diff --git a/test/fixtures/bsa_protected_domains.yml b/test/fixtures/bsa_protected_domains.yml
index 6d55d8a2ec..ce8913a379 100644
--- a/test/fixtures/bsa_protected_domains.yml
+++ b/test/fixtures/bsa_protected_domains.yml
@@ -1,7 +1,7 @@
one:
order_id: 1
suborder_id: 1
- domain_name: example1.ee
+ domain_name: example1.test
state: 2
registration_code: 1234567890
create_date: <%= Time.zone.parse('2010-07-05').to_s(:db) %>
@@ -10,7 +10,7 @@ one:
two:
order_id: 2
suborder_id: 2
- domain_name: example2.ee
+ domain_name: example2.test
state: 2
registration_code: 0987654321
create_date: <%= Time.zone.parse('2010-07-05').to_s(:db) %>
diff --git a/test/integration/epp/domain/create/base_test.rb b/test/integration/epp/domain/create/base_test.rb
index 180d165b35..8cce7c35ef 100644
--- a/test/integration/epp/domain/create/base_test.rb
+++ b/test/integration/epp/domain/create/base_test.rb
@@ -4,6 +4,8 @@ class EppDomainCreateBaseTest < EppTestCase
setup do
adapter = ENV["shunter_default_adapter"].constantize.new
adapter&.clear!
+
+ @bsa_domain = bsa_protected_domains(:one)
end
def test_illegal_chars_in_dns_key
@@ -937,4 +939,99 @@ def test_returns_error_response_if_throttled
ENV["shunter_default_threshold"] = '10000'
ENV["shunter_enabled"] = 'false'
end
+
+
+ def test_domain_cannnot_be_created_if_it_in_bsa_protected_list_through_epp
+ request_xml = <<-XML
+
+
+
+
+
+ #{@bsa_domain.domain_name}
+ #{contacts(:john).code}
+
+
+
+
+ #{'test' * 2000}
+
+
+
+
+ XML
+
+ assert_no_difference 'Domain.count' do
+ post epp_create_path, params: { frame: request_xml },
+ headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+ end
+ response_xml = Nokogiri::XML(response.body)
+ assert_correct_against_schema response_xml
+ assert_epp_response :required_parameter_missing
+ end
+
+ def test_bsa_protected_domain_can_be_created_with_valid_registration_code_through_epp
+ request_xml = <<-XML
+
+
+
+
+
+ #{@bsa_domain.domain_name}
+ #{contacts(:john).code}
+
+
+
+
+ #{'test' * 2000}
+
+ #{@bsa_domain.registration_code}
+
+
+
+
+
+ XML
+
+ assert_difference 'Domain.count' do
+ post epp_create_path, params: { frame: request_xml },
+ headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+ end
+ response_xml = Nokogiri::XML(response.body)
+ assert_correct_against_schema response_xml
+ assert_epp_response :completed_successfully
+ end
+
+ def test_bsa_protected_domain_cannot_be_created_with_invalid_registration_code_through_epp
+ request_xml = <<-XML
+
+
+
+
+
+ #{@bsa_domain.domain_name}
+ #{contacts(:john).code}
+
+
+
+
+ #{'test' * 2000}
+
+ invalid
+
+
+
+
+
+ XML
+
+ assert_no_difference 'Domain.count' do
+ post epp_create_path, params: { frame: request_xml },
+ headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+ end
+ response_xml = Nokogiri::XML(response.body)
+ assert_correct_against_schema response_xml
+
+ assert_epp_response :invalid_authorization_information
+ end
end
diff --git a/test/integration/repp/v1/domains/create_test.rb b/test/integration/repp/v1/domains/create_test.rb
index 7907e709ec..f725fd26aa 100644
--- a/test/integration/repp/v1/domains/create_test.rb
+++ b/test/integration/repp/v1/domains/create_test.rb
@@ -4,6 +4,7 @@ class ReppV1DomainsCreateTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
@domain = domains(:shop)
+ @bsa_domain = bsa_protected_domains(:one)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@@ -134,4 +135,72 @@ def test_creates_new_domain_with_desired_transfer_code
assert @user.registrar.domains.find_by(name: 'domeener.test').present?
assert_equal 'ABADIATS', @user.registrar.domains.find_by(name: 'domeener.test').transfer_code
end
+
+ def test_domain_cannnot_be_created_if_it_in_bsa_protected_list
+ @auth_headers['Content-Type'] = 'application/json'
+ contact = contacts(:john)
+
+ payload = {
+ domain: {
+ name: @bsa_domain.domain_name,
+ registrant: contact.code,
+ period: 1,
+ period_unit: 'y'
+ }
+ }
+
+ post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+ json = JSON.parse(response.body, symbolize_names: true)
+ assert_response :bad_request
+ assert_equal 2003, json[:code]
+ assert_equal 'Required parameter missing; reserved>pw element required for reserved domains', json[:message]
+
+ refute @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+ end
+
+ def test_bsa_protected_domain_can_be_created_with_valid_registration_code
+ @auth_headers['Content-Type'] = 'application/json'
+ contact = contacts(:john)
+
+ payload = {
+ domain: {
+ name: @bsa_domain.domain_name,
+ registrant: contact.code,
+ reserved_pw: @bsa_domain.registration_code,
+ period: 1,
+ period_unit: 'y'
+ }
+ }
+
+ post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+ json = JSON.parse(response.body, symbolize_names: true)
+ assert_response :ok
+ assert_equal 1000, json[:code]
+ assert_equal 'Command completed successfully', json[:message]
+
+ assert @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+ end
+
+ def test_bsa_protected_domain_cannot_be_created_with_invalid_registration_code
+ @auth_headers['Content-Type'] = 'application/json'
+ contact = contacts(:john)
+
+ payload = {
+ domain: {
+ name: @bsa_domain.domain_name,
+ registrant: contact.code,
+ reserved_pw: 'invalid_registration_code',
+ period: 1,
+ period_unit: 'y'
+ }
+ }
+
+ post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+ json = JSON.parse(response.body, symbolize_names: true)
+ assert_response :bad_request
+ assert_equal 2202, json[:code]
+ assert_equal 'Invalid authorization information; invalid reserved>pw value', json[:message]
+
+ refute @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+ end
end