||||
}
|
||||
@@ -143,15 +143,15 @@ public final class RegistryConfig {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the roid suffix to be used for the roids of all contacts and hosts. E.g. a value of
|
||||
* "ROID" would end up creating roids that look like "ABC123-ROID".
|
||||
* Returns the roid suffix to be used for the roids of all hosts. E.g. a value of "ROID" would
|
||||
* end up creating roids that look like "ABC123-ROID".
|
||||
*
|
||||
* @see <a href="http://www.iana.org/assignments/epp-repository-ids/epp-repository-ids.xhtml">
|
||||
* Extensible Provisioning Protocol (EPP) Repository Identifiers</a>
|
||||
*/
|
||||
@Provides
|
||||
@Config("contactAndHostRoidSuffix")
|
||||
public static String provideContactAndHostRoidSuffix(RegistryConfigSettings config) {
|
||||
@Config("hostRoidSuffix")
|
||||
public static String provideHostRoidSuffix(RegistryConfigSettings config) {
|
||||
return config.registryPolicy.contactAndHostRoidSuffix;
|
||||
}
|
||||
|
||||
@@ -1024,18 +1024,6 @@ public final class RegistryConfig {
|
||||
return Duration.standardSeconds(config.monitoring.writeIntervalSeconds);
|
||||
}
|
||||
|
||||
/**
|
||||
* The global automatic transfer length for contacts. After this amount of time has elapsed, the
|
||||
* transfer is automatically approved.
|
||||
*
|
||||
* @see google.registry.flows.contact.ContactTransferRequestFlow
|
||||
*/
|
||||
@Provides
|
||||
@Config("contactAutomaticTransferLength")
|
||||
public static Duration provideContactAutomaticTransferLength(RegistryConfigSettings config) {
|
||||
return Duration.standardDays(config.registryPolicy.contactAutomaticTransferDays);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the maximum number of entities that can be checked at one time in an EPP check flow.
|
||||
*/
|
||||
@@ -1264,12 +1252,6 @@ public final class RegistryConfig {
|
||||
return ImmutableSet.copyOf(config.sslCertificateValidation.allowedEcdsaCurves);
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("minMonthsBeforeWipeOut")
|
||||
public static int provideMinMonthsBeforeWipeOut(RegistryConfigSettings config) {
|
||||
return config.contactHistory.minMonthsBeforeWipeOut;
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("jdbcBatchSize")
|
||||
public static int provideHibernateJdbcBatchSize(RegistryConfigSettings config) {
|
||||
@@ -1462,6 +1444,12 @@ public final class RegistryConfig {
|
||||
return ImmutableSet.copyOf(config.mosapi.services);
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("mosapiTldThreadCount")
|
||||
public static int provideMosapiTldThreads(RegistryConfigSettings config) {
|
||||
return config.mosapi.tldThreadCount;
|
||||
}
|
||||
|
||||
private static String formatComments(String text) {
|
||||
return Splitter.on('\n').omitEmptyStrings().trimResults().splitToList(text).stream()
|
||||
.map(s -> "# " + s)
|
||||
@@ -1623,15 +1611,11 @@ public final class RegistryConfig {
|
||||
return CONFIG_SETTINGS.get().hibernate.jdbcFetchSize;
|
||||
}
|
||||
|
||||
/** Returns the roid suffix to be used for the roids of all contacts and hosts. */
|
||||
public static String getContactAndHostRoidSuffix() {
|
||||
/** Returns the roid suffix to be used for the roids of all hosts. */
|
||||
public static String getHostRoidSuffix() {
|
||||
return CONFIG_SETTINGS.get().registryPolicy.contactAndHostRoidSuffix;
|
||||
}
|
||||
|
||||
/** Returns the global automatic transfer length for contacts. */
|
||||
public static Duration getContactAutomaticTransferLength() {
|
||||
return Duration.standardDays(CONFIG_SETTINGS.get().registryPolicy.contactAutomaticTransferDays);
|
||||
}
|
||||
|
||||
/** A discount for all sunrise domain creates, between 0.0 (no discount) and 1.0 (free). */
|
||||
public static double getSunriseDomainCreateDiscount() {
|
||||
|
||||
@@ -39,7 +39,6 @@ public class RegistryConfigSettings {
|
||||
public Beam beam;
|
||||
public RegistryTool registryTool;
|
||||
public SslCertificateValidation sslCertificateValidation;
|
||||
public ContactHistory contactHistory;
|
||||
public DnsUpdate dnsUpdate;
|
||||
public BulkPricingPackageMonitoring bulkPricingPackageMonitoring;
|
||||
public Bsa bsa;
|
||||
@@ -87,7 +86,6 @@ public class RegistryConfigSettings {
|
||||
public String productName;
|
||||
public String customLogicFactoryClass;
|
||||
public String dnsCountQueryCoordinatorClass;
|
||||
public int contactAutomaticTransferDays;
|
||||
public String greetingServerId;
|
||||
public List<String> registrarChangesNotificationEmailAddresses;
|
||||
public String defaultRegistrarWhoisServer;
|
||||
@@ -223,11 +221,6 @@ public class RegistryConfigSettings {
|
||||
public String expirationWarningEmailSubjectText;
|
||||
}
|
||||
|
||||
/** Configuration for contact history. */
|
||||
public static class ContactHistory {
|
||||
public int minMonthsBeforeWipeOut;
|
||||
}
|
||||
|
||||
/** Configuration for dns update. */
|
||||
public static class DnsUpdate {
|
||||
public String dnsUpdateFailEmailSubjectText;
|
||||
@@ -272,5 +265,6 @@ public class RegistryConfigSettings {
|
||||
public String entityType;
|
||||
public List<String> tlds;
|
||||
public List<String> services;
|
||||
public int tldThreadCount;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,9 +63,6 @@ registryPolicy:
|
||||
# See reporting/icann/DnsCountQueryCoordinator.java
|
||||
dnsCountQueryCoordinatorClass: google.registry.reporting.icann.DummyDnsCountQueryCoordinator
|
||||
|
||||
# Length of time after which contact transfers automatically conclude.
|
||||
contactAutomaticTransferDays: 5
|
||||
|
||||
# Server ID used in the 'svID' element of an EPP 'greeting'.
|
||||
greetingServerId: Nomulus Registry
|
||||
|
||||
@@ -450,11 +447,6 @@ registryTool:
|
||||
# OAuth client secret used by the tool.
|
||||
clientSecret: YOUR_CLIENT_SECRET
|
||||
|
||||
# Configuration options for handling contact history.
|
||||
contactHistory:
|
||||
# The number of months that a ContactHistory entity should be stored in the database.
|
||||
minMonthsBeforeWipeOut: 18
|
||||
|
||||
# Configuration options relevant to the DNS update functionality.
|
||||
dnsUpdate:
|
||||
dnsUpdateFailRegistryName: Example name
|
||||
@@ -642,4 +634,8 @@ mosapi:
|
||||
- "epp"
|
||||
- "dnssec"
|
||||
|
||||
# Provides a fixed thread pool for parallel TLD processing.
|
||||
# @see <a href="https://www.icann.org/mosapi-specification.pdf">
|
||||
# ICANN MoSAPI Specification, Section 12.3</a>
|
||||
tldThreadCount: 4
|
||||
|
||||
|
||||
@@ -322,4 +322,15 @@
|
||||
<service>bsa</service>
|
||||
<schedule>23 8,20 * * *</schedule>
|
||||
</task>
|
||||
|
||||
<task>
|
||||
<url><![CDATA[/_dr/task/triggerMosApiServiceState]]></url>
|
||||
<name>triggerMosApiServiceState</name>
|
||||
<description>
|
||||
Fetches the service state from MosAPI and triggers the metrics status for all TLDs.
|
||||
</description>
|
||||
<!-- Runs every 5 minutes. -->
|
||||
<schedule>*/5 * * * *</schedule>
|
||||
</task>
|
||||
|
||||
</entries>
|
||||
|
||||
@@ -0,0 +1,128 @@
|
||||
// Copyright 2026 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.package google.registry.flows;
|
||||
|
||||
package google.registry.flows;
|
||||
|
||||
import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_11;
|
||||
import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_12;
|
||||
import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_6;
|
||||
import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_1_00;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.model.eppcommon.EppXmlTransformer;
|
||||
import google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension;
|
||||
import java.util.Optional;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* Normalizes Fee extension namespace tags in EPP XML response messages.
|
||||
*
|
||||
* <p>Nomulus currently supports multiple versions of the Fee extension. With the current XML
|
||||
* tooling, the namespace of every version is included in each EPP response, and as a result must
|
||||
* use a unique XML tag. E.g., fee for extension v0.6, and fee12 for extension v0.12.
|
||||
*
|
||||
* <p>Some registrars are not XML namespace-aware and rely on the XML tags being specific literals.
|
||||
* This makes it difficult to perform seamless rollout of new versions: if Nomulus reassigns a tag
|
||||
* literal to a different version, it effectively forces all these registrars to upgrade at the time
|
||||
* of the deployment.
|
||||
*
|
||||
* <p>This class can be used to normalize the namespace tag in EPP responses. Since every response
|
||||
* message may use at most one version of the Fee extension, we can remove declared but unused
|
||||
* versions from the message, thus freeing up the canonical tag ('fee') for the active version.
|
||||
*/
|
||||
public class FeeExtensionXmlTagNormalizer {
|
||||
|
||||
// So far we only have Fee extensions to process
|
||||
private static final String CANONICAL_FEE_TAG = "fee";
|
||||
|
||||
private static final ImmutableSet<ServiceExtension> FEE_EXTENSIONS =
|
||||
ImmutableSet.of(FEE_0_6, FEE_0_11, FEE_0_12, FEE_1_00);
|
||||
|
||||
private static final Pattern FEE_EXTENSION_IN_USE_PATTERN =
|
||||
Pattern.compile(feeExtensionInUseRegex());
|
||||
|
||||
@VisibleForTesting
|
||||
static String feeExtensionInUseRegex() {
|
||||
return FEE_EXTENSIONS.stream()
|
||||
.map(ServiceExtension::getXmlTag)
|
||||
.map(tag -> String.format("\\b(%s):", tag))
|
||||
.collect(Collectors.joining("|"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a EPP response that uses the canonical tag ({@code fee}) for the fee extension.
|
||||
*
|
||||
* <p>This method replaces any versioned tag, e.g., {@code fee12} with the canonical tag. It also
|
||||
* removes unused namespace declarations and update the tag in the remaining declaration.
|
||||
*
|
||||
* <p>The input {@code xml} must be an EPP response message generated by the {@link
|
||||
* EppXmlTransformer}. With this assumption, we can use regular expressions which is 10X faster
|
||||
* than XML stream parsers.
|
||||
*/
|
||||
public static String normalize(String xml) {
|
||||
Optional<String> maybeFeeTagInUse = findFeeExtensionInUse(xml);
|
||||
if (maybeFeeTagInUse.isEmpty()) {
|
||||
return xml;
|
||||
}
|
||||
String feeTagInUse = maybeFeeTagInUse.get();
|
||||
String normalized = xml;
|
||||
for (ServiceExtension serviceExtension : FEE_EXTENSIONS) {
|
||||
if (serviceExtension.getXmlTag().equals(feeTagInUse)) {
|
||||
normalized = normalizeExtensionInUse(feeTagInUse, serviceExtension.getUri(), normalized);
|
||||
} else {
|
||||
normalized =
|
||||
removeUnusedExtension(
|
||||
serviceExtension.getXmlTag(), serviceExtension.getUri(), normalized);
|
||||
}
|
||||
}
|
||||
return normalized;
|
||||
}
|
||||
|
||||
static String removeUnusedExtension(String tag, String uri, String xml) {
|
||||
String declaration = String.format("xmlns:%s=\"%s\"", tag, uri);
|
||||
// There must be a leading whitespace, and it can be safely removed with the declaration.
|
||||
return xml.replaceAll(String.format("\\s%s", declaration), "");
|
||||
}
|
||||
|
||||
static String normalizeExtensionInUse(String tagInUse, String uriInUse, String xml) {
|
||||
if (tagInUse.equals(CANONICAL_FEE_TAG)) {
|
||||
return xml;
|
||||
}
|
||||
// Change the tag in the namespace declaration:
|
||||
String currentDeclaration = String.format("xmlns:%s=\"%s\"", tagInUse, uriInUse);
|
||||
String desiredDeclaraion = String.format("xmlns:fee=\"%s\"", uriInUse);
|
||||
// The new tag at each site of use, with trailing colon:
|
||||
String newTagWithColon = CANONICAL_FEE_TAG + ":";
|
||||
return xml.replaceAll(String.format("\\b%s:", tagInUse), newTagWithColon)
|
||||
.replaceAll(currentDeclaration, desiredDeclaraion);
|
||||
}
|
||||
|
||||
static Optional<String> findFeeExtensionInUse(String xml) {
|
||||
Matcher matcher = FEE_EXTENSION_IN_USE_PATTERN.matcher(xml);
|
||||
|
||||
if (!matcher.find()) {
|
||||
return Optional.empty();
|
||||
}
|
||||
// We know only one extension is in use, so we can return on the first match
|
||||
for (int i = 1; i <= matcher.groupCount(); i++) {
|
||||
if (matcher.group(i) != null) {
|
||||
return Optional.of(matcher.group(i));
|
||||
}
|
||||
}
|
||||
throw new IllegalStateException("Should not reach here. Bad FEE_EXTENSION_IN_USE_PATTERN?");
|
||||
}
|
||||
}
|
||||
@@ -22,7 +22,6 @@ import com.google.common.base.Strings;
|
||||
import dagger.Module;
|
||||
import dagger.Provides;
|
||||
import google.registry.flows.picker.FlowPicker;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
@@ -267,23 +266,6 @@ public class FlowModule {
|
||||
return builder;
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides a partially filled in {@link ContactHistory.Builder}
|
||||
*
|
||||
* <p>This is not marked with {@link FlowScope} so that each retry gets a fresh one. Otherwise,
|
||||
* the fact that the builder is one-use would cause NPEs.
|
||||
*/
|
||||
@Provides
|
||||
static ContactHistory.Builder provideContactHistoryBuilder(
|
||||
Trid trid,
|
||||
@InputXml byte[] inputXmlBytes,
|
||||
@Superuser boolean isSuperuser,
|
||||
@RegistrarId String registrarId,
|
||||
EppInput eppInput) {
|
||||
return makeHistoryEntryBuilder(
|
||||
new ContactHistory.Builder(), trid, inputXmlBytes, isSuperuser, registrarId, eppInput);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides a partially filled in {@link HostHistory.Builder}
|
||||
*
|
||||
|
||||
@@ -16,7 +16,6 @@ package google.registry.flows;
|
||||
|
||||
import static com.google.common.collect.Sets.intersection;
|
||||
import static google.registry.model.EppResourceUtils.isLinked;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Sets;
|
||||
@@ -35,15 +34,14 @@ import google.registry.flows.exceptions.ResourceToDeleteIsReferencedException;
|
||||
import google.registry.flows.exceptions.TooManyResourceChecksException;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.EppResource.ForeignKeyedEppResource;
|
||||
import google.registry.model.EppResource.ResourceWithTransferData;
|
||||
import google.registry.model.ForeignKeyUtils;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainBase;
|
||||
import google.registry.model.domain.Period;
|
||||
import google.registry.model.domain.rgp.GracePeriodStatus;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import google.registry.persistence.VKey;
|
||||
import java.util.List;
|
||||
@@ -65,30 +63,26 @@ public final class ResourceFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether if there are domains linked to the resource to be deleted. Throws an exception if
|
||||
* so.
|
||||
*/
|
||||
public static <R extends EppResource> void checkLinkedDomains(
|
||||
final String targetId, final DateTime now, final Class<R> resourceClass) throws EppException {
|
||||
VKey<R> key =
|
||||
ForeignKeyUtils.loadKey(resourceClass, targetId, now)
|
||||
.orElseThrow(() -> new ResourceDoesNotExistException(resourceClass, targetId));
|
||||
/** Check if there are domains linked to the host to be deleted. Throws an exception if so. */
|
||||
public static void checkLinkedDomains(final String targetId, final DateTime now)
|
||||
throws EppException {
|
||||
VKey<Host> key =
|
||||
ForeignKeyUtils.loadKey(Host.class, targetId, now)
|
||||
.orElseThrow(() -> new ResourceDoesNotExistException(Host.class, targetId));
|
||||
if (isLinked(key, now)) {
|
||||
throw new ResourceToDeleteIsReferencedException();
|
||||
}
|
||||
}
|
||||
|
||||
public static <R extends EppResource & ResourceWithTransferData> void verifyHasPendingTransfer(
|
||||
R resource) throws NotPendingTransferException {
|
||||
if (resource.getTransferData().getTransferStatus() != TransferStatus.PENDING) {
|
||||
throw new NotPendingTransferException(resource.getForeignKey());
|
||||
public static void verifyHasPendingTransfer(Domain domain) throws NotPendingTransferException {
|
||||
if (domain.getTransferData().getTransferStatus() != TransferStatus.PENDING) {
|
||||
throw new NotPendingTransferException(domain.getForeignKey());
|
||||
}
|
||||
}
|
||||
|
||||
public static <R extends EppResource & ResourceWithTransferData> void verifyTransferInitiator(
|
||||
String registrarId, R resource) throws NotTransferInitiatorException {
|
||||
if (!resource.getTransferData().getGainingRegistrarId().equals(registrarId)) {
|
||||
public static void verifyTransferInitiator(String registrarId, Domain domain)
|
||||
throws NotTransferInitiatorException {
|
||||
if (!domain.getTransferData().getGainingRegistrarId().equals(registrarId)) {
|
||||
throw new NotTransferInitiatorException();
|
||||
}
|
||||
}
|
||||
@@ -124,14 +118,6 @@ public final class ResourceFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
/** Check that the given AuthInfo is either missing or else is valid for the given resource. */
|
||||
public static void verifyOptionalAuthInfo(Optional<AuthInfo> authInfo, Contact contact)
|
||||
throws EppException {
|
||||
if (authInfo.isPresent()) {
|
||||
verifyAuthInfo(authInfo.get(), contact);
|
||||
}
|
||||
}
|
||||
|
||||
/** Check that the given AuthInfo is either missing or else is valid for the given resource. */
|
||||
public static void verifyOptionalAuthInfo(Optional<AuthInfo> authInfo, Domain domain)
|
||||
throws EppException {
|
||||
@@ -142,37 +128,14 @@ public final class ResourceFlowUtils {
|
||||
|
||||
/** Check that the given {@link AuthInfo} is valid for the given domain. */
|
||||
public static void verifyAuthInfo(AuthInfo authInfo, Domain domain) throws EppException {
|
||||
final String authRepoId = authInfo.getPw().getRepoId();
|
||||
String authPassword = authInfo.getPw().getValue();
|
||||
if (authRepoId == null) {
|
||||
// If no roid is specified, check the password against the domain's password.
|
||||
String domainPassword = domain.getAuthInfo().getPw().getValue();
|
||||
if (!domainPassword.equals(authPassword)) {
|
||||
throw new BadAuthInfoForResourceException();
|
||||
}
|
||||
return;
|
||||
}
|
||||
// The roid should match one of the contacts.
|
||||
Optional<VKey<Contact>> foundContact =
|
||||
domain.getReferencedContacts().stream()
|
||||
.filter(key -> key.getKey().equals(authRepoId))
|
||||
.findFirst();
|
||||
if (foundContact.isEmpty()) {
|
||||
String authRepoId = authInfo.getPw().getRepoId();
|
||||
// Previously one could auth against a contact, but we no longer hold any contact info
|
||||
if (authRepoId != null) {
|
||||
throw new BadAuthInfoForResourceException();
|
||||
}
|
||||
// Check the authInfo against the contact.
|
||||
verifyAuthInfo(authInfo, tm().loadByKey(foundContact.get()));
|
||||
}
|
||||
|
||||
/** Check that the given {@link AuthInfo} is valid for the given contact. */
|
||||
public static void verifyAuthInfo(AuthInfo authInfo, Contact contact) throws EppException {
|
||||
String authRepoId = authInfo.getPw().getRepoId();
|
||||
String authPassword = authInfo.getPw().getValue();
|
||||
String contactPassword = contact.getAuthInfo().getPw().getValue();
|
||||
if (!contactPassword.equals(authPassword)
|
||||
// It's unnecessary to specify a repoId on a contact auth info, but if it's there validate
|
||||
// it. The usual case of this is validating a domain's auth using this method.
|
||||
|| (authRepoId != null && !authRepoId.equals(contact.getRepoId()))) {
|
||||
String domainPassword = domain.getAuthInfo().getPw().getValue();
|
||||
if (!domainPassword.equals(authPassword)) {
|
||||
throw new BadAuthInfoForResourceException();
|
||||
}
|
||||
}
|
||||
@@ -194,13 +157,27 @@ public final class ResourceFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
/** Check that the same values aren't being added and removed in an update command. */
|
||||
public static void checkSameValuesNotAddedAndRemoved(
|
||||
ImmutableSet<?> fieldsToAdd, ImmutableSet<?> fieldsToRemove)
|
||||
throws AddRemoveSameValueException {
|
||||
/**
|
||||
* Verifies the adds and removes on a resource.
|
||||
*
|
||||
* <p>This throws an exception in three different situations: if the same value is being both
|
||||
* added and removed, if a value is being added that is already present, or if a value is being
|
||||
* removed that isn't present.
|
||||
*/
|
||||
public static <T> void verifyAddsAndRemoves(
|
||||
ImmutableSet<T> existingFields, ImmutableSet<T> fieldsToAdd, ImmutableSet<T> fieldsToRemove)
|
||||
throws AddRemoveSameValueException,
|
||||
AddExistingValueException,
|
||||
RemoveNonexistentValueException {
|
||||
if (!intersection(fieldsToAdd, fieldsToRemove).isEmpty()) {
|
||||
throw new AddRemoveSameValueException();
|
||||
}
|
||||
if (!intersection(fieldsToAdd, existingFields).isEmpty()) {
|
||||
throw new AddExistingValueException();
|
||||
}
|
||||
if (intersection(fieldsToRemove, existingFields).size() != fieldsToRemove.size()) {
|
||||
throw new RemoveNonexistentValueException();
|
||||
}
|
||||
}
|
||||
|
||||
/** Check that all {@link StatusValue} objects in a set are client-settable. */
|
||||
@@ -266,6 +243,20 @@ public final class ResourceFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
/** Cannot add a value that is already present. */
|
||||
public static class AddExistingValueException extends ParameterValuePolicyErrorException {
|
||||
public AddExistingValueException() {
|
||||
super("Cannot add a value that is already present");
|
||||
}
|
||||
}
|
||||
|
||||
/** Cannot remove a value that does not exist. */
|
||||
public static class RemoveNonexistentValueException extends ParameterValuePolicyErrorException {
|
||||
public RemoveNonexistentValueException() {
|
||||
super("Cannot remove a value that does not exist");
|
||||
}
|
||||
}
|
||||
|
||||
/** The specified status value cannot be set by clients. */
|
||||
public static class StatusNotClientSettableException extends ParameterValueRangeErrorException {
|
||||
public StatusNotClientSettableException(String statusValue) {
|
||||
|
||||
@@ -14,60 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyTargetIdCount;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.ForeignKeyUtils;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactCommand.Check;
|
||||
import google.registry.model.eppinput.ResourceCommand;
|
||||
import google.registry.model.eppoutput.CheckData.ContactCheck;
|
||||
import google.registry.model.eppoutput.CheckData.ContactCheckData;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.util.Clock;
|
||||
import jakarta.inject.Inject;
|
||||
|
||||
/**
|
||||
* An EPP flow that checks whether a contact can be provisioned.
|
||||
* An EPP flow that is meant to check whether a contact can be provisioned.
|
||||
*
|
||||
* <p>This flows can check the existence of multiple contacts simultaneously.
|
||||
*
|
||||
* @error {@link google.registry.flows.exceptions.TooManyResourceChecksException}
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_CHECK)
|
||||
public final class ContactCheckFlow implements TransactionalFlow {
|
||||
|
||||
@Inject ResourceCommand resourceCommand;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Clock clock;
|
||||
@Inject @Config("maxChecks") int maxChecks;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactCheckFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactCheckFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate(); // There are no legal extensions for this flow.
|
||||
ImmutableList<String> targetIds = ((Check) resourceCommand).getTargetIds();
|
||||
verifyTargetIdCount(targetIds, maxChecks);
|
||||
ImmutableSet<String> existingIds =
|
||||
ForeignKeyUtils.loadKeys(Contact.class, targetIds, clock.nowUtc()).keySet();
|
||||
ImmutableList.Builder<ContactCheck> checks = new ImmutableList.Builder<>();
|
||||
for (String id : targetIds) {
|
||||
boolean unused = !existingIds.contains(id);
|
||||
checks.add(ContactCheck.create(unused, id, unused ? null : "In use"));
|
||||
}
|
||||
return responseBuilder.setResData(ContactCheckData.create(checks.build())).build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,94 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateAsciiPostalInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateContactAgainstPolicy;
|
||||
import static google.registry.model.EppResourceUtils.createRepoId;
|
||||
import static google.registry.model.common.FeatureFlag.FeatureName.MINIMUM_DATASET_CONTACTS_PROHIBITED;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.flows.exceptions.ResourceAlreadyExistsForThisClientException;
|
||||
import google.registry.flows.exceptions.ResourceCreateContentionException;
|
||||
import google.registry.model.common.FeatureFlag;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactCommand.Create;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppinput.ResourceCommand;
|
||||
import google.registry.model.eppoutput.CreateData.ContactCreateData;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.reporting.HistoryEntry;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import jakarta.inject.Inject;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that creates a new contact.
|
||||
* An EPP flow meant to create a new contact.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
* @error {@link ResourceAlreadyExistsForThisClientException}
|
||||
* @error {@link ResourceCreateContentionException}
|
||||
* @error {@link ContactFlowUtils.BadInternationalizedPostalInfoException}
|
||||
* @error {@link ContactFlowUtils.DeclineContactDisclosureFieldDisallowedPolicyException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_CREATE)
|
||||
public final class ContactCreateFlow implements MutatingFlow {
|
||||
|
||||
@Inject ResourceCommand resourceCommand;
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
@Inject @Config("contactAndHostRoidSuffix") String roidSuffix;
|
||||
public final class ContactCreateFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactCreateFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
if (FeatureFlag.isActiveNow(MINIMUM_DATASET_CONTACTS_PROHIBITED)) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
Create command = (Create) resourceCommand;
|
||||
DateTime now = tm().getTransactionTime();
|
||||
verifyResourceDoesNotExist(Contact.class, targetId, now, registrarId);
|
||||
Contact newContact =
|
||||
new Contact.Builder()
|
||||
.setContactId(targetId)
|
||||
.setAuthInfo(command.getAuthInfo())
|
||||
.setCreationRegistrarId(registrarId)
|
||||
.setPersistedCurrentSponsorRegistrarId(registrarId)
|
||||
.setRepoId(createRepoId(tm().allocateId(), roidSuffix))
|
||||
.setFaxNumber(command.getFax())
|
||||
.setVoiceNumber(command.getVoice())
|
||||
.setDisclose(command.getDisclose())
|
||||
.setEmailAddress(command.getEmail())
|
||||
.setInternationalizedPostalInfo(command.getInternationalizedPostalInfo())
|
||||
.setLocalizedPostalInfo(command.getLocalizedPostalInfo())
|
||||
.build();
|
||||
validateAsciiPostalInfo(newContact.getInternationalizedPostalInfo());
|
||||
validateContactAgainstPolicy(newContact);
|
||||
historyBuilder
|
||||
.setType(HistoryEntry.Type.CONTACT_CREATE)
|
||||
.setXmlBytes(null) // We don't want to store contact details in the history entry.
|
||||
.setContact(newContact);
|
||||
tm().insertAll(ImmutableSet.of(newContact, historyBuilder.build()));
|
||||
return responseBuilder
|
||||
.setResData(ContactCreateData.create(newContact.getContactId(), now))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,97 +14,20 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.DELETE_PROHIBITED_STATUSES;
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.checkLinkedDomains;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
|
||||
import static google.registry.model.ResourceTransferUtils.handlePendingTransferOnDelete;
|
||||
import static google.registry.model.eppoutput.Result.Code.SUCCESS;
|
||||
import static google.registry.model.transfer.TransferStatus.SERVER_CANCELLED;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.eppcommon.Trid;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.reporting.HistoryEntry.Type;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that deletes a contact.
|
||||
* An EPP flow that is meant to delete a contact.
|
||||
*
|
||||
* <p>Contacts that are in use by any domain cannot be deleted. The flow may return immediately if a
|
||||
* quick smoke check determines that deletion is impossible due to an existing reference. However, a
|
||||
* successful delete will always be asynchronous, as all existing domains must be checked for
|
||||
* references to the host before the deletion is allowed to proceed. A poll message will be written
|
||||
* with the success or failure message when the process is complete.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceToDeleteIsReferencedException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_DELETE)
|
||||
public final class ContactDeleteFlow implements MutatingFlow {
|
||||
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject Trid trid;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
|
||||
public final class ContactDeleteFlow extends ContactsProhibitedFlow {
|
||||
@Inject
|
||||
ContactDeleteFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
checkLinkedDomains(targetId, now, Contact.class);
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
verifyNoDisallowedStatuses(existingContact, ImmutableSet.of(StatusValue.PENDING_DELETE));
|
||||
if (!isSuperuser) {
|
||||
verifyNoDisallowedStatuses(existingContact, DELETE_PROHIBITED_STATUSES);
|
||||
verifyResourceOwnership(registrarId, existingContact);
|
||||
}
|
||||
// Handle pending transfers on contact deletion.
|
||||
Contact newContact =
|
||||
existingContact.getStatusValues().contains(StatusValue.PENDING_TRANSFER)
|
||||
? denyPendingTransfer(existingContact, SERVER_CANCELLED, now, registrarId)
|
||||
: existingContact;
|
||||
// Wipe out PII on contact deletion.
|
||||
newContact =
|
||||
newContact.asBuilder().wipeOut().setStatusValues(null).setDeletionTime(now).build();
|
||||
ContactHistory contactHistory =
|
||||
historyBuilder.setType(Type.CONTACT_DELETE).setContact(newContact).build();
|
||||
handlePendingTransferOnDelete(existingContact, newContact, now, contactHistory);
|
||||
tm().insert(contactHistory);
|
||||
tm().update(newContact);
|
||||
return responseBuilder.setResultFromCode(SUCCESS).build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,126 +0,0 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.model.contact.PostalInfo.Type.INTERNATIONALIZED;
|
||||
|
||||
import com.google.common.base.CharMatcher;
|
||||
import com.google.common.base.Preconditions;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.Sets;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.EppException.ParameterValuePolicyErrorException;
|
||||
import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactAddress;
|
||||
import google.registry.model.contact.PostalInfo;
|
||||
import google.registry.model.poll.PendingActionNotificationResponse.ContactPendingActionNotificationResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
|
||||
import google.registry.model.transfer.TransferData;
|
||||
import google.registry.model.transfer.TransferResponse.ContactTransferResponse;
|
||||
import java.util.Set;
|
||||
import javax.annotation.Nullable;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** Static utility functions for contact flows. */
|
||||
public class ContactFlowUtils {
|
||||
/** Check that an internationalized postal info has only ascii characters. */
|
||||
static void validateAsciiPostalInfo(@Nullable PostalInfo internationalized) throws EppException {
|
||||
if (internationalized != null) {
|
||||
Preconditions.checkState(INTERNATIONALIZED.equals(internationalized.getType()));
|
||||
ContactAddress address = internationalized.getAddress();
|
||||
Set<String> fields = Sets.newHashSet(
|
||||
internationalized.getName(),
|
||||
internationalized.getOrg(),
|
||||
address.getCity(),
|
||||
address.getCountryCode(),
|
||||
address.getState(),
|
||||
address.getZip());
|
||||
fields.addAll(address.getStreet());
|
||||
for (String field : fields) {
|
||||
if (field != null && !CharMatcher.ascii().matchesAllOf(field)) {
|
||||
throw new BadInternationalizedPostalInfoException();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/** Check contact's state against server policy. */
|
||||
static void validateContactAgainstPolicy(Contact contact) throws EppException {
|
||||
if (contact.getDisclose() != null && !contact.getDisclose().getFlag()) {
|
||||
throw new DeclineContactDisclosureFieldDisallowedPolicyException();
|
||||
}
|
||||
}
|
||||
|
||||
/** Create a poll message for the gaining client in a transfer. */
|
||||
static PollMessage createGainingTransferPollMessage(
|
||||
String targetId, TransferData transferData, DateTime now, HistoryEntryId contactHistoryId) {
|
||||
return new PollMessage.OneTime.Builder()
|
||||
.setRegistrarId(transferData.getGainingRegistrarId())
|
||||
.setEventTime(transferData.getPendingTransferExpirationTime())
|
||||
.setMsg(transferData.getTransferStatus().getMessage())
|
||||
.setResponseData(
|
||||
ImmutableList.of(
|
||||
createTransferResponse(targetId, transferData),
|
||||
ContactPendingActionNotificationResponse.create(
|
||||
targetId,
|
||||
transferData.getTransferStatus().isApproved(),
|
||||
transferData.getTransferRequestTrid(),
|
||||
now)))
|
||||
.setContactHistoryId(contactHistoryId)
|
||||
.build();
|
||||
}
|
||||
|
||||
/** Create a poll message for the losing client in a transfer. */
|
||||
static PollMessage createLosingTransferPollMessage(
|
||||
String targetId, TransferData transferData, HistoryEntryId contactHistoryId) {
|
||||
return new PollMessage.OneTime.Builder()
|
||||
.setRegistrarId(transferData.getLosingRegistrarId())
|
||||
.setEventTime(transferData.getPendingTransferExpirationTime())
|
||||
.setMsg(transferData.getTransferStatus().getMessage())
|
||||
.setResponseData(ImmutableList.of(createTransferResponse(targetId, transferData)))
|
||||
.setContactHistoryId(contactHistoryId)
|
||||
.build();
|
||||
}
|
||||
|
||||
/** Create a {@link ContactTransferResponse} off of the info in a {@link TransferData}. */
|
||||
static ContactTransferResponse createTransferResponse(
|
||||
String targetId, TransferData transferData) {
|
||||
return new ContactTransferResponse.Builder()
|
||||
.setContactId(targetId)
|
||||
.setGainingRegistrarId(transferData.getGainingRegistrarId())
|
||||
.setLosingRegistrarId(transferData.getLosingRegistrarId())
|
||||
.setPendingTransferExpirationTime(transferData.getPendingTransferExpirationTime())
|
||||
.setTransferRequestTime(transferData.getTransferRequestTime())
|
||||
.setTransferStatus(transferData.getTransferStatus())
|
||||
.build();
|
||||
}
|
||||
|
||||
/** Declining contact disclosure is disallowed by server policy. */
|
||||
static class DeclineContactDisclosureFieldDisallowedPolicyException
|
||||
extends ParameterValuePolicyErrorException {
|
||||
public DeclineContactDisclosureFieldDisallowedPolicyException() {
|
||||
super("Declining contact disclosure is disallowed by server policy.");
|
||||
}
|
||||
}
|
||||
|
||||
/** Internationalized postal infos can only contain ASCII characters. */
|
||||
static class BadInternationalizedPostalInfoException extends ParameterValueSyntaxErrorException {
|
||||
public BadInternationalizedPostalInfoException() {
|
||||
super("Internationalized postal infos can only contain ASCII characters");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -14,91 +14,20 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.model.EppResourceUtils.isLinked;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactInfoData;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.util.Clock;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that returns information about a contact.
|
||||
* An EPP flow that is meant to return information about a contact.
|
||||
*
|
||||
* <p>The response includes the contact's postal info, phone numbers, emails, the authInfo which can
|
||||
* be used to request a transfer and the details of the contact's most recent transfer if it has
|
||||
* ever been transferred. Any registrar can see any contact's information, but the authInfo is only
|
||||
* visible to the registrar that owns the contact or to a registrar that already supplied it.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_INFO)
|
||||
public final class ContactInfoFlow implements TransactionalFlow {
|
||||
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Clock clock;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
|
||||
public final class ContactInfoFlow extends ContactsProhibitedFlow {
|
||||
@Inject
|
||||
ContactInfoFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
DateTime now = clock.nowUtc();
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate(); // There are no legal extensions for this flow.
|
||||
Contact contact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
if (!isSuperuser) {
|
||||
verifyResourceOwnership(registrarId, contact);
|
||||
}
|
||||
boolean includeAuthInfo =
|
||||
registrarId.equals(contact.getCurrentSponsorRegistrarId()) || authInfo.isPresent();
|
||||
ImmutableSet.Builder<StatusValue> statusValues = new ImmutableSet.Builder<>();
|
||||
statusValues.addAll(contact.getStatusValues());
|
||||
if (isLinked(contact.createVKey(), now)) {
|
||||
statusValues.add(StatusValue.LINKED);
|
||||
}
|
||||
return responseBuilder
|
||||
.setResData(
|
||||
ContactInfoData.newBuilder()
|
||||
.setContactId(contact.getContactId())
|
||||
.setRepoId(contact.getRepoId())
|
||||
.setStatusValues(statusValues.build())
|
||||
.setPostalInfos(contact.getPostalInfosAsList())
|
||||
.setVoiceNumber(contact.getVoiceNumber())
|
||||
.setFaxNumber(contact.getFaxNumber())
|
||||
.setEmailAddress(contact.getEmailAddress())
|
||||
.setCurrentSponsorRegistrarId(contact.getCurrentSponsorRegistrarId())
|
||||
.setCreationRegistrarId(contact.getCreationRegistrarId())
|
||||
.setCreationTime(contact.getCreationTime())
|
||||
.setLastEppUpdateRegistrarId(contact.getLastEppUpdateRegistrarId())
|
||||
.setLastEppUpdateTime(contact.getLastEppUpdateTime())
|
||||
.setLastTransferTime(contact.getLastTransferTime())
|
||||
.setAuthInfo(includeAuthInfo ? contact.getAuthInfo() : null)
|
||||
.setDisclose(contact.getDisclose())
|
||||
.build())
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,92 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
import static google.registry.model.ResourceTransferUtils.approvePendingTransfer;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_APPROVE;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppinput.ResourceCommand;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that approves a pending transfer on a contact.
|
||||
* An EPP flow that is meant to approve a pending transfer on a contact.
|
||||
*
|
||||
* <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
|
||||
* losing registrar has a "transfer" time period to respond (by default five days) after which the
|
||||
* transfer is automatically approved. Within that window, this flow allows the losing client to
|
||||
* explicitly approve the transfer request, which then becomes effective immediately.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.exceptions.NotPendingTransferException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_TRANSFER_APPROVE)
|
||||
public final class ContactTransferApproveFlow implements MutatingFlow {
|
||||
|
||||
@Inject ResourceCommand resourceCommand;
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactTransferApproveFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactTransferApproveFlow() {}
|
||||
|
||||
/**
|
||||
* The logic in this flow, which handles client approvals, very closely parallels the logic in
|
||||
* {@link Contact#cloneProjectedAtTime} which handles implicit server approvals.
|
||||
*/
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
verifyHasPendingTransfer(existingContact);
|
||||
verifyResourceOwnership(registrarId, existingContact);
|
||||
Contact newContact =
|
||||
approvePendingTransfer(existingContact, TransferStatus.CLIENT_APPROVED, now);
|
||||
ContactHistory contactHistory =
|
||||
historyBuilder.setType(CONTACT_TRANSFER_APPROVE).setContact(newContact).build();
|
||||
// Create a poll message for the gaining client.
|
||||
PollMessage gainingPollMessage =
|
||||
createGainingTransferPollMessage(
|
||||
targetId, newContact.getTransferData(), now, contactHistory.getHistoryEntryId());
|
||||
tm().insertAll(ImmutableSet.of(contactHistory, gainingPollMessage));
|
||||
tm().update(newContact);
|
||||
// Delete the billing event and poll messages that were written in case the transfer would have
|
||||
// been implicitly server approved.
|
||||
tm().delete(existingContact.getTransferData().getServerApproveEntities());
|
||||
return responseBuilder
|
||||
.setResData(createTransferResponse(targetId, newContact.getTransferData()))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,88 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyTransferInitiator;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_CANCEL;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppinput.ResourceCommand;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that cancels a pending transfer on a contact.
|
||||
* An EPP flow that is meant to cancel a pending transfer on a contact.
|
||||
*
|
||||
* <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
|
||||
* losing registrar has a "transfer" time period to respond (by default five days) after which the
|
||||
* transfer is automatically approved. Within that window, this flow allows the gaining client to
|
||||
* withdraw the transfer request.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.exceptions.NotPendingTransferException}
|
||||
* @error {@link google.registry.flows.exceptions.NotTransferInitiatorException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_TRANSFER_CANCEL)
|
||||
public final class ContactTransferCancelFlow implements MutatingFlow {
|
||||
|
||||
@Inject ResourceCommand resourceCommand;
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactTransferCancelFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactTransferCancelFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
verifyHasPendingTransfer(existingContact);
|
||||
verifyTransferInitiator(registrarId, existingContact);
|
||||
Contact newContact =
|
||||
denyPendingTransfer(existingContact, TransferStatus.CLIENT_CANCELLED, now, registrarId);
|
||||
ContactHistory contactHistory =
|
||||
historyBuilder.setType(CONTACT_TRANSFER_CANCEL).setContact(newContact).build();
|
||||
// Create a poll message for the losing client.
|
||||
PollMessage losingPollMessage =
|
||||
createLosingTransferPollMessage(
|
||||
targetId, newContact.getTransferData(), contactHistory.getHistoryEntryId());
|
||||
tm().insertAll(ImmutableSet.of(contactHistory, losingPollMessage));
|
||||
tm().update(newContact);
|
||||
// Delete the billing event and poll messages that were written in case the transfer would have
|
||||
// been implicitly server approved.
|
||||
tm().delete(existingContact.getTransferData().getServerApproveEntities());
|
||||
return responseBuilder
|
||||
.setResData(createTransferResponse(targetId, newContact.getTransferData()))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,74 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.TransactionalFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.flows.exceptions.NoTransferHistoryToQueryException;
|
||||
import google.registry.flows.exceptions.NotAuthorizedToViewTransferException;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.util.Clock;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* An EPP flow that queries a pending transfer on a contact.
|
||||
* An EPP flow that is meant to query a pending transfer on a contact.
|
||||
*
|
||||
* <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
|
||||
* losing registrar has a "transfer" time period to respond (by default five days) after which the
|
||||
* transfer is automatically approved. This flow can be used by the gaining or losing registrars (or
|
||||
* anyone with the correct authId) to see the status of a transfer, which may still be pending or
|
||||
* may have been approved, rejected, cancelled or implicitly approved by virtue of the transfer
|
||||
* period expiring.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.exceptions.NoTransferHistoryToQueryException}
|
||||
* @error {@link google.registry.flows.exceptions.NotAuthorizedToViewTransferException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_TRANSFER_QUERY)
|
||||
public final class ContactTransferQueryFlow implements TransactionalFlow {
|
||||
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject Clock clock;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactTransferQueryFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactTransferQueryFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate(); // There are no legal extensions for this flow.
|
||||
Contact contact = loadAndVerifyExistence(Contact.class, targetId, clock.nowUtc());
|
||||
verifyOptionalAuthInfo(authInfo, contact);
|
||||
// Most of the fields on the transfer response are required, so there's no way to return valid
|
||||
// XML if the object has never been transferred (and hence the fields aren't populated).
|
||||
if (contact.getTransferData().getTransferStatus() == null) {
|
||||
throw new NoTransferHistoryToQueryException();
|
||||
}
|
||||
// Note that the authorization info on the command (if present) has already been verified. If
|
||||
// it's present, then the other checks are unnecessary.
|
||||
if (authInfo.isEmpty()
|
||||
&& !registrarId.equals(contact.getTransferData().getGainingRegistrarId())
|
||||
&& !registrarId.equals(contact.getTransferData().getLosingRegistrarId())) {
|
||||
throw new NotAuthorizedToViewTransferException();
|
||||
}
|
||||
return responseBuilder
|
||||
.setResData(createTransferResponse(targetId, contact.getTransferData()))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,85 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_REJECT;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that rejects a pending transfer on a contact.
|
||||
* An EPP flow that is meant to reject a pending transfer on a contact.
|
||||
*
|
||||
* <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
|
||||
* losing registrar has a "transfer" time period to respond (by default five days) after which the
|
||||
* transfer is automatically approved. Within that window, this flow allows the losing client to
|
||||
* reject the transfer request.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
|
||||
* @error {@link google.registry.flows.exceptions.NotPendingTransferException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_TRANSFER_REJECT)
|
||||
public final class ContactTransferRejectFlow implements MutatingFlow {
|
||||
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactTransferRejectFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactTransferRejectFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
verifyHasPendingTransfer(existingContact);
|
||||
verifyResourceOwnership(registrarId, existingContact);
|
||||
Contact newContact =
|
||||
denyPendingTransfer(existingContact, TransferStatus.CLIENT_REJECTED, now, registrarId);
|
||||
ContactHistory contactHistory =
|
||||
historyBuilder.setType(CONTACT_TRANSFER_REJECT).setContact(newContact).build();
|
||||
PollMessage gainingPollMessage =
|
||||
createGainingTransferPollMessage(
|
||||
targetId, newContact.getTransferData(), now, contactHistory.getHistoryEntryId());
|
||||
tm().insertAll(ImmutableSet.of(contactHistory, gainingPollMessage));
|
||||
tm().update(newContact);
|
||||
// Delete the billing event and poll messages that were written in case the transfer would have
|
||||
// been implicitly server approved.
|
||||
tm().delete(existingContact.getTransferData().getServerApproveEntities());
|
||||
return responseBuilder
|
||||
.setResData(createTransferResponse(targetId, newContact.getTransferData()))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,162 +14,20 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static google.registry.flows.FlowUtils.createHistoryEntryId;
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAuthInfoPresentForResourceTransfer;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
|
||||
import static google.registry.model.eppoutput.Result.Code.SUCCESS_WITH_ACTION_PENDING;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_REQUEST;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.flows.exceptions.AlreadyPendingTransferException;
|
||||
import google.registry.flows.exceptions.ObjectAlreadySponsoredException;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.eppcommon.Trid;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.model.transfer.ContactTransferData;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.Duration;
|
||||
|
||||
/**
|
||||
* An EPP flow that requests a transfer on a contact.
|
||||
* An EPP flow that is meant to request a transfer on a contact.
|
||||
*
|
||||
* <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
|
||||
* losing registrar has a "transfer" time period to respond (by default five days) after which the
|
||||
* transfer is automatically approved. Within that window, the transfer might be approved explicitly
|
||||
* by the losing registrar or rejected, and the gaining registrar can also cancel the transfer
|
||||
* request.
|
||||
*
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.exceptions.AlreadyPendingTransferException}
|
||||
* @error {@link google.registry.flows.exceptions.MissingTransferRequestAuthInfoException}
|
||||
* @error {@link google.registry.flows.exceptions.ObjectAlreadySponsoredException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
|
||||
* @error {@link ContactsProhibitedException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_TRANSFER_REQUEST)
|
||||
public final class ContactTransferRequestFlow implements MutatingFlow {
|
||||
|
||||
private static final ImmutableSet<StatusValue> DISALLOWED_STATUSES =
|
||||
ImmutableSet.of(
|
||||
StatusValue.CLIENT_TRANSFER_PROHIBITED,
|
||||
StatusValue.PENDING_DELETE,
|
||||
StatusValue.SERVER_TRANSFER_PROHIBITED);
|
||||
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @RegistrarId String gainingClientId;
|
||||
@Inject @TargetId String targetId;
|
||||
|
||||
@Inject
|
||||
@Config("contactAutomaticTransferLength")
|
||||
Duration automaticTransferLength;
|
||||
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject Trid trid;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
|
||||
public final class ContactTransferRequestFlow extends ContactsProhibitedFlow {
|
||||
@Inject
|
||||
ContactTransferRequestFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(gainingClientId);
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyAuthInfoPresentForResourceTransfer(authInfo);
|
||||
verifyAuthInfo(authInfo.get(), existingContact);
|
||||
// Verify that the resource does not already have a pending transfer.
|
||||
if (TransferStatus.PENDING.equals(existingContact.getTransferData().getTransferStatus())) {
|
||||
throw new AlreadyPendingTransferException(targetId);
|
||||
}
|
||||
String losingClientId = existingContact.getCurrentSponsorRegistrarId();
|
||||
// Verify that this client doesn't already sponsor this resource.
|
||||
if (gainingClientId.equals(losingClientId)) {
|
||||
throw new ObjectAlreadySponsoredException();
|
||||
}
|
||||
verifyNoDisallowedStatuses(existingContact, DISALLOWED_STATUSES);
|
||||
|
||||
DateTime transferExpirationTime = now.plus(automaticTransferLength);
|
||||
ContactTransferData serverApproveTransferData =
|
||||
new ContactTransferData.Builder()
|
||||
.setTransferRequestTime(now)
|
||||
.setTransferRequestTrid(trid)
|
||||
.setGainingRegistrarId(gainingClientId)
|
||||
.setLosingRegistrarId(losingClientId)
|
||||
.setPendingTransferExpirationTime(transferExpirationTime)
|
||||
.setTransferStatus(TransferStatus.SERVER_APPROVED)
|
||||
.build();
|
||||
HistoryEntryId contactHistoryId = createHistoryEntryId(existingContact);
|
||||
historyBuilder
|
||||
.setRevisionId(contactHistoryId.getRevisionId())
|
||||
.setType(CONTACT_TRANSFER_REQUEST);
|
||||
// If the transfer is server approved, this message will be sent to the losing registrar. */
|
||||
PollMessage serverApproveLosingPollMessage =
|
||||
createLosingTransferPollMessage(targetId, serverApproveTransferData, contactHistoryId);
|
||||
// If the transfer is server approved, this message will be sent to the gaining registrar. */
|
||||
PollMessage serverApproveGainingPollMessage =
|
||||
createGainingTransferPollMessage(
|
||||
targetId, serverApproveTransferData, now, contactHistoryId);
|
||||
ContactTransferData pendingTransferData =
|
||||
serverApproveTransferData
|
||||
.asBuilder()
|
||||
.setTransferStatus(TransferStatus.PENDING)
|
||||
.setServerApproveEntities(
|
||||
serverApproveGainingPollMessage.getContactRepoId(),
|
||||
contactHistoryId.getRevisionId(),
|
||||
ImmutableSet.of(
|
||||
serverApproveGainingPollMessage.createVKey(),
|
||||
serverApproveLosingPollMessage.createVKey()))
|
||||
.build();
|
||||
// When a transfer is requested, a poll message is created to notify the losing registrar.
|
||||
PollMessage requestPollMessage =
|
||||
createLosingTransferPollMessage(targetId, pendingTransferData, contactHistoryId)
|
||||
.asBuilder()
|
||||
.setEventTime(now) // Unlike the serverApprove messages, this applies immediately.
|
||||
.build();
|
||||
Contact newContact =
|
||||
existingContact
|
||||
.asBuilder()
|
||||
.setTransferData(pendingTransferData)
|
||||
.addStatusValue(StatusValue.PENDING_TRANSFER)
|
||||
.build();
|
||||
tm().update(newContact);
|
||||
tm().insertAll(
|
||||
ImmutableSet.of(
|
||||
historyBuilder.setContact(newContact).build(),
|
||||
requestPollMessage,
|
||||
serverApproveGainingPollMessage,
|
||||
serverApproveLosingPollMessage));
|
||||
return responseBuilder
|
||||
.setResultFromCode(SUCCESS_WITH_ACTION_PENDING)
|
||||
.setResData(createTransferResponse(targetId, newContact.getTransferData()))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,158 +14,19 @@
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import static com.google.common.collect.Sets.union;
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.checkSameValuesNotAddedAndRemoved;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAllStatusesAreClientSettable;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateAsciiPostalInfo;
|
||||
import static google.registry.flows.contact.ContactFlowUtils.validateContactAgainstPolicy;
|
||||
import static google.registry.model.common.FeatureFlag.FeatureName.MINIMUM_DATASET_CONTACTS_PROHIBITED;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_UPDATE;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.ExtensionManager;
|
||||
import google.registry.flows.FlowModule.RegistrarId;
|
||||
import google.registry.flows.FlowModule.Superuser;
|
||||
import google.registry.flows.FlowModule.TargetId;
|
||||
import google.registry.flows.MutatingFlow;
|
||||
import google.registry.flows.annotations.ReportingSpec;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedException;
|
||||
import google.registry.model.common.FeatureFlag;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactCommand.Update;
|
||||
import google.registry.model.contact.ContactCommand.Update.Change;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.contact.PostalInfo;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.eppinput.ResourceCommand;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
import javax.annotation.Nullable;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* An EPP flow that updates a contact.
|
||||
* An EPP flow meant to update a contact.
|
||||
*
|
||||
* @error {@link ContactsProhibitedException}
|
||||
* @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.AddRemoveSameValueException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
|
||||
* @error {@link google.registry.flows.ResourceFlowUtils.StatusNotClientSettableException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
|
||||
* @error {@link ContactFlowUtils.BadInternationalizedPostalInfoException}
|
||||
* @error {@link ContactFlowUtils.DeclineContactDisclosureFieldDisallowedPolicyException}
|
||||
*/
|
||||
@Deprecated
|
||||
@ReportingSpec(ActivityReportField.CONTACT_UPDATE)
|
||||
public final class ContactUpdateFlow implements MutatingFlow {
|
||||
|
||||
/**
|
||||
* Note that CLIENT_UPDATE_PROHIBITED is intentionally not in this list. This is because it
|
||||
* requires special checking, since you must be able to clear the status off the object with an
|
||||
* update.
|
||||
*/
|
||||
private static final ImmutableSet<StatusValue> DISALLOWED_STATUSES = ImmutableSet.of(
|
||||
StatusValue.PENDING_DELETE,
|
||||
StatusValue.SERVER_UPDATE_PROHIBITED);
|
||||
|
||||
@Inject ResourceCommand resourceCommand;
|
||||
@Inject ExtensionManager extensionManager;
|
||||
@Inject Optional<AuthInfo> authInfo;
|
||||
@Inject @RegistrarId String registrarId;
|
||||
@Inject @TargetId String targetId;
|
||||
@Inject @Superuser boolean isSuperuser;
|
||||
@Inject ContactHistory.Builder historyBuilder;
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
public final class ContactUpdateFlow extends ContactsProhibitedFlow {
|
||||
@Inject ContactUpdateFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
extensionManager.register(MetadataExtension.class);
|
||||
validateRegistrarIsLoggedIn(registrarId);
|
||||
extensionManager.validate();
|
||||
if (FeatureFlag.isActiveNow(MINIMUM_DATASET_CONTACTS_PROHIBITED)) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
Update command = (Update) resourceCommand;
|
||||
DateTime now = tm().getTransactionTime();
|
||||
Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
|
||||
verifyOptionalAuthInfo(authInfo, existingContact);
|
||||
ImmutableSet<StatusValue> statusToRemove = command.getInnerRemove().getStatusValues();
|
||||
ImmutableSet<StatusValue> statusesToAdd = command.getInnerAdd().getStatusValues();
|
||||
if (!isSuperuser) { // The superuser can update any contact and set any status.
|
||||
verifyResourceOwnership(registrarId, existingContact);
|
||||
verifyAllStatusesAreClientSettable(union(statusesToAdd, statusToRemove));
|
||||
}
|
||||
verifyNoDisallowedStatuses(existingContact, DISALLOWED_STATUSES);
|
||||
checkSameValuesNotAddedAndRemoved(statusesToAdd, statusToRemove);
|
||||
Contact.Builder builder = existingContact.asBuilder();
|
||||
Change change = command.getInnerChange();
|
||||
// The spec requires the following behaviors:
|
||||
// * If you update part of a postal info, the fields that you didn't update are unchanged.
|
||||
// * If you update one postal info but not the other, the other is deleted.
|
||||
// Therefore, if you want to preserve one postal info and update another you need to send the
|
||||
// update and also something that technically updates the preserved one, even if it only
|
||||
// "updates" it by setting just one field to the same value.
|
||||
PostalInfo internationalized = change.getInternationalizedPostalInfo();
|
||||
PostalInfo localized = change.getLocalizedPostalInfo();
|
||||
if (internationalized != null) {
|
||||
builder.overlayInternationalizedPostalInfo(internationalized);
|
||||
if (localized == null) {
|
||||
builder.setLocalizedPostalInfo(null);
|
||||
}
|
||||
}
|
||||
if (localized != null) {
|
||||
builder.overlayLocalizedPostalInfo(localized);
|
||||
if (internationalized == null) {
|
||||
builder.setInternationalizedPostalInfo(null);
|
||||
}
|
||||
}
|
||||
Contact newContact =
|
||||
builder
|
||||
.setLastEppUpdateTime(now)
|
||||
.setLastEppUpdateRegistrarId(registrarId)
|
||||
.setAuthInfo(preferFirst(change.getAuthInfo(), existingContact.getAuthInfo()))
|
||||
.setDisclose(preferFirst(change.getDisclose(), existingContact.getDisclose()))
|
||||
.setEmailAddress(preferFirst(change.getEmail(), existingContact.getEmailAddress()))
|
||||
.setFaxNumber(preferFirst(change.getFax(), existingContact.getFaxNumber()))
|
||||
.setVoiceNumber(preferFirst(change.getVoice(), existingContact.getVoiceNumber()))
|
||||
.addStatusValues(statusesToAdd)
|
||||
.removeStatusValues(statusToRemove)
|
||||
.build();
|
||||
// If the resource is marked with clientUpdateProhibited, and this update did not clear that
|
||||
// status, then the update must be disallowed (unless a superuser is requesting the change).
|
||||
if (!isSuperuser
|
||||
&& existingContact.getStatusValues().contains(StatusValue.CLIENT_UPDATE_PROHIBITED)
|
||||
&& newContact.getStatusValues().contains(StatusValue.CLIENT_UPDATE_PROHIBITED)) {
|
||||
throw new ResourceHasClientUpdateProhibitedException();
|
||||
}
|
||||
validateAsciiPostalInfo(newContact.getInternationalizedPostalInfo());
|
||||
validateContactAgainstPolicy(newContact);
|
||||
historyBuilder
|
||||
.setType(CONTACT_UPDATE)
|
||||
.setXmlBytes(null) // We don't want to store contact details in the history entry.
|
||||
.setContact(newContact);
|
||||
tm().insert(historyBuilder.build());
|
||||
tm().update(newContact);
|
||||
return responseBuilder.build();
|
||||
}
|
||||
|
||||
/** Return the first non-null param, or null if both are null. */
|
||||
@Nullable
|
||||
private static <T> T preferFirst(@Nullable T a, @Nullable T b) {
|
||||
return a != null ? a : b;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.flows.contact;
|
||||
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.Flow;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
|
||||
/** Nomulus follows the Minimum Dataset Requirements, meaning it stores no contact information. */
|
||||
public abstract class ContactsProhibitedFlow implements Flow {
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
}
|
||||
@@ -88,6 +88,7 @@ import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import org.joda.money.CurrencyUnit;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
@@ -298,11 +299,13 @@ public final class DomainCheckFlow implements TransactionalFlow {
|
||||
|
||||
boolean shouldUseTieredPricingPromotion =
|
||||
RegistryConfig.getTieredPricingPromotionRegistrarIds().contains(registrarId);
|
||||
ImmutableSet.Builder<CurrencyUnit> currenciesBuilder = new ImmutableSet.Builder<>();
|
||||
for (FeeCheckCommandExtensionItem feeCheckItem : feeCheck.getItems()) {
|
||||
for (String domainName : getDomainNamesToCheckForFee(feeCheckItem, domainNames.keySet())) {
|
||||
FeeCheckResponseExtensionItem.Builder<?> builder = feeCheckItem.createResponseBuilder();
|
||||
Optional<Domain> domain = Optional.ofNullable(domainObjs.get(domainName));
|
||||
Tld tld = Tld.get(domainNames.get(domainName).parent().toString());
|
||||
currenciesBuilder.add(tld.getCurrency());
|
||||
Optional<AllocationToken> token;
|
||||
try {
|
||||
// The precise token to use for this fee request may vary based on the domain or even the
|
||||
@@ -385,7 +388,8 @@ public final class DomainCheckFlow implements TransactionalFlow {
|
||||
responseItems.add(builder.setDomainNameIfSupported(domainName).build());
|
||||
}
|
||||
}
|
||||
return ImmutableList.of(feeCheck.createResponse(responseItems.build()));
|
||||
return ImmutableList.of(
|
||||
feeCheck.createResponse(responseItems.build(), currenciesBuilder.build()));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -108,7 +108,8 @@ public final class DomainClaimsCheckFlow implements TransactionalFlow {
|
||||
verifyClaimsPeriodNotEnded(tld, now);
|
||||
}
|
||||
}
|
||||
Optional<String> claimKey = ClaimsListDao.get().getClaimKey(parsedDomain.parts().get(0));
|
||||
Optional<String> claimKey =
|
||||
ClaimsListDao.get(tldStr).getClaimKey(parsedDomain.parts().get(0));
|
||||
launchChecksBuilder.add(
|
||||
LaunchCheck.create(
|
||||
LaunchCheckName.create(claimKey.isPresent(), domainName), claimKey.orElse(null)));
|
||||
|
||||
@@ -167,7 +167,6 @@ import org.joda.time.Duration;
|
||||
* @error {@link DomainFlowUtils.DomainLabelBlockedByBsaException}
|
||||
* @error {@link DomainFlowUtils.DomainLabelTooLongException}
|
||||
* @error {@link DomainFlowUtils.DomainReservedException}
|
||||
* @error {@link DomainFlowUtils.DuplicateContactForRoleException}
|
||||
* @error {@link DomainFlowUtils.EmptyDomainNamePartException}
|
||||
* @error {@link DomainFlowUtils.ExceedsMaxRegistrationYearsException}
|
||||
* @error {@link DomainFlowUtils.ExpiredClaimException}
|
||||
@@ -188,7 +187,6 @@ import org.joda.time.Duration;
|
||||
* @error {@link DomainFlowUtils.MaxSigLifeNotSupportedException}
|
||||
* @error {@link DomainFlowUtils.MissingBillingAccountMapException}
|
||||
* @error {@link DomainFlowUtils.MissingClaimsNoticeException}
|
||||
* @error {@link DomainFlowUtils.MissingContactTypeException}
|
||||
* @error {@link DomainFlowUtils.NameserversNotAllowedForTldException}
|
||||
* @error {@link DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverAllowListException}
|
||||
* @error {@link DomainFlowUtils.PremiumNameBlockedException}
|
||||
@@ -221,7 +219,8 @@ public final class DomainCreateFlow implements MutatingFlow {
|
||||
@Inject DomainPricingLogic pricingLogic;
|
||||
@Inject DomainDeletionTimeCache domainDeletionTimeCache;
|
||||
|
||||
@Inject DomainCreateFlow() {}
|
||||
@Inject
|
||||
DomainCreateFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
@@ -280,7 +279,7 @@ public final class DomainCreateFlow implements MutatingFlow {
|
||||
checkAllowedAccessToTld(registrarId, tld.getTldStr());
|
||||
checkHasBillingAccount(registrarId, tld.getTldStr());
|
||||
boolean isValidReservedCreate = isValidReservedCreate(domainName, allocationToken);
|
||||
ClaimsList claimsList = ClaimsListDao.get();
|
||||
ClaimsList claimsList = ClaimsListDao.get(tld.getTldStr());
|
||||
verifyIsGaOrSpecialCase(
|
||||
tld,
|
||||
claimsList,
|
||||
@@ -312,7 +311,8 @@ public final class DomainCreateFlow implements MutatingFlow {
|
||||
// at this point so that we can verify it before the "after validation" extension point.
|
||||
signedMarkId =
|
||||
tmchUtils
|
||||
.verifySignedMarks(launchCreate.get().getSignedMarks(), domainLabel, now)
|
||||
.verifySignedMarks(
|
||||
tld.getTldStr(), launchCreate.get().getSignedMarks(), domainLabel, now)
|
||||
.getId();
|
||||
}
|
||||
verifyNotBlockedByBsa(domainName, tld, now, allocationToken);
|
||||
@@ -377,12 +377,10 @@ public final class DomainCreateFlow implements MutatingFlow {
|
||||
.setLaunchNotice(hasClaimsNotice ? launchCreate.get().getNotice() : null)
|
||||
.setSmdId(signedMarkId)
|
||||
.setDsData(secDnsCreate.map(SecDnsCreateExtension::getDsData).orElse(null))
|
||||
.setRegistrant(command.getRegistrant())
|
||||
.setAuthInfo(command.getAuthInfo())
|
||||
.setDomainName(targetId)
|
||||
.setNameservers(command.getNameservers().stream().collect(toImmutableSet()))
|
||||
.setStatusValues(statuses)
|
||||
.setContacts(command.getContacts())
|
||||
.addGracePeriod(
|
||||
GracePeriod.forBillingEvent(GracePeriodStatus.ADD, repoId, createBillingEvent))
|
||||
.setLordnPhase(
|
||||
|
||||
@@ -55,7 +55,7 @@ public final class DomainFlowTmchUtils {
|
||||
}
|
||||
|
||||
public SignedMark verifySignedMarks(
|
||||
ImmutableList<AbstractSignedMark> signedMarks, String domainLabel, DateTime now)
|
||||
String tld, ImmutableList<AbstractSignedMark> signedMarks, String domainLabel, DateTime now)
|
||||
throws EppException {
|
||||
if (signedMarks.size() > 1) {
|
||||
throw new TooManySignedMarksException();
|
||||
@@ -64,7 +64,7 @@ public final class DomainFlowTmchUtils {
|
||||
throw new SignedMarksMustBeEncodedException();
|
||||
}
|
||||
SignedMark signedMark =
|
||||
verifyEncodedSignedMark((EncodedSignedMark) signedMarks.get(0), now);
|
||||
verifyEncodedSignedMark(tld, (EncodedSignedMark) signedMarks.get(0), now);
|
||||
return verifySignedMarkValidForDomainLabel(signedMark, domainLabel);
|
||||
}
|
||||
|
||||
@@ -76,8 +76,9 @@ public final class DomainFlowTmchUtils {
|
||||
return signedMark;
|
||||
}
|
||||
|
||||
public SignedMark verifyEncodedSignedMark(EncodedSignedMark encodedSignedMark, DateTime now)
|
||||
throws EppException {
|
||||
// TODO(b/412715713): remove the tld parameter when RST completes.
|
||||
public SignedMark verifyEncodedSignedMark(
|
||||
String tld, EncodedSignedMark encodedSignedMark, DateTime now) throws EppException {
|
||||
if (!encodedSignedMark.getEncoding().equals("base64")) {
|
||||
throw new Base64RequiredForEncodedSignedMarksException();
|
||||
}
|
||||
@@ -95,7 +96,7 @@ public final class DomainFlowTmchUtils {
|
||||
throw new SignedMarkParsingErrorException();
|
||||
}
|
||||
|
||||
if (SignedMarkRevocationList.get().isSmdRevoked(signedMark.getId(), now)) {
|
||||
if (SignedMarkRevocationList.get(tld).isSmdRevoked(signedMark.getId(), now)) {
|
||||
throw new SignedMarkRevokedErrorException();
|
||||
}
|
||||
|
||||
@@ -156,7 +157,8 @@ public final class DomainFlowTmchUtils {
|
||||
}
|
||||
|
||||
/** The provided mark does not match the desired domain label. */
|
||||
static class NoMarksFoundMatchingDomainException extends RequiredParameterMissingException {
|
||||
public static class NoMarksFoundMatchingDomainException
|
||||
extends RequiredParameterMissingException {
|
||||
public NoMarksFoundMatchingDomainException() {
|
||||
super("The provided mark does not match the desired domain label");
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@ import static com.google.common.base.Preconditions.checkState;
|
||||
import static com.google.common.base.Strings.emptyToNull;
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
import static com.google.common.collect.ImmutableMap.toImmutableMap;
|
||||
import static com.google.common.collect.ImmutableSetMultimap.toImmutableSetMultimap;
|
||||
import static com.google.common.collect.Sets.difference;
|
||||
import static com.google.common.collect.Sets.intersection;
|
||||
import static com.google.common.collect.Sets.union;
|
||||
@@ -45,10 +44,8 @@ import static google.registry.util.DateTimeUtils.END_OF_TIME;
|
||||
import static google.registry.util.DateTimeUtils.isAtOrAfter;
|
||||
import static google.registry.util.DateTimeUtils.leapSafeAddYears;
|
||||
import static google.registry.util.DomainNameUtils.ACE_PREFIX;
|
||||
import static java.util.Comparator.comparing;
|
||||
import static java.util.stream.Collectors.joining;
|
||||
|
||||
import com.google.common.base.Ascii;
|
||||
import com.google.common.base.CharMatcher;
|
||||
import com.google.common.base.Joiner;
|
||||
import com.google.common.base.Splitter;
|
||||
@@ -57,9 +54,6 @@ import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableMultimap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Maps;
|
||||
import com.google.common.collect.Multimap;
|
||||
import com.google.common.collect.Multimaps;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.google.common.collect.Streams;
|
||||
import com.google.common.net.InternetDomainName;
|
||||
@@ -73,22 +67,17 @@ import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
|
||||
import google.registry.flows.EppException.RequiredParameterMissingException;
|
||||
import google.registry.flows.EppException.StatusProhibitsOperationException;
|
||||
import google.registry.flows.EppException.UnimplementedOptionException;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedException;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.billing.BillingBase.Flag;
|
||||
import google.registry.model.billing.BillingBase.Reason;
|
||||
import google.registry.model.billing.BillingRecurrence;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.DesignatedContact;
|
||||
import google.registry.model.domain.DesignatedContact.Type;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainCommand.Create;
|
||||
import google.registry.model.domain.DomainCommand.CreateOrUpdate;
|
||||
import google.registry.model.domain.DomainCommand.InvalidReferencesException;
|
||||
import google.registry.model.domain.DomainCommand.Update;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.domain.ForeignKeyedDesignatedContact;
|
||||
import google.registry.model.domain.Period;
|
||||
import google.registry.model.domain.Period.Unit;
|
||||
import google.registry.model.domain.fee.BaseFee;
|
||||
@@ -133,10 +122,8 @@ import google.registry.tldconfig.idn.IdnLabelValidator;
|
||||
import google.registry.tools.DigestType;
|
||||
import google.registry.util.Idn;
|
||||
import java.math.BigDecimal;
|
||||
import java.util.Collection;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
@@ -218,7 +205,7 @@ public class DomainFlowUtils {
|
||||
return domainName;
|
||||
}
|
||||
|
||||
private static void validateFirstLabel(String firstLabel) throws EppException {
|
||||
public static void validateFirstLabel(String firstLabel) throws EppException {
|
||||
if (firstLabel.length() > MAX_LABEL_SIZE) {
|
||||
throw new DomainLabelTooLongException();
|
||||
}
|
||||
@@ -405,22 +392,11 @@ public class DomainFlowUtils {
|
||||
return period;
|
||||
}
|
||||
|
||||
/** Verify that no linked resources have disallowed statuses. */
|
||||
static void verifyNotInPendingDelete(
|
||||
Set<DesignatedContact> contacts,
|
||||
Optional<VKey<Contact>> registrant,
|
||||
Set<VKey<Host>> nameservers)
|
||||
throws EppException {
|
||||
ImmutableList.Builder<VKey<? extends EppResource>> keysToLoad = new ImmutableList.Builder<>();
|
||||
contacts.stream().map(DesignatedContact::getContactKey).forEach(keysToLoad::add);
|
||||
registrant.ifPresent(keysToLoad::add);
|
||||
keysToLoad.addAll(nameservers);
|
||||
verifyNotInPendingDelete(EppResource.loadByCacheIfEnabled(keysToLoad.build()).values());
|
||||
}
|
||||
|
||||
private static void verifyNotInPendingDelete(Iterable<EppResource> resources)
|
||||
throws EppException {
|
||||
for (EppResource resource : resources) {
|
||||
/** Verify that no linked nameservers have disallowed statuses. */
|
||||
static void verifyNotInPendingDelete(ImmutableSet<VKey<Host>> nameservers)
|
||||
throws StatusProhibitsOperationException {
|
||||
for (EppResource resource :
|
||||
EppResource.loadByCacheIfEnabled(ImmutableSet.copyOf(nameservers)).values()) {
|
||||
if (resource.getStatusValues().contains(StatusValue.PENDING_DELETE)) {
|
||||
throw new LinkedResourceInPendingDeleteProhibitsOperationException(
|
||||
resource.getForeignKey());
|
||||
@@ -428,15 +404,6 @@ public class DomainFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
static void validateContactsHaveTypes(Set<DesignatedContact> contacts)
|
||||
throws ParameterValuePolicyErrorException {
|
||||
for (DesignatedContact contact : contacts) {
|
||||
if (contact.getType() == null) {
|
||||
throw new MissingContactTypeException();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static void validateNameserversCountForTld(String tld, InternetDomainName domainName, int count)
|
||||
throws EppException {
|
||||
// For TLDs with a nameserver allow list, all domains must have at least 1 nameserver.
|
||||
@@ -451,66 +418,6 @@ public class DomainFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
static void validateNoDuplicateContacts(Set<DesignatedContact> contacts)
|
||||
throws ParameterValuePolicyErrorException {
|
||||
ImmutableMultimap<Type, VKey<Contact>> contactsByType =
|
||||
contacts.stream()
|
||||
.collect(
|
||||
toImmutableSetMultimap(
|
||||
DesignatedContact::getType, DesignatedContact::getContactKey));
|
||||
|
||||
// If any contact type has multiple contacts:
|
||||
if (contactsByType.asMap().values().stream().anyMatch(v -> v.size() > 1)) {
|
||||
// Find the duplicates.
|
||||
Map<Type, Collection<VKey<Contact>>> dupeKeysMap =
|
||||
Maps.filterEntries(contactsByType.asMap(), e -> e.getValue().size() > 1);
|
||||
ImmutableList<VKey<Contact>> dupeKeys =
|
||||
dupeKeysMap.values().stream().flatMap(Collection::stream).collect(toImmutableList());
|
||||
// Load the duplicates in one batch.
|
||||
Map<VKey<? extends Contact>, Contact> dupeContacts = tm().loadByKeys(dupeKeys);
|
||||
ImmutableMultimap.Builder<Type, VKey<Contact>> typesMap = new ImmutableMultimap.Builder<>();
|
||||
dupeKeysMap.forEach(typesMap::putAll);
|
||||
// Create an error message showing the type and contact IDs of the duplicates.
|
||||
throw new DuplicateContactForRoleException(
|
||||
Multimaps.transformValues(typesMap.build(), key -> dupeContacts.get(key).getContactId()));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Enforces the presence/absence of contact data on domain creates depending on the minimum data
|
||||
* set migration schedule.
|
||||
*/
|
||||
static void validateCreateContactData(
|
||||
Optional<VKey<Contact>> registrant, Set<DesignatedContact> contacts)
|
||||
throws ParameterValuePolicyErrorException {
|
||||
if (registrant.isPresent()) {
|
||||
throw new RegistrantProhibitedException();
|
||||
}
|
||||
if (!contacts.isEmpty()) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Enforces the presence/absence of contact data on domain updates depending on the minimum data
|
||||
* set migration schedule.
|
||||
*/
|
||||
static void validateUpdateContactData(
|
||||
Optional<VKey<Contact>> existingRegistrant,
|
||||
Optional<VKey<Contact>> newRegistrant,
|
||||
Set<DesignatedContact> existingContacts,
|
||||
Set<DesignatedContact> newContacts)
|
||||
throws ParameterValuePolicyErrorException {
|
||||
// Throw if the update specifies a new registrant that is different from the existing one.
|
||||
if (newRegistrant.isPresent() && !newRegistrant.equals(existingRegistrant)) {
|
||||
throw new RegistrantProhibitedException();
|
||||
}
|
||||
// Throw if the update specifies any new contacts that weren't already present on the domain.
|
||||
if (!Sets.difference(newContacts, existingContacts).isEmpty()) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
}
|
||||
|
||||
static void validateNameserversAllowedOnTld(String tld, Set<String> fullyQualifiedHostNames)
|
||||
throws EppException {
|
||||
ImmutableSet<String> allowedHostNames = Tld.get(tld).getAllowedFullyQualifiedHostNames();
|
||||
@@ -976,23 +883,21 @@ public class DomainFlowUtils {
|
||||
throw new UrgentAttributeNotSupportedException();
|
||||
}
|
||||
// There must be at least one of add/rem/chg, and chg isn't actually supported.
|
||||
if (secDnsUpdate.getChange() != null) {
|
||||
if (secDnsUpdate.getChange().isPresent()) {
|
||||
// The only thing you can change is maxSigLife, and we don't support that at all.
|
||||
throw new MaxSigLifeChangeNotSupportedException();
|
||||
}
|
||||
Add add = secDnsUpdate.getAdd();
|
||||
Remove remove = secDnsUpdate.getRemove();
|
||||
if (add == null && remove == null) {
|
||||
Optional<Add> add = secDnsUpdate.getAdd();
|
||||
Optional<Remove> remove = secDnsUpdate.getRemove();
|
||||
if (add.isEmpty() && remove.isEmpty()) {
|
||||
throw new EmptySecDnsUpdateException();
|
||||
}
|
||||
if (remove != null && Boolean.FALSE.equals(remove.getAll())) {
|
||||
if (remove.isPresent() && Boolean.FALSE.equals(remove.get().getAll())) {
|
||||
throw new SecDnsAllUsageException(); // Explicit all=false is meaningless.
|
||||
}
|
||||
Set<DomainDsData> toAdd = (add == null) ? ImmutableSet.of() : add.getDsData();
|
||||
Set<DomainDsData> toAdd = add.map(Add::getDsData).orElse(ImmutableSet.of());
|
||||
Set<DomainDsData> toRemove =
|
||||
(remove == null)
|
||||
? ImmutableSet.of()
|
||||
: (remove.getAll() == null) ? remove.getDsData() : oldDsData;
|
||||
remove.map(r -> (r.getAll() == null) ? r.getDsData() : oldDsData).orElse(ImmutableSet.of());
|
||||
// RFC 5910 specifies that removes are processed before adds.
|
||||
return ImmutableSet.copyOf(union(difference(oldDsData, toRemove), toAdd));
|
||||
}
|
||||
@@ -1034,12 +939,8 @@ public class DomainFlowUtils {
|
||||
/** Validate the contacts and nameservers specified in a domain create command. */
|
||||
static void validateCreateCommandContactsAndNameservers(
|
||||
Create command, Tld tld, InternetDomainName domainName) throws EppException {
|
||||
verifyNotInPendingDelete(
|
||||
command.getContacts(), command.getRegistrant(), command.getNameservers());
|
||||
validateContactsHaveTypes(command.getContacts());
|
||||
verifyNotInPendingDelete(command.getNameservers());
|
||||
String tldStr = tld.getTldStr();
|
||||
validateNoDuplicateContacts(command.getContacts());
|
||||
validateCreateContactData(command.getRegistrant(), command.getContacts());
|
||||
ImmutableSet<String> hostNames = command.getNameserverHostNames();
|
||||
validateNameserversCountForTld(tldStr, domainName, hostNames.size());
|
||||
validateNameserversAllowedOnTld(tldStr, hostNames);
|
||||
@@ -1145,17 +1046,6 @@ public class DomainFlowUtils {
|
||||
.build();
|
||||
}
|
||||
|
||||
static ImmutableSet<ForeignKeyedDesignatedContact> loadForeignKeyedDesignatedContacts(
|
||||
ImmutableSet<DesignatedContact> contacts) {
|
||||
ImmutableSet.Builder<ForeignKeyedDesignatedContact> builder = new ImmutableSet.Builder<>();
|
||||
for (DesignatedContact contact : contacts) {
|
||||
builder.add(
|
||||
ForeignKeyedDesignatedContact.create(
|
||||
contact.getType(), tm().loadByKey(contact.getContactKey()).getContactId()));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a set of DomainTransactionRecords which negate the most recent HistoryEntry's records.
|
||||
*
|
||||
@@ -1240,49 +1130,49 @@ public class DomainFlowUtils {
|
||||
}
|
||||
|
||||
/** Domain names can only contain a-z, 0-9, '.' and '-'. */
|
||||
static class BadDomainNameCharacterException extends ParameterValuePolicyErrorException {
|
||||
static class BadDomainNameCharacterException extends ParameterValueSyntaxErrorException {
|
||||
public BadDomainNameCharacterException() {
|
||||
super("Domain names can only contain a-z, 0-9, '.' and '-'");
|
||||
}
|
||||
}
|
||||
|
||||
/** Non-IDN domain names cannot contain hyphens in the third or fourth position. */
|
||||
static class DashesInThirdAndFourthException extends ParameterValuePolicyErrorException {
|
||||
static class DashesInThirdAndFourthException extends ParameterValueSyntaxErrorException {
|
||||
public DashesInThirdAndFourthException() {
|
||||
super("Non-IDN domain names cannot contain dashes in the third or fourth position");
|
||||
}
|
||||
}
|
||||
|
||||
/** Domain labels cannot begin with a dash. */
|
||||
static class LeadingDashException extends ParameterValuePolicyErrorException {
|
||||
static class LeadingDashException extends ParameterValueSyntaxErrorException {
|
||||
public LeadingDashException() {
|
||||
super("Domain labels cannot begin with a dash");
|
||||
}
|
||||
}
|
||||
|
||||
/** Domain labels cannot end with a dash. */
|
||||
static class TrailingDashException extends ParameterValuePolicyErrorException {
|
||||
static class TrailingDashException extends ParameterValueSyntaxErrorException {
|
||||
public TrailingDashException() {
|
||||
super("Domain labels cannot end with a dash");
|
||||
}
|
||||
}
|
||||
|
||||
/** Domain labels cannot be longer than 63 characters. */
|
||||
static class DomainLabelTooLongException extends ParameterValuePolicyErrorException {
|
||||
static class DomainLabelTooLongException extends ParameterValueSyntaxErrorException {
|
||||
public DomainLabelTooLongException() {
|
||||
super("Domain labels cannot be longer than 63 characters");
|
||||
}
|
||||
}
|
||||
|
||||
/** No part of a domain name can be empty. */
|
||||
static class EmptyDomainNamePartException extends ParameterValuePolicyErrorException {
|
||||
static class EmptyDomainNamePartException extends ParameterValueSyntaxErrorException {
|
||||
public EmptyDomainNamePartException() {
|
||||
super("No part of a domain name can be empty");
|
||||
}
|
||||
}
|
||||
|
||||
/** Domain name starts with xn-- but is not a valid IDN. */
|
||||
static class InvalidPunycodeException extends ParameterValuePolicyErrorException {
|
||||
static class InvalidPunycodeException extends ParameterValueSyntaxErrorException {
|
||||
public InvalidPunycodeException() {
|
||||
super("Domain name starts with xn-- but is not a valid IDN");
|
||||
}
|
||||
@@ -1295,32 +1185,6 @@ public class DomainFlowUtils {
|
||||
}
|
||||
}
|
||||
|
||||
/** Missing type attribute for contact. */
|
||||
static class MissingContactTypeException extends ParameterValuePolicyErrorException {
|
||||
public MissingContactTypeException() {
|
||||
super("Missing type attribute for contact");
|
||||
}
|
||||
}
|
||||
|
||||
/** More than one contact for a given role is not allowed. */
|
||||
static class DuplicateContactForRoleException extends ParameterValuePolicyErrorException {
|
||||
|
||||
public DuplicateContactForRoleException(Multimap<Type, String> dupeContactsByType) {
|
||||
super(
|
||||
String.format(
|
||||
"More than one contact for a given role is not allowed: %s",
|
||||
dupeContactsByType.asMap().entrySet().stream()
|
||||
.sorted(comparing(e -> e.getKey().name()))
|
||||
.map(
|
||||
e ->
|
||||
String.format(
|
||||
"role [%s] has contacts [%s]",
|
||||
Ascii.toLowerCase(e.getKey().name()),
|
||||
e.getValue().stream().sorted().collect(joining(", "))))
|
||||
.collect(joining(", "))));
|
||||
}
|
||||
}
|
||||
|
||||
/** Declared launch extension phase does not match the current registry phase. */
|
||||
static class LaunchPhaseMismatchException extends ParameterValuePolicyErrorException {
|
||||
public LaunchPhaseMismatchException() {
|
||||
@@ -1357,7 +1221,7 @@ public class DomainFlowUtils {
|
||||
}
|
||||
|
||||
/** Having a registrant is prohibited by registry policy. */
|
||||
static class RegistrantProhibitedException extends ParameterValuePolicyErrorException {
|
||||
public static class RegistrantProhibitedException extends ParameterValuePolicyErrorException {
|
||||
public RegistrantProhibitedException() {
|
||||
super("Having a registrant is prohibited by registry policy");
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@ import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.addSecDnsExtensionIfPresent;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.handleFeeRequest;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.loadForeignKeyedDesignatedContacts;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
@@ -126,15 +125,11 @@ public final class DomainInfoFlow implements MutatingFlow {
|
||||
.setLastEppUpdateTime(domain.getLastEppUpdateTime())
|
||||
.setRegistrationExpirationTime(domain.getRegistrationExpirationTime())
|
||||
.setLastTransferTime(domain.getLastTransferTime());
|
||||
domain
|
||||
.getRegistrant()
|
||||
.ifPresent(r -> infoBuilder.setRegistrant(tm().loadByKey(r).getContactId()));
|
||||
|
||||
// If authInfo is non-null, then the caller is authorized to see the full information since we
|
||||
// will have already verified the authInfo is valid.
|
||||
if (registrarId.equals(domain.getCurrentSponsorRegistrarId()) || authInfo.isPresent()) {
|
||||
infoBuilder
|
||||
.setContacts(loadForeignKeyedDesignatedContacts(domain.getContacts()))
|
||||
.setSubordinateHosts(
|
||||
hostsRequest.requestSubordinate() ? domain.getSubordinateHosts() : null)
|
||||
.setCreationRegistrarId(domain.getCreationRegistrarId())
|
||||
|
||||
@@ -21,8 +21,8 @@ import static com.google.common.collect.Sets.union;
|
||||
import static google.registry.dns.DnsUtils.requestDomainDnsRefresh;
|
||||
import static google.registry.flows.FlowUtils.persistEntityChanges;
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.checkSameValuesNotAddedAndRemoved;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAddsAndRemoves;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAllStatusesAreClientSettable;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
|
||||
@@ -30,13 +30,10 @@ import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.cloneAndLinkReferences;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.updateDsData;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateContactsHaveTypes;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateDsData;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateFeesAckedIfPresent;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateNameserversAllowedOnTld;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateNameserversCountForTld;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateNoDuplicateContacts;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateUpdateContactData;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.verifyClientUpdateNotProhibited;
|
||||
import static google.registry.flows.domain.DomainFlowUtils.verifyNotInPendingDelete;
|
||||
import static google.registry.model.reporting.HistoryEntry.Type.DOMAIN_UPDATE;
|
||||
@@ -64,8 +61,6 @@ import google.registry.flows.domain.DomainFlowUtils.RegistrantProhibitedExceptio
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.billing.BillingBase.Reason;
|
||||
import google.registry.model.billing.BillingEvent;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.DesignatedContact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainCommand.Update;
|
||||
import google.registry.model.domain.DomainCommand.Update.AddRemove;
|
||||
@@ -75,6 +70,8 @@ import google.registry.model.domain.fee.FeeUpdateCommandExtension;
|
||||
import google.registry.model.domain.metadata.MetadataExtension;
|
||||
import google.registry.model.domain.secdns.DomainDsData;
|
||||
import google.registry.model.domain.secdns.SecDnsUpdateExtension;
|
||||
import google.registry.model.domain.secdns.SecDnsUpdateExtension.Add;
|
||||
import google.registry.model.domain.secdns.SecDnsUpdateExtension.Remove;
|
||||
import google.registry.model.domain.superuser.DomainUpdateSuperuserExtension;
|
||||
import google.registry.model.eppcommon.AuthInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
@@ -86,7 +83,6 @@ import google.registry.model.poll.PendingActionNotificationResponse.DomainPendin
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
|
||||
import google.registry.model.tld.Tld;
|
||||
import google.registry.persistence.VKey;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
@@ -95,8 +91,8 @@ import org.joda.time.DateTime;
|
||||
/**
|
||||
* An EPP flow that updates a domain.
|
||||
*
|
||||
* <p>Updates can change contacts, nameservers and delegation signer data of a domain. Updates
|
||||
* cannot change the domain's name.
|
||||
* <p>Updates can change nameservers and delegation signer data of a domain. Updates cannot change
|
||||
* the domain's name.
|
||||
*
|
||||
* <p>Some status values (those of the form "serverSomethingProhibited") can only be applied by the
|
||||
* superuser. As such, adding or removing these statuses incurs a billing event. There will be only
|
||||
@@ -111,7 +107,6 @@ import org.joda.time.DateTime;
|
||||
* @error {@link google.registry.flows.exceptions.OnlyToolCanPassMetadataException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedException}
|
||||
* @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
|
||||
* @error {@link DomainFlowUtils.DuplicateContactForRoleException}
|
||||
* @error {@link DomainFlowUtils.EmptySecDnsUpdateException}
|
||||
* @error {@link DomainFlowUtils.FeesMismatchException}
|
||||
* @error {@link DomainFlowUtils.FeesRequiredForNonFreeOperationException}
|
||||
@@ -119,7 +114,6 @@ import org.joda.time.DateTime;
|
||||
* @error {@link DomainFlowUtils.LinkedResourcesDoNotExistException}
|
||||
* @error {@link DomainFlowUtils.LinkedResourceInPendingDeleteProhibitsOperationException}
|
||||
* @error {@link DomainFlowUtils.MaxSigLifeChangeNotSupportedException}
|
||||
* @error {@link DomainFlowUtils.MissingContactTypeException}
|
||||
* @error {@link DomainFlowUtils.NameserversNotAllowedForTldException}
|
||||
* @error {@link NameserversNotSpecifiedForTldWithNameserverAllowListException}
|
||||
* @error {@link DomainFlowUtils.NotAuthorizedForTldException}
|
||||
@@ -156,7 +150,9 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
@Inject DomainUpdateFlowCustomLogic flowCustomLogic;
|
||||
@Inject DomainPricingLogic pricingLogic;
|
||||
@Inject DomainUpdateFlow() {}
|
||||
|
||||
@Inject
|
||||
DomainUpdateFlow() {}
|
||||
|
||||
@Override
|
||||
public EppResponse run() throws EppException {
|
||||
@@ -177,7 +173,7 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
Domain newDomain = performUpdate(command, existingDomain, now);
|
||||
DomainHistory domainHistory =
|
||||
historyBuilder.setType(DOMAIN_UPDATE).setDomain(newDomain).build();
|
||||
validateNewState(existingDomain, newDomain);
|
||||
validateNewState(newDomain);
|
||||
if (requiresDnsUpdate(existingDomain, newDomain)) {
|
||||
requestDomainDnsRefresh(targetId);
|
||||
}
|
||||
@@ -233,31 +229,25 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
eppInput.getSingleExtension(FeeUpdateCommandExtension.class);
|
||||
FeesAndCredits feesAndCredits = pricingLogic.getUpdatePrice(tld, targetId, now);
|
||||
validateFeesAckedIfPresent(feeUpdate, feesAndCredits, false);
|
||||
verifyNotInPendingDelete(
|
||||
add.getContacts(),
|
||||
command.getInnerChange().getRegistrant(),
|
||||
add.getNameservers());
|
||||
validateContactsHaveTypes(add.getContacts());
|
||||
validateContactsHaveTypes(remove.getContacts());
|
||||
verifyNotInPendingDelete(add.getNameservers());
|
||||
validateNameserversAllowedOnTld(tldStr, add.getNameserverHostNames());
|
||||
}
|
||||
|
||||
private Domain performUpdate(Update command, Domain domain, DateTime now) throws EppException {
|
||||
AddRemove add = command.getInnerAdd();
|
||||
AddRemove remove = command.getInnerRemove();
|
||||
checkSameValuesNotAddedAndRemoved(add.getNameservers(), remove.getNameservers());
|
||||
checkSameValuesNotAddedAndRemoved(add.getContacts(), remove.getContacts());
|
||||
checkSameValuesNotAddedAndRemoved(add.getStatusValues(), remove.getStatusValues());
|
||||
Change change = command.getInnerChange();
|
||||
Optional<SecDnsUpdateExtension> secDnsUpdate =
|
||||
eppInput.getSingleExtension(SecDnsUpdateExtension.class);
|
||||
|
||||
// We have to verify no duplicate contacts _before_ constructing the domain because it is
|
||||
// illegal to construct a domain with duplicate contacts.
|
||||
Sets.SetView<DesignatedContact> newContacts =
|
||||
union(Sets.difference(domain.getContacts(), remove.getContacts()), add.getContacts());
|
||||
validateNoDuplicateContacts(newContacts);
|
||||
|
||||
verifyAddsAndRemoves(domain.getNameservers(), add.getNameservers(), remove.getNameservers());
|
||||
verifyAddsAndRemoves(domain.getStatusValues(), add.getStatusValues(), remove.getStatusValues());
|
||||
if (secDnsUpdate.isPresent()) {
|
||||
SecDnsUpdateExtension ext = secDnsUpdate.get();
|
||||
verifyAddsAndRemoves(
|
||||
domain.getDsData(),
|
||||
ext.getAdd().map(Add::getDsData).orElse(ImmutableSet.of()),
|
||||
ext.getRemove().map(Remove::getDsData).orElse(ImmutableSet.of()));
|
||||
}
|
||||
Change change = command.getInnerChange();
|
||||
Domain.Builder domainBuilder =
|
||||
domain
|
||||
.asBuilder()
|
||||
@@ -276,9 +266,6 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
.setLastEppUpdateRegistrarId(registrarId)
|
||||
.addStatusValues(add.getStatusValues())
|
||||
.removeStatusValues(remove.getStatusValues())
|
||||
.removeContacts(remove.getContacts())
|
||||
.addContacts(add.getContacts())
|
||||
.setRegistrant(determineUpdatedRegistrant(change, domain))
|
||||
.setAuthInfo(Optional.ofNullable(change.getAuthInfo()).orElse(domain.getAuthInfo()));
|
||||
|
||||
if (!add.getNameservers().isEmpty()) {
|
||||
@@ -300,15 +287,6 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
return domainBuilder.build();
|
||||
}
|
||||
|
||||
private Optional<VKey<Contact>> determineUpdatedRegistrant(Change change, Domain domain) {
|
||||
// During or after the minimum dataset transition, allow registrant to be removed.
|
||||
if (change.getRegistrantContactId().isPresent()
|
||||
&& change.getRegistrantContactId().get().isEmpty()) {
|
||||
return Optional.empty();
|
||||
}
|
||||
return change.getRegistrant().or(domain::getRegistrant);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether the new state of the domain is valid.
|
||||
*
|
||||
@@ -316,13 +294,7 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
* compliant with the additions or amendments, otherwise existing data can become invalid and
|
||||
* cause Domain update failure.
|
||||
*/
|
||||
private static void validateNewState(Domain existingDomain, Domain newDomain)
|
||||
throws EppException {
|
||||
validateUpdateContactData(
|
||||
existingDomain.getRegistrant(),
|
||||
newDomain.getRegistrant(),
|
||||
existingDomain.getContacts(),
|
||||
newDomain.getContacts());
|
||||
private static void validateNewState(Domain newDomain) throws EppException {
|
||||
validateDsData(newDomain.getDsData());
|
||||
validateNameserversCountForTld(
|
||||
newDomain.getTld(),
|
||||
@@ -336,8 +308,8 @@ public final class DomainUpdateFlow implements MutatingFlow {
|
||||
Optional<MetadataExtension> metadataExtension =
|
||||
eppInput.getSingleExtension(MetadataExtension.class);
|
||||
if (metadataExtension.isPresent() && metadataExtension.get().getRequestedByRegistrar()) {
|
||||
for (StatusValue statusValue
|
||||
: symmetricDifference(existingDomain.getStatusValues(), newDomain.getStatusValues())) {
|
||||
for (StatusValue statusValue :
|
||||
symmetricDifference(existingDomain.getStatusValues(), newDomain.getStatusValues())) {
|
||||
if (statusValue.isChargedStatus()) {
|
||||
// Only charge once.
|
||||
return Optional.of(
|
||||
|
||||
@@ -65,6 +65,7 @@ public final class HostCheckFlow implements TransactionalFlow {
|
||||
ForeignKeyUtils.loadKeys(Host.class, hostnames, clock.nowUtc()).keySet();
|
||||
ImmutableList.Builder<HostCheck> checks = new ImmutableList.Builder<>();
|
||||
for (String hostname : hostnames) {
|
||||
HostFlowUtils.validateHostName(hostname);
|
||||
boolean unused = !existingIds.contains(hostname);
|
||||
checks.add(HostCheck.create(unused, hostname, unused ? null : "In use"));
|
||||
}
|
||||
|
||||
@@ -87,7 +87,7 @@ public final class HostCreateFlow implements MutatingFlow {
|
||||
@Inject EppResponse.Builder responseBuilder;
|
||||
|
||||
@Inject
|
||||
@Config("contactAndHostRoidSuffix")
|
||||
@Config("hostRoidSuffix")
|
||||
String roidSuffix;
|
||||
|
||||
@Inject
|
||||
@@ -116,6 +116,7 @@ public final class HostCreateFlow implements MutatingFlow {
|
||||
? new SubordinateHostMustHaveIpException()
|
||||
: new UnexpectedExternalHostIpException();
|
||||
}
|
||||
HostFlowUtils.validateInetAddresses(command.getInetAddresses());
|
||||
Host newHost =
|
||||
new Host.Builder()
|
||||
.setCreationRegistrarId(registrarId)
|
||||
|
||||
@@ -84,7 +84,7 @@ public final class HostDeleteFlow implements MutatingFlow {
|
||||
extensionManager.validate();
|
||||
DateTime now = tm().getTransactionTime();
|
||||
validateHostName(targetId);
|
||||
checkLinkedDomains(targetId, now, Host.class);
|
||||
checkLinkedDomains(targetId, now);
|
||||
Host existingHost = loadAndVerifyExistence(Host.class, targetId, now);
|
||||
verifyNoDisallowedStatuses(existingHost, ImmutableSet.of(StatusValue.PENDING_DELETE));
|
||||
if (!isSuperuser) {
|
||||
|
||||
@@ -14,12 +14,16 @@
|
||||
|
||||
package google.registry.flows.host;
|
||||
|
||||
import static google.registry.flows.domain.DomainFlowUtils.validateFirstLabel;
|
||||
import static google.registry.model.EppResourceUtils.isActive;
|
||||
import static google.registry.model.tld.Tlds.findTldForName;
|
||||
import static google.registry.util.DomainNameUtils.canonicalizeHostname;
|
||||
import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
|
||||
import static java.util.stream.Collectors.joining;
|
||||
|
||||
import com.google.common.base.Ascii;
|
||||
import com.google.common.base.CharMatcher;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.net.InternetDomainName;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.EppException.AuthorizationErrorException;
|
||||
@@ -31,13 +35,17 @@ import google.registry.flows.EppException.StatusProhibitsOperationException;
|
||||
import google.registry.model.ForeignKeyUtils;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.util.Idn;
|
||||
import java.net.InetAddress;
|
||||
import java.util.Optional;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** Static utility functions for host flows. */
|
||||
public class HostFlowUtils {
|
||||
|
||||
/** Validator for ASCII lowercase letters, digits, and "-_", allowing "." as a separator */
|
||||
private static final CharMatcher HOST_NAME_ALLOWED_CHARS =
|
||||
CharMatcher.inRange('a', 'z').or(CharMatcher.inRange('0', '9').or(CharMatcher.anyOf("-._")));
|
||||
|
||||
/** Checks that a host name is valid. */
|
||||
public static InternetDomainName validateHostName(String name) throws EppException {
|
||||
checkArgumentNotNull(name, "Must specify host name to validate");
|
||||
@@ -49,10 +57,13 @@ public class HostFlowUtils {
|
||||
throw new HostNameNotLowerCaseException(hostNameLowerCase);
|
||||
}
|
||||
try {
|
||||
String hostNamePunyCoded = Idn.toASCII(name);
|
||||
String hostNamePunyCoded = canonicalizeHostname(name);
|
||||
if (!name.equals(hostNamePunyCoded)) {
|
||||
throw new HostNameNotPunyCodedException(hostNamePunyCoded);
|
||||
}
|
||||
if (!HOST_NAME_ALLOWED_CHARS.matchesAllOf(name)) {
|
||||
throw new BadHostNameCharacterException();
|
||||
}
|
||||
InternetDomainName hostName = InternetDomainName.from(name);
|
||||
if (!name.equals(hostName.toString())) {
|
||||
throw new HostNameNotNormalizedException(hostName.toString());
|
||||
@@ -71,6 +82,7 @@ public class HostFlowUtils {
|
||||
if (hostName.parts().size() < effectiveTld.parts().size() + 2) {
|
||||
throw new HostNameTooShallowException();
|
||||
}
|
||||
validateFirstLabel(hostName.parts().getFirst());
|
||||
return hostName;
|
||||
} catch (IllegalArgumentException e) {
|
||||
throw new InvalidHostNameException();
|
||||
@@ -98,6 +110,24 @@ public class HostFlowUtils {
|
||||
return superordinateDomain;
|
||||
}
|
||||
|
||||
/** Makes sure that no provided IP addresses are local / loopback addresses. */
|
||||
public static void validateInetAddresses(ImmutableSet<InetAddress> inetAddresses)
|
||||
throws EppException {
|
||||
if (inetAddresses == null) {
|
||||
return;
|
||||
}
|
||||
if (inetAddresses.stream().anyMatch(InetAddress::isLoopbackAddress)) {
|
||||
throw new LoopbackIpNotValidForHostException();
|
||||
}
|
||||
}
|
||||
|
||||
/** Loopback IPs are not valid for hosts. */
|
||||
static class LoopbackIpNotValidForHostException extends ParameterValuePolicyErrorException {
|
||||
public LoopbackIpNotValidForHostException() {
|
||||
super("Loopback IPs are not valid for hosts");
|
||||
}
|
||||
}
|
||||
|
||||
/** Superordinate domain for this hostname does not exist. */
|
||||
static class SuperordinateDomainDoesNotExistException extends ObjectDoesNotExistException {
|
||||
public SuperordinateDomainDoesNotExistException(String domainName) {
|
||||
@@ -180,4 +210,11 @@ public class HostFlowUtils {
|
||||
String.format("Host names must be in normalized format; expected %s", expectedHostName));
|
||||
}
|
||||
}
|
||||
|
||||
/** Host names can only contain a-z, 0-9, '.', '_', and '-'. */
|
||||
static class BadHostNameCharacterException extends ParameterValueSyntaxErrorException {
|
||||
public BadHostNameCharacterException() {
|
||||
super("Host names can only contain a-z, 0-9, '.', '_', and '-'");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,8 +20,8 @@ import static google.registry.dns.DnsUtils.requestHostDnsRefresh;
|
||||
import static google.registry.dns.RefreshDnsOnHostRenameAction.PARAM_HOST_KEY;
|
||||
import static google.registry.dns.RefreshDnsOnHostRenameAction.QUEUE_HOST_RENAME;
|
||||
import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
|
||||
import static google.registry.flows.ResourceFlowUtils.checkSameValuesNotAddedAndRemoved;
|
||||
import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAddsAndRemoves;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyAllStatusesAreClientSettable;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
|
||||
import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
|
||||
@@ -159,8 +159,11 @@ public final class HostUpdateFlow implements MutatingFlow {
|
||||
}
|
||||
AddRemove add = command.getInnerAdd();
|
||||
AddRemove remove = command.getInnerRemove();
|
||||
checkSameValuesNotAddedAndRemoved(add.getStatusValues(), remove.getStatusValues());
|
||||
checkSameValuesNotAddedAndRemoved(add.getInetAddresses(), remove.getInetAddresses());
|
||||
verifyAddsAndRemoves(
|
||||
existingHost.getStatusValues(), add.getStatusValues(), remove.getStatusValues());
|
||||
verifyAddsAndRemoves(
|
||||
existingHost.getInetAddresses(), add.getInetAddresses(), remove.getInetAddresses());
|
||||
HostFlowUtils.validateInetAddresses(add.getInetAddresses());
|
||||
VKey<Domain> newSuperordinateDomainKey =
|
||||
newSuperordinateDomain.map(Domain::createVKey).orElse(null);
|
||||
// If the superordinateDomain field is changing, set the lastSuperordinateChange to now.
|
||||
|
||||
@@ -135,7 +135,6 @@ public class FlowPicker {
|
||||
return switch (((Poll) innerCommand).getPollOp()) {
|
||||
case ACK -> PollAckFlow.class;
|
||||
case REQUEST -> PollRequestFlow.class;
|
||||
default -> UnimplementedFlow.class;
|
||||
};
|
||||
}
|
||||
};
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
package google.registry.flows.session;
|
||||
|
||||
import static com.google.common.collect.Sets.difference;
|
||||
import static google.registry.model.common.FeatureFlag.FeatureName.PROHIBIT_CONTACT_OBJECTS_ON_LOGIN;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static google.registry.util.CollectionUtils.nullToEmpty;
|
||||
|
||||
@@ -39,6 +40,7 @@ import google.registry.flows.TlsCredentials.BadRegistrarIpAddressException;
|
||||
import google.registry.flows.TlsCredentials.MissingRegistrarCertificateException;
|
||||
import google.registry.flows.TransportCredentials;
|
||||
import google.registry.flows.TransportCredentials.BadRegistrarPasswordException;
|
||||
import google.registry.model.common.FeatureFlag;
|
||||
import google.registry.model.eppcommon.ProtocolDefinition;
|
||||
import google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension;
|
||||
import google.registry.model.eppinput.EppInput;
|
||||
@@ -114,9 +116,13 @@ public class LoginFlow implements MutatingFlow {
|
||||
}
|
||||
Services services = login.getServices();
|
||||
stopwatch.tick("LoginFlow getServices");
|
||||
Set<String> unsupportedObjectServices = difference(
|
||||
nullToEmpty(services.getObjectServices()),
|
||||
ProtocolDefinition.SUPPORTED_OBJECT_SERVICES);
|
||||
|
||||
Set<String> unsupportedObjectServices =
|
||||
difference(
|
||||
nullToEmpty(services.getObjectServices()),
|
||||
FeatureFlag.isActiveNow(PROHIBIT_CONTACT_OBJECTS_ON_LOGIN)
|
||||
? ProtocolDefinition.SUPPORTED_OBJECT_SERVICES
|
||||
: ProtocolDefinition.SUPPORTED_OBJECT_SERVICES_WITH_CONTACT);
|
||||
stopwatch.tick("LoginFlow difference unsupportedObjectServices");
|
||||
if (!unsupportedObjectServices.isEmpty()) {
|
||||
throw new UnimplementedObjectServiceException();
|
||||
|
||||
@@ -23,17 +23,14 @@ import static google.registry.util.DateTimeUtils.isBeforeOrAt;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.model.EppResource.BuilderWithTransferData;
|
||||
import google.registry.model.EppResource.ResourceWithTransferData;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainBase;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.model.reporting.HistoryEntry;
|
||||
import google.registry.model.reporting.HistoryEntryDao;
|
||||
import google.registry.model.tld.Tld;
|
||||
import google.registry.model.transfer.DomainTransferData;
|
||||
import google.registry.model.transfer.TransferData;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import google.registry.persistence.VKey;
|
||||
import jakarta.persistence.Query;
|
||||
@@ -48,14 +45,6 @@ public final class EppResourceUtils {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
private static final String CONTACT_LINKED_DOMAIN_QUERY =
|
||||
"SELECT repoId FROM Domain "
|
||||
+ "WHERE (adminContact = :fkRepoId "
|
||||
+ "OR billingContact = :fkRepoId "
|
||||
+ "OR techContact = :fkRepoId "
|
||||
+ "OR registrantContact = :fkRepoId) "
|
||||
+ "AND deletionTime > :now";
|
||||
|
||||
// We have to use the native SQL query here because DomainHost table doesn't have its entity
|
||||
// class, so we cannot reference its property like domainHost.hostRepoId in a JPQL query.
|
||||
private static final String HOST_LINKED_DOMAIN_QUERY =
|
||||
@@ -105,41 +94,34 @@ public final class EppResourceUtils {
|
||||
return !isActive(resource, time);
|
||||
}
|
||||
|
||||
/** Process an automatic transfer on a resource. */
|
||||
public static <
|
||||
T extends TransferData,
|
||||
B extends EppResource.Builder<?, B> & BuilderWithTransferData<T, B>>
|
||||
void setAutomaticTransferSuccessProperties(B builder, TransferData transferData) {
|
||||
/** Process an automatic transfer on a domain. */
|
||||
public static void setAutomaticTransferSuccessProperties(
|
||||
DomainBase.Builder<?, ?> builder, DomainTransferData transferData) {
|
||||
checkArgument(TransferStatus.PENDING.equals(transferData.getTransferStatus()));
|
||||
TransferData.Builder transferDataBuilder = transferData.asBuilder();
|
||||
DomainTransferData.Builder transferDataBuilder = transferData.asBuilder();
|
||||
transferDataBuilder.setTransferStatus(TransferStatus.SERVER_APPROVED);
|
||||
transferDataBuilder.setServerApproveEntities(null, null, null);
|
||||
if (transferData instanceof DomainTransferData) {
|
||||
((DomainTransferData.Builder) transferDataBuilder)
|
||||
.setServerApproveBillingEvent(null)
|
||||
.setServerApproveAutorenewEvent(null)
|
||||
.setServerApproveAutorenewPollMessage(null);
|
||||
}
|
||||
transferDataBuilder
|
||||
.setServerApproveEntities(null, null, null)
|
||||
.setServerApproveBillingEvent(null)
|
||||
.setServerApproveAutorenewEvent(null)
|
||||
.setServerApproveAutorenewPollMessage(null);
|
||||
builder
|
||||
.removeStatusValue(StatusValue.PENDING_TRANSFER)
|
||||
.setTransferData((T) transferDataBuilder.build())
|
||||
.setTransferData(transferDataBuilder.build())
|
||||
.setLastTransferTime(transferData.getPendingTransferExpirationTime())
|
||||
.setPersistedCurrentSponsorRegistrarId(transferData.getGainingRegistrarId());
|
||||
}
|
||||
|
||||
/**
|
||||
* Perform common operations for projecting an {@link EppResource} at a given time:
|
||||
* Perform common operations for projecting a {@link Domain} at a given time:
|
||||
*
|
||||
* <ul>
|
||||
* <li>Process an automatic transfer.
|
||||
* </ul>
|
||||
*/
|
||||
public static <
|
||||
T extends TransferData,
|
||||
E extends EppResource & ResourceWithTransferData<T>,
|
||||
B extends EppResource.Builder<?, B> & BuilderWithTransferData<T, B>>
|
||||
void projectResourceOntoBuilderAtTime(E resource, B builder, DateTime now) {
|
||||
T transferData = resource.getTransferData();
|
||||
public static void projectResourceOntoBuilderAtTime(
|
||||
DomainBase domain, DomainBase.Builder<?, ?> builder, DateTime now) {
|
||||
DomainTransferData transferData = domain.getTransferData();
|
||||
// If there's a pending transfer that has expired, process it.
|
||||
DateTime expirationTime = transferData.getPendingTransferExpirationTime();
|
||||
if (TransferStatus.PENDING.equals(transferData.getTransferStatus())
|
||||
@@ -207,36 +189,21 @@ public final class EppResourceUtils {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a set of {@link VKey} for domains that reference a specified contact or host.
|
||||
*
|
||||
* <p>This is an eventually consistent query if used for the database.
|
||||
* Returns a set of {@link VKey} for domains that reference a specified host.
|
||||
*
|
||||
* @param key the referent key
|
||||
* @param now the logical time of the check
|
||||
* @param limit the maximum number of returned keys, unlimited if null
|
||||
*/
|
||||
public static ImmutableSet<VKey<Domain>> getLinkedDomainKeys(
|
||||
VKey<? extends EppResource> key, DateTime now, @Nullable Integer limit) {
|
||||
checkArgument(
|
||||
key.getKind().equals(Contact.class) || key.getKind().equals(Host.class),
|
||||
"key must be either VKey<Contact> or VKey<Host>, but it is %s",
|
||||
key);
|
||||
boolean isContactKey = key.getKind().equals(Contact.class);
|
||||
VKey<Host> key, DateTime now, @Nullable Integer limit) {
|
||||
return tm().reTransact(
|
||||
() -> {
|
||||
Query query;
|
||||
if (isContactKey) {
|
||||
query =
|
||||
tm().query(CONTACT_LINKED_DOMAIN_QUERY, String.class)
|
||||
.setParameter("fkRepoId", key)
|
||||
.setParameter("now", now);
|
||||
} else {
|
||||
query =
|
||||
tm().getEntityManager()
|
||||
.createNativeQuery(HOST_LINKED_DOMAIN_QUERY)
|
||||
.setParameter("fkRepoId", key.getKey())
|
||||
.setParameter("now", now.toDate());
|
||||
}
|
||||
Query query =
|
||||
tm().getEntityManager()
|
||||
.createNativeQuery(HOST_LINKED_DOMAIN_QUERY)
|
||||
.setParameter("fkRepoId", key.getKey())
|
||||
.setParameter("now", now.toDate());
|
||||
if (limit != null) {
|
||||
query.setMaxResults(limit);
|
||||
}
|
||||
@@ -252,12 +219,12 @@ public final class EppResourceUtils {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether the given contact or host is linked to (that is, referenced by) a domain.
|
||||
* Returns whether the given host is linked to (that is, referenced by) a domain.
|
||||
*
|
||||
* @param key the referent key
|
||||
* @param now the logical time of the check
|
||||
*/
|
||||
public static boolean isLinked(VKey<? extends EppResource> key, DateTime now) {
|
||||
public static boolean isLinked(VKey<Host> key, DateTime now) {
|
||||
return !getLinkedDomainKeys(key, now, 1).isEmpty();
|
||||
}
|
||||
|
||||
|
||||
@@ -29,7 +29,6 @@ import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Maps;
|
||||
import google.registry.config.RegistryConfig;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.persistence.VKey;
|
||||
@@ -60,7 +59,6 @@ public final class ForeignKeyUtils {
|
||||
private static final ImmutableMap<Class<? extends EppResource>, String>
|
||||
RESOURCE_TYPE_TO_FK_PROPERTY =
|
||||
ImmutableMap.of(
|
||||
Contact.class, "contactId",
|
||||
Domain.class, "domainName",
|
||||
Host.class, "hostName");
|
||||
|
||||
|
||||
@@ -16,32 +16,26 @@ package google.registry.model;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static com.google.common.base.Preconditions.checkNotNull;
|
||||
import static com.google.common.base.Preconditions.checkState;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Sets;
|
||||
import google.registry.model.EppResource.BuilderWithTransferData;
|
||||
import google.registry.model.EppResource.ResourceWithTransferData;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.eppcommon.Trid;
|
||||
import google.registry.model.poll.PendingActionNotificationResponse;
|
||||
import google.registry.model.poll.PendingActionNotificationResponse.ContactPendingActionNotificationResponse;
|
||||
import google.registry.model.poll.PendingActionNotificationResponse.DomainPendingActionNotificationResponse;
|
||||
import google.registry.model.poll.PollMessage;
|
||||
import google.registry.model.reporting.HistoryEntry;
|
||||
import google.registry.model.transfer.DomainTransferData;
|
||||
import google.registry.model.transfer.TransferData;
|
||||
import google.registry.model.transfer.TransferResponse;
|
||||
import google.registry.model.transfer.TransferResponse.ContactTransferResponse;
|
||||
import google.registry.model.transfer.TransferResponse.DomainTransferResponse;
|
||||
import google.registry.model.transfer.TransferStatus;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** Static utility functions for resource transfers. */
|
||||
/** Static utility functions for domain transfers. */
|
||||
public final class ResourceTransferUtils {
|
||||
|
||||
private ResourceTransferUtils() {}
|
||||
@@ -50,109 +44,81 @@ public final class ResourceTransferUtils {
|
||||
private static final ImmutableSet<TransferStatus> ADD_EXDATE_STATUSES = Sets.immutableEnumSet(
|
||||
TransferStatus.PENDING, TransferStatus.CLIENT_APPROVED, TransferStatus.SERVER_APPROVED);
|
||||
|
||||
/**
|
||||
* Create a transfer response using the id and type of this resource and the specified {@link
|
||||
* TransferData}.
|
||||
*/
|
||||
/** Create a transfer response using the domain and the specified {@link DomainTransferData}. */
|
||||
public static TransferResponse createTransferResponse(
|
||||
EppResource eppResource, TransferData transferData) {
|
||||
assertIsContactOrDomain(eppResource);
|
||||
@SuppressWarnings("NonCanonicalType")
|
||||
TransferResponse.Builder<? extends TransferResponse, ?> builder;
|
||||
if (eppResource instanceof Contact) {
|
||||
builder = new ContactTransferResponse.Builder().setContactId(eppResource.getForeignKey());
|
||||
} else {
|
||||
DomainTransferData domainTransferData = (DomainTransferData) transferData;
|
||||
builder =
|
||||
new DomainTransferResponse.Builder()
|
||||
.setDomainName(eppResource.getForeignKey())
|
||||
.setExtendedRegistrationExpirationTime(
|
||||
ADD_EXDATE_STATUSES.contains(domainTransferData.getTransferStatus())
|
||||
? domainTransferData.getTransferredRegistrationExpirationTime()
|
||||
: null);
|
||||
}
|
||||
builder
|
||||
Domain domain, DomainTransferData transferData) {
|
||||
return new DomainTransferResponse.Builder()
|
||||
.setDomainName(domain.getForeignKey())
|
||||
.setExtendedRegistrationExpirationTime(
|
||||
ADD_EXDATE_STATUSES.contains(transferData.getTransferStatus())
|
||||
? transferData.getTransferredRegistrationExpirationTime()
|
||||
: null)
|
||||
.setGainingRegistrarId(transferData.getGainingRegistrarId())
|
||||
.setLosingRegistrarId(transferData.getLosingRegistrarId())
|
||||
.setPendingTransferExpirationTime(transferData.getPendingTransferExpirationTime())
|
||||
.setTransferRequestTime(transferData.getTransferRequestTime())
|
||||
.setTransferStatus(transferData.getTransferStatus());
|
||||
return builder.build();
|
||||
.setTransferStatus(transferData.getTransferStatus())
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a pending action notification response indicating the resolution of a transfer.
|
||||
*
|
||||
* <p>The returned object will use the id and type of this resource, the trid of the resource's
|
||||
* last transfer request, and the specified status and date.
|
||||
* <p>The returned object will use the trid of the domain's last transfer request, and the
|
||||
* specified status and date.
|
||||
*/
|
||||
public static PendingActionNotificationResponse createPendingTransferNotificationResponse(
|
||||
EppResource eppResource,
|
||||
Trid transferRequestTrid,
|
||||
boolean actionResult,
|
||||
DateTime processedDate) {
|
||||
assertIsContactOrDomain(eppResource);
|
||||
return eppResource instanceof Contact
|
||||
? ContactPendingActionNotificationResponse.create(
|
||||
eppResource.getForeignKey(), actionResult, transferRequestTrid, processedDate)
|
||||
: DomainPendingActionNotificationResponse.create(
|
||||
eppResource.getForeignKey(), actionResult, transferRequestTrid, processedDate);
|
||||
}
|
||||
|
||||
private static void assertIsContactOrDomain(EppResource eppResource) {
|
||||
checkState(eppResource instanceof Contact || eppResource instanceof Domain);
|
||||
Domain domain, Trid transferRequestTrid, boolean actionResult, DateTime processedDate) {
|
||||
return DomainPendingActionNotificationResponse.create(
|
||||
domain.getDomainName(), actionResult, transferRequestTrid, processedDate);
|
||||
}
|
||||
|
||||
/** If there is a transfer out, delete the server-approve entities and enqueue a poll message. */
|
||||
public static <R extends EppResource & ResourceWithTransferData>
|
||||
void handlePendingTransferOnDelete(
|
||||
R resource, R newResource, DateTime now, HistoryEntry historyEntry) {
|
||||
if (resource.getStatusValues().contains(StatusValue.PENDING_TRANSFER)) {
|
||||
TransferData oldTransferData = resource.getTransferData();
|
||||
tm().delete(oldTransferData.getServerApproveEntities());
|
||||
tm().put(
|
||||
new PollMessage.OneTime.Builder()
|
||||
.setRegistrarId(oldTransferData.getGainingRegistrarId())
|
||||
.setEventTime(now)
|
||||
.setMsg(TransferStatus.SERVER_CANCELLED.getMessage())
|
||||
.setResponseData(
|
||||
ImmutableList.of(
|
||||
createTransferResponse(newResource, newResource.getTransferData()),
|
||||
createPendingTransferNotificationResponse(
|
||||
resource, oldTransferData.getTransferRequestTrid(), false, now)))
|
||||
.setHistoryEntry(historyEntry)
|
||||
.build());
|
||||
public static void handlePendingTransferOnDelete(
|
||||
Domain domain, Domain newDomain, DateTime now, HistoryEntry historyEntry) {
|
||||
if (!domain.getStatusValues().contains(StatusValue.PENDING_TRANSFER)) {
|
||||
return;
|
||||
}
|
||||
TransferData oldTransferData = domain.getTransferData();
|
||||
tm().delete(oldTransferData.getServerApproveEntities());
|
||||
tm().put(
|
||||
new PollMessage.OneTime.Builder()
|
||||
.setRegistrarId(oldTransferData.getGainingRegistrarId())
|
||||
.setEventTime(now)
|
||||
.setMsg(TransferStatus.SERVER_CANCELLED.getMessage())
|
||||
.setResponseData(
|
||||
ImmutableList.of(
|
||||
createTransferResponse(newDomain, newDomain.getTransferData()),
|
||||
createPendingTransferNotificationResponse(
|
||||
domain, oldTransferData.getTransferRequestTrid(), false, now)))
|
||||
.setHistoryEntry(historyEntry)
|
||||
.build());
|
||||
}
|
||||
|
||||
/**
|
||||
* Turn a resource into a builder with its pending transfer resolved.
|
||||
* Turn a domain into a builder with its pending transfer resolved.
|
||||
*
|
||||
* <p>This removes the {@link StatusValue#PENDING_TRANSFER} status, sets the {@link
|
||||
* TransferStatus}, clears all the server-approve fields on the {@link TransferData}, and sets the
|
||||
* expiration time of the last pending transfer to now.
|
||||
*/
|
||||
private static <
|
||||
R extends EppResource & ResourceWithTransferData,
|
||||
B extends EppResource.Builder<R, B> & BuilderWithTransferData<TransferData, B>>
|
||||
B resolvePendingTransfer(R resource, TransferStatus transferStatus, DateTime now) {
|
||||
private static Domain.Builder resolvePendingTransfer(
|
||||
Domain domain, TransferStatus transferStatus, DateTime now) {
|
||||
checkArgument(
|
||||
resource.getStatusValues().contains(StatusValue.PENDING_TRANSFER),
|
||||
"Resource is not in pending transfer status.");
|
||||
checkArgument(!resource.getTransferData().isEmpty(), "No old transfer data to resolve.");
|
||||
@SuppressWarnings("unchecked")
|
||||
B builder = (B) resource.asBuilder();
|
||||
domain.getStatusValues().contains(StatusValue.PENDING_TRANSFER),
|
||||
"Domain is not in pending transfer status.");
|
||||
checkArgument(!domain.getTransferData().isEmpty(), "No old transfer data to resolve.");
|
||||
|
||||
return builder
|
||||
return domain
|
||||
.asBuilder()
|
||||
.removeStatusValue(StatusValue.PENDING_TRANSFER)
|
||||
.setTransferData(
|
||||
(TransferData)
|
||||
resource
|
||||
.getTransferData()
|
||||
.copyConstantFieldsToBuilder()
|
||||
.setTransferStatus(transferStatus)
|
||||
.setPendingTransferExpirationTime(checkNotNull(now))
|
||||
.build());
|
||||
domain
|
||||
.getTransferData()
|
||||
.copyConstantFieldsToBuilder()
|
||||
.setTransferStatus(transferStatus)
|
||||
.setPendingTransferExpirationTime(checkNotNull(now))
|
||||
.build());
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -163,15 +129,13 @@ public final class ResourceTransferUtils {
|
||||
* client id, and sets the last transfer time and the expiration time of the last pending transfer
|
||||
* to now.
|
||||
*/
|
||||
public static <
|
||||
R extends EppResource & ResourceWithTransferData,
|
||||
B extends EppResource.Builder<R, B> & BuilderWithTransferData<TransferData, B>>
|
||||
R approvePendingTransfer(R resource, TransferStatus transferStatus, DateTime now) {
|
||||
public static Domain approvePendingTransfer(
|
||||
Domain domain, TransferStatus transferStatus, DateTime now) {
|
||||
checkArgument(transferStatus.isApproved(), "Not an approval transfer status");
|
||||
B builder = resolvePendingTransfer(resource, transferStatus, now);
|
||||
Domain.Builder builder = resolvePendingTransfer(domain, transferStatus, now);
|
||||
return builder
|
||||
.setLastTransferTime(now)
|
||||
.setPersistedCurrentSponsorRegistrarId(resource.getTransferData().getGainingRegistrarId())
|
||||
.setPersistedCurrentSponsorRegistrarId(domain.getTransferData().getGainingRegistrarId())
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -183,10 +147,10 @@ public final class ResourceTransferUtils {
|
||||
* expiration time of the last pending transfer to now, sets the last EPP update time to now, and
|
||||
* sets the last EPP update client id to the given client id.
|
||||
*/
|
||||
public static <R extends EppResource & ResourceWithTransferData> R denyPendingTransfer(
|
||||
R resource, TransferStatus transferStatus, DateTime now, String lastEppUpdateRegistrarId) {
|
||||
public static Domain denyPendingTransfer(
|
||||
Domain domain, TransferStatus transferStatus, DateTime now, String lastEppUpdateRegistrarId) {
|
||||
checkArgument(transferStatus.isDenied(), "Not a denial transfer status");
|
||||
return resolvePendingTransfer(resource, transferStatus, now)
|
||||
return resolvePendingTransfer(domain, transferStatus, now)
|
||||
.setLastEppUpdateTime(now)
|
||||
.setLastEppUpdateRegistrarId(lastEppUpdateRegistrarId)
|
||||
.build();
|
||||
|
||||
@@ -64,6 +64,7 @@ public class FeatureFlag extends ImmutableObject implements Buildable {
|
||||
|
||||
/** The names of the feature flags that can be individually set. */
|
||||
public enum FeatureName {
|
||||
|
||||
/** Feature flag name used for testing only. */
|
||||
TEST_FEATURE(FeatureStatus.INACTIVE),
|
||||
|
||||
@@ -76,7 +77,10 @@ public class FeatureFlag extends ImmutableObject implements Buildable {
|
||||
/**
|
||||
* If we're including the upcoming domain drop date in the exported list of registered domains.
|
||||
*/
|
||||
INCLUDE_PENDING_DELETE_DATE_FOR_DOMAINS(FeatureStatus.INACTIVE);
|
||||
INCLUDE_PENDING_DELETE_DATE_FOR_DOMAINS(FeatureStatus.INACTIVE),
|
||||
|
||||
/** If we're prohibiting the inclusion of the contact object URI on login. */
|
||||
PROHIBIT_CONTACT_OBJECTS_ON_LOGIN(FeatureStatus.INACTIVE);
|
||||
|
||||
private final FeatureStatus defaultStatus;
|
||||
|
||||
|
||||
@@ -1,102 +0,0 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.model.contact;
|
||||
|
||||
import google.registry.model.EppResource.ForeignKeyedEppResource;
|
||||
import google.registry.model.annotations.ExternalMessagingName;
|
||||
import google.registry.persistence.VKey;
|
||||
import google.registry.persistence.WithVKey;
|
||||
import jakarta.persistence.Access;
|
||||
import jakarta.persistence.AccessType;
|
||||
import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.Id;
|
||||
import jakarta.persistence.Index;
|
||||
import jakarta.persistence.Table;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* A persistable contact resource including mutable and non-mutable fields.
|
||||
*
|
||||
* @see <a href="https://tools.ietf.org/html/rfc5733">RFC 5733</a>
|
||||
*/
|
||||
@Entity
|
||||
@Table(
|
||||
name = "Contact",
|
||||
indexes = {
|
||||
@Index(columnList = "creationTime"),
|
||||
@Index(columnList = "currentSponsorRegistrarId"),
|
||||
@Index(columnList = "deletionTime"),
|
||||
@Index(columnList = "contactId"),
|
||||
@Index(columnList = "searchName")
|
||||
})
|
||||
@ExternalMessagingName("contact")
|
||||
@WithVKey(String.class)
|
||||
@Access(AccessType.FIELD)
|
||||
public class Contact extends ContactBase implements ForeignKeyedEppResource {
|
||||
|
||||
@Override
|
||||
public VKey<Contact> createVKey() {
|
||||
return VKey.create(Contact.class, getRepoId());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Id
|
||||
@Access(AccessType.PROPERTY)
|
||||
public String getRepoId() {
|
||||
return super.getRepoId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Contact cloneProjectedAtTime(DateTime now) {
|
||||
return ContactBase.cloneContactProjectedAtTime(this, now);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder asBuilder() {
|
||||
return new Builder(clone(this));
|
||||
}
|
||||
|
||||
/** A builder for constructing {@link Contact}, since it is immutable. */
|
||||
public static class Builder extends ContactBase.Builder<Contact, Builder> {
|
||||
|
||||
public Builder() {}
|
||||
|
||||
private Builder(Contact instance) {
|
||||
super(instance);
|
||||
}
|
||||
|
||||
public Builder copyFrom(ContactBase contactBase) {
|
||||
return this.setAuthInfo(contactBase.getAuthInfo())
|
||||
.setContactId(contactBase.getContactId())
|
||||
.setCreationRegistrarId(contactBase.getCreationRegistrarId())
|
||||
.setCreationTime(contactBase.getCreationTime())
|
||||
.setDeletionTime(contactBase.getDeletionTime())
|
||||
.setDisclose(contactBase.getDisclose())
|
||||
.setEmailAddress(contactBase.getEmailAddress())
|
||||
.setFaxNumber(contactBase.getFaxNumber())
|
||||
.setInternationalizedPostalInfo(contactBase.getInternationalizedPostalInfo())
|
||||
.setLastTransferTime(contactBase.getLastTransferTime())
|
||||
.setLastEppUpdateRegistrarId(contactBase.getLastEppUpdateRegistrarId())
|
||||
.setLastEppUpdateTime(contactBase.getLastEppUpdateTime())
|
||||
.setLocalizedPostalInfo(contactBase.getLocalizedPostalInfo())
|
||||
.setPersistedCurrentSponsorRegistrarId(
|
||||
contactBase.getPersistedCurrentSponsorRegistrarId())
|
||||
.setRepoId(contactBase.getRepoId())
|
||||
.setStatusValues(contactBase.getStatusValues())
|
||||
.setTransferData(contactBase.getTransferData())
|
||||
.setVoiceNumber(contactBase.getVoiceNumber());
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,398 +0,0 @@
|
||||
// Copyright 2020 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.model.contact;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
import static google.registry.model.EppResourceUtils.projectResourceOntoBuilderAtTime;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.EppResource.ResourceWithTransferData;
|
||||
import google.registry.model.transfer.ContactTransferData;
|
||||
import google.registry.persistence.VKey;
|
||||
import jakarta.persistence.Access;
|
||||
import jakarta.persistence.AccessType;
|
||||
import jakarta.persistence.AttributeOverride;
|
||||
import jakarta.persistence.AttributeOverrides;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.Embeddable;
|
||||
import jakarta.persistence.Embedded;
|
||||
import jakarta.persistence.MappedSuperclass;
|
||||
import jakarta.xml.bind.annotation.XmlElement;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.stream.Stream;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/**
|
||||
* A persistable contact resource including mutable and non-mutable fields.
|
||||
*
|
||||
* <p>This class deliberately does not include an {@link jakarta.persistence.Id} so that any
|
||||
* foreign-keyed fields can refer to the proper parent entity's ID, whether we're storing this in
|
||||
* the DB itself or as part of another entity
|
||||
*
|
||||
* @see <a href="https://tools.ietf.org/html/rfc5733">RFC 5733</a>
|
||||
*/
|
||||
@MappedSuperclass
|
||||
@Embeddable
|
||||
@Access(AccessType.FIELD)
|
||||
public class ContactBase extends EppResource
|
||||
implements ResourceWithTransferData<ContactTransferData> {
|
||||
|
||||
/**
|
||||
* Unique identifier for this contact.
|
||||
*
|
||||
* <p>This is only unique in the sense that for any given lifetime specified as the time range
|
||||
* from (creationTime, deletionTime) there can only be one contact in the database with this id.
|
||||
* However, there can be many contacts with the same id and non-overlapping lifetimes.
|
||||
*/
|
||||
String contactId;
|
||||
|
||||
/**
|
||||
* Localized postal info for the contact. All contained values must be representable in the 7-bit
|
||||
* US-ASCII character set. Personal info; cleared by {@link Contact.Builder#wipeOut}.
|
||||
*/
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "name", column = @Column(name = "addr_local_name")),
|
||||
@AttributeOverride(name = "org", column = @Column(name = "addr_local_org")),
|
||||
@AttributeOverride(name = "type", column = @Column(name = "addr_local_type")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine1",
|
||||
column = @Column(name = "addr_local_street_line1")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine2",
|
||||
column = @Column(name = "addr_local_street_line2")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine3",
|
||||
column = @Column(name = "addr_local_street_line3")),
|
||||
@AttributeOverride(name = "address.city", column = @Column(name = "addr_local_city")),
|
||||
@AttributeOverride(name = "address.state", column = @Column(name = "addr_local_state")),
|
||||
@AttributeOverride(name = "address.zip", column = @Column(name = "addr_local_zip")),
|
||||
@AttributeOverride(
|
||||
name = "address.countryCode",
|
||||
column = @Column(name = "addr_local_country_code"))
|
||||
})
|
||||
PostalInfo localizedPostalInfo;
|
||||
|
||||
/**
|
||||
* Internationalized postal info for the contact. Personal info; cleared by {@link
|
||||
* Contact.Builder#wipeOut}.
|
||||
*/
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "name", column = @Column(name = "addr_i18n_name")),
|
||||
@AttributeOverride(name = "org", column = @Column(name = "addr_i18n_org")),
|
||||
@AttributeOverride(name = "type", column = @Column(name = "addr_i18n_type")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine1",
|
||||
column = @Column(name = "addr_i18n_street_line1")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine2",
|
||||
column = @Column(name = "addr_i18n_street_line2")),
|
||||
@AttributeOverride(
|
||||
name = "address.streetLine3",
|
||||
column = @Column(name = "addr_i18n_street_line3")),
|
||||
@AttributeOverride(name = "address.city", column = @Column(name = "addr_i18n_city")),
|
||||
@AttributeOverride(name = "address.state", column = @Column(name = "addr_i18n_state")),
|
||||
@AttributeOverride(name = "address.zip", column = @Column(name = "addr_i18n_zip")),
|
||||
@AttributeOverride(
|
||||
name = "address.countryCode",
|
||||
column = @Column(name = "addr_i18n_country_code"))
|
||||
})
|
||||
PostalInfo internationalizedPostalInfo;
|
||||
|
||||
/**
|
||||
* Contact name used for name searches. This is set automatically to be the internationalized
|
||||
* postal name, or if null, the localized postal name, or if that is null as well, null. Personal
|
||||
* info; cleared by {@link Contact.Builder#wipeOut}.
|
||||
*/
|
||||
String searchName;
|
||||
|
||||
/** Contact’s voice number. Personal info; cleared by {@link Contact.Builder#wipeOut}. */
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "phoneNumber", column = @Column(name = "voice_phone_number")),
|
||||
@AttributeOverride(name = "extension", column = @Column(name = "voice_phone_extension")),
|
||||
})
|
||||
ContactPhoneNumber voice;
|
||||
|
||||
/** Contact’s fax number. Personal info; cleared by {@link Contact.Builder#wipeOut}. */
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "phoneNumber", column = @Column(name = "fax_phone_number")),
|
||||
@AttributeOverride(name = "extension", column = @Column(name = "fax_phone_extension")),
|
||||
})
|
||||
ContactPhoneNumber fax;
|
||||
|
||||
/** Contact’s email address. Personal info; cleared by {@link Contact.Builder#wipeOut}. */
|
||||
String email;
|
||||
|
||||
/** Authorization info (aka transfer secret) of the contact. */
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "pw.value", column = @Column(name = "auth_info_value")),
|
||||
@AttributeOverride(name = "pw.repoId", column = @Column(name = "auth_info_repo_id")),
|
||||
})
|
||||
ContactAuthInfo authInfo;
|
||||
|
||||
/** Data about any pending or past transfers on this contact. */
|
||||
ContactTransferData transferData;
|
||||
|
||||
/**
|
||||
* The time that this resource was last transferred.
|
||||
*
|
||||
* <p>Can be null if the resource has never been transferred.
|
||||
*/
|
||||
DateTime lastTransferTime;
|
||||
|
||||
// If any new fields are added which contain personal information, make sure they are cleared by
|
||||
// the wipeOut() function, so that data is not kept around for deleted contacts.
|
||||
|
||||
/** Disclosure policy. */
|
||||
@Embedded
|
||||
@AttributeOverrides({
|
||||
@AttributeOverride(name = "name", column = @Column(name = "disclose_types_name")),
|
||||
@AttributeOverride(name = "org", column = @Column(name = "disclose_types_org")),
|
||||
@AttributeOverride(name = "addr", column = @Column(name = "disclose_types_addr")),
|
||||
@AttributeOverride(name = "flag", column = @Column(name = "disclose_mode_flag")),
|
||||
@AttributeOverride(name = "voice.marked", column = @Column(name = "disclose_show_voice")),
|
||||
@AttributeOverride(name = "fax.marked", column = @Column(name = "disclose_show_fax")),
|
||||
@AttributeOverride(name = "email.marked", column = @Column(name = "disclose_show_email"))
|
||||
})
|
||||
Disclose disclose;
|
||||
|
||||
@Override
|
||||
public VKey<? extends ContactBase> createVKey() {
|
||||
throw new UnsupportedOperationException(
|
||||
"ContactBase is not an actual persisted entity you can create a key to;"
|
||||
+ " use Contact instead");
|
||||
}
|
||||
|
||||
public String getContactId() {
|
||||
return contactId;
|
||||
}
|
||||
|
||||
public PostalInfo getLocalizedPostalInfo() {
|
||||
return localizedPostalInfo;
|
||||
}
|
||||
|
||||
public PostalInfo getInternationalizedPostalInfo() {
|
||||
return internationalizedPostalInfo;
|
||||
}
|
||||
|
||||
public String getSearchName() {
|
||||
return searchName;
|
||||
}
|
||||
|
||||
public ContactPhoneNumber getVoiceNumber() {
|
||||
return voice;
|
||||
}
|
||||
|
||||
public ContactPhoneNumber getFaxNumber() {
|
||||
return fax;
|
||||
}
|
||||
|
||||
public String getEmailAddress() {
|
||||
return email;
|
||||
}
|
||||
|
||||
public ContactAuthInfo getAuthInfo() {
|
||||
return authInfo;
|
||||
}
|
||||
|
||||
public Disclose getDisclose() {
|
||||
return disclose;
|
||||
}
|
||||
|
||||
public String getCurrentSponsorRegistrarId() {
|
||||
return getPersistedCurrentSponsorRegistrarId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public ContactTransferData getTransferData() {
|
||||
return Optional.ofNullable(transferData).orElse(ContactTransferData.EMPTY);
|
||||
}
|
||||
|
||||
@Override
|
||||
public DateTime getLastTransferTime() {
|
||||
return lastTransferTime;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getForeignKey() {
|
||||
return contactId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Postal info for the contact.
|
||||
*
|
||||
* <p>The XML marshalling expects the {@link PostalInfo} objects in a list, but we can't actually
|
||||
* persist them directly due to legacy reasons (Objectify can't handle collections of embedded
|
||||
* objects that themselves contain collections, and there's a list of streets inside). This method
|
||||
* transforms the persisted format to the XML format for marshalling.
|
||||
*/
|
||||
@XmlElement(name = "postalInfo")
|
||||
public ImmutableList<PostalInfo> getPostalInfosAsList() {
|
||||
return Stream.of(localizedPostalInfo, internationalizedPostalInfo)
|
||||
.filter(Objects::nonNull)
|
||||
.collect(toImmutableList());
|
||||
}
|
||||
|
||||
@Override
|
||||
public ContactBase cloneProjectedAtTime(DateTime now) {
|
||||
return cloneContactProjectedAtTime(this, now);
|
||||
}
|
||||
|
||||
/**
|
||||
* Clones the contact (or subclass). A separate static method so that we can pass in and return a
|
||||
* T without the compiler complaining.
|
||||
*/
|
||||
protected static <T extends ContactBase> T cloneContactProjectedAtTime(T contact, DateTime now) {
|
||||
Builder builder = contact.asBuilder();
|
||||
projectResourceOntoBuilderAtTime(contact, builder, now);
|
||||
return (T) builder.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder<? extends ContactBase, ?> asBuilder() {
|
||||
return new Builder<>(clone(this));
|
||||
}
|
||||
|
||||
/** A builder for constructing {@link Contact}, since it is immutable. */
|
||||
public static class Builder<T extends ContactBase, B extends Builder<T, B>>
|
||||
extends EppResource.Builder<T, B> implements BuilderWithTransferData<ContactTransferData, B> {
|
||||
|
||||
public Builder() {}
|
||||
|
||||
protected Builder(T instance) {
|
||||
super(instance);
|
||||
}
|
||||
|
||||
public B setContactId(String contactId) {
|
||||
getInstance().contactId = contactId;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setLocalizedPostalInfo(PostalInfo localizedPostalInfo) {
|
||||
checkArgument(
|
||||
localizedPostalInfo == null
|
||||
|| PostalInfo.Type.LOCALIZED.equals(localizedPostalInfo.getType()));
|
||||
getInstance().localizedPostalInfo = localizedPostalInfo;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setInternationalizedPostalInfo(PostalInfo internationalizedPostalInfo) {
|
||||
checkArgument(
|
||||
internationalizedPostalInfo == null
|
||||
|| PostalInfo.Type.INTERNATIONALIZED.equals(internationalizedPostalInfo.getType()));
|
||||
getInstance().internationalizedPostalInfo = internationalizedPostalInfo;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B overlayLocalizedPostalInfo(PostalInfo localizedPostalInfo) {
|
||||
return setLocalizedPostalInfo(
|
||||
getInstance().localizedPostalInfo == null
|
||||
? localizedPostalInfo
|
||||
: getInstance().localizedPostalInfo.overlay(localizedPostalInfo));
|
||||
}
|
||||
|
||||
public B overlayInternationalizedPostalInfo(PostalInfo internationalizedPostalInfo) {
|
||||
return setInternationalizedPostalInfo(
|
||||
getInstance().internationalizedPostalInfo == null
|
||||
? internationalizedPostalInfo
|
||||
: getInstance().internationalizedPostalInfo.overlay(internationalizedPostalInfo));
|
||||
}
|
||||
|
||||
public B setVoiceNumber(ContactPhoneNumber voiceNumber) {
|
||||
if (voiceNumber != null && voiceNumber.hasNullFields()) {
|
||||
voiceNumber = null;
|
||||
}
|
||||
getInstance().voice = voiceNumber;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setFaxNumber(ContactPhoneNumber faxNumber) {
|
||||
if (faxNumber != null && faxNumber.hasNullFields()) {
|
||||
faxNumber = null;
|
||||
}
|
||||
getInstance().fax = faxNumber;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setEmailAddress(String emailAddress) {
|
||||
getInstance().email = emailAddress;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setAuthInfo(ContactAuthInfo authInfo) {
|
||||
getInstance().authInfo = authInfo;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setDisclose(Disclose disclose) {
|
||||
getInstance().disclose = disclose;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
@Override
|
||||
public B setTransferData(ContactTransferData transferData) {
|
||||
getInstance().transferData = transferData;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
@Override
|
||||
public B setLastTransferTime(DateTime lastTransferTime) {
|
||||
getInstance().lastTransferTime = lastTransferTime;
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove all personally identifying information about a contact.
|
||||
*
|
||||
* <p>This should be used when deleting a contact so that the soft-deleted entity doesn't
|
||||
* contain information that the registrant requested to be deleted.
|
||||
*/
|
||||
public B wipeOut() {
|
||||
setEmailAddress(null);
|
||||
setFaxNumber(null);
|
||||
setInternationalizedPostalInfo(null);
|
||||
setLocalizedPostalInfo(null);
|
||||
setVoiceNumber(null);
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
@Override
|
||||
public T build() {
|
||||
T instance = getInstance();
|
||||
// If TransferData is totally empty, set it to null.
|
||||
if (ContactTransferData.EMPTY.equals(instance.transferData)) {
|
||||
setTransferData(null);
|
||||
}
|
||||
// Set the searchName using the internationalized and localized postal info names.
|
||||
if ((instance.internationalizedPostalInfo != null)
|
||||
&& (instance.internationalizedPostalInfo.getName() != null)) {
|
||||
instance.searchName = instance.internationalizedPostalInfo.getName();
|
||||
} else if ((instance.localizedPostalInfo != null)
|
||||
&& (instance.localizedPostalInfo.getName() != null)) {
|
||||
instance.searchName = instance.localizedPostalInfo.getName();
|
||||
} else {
|
||||
instance.searchName = null;
|
||||
}
|
||||
return super.build();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -18,6 +18,7 @@ import static com.google.common.base.Preconditions.checkState;
|
||||
import static google.registry.util.CollectionUtils.nullToEmpty;
|
||||
|
||||
import com.google.common.collect.Maps;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.contact.PostalInfo.Type;
|
||||
import google.registry.model.eppinput.ResourceCommand.AbstractSingleResourceCommand;
|
||||
@@ -34,13 +35,13 @@ import jakarta.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/** A collection of {@link Contact} commands. */
|
||||
/** A collection of (vestigial) Contact commands. */
|
||||
public class ContactCommand {
|
||||
|
||||
/** The fields on "chgType" from <a href="http://tools.ietf.org/html/rfc5733">RFC5733</a>. */
|
||||
@XmlTransient
|
||||
public static class ContactCreateOrChange extends ImmutableObject
|
||||
implements ResourceCreateOrChange<Contact.Builder> {
|
||||
implements ResourceCreateOrChange<EppResource.Builder<?, ?>> {
|
||||
|
||||
/** Postal info for the contact. */
|
||||
List<PostalInfo> postalInfo;
|
||||
@@ -111,13 +112,13 @@ public class ContactCommand {
|
||||
}
|
||||
|
||||
/**
|
||||
* A create command for a {@link Contact}, mapping "createType" from <a
|
||||
* A create command for a (vestigial) Contact, mapping "createType" from <a
|
||||
* href="http://tools.ietf.org/html/rfc5733">RFC5733</a>}.
|
||||
*/
|
||||
@XmlType(propOrder = {"contactId", "postalInfo", "voice", "fax", "email", "authInfo", "disclose"})
|
||||
@XmlRootElement
|
||||
public static class Create extends ContactCreateOrChange
|
||||
implements SingleResourceCommand, ResourceCreateOrChange<Contact.Builder> {
|
||||
implements SingleResourceCommand, ResourceCreateOrChange<EppResource.Builder<?, ?>> {
|
||||
/**
|
||||
* Unique identifier for this contact.
|
||||
*
|
||||
@@ -139,29 +140,29 @@ public class ContactCommand {
|
||||
}
|
||||
}
|
||||
|
||||
/** A delete command for a {@link Contact}. */
|
||||
/** A delete command for a (vestigial) Contact. */
|
||||
@XmlRootElement
|
||||
public static class Delete extends AbstractSingleResourceCommand {}
|
||||
|
||||
/** An info request for a {@link Contact}. */
|
||||
/** An info request for a (vestigial) Contact. */
|
||||
@XmlRootElement
|
||||
@XmlType(propOrder = {"targetId", "authInfo"})
|
||||
public static class Info extends AbstractContactAuthCommand {}
|
||||
|
||||
/** A check request for {@link Contact}. */
|
||||
/** A check request for (vestigial) Contact. */
|
||||
@XmlRootElement
|
||||
public static class Check extends ResourceCheck {}
|
||||
|
||||
/** A transfer operation for a {@link Contact}. */
|
||||
/** A transfer operation for a (vestigial) Contact. */
|
||||
@XmlRootElement
|
||||
@XmlType(propOrder = {"targetId", "authInfo"})
|
||||
public static class Transfer extends AbstractContactAuthCommand {}
|
||||
|
||||
/** An update to a {@link Contact}. */
|
||||
/** An update to a (vestigial) Contact. */
|
||||
@XmlRootElement
|
||||
@XmlType(propOrder = {"targetId", "innerAdd", "innerRemove", "innerChange"})
|
||||
public static class Update
|
||||
extends ResourceUpdate<Update.AddRemove, Contact.Builder, Update.Change> {
|
||||
extends ResourceUpdate<Update.AddRemove, EppResource.Builder<?, ?>, Update.Change> {
|
||||
|
||||
@XmlElement(name = "chg")
|
||||
protected Change innerChange;
|
||||
|
||||
@@ -1,102 +0,0 @@
|
||||
// Copyright 2020 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.model.contact;
|
||||
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.reporting.HistoryEntry;
|
||||
import google.registry.persistence.VKey;
|
||||
import jakarta.persistence.Access;
|
||||
import jakarta.persistence.AccessType;
|
||||
import jakarta.persistence.AttributeOverride;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.Index;
|
||||
import jakarta.persistence.Table;
|
||||
import java.util.Optional;
|
||||
import javax.annotation.Nullable;
|
||||
|
||||
/**
|
||||
* A persisted history entry representing an EPP modification to a contact.
|
||||
*
|
||||
* <p>In addition to the general history fields (e.g. action time, registrar ID) we also persist a
|
||||
* copy of the contact entity at this point in time. We persist a raw {@link ContactBase} so that
|
||||
* the foreign-keyed fields in that class can refer to this object.
|
||||
*/
|
||||
@Entity
|
||||
@Table(
|
||||
indexes = {
|
||||
@Index(columnList = "creationTime"),
|
||||
@Index(columnList = "historyRegistrarId"),
|
||||
@Index(columnList = "historyType"),
|
||||
@Index(columnList = "historyModificationTime")
|
||||
})
|
||||
@AttributeOverride(name = "repoId", column = @Column(name = "contactRepoId"))
|
||||
@Access(AccessType.FIELD)
|
||||
public class ContactHistory extends HistoryEntry {
|
||||
|
||||
// Store ContactBase instead of Contact, so we don't pick up its @Id
|
||||
// @Nullable for the sake of pre-Registry-3.0 history objects
|
||||
@Nullable ContactBase resource;
|
||||
|
||||
@Override
|
||||
protected ContactBase getResource() {
|
||||
return resource;
|
||||
}
|
||||
|
||||
/**
|
||||
* The values of all the fields on the {@link ContactBase} object after the action represented by
|
||||
* this history object was executed.
|
||||
*
|
||||
* <p>Will be absent for objects created prior to the Registry 3.0 SQL migration.
|
||||
*/
|
||||
public Optional<ContactBase> getContactBase() {
|
||||
return Optional.ofNullable(resource);
|
||||
}
|
||||
|
||||
/** Creates a {@link VKey} instance for this entity. */
|
||||
@Override
|
||||
public VKey<ContactHistory> createVKey() {
|
||||
return VKey.create(ContactHistory.class, getHistoryEntryId());
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<? extends EppResource> getResourceAtPointInTime() {
|
||||
return getContactBase().map(contactBase -> new Contact.Builder().copyFrom(contactBase).build());
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder asBuilder() {
|
||||
return new Builder(clone(this));
|
||||
}
|
||||
|
||||
public static class Builder extends HistoryEntry.Builder<ContactHistory, ContactHistory.Builder> {
|
||||
|
||||
public Builder() {}
|
||||
|
||||
public Builder(ContactHistory instance) {
|
||||
super(instance);
|
||||
}
|
||||
|
||||
public Builder setContact(ContactBase contactBase) {
|
||||
getInstance().resource = contactBase;
|
||||
return setRepoId(contactBase);
|
||||
}
|
||||
|
||||
public Builder wipeOutPii() {
|
||||
getInstance().resource = getInstance().resource.asBuilder().wipeOut().build();
|
||||
return this;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -20,11 +20,9 @@ import jakarta.persistence.Embeddable;
|
||||
/**
|
||||
* EPP Contact Phone Number
|
||||
*
|
||||
* <p>This class is embedded inside a {@link Contact} hold the phone number of an EPP contact. The
|
||||
* fields are all defined in the parent class {@link PhoneNumber}, but the subclass is still
|
||||
* necessary to pick up the contact namespace.
|
||||
*
|
||||
* @see Contact
|
||||
* <p>This class is embedded inside a (vestigial) Contact to hold the phone number of an EPP
|
||||
* contact. The fields are all defined in the parent class {@link PhoneNumber}, but the subclass is
|
||||
* still necessary to pick up the contact namespace.
|
||||
*/
|
||||
@Embeddable
|
||||
public class ContactPhoneNumber extends PhoneNumber {
|
||||
|
||||
@@ -1,80 +0,0 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.model.domain;
|
||||
|
||||
import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
|
||||
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.UnsafeSerializable;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.persistence.VKey;
|
||||
import jakarta.persistence.Embeddable;
|
||||
import jakarta.xml.bind.annotation.XmlEnumValue;
|
||||
|
||||
/**
|
||||
* Persisted type for storing a domain's contact associations.
|
||||
*
|
||||
* <p>A contact association on a domain consists of the contact key and the contact "type", which is
|
||||
* the designated role of this contact with respect to this domain. When converting to and from EPP
|
||||
* XML, we use {@link ForeignKeyedDesignatedContact} to replace the contact's primary key with its
|
||||
* foreign key, since that is what EPP exposes.
|
||||
*
|
||||
* <p>Note one could in principle store contact foreign keys here in addition to keys, unlike the
|
||||
* situation with hosts where client-side renames would make that data stale. However, we sometimes
|
||||
* rename contacts internally ourselves, and it's easier to use the same model for both cases.
|
||||
*
|
||||
* <p>This entity type is not persisted in Cloud SQL. The different roles are represented as
|
||||
* separate fields in the Domain table.
|
||||
*
|
||||
* @see <a href="http://tools.ietf.org/html/rfc5731#section-2.2">RFC 5731 - EPP Domain Name Mapping
|
||||
* - Contact and Client Identifiers</a>
|
||||
*/
|
||||
@Embeddable
|
||||
public class DesignatedContact extends ImmutableObject implements UnsafeSerializable {
|
||||
|
||||
/**
|
||||
* XML type for contact types. This can be either: {@code "admin"}, {@code "billing"}, or
|
||||
* {@code "tech"} and corresponds to {@code contactAttrType} in {@code domain-1.0.xsd}.
|
||||
*/
|
||||
public enum Type {
|
||||
@XmlEnumValue("admin")
|
||||
ADMIN,
|
||||
@XmlEnumValue("billing")
|
||||
BILLING,
|
||||
@XmlEnumValue("tech")
|
||||
TECH,
|
||||
/** The registrant type is not reflected in XML and exists only for internal use. */
|
||||
REGISTRANT
|
||||
}
|
||||
|
||||
public static DesignatedContact create(Type type, VKey<Contact> contact) {
|
||||
DesignatedContact instance = new DesignatedContact();
|
||||
instance.type = type;
|
||||
instance.contactVKey = checkArgumentNotNull(contact, "Must specify contact key");
|
||||
return instance;
|
||||
}
|
||||
|
||||
Type type;
|
||||
|
||||
VKey<Contact> contactVKey;
|
||||
|
||||
public Type getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public VKey<Contact> getContactKey() {
|
||||
return contactVKey;
|
||||
}
|
||||
}
|
||||
@@ -178,7 +178,6 @@ public class Domain extends DomainBase implements ForeignKeyedEppResource {
|
||||
.setAutorenewPollMessage(domainBase.getAutorenewPollMessage())
|
||||
.setAutorenewBillingEvent(domainBase.getAutorenewBillingEvent())
|
||||
.setAutorenewEndTime(domainBase.getAutorenewEndTime())
|
||||
.setContacts(domainBase.getContacts())
|
||||
.setCreationRegistrarId(domainBase.getCreationRegistrarId())
|
||||
.setCreationTime(domainBase.getCreationTime())
|
||||
.setDomainName(domainBase.getDomainName())
|
||||
@@ -193,7 +192,6 @@ public class Domain extends DomainBase implements ForeignKeyedEppResource {
|
||||
.setLastEppUpdateTime(domainBase.getLastEppUpdateTime())
|
||||
.setNameservers(domainBase.getNameservers())
|
||||
.setPersistedCurrentSponsorRegistrarId(domainBase.getPersistedCurrentSponsorRegistrarId())
|
||||
.setRegistrant(domainBase.getRegistrant())
|
||||
.setRegistrationExpirationTime(domainBase.getRegistrationExpirationTime())
|
||||
.setRepoId(domainBase.getRepoId())
|
||||
.setSmdId(domainBase.getSmdId())
|
||||
|
||||
@@ -45,8 +45,6 @@ import google.registry.flows.ResourceFlowUtils;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.EppResource.ResourceWithTransferData;
|
||||
import google.registry.model.billing.BillingRecurrence;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.DesignatedContact.Type;
|
||||
import google.registry.model.domain.launch.LaunchNotice;
|
||||
import google.registry.model.domain.rgp.GracePeriodStatus;
|
||||
import google.registry.model.domain.secdns.DomainDsData;
|
||||
@@ -79,10 +77,8 @@ import jakarta.persistence.Id;
|
||||
import jakarta.persistence.MappedSuperclass;
|
||||
import jakarta.persistence.Transient;
|
||||
import java.util.HashSet;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.function.Predicate;
|
||||
import javax.annotation.Nullable;
|
||||
import org.hibernate.collection.spi.PersistentSet;
|
||||
import org.joda.time.DateTime;
|
||||
@@ -131,12 +127,12 @@ public class DomainBase extends EppResource
|
||||
/** References to hosts that are the nameservers for the domain. */
|
||||
@Expose @Transient Set<VKey<Host>> nsHosts;
|
||||
|
||||
/** Contacts. */
|
||||
@Expose @Nullable VKey<Contact> adminContact;
|
||||
/** Contacts keys are kept around for vestigial purposes for now. */
|
||||
@Expose @Nullable String adminContact;
|
||||
|
||||
@Expose @Nullable VKey<Contact> billingContact;
|
||||
@Expose @Nullable VKey<Contact> techContact;
|
||||
@Expose @Nullable VKey<Contact> registrantContact;
|
||||
@Expose @Nullable String billingContact;
|
||||
@Expose @Nullable String techContact;
|
||||
@Expose @Nullable String registrantContact;
|
||||
|
||||
/** Authorization info (aka transfer secret) of the domain. */
|
||||
@Embedded
|
||||
@@ -586,120 +582,21 @@ public class DomainBase extends EppResource
|
||||
.collect(toImmutableSortedSet(Ordering.natural())));
|
||||
}
|
||||
|
||||
/** A key to the registrant who registered this domain. */
|
||||
public Optional<VKey<Contact>> getRegistrant() {
|
||||
return Optional.ofNullable(registrantContact);
|
||||
}
|
||||
|
||||
public Optional<VKey<Contact>> getAdminContact() {
|
||||
return Optional.ofNullable(adminContact);
|
||||
}
|
||||
|
||||
public Optional<VKey<Contact>> getBillingContact() {
|
||||
return Optional.ofNullable(billingContact);
|
||||
}
|
||||
|
||||
public Optional<VKey<Contact>> getTechContact() {
|
||||
return Optional.ofNullable(techContact);
|
||||
}
|
||||
|
||||
/**
|
||||
* Associated contacts for the domain (other than registrant).
|
||||
*
|
||||
* <p>Note: This can be an empty set if no contacts are present for the domain.
|
||||
*/
|
||||
public ImmutableSet<DesignatedContact> getContacts() {
|
||||
return getAllContacts(false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets all associated contacts for the domain, including the registrant.
|
||||
*
|
||||
* <p>Note: This can be an empty set if no contacts are present for the domain.
|
||||
*/
|
||||
public ImmutableSet<DesignatedContact> getAllContacts() {
|
||||
return getAllContacts(true);
|
||||
}
|
||||
|
||||
@Nullable
|
||||
public DomainAuthInfo getAuthInfo() {
|
||||
return authInfo;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns all referenced contacts from this domain.
|
||||
*
|
||||
* <p>Note: This can be an empty set if no contacts are present for the domain.
|
||||
*/
|
||||
public ImmutableSet<VKey<Contact>> getReferencedContacts() {
|
||||
return nullToEmptyImmutableCopy(getAllContacts(true)).stream()
|
||||
.map(DesignatedContact::getContactKey)
|
||||
.filter(Objects::nonNull)
|
||||
.collect(toImmutableSet());
|
||||
}
|
||||
|
||||
private ImmutableSet<DesignatedContact> getAllContacts(boolean includeRegistrant) {
|
||||
ImmutableSet.Builder<DesignatedContact> builder = new ImmutableSet.Builder<>();
|
||||
if (includeRegistrant) {
|
||||
getRegistrant().ifPresent(c -> builder.add(DesignatedContact.create(Type.REGISTRANT, c)));
|
||||
}
|
||||
getAdminContact().ifPresent(c -> builder.add(DesignatedContact.create(Type.ADMIN, c)));
|
||||
getBillingContact().ifPresent(c -> builder.add(DesignatedContact.create(Type.BILLING, c)));
|
||||
getTechContact().ifPresent(c -> builder.add(DesignatedContact.create(Type.TECH, c)));
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
public String getTld() {
|
||||
return tld;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the individual contact fields from {@code contacts}.
|
||||
*
|
||||
* <p>The registrant field is only set if {@code includeRegistrant} is true, as this field needs
|
||||
* to be set in some circumstances but not in others.
|
||||
*/
|
||||
void setContactFields(Set<DesignatedContact> contacts, boolean includeRegistrant) {
|
||||
// Set the individual contact fields.
|
||||
billingContact = null;
|
||||
techContact = null;
|
||||
adminContact = null;
|
||||
if (includeRegistrant) {
|
||||
registrantContact = null;
|
||||
}
|
||||
HashSet<Type> contactsDiscovered = new HashSet<>();
|
||||
for (DesignatedContact contact : contacts) {
|
||||
checkArgument(
|
||||
!contactsDiscovered.contains(contact.getType()),
|
||||
"Duplicate contact type %s in designated contact set.",
|
||||
contact.getType());
|
||||
contactsDiscovered.add(contact.getType());
|
||||
switch (contact.getType()) {
|
||||
case BILLING -> billingContact = contact.getContactKey();
|
||||
case TECH -> techContact = contact.getContactKey();
|
||||
case ADMIN -> adminContact = contact.getContactKey();
|
||||
case REGISTRANT -> {
|
||||
if (includeRegistrant) {
|
||||
registrantContact = contact.getContactKey();
|
||||
}
|
||||
}
|
||||
default ->
|
||||
throw new IllegalArgumentException(
|
||||
"Unknown contact resource type: " + contact.getType());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public VKey<Domain> createVKey() {
|
||||
throw new UnsupportedOperationException(
|
||||
"DomainBase is not an actual persisted entity you can create a key to; use Domain instead");
|
||||
}
|
||||
|
||||
/** Predicate to determine if a given {@link DesignatedContact} is the registrant. */
|
||||
static final Predicate<DesignatedContact> IS_REGISTRANT =
|
||||
(DesignatedContact contact) -> Type.REGISTRANT.equals(contact.type);
|
||||
|
||||
/** An override of {@link EppResource#asBuilder} with tighter typing. */
|
||||
@Override
|
||||
public Builder<? extends DomainBase, ?> asBuilder() {
|
||||
@@ -764,12 +661,6 @@ public class DomainBase extends EppResource
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setRegistrant(Optional<VKey<Contact>> registrant) {
|
||||
// Set the registrant field specifically.
|
||||
getInstance().registrantContact = registrant.orElse(null);
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setAuthInfo(DomainAuthInfo authInfo) {
|
||||
getInstance().authInfo = authInfo;
|
||||
return thisCastToDerived();
|
||||
@@ -805,26 +696,6 @@ public class DomainBase extends EppResource
|
||||
ImmutableSet.copyOf(difference(getInstance().getNameservers(), nameservers)));
|
||||
}
|
||||
|
||||
public B setContacts(DesignatedContact contact) {
|
||||
return setContacts(ImmutableSet.of(contact));
|
||||
}
|
||||
|
||||
public B setContacts(ImmutableSet<DesignatedContact> contacts) {
|
||||
checkArgument(contacts.stream().noneMatch(IS_REGISTRANT), "Registrant cannot be a contact");
|
||||
|
||||
// Set the individual fields.
|
||||
getInstance().setContactFields(contacts, false);
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B addContacts(ImmutableSet<DesignatedContact> contacts) {
|
||||
return setContacts(ImmutableSet.copyOf(Sets.union(getInstance().getContacts(), contacts)));
|
||||
}
|
||||
|
||||
public B removeContacts(ImmutableSet<DesignatedContact> contacts) {
|
||||
return setContacts(ImmutableSet.copyOf(difference(getInstance().getContacts(), contacts)));
|
||||
}
|
||||
|
||||
public B setLaunchNotice(LaunchNotice launchNotice) {
|
||||
getInstance().launchNotice = launchNotice;
|
||||
return thisCastToDerived();
|
||||
|
||||
@@ -16,23 +16,20 @@ package google.registry.model.domain;
|
||||
|
||||
import static com.google.common.base.MoreObjects.firstNonNull;
|
||||
import static com.google.common.base.Preconditions.checkNotNull;
|
||||
import static com.google.common.collect.Iterables.getOnlyElement;
|
||||
import static com.google.common.collect.Sets.difference;
|
||||
import static google.registry.util.CollectionUtils.difference;
|
||||
import static google.registry.util.CollectionUtils.forceEmptyToNull;
|
||||
import static google.registry.util.CollectionUtils.isNullOrEmpty;
|
||||
import static google.registry.util.CollectionUtils.nullSafeImmutableCopy;
|
||||
import static google.registry.util.CollectionUtils.nullToEmpty;
|
||||
import static google.registry.util.CollectionUtils.nullToEmptyImmutableCopy;
|
||||
import static google.registry.util.CollectionUtils.union;
|
||||
|
||||
import com.google.common.base.MoreObjects;
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.flows.EppException.ParameterValuePolicyErrorException;
|
||||
import google.registry.flows.domain.DomainFlowUtils.RegistrantProhibitedException;
|
||||
import google.registry.flows.exceptions.ContactsProhibitedException;
|
||||
import google.registry.model.ForeignKeyUtils;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.eppinput.ResourceCommand.AbstractSingleResourceCommand;
|
||||
import google.registry.model.eppinput.ResourceCommand.ResourceCheck;
|
||||
import google.registry.model.eppinput.ResourceCommand.ResourceCreateOrChange;
|
||||
@@ -67,7 +64,8 @@ public class DomainCommand {
|
||||
*/
|
||||
public interface CreateOrUpdate<T extends CreateOrUpdate<T>> extends SingleResourceCommand {
|
||||
/** Creates a copy of this command with hard links to hosts and contacts. */
|
||||
T cloneAndLinkReferences(DateTime now) throws InvalidReferencesException;
|
||||
T cloneAndLinkReferences(DateTime now)
|
||||
throws InvalidReferencesException, ParameterValuePolicyErrorException;
|
||||
}
|
||||
|
||||
/** The fields on "chgType" from <a href="http://tools.ietf.org/html/rfc5731">RFC5731</a>. */
|
||||
@@ -80,9 +78,6 @@ public class DomainCommand {
|
||||
@Nullable
|
||||
String registrantContactId;
|
||||
|
||||
/** A resolved key to the registrant who registered this domain. */
|
||||
@Nullable @XmlTransient VKey<Contact> registrant;
|
||||
|
||||
/** Authorization info (aka transfer secret) of the domain. */
|
||||
DomainAuthInfo authInfo;
|
||||
|
||||
@@ -90,10 +85,6 @@ public class DomainCommand {
|
||||
return Optional.ofNullable(registrantContactId);
|
||||
}
|
||||
|
||||
public Optional<VKey<Contact>> getRegistrant() {
|
||||
return Optional.ofNullable(registrant);
|
||||
}
|
||||
|
||||
public DomainAuthInfo getAuthInfo() {
|
||||
return authInfo;
|
||||
}
|
||||
@@ -132,10 +123,6 @@ public class DomainCommand {
|
||||
@XmlElement(name = "contact")
|
||||
Set<ForeignKeyedDesignatedContact> foreignKeyedDesignatedContacts;
|
||||
|
||||
/** Resolved keys to associated contacts for the domain (other than registrant). */
|
||||
@XmlTransient
|
||||
Set<DesignatedContact> contacts;
|
||||
|
||||
/** The period that this domain's state was set to last for (e.g. 1-10 years). */
|
||||
Period period;
|
||||
|
||||
@@ -160,10 +147,6 @@ public class DomainCommand {
|
||||
return nullToEmptyImmutableCopy(nameservers);
|
||||
}
|
||||
|
||||
public ImmutableSet<DesignatedContact> getContacts() {
|
||||
return nullToEmptyImmutableCopy(contacts);
|
||||
}
|
||||
|
||||
@Override
|
||||
public DomainAuthInfo getAuthInfo() {
|
||||
return authInfo;
|
||||
@@ -171,26 +154,15 @@ public class DomainCommand {
|
||||
|
||||
/** Creates a copy of this {@link Create} with hard links to hosts and contacts. */
|
||||
@Override
|
||||
public Create cloneAndLinkReferences(DateTime now) throws InvalidReferencesException {
|
||||
public Create cloneAndLinkReferences(DateTime now)
|
||||
throws InvalidReferencesException, ParameterValuePolicyErrorException {
|
||||
Create clone = clone(this);
|
||||
clone.nameservers = linkHosts(clone.nameserverHostNames, now);
|
||||
if (registrantContactId == null) {
|
||||
clone.contacts = linkContacts(clone.foreignKeyedDesignatedContacts, now);
|
||||
} else {
|
||||
// Load the registrant and contacts in one shot.
|
||||
ForeignKeyedDesignatedContact registrantPlaceholder = new ForeignKeyedDesignatedContact();
|
||||
registrantPlaceholder.contactId = clone.registrantContactId;
|
||||
registrantPlaceholder.type = DesignatedContact.Type.REGISTRANT;
|
||||
Set<DesignatedContact> contacts = linkContacts(
|
||||
union(nullToEmpty(clone.foreignKeyedDesignatedContacts), registrantPlaceholder),
|
||||
now);
|
||||
for (DesignatedContact contact : contacts) {
|
||||
if (DesignatedContact.Type.REGISTRANT.equals(contact.getType())) {
|
||||
clone.registrant = contact.getContactKey();
|
||||
clone.contacts = forceEmptyToNull(difference(contacts, contact));
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (registrantContactId != null) {
|
||||
throw new RegistrantProhibitedException();
|
||||
}
|
||||
if (!isNullOrEmpty(foreignKeyedDesignatedContacts)) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
return clone;
|
||||
}
|
||||
@@ -352,10 +324,6 @@ public class DomainCommand {
|
||||
@XmlElement(name = "contact")
|
||||
Set<ForeignKeyedDesignatedContact> foreignKeyedDesignatedContacts;
|
||||
|
||||
/** Resolved keys to associated contacts for the domain (other than registrant). */
|
||||
@XmlTransient
|
||||
Set<DesignatedContact> contacts;
|
||||
|
||||
public ImmutableSet<String> getNameserverHostNames() {
|
||||
return nullSafeImmutableCopy(nameserverHostNames);
|
||||
}
|
||||
@@ -364,15 +332,14 @@ public class DomainCommand {
|
||||
return nullToEmptyImmutableCopy(nameservers);
|
||||
}
|
||||
|
||||
public ImmutableSet<DesignatedContact> getContacts() {
|
||||
return nullToEmptyImmutableCopy(contacts);
|
||||
}
|
||||
|
||||
/** Creates a copy of this {@link AddRemove} with hard links to hosts and contacts. */
|
||||
private AddRemove cloneAndLinkReferences(DateTime now) throws InvalidReferencesException {
|
||||
private AddRemove cloneAndLinkReferences(DateTime now)
|
||||
throws InvalidReferencesException, ContactsProhibitedException {
|
||||
AddRemove clone = clone(this);
|
||||
clone.nameservers = linkHosts(clone.nameserverHostNames, now);
|
||||
clone.contacts = linkContacts(clone.foreignKeyedDesignatedContacts, now);
|
||||
if (!isNullOrEmpty(foreignKeyedDesignatedContacts)) {
|
||||
throw new ContactsProhibitedException();
|
||||
}
|
||||
return clone;
|
||||
}
|
||||
}
|
||||
@@ -380,16 +347,11 @@ public class DomainCommand {
|
||||
/** The inner change type on a domain update command. */
|
||||
@XmlType(propOrder = {"registrantContactId", "authInfo"})
|
||||
public static class Change extends DomainCreateOrChange<Domain.Builder> {
|
||||
/** Creates a copy of this {@link Change} with hard links to hosts and contacts. */
|
||||
Change cloneAndLinkReferences(DateTime now) throws InvalidReferencesException {
|
||||
Change cloneAndLinkReferences() throws RegistrantProhibitedException {
|
||||
Change clone = clone(this);
|
||||
clone.registrant =
|
||||
Strings.isNullOrEmpty(clone.registrantContactId)
|
||||
? null
|
||||
: getOnlyElement(
|
||||
loadByForeignKeysCached(
|
||||
ImmutableSet.of(clone.registrantContactId), Contact.class, now)
|
||||
.values());
|
||||
if (clone.registrantContactId != null) {
|
||||
throw new RegistrantProhibitedException();
|
||||
}
|
||||
return clone;
|
||||
}
|
||||
}
|
||||
@@ -401,11 +363,12 @@ public class DomainCommand {
|
||||
* of those classes, which is harmless because the getters do that anyways.
|
||||
*/
|
||||
@Override
|
||||
public Update cloneAndLinkReferences(DateTime now) throws InvalidReferencesException {
|
||||
public Update cloneAndLinkReferences(DateTime now)
|
||||
throws InvalidReferencesException, ParameterValuePolicyErrorException {
|
||||
Update clone = clone(this);
|
||||
clone.innerAdd = clone.getInnerAdd().cloneAndLinkReferences(now);
|
||||
clone.innerRemove = clone.getInnerRemove().cloneAndLinkReferences(now);
|
||||
clone.innerChange = clone.getInnerChange().cloneAndLinkReferences(now);
|
||||
clone.innerChange = clone.getInnerChange().cloneAndLinkReferences();
|
||||
return clone;
|
||||
}
|
||||
}
|
||||
@@ -415,37 +378,17 @@ public class DomainCommand {
|
||||
if (hostNames == null) {
|
||||
return null;
|
||||
}
|
||||
return ImmutableSet.copyOf(loadByForeignKeysCached(hostNames, Host.class, now).values());
|
||||
return ImmutableSet.copyOf(loadByForeignKeysCached(hostNames, now).values());
|
||||
}
|
||||
|
||||
private static Set<DesignatedContact> linkContacts(
|
||||
Set<ForeignKeyedDesignatedContact> contacts, DateTime now) throws InvalidReferencesException {
|
||||
if (contacts == null) {
|
||||
return null;
|
||||
}
|
||||
ImmutableSet.Builder<String> foreignKeys = new ImmutableSet.Builder<>();
|
||||
for (ForeignKeyedDesignatedContact contact : contacts) {
|
||||
foreignKeys.add(contact.contactId);
|
||||
}
|
||||
ImmutableMap<String, VKey<Contact>> loadedContacts =
|
||||
loadByForeignKeysCached(foreignKeys.build(), Contact.class, now);
|
||||
ImmutableSet.Builder<DesignatedContact> linkedContacts = new ImmutableSet.Builder<>();
|
||||
for (ForeignKeyedDesignatedContact contact : contacts) {
|
||||
linkedContacts.add(
|
||||
DesignatedContact.create(contact.type, loadedContacts.get(contact.contactId)));
|
||||
}
|
||||
return linkedContacts.build();
|
||||
}
|
||||
|
||||
/** Loads keys to cached EPP resources by their foreign keys. */
|
||||
private static <T extends EppResource> ImmutableMap<String, VKey<T>> loadByForeignKeysCached(
|
||||
final Set<String> foreignKeys, final Class<T> clazz, final DateTime now)
|
||||
throws InvalidReferencesException {
|
||||
ImmutableMap<String, VKey<T>> fks =
|
||||
ForeignKeyUtils.loadKeysByCacheIfEnabled(clazz, foreignKeys, now);
|
||||
/** Loads host keys to cached EPP resources by their foreign keys. */
|
||||
private static ImmutableMap<String, VKey<Host>> loadByForeignKeysCached(
|
||||
final Set<String> foreignKeys, final DateTime now) throws InvalidReferencesException {
|
||||
ImmutableMap<String, VKey<Host>> fks =
|
||||
ForeignKeyUtils.loadKeysByCacheIfEnabled(Host.class, foreignKeys, now);
|
||||
if (!fks.keySet().equals(foreignKeys)) {
|
||||
throw new InvalidReferencesException(
|
||||
clazz, ImmutableSet.copyOf(difference(foreignKeys, fks.keySet())));
|
||||
Host.class, ImmutableSet.copyOf(difference(foreignKeys, fks.keySet())));
|
||||
}
|
||||
return fks;
|
||||
}
|
||||
|
||||
@@ -16,27 +16,42 @@ package google.registry.model.domain;
|
||||
|
||||
import google.registry.model.ImmutableObject;
|
||||
import jakarta.xml.bind.annotation.XmlAttribute;
|
||||
import jakarta.xml.bind.annotation.XmlEnumValue;
|
||||
import jakarta.xml.bind.annotation.XmlValue;
|
||||
|
||||
/**
|
||||
* EPP-XML-serializable equivalent of {@link DesignatedContact}.
|
||||
* Vestigial EPP-XML-serializable equivalent of a contact.
|
||||
*
|
||||
* <p>This type is used on the wire for EPP XML, where only the contact ID (foreign key) is exposed.
|
||||
* This is converted to and from the persisted type, {@link DesignatedContact}, which stores the
|
||||
* primary key instead of the foreign key.
|
||||
* <p>This type was used on the wire for EPP XML, where only the contact ID (foreign key) was
|
||||
* exposed.
|
||||
*
|
||||
* @see <a href="http://tools.ietf.org/html/rfc5731#section-2.2">RFC 5731 - EPP Domain Name Mapping
|
||||
* - Contact and Client Identifiers</a>
|
||||
*/
|
||||
public class ForeignKeyedDesignatedContact extends ImmutableObject {
|
||||
|
||||
/**
|
||||
* XML type for contact types. This can be either: {@code "admin"}, {@code "billing"}, or {@code
|
||||
* "tech"} and corresponds to {@code contactAttrType} in {@code domain-1.0.xsd}.
|
||||
*/
|
||||
public enum Type {
|
||||
@XmlEnumValue("admin")
|
||||
ADMIN,
|
||||
@XmlEnumValue("billing")
|
||||
BILLING,
|
||||
@XmlEnumValue("tech")
|
||||
TECH,
|
||||
/** The registrant type is not reflected in XML and exists only for internal use. */
|
||||
REGISTRANT
|
||||
}
|
||||
|
||||
@XmlAttribute(required = true)
|
||||
DesignatedContact.Type type;
|
||||
Type type;
|
||||
|
||||
@XmlValue
|
||||
String contactId;
|
||||
|
||||
public static ForeignKeyedDesignatedContact create(
|
||||
DesignatedContact.Type type, String contactId) {
|
||||
public static ForeignKeyedDesignatedContact create(Type type, String contactId) {
|
||||
ForeignKeyedDesignatedContact instance = new ForeignKeyedDesignatedContact();
|
||||
instance.type = type;
|
||||
instance.contactId = contactId;
|
||||
|
||||
@@ -15,6 +15,8 @@
|
||||
package google.registry.model.domain.fee;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.model.eppinput.EppInput.CommandExtension;
|
||||
import org.joda.money.CurrencyUnit;
|
||||
|
||||
@@ -42,4 +44,11 @@ public interface FeeCheckCommandExtension<
|
||||
ImmutableList<C> getItems();
|
||||
|
||||
R createResponse(ImmutableList<? extends FeeCheckResponseExtensionItem> items);
|
||||
|
||||
default R createResponse(
|
||||
ImmutableList<? extends FeeCheckResponseExtensionItem> items,
|
||||
ImmutableSet<CurrencyUnit> currenciesSeen)
|
||||
throws EppException {
|
||||
return createResponse(items);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,7 +18,6 @@ import com.google.common.base.Ascii;
|
||||
import google.registry.model.domain.Period;
|
||||
import google.registry.model.domain.fee.FeeCheckCommandExtensionItem;
|
||||
import jakarta.xml.bind.annotation.XmlAttribute;
|
||||
import jakarta.xml.bind.annotation.XmlElement;
|
||||
import jakarta.xml.bind.annotation.XmlType;
|
||||
import java.util.Locale;
|
||||
import java.util.Optional;
|
||||
@@ -32,12 +31,13 @@ import org.joda.time.DateTime;
|
||||
* <pre>{@code
|
||||
* <fee:command name="renew" phase="sunrise" subphase="hello">
|
||||
* <fee:period unit="y">1</fee:period>
|
||||
* <fee:class>premium</fee:class>
|
||||
* <fee:date>2017-05-17T13:22:21.0Z</fee:date>
|
||||
* </fee:command>
|
||||
* }</pre>
|
||||
*
|
||||
* <p>The `feeClass` and `feeDate` attributes that are present in version 0.12 are removed from this
|
||||
* version.
|
||||
*/
|
||||
@XmlType(propOrder = {"period", "feeClass", "feeDate"})
|
||||
@XmlType(propOrder = {"period"})
|
||||
public class FeeCheckCommandExtensionItemStdV1 extends FeeCheckCommandExtensionItem {
|
||||
|
||||
/** The default validity period (if not specified) is 1 year for all operations. */
|
||||
@@ -50,12 +50,6 @@ public class FeeCheckCommandExtensionItemStdV1 extends FeeCheckCommandExtensionI
|
||||
|
||||
@XmlAttribute String subphase;
|
||||
|
||||
@XmlElement(name = "class")
|
||||
String feeClass;
|
||||
|
||||
@XmlElement(name = "date")
|
||||
DateTime feeDate;
|
||||
|
||||
/** Version 1.0 does not support domain name or currency in fee extension items. */
|
||||
@Override
|
||||
public boolean isDomainNameSupported() {
|
||||
@@ -107,6 +101,6 @@ public class FeeCheckCommandExtensionItemStdV1 extends FeeCheckCommandExtensionI
|
||||
|
||||
@Override
|
||||
public Optional<DateTime> getEffectiveDate() {
|
||||
return Optional.ofNullable(feeDate);
|
||||
return Optional.empty();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,6 +17,9 @@ package google.registry.model.domain.feestdv1;
|
||||
import static google.registry.util.CollectionUtils.nullToEmptyImmutableCopy;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.EppException;
|
||||
import google.registry.flows.EppException.ParameterValuePolicyErrorException;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.domain.fee.FeeCheckCommandExtension;
|
||||
import google.registry.model.domain.fee.FeeCheckResponseExtensionItem;
|
||||
@@ -51,13 +54,33 @@ public class FeeCheckCommandExtensionStdV1 extends ImmutableObject
|
||||
@Override
|
||||
public FeeCheckResponseExtensionStdV1 createResponse(
|
||||
ImmutableList<? extends FeeCheckResponseExtensionItem> items) {
|
||||
throw new UnsupportedOperationException("FeeCheckCommandExtensionStdV1 requires a currency");
|
||||
}
|
||||
|
||||
@Override
|
||||
public FeeCheckResponseExtensionStdV1 createResponse(
|
||||
ImmutableList<? extends FeeCheckResponseExtensionItem> items,
|
||||
ImmutableSet<CurrencyUnit> currenciesSeen)
|
||||
throws EppException {
|
||||
ImmutableList.Builder<FeeCheckResponseExtensionItemStdV1> builder =
|
||||
new ImmutableList.Builder<>();
|
||||
for (FeeCheckResponseExtensionItem item : items) {
|
||||
if (item instanceof FeeCheckResponseExtensionItemStdV1) {
|
||||
builder.add((FeeCheckResponseExtensionItemStdV1) item);
|
||||
if (item instanceof FeeCheckResponseExtensionItemStdV1 stdv1Item) {
|
||||
builder.add(stdv1Item);
|
||||
}
|
||||
}
|
||||
return FeeCheckResponseExtensionStdV1.create(currency, builder.build());
|
||||
if (currenciesSeen.size() > 1) {
|
||||
throw new MultipleCurrenciesCannotBeCheckedException();
|
||||
}
|
||||
return FeeCheckResponseExtensionStdV1.create(currenciesSeen.iterator().next(), builder.build());
|
||||
}
|
||||
|
||||
/** Domains across multiple currencies cannot be checked simultaneously. */
|
||||
public static class MultipleCurrenciesCannotBeCheckedException
|
||||
extends ParameterValuePolicyErrorException {
|
||||
public MultipleCurrenciesCannotBeCheckedException() {
|
||||
// The fee extension 1.0 only supports one currency shared across all results
|
||||
super("Domains across multiple currencies cannot be checked simultaneously");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,13 +24,11 @@ import google.registry.model.domain.Period;
|
||||
import google.registry.model.domain.fee.Fee;
|
||||
import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
|
||||
import jakarta.xml.bind.annotation.XmlAttribute;
|
||||
import jakarta.xml.bind.annotation.XmlElement;
|
||||
import jakarta.xml.bind.annotation.XmlType;
|
||||
import java.util.List;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** The version 1.0 response command entity for a domain check on a single resource. */
|
||||
@XmlType(propOrder = {"period", "fee", "feeClass", "effectiveDate", "notAfterDate"})
|
||||
@XmlType(propOrder = {"period", "fee"})
|
||||
public class FeeCheckResponseExtensionItemCommandStdV1 extends ImmutableObject {
|
||||
|
||||
/** The command that was checked. */
|
||||
@@ -53,26 +51,6 @@ public class FeeCheckResponseExtensionItemCommandStdV1 extends ImmutableObject {
|
||||
*/
|
||||
List<Fee> fee;
|
||||
|
||||
/**
|
||||
* The type of the fee.
|
||||
*
|
||||
* <p>We will use "premium" for fees on premium names, and omit the field otherwise.
|
||||
*/
|
||||
@XmlElement(name = "class")
|
||||
String feeClass;
|
||||
|
||||
/** The effective date that the check is to be performed on (if specified in the query). */
|
||||
@XmlElement(name = "date")
|
||||
DateTime effectiveDate;
|
||||
|
||||
/** The date after which the quoted fee is no longer valid (if applicable). */
|
||||
@XmlElement(name = "notAfter")
|
||||
DateTime notAfterDate;
|
||||
|
||||
public String getFeeClass() {
|
||||
return feeClass;
|
||||
}
|
||||
|
||||
/** Builder for {@link FeeCheckResponseExtensionItemCommandStdV1}. */
|
||||
public static class Builder extends Buildable.Builder<FeeCheckResponseExtensionItemCommandStdV1> {
|
||||
|
||||
@@ -96,24 +74,9 @@ public class FeeCheckResponseExtensionItemCommandStdV1 extends ImmutableObject {
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder setEffectiveDate(DateTime effectiveDate) {
|
||||
getInstance().effectiveDate = effectiveDate;
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder setNotAfterDate(DateTime notAfterDate) {
|
||||
getInstance().notAfterDate = notAfterDate;
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder setFee(List<Fee> fees) {
|
||||
getInstance().fee = forceEmptyToNull(ImmutableList.copyOf(fees));
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder setClass(String feeClass) {
|
||||
getInstance().feeClass = feeClass;
|
||||
return this;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,20 +17,18 @@ package google.registry.model.domain.feestdv1;
|
||||
import static google.registry.util.CollectionUtils.forceEmptyToNull;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import google.registry.model.domain.DomainObjectSpec;
|
||||
import google.registry.model.domain.Period;
|
||||
import google.registry.model.domain.fee.Fee;
|
||||
import google.registry.model.domain.fee.FeeCheckResponseExtensionItem;
|
||||
import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName;
|
||||
import jakarta.xml.bind.annotation.XmlType;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** The version 1.0 response for a domain check on a single resource. */
|
||||
@XmlType(propOrder = {"object", "command"})
|
||||
@XmlType(propOrder = {"objID", "feeClass", "command"})
|
||||
public class FeeCheckResponseExtensionItemStdV1 extends FeeCheckResponseExtensionItem {
|
||||
|
||||
/** The domain that was checked. */
|
||||
DomainObjectSpec object;
|
||||
String objID;
|
||||
|
||||
/** The command that was checked. */
|
||||
FeeCheckResponseExtensionItemCommandStdV1 command;
|
||||
@@ -53,15 +51,6 @@ public class FeeCheckResponseExtensionItemStdV1 extends FeeCheckResponseExtensio
|
||||
return super.getFees();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method is not annotated for JAXB because this version of the extension doesn't support
|
||||
* "feeClass" and because the data comes off of the command object rather than a field.
|
||||
*/
|
||||
@Override
|
||||
public String getFeeClass() {
|
||||
return command.getFeeClass();
|
||||
}
|
||||
|
||||
/** Builder for {@link FeeCheckResponseExtensionItemStdV1}. */
|
||||
public static class Builder
|
||||
extends FeeCheckResponseExtensionItem.Builder<FeeCheckResponseExtensionItemStdV1> {
|
||||
@@ -91,13 +80,13 @@ public class FeeCheckResponseExtensionItemStdV1 extends FeeCheckResponseExtensio
|
||||
|
||||
@Override
|
||||
public Builder setClass(String feeClass) {
|
||||
commandBuilder.setClass(feeClass);
|
||||
super.setClass(feeClass);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder setDomainNameIfSupported(String name) {
|
||||
getInstance().object = new DomainObjectSpec(name);
|
||||
getInstance().objID = name;
|
||||
return this;
|
||||
}
|
||||
|
||||
@@ -106,17 +95,5 @@ public class FeeCheckResponseExtensionItemStdV1 extends FeeCheckResponseExtensio
|
||||
getInstance().command = commandBuilder.build();
|
||||
return super.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder setEffectiveDateIfSupported(DateTime effectiveDate) {
|
||||
commandBuilder.setEffectiveDate(effectiveDate);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder setNotAfterDateIfSupported(DateTime notAfterDate) {
|
||||
commandBuilder.setNotAfterDate(notAfterDate);
|
||||
return this;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -31,7 +31,7 @@ import jakarta.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
|
||||
@Access(AccessType.FIELD)
|
||||
public abstract class DomainDsDataBase extends ImmutableObject implements UnsafeSerializable {
|
||||
|
||||
@XmlTransient @Transient String domainRepoId;
|
||||
@XmlTransient @Transient @Insignificant String domainRepoId;
|
||||
|
||||
/** The identifier for this particular key in the domain. */
|
||||
@Transient int keyTag;
|
||||
|
||||
@@ -24,6 +24,7 @@ import jakarta.xml.bind.annotation.XmlElement;
|
||||
import jakarta.xml.bind.annotation.XmlRootElement;
|
||||
import jakarta.xml.bind.annotation.XmlTransient;
|
||||
import jakarta.xml.bind.annotation.XmlType;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
|
||||
/** The EPP secDNS extension that may be present on domain update commands. */
|
||||
@@ -55,16 +56,16 @@ public class SecDnsUpdateExtension extends ImmutableObject implements CommandExt
|
||||
return urgent;
|
||||
}
|
||||
|
||||
public Remove getRemove() {
|
||||
return remove;
|
||||
public Optional<Remove> getRemove() {
|
||||
return Optional.ofNullable(remove);
|
||||
}
|
||||
|
||||
public Add getAdd() {
|
||||
return add;
|
||||
public Optional<Add> getAdd() {
|
||||
return Optional.ofNullable(add);
|
||||
}
|
||||
|
||||
public Change getChange() {
|
||||
return change;
|
||||
public Optional<Change> getChange() {
|
||||
return Optional.ofNullable(change);
|
||||
}
|
||||
|
||||
@XmlTransient
|
||||
|
||||
@@ -14,13 +14,21 @@
|
||||
|
||||
package google.registry.model.eppcommon;
|
||||
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.flows.FeeExtensionXmlTagNormalizer;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.domain.fee.FeeCheckResponseExtension;
|
||||
import google.registry.model.domain.fee.FeeTransformResponseExtension;
|
||||
import google.registry.model.domain.fee06.FeeInfoResponseExtensionV06;
|
||||
import google.registry.model.eppinput.EppInput;
|
||||
import google.registry.model.eppoutput.EppOutput;
|
||||
import google.registry.model.eppoutput.EppResponse;
|
||||
import google.registry.util.RegistryEnvironment;
|
||||
import google.registry.xml.ValidationMode;
|
||||
import google.registry.xml.XmlException;
|
||||
import google.registry.xml.XmlTransformer;
|
||||
@@ -31,7 +39,7 @@ import java.io.ByteArrayOutputStream;
|
||||
public class EppXmlTransformer {
|
||||
|
||||
// Hardcoded XML schemas, ordered with respect to dependency.
|
||||
private static final ImmutableList<String> SCHEMAS =
|
||||
private static final ImmutableList<String> ALL_SCHEMAS =
|
||||
ImmutableList.of(
|
||||
"eppcom.xsd",
|
||||
"epp.xsd",
|
||||
@@ -54,11 +62,24 @@ public class EppXmlTransformer {
|
||||
"allocationToken-1.0.xsd",
|
||||
"bulkToken.xsd");
|
||||
|
||||
// XML schemas that should not be used in production (yet)
|
||||
private static final ImmutableSet<String> NON_PROD_SCHEMAS = ImmutableSet.of("fee-std-v1.xsd");
|
||||
|
||||
private static final XmlTransformer INPUT_TRANSFORMER =
|
||||
new XmlTransformer(SCHEMAS, EppInput.class);
|
||||
new XmlTransformer(getSchemas(), EppInput.class);
|
||||
|
||||
private static final XmlTransformer OUTPUT_TRANSFORMER =
|
||||
new XmlTransformer(SCHEMAS, EppOutput.class);
|
||||
new XmlTransformer(getSchemas(), EppOutput.class);
|
||||
|
||||
@VisibleForTesting
|
||||
public static ImmutableList<String> getSchemas() {
|
||||
if (RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION)) {
|
||||
return ALL_SCHEMAS.stream()
|
||||
.filter(s -> !NON_PROD_SCHEMAS.contains(s))
|
||||
.collect(toImmutableList());
|
||||
}
|
||||
return ALL_SCHEMAS;
|
||||
}
|
||||
|
||||
public static void validateOutput(String xml) throws XmlException {
|
||||
OUTPUT_TRANSFORMER.validate(xml);
|
||||
@@ -82,8 +103,31 @@ public class EppXmlTransformer {
|
||||
return byteArrayOutputStream.toByteArray();
|
||||
}
|
||||
|
||||
private static boolean hasFeeExtension(EppOutput eppOutput) {
|
||||
if (!eppOutput.isResponse()) {
|
||||
return false;
|
||||
}
|
||||
return eppOutput.getResponse().getExtensions().stream()
|
||||
.map(EppResponse.ResponseExtension::getClass)
|
||||
.filter(EppXmlTransformer::isFeeExtension)
|
||||
.findAny()
|
||||
.isPresent();
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
static boolean isFeeExtension(Class<?> clazz) {
|
||||
return FeeCheckResponseExtension.class.isAssignableFrom(clazz)
|
||||
|| FeeTransformResponseExtension.class.isAssignableFrom(clazz)
|
||||
|| FeeInfoResponseExtensionV06.class.isAssignableFrom(clazz);
|
||||
}
|
||||
|
||||
public static byte[] marshal(EppOutput root, ValidationMode validation) throws XmlException {
|
||||
return marshal(OUTPUT_TRANSFORMER, root, validation);
|
||||
byte[] bytes = marshal(OUTPUT_TRANSFORMER, root, validation);
|
||||
if (!RegistryEnvironment.PRODUCTION.equals(RegistryEnvironment.get())
|
||||
&& hasFeeExtension(root)) {
|
||||
return FeeExtensionXmlTagNormalizer.normalize(new String(bytes, UTF_8)).getBytes(UTF_8);
|
||||
}
|
||||
return bytes;
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
|
||||
@@ -17,6 +17,8 @@ package google.registry.model.eppcommon;
|
||||
import static com.google.common.collect.ImmutableSet.toImmutableSet;
|
||||
import static com.google.common.collect.Maps.uniqueIndex;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.base.VerifyException;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.model.domain.fee06.FeeCheckCommandExtensionV06;
|
||||
@@ -33,6 +35,8 @@ import google.registry.model.domain.rgp.RgpUpdateExtension;
|
||||
import google.registry.model.domain.secdns.SecDnsCreateExtension;
|
||||
import google.registry.model.eppinput.EppInput.CommandExtension;
|
||||
import google.registry.model.eppoutput.EppResponse.ResponseExtension;
|
||||
import google.registry.util.NonFinalForTesting;
|
||||
import google.registry.util.RegistryEnvironment;
|
||||
import jakarta.xml.bind.annotation.XmlSchema;
|
||||
import java.util.EnumSet;
|
||||
|
||||
@@ -43,35 +47,59 @@ public class ProtocolDefinition {
|
||||
public static final String LANGUAGE = "en";
|
||||
|
||||
public static final ImmutableSet<String> SUPPORTED_OBJECT_SERVICES =
|
||||
ImmutableSet.of(
|
||||
"urn:ietf:params:xml:ns:host-1.0",
|
||||
"urn:ietf:params:xml:ns:domain-1.0",
|
||||
"urn:ietf:params:xml:ns:contact-1.0");
|
||||
ImmutableSet.of("urn:ietf:params:xml:ns:host-1.0", "urn:ietf:params:xml:ns:domain-1.0");
|
||||
|
||||
/** Enums repesenting valid service extensions that are recognized by the server. */
|
||||
public static final ImmutableSet<String> SUPPORTED_OBJECT_SERVICES_WITH_CONTACT =
|
||||
new ImmutableSet.Builder<String>()
|
||||
.addAll(SUPPORTED_OBJECT_SERVICES)
|
||||
.add("urn:ietf:params:xml:ns:contact-1.0")
|
||||
.build();
|
||||
|
||||
/** Enum representing which environments should have which service extensions enabled. */
|
||||
private enum ServiceExtensionVisibility {
|
||||
ALL,
|
||||
ONLY_IN_NON_PRODUCTION,
|
||||
NONE
|
||||
}
|
||||
|
||||
/** Enum representing valid service extensions that are recognized by the server. */
|
||||
public enum ServiceExtension {
|
||||
LAUNCH_EXTENSION_1_0(LaunchCreateExtension.class, null, true),
|
||||
REDEMPTION_GRACE_PERIOD_1_0(RgpUpdateExtension.class, null, true),
|
||||
SECURE_DNS_1_1(SecDnsCreateExtension.class, null, true),
|
||||
FEE_0_6(FeeCheckCommandExtensionV06.class, FeeCheckResponseExtensionV06.class, true),
|
||||
FEE_0_11(FeeCheckCommandExtensionV11.class, FeeCheckResponseExtensionV11.class, true),
|
||||
FEE_0_12(FeeCheckCommandExtensionV12.class, FeeCheckResponseExtensionV12.class, true),
|
||||
FEE_1_00(FeeCheckCommandExtensionStdV1.class, FeeCheckResponseExtensionStdV1.class, false),
|
||||
METADATA_1_0(MetadataExtension.class, null, false);
|
||||
LAUNCH_EXTENSION_1_0(LaunchCreateExtension.class, null, ServiceExtensionVisibility.ALL),
|
||||
REDEMPTION_GRACE_PERIOD_1_0(RgpUpdateExtension.class, null, ServiceExtensionVisibility.ALL),
|
||||
SECURE_DNS_1_1(SecDnsCreateExtension.class, null, ServiceExtensionVisibility.ALL),
|
||||
FEE_0_6(
|
||||
FeeCheckCommandExtensionV06.class,
|
||||
FeeCheckResponseExtensionV06.class,
|
||||
ServiceExtensionVisibility.ALL),
|
||||
FEE_0_11(
|
||||
FeeCheckCommandExtensionV11.class,
|
||||
FeeCheckResponseExtensionV11.class,
|
||||
ServiceExtensionVisibility.ALL),
|
||||
FEE_0_12(
|
||||
FeeCheckCommandExtensionV12.class,
|
||||
FeeCheckResponseExtensionV12.class,
|
||||
ServiceExtensionVisibility.ALL),
|
||||
FEE_1_00(
|
||||
FeeCheckCommandExtensionStdV1.class,
|
||||
FeeCheckResponseExtensionStdV1.class,
|
||||
ServiceExtensionVisibility.ONLY_IN_NON_PRODUCTION),
|
||||
METADATA_1_0(MetadataExtension.class, null, ServiceExtensionVisibility.NONE);
|
||||
|
||||
private final Class<? extends CommandExtension> commandExtensionClass;
|
||||
private final Class<? extends ResponseExtension> responseExtensionClass;
|
||||
private final String uri;
|
||||
private final boolean visible;
|
||||
private final String xmlTag;
|
||||
private final ServiceExtensionVisibility visibility;
|
||||
|
||||
ServiceExtension(
|
||||
Class<? extends CommandExtension> commandExtensionClass,
|
||||
Class<? extends ResponseExtension> responseExtensionClass,
|
||||
boolean visible) {
|
||||
ServiceExtensionVisibility visibility) {
|
||||
this.commandExtensionClass = commandExtensionClass;
|
||||
this.responseExtensionClass = responseExtensionClass;
|
||||
this.uri = getCommandExtensionUri(commandExtensionClass);
|
||||
this.visible = visible;
|
||||
this.xmlTag = getCommandExtensionXmlTag(commandExtensionClass);
|
||||
this.visibility = visibility;
|
||||
}
|
||||
|
||||
public Class<? extends CommandExtension> getCommandExtensionClass() {
|
||||
@@ -86,14 +114,35 @@ public class ProtocolDefinition {
|
||||
return uri;
|
||||
}
|
||||
|
||||
public boolean getVisible() {
|
||||
return visible;
|
||||
public String getXmlTag() {
|
||||
return xmlTag;
|
||||
}
|
||||
|
||||
/** Returns the namespace URI of the command extension class. */
|
||||
public static String getCommandExtensionUri(Class<? extends CommandExtension> clazz) {
|
||||
return clazz.getPackage().getAnnotation(XmlSchema.class).namespace();
|
||||
}
|
||||
|
||||
/** Returns the XML tag for this extension in the response message. */
|
||||
public static String getCommandExtensionXmlTag(Class<? extends CommandExtension> clazz) {
|
||||
var xmlSchema = clazz.getPackage().getAnnotation(XmlSchema.class);
|
||||
var xmlns = xmlSchema.xmlns();
|
||||
if (xmlns == null || xmlns.length != 1) {
|
||||
throw new VerifyException(
|
||||
String.format(
|
||||
"Expecting exactly one NS declaration in %s", clazz.getPackage().getName()));
|
||||
}
|
||||
return xmlns[0].prefix();
|
||||
}
|
||||
|
||||
public boolean isVisible() {
|
||||
return switch (visibility) {
|
||||
case ALL -> true;
|
||||
case ONLY_IN_NON_PRODUCTION ->
|
||||
!RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION);
|
||||
case NONE -> false;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -110,15 +159,25 @@ public class ProtocolDefinition {
|
||||
}
|
||||
|
||||
/** A set of all the visible extension URIs. */
|
||||
private static final ImmutableSet<String> visibleServiceExtensionUris =
|
||||
EnumSet.allOf(ServiceExtension.class)
|
||||
.stream()
|
||||
.filter(ServiceExtension::getVisible)
|
||||
.map(ServiceExtension::getUri)
|
||||
.collect(toImmutableSet());
|
||||
// TODO(gbrodman): make this final when we can actually remove the old fee extensions and aren't
|
||||
// relying on switching by environment
|
||||
@NonFinalForTesting private static ImmutableSet<String> visibleServiceExtensionUris;
|
||||
|
||||
static {
|
||||
reloadServiceExtensionUris();
|
||||
}
|
||||
|
||||
/** Return the set of all visible service extension URIs. */
|
||||
public static ImmutableSet<String> getVisibleServiceExtensionUris() {
|
||||
return visibleServiceExtensionUris;
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
public static void reloadServiceExtensionUris() {
|
||||
visibleServiceExtensionUris =
|
||||
EnumSet.allOf(ServiceExtension.class).stream()
|
||||
.filter(ServiceExtension::isVisible)
|
||||
.map(ServiceExtension::getUri)
|
||||
.collect(toImmutableSet());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,8 +22,6 @@ import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.adapters.EnumToAttributeAdapter.EppEnum;
|
||||
import google.registry.model.adapters.StatusValueAdapter;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactBase;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainBase;
|
||||
import google.registry.model.host.Host;
|
||||
@@ -130,8 +128,6 @@ public enum StatusValue implements EppEnum {
|
||||
/** Enum to help clearly list which resource types a status value is allowed to be present on. */
|
||||
private enum AllowedOn {
|
||||
ALL(
|
||||
Contact.class,
|
||||
ContactBase.class,
|
||||
Domain.class,
|
||||
DomainBase.class,
|
||||
Host.class,
|
||||
|
||||
@@ -164,7 +164,7 @@ public class EppInput extends ImmutableObject {
|
||||
.findFirst();
|
||||
}
|
||||
|
||||
/** A tag that goes inside of an EPP {@literal <command>}. */
|
||||
/** A tag that goes inside an EPP {@literal <command>}. */
|
||||
public static class InnerCommand extends ImmutableObject {}
|
||||
|
||||
/** A command that has an extension inside of it. */
|
||||
|
||||
@@ -26,8 +26,6 @@ import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.UnsafeSerializable;
|
||||
import google.registry.model.annotations.ExternalMessagingName;
|
||||
import google.registry.model.annotations.IdAllocation;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.domain.DomainRenewData;
|
||||
@@ -99,7 +97,7 @@ public abstract class PollMessage extends ImmutableObject
|
||||
/** Indicates the type of entity the poll message is for. */
|
||||
public enum Type {
|
||||
DOMAIN(1L, Domain.class),
|
||||
CONTACT(2L, Contact.class),
|
||||
// Contacts would be 2L but have since been removed. Host is kept at 3 for consistency.
|
||||
HOST(3L, Host.class);
|
||||
|
||||
private final long id;
|
||||
@@ -180,16 +178,6 @@ public abstract class PollMessage extends ImmutableObject
|
||||
return domainRepoId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the contact repo id.
|
||||
*
|
||||
* <p>This may only be used on a {@link Contact} poll event.
|
||||
*/
|
||||
public String getContactRepoId() {
|
||||
checkArgument(getType() == Type.CONTACT);
|
||||
return contactRepoId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the host repo id.
|
||||
*
|
||||
@@ -216,7 +204,7 @@ public abstract class PollMessage extends ImmutableObject
|
||||
}
|
||||
|
||||
public Type getType() {
|
||||
return domainRepoId != null ? Type.DOMAIN : contactRepoId != null ? Type.CONTACT : Type.HOST;
|
||||
return domainRepoId != null ? Type.DOMAIN : Type.HOST;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -272,12 +260,6 @@ public abstract class PollMessage extends ImmutableObject
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setContactHistoryId(HistoryEntryId historyId) {
|
||||
getInstance().contactRepoId = historyId.getRepoId();
|
||||
getInstance().contactHistoryRevisionId = historyId.getRevisionId();
|
||||
return thisCastToDerived();
|
||||
}
|
||||
|
||||
public B setHostHistoryId(HistoryEntryId historyId) {
|
||||
getInstance().hostRepoId = historyId.getRepoId();
|
||||
getInstance().hostHistoryRevisionId = historyId.getRevisionId();
|
||||
@@ -290,9 +272,6 @@ public abstract class PollMessage extends ImmutableObject
|
||||
if (history instanceof DomainHistory) {
|
||||
return setDomainHistoryId(historyId);
|
||||
}
|
||||
if (history instanceof ContactHistory) {
|
||||
return setContactHistoryId(historyId);
|
||||
}
|
||||
if (history instanceof HostHistory) {
|
||||
return setHostHistoryId(historyId);
|
||||
}
|
||||
|
||||
@@ -23,8 +23,6 @@ import google.registry.model.EppResource;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.UnsafeSerializable;
|
||||
import google.registry.model.annotations.IdAllocation;
|
||||
import google.registry.model.contact.ContactBase;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.DomainBase;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.eppcommon.Trid;
|
||||
@@ -348,8 +346,6 @@ public abstract class HistoryEntry extends ImmutableObject
|
||||
HistoryEntry.Builder<? extends HistoryEntry, ?> createBuilderForResource(E parent) {
|
||||
if (parent instanceof DomainBase) {
|
||||
return new DomainHistory.Builder().setDomain((DomainBase) parent);
|
||||
} else if (parent instanceof ContactBase) {
|
||||
return new ContactHistory.Builder().setContact((ContactBase) parent);
|
||||
} else if (parent instanceof HostBase) {
|
||||
return new HostHistory.Builder().setHost((HostBase) parent);
|
||||
} else {
|
||||
|
||||
@@ -25,8 +25,6 @@ import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.Streams;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactHistory;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.DomainHistory;
|
||||
import google.registry.model.host.Host;
|
||||
@@ -46,8 +44,6 @@ public class HistoryEntryDao {
|
||||
public static ImmutableMap<Class<? extends EppResource>, Class<? extends HistoryEntry>>
|
||||
RESOURCE_TYPES_TO_HISTORY_TYPES =
|
||||
ImmutableMap.of(
|
||||
Contact.class,
|
||||
ContactHistory.class,
|
||||
Domain.class,
|
||||
DomainHistory.class,
|
||||
Host.class,
|
||||
@@ -59,7 +55,6 @@ public class HistoryEntryDao {
|
||||
return tm().transact(
|
||||
() ->
|
||||
new ImmutableList.Builder<HistoryEntry>()
|
||||
.addAll(loadAllHistoryObjects(ContactHistory.class, afterTime, beforeTime))
|
||||
.addAll(loadAllHistoryObjects(DomainHistory.class, afterTime, beforeTime))
|
||||
.addAll(loadAllHistoryObjects(HostHistory.class, afterTime, beforeTime))
|
||||
.build());
|
||||
@@ -121,7 +116,6 @@ public class HistoryEntryDao {
|
||||
return tm().reTransact(
|
||||
() ->
|
||||
Streams.concat(
|
||||
loadHistoryObjectByRegistrarsInternal(ContactHistory.class, registrarIds),
|
||||
loadHistoryObjectByRegistrarsInternal(DomainHistory.class, registrarIds),
|
||||
loadHistoryObjectByRegistrarsInternal(HostHistory.class, registrarIds))
|
||||
.sorted(Comparator.comparing(HistoryEntry::getModificationTime))
|
||||
|
||||
@@ -21,6 +21,7 @@ import static google.registry.util.DateTimeUtils.isBeforeOrAt;
|
||||
import com.google.common.base.Supplier;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.tmch.RstTmchUtils;
|
||||
import jakarta.persistence.CollectionTable;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.ElementCollection;
|
||||
@@ -71,6 +72,11 @@ public class SignedMarkRevocationList extends ImmutableObject {
|
||||
return CACHE.get();
|
||||
}
|
||||
|
||||
// TODO(b/412715713): remove the tld parameter when RST completes.
|
||||
public static SignedMarkRevocationList get(String tld) {
|
||||
return RstTmchUtils.getSmdrList(tld).orElseGet(SignedMarkRevocationList::get);
|
||||
}
|
||||
|
||||
/** Create a new {@link SignedMarkRevocationList} without saving it. */
|
||||
public static SignedMarkRevocationList create(
|
||||
DateTime creationTime, ImmutableMap<String, DateTime> revokes) {
|
||||
|
||||
@@ -1034,12 +1034,13 @@ public class Tld extends ImmutableObject implements Buildable, UnsafeSerializabl
|
||||
return this;
|
||||
}
|
||||
|
||||
public static final Pattern ROID_SUFFIX_PATTERN = Pattern.compile("^[A-Z\\d_]{1,8}$");
|
||||
public static final Pattern ROID_SUFFIX_PATTERN = Pattern.compile("^[A-Z\\d]{1,8}$");
|
||||
|
||||
public Builder setRoidSuffix(String roidSuffix) {
|
||||
checkArgument(
|
||||
ROID_SUFFIX_PATTERN.matcher(roidSuffix).matches(),
|
||||
"ROID suffix must be in format %s",
|
||||
"ROID suffix %s must be in format %s",
|
||||
roidSuffix,
|
||||
ROID_SUFFIX_PATTERN.pattern());
|
||||
getInstance().roidSuffix = roidSuffix;
|
||||
return this;
|
||||
|
||||
@@ -22,6 +22,7 @@ import com.github.benmanes.caffeine.cache.LoadingCache;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import google.registry.model.CacheUtils;
|
||||
import google.registry.tmch.RstTmchUtils;
|
||||
import java.time.Duration;
|
||||
import java.util.Optional;
|
||||
|
||||
@@ -72,6 +73,11 @@ public class ClaimsListDao {
|
||||
return CACHE.get(ClaimsListDao.class);
|
||||
}
|
||||
|
||||
// TODO(b/412715713): remove the tld parameter when RST completes.
|
||||
public static ClaimsList get(String tld) {
|
||||
return RstTmchUtils.getClaimsList(tld).orElseGet(ClaimsListDao::get);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the most recent revision of the {@link ClaimsList} in SQL or an empty list if it
|
||||
* doesn't exist.
|
||||
|
||||
@@ -24,11 +24,9 @@ import google.registry.batch.DeleteLoadTestDataAction;
|
||||
import google.registry.batch.DeleteProberDataAction;
|
||||
import google.registry.batch.ExpandBillingRecurrencesAction;
|
||||
import google.registry.batch.RelockDomainAction;
|
||||
import google.registry.batch.RemoveAllDomainContactsAction;
|
||||
import google.registry.batch.ResaveAllEppResourcesPipelineAction;
|
||||
import google.registry.batch.ResaveEntityAction;
|
||||
import google.registry.batch.SendExpiringCertificateNotificationEmailAction;
|
||||
import google.registry.batch.WipeOutContactHistoryPiiAction;
|
||||
import google.registry.bsa.BsaDownloadAction;
|
||||
import google.registry.bsa.BsaRefreshAction;
|
||||
import google.registry.bsa.BsaValidateAction;
|
||||
@@ -62,6 +60,9 @@ import google.registry.module.ReadinessProbeAction.ReadinessProbeActionFrontend;
|
||||
import google.registry.module.ReadinessProbeAction.ReadinessProbeActionPubApi;
|
||||
import google.registry.module.ReadinessProbeAction.ReadinessProbeConsoleAction;
|
||||
import google.registry.monitoring.whitebox.WhiteboxModule;
|
||||
import google.registry.mosapi.GetServiceStateAction;
|
||||
import google.registry.mosapi.TriggerServiceStateAction;
|
||||
import google.registry.mosapi.module.MosApiRequestModule;
|
||||
import google.registry.rdap.RdapAutnumAction;
|
||||
import google.registry.rdap.RdapDomainAction;
|
||||
import google.registry.rdap.RdapDomainSearchAction;
|
||||
@@ -151,6 +152,7 @@ import google.registry.ui.server.console.settings.SecurityAction;
|
||||
EppToolModule.class,
|
||||
IcannReportingModule.class,
|
||||
LoadTestModule.class,
|
||||
MosApiRequestModule.class,
|
||||
RdapModule.class,
|
||||
RdeModule.class,
|
||||
ReportingModule.class,
|
||||
@@ -232,6 +234,8 @@ interface RequestComponent {
|
||||
|
||||
GenerateZoneFilesAction generateZoneFilesAction();
|
||||
|
||||
GetServiceStateAction getServiceStateAction();
|
||||
|
||||
IcannReportingStagingAction icannReportingStagingAction();
|
||||
|
||||
IcannReportingUploadAction icannReportingUploadAction();
|
||||
@@ -270,8 +274,6 @@ interface RequestComponent {
|
||||
|
||||
ReadinessProbeActionFrontend readinessProbeActionFrontend();
|
||||
|
||||
RemoveAllDomainContactsAction removeAllDomainContactsAction();
|
||||
|
||||
RdapAutnumAction rdapAutnumAction();
|
||||
|
||||
RdapDomainAction rdapDomainAction();
|
||||
@@ -334,6 +336,8 @@ interface RequestComponent {
|
||||
|
||||
TmchSmdrlAction tmchSmdrlAction();
|
||||
|
||||
TriggerServiceStateAction triggerServiceStateAction();
|
||||
|
||||
UpdateRegistrarRdapBaseUrlsAction updateRegistrarRdapBaseUrlsAction();
|
||||
|
||||
UpdateUserGroupAction updateUserGroupAction();
|
||||
@@ -342,8 +346,6 @@ interface RequestComponent {
|
||||
|
||||
VerifyOteAction verifyOteAction();
|
||||
|
||||
WipeOutContactHistoryPiiAction wipeOutContactHistoryPiiAction();
|
||||
|
||||
@Subcomponent.Builder
|
||||
abstract class Builder implements RequestComponentBuilder<RequestComponent> {
|
||||
@Override
|
||||
|
||||
@@ -0,0 +1,103 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.monitoring.whitebox;
|
||||
|
||||
import com.google.common.base.Supplier;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.monitoring.metrics.LabelDescriptor;
|
||||
import com.google.monitoring.metrics.MetricRegistry;
|
||||
import com.google.monitoring.metrics.MetricRegistryImpl;
|
||||
import jakarta.inject.Inject;
|
||||
import jakarta.inject.Singleton;
|
||||
import java.lang.management.ManagementFactory;
|
||||
import java.lang.management.MemoryMXBean;
|
||||
import java.lang.management.MemoryUsage;
|
||||
|
||||
/** Exposes JVM metrics. */
|
||||
@Singleton
|
||||
class JvmMetrics {
|
||||
|
||||
private static final ImmutableSet<LabelDescriptor> TYPE_LABEL_SET =
|
||||
ImmutableSet.of(LabelDescriptor.create("type", "Memory type (e.g., heap, non_heap)"));
|
||||
private final MemoryMXBean memoryMxBean;
|
||||
|
||||
@Inject
|
||||
JvmMetrics() {
|
||||
this(ManagementFactory.getMemoryMXBean());
|
||||
}
|
||||
|
||||
/** Constructor for testing. */
|
||||
JvmMetrics(MemoryMXBean memoryMxBean) {
|
||||
this.memoryMxBean = memoryMxBean;
|
||||
}
|
||||
|
||||
/** Registers JVM gauges with the default registry. */
|
||||
void register() {
|
||||
MetricRegistry registry = MetricRegistryImpl.getDefault();
|
||||
|
||||
registry.newGauge(
|
||||
"/jvm/memory/used",
|
||||
"Current memory usage in bytes",
|
||||
"bytes",
|
||||
TYPE_LABEL_SET,
|
||||
(Supplier<ImmutableMap<ImmutableList<String>, Long>>) this::getUsedMemory,
|
||||
Long.class);
|
||||
|
||||
registry.newGauge(
|
||||
"/jvm/memory/committed",
|
||||
"Committed memory in bytes",
|
||||
"bytes",
|
||||
TYPE_LABEL_SET,
|
||||
(Supplier<ImmutableMap<ImmutableList<String>, Long>>) this::getCommittedMemory,
|
||||
Long.class);
|
||||
|
||||
registry.newGauge(
|
||||
"/jvm/memory/max",
|
||||
"Maximum memory in bytes",
|
||||
"bytes",
|
||||
TYPE_LABEL_SET,
|
||||
(Supplier<ImmutableMap<ImmutableList<String>, Long>>) this::getMaxMemory,
|
||||
Long.class);
|
||||
}
|
||||
|
||||
ImmutableMap<ImmutableList<String>, Long> getUsedMemory() {
|
||||
MemoryUsage heapUsage = memoryMxBean.getHeapMemoryUsage();
|
||||
MemoryUsage nonHeapUsage = memoryMxBean.getNonHeapMemoryUsage();
|
||||
|
||||
return ImmutableMap.of(
|
||||
ImmutableList.of("heap"), heapUsage.getUsed(),
|
||||
ImmutableList.of("non_heap"), nonHeapUsage.getUsed());
|
||||
}
|
||||
|
||||
ImmutableMap<ImmutableList<String>, Long> getCommittedMemory() {
|
||||
MemoryUsage heapUsage = memoryMxBean.getHeapMemoryUsage();
|
||||
MemoryUsage nonHeapUsage = memoryMxBean.getNonHeapMemoryUsage();
|
||||
|
||||
return ImmutableMap.of(
|
||||
ImmutableList.of("heap"), heapUsage.getCommitted(),
|
||||
ImmutableList.of("non_heap"), nonHeapUsage.getCommitted());
|
||||
}
|
||||
|
||||
ImmutableMap<ImmutableList<String>, Long> getMaxMemory() {
|
||||
MemoryUsage heapUsage = memoryMxBean.getHeapMemoryUsage();
|
||||
MemoryUsage nonHeapUsage = memoryMxBean.getNonHeapMemoryUsage();
|
||||
|
||||
return ImmutableMap.of(
|
||||
ImmutableList.of("heap"), heapUsage.getMax(),
|
||||
ImmutableList.of("non_heap"), nonHeapUsage.getMax());
|
||||
}
|
||||
}
|
||||
@@ -32,7 +32,7 @@ import jakarta.inject.Named;
|
||||
import jakarta.inject.Singleton;
|
||||
import org.joda.time.Duration;
|
||||
|
||||
/** Dagger module for Google Stackdriver service connection objects. */
|
||||
/** Dagger module for monitoring and Google Stackdriver service connection objects. */
|
||||
@Module
|
||||
public final class StackdriverModule {
|
||||
|
||||
@@ -77,7 +77,11 @@ public final class StackdriverModule {
|
||||
|
||||
@Provides
|
||||
static MetricReporter provideMetricReporter(
|
||||
MetricWriter metricWriter, @Config("metricsWriteInterval") Duration writeInterval) {
|
||||
MetricWriter metricWriter,
|
||||
@Config("metricsWriteInterval") Duration writeInterval,
|
||||
JvmMetrics jvmMetrics) {
|
||||
jvmMetrics.register();
|
||||
|
||||
return new MetricReporter(
|
||||
metricWriter,
|
||||
writeInterval.getStandardSeconds(),
|
||||
|
||||
@@ -0,0 +1,68 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import com.google.common.net.MediaType;
|
||||
import com.google.gson.Gson;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.HttpException.ServiceUnavailableException;
|
||||
import google.registry.request.Parameter;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
|
||||
/** An action that returns the current MoSAPI service state for a given TLD or all TLDs. */
|
||||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = GetServiceStateAction.PATH,
|
||||
method = Action.Method.GET,
|
||||
auth = Auth.AUTH_ADMIN)
|
||||
public class GetServiceStateAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/mosapi/getServiceState";
|
||||
public static final String TLD_PARAM = "tld";
|
||||
|
||||
private final MosApiStateService stateService;
|
||||
private final Response response;
|
||||
private final Gson gson;
|
||||
private final Optional<String> tld;
|
||||
|
||||
@Inject
|
||||
public GetServiceStateAction(
|
||||
MosApiStateService stateService,
|
||||
Response response,
|
||||
Gson gson,
|
||||
@Parameter(TLD_PARAM) Optional<String> tld) {
|
||||
this.stateService = stateService;
|
||||
this.response = response;
|
||||
this.gson = gson;
|
||||
this.tld = tld;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
response.setContentType(MediaType.JSON_UTF_8);
|
||||
try {
|
||||
if (tld.isPresent()) {
|
||||
response.setPayload(gson.toJson(stateService.getServiceStateSummary(tld.get())));
|
||||
} else {
|
||||
response.setPayload(gson.toJson(stateService.getAllServiceStateSummaries()));
|
||||
}
|
||||
} catch (MosApiException e) {
|
||||
throw new ServiceUnavailableException("Error fetching MoSAPI service state.");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -12,7 +12,9 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi.model;
|
||||
package google.registry.mosapi;
|
||||
|
||||
import com.google.gson.annotations.Expose;
|
||||
|
||||
/**
|
||||
* Represents the generic JSON error response from the MoSAPI service for a 400 Bad Request.
|
||||
@@ -20,4 +22,5 @@ package google.registry.mosapi.model;
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification, Section
|
||||
* 8</a>
|
||||
*/
|
||||
public record MosApiErrorResponse(String resultCode, String message, String description) {}
|
||||
public record MosApiErrorResponse(
|
||||
@Expose String resultCode, @Expose String message, @Expose String description) {}
|
||||
@@ -17,7 +17,6 @@ package google.registry.mosapi;
|
||||
import static java.lang.annotation.ElementType.TYPE;
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
|
||||
import google.registry.mosapi.model.MosApiErrorResponse;
|
||||
import java.io.IOException;
|
||||
import java.lang.annotation.Documented;
|
||||
import java.lang.annotation.Retention;
|
||||
@@ -42,6 +41,11 @@ public class MosApiException extends IOException {
|
||||
this.errorResponse = null;
|
||||
}
|
||||
|
||||
public MosApiException(String message) {
|
||||
super(message);
|
||||
this.errorResponse = null;
|
||||
}
|
||||
|
||||
public Optional<MosApiErrorResponse> getErrorResponse() {
|
||||
return Optional.ofNullable(errorResponse);
|
||||
}
|
||||
|
||||
359
core/src/main/java/google/registry/mosapi/MosApiMetrics.java
Normal file
359
core/src/main/java/google/registry/mosapi/MosApiMetrics.java
Normal file
@@ -0,0 +1,359 @@
|
||||
// Copyright 2026 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
|
||||
import com.google.api.client.googleapis.json.GoogleJsonResponseException;
|
||||
import com.google.api.services.monitoring.v3.Monitoring;
|
||||
import com.google.api.services.monitoring.v3.model.CreateTimeSeriesRequest;
|
||||
import com.google.api.services.monitoring.v3.model.LabelDescriptor;
|
||||
import com.google.api.services.monitoring.v3.model.Metric;
|
||||
import com.google.api.services.monitoring.v3.model.MetricDescriptor;
|
||||
import com.google.api.services.monitoring.v3.model.MonitoredResource;
|
||||
import com.google.api.services.monitoring.v3.model.Point;
|
||||
import com.google.api.services.monitoring.v3.model.TimeInterval;
|
||||
import com.google.api.services.monitoring.v3.model.TimeSeries;
|
||||
import com.google.api.services.monitoring.v3.model.TypedValue;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.base.Ascii;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.Iterators;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.mosapi.MosApiModels.ServiceStatus;
|
||||
import google.registry.mosapi.MosApiModels.TldServiceState;
|
||||
import google.registry.request.lock.LockHandler;
|
||||
import google.registry.util.Clock;
|
||||
import jakarta.inject.Inject;
|
||||
import java.io.IOException;
|
||||
import java.time.Instant;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
import java.util.stream.Stream;
|
||||
import org.joda.time.Duration;
|
||||
|
||||
/** Metrics Exporter for MoSAPI. */
|
||||
public class MosApiMetrics {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
// Google Cloud Monitoring Limit: Max 200 TimeSeries per request
|
||||
private static final int MAX_TIMESERIES_PER_REQUEST = 195;
|
||||
|
||||
private static final int METRICS_ALREADY_EXIST = 409;
|
||||
|
||||
// Magic String Constants
|
||||
private static final String METRIC_DOMAIN = "custom.googleapis.com/mosapi/";
|
||||
private static final String PROJECT_RESOURCE_PREFIX = "projects/";
|
||||
private static final String RESOURCE_TYPE_GLOBAL = "global";
|
||||
private static final String LABEL_PROJECT_ID = "project_id";
|
||||
private static final String LABEL_TLD = "tld";
|
||||
private static final String LABEL_SERVICE_TYPE = "service_type";
|
||||
|
||||
// Lock Constants
|
||||
private static final String LOCK_NAME = "MosApiMetricCreation";
|
||||
private static final Duration LOCK_LEASE_TIME = Duration.standardHours(1);
|
||||
// Metric Names
|
||||
private static final String METRIC_TLD_STATUS = "tld_status";
|
||||
private static final String METRIC_SERVICE_STATUS = "service_status";
|
||||
private static final String METRIC_EMERGENCY_USAGE = "emergency_usage";
|
||||
private static final String GAUGE_METRIC_KIND = "GAUGE";
|
||||
|
||||
// Metric Display Names & Descriptions
|
||||
private static final String DISPLAY_NAME_TLD_STATUS =
|
||||
"Health of TLDs. 1 = UP, 0 = DOWN, 2= DISABLED/NOT_MONITORED";
|
||||
private static final String DESC_TLD_STATUS = "Overall Health of TLDs reported from ICANN";
|
||||
|
||||
private static final String DISPLAY_NAME_SERVICE_STATUS =
|
||||
"Health of Services. 1 = UP, 0 = DOWN, 2= DISABLED/NOT_MONITORED";
|
||||
private static final String DESC_SERVICE_STATUS =
|
||||
"Overall Health of Services reported from ICANN";
|
||||
|
||||
private static final String DISPLAY_NAME_EMERGENCY_USAGE =
|
||||
"Percentage of Emergency Threshold Consumed";
|
||||
private static final String DESC_EMERGENCY_USAGE =
|
||||
"Downtime threshold that if reached by any of the monitored Services may cause the TLDs"
|
||||
+ " Services emergency transition to an interim Registry Operator";
|
||||
|
||||
// MoSAPI Status Constants
|
||||
private static final String STATUS_UP_INCONCLUSIVE = "UP-INCONCLUSIVE";
|
||||
private static final String STATUS_DOWN = "DOWN";
|
||||
private static final String STATUS_DISABLED = "DISABLED";
|
||||
|
||||
private final Monitoring monitoringClient;
|
||||
private final String projectId;
|
||||
private final String projectName;
|
||||
private final Clock clock;
|
||||
private final MonitoredResource monitoredResource;
|
||||
private final LockHandler lockHandler;
|
||||
// Flag to ensure we only create descriptors once, lazily
|
||||
@VisibleForTesting static final AtomicBoolean isDescriptorInitialized = new AtomicBoolean(false);
|
||||
|
||||
@Inject
|
||||
public MosApiMetrics(
|
||||
Monitoring monitoringClient,
|
||||
@Config("projectId") String projectId,
|
||||
Clock clock,
|
||||
LockHandler lockHandler) {
|
||||
this.monitoringClient = monitoringClient;
|
||||
this.projectId = projectId;
|
||||
this.clock = clock;
|
||||
this.projectName = PROJECT_RESOURCE_PREFIX + projectId;
|
||||
this.lockHandler = lockHandler;
|
||||
this.monitoredResource =
|
||||
new MonitoredResource()
|
||||
.setType(RESOURCE_TYPE_GLOBAL)
|
||||
.setLabels(ImmutableMap.of(LABEL_PROJECT_ID, projectId));
|
||||
}
|
||||
|
||||
/** Accepts a list of states and processes them in a single async batch task. */
|
||||
public void recordStates(ImmutableList<TldServiceState> states) {
|
||||
// If this is the first time we are recording, ensure descriptors exist.
|
||||
ensureMetricDescriptorsWithLock();
|
||||
pushBatchMetrics(states);
|
||||
}
|
||||
|
||||
/**
|
||||
* Attempts to create metric descriptors using a distributed lock.
|
||||
*
|
||||
* <p>If the lock is acquired, this instance creates the descriptors and marks itself initialized.
|
||||
* If the lock is busy, it implies another instance is handling it, so we skip and proceed.
|
||||
*/
|
||||
private void ensureMetricDescriptorsWithLock() {
|
||||
lockHandler.executeWithLocks(
|
||||
() -> {
|
||||
if (!isDescriptorInitialized.get()) {
|
||||
createCustomMetricDescriptors();
|
||||
isDescriptorInitialized.set(true);
|
||||
}
|
||||
return null;
|
||||
},
|
||||
null,
|
||||
LOCK_LEASE_TIME,
|
||||
LOCK_NAME);
|
||||
}
|
||||
|
||||
// Defines the custom metrics in Cloud Monitoring
|
||||
private void createCustomMetricDescriptors() {
|
||||
// 1. TLD Status Descriptor
|
||||
createMetricDescriptor(
|
||||
METRIC_TLD_STATUS,
|
||||
DISPLAY_NAME_TLD_STATUS,
|
||||
DESC_TLD_STATUS,
|
||||
"INT64",
|
||||
ImmutableList.of(LABEL_TLD));
|
||||
|
||||
// 2. Service Status Descriptor
|
||||
createMetricDescriptor(
|
||||
METRIC_SERVICE_STATUS,
|
||||
DISPLAY_NAME_SERVICE_STATUS,
|
||||
DESC_SERVICE_STATUS,
|
||||
"INT64",
|
||||
ImmutableList.of(LABEL_TLD, LABEL_SERVICE_TYPE));
|
||||
|
||||
// 3. Emergency Usage Descriptor
|
||||
createMetricDescriptor(
|
||||
METRIC_EMERGENCY_USAGE,
|
||||
DISPLAY_NAME_EMERGENCY_USAGE,
|
||||
DESC_EMERGENCY_USAGE,
|
||||
"DOUBLE",
|
||||
ImmutableList.of(LABEL_TLD, LABEL_SERVICE_TYPE));
|
||||
|
||||
logger.atInfo().log("Metric descriptors ensured for project %s", projectId);
|
||||
}
|
||||
|
||||
private void createMetricDescriptor(
|
||||
String metricTypeSuffix,
|
||||
String displayName,
|
||||
String description,
|
||||
String valueType,
|
||||
ImmutableList<String> labelKeys) {
|
||||
|
||||
ImmutableList<LabelDescriptor> labelDescriptors =
|
||||
labelKeys.stream()
|
||||
.map(
|
||||
key ->
|
||||
new LabelDescriptor()
|
||||
.setKey(key)
|
||||
.setValueType("STRING")
|
||||
.setDescription(
|
||||
key.equals(LABEL_TLD)
|
||||
? "The TLD being monitored"
|
||||
: "The type of service"))
|
||||
.collect(toImmutableList());
|
||||
|
||||
MetricDescriptor descriptor =
|
||||
new MetricDescriptor()
|
||||
.setType(METRIC_DOMAIN + metricTypeSuffix)
|
||||
.setMetricKind(GAUGE_METRIC_KIND)
|
||||
.setValueType(valueType)
|
||||
.setDisplayName(displayName)
|
||||
.setDescription(description)
|
||||
.setLabels(labelDescriptors);
|
||||
try {
|
||||
monitoringClient
|
||||
.projects()
|
||||
.metricDescriptors()
|
||||
.create(this.projectName, descriptor)
|
||||
.execute();
|
||||
} catch (GoogleJsonResponseException e) {
|
||||
if (e.getStatusCode() == METRICS_ALREADY_EXIST) {
|
||||
// the metric already exists. This is expected.
|
||||
logger.atFine().log("Metric descriptor %s already exists.", metricTypeSuffix);
|
||||
} else {
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Failed to create metric descriptor %s. Status: %d",
|
||||
metricTypeSuffix, e.getStatusCode());
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Unexpected error creating metric descriptor %s.", metricTypeSuffix);
|
||||
}
|
||||
}
|
||||
|
||||
private void pushBatchMetrics(ImmutableList<TldServiceState> states) {
|
||||
Instant now = Instant.ofEpochMilli(clock.nowUtc().getMillis());
|
||||
TimeInterval interval = new TimeInterval().setEndTime(now.toString());
|
||||
Stream<TimeSeries> allTimeSeriesStream =
|
||||
states.stream().flatMap(state -> createMetricsForState(state, interval));
|
||||
|
||||
Iterator<List<TimeSeries>> batchIterator =
|
||||
Iterators.partition(allTimeSeriesStream.iterator(), MAX_TIMESERIES_PER_REQUEST);
|
||||
|
||||
int successCount = 0;
|
||||
int failureCount = 0;
|
||||
|
||||
// Iterate and count
|
||||
while (batchIterator.hasNext()) {
|
||||
List<TimeSeries> batch = batchIterator.next();
|
||||
try {
|
||||
CreateTimeSeriesRequest request = new CreateTimeSeriesRequest().setTimeSeries(batch);
|
||||
monitoringClient.projects().timeSeries().create(this.projectName, request).execute();
|
||||
|
||||
successCount++;
|
||||
|
||||
} catch (IOException e) {
|
||||
failureCount++;
|
||||
// Log individual batch failures, so we have the stack trace for debugging
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Failed to push batch of %d time series.", batch.size());
|
||||
}
|
||||
}
|
||||
|
||||
// 4. Log the final summary
|
||||
if (failureCount > 0) {
|
||||
logger.atWarning().log(
|
||||
"Metric push finished with errors. Batches Succeeded: %d, Failed: %d",
|
||||
successCount, failureCount);
|
||||
} else {
|
||||
logger.atInfo().log("Metric push finished successfully. Batches Succeeded: %d", successCount);
|
||||
}
|
||||
}
|
||||
|
||||
/** Generates all TimeSeries (TLD + Services) for a single state object. */
|
||||
private Stream<TimeSeries> createMetricsForState(TldServiceState state, TimeInterval interval) {
|
||||
// 1. TLD Status
|
||||
Stream<TimeSeries> tldStream = Stream.of(createTldStatusTimeSeries(state, interval));
|
||||
|
||||
// 2. Service Metrics (if any)
|
||||
Stream<TimeSeries> serviceStream =
|
||||
state.serviceStatuses().entrySet().stream()
|
||||
.flatMap(
|
||||
entry ->
|
||||
createServiceMetricsStream(
|
||||
state.tld(), entry.getKey(), entry.getValue(), interval));
|
||||
|
||||
return Stream.concat(tldStream, serviceStream);
|
||||
}
|
||||
|
||||
private Stream<TimeSeries> createServiceMetricsStream(
|
||||
String tld, String serviceType, ServiceStatus statusObj, TimeInterval interval) {
|
||||
ImmutableMap<String, String> labels =
|
||||
ImmutableMap.of(LABEL_TLD, tld, LABEL_SERVICE_TYPE, serviceType);
|
||||
|
||||
return Stream.of(
|
||||
createTimeSeries(
|
||||
METRIC_SERVICE_STATUS, labels, parseServiceStatus(statusObj.status()), interval),
|
||||
createTimeSeries(METRIC_EMERGENCY_USAGE, labels, statusObj.emergencyThreshold(), interval));
|
||||
}
|
||||
|
||||
private TimeSeries createTldStatusTimeSeries(TldServiceState state, TimeInterval interval) {
|
||||
return createTimeSeries(
|
||||
METRIC_TLD_STATUS,
|
||||
ImmutableMap.of(LABEL_TLD, state.tld()),
|
||||
parseTldStatus(state.status()),
|
||||
interval);
|
||||
}
|
||||
|
||||
private TimeSeries createTimeSeries(
|
||||
String suffix, ImmutableMap<String, String> labels, Number val, TimeInterval interval) {
|
||||
Metric metric = new Metric().setType(METRIC_DOMAIN + suffix).setLabels(labels);
|
||||
|
||||
TypedValue tv = new TypedValue();
|
||||
if (val instanceof Double) {
|
||||
tv.setDoubleValue((Double) val);
|
||||
} else {
|
||||
tv.setInt64Value(val.longValue());
|
||||
}
|
||||
|
||||
return new TimeSeries()
|
||||
.setMetric(metric)
|
||||
.setResource(this.monitoredResource)
|
||||
.setPoints(ImmutableList.of(new Point().setInterval(interval).setValue(tv)));
|
||||
}
|
||||
|
||||
/**
|
||||
* Translates MoSAPI status to a numeric metric.
|
||||
*
|
||||
* <p>Mappings: 1 (UP) = Healthy; 0 (DOWN) = Critical failure; 2 (UP-INCONCLUSIVE) = Disabled/Not
|
||||
* Monitored/In Maintenance.
|
||||
*
|
||||
* <p>A status of 2 indicates the SLA monitoring system is under maintenance. The TLD is
|
||||
* considered "UP" by default, but individual service checks are disabled. This distinguishes
|
||||
* maintenance windows from actual availability or outages.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Spec Sec 5.1</a>
|
||||
*/
|
||||
private long parseTldStatus(String status) {
|
||||
return switch (Ascii.toUpperCase(status)) {
|
||||
case STATUS_DOWN -> 0;
|
||||
case STATUS_UP_INCONCLUSIVE -> 2;
|
||||
default -> 1; // status is up
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Translates MoSAPI service status to a numeric metric.
|
||||
*
|
||||
* <p>Mappings: 1 (UP) = Healthy; 0 (DOWN) = Critical failure; 2 (DISABLED/UP-INCONCLUSIVE*) =
|
||||
* Disabled/Not Monitored/In Maintenance.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Spec Sec 5.1</a>
|
||||
*/
|
||||
private long parseServiceStatus(String status) {
|
||||
String serviceStatus = Ascii.toUpperCase(status);
|
||||
if (serviceStatus.startsWith(STATUS_UP_INCONCLUSIVE)) {
|
||||
return 2;
|
||||
}
|
||||
return switch (serviceStatus) {
|
||||
case STATUS_DOWN -> 0;
|
||||
case STATUS_DISABLED -> 2;
|
||||
default -> 1; // status is Up
|
||||
};
|
||||
}
|
||||
}
|
||||
122
core/src/main/java/google/registry/mosapi/MosApiModels.java
Normal file
122
core/src/main/java/google/registry/mosapi/MosApiModels.java
Normal file
@@ -0,0 +1,122 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import static google.registry.util.CollectionUtils.nullToEmptyImmutableCopy;
|
||||
|
||||
import com.google.gson.annotations.Expose;
|
||||
import com.google.gson.annotations.SerializedName;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import javax.annotation.Nullable;
|
||||
|
||||
/** Data models for ICANN MoSAPI. */
|
||||
public final class MosApiModels {
|
||||
|
||||
private MosApiModels() {}
|
||||
|
||||
/**
|
||||
* A wrapper response containing the state summaries of all monitored services.
|
||||
*
|
||||
* <p>This corresponds to the collection of service statuses returned when monitoring the state of
|
||||
* a TLD
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 5.1</a>
|
||||
*/
|
||||
public record AllServicesStateResponse(
|
||||
// A list of state summaries for each monitored service (e.g. DNS, RDDS, etc.)
|
||||
@Expose List<ServiceStateSummary> serviceStates) {
|
||||
|
||||
public AllServicesStateResponse {
|
||||
serviceStates = nullToEmptyImmutableCopy(serviceStates);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A summary of a service incident.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 5.1</a>
|
||||
*/
|
||||
public record IncidentSummary(
|
||||
@Expose String incidentID,
|
||||
@Expose long startTime,
|
||||
@Expose boolean falsePositive,
|
||||
@Expose String state,
|
||||
@Expose @Nullable Long endTime) {}
|
||||
|
||||
/**
|
||||
* A curated summary of the service state for a TLD.
|
||||
*
|
||||
* <p>This class aggregates the high-level status of a TLD and details of any active incidents
|
||||
* affecting specific services (like DNS or RDDS), based on the data structures defined in the
|
||||
* MoSAPI specification.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 5.1</a>
|
||||
*/
|
||||
public record ServiceStateSummary(
|
||||
@Expose String tld,
|
||||
@Expose String overallStatus,
|
||||
@Expose List<ServiceStatus> activeIncidents) {
|
||||
|
||||
public ServiceStateSummary {
|
||||
activeIncidents = nullToEmptyImmutableCopy(activeIncidents);
|
||||
}
|
||||
}
|
||||
|
||||
/** Represents the status of a single monitored service. */
|
||||
public record ServiceStatus(
|
||||
/**
|
||||
* A JSON string that contains the status of the Service as seen from the monitoring system.
|
||||
* Possible values include "Up", "Down", "Disabled", "UP-inconclusive-no-data", etc.
|
||||
*/
|
||||
@Expose String status,
|
||||
|
||||
// A JSON number that contains the current percentage of the Emergency Threshold
|
||||
// of the Service. A value of "0" specifies that there are no Incidents
|
||||
// affecting the threshold.
|
||||
@Expose double emergencyThreshold,
|
||||
@Expose List<IncidentSummary> incidents) {
|
||||
|
||||
public ServiceStatus {
|
||||
incidents = nullToEmptyImmutableCopy(incidents);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Represents the overall health of all monitored services for a TLD.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 5.1</a>
|
||||
*/
|
||||
public record TldServiceState(
|
||||
@Expose String tld,
|
||||
long lastUpdateApiDatabase,
|
||||
|
||||
// A JSON string that contains the status of the TLD as seen from the monitoring system
|
||||
@Expose String status,
|
||||
|
||||
// A JSON object containing detailed information for each potential monitored service (i.e.,
|
||||
// DNS,
|
||||
// RDDS, EPP, DNSSEC, RDAP).
|
||||
@Expose @SerializedName("testedServices") Map<String, ServiceStatus> serviceStatuses) {
|
||||
|
||||
public TldServiceState {
|
||||
serviceStatuses = nullToEmptyImmutableCopy(serviceStatuses);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,164 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.mosapi.MosApiModels.AllServicesStateResponse;
|
||||
import google.registry.mosapi.MosApiModels.ServiceStateSummary;
|
||||
import google.registry.mosapi.MosApiModels.ServiceStatus;
|
||||
import google.registry.mosapi.MosApiModels.TldServiceState;
|
||||
import jakarta.inject.Inject;
|
||||
import jakarta.inject.Named;
|
||||
import java.util.Objects;
|
||||
import java.util.concurrent.CompletableFuture;
|
||||
import java.util.concurrent.ExecutorService;
|
||||
|
||||
/** A service that provides business logic for interacting with MoSAPI Service State. */
|
||||
public class MosApiStateService {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
private final ServiceMonitoringClient serviceMonitoringClient;
|
||||
private final ExecutorService tldExecutor;
|
||||
|
||||
private final ImmutableSet<String> tlds;
|
||||
|
||||
private final MosApiMetrics mosApiMetrics;
|
||||
|
||||
private static final String DOWN_STATUS = "Down";
|
||||
private static final String FETCH_ERROR_STATUS = "ERROR";
|
||||
|
||||
@Inject
|
||||
public MosApiStateService(
|
||||
ServiceMonitoringClient serviceMonitoringClient,
|
||||
MosApiMetrics mosApiMetrics,
|
||||
@Config("mosapiTlds") ImmutableSet<String> tlds,
|
||||
@Named("mosapiTldExecutor") ExecutorService tldExecutor) {
|
||||
this.serviceMonitoringClient = serviceMonitoringClient;
|
||||
this.mosApiMetrics = mosApiMetrics;
|
||||
this.tlds = tlds;
|
||||
this.tldExecutor = tldExecutor;
|
||||
}
|
||||
|
||||
/** Fetches and transforms the service state for a given TLD into a summary. */
|
||||
public ServiceStateSummary getServiceStateSummary(String tld) throws MosApiException {
|
||||
TldServiceState rawState = serviceMonitoringClient.getTldServiceState(tld);
|
||||
return transformToSummary(rawState);
|
||||
}
|
||||
|
||||
/** Fetches and transforms the service state for all configured TLDs. */
|
||||
public AllServicesStateResponse getAllServiceStateSummaries() {
|
||||
ImmutableList<CompletableFuture<ServiceStateSummary>> futures =
|
||||
tlds.stream()
|
||||
.map(
|
||||
tld ->
|
||||
CompletableFuture.supplyAsync(
|
||||
() -> {
|
||||
try {
|
||||
return getServiceStateSummary(tld);
|
||||
} catch (MosApiException e) {
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Failed to get service state for TLD %s.", tld);
|
||||
// we don't want to throw exception if fetch failed
|
||||
return new ServiceStateSummary(tld, FETCH_ERROR_STATUS, null);
|
||||
}
|
||||
},
|
||||
tldExecutor))
|
||||
.collect(ImmutableList.toImmutableList());
|
||||
|
||||
ImmutableList<ServiceStateSummary> summaries =
|
||||
futures.stream()
|
||||
.map(CompletableFuture::join) // Waits for all tasks to complete
|
||||
.collect(toImmutableList());
|
||||
|
||||
return new AllServicesStateResponse(summaries);
|
||||
}
|
||||
|
||||
private ServiceStateSummary transformToSummary(TldServiceState rawState) {
|
||||
ImmutableList<ServiceStatus> activeIncidents = ImmutableList.of();
|
||||
if (DOWN_STATUS.equalsIgnoreCase(rawState.status())) {
|
||||
activeIncidents =
|
||||
rawState.serviceStatuses().entrySet().stream()
|
||||
.filter(
|
||||
entry -> {
|
||||
ServiceStatus serviceStatus = entry.getValue();
|
||||
return serviceStatus.incidents() != null
|
||||
&& !serviceStatus.incidents().isEmpty();
|
||||
})
|
||||
.map(
|
||||
entry ->
|
||||
new ServiceStatus(
|
||||
// key is the service name
|
||||
entry.getKey(),
|
||||
entry.getValue().emergencyThreshold(),
|
||||
entry.getValue().incidents()))
|
||||
.collect(toImmutableList());
|
||||
}
|
||||
return new ServiceStateSummary(rawState.tld(), rawState.status(), activeIncidents);
|
||||
}
|
||||
|
||||
/** Triggers monitoring exposure for all configured TLDs. */
|
||||
public void triggerMetricsForAllServiceStateSummaries() {
|
||||
ImmutableList<CompletableFuture<TldServiceState>> futures =
|
||||
tlds.stream()
|
||||
.map(
|
||||
tld ->
|
||||
CompletableFuture.supplyAsync(
|
||||
() -> {
|
||||
try {
|
||||
return serviceMonitoringClient.getTldServiceState(tld);
|
||||
} catch (MosApiException e) {
|
||||
// Log the error but don't rethrow as RuntimeException
|
||||
logger.atWarning().withCause(e).log(
|
||||
"Failed to fetch state for TLD: %s", tld);
|
||||
return null; // Return null so the stream keeps moving
|
||||
}
|
||||
},
|
||||
tldExecutor))
|
||||
.collect(toImmutableList());
|
||||
|
||||
ImmutableList<TldServiceState> allStates =
|
||||
futures.stream()
|
||||
.map(CompletableFuture::join)
|
||||
.filter(Objects::nonNull)
|
||||
.filter(this::isValidForMetrics)
|
||||
.collect(toImmutableList());
|
||||
|
||||
if (!allStates.isEmpty()) {
|
||||
try {
|
||||
logger.atInfo().log("Triggering MoSAPI status to cloud monitoring for all TLDs.");
|
||||
mosApiMetrics.recordStates(allStates);
|
||||
} catch (Exception e) {
|
||||
logger.atSevere().withCause(e).log("Failed to submit MoSAPI metrics batch.");
|
||||
}
|
||||
} else {
|
||||
logger.atWarning().log("No successful TLD states fetched; skipping metrics push.");
|
||||
}
|
||||
}
|
||||
|
||||
private boolean isValidForMetrics(TldServiceState state) {
|
||||
if (state.tld() == null || state.status() == null) {
|
||||
logger.atSevere().log(
|
||||
"Contract Violation: Received invalid state (TLD=%s, Status=%s). Skipping.",
|
||||
state.tld(), state.status());
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,80 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import com.google.common.base.Throwables;
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonParseException;
|
||||
import google.registry.mosapi.MosApiModels.TldServiceState;
|
||||
import jakarta.inject.Inject;
|
||||
import java.io.IOException;
|
||||
import java.util.Collections;
|
||||
import okhttp3.Response;
|
||||
import okhttp3.ResponseBody;
|
||||
|
||||
/** Facade for MoSAPI's service monitoring endpoints. */
|
||||
public class ServiceMonitoringClient {
|
||||
|
||||
private static final String MONITORING_STATE_ENDPOINT = "v2/monitoring/state";
|
||||
private final MosApiClient mosApiClient;
|
||||
private final Gson gson;
|
||||
|
||||
@Inject
|
||||
public ServiceMonitoringClient(MosApiClient mosApiClient, Gson gson) {
|
||||
this.mosApiClient = mosApiClient;
|
||||
this.gson = gson;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetches the current state of all monitored services for a given TLD.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 5.1</a>
|
||||
*/
|
||||
public TldServiceState getTldServiceState(String tld) throws MosApiException {
|
||||
try (Response response =
|
||||
mosApiClient.sendGetRequest(
|
||||
tld, MONITORING_STATE_ENDPOINT, Collections.emptyMap(), Collections.emptyMap())) {
|
||||
|
||||
ResponseBody responseBody = response.body();
|
||||
if (responseBody == null) {
|
||||
throw new MosApiException(
|
||||
String.format(
|
||||
"MoSAPI Service Monitoring API " + "returned an empty body with status: %d",
|
||||
response.code()));
|
||||
}
|
||||
String bodyString = responseBody.string();
|
||||
if (!response.isSuccessful()) {
|
||||
throw parseErrorResponse(response.code(), bodyString);
|
||||
}
|
||||
return gson.fromJson(bodyString, TldServiceState.class);
|
||||
} catch (IOException | JsonParseException e) {
|
||||
Throwables.throwIfInstanceOf(e, MosApiException.class);
|
||||
// Catch Gson's runtime exceptions (parsing errors) and wrap them
|
||||
throw new MosApiException("Failed to parse TLD service state response", e);
|
||||
}
|
||||
}
|
||||
|
||||
/** Parses an unsuccessful MoSAPI response into a domain-specific {@link MosApiException}. */
|
||||
private MosApiException parseErrorResponse(int statusCode, String bodyString) {
|
||||
try {
|
||||
MosApiErrorResponse error = gson.fromJson(bodyString, MosApiErrorResponse.class);
|
||||
return MosApiException.create(error);
|
||||
} catch (JsonParseException e) {
|
||||
return new MosApiException(
|
||||
String.format("MoSAPI json parsing error (%d): %s", statusCode, bodyString), e);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,60 @@
|
||||
// Copyright 2026 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi;
|
||||
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import com.google.common.net.MediaType;
|
||||
import google.registry.request.Action;
|
||||
import google.registry.request.HttpException.InternalServerErrorException;
|
||||
import google.registry.request.Response;
|
||||
import google.registry.request.auth.Auth;
|
||||
import jakarta.inject.Inject;
|
||||
|
||||
/**
|
||||
* An action that triggers Metrics action for the current MoSAPI service state result for all TLDs.
|
||||
*/
|
||||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = TriggerServiceStateAction.PATH,
|
||||
method = Action.Method.GET,
|
||||
auth = Auth.AUTH_ADMIN)
|
||||
public class TriggerServiceStateAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
public static final String PATH = "/_dr/task/triggerMosApiServiceState";
|
||||
private final MosApiStateService stateService;
|
||||
private final Response response;
|
||||
|
||||
@Inject
|
||||
public TriggerServiceStateAction(MosApiStateService stateService, Response response) {
|
||||
this.stateService = stateService;
|
||||
this.response = response;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
response.setContentType(MediaType.PLAIN_TEXT_UTF_8);
|
||||
try {
|
||||
logger.atInfo().log("Beginning to trigger MoSAPI metrics for all TLDs.");
|
||||
stateService.triggerMetricsForAllServiceStateSummaries();
|
||||
response.setStatus(200);
|
||||
response.setPayload("MoSAPI metrics triggered successfully for all TLDs.");
|
||||
} catch (Exception e) {
|
||||
logger.atSevere().withCause(e).log("Error triggering MoSAPI metrics.");
|
||||
throw new InternalServerErrorException("Failed to process MoSAPI metrics.");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -32,6 +32,8 @@ import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.util.Optional;
|
||||
import java.util.concurrent.ExecutorService;
|
||||
import java.util.concurrent.Executors;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
@@ -184,4 +186,21 @@ public final class MosApiModule {
|
||||
.sslSocketFactory(sslContext.getSocketFactory(), trustManager)
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides a fixed thread pool for parallel TLD processing.
|
||||
*
|
||||
* <p>Strictly bound to 4 threads to comply with MoSAPI session limits (4 concurrent sessions per
|
||||
* certificate). This is used by MosApiStateService to fetch data in parallel.
|
||||
*
|
||||
* @see <a href="https://www.icann.org/mosapi-specification.pdf">ICANN MoSAPI Specification,
|
||||
* Section 12.3</a>
|
||||
*/
|
||||
@Provides
|
||||
@Singleton
|
||||
@Named("mosapiTldExecutor")
|
||||
static ExecutorService provideMosapiTldExecutor(
|
||||
@Config("mosapiTldThreadCount") int threadPoolSize) {
|
||||
return Executors.newFixedThreadPool(threadPoolSize);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.mosapi.module;
|
||||
|
||||
import static google.registry.request.RequestParameters.extractOptionalParameter;
|
||||
|
||||
import dagger.Module;
|
||||
import dagger.Provides;
|
||||
import google.registry.request.Parameter;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.util.Optional;
|
||||
|
||||
/** Dagger module for MoSAPI requests. */
|
||||
@Module
|
||||
public final class MosApiRequestModule {
|
||||
@Provides
|
||||
@Parameter("tld")
|
||||
static Optional<String> provideTld(HttpServletRequest req) {
|
||||
return extractOptionalParameter(req, "tld");
|
||||
}
|
||||
}
|
||||
@@ -27,7 +27,6 @@ import com.google.common.collect.ImmutableMap;
|
||||
import com.google.gson.annotations.Expose;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.util.SerializeUtils;
|
||||
@@ -51,7 +50,7 @@ public class VKey<T> extends ImmutableObject implements Serializable {
|
||||
private static final String DELIMITER = "@";
|
||||
|
||||
private static final ImmutableMap<String, Class<? extends EppResource>> EPP_RESOURCE_CLASS_MAP =
|
||||
ImmutableList.of(Domain.class, Host.class, Contact.class).stream()
|
||||
ImmutableList.of(Domain.class, Host.class).stream()
|
||||
.collect(toImmutableMap(Class::getSimpleName, identity()));
|
||||
|
||||
// The primary key for the referenced entity.
|
||||
|
||||
@@ -14,28 +14,12 @@
|
||||
|
||||
package google.registry.privileges.secretmanager;
|
||||
|
||||
import com.google.cloud.secretmanager.v1.SecretVersionName;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.privileges.secretmanager.SecretManagerClient.NoSuchSecretResourceException;
|
||||
import jakarta.inject.Inject;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* Storage of SQL users' login credentials, backed by Cloud Secret Manager.
|
||||
*
|
||||
* <p>A user's credential is stored with one level of indirection using two secret IDs: Each version
|
||||
* of the <em>credential data</em> is stored as follows: its secret ID is determined by {@link
|
||||
* #getCredentialDataSecretId(SqlUser, String dbInstance)}, and the value of each version is a
|
||||
* {@link SqlCredential}, serialized using {@link SqlCredential#toFormattedString}. The 'live'
|
||||
* version of the credential is saved under the 'live pointer' secret explained below.
|
||||
*
|
||||
* <p>The pointer to the 'live' version of the credential data is stored as follows: its secret ID
|
||||
* is determined by {@link #getLiveLabelSecretId(SqlUser, String dbInstance)}; and the value of each
|
||||
* version is a {@link SecretVersionName} in String form, pointing to a version of the credential
|
||||
* data. Only the 'latest' version of this secret should be used. It is guaranteed to be valid.
|
||||
*
|
||||
* <p>The indirection in credential storage makes it easy to handle failures in the credential
|
||||
* change process.
|
||||
*/
|
||||
public class SqlCredentialStore {
|
||||
private final SecretManagerClient csmClient;
|
||||
@@ -49,61 +33,19 @@ public class SqlCredentialStore {
|
||||
}
|
||||
|
||||
public SqlCredential getCredential(SqlUser user) {
|
||||
SecretVersionName credentialName = getLiveCredentialSecretVersion(user);
|
||||
return SqlCredential.fromFormattedString(
|
||||
csmClient.getSecretData(
|
||||
credentialName.getSecret(), Optional.of(credentialName.getSecretVersion())));
|
||||
var secretId = getSecretIdForUserPassword(user);
|
||||
var secretData = csmClient.getSecretData(secretId, Optional.empty());
|
||||
return SqlCredential.fromFormattedString(secretData);
|
||||
}
|
||||
|
||||
public void createOrUpdateCredential(SqlUser user, String password) {
|
||||
SecretVersionName dataName = saveCredentialData(user, password);
|
||||
saveLiveLabel(user, dataName);
|
||||
var secretId = getSecretIdForUserPassword(user);
|
||||
csmClient.createSecretIfAbsent(secretId);
|
||||
csmClient.addSecretVersion(
|
||||
secretId, SqlCredential.create(user.geUserName(), password).toFormattedString());
|
||||
}
|
||||
|
||||
public void deleteCredential(SqlUser user) {
|
||||
try {
|
||||
csmClient.deleteSecret(getCredentialDataSecretId(user, dbInstance));
|
||||
} catch (NoSuchSecretResourceException e) {
|
||||
// ok
|
||||
}
|
||||
try {
|
||||
csmClient.deleteSecret(getLiveLabelSecretId(user, dbInstance));
|
||||
} catch (NoSuchSecretResourceException e) {
|
||||
// ok.
|
||||
}
|
||||
}
|
||||
|
||||
private SecretVersionName saveCredentialData(SqlUser user, String password) {
|
||||
String credentialDataSecretId = getCredentialDataSecretId(user, dbInstance);
|
||||
csmClient.createSecretIfAbsent(credentialDataSecretId);
|
||||
String credentialVersion =
|
||||
csmClient.addSecretVersion(
|
||||
credentialDataSecretId,
|
||||
SqlCredential.create(createDatabaseLoginName(user), password).toFormattedString());
|
||||
return SecretVersionName.of(csmClient.getProject(), credentialDataSecretId, credentialVersion);
|
||||
}
|
||||
|
||||
private void saveLiveLabel(SqlUser user, SecretVersionName dataVersionName) {
|
||||
String liveLabelSecretId = getLiveLabelSecretId(user, dbInstance);
|
||||
csmClient.createSecretIfAbsent(liveLabelSecretId);
|
||||
csmClient.addSecretVersion(liveLabelSecretId, dataVersionName.toString());
|
||||
}
|
||||
|
||||
private SecretVersionName getLiveCredentialSecretVersion(SqlUser user) {
|
||||
return SecretVersionName.parse(
|
||||
csmClient.getSecretData(getLiveLabelSecretId(user, dbInstance), Optional.empty()));
|
||||
}
|
||||
|
||||
private static String getLiveLabelSecretId(SqlUser user, String dbInstance) {
|
||||
return String.format("sql-cred-live-label-%s-%s", user.geUserName(), dbInstance);
|
||||
}
|
||||
|
||||
private static String getCredentialDataSecretId(SqlUser user, String dbInstance) {
|
||||
return String.format("sql-cred-data-%s-%s", user.geUserName(), dbInstance);
|
||||
}
|
||||
|
||||
// WIP: when b/170230882 is complete, login will be versioned.
|
||||
private static String createDatabaseLoginName(SqlUser user) {
|
||||
return user.geUserName();
|
||||
private String getSecretIdForUserPassword(SqlUser user) {
|
||||
return String.format("sql-password-for-%s-on-%s", user.geUserName(), this.dbInstance);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,192 +0,0 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.rde;
|
||||
|
||||
import static google.registry.util.XmlEnumUtils.enumToXml;
|
||||
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.contact.ContactAddress;
|
||||
import google.registry.model.contact.ContactPhoneNumber;
|
||||
import google.registry.model.contact.Disclose;
|
||||
import google.registry.model.contact.Disclose.PostalInfoChoice;
|
||||
import google.registry.model.contact.PostalInfo;
|
||||
import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.transfer.TransferData;
|
||||
import google.registry.xjc.contact.XjcContactAddrType;
|
||||
import google.registry.xjc.contact.XjcContactDiscloseType;
|
||||
import google.registry.xjc.contact.XjcContactE164Type;
|
||||
import google.registry.xjc.contact.XjcContactIntLocType;
|
||||
import google.registry.xjc.contact.XjcContactPostalInfoEnumType;
|
||||
import google.registry.xjc.contact.XjcContactPostalInfoType;
|
||||
import google.registry.xjc.contact.XjcContactStatusType;
|
||||
import google.registry.xjc.contact.XjcContactStatusValueType;
|
||||
import google.registry.xjc.eppcom.XjcEppcomTrStatusType;
|
||||
import google.registry.xjc.rdecontact.XjcRdeContact;
|
||||
import google.registry.xjc.rdecontact.XjcRdeContactElement;
|
||||
import google.registry.xjc.rdecontact.XjcRdeContactTransferDataType;
|
||||
import javax.annotation.CheckForNull;
|
||||
import javax.annotation.Nullable;
|
||||
|
||||
/** Utility class that turns {@link Contact} as {@link XjcRdeContactElement}. */
|
||||
final class ContactToXjcConverter {
|
||||
|
||||
/** Converts {@link Contact} to {@link XjcRdeContactElement}. */
|
||||
static XjcRdeContactElement convert(Contact host) {
|
||||
return new XjcRdeContactElement(convertContact(host));
|
||||
}
|
||||
|
||||
/** Converts {@link Contact} to {@link XjcRdeContact}. */
|
||||
static XjcRdeContact convertContact(Contact model) {
|
||||
XjcRdeContact bean = new XjcRdeContact();
|
||||
bean.setRoid(model.getRepoId());
|
||||
for (StatusValue status : model.getStatusValues()) {
|
||||
bean.getStatuses().add(convertStatusValue(status));
|
||||
}
|
||||
PostalInfo localizedPostalInfo = model.getLocalizedPostalInfo();
|
||||
if (localizedPostalInfo != null) {
|
||||
bean.getPostalInfos().add(convertPostalInfo(localizedPostalInfo));
|
||||
}
|
||||
PostalInfo internationalizedPostalInfo = model.getInternationalizedPostalInfo();
|
||||
if (internationalizedPostalInfo != null) {
|
||||
bean.getPostalInfos().add(convertPostalInfo(internationalizedPostalInfo));
|
||||
}
|
||||
bean.setId(model.getContactId());
|
||||
bean.setClID(model.getCurrentSponsorRegistrarId());
|
||||
bean.setCrRr(RdeAdapter.convertRr(model.getCreationRegistrarId(), null));
|
||||
bean.setUpRr(RdeAdapter.convertRr(model.getLastEppUpdateRegistrarId(), null));
|
||||
bean.setCrDate(model.getCreationTime());
|
||||
bean.setUpDate(model.getLastEppUpdateTime());
|
||||
bean.setTrDate(model.getLastTransferTime());
|
||||
bean.setVoice(convertPhoneNumber(model.getVoiceNumber()));
|
||||
bean.setFax(convertPhoneNumber(model.getFaxNumber()));
|
||||
bean.setEmail(model.getEmailAddress());
|
||||
bean.setDisclose(convertDisclose(model.getDisclose()));
|
||||
|
||||
// o An OPTIONAL <trnData> element that contains the following child
|
||||
// elements related to the last transfer request of the contact
|
||||
// object:
|
||||
//
|
||||
// * A <trStatus> element that contains the state of the most recent
|
||||
// transfer request.
|
||||
//
|
||||
// * A <reRr> element that contains the identifier of the registrar
|
||||
// that requested the domain name object transfer. An OPTIONAL
|
||||
// client attribute is used to specify the client that performed
|
||||
// the operation.
|
||||
//
|
||||
// * An <acRr> element that contains the identifier of the registrar
|
||||
// that SHOULD act upon a PENDING transfer request. For all other
|
||||
// status types, the value identifies the registrar that took the
|
||||
// indicated action. An OPTIONAL client attribute is used to
|
||||
// specify the client that performed the operation.
|
||||
//
|
||||
// * A <reDate> element that contains the date and time that the
|
||||
// transfer was requested.
|
||||
//
|
||||
// * An <acDate> element that contains the date and time of a
|
||||
// required or completed response. For a PENDING request, the
|
||||
// value identifies the date and time by which a response is
|
||||
// required before an automated response action will be taken by
|
||||
// the registry. For all other status types, the value identifies
|
||||
// the date and time when the request was completed.
|
||||
if (!model.getTransferData().isEmpty()) {
|
||||
bean.setTrnData(convertTransferData(model.getTransferData()));
|
||||
}
|
||||
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link TransferData} to {@link XjcRdeContactTransferDataType}. */
|
||||
private static XjcRdeContactTransferDataType convertTransferData(TransferData model) {
|
||||
XjcRdeContactTransferDataType bean = new XjcRdeContactTransferDataType();
|
||||
bean.setTrStatus(XjcEppcomTrStatusType.fromValue(model.getTransferStatus().getXmlName()));
|
||||
bean.setReRr(RdeUtils.makeXjcRdeRrType(model.getGainingRegistrarId()));
|
||||
bean.setAcRr(RdeUtils.makeXjcRdeRrType(model.getLosingRegistrarId()));
|
||||
bean.setReDate(model.getTransferRequestTime());
|
||||
bean.setAcDate(model.getPendingTransferExpirationTime());
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link ContactAddress} to {@link XjcContactAddrType}. */
|
||||
private static XjcContactAddrType convertAddress(ContactAddress model) {
|
||||
XjcContactAddrType bean = new XjcContactAddrType();
|
||||
bean.getStreets().addAll(model.getStreet());
|
||||
bean.setCity(model.getCity());
|
||||
bean.setSp(model.getState());
|
||||
bean.setPc(model.getZip());
|
||||
bean.setCc(model.getCountryCode());
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link Disclose} to {@link XjcContactDiscloseType}. */
|
||||
@Nullable
|
||||
@CheckForNull
|
||||
static XjcContactDiscloseType convertDisclose(@Nullable Disclose model) {
|
||||
if (model == null) {
|
||||
return null;
|
||||
}
|
||||
XjcContactDiscloseType bean = new XjcContactDiscloseType();
|
||||
bean.setFlag(model.getFlag());
|
||||
for (PostalInfoChoice loc : model.getNames()) {
|
||||
bean.getNames().add(convertPostalInfoChoice(loc));
|
||||
}
|
||||
for (PostalInfoChoice loc : model.getOrgs()) {
|
||||
bean.getOrgs().add(convertPostalInfoChoice(loc));
|
||||
}
|
||||
for (PostalInfoChoice loc : model.getAddrs()) {
|
||||
bean.getAddrs().add(convertPostalInfoChoice(loc));
|
||||
}
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link ContactPhoneNumber} to {@link XjcContactE164Type}. */
|
||||
@Nullable
|
||||
@CheckForNull
|
||||
private static XjcContactE164Type convertPhoneNumber(@Nullable ContactPhoneNumber model) {
|
||||
if (model == null) {
|
||||
return null;
|
||||
}
|
||||
XjcContactE164Type bean = new XjcContactE164Type();
|
||||
bean.setValue(model.getPhoneNumber());
|
||||
bean.setX(model.getExtension());
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link PostalInfoChoice} to {@link XjcContactIntLocType}. */
|
||||
private static XjcContactIntLocType convertPostalInfoChoice(PostalInfoChoice model) {
|
||||
XjcContactIntLocType bean = new XjcContactIntLocType();
|
||||
bean.setType(XjcContactPostalInfoEnumType.fromValue(enumToXml(model.getType())));
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link PostalInfo} to {@link XjcContactPostalInfoType}. */
|
||||
private static XjcContactPostalInfoType convertPostalInfo(PostalInfo model) {
|
||||
XjcContactPostalInfoType bean = new XjcContactPostalInfoType();
|
||||
bean.setName(model.getName());
|
||||
bean.setOrg(model.getOrg());
|
||||
bean.setAddr(convertAddress(model.getAddress()));
|
||||
bean.setType(XjcContactPostalInfoEnumType.fromValue(enumToXml(model.getType())));
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link StatusValue} to {@link XjcContactStatusType}. */
|
||||
private static XjcContactStatusType convertStatusValue(StatusValue model) {
|
||||
XjcContactStatusType bean = new XjcContactStatusType();
|
||||
bean.setS(XjcContactStatusValueType.fromValue(model.getXmlName()));
|
||||
return bean;
|
||||
}
|
||||
|
||||
private ContactToXjcConverter() {}
|
||||
}
|
||||
@@ -14,14 +14,9 @@
|
||||
|
||||
package google.registry.rde;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkState;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.base.Ascii;
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.DesignatedContact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.domain.rgp.GracePeriodStatus;
|
||||
import google.registry.model.domain.secdns.DomainDsData;
|
||||
@@ -29,10 +24,7 @@ import google.registry.model.eppcommon.StatusValue;
|
||||
import google.registry.model.rde.RdeMode;
|
||||
import google.registry.model.transfer.DomainTransferData;
|
||||
import google.registry.model.transfer.TransferData;
|
||||
import google.registry.persistence.VKey;
|
||||
import google.registry.util.Idn;
|
||||
import google.registry.xjc.domain.XjcDomainContactAttrType;
|
||||
import google.registry.xjc.domain.XjcDomainContactType;
|
||||
import google.registry.xjc.domain.XjcDomainNsType;
|
||||
import google.registry.xjc.domain.XjcDomainStatusType;
|
||||
import google.registry.xjc.domain.XjcDomainStatusValueType;
|
||||
@@ -44,7 +36,6 @@ import google.registry.xjc.rgp.XjcRgpStatusType;
|
||||
import google.registry.xjc.rgp.XjcRgpStatusValueType;
|
||||
import google.registry.xjc.secdns.XjcSecdnsDsDataType;
|
||||
import google.registry.xjc.secdns.XjcSecdnsDsOrKeyType;
|
||||
import java.util.Optional;
|
||||
|
||||
/** Utility class that turns {@link Domain} as {@link XjcRdeDomainElement}. */
|
||||
final class DomainToXjcConverter {
|
||||
@@ -152,8 +143,6 @@ final class DomainToXjcConverter {
|
||||
|
||||
switch (mode) {
|
||||
case FULL:
|
||||
String domainName = model.getDomainName();
|
||||
|
||||
// o Zero or more OPTIONAL <rgpStatus> element to represent
|
||||
// "pendingDelete" sub-statuses, including "redemptionPeriod",
|
||||
// "pendingRestore", and "pendingDelete", that a domain name can be
|
||||
@@ -163,25 +152,6 @@ final class DomainToXjcConverter {
|
||||
bean.getRgpStatuses().add(convertGracePeriodStatus(status));
|
||||
}
|
||||
|
||||
// o An OPTIONAL <registrant> element that contain the identifier for
|
||||
// the human or organizational social information object associated
|
||||
// as the holder of the domain name object.
|
||||
Optional<VKey<Contact>> registrant = model.getRegistrant();
|
||||
if (registrant.isPresent()) {
|
||||
Optional<Contact> registrantContact =
|
||||
tm().transact(() -> tm().loadByKeyIfPresent(registrant.get()));
|
||||
registrantContact.ifPresent(c -> bean.setRegistrant(c.getContactId()));
|
||||
}
|
||||
|
||||
// o Zero or more OPTIONAL <contact> elements that contain identifiers
|
||||
// for the human or organizational social information objects
|
||||
// associated with the domain name object.
|
||||
for (DesignatedContact contact : model.getContacts()) {
|
||||
Optional<XjcDomainContactType> contactType =
|
||||
convertDesignatedContact(contact, domainName);
|
||||
contactType.ifPresent(c -> bean.getContacts().add(c));
|
||||
}
|
||||
|
||||
// o An OPTIONAL <secDNS> element that contains the public key
|
||||
// information associated with Domain Name System security (DNSSEC)
|
||||
// extensions for the domain name as specified in [RFC5910].
|
||||
@@ -289,23 +259,5 @@ final class DomainToXjcConverter {
|
||||
return bean;
|
||||
}
|
||||
|
||||
/** Converts {@link DesignatedContact} to {@link XjcDomainContactType}. */
|
||||
private static Optional<XjcDomainContactType> convertDesignatedContact(
|
||||
DesignatedContact model, String domainName) {
|
||||
XjcDomainContactType bean = new XjcDomainContactType();
|
||||
checkState(
|
||||
model.getContactKey() != null,
|
||||
"Contact key for type %s is null on domain %s",
|
||||
model.getType(),
|
||||
domainName);
|
||||
Optional<Contact> contact = tm().transact(() -> tm().loadByKeyIfPresent(model.getContactKey()));
|
||||
if (contact.isEmpty()) {
|
||||
return Optional.empty();
|
||||
}
|
||||
bean.setType(XjcDomainContactAttrType.fromValue(Ascii.toLowerCase(model.getType().toString())));
|
||||
bean.setValue(contact.get().getContactId());
|
||||
return Optional.of(bean);
|
||||
}
|
||||
|
||||
private DomainToXjcConverter() {}
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@ import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.model.rde.RdeMode;
|
||||
@@ -118,12 +117,6 @@ public final class RdeMarshaller implements Serializable {
|
||||
}
|
||||
}
|
||||
|
||||
/** Turns {@link Contact} object into an XML fragment. */
|
||||
public DepositFragment marshalContact(Contact contact) {
|
||||
return marshalResource(
|
||||
RdeResourceType.CONTACT, contact, ContactToXjcConverter.convert(contact));
|
||||
}
|
||||
|
||||
/** Turns {@link Domain} object into an XML fragment. */
|
||||
public DepositFragment marshalDomain(Domain domain, RdeMode mode) {
|
||||
return marshalResource(
|
||||
|
||||
@@ -25,7 +25,6 @@ import java.util.EnumSet;
|
||||
|
||||
/** Types of objects that get embedded in an escrow deposit. */
|
||||
public enum RdeResourceType {
|
||||
CONTACT("urn:ietf:params:xml:ns:rdeContact-1.0", EnumSet.of(FULL)),
|
||||
DOMAIN("urn:ietf:params:xml:ns:rdeDomain-1.0", EnumSet.of(FULL, THIN)),
|
||||
HOST("urn:ietf:params:xml:ns:rdeHost-1.0", EnumSet.of(FULL)),
|
||||
REGISTRAR("urn:ietf:params:xml:ns:rdeRegistrar-1.0", EnumSet.of(FULL, THIN)),
|
||||
|
||||
@@ -44,7 +44,6 @@ import google.registry.gcs.GcsUtils;
|
||||
import google.registry.keyring.api.KeyModule.Key;
|
||||
import google.registry.model.common.Cursor;
|
||||
import google.registry.model.common.Cursor.CursorType;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.model.rde.RdeMode;
|
||||
@@ -80,8 +79,8 @@ import org.joda.time.Duration;
|
||||
* type and loads the embedded resource from it, which is then projected to watermark time to
|
||||
* account for things like pending transfer.
|
||||
*
|
||||
* <p>Only {@link Contact}s and {@link Host}s that are referenced by an included {@link Domain} will
|
||||
* be included in the corresponding pending deposit.
|
||||
* <p>Only {@link Host}s that are referenced by an included {@link Domain} will be included in the
|
||||
* corresponding pending deposit.
|
||||
*
|
||||
* <p>{@link Registrar} entities, both active and inactive, are included in all deposits. They are
|
||||
* not rewound point-in-time.
|
||||
|
||||
@@ -43,6 +43,15 @@ public enum IdnTableEnum {
|
||||
*/
|
||||
UNCONFUSABLE_LATIN("unconfusable_latin.txt"),
|
||||
|
||||
/**
|
||||
* ICANN LGR 2025 Latin, but with confusable characters removed.
|
||||
*
|
||||
* <p>This is based on <a
|
||||
* href="https://www.icann.org/sites/default/files/packages/lgr/lgr-second-level-latin-full-variant-script-24jan24-en.html">ICANN's
|
||||
* LGR table</a>, but is simpler.
|
||||
*/
|
||||
AUGMENTED_LATIN("augmented_latin.txt"),
|
||||
|
||||
/**
|
||||
* Japanese, as used on our existing TLD launches prior to 2023.
|
||||
*
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# URL: https://www.iana.org/domains/idn-tables/tables/google_latn_1.0.txt
|
||||
# URL: https://www.iana.org/domains/idn-tables/tables/google_latn_3.0.txt
|
||||
# Policy: https://www.registry.google/about/policies/domainabuse/
|
||||
U+002D # HYPHEN-MINUS
|
||||
U+0030 # DIGIT ZERO
|
||||
|
||||
120
core/src/main/java/google/registry/tmch/RstTmchUtils.java
Normal file
120
core/src/main/java/google/registry/tmch/RstTmchUtils.java
Normal file
@@ -0,0 +1,120 @@
|
||||
// Copyright 2025 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.tmch;
|
||||
|
||||
import static com.google.common.base.Suppliers.memoize;
|
||||
import static com.google.common.io.Resources.getResource;
|
||||
import static com.google.common.io.Resources.readLines;
|
||||
import static google.registry.tmch.RstTmchUtils.RstEnvironment.OTE;
|
||||
import static google.registry.tmch.RstTmchUtils.RstEnvironment.PROD;
|
||||
import static google.registry.util.RegistryEnvironment.SANDBOX;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
import com.google.common.base.Supplier;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.model.smd.SignedMarkRevocationList;
|
||||
import google.registry.model.tmch.ClaimsList;
|
||||
import google.registry.util.RegistryEnvironment;
|
||||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
import java.util.Locale;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* Utilities supporting TMCH-related RST testing in the Sandbox environment.
|
||||
*
|
||||
* <p>For logistic reasons we must conduct RST testing in the Sandbox environments. RST tests
|
||||
* require the use of special labels hosted on their website. To isolate these labels from regular
|
||||
* customers conducting onboarding tests, we manually download the test files as resources, and
|
||||
* serve them up only to RST TLDs.
|
||||
*/
|
||||
public class RstTmchUtils {
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
/**
|
||||
* The RST environments.
|
||||
*
|
||||
* <p>We conduct both OTE and PROD RST tests in Sandbox.
|
||||
*/
|
||||
enum RstEnvironment {
|
||||
OTE,
|
||||
PROD
|
||||
}
|
||||
|
||||
private static final ImmutableMap<RstEnvironment, Supplier<Optional<ClaimsList>>> CLAIMS_CACHE =
|
||||
ImmutableMap.of(
|
||||
OTE, memoize(() -> getClaimsList(OTE)), PROD, memoize(() -> getClaimsList(PROD)));
|
||||
|
||||
private static final ImmutableMap<RstEnvironment, Supplier<Optional<SignedMarkRevocationList>>>
|
||||
SMDRL_CACHE =
|
||||
ImmutableMap.of(
|
||||
OTE, memoize(() -> getSmdrList(OTE)), PROD, memoize(() -> getSmdrList(PROD)));
|
||||
|
||||
/** Returns appropriate test labels if {@code tld} is for RST testing; otherwise returns empty. */
|
||||
public static Optional<ClaimsList> getClaimsList(String tld) {
|
||||
return getRstEnvironment(tld).map(CLAIMS_CACHE::get).flatMap(Supplier::get);
|
||||
}
|
||||
|
||||
/** Returns appropriate test labels if {@code tld} is for RST testing; otherwise returns empty. */
|
||||
public static Optional<SignedMarkRevocationList> getSmdrList(String tld) {
|
||||
return getRstEnvironment(tld).map(SMDRL_CACHE::get).flatMap(Supplier::get);
|
||||
}
|
||||
|
||||
static Optional<RstEnvironment> getRstEnvironment(String tld) {
|
||||
if (!RegistryEnvironment.get().equals(SANDBOX)) {
|
||||
return Optional.empty();
|
||||
}
|
||||
if (tld.startsWith("cc-rst-test-")) {
|
||||
return Optional.of(OTE);
|
||||
}
|
||||
if (tld.startsWith("zz--")) {
|
||||
return Optional.of(PROD);
|
||||
}
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
private static Optional<ClaimsList> getClaimsList(RstEnvironment rstEnvironment) {
|
||||
if (!RegistryEnvironment.get().equals(SANDBOX)) {
|
||||
return Optional.empty();
|
||||
}
|
||||
String resourceName = rstEnvironment.name().toLowerCase(Locale.ROOT) + ".rst.dnl.csv";
|
||||
URL resource = getResource(RstTmchUtils.class, resourceName);
|
||||
try {
|
||||
return Optional.of(ClaimsListParser.parse(readLines(resource, UTF_8)));
|
||||
} catch (IOException e) {
|
||||
// Do not throw.
|
||||
logger.atSevere().withCause(e).log(
|
||||
"Could not load Claims list %s for %s in Sandbox.", resourceName, rstEnvironment);
|
||||
return Optional.empty();
|
||||
}
|
||||
}
|
||||
|
||||
private static Optional<SignedMarkRevocationList> getSmdrList(RstEnvironment rstEnvironment) {
|
||||
if (!RegistryEnvironment.get().equals(SANDBOX)) {
|
||||
return Optional.empty();
|
||||
}
|
||||
String resourceName = rstEnvironment.name().toLowerCase(Locale.ROOT) + ".rst.smdrl.csv";
|
||||
URL resource = getResource(RstTmchUtils.class, resourceName);
|
||||
try {
|
||||
return Optional.of(SmdrlCsvParser.parse(readLines(resource, UTF_8)));
|
||||
} catch (IOException e) {
|
||||
// Do not throw.
|
||||
logger.atSevere().withCause(e).log(
|
||||
"Could not load SMDR list %s for %s in Sandbox.", resourceName, rstEnvironment);
|
||||
return Optional.empty();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -19,7 +19,6 @@ import static com.google.common.base.Preconditions.checkState;
|
||||
import com.google.common.base.Ascii;
|
||||
import google.registry.model.EppResource;
|
||||
import google.registry.model.ForeignKeyUtils;
|
||||
import google.registry.model.contact.Contact;
|
||||
import google.registry.model.domain.Domain;
|
||||
import google.registry.model.host.Host;
|
||||
import google.registry.persistence.VKey;
|
||||
@@ -30,7 +29,6 @@ class CommandUtilities {
|
||||
|
||||
/** A useful parameter enum for commands that operate on {@link EppResource} objects. */
|
||||
public enum ResourceType {
|
||||
CONTACT(Contact.class),
|
||||
HOST(Host.class),
|
||||
DOMAIN(Domain.class);
|
||||
|
||||
|
||||
@@ -1,135 +0,0 @@
|
||||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.tools;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static com.google.common.base.Strings.isNullOrEmpty;
|
||||
|
||||
import com.beust.jcommander.Parameter;
|
||||
import com.beust.jcommander.Parameters;
|
||||
import com.google.template.soy.data.SoyMapData;
|
||||
import google.registry.tools.params.PhoneNumberParameter;
|
||||
import google.registry.tools.soy.ContactCreateSoyInfo;
|
||||
import google.registry.util.StringGenerator;
|
||||
import jakarta.inject.Inject;
|
||||
import jakarta.inject.Named;
|
||||
import java.util.List;
|
||||
|
||||
/** A command to create a new contact via EPP. */
|
||||
@Parameters(separators = " =", commandDescription = "Create a new contact via EPP.")
|
||||
final class CreateContactCommand extends MutatingEppToolCommand {
|
||||
|
||||
// TODO(b/19016175): Expand to allow full suite of contact flows.
|
||||
@Parameter(
|
||||
names = {"-c", "--client"},
|
||||
description = "Client identifier of the registrar to execute the command as",
|
||||
required = true)
|
||||
String clientId;
|
||||
|
||||
@Parameter(
|
||||
names = {"-i", "--id"},
|
||||
description = "Contact ID.")
|
||||
private String id;
|
||||
|
||||
@Parameter(
|
||||
names = {"-n", "--name"},
|
||||
description = "Contact name.")
|
||||
private String name;
|
||||
|
||||
@Parameter(
|
||||
names = {"-o", "--org"},
|
||||
description = "Organization")
|
||||
private String org;
|
||||
|
||||
@Parameter(
|
||||
names = "--street",
|
||||
description = "Street lines of address. Can take up to 3 lines.",
|
||||
variableArity = true)
|
||||
private List<String> street;
|
||||
|
||||
@Parameter(
|
||||
names = "--city",
|
||||
description = "City of address.")
|
||||
private String city;
|
||||
|
||||
@Parameter(
|
||||
names = "--state",
|
||||
description = "State of address.")
|
||||
private String state;
|
||||
|
||||
@Parameter(
|
||||
names = {"-z", "--zip"},
|
||||
description = "Postal code of address.")
|
||||
private String zip;
|
||||
|
||||
@Parameter(
|
||||
names = "--cc",
|
||||
description = "Country code of address.")
|
||||
private String cc;
|
||||
|
||||
@Parameter(
|
||||
names = "--phone",
|
||||
description = "E.164 phone number, e.g. +1.2125650666",
|
||||
converter = PhoneNumberParameter.class,
|
||||
validateWith = PhoneNumberParameter.class)
|
||||
String phone;
|
||||
|
||||
@Parameter(
|
||||
names = "--fax",
|
||||
description = "E.164 fax number, e.g. +1.2125650666",
|
||||
converter = PhoneNumberParameter.class,
|
||||
validateWith = PhoneNumberParameter.class)
|
||||
String fax;
|
||||
|
||||
@Parameter(
|
||||
names = {"-e", "--email"},
|
||||
description = "Email address.")
|
||||
private String email;
|
||||
|
||||
@Parameter(
|
||||
names = {"-p", "--password"},
|
||||
description = "Password. Optional, randomly generated if not provided.")
|
||||
private String password;
|
||||
|
||||
@Inject
|
||||
@Named("base64StringGenerator")
|
||||
StringGenerator passwordGenerator;
|
||||
|
||||
private static final int PASSWORD_LENGTH = 16;
|
||||
|
||||
@Override
|
||||
protected void initMutatingEppToolCommand() {
|
||||
if (isNullOrEmpty(password)) {
|
||||
password = passwordGenerator.createString(PASSWORD_LENGTH);
|
||||
}
|
||||
checkArgument(street == null || street.size() <= 3,
|
||||
"Addresses must contain at most 3 street lines.");
|
||||
|
||||
setSoyTemplate(ContactCreateSoyInfo.getInstance(), ContactCreateSoyInfo.CONTACTCREATE);
|
||||
addSoyRecord(clientId, new SoyMapData(
|
||||
"id", id,
|
||||
"name", name,
|
||||
"org", org,
|
||||
"street", street,
|
||||
"city", city,
|
||||
"state", state,
|
||||
"zip", zip,
|
||||
"cc", cc,
|
||||
"phone", phone,
|
||||
"fax", fax,
|
||||
"email", email,
|
||||
"password", password));
|
||||
}
|
||||
}
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user