From 2272e9ee42a8879585f3d4b8666493ee1f7addd1 Mon Sep 17 00:00:00 2001
From: Oleg Hasjanov <oleg.phenomenon@gmail.com>
Date: Thu, 19 Oct 2023 14:22:55 +0300
Subject: [PATCH] added tests for epp and repp request domain cration

---
 test/fixtures/bsa_protected_domains.yml       |  4 +-
 .../epp/domain/create/base_test.rb            | 97 +++++++++++++++++++
 .../repp/v1/domains/create_test.rb            | 69 +++++++++++++
 3 files changed, 168 insertions(+), 2 deletions(-)

diff --git a/test/fixtures/bsa_protected_domains.yml b/test/fixtures/bsa_protected_domains.yml
index 6d55d8a2ec..ce8913a379 100644
--- a/test/fixtures/bsa_protected_domains.yml
+++ b/test/fixtures/bsa_protected_domains.yml
@@ -1,7 +1,7 @@
 one:
   order_id: 1
   suborder_id: 1
-  domain_name: example1.ee
+  domain_name: example1.test
   state: 2
   registration_code: 1234567890
   create_date: <%= Time.zone.parse('2010-07-05').to_s(:db) %>
@@ -10,7 +10,7 @@ one:
 two:
   order_id: 2
   suborder_id: 2
-  domain_name: example2.ee
+  domain_name: example2.test
   state: 2
   registration_code: 0987654321
   create_date: <%= Time.zone.parse('2010-07-05').to_s(:db) %>
diff --git a/test/integration/epp/domain/create/base_test.rb b/test/integration/epp/domain/create/base_test.rb
index 180d165b35..8cce7c35ef 100644
--- a/test/integration/epp/domain/create/base_test.rb
+++ b/test/integration/epp/domain/create/base_test.rb
@@ -4,6 +4,8 @@ class EppDomainCreateBaseTest < EppTestCase
   setup do
     adapter = ENV["shunter_default_adapter"].constantize.new
     adapter&.clear!
+
+    @bsa_domain = bsa_protected_domains(:one)
   end
 
   def test_illegal_chars_in_dns_key
@@ -937,4 +939,99 @@ def test_returns_error_response_if_throttled
     ENV["shunter_default_threshold"] = '10000'
     ENV["shunter_enabled"] = 'false'
   end
+
+
+  def test_domain_cannnot_be_created_if_it_in_bsa_protected_list_through_epp
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
+        <command>
+          <create>
+            <domain:create xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
+              <domain:name>#{@bsa_domain.domain_name}</domain:name>
+              <domain:registrant>#{contacts(:john).code}</domain:registrant>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_no_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+    response_xml = Nokogiri::XML(response.body)
+    assert_correct_against_schema response_xml
+    assert_epp_response :required_parameter_missing
+  end
+
+  def test_bsa_protected_domain_can_be_created_with_valid_registration_code_through_epp
+    request_xml = <<-XML
+      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+      <epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
+        <command>
+          <create>
+            <domain:create xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
+              <domain:name>#{@bsa_domain.domain_name}</domain:name>
+              <domain:registrant>#{contacts(:john).code}</domain:registrant>
+            </domain:create>
+          </create>
+          <extension>
+            <eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
+              <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+              <eis:reserved>
+                <eis:pw>#{@bsa_domain.registration_code}</eis:pw>
+              </eis:reserved>
+            </eis:extdata>
+          </extension>
+        </command>
+      </epp>
+    XML
+
+    assert_difference 'Domain.count' do
+      post epp_create_path, params: { frame: request_xml },
+           headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+    end
+    response_xml = Nokogiri::XML(response.body)
+    assert_correct_against_schema response_xml
+    assert_epp_response :completed_successfully
+  end
+
+  def test_bsa_protected_domain_cannot_be_created_with_invalid_registration_code_through_epp
+    request_xml = <<-XML
+    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+    <epp xmlns="#{Xsd::Schema.filename(for_prefix: 'epp-ee', for_version: '1.0')}">
+      <command>
+        <create>
+          <domain:create xmlns:domain="#{Xsd::Schema.filename(for_prefix: 'domain-ee', for_version: '1.2')}">
+            <domain:name>#{@bsa_domain.domain_name}</domain:name>
+            <domain:registrant>#{contacts(:john).code}</domain:registrant>
+          </domain:create>
+        </create>
+        <extension>
+          <eis:extdata xmlns:eis="#{Xsd::Schema.filename(for_prefix: 'eis', for_version: '1.0')}">
+            <eis:legalDocument type="pdf">#{'test' * 2000}</eis:legalDocument>
+            <eis:reserved>
+              <eis:pw>invalid</eis:pw>
+            </eis:reserved>
+          </eis:extdata>
+        </extension>
+      </command>
+    </epp>
+  XML
+
+  assert_no_difference 'Domain.count' do
+    post epp_create_path, params: { frame: request_xml },
+         headers: { 'HTTP_COOKIE' => 'session=api_bestnames' }
+  end
+  response_xml = Nokogiri::XML(response.body)
+  assert_correct_against_schema response_xml
+
+  assert_epp_response :invalid_authorization_information
+  end
 end
diff --git a/test/integration/repp/v1/domains/create_test.rb b/test/integration/repp/v1/domains/create_test.rb
index 7907e709ec..f725fd26aa 100644
--- a/test/integration/repp/v1/domains/create_test.rb
+++ b/test/integration/repp/v1/domains/create_test.rb
@@ -4,6 +4,7 @@ class ReppV1DomainsCreateTest < ActionDispatch::IntegrationTest
   def setup
     @user = users(:api_bestnames)
     @domain = domains(:shop)
+    @bsa_domain = bsa_protected_domains(:one)
     token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
     token = "Basic #{token}"
 
@@ -134,4 +135,72 @@ def test_creates_new_domain_with_desired_transfer_code
     assert @user.registrar.domains.find_by(name: 'domeener.test').present?
     assert_equal 'ABADIATS', @user.registrar.domains.find_by(name: 'domeener.test').transfer_code
   end
+
+  def test_domain_cannnot_be_created_if_it_in_bsa_protected_list
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: @bsa_domain.domain_name,
+        registrant: contact.code,
+        period: 1,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2003, json[:code]
+    assert_equal 'Required parameter missing; reserved>pw element required for reserved domains', json[:message]
+
+    refute @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+  end
+
+  def test_bsa_protected_domain_can_be_created_with_valid_registration_code
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: @bsa_domain.domain_name,
+        registrant: contact.code,
+        reserved_pw: @bsa_domain.registration_code,
+        period: 1,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+  end
+
+  def test_bsa_protected_domain_cannot_be_created_with_invalid_registration_code
+    @auth_headers['Content-Type'] = 'application/json'
+    contact = contacts(:john)
+
+    payload = {
+      domain: {
+        name: @bsa_domain.domain_name,
+        registrant: contact.code,
+        reserved_pw: 'invalid_registration_code',
+        period: 1,
+        period_unit: 'y'
+      }
+    }
+
+    post "/repp/v1/domains", headers: @auth_headers, params: payload.to_json
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2202, json[:code]
+    assert_equal 'Invalid authorization information; invalid reserved>pw value', json[:message]
+
+    refute @user.registrar.domains.find_by(name: @bsa_domain.domain_name).present?
+  end
 end