def prepare_tester_account(email='*****@*****.**', account_password='******', is_staff=False, account_balance=None,
automatic_renewal_enabled=True, email_notifications_enabled=True, join_date=None):
tester = zusers.find_account(email)
if not tester:
tester = zusers.create_account(
email,
account_password=account_password,
is_active=True,
person_name='Tester Tester',
organization_name='TestingCorp',
address_street='TestStreet',
address_city='TestCity',
address_province='TestProvince',
address_postal_code='TestPostalCode',
address_country='AI',
contact_voice='1234567890',
contact_fax='1234567890',
contact_email=email,
automatic_renewal_enabled=automatic_renewal_enabled,
email_notifications_enabled=email_notifications_enabled,
)
if account_balance is not None:
tester.balance = account_balance
if is_staff:
tester.is_staff = True
if join_date:
tester.date_joined = join_date
tester.save()
return tester
def create_user(self,
email='*****@*****.**',
password='******',
**kwargs):
user = zusers.create_account(email=email,
account_password=password,
is_active=True)
self._passwords[user] = password
return user
def test_order_cancel_suspicious(self):
owner = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
order = Order.orders.create(owner=owner,
started_at=datetime.datetime(
2019, 3, 23, 13, 34, 0),
status='processed')
response = self.client.post(f'/billing/order/cancel/{order.id}/')
assert response.status_code == 400
def setUp(self):
self.account = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
self.account.profile.contact_email = '*****@*****.**'
self.account.profile.save()
registrant_info = copy.deepcopy(contact_person)
registrant_info['owner'] = self.account
Registrant.registrants.create(**registrant_info)
self.client.login(email='*****@*****.**', password='******')
def setUp(self):
self.account = zusers.create_account("*****@*****.**",
account_password="******",
is_active=False)
self.activation = Activation(code="12345", account=self.account)
self.activation.save()
self.activation.created_at = datetime.datetime.now(
) - datetime.timedelta(
minutes=settings.ACTIVATION_CODE_EXPIRING_MINUTE + 1)
self.activation.save(
) # First save adds auto_now_add=True, that's why we should override it and save again.
def test_domain_is_not_owned_by_other_user(self, mock_logging_critical):
zone = Zone.zones.create(name='ai')
account = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
Domain.domains.create(owner=account,
name='test.ai',
expiry_date=datetime.datetime(2099, 1, 1),
create_date=datetime.datetime(1970, 1, 1),
zone=zone)
response = self.client.post('/billing/order/create/',
data={'order_items': ['test.ai']})
assert response.status_code == 400
mock_logging_critical.assert_called_once()
def test_get_order_details_suspicious(self):
"""
User tries to reach another person's domain order details.
Test if user will get 400 bad request error.
"""
owner = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
Order.orders.create(owner=owner,
started_at=datetime.datetime(
2019, 3, 23, 13, 34, 0),
status='processed')
response = self.client.get('/billing/order/1/')
assert response.status_code == 400
def test_payment_is_from_other_user(self, mock_logging_critical):
"""
Tests process payment with transaction id which belongs to other user and
check if SuspiciousOperation is logged.
"""
account = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
Payment.payments.create(owner=account,
amount=100,
method='pay_4csonline',
transaction_id='12345',
started_at=datetime.datetime(2019, 3, 23),
status='paid')
response = self.client.get(f'/billing/4csonline/process/12345/')
assert response.status_code == 400
mock_logging_critical.assert_called_once_with(
'Invalid request, payment process raises SuspiciousOperation: '
'payment owner is not matching to request')
def prepare_tester_account(email='*****@*****.**', account_password='******'):
tester = zusers.find_account(email)
if not tester:
tester = zusers.create_account(
email,
account_password=account_password,
is_active=True,
person_name='Tester Tester',
organization_name='TestingCorp',
address_street='TestStreet',
address_city='TestCity',
address_province='TestProvince',
address_postal_code='TestPostalCode',
address_country='AI',
contact_voice='1234567890',
contact_fax='1234567890',
contact_email='*****@*****.**',
)
return tester
def domain_regenerate_from_csv_row(csv_row, headers, wanted_registrar='whois_ai', dry_run=True):
"""
"""
errors = []
try:
csv_record = split_csv_row(csv_row, headers)
csv_info = get_csv_domain_info(csv_row, headers)
domain = csv_info['name']
except Exception as exc:
errors.append('failed processing csv record: ' + str(exc))
return errors
if not zdomains.is_valid(domain):
#--- invalid domain name
errors.append('invalid domain name')
return errors
#--- lookup existing domain
known_domain = zdomains.domain_find(domain)
real_registrar_id = csv_record.get('registrar_id_9')
if wanted_registrar and real_registrar_id != wanted_registrar:
#--- belong to another registrar
errors.append('%s: csv record belongs to another registrar %s' % (domain, real_registrar_id, ))
return errors
real_expiry_date = csv_info['expiry_date']
real_create_date = csv_info['create_date']
real_epp_id = csv_record.get('roid_0')
real_auth_key = csv_record.get('auth_info_password_2')
real_registrant_contact_id = csv_record.get('registrant_contact_id_24')
real_admin_contact_id = csv_record.get('admin_contact_id_54')
real_tech_contact_id = csv_record.get('tech_contact_id_69')
real_billing_contact_id = csv_record.get('billing_contact_id_39')
real_registrant_email = csv_info['registrant']['contact_email']
real_admin_email = csv_info['admin']['contact_email']
real_tech_email = csv_info['tech']['contact_email']
real_billing_email = csv_info['billing']['contact_email']
real_nameservers = csv_info['nameservers']
known_expiry_date = None
known_create_date = None
known_epp_id = None
known_auth_key = None
known_registrant_contact_id = None
known_admin_contact_id = None
known_tech_contact_id = None
known_billing_contact_id = None
known_nameservers = ['', ] * 4
new_domain = None
new_registrant_contact = None
new_admin_contact = None
new_tech_contact = None
new_billing_contact = None
need_registrant = False
need_admin_contact = False
need_tech_contact = False
need_billing_contact = False
owner_account = zusers.find_account(real_registrant_email)
if not owner_account:
if dry_run:
errors.append('account %s not exist' % real_registrant_email)
return errors
#--- account check/create
new_password=zusers.generate_password(length=10)
owner_account = zusers.create_account(
email=real_registrant_email,
account_password=new_password,
is_active=True,
)
logger.info('generated new account and password for %s : %s', real_registrant_email, new_password)
if known_domain:
known_expiry_date = known_domain.expiry_date
known_create_date = known_domain.create_date
known_epp_id = known_domain.epp_id
known_auth_key = known_domain.auth_key
known_registrant_contact_id = None if not known_domain.registrant else known_domain.registrant.epp_id
known_admin_contact_id = None if not known_domain.contact_admin else known_domain.contact_admin.epp_id
known_billing_contact_id = None if not known_domain.contact_billing else known_domain.contact_billing.epp_id
known_tech_contact_id = None if not known_domain.contact_tech else known_domain.contact_tech.epp_id
known_nameservers = known_domain.list_nameservers()
if real_admin_contact_id or real_tech_contact_id or real_billing_contact_id:
if known_domain:
if not known_tech_contact_id and not known_admin_contact_id and not known_billing_contact_id:
if dry_run:
errors.append('%s: no contacts present for known domain' % domain)
return errors
else:
errors.append('%s: no csv contacts provided for domain' % domain)
return errors
if real_registrant_contact_id:
#--- registrant check
_errs, need_registrant = check_contact_to_be_created(
domain_name=domain,
known_epp_contact_id=known_registrant_contact_id,
real_epp_contact_id=real_registrant_contact_id,
real_owner=owner_account,
)
if dry_run:
errors.extend(_errs)
if real_admin_contact_id:
#--- admin contact check
_errs, need_admin_contact = check_contact_to_be_created(
domain_name=domain,
known_epp_contact_id=known_admin_contact_id,
real_epp_contact_id=real_admin_contact_id,
real_owner=owner_account,
)
if dry_run:
errors.extend(_errs)
if real_tech_contact_id:
#--- tech contact check
_errs, need_tech_contact = check_contact_to_be_created(
domain_name=domain,
known_epp_contact_id=known_tech_contact_id,
real_epp_contact_id=real_tech_contact_id,
real_owner=owner_account,
)
if dry_run:
errors.extend(_errs)
if real_billing_contact_id:
#--- billing contact check
_errs, need_billing_contact = check_contact_to_be_created(
domain_name=domain,
known_epp_contact_id=known_billing_contact_id,
real_epp_contact_id=real_billing_contact_id,
real_owner=owner_account,
)
if dry_run:
errors.extend(_errs)
if not dry_run:
if need_registrant:
#--- registrant create
new_registrant_contact = zcontacts.registrant_create(
epp_id=real_registrant_contact_id,
owner=owner_account,
**csv_info['registrant'],
)
# TODO: make sure contact was assigned to the domain
else:
zcontacts.registrant_update(
epp_id=real_registrant_contact_id,
**csv_info['registrant'],
)
if need_admin_contact:
#--- admin contact create
new_admin_contact = zcontacts.contact_create(
epp_id=real_admin_contact_id,
owner=owner_account,
**csv_info['admin'],
)
# TODO: make sure contact was assigned to the domain
else:
if real_admin_contact_id and real_admin_email:
zcontacts.contact_update(
epp_id=real_admin_contact_id,
**csv_info['admin'],
)
if need_tech_contact:
#--- tech contact create
new_tech_contact = zcontacts.contact_create(
epp_id=real_tech_contact_id,
owner=owner_account,
**csv_info['tech'],
)
# TODO: make sure contact was assigned to the domain
else:
if real_tech_contact_id and real_tech_email:
zcontacts.contact_update(
epp_id=real_tech_contact_id,
**csv_info['tech'],
)
if need_billing_contact:
#--- billing contact create
new_billing_contact = zcontacts.contact_create(
epp_id=real_billing_contact_id,
owner=owner_account,
**csv_info['billing'],
)
# TODO: make sure contact was assigned to the domain
else:
if real_billing_contact_id and real_billing_email:
zcontacts.contact_update(
epp_id=real_billing_contact_id,
**csv_info['billing'],
)
if not known_domain:
if dry_run:
#--- domain not found
errors.append('%s: domain not exist' % domain)
return errors
#--- create new domain
new_domain = zdomains.domain_create(
domain_name=domain,
owner=owner_account,
expiry_date=real_expiry_date,
create_date=real_create_date,
epp_id=real_epp_id,
auth_key=real_auth_key,
registrar=real_registrar_id,
registrant=new_registrant_contact,
contact_admin=new_admin_contact,
contact_tech=new_tech_contact,
contact_billing=new_billing_contact,
nameservers=real_nameservers,
)
if new_domain:
#--- DONE, new domain created
return []
if known_expiry_date:
dt = real_expiry_date - known_expiry_date
dt_hours = float(dt.total_seconds()) / (60.0 * 60.0)
if dt_hours >= 24:
#--- domain expiry date not in sync
if dry_run:
errors.append('expiry date not in sync for %s, known is %s, real is %s' % (
domain, known_expiry_date, real_expiry_date, ))
return errors
known_domain.expiry_date = real_expiry_date
known_domain.save()
logger.debug('known expiry date updated for %s : %s', known_domain, real_expiry_date)
else:
if known_domain:
#--- expiry date was not set
if real_expiry_date:
if dry_run:
errors.append('expiry date was not set for %s, real is %s' % (
domain, real_expiry_date, ))
return errors
known_domain.expiry_date = real_expiry_date
known_domain.save()
logger.debug('expiry date was not set, now updated for %s : %s', known_domain, real_expiry_date)
if known_create_date:
dt = real_create_date - known_create_date
dt_hours = float(dt.total_seconds()) / (60.0 * 60.0)
if dt_hours >= 24:
#--- domain create date not in sync
if dry_run:
errors.append('create date not in sync for %s, known is %s, real is %s' % (
domain, known_create_date, real_create_date, ))
return errors
known_domain.create_date = real_create_date
known_domain.save()
logger.debug('known create date updated for %s : %s', known_domain, real_create_date)
else:
if known_domain:
if real_create_date:
#--- create date was not set
if dry_run:
errors.append('create date was not set for %s, real is %s' % (
domain, real_create_date, ))
return errors
known_domain.create_date = real_create_date
known_domain.save()
logger.debug('create date was not set, now updated for %s : %s', known_domain, real_create_date)
#--- check known epp_id
if known_epp_id:
if known_epp_id != real_epp_id:
if dry_run:
errors.append('epp_id not in sync for %s, known is %s, real is %s' % (
domain, known_epp_id, real_epp_id, ))
return errors
known_domain.epp_id = real_epp_id
known_domain.save()
logger.debug('known epp_id for %s updated : %s', known_domain, real_epp_id)
else:
if real_epp_id:
if known_domain:
if dry_run:
errors.append('epp_id was not set for %s, real is %s' % (
domain, real_epp_id, ))
return errors
known_domain.epp_id = real_epp_id
known_domain.save()
logger.debug('epp_id was not set for %s, now updated : %s', known_domain, real_epp_id)
#--- check auth_key
if known_auth_key:
if known_auth_key != real_auth_key:
if dry_run:
errors.append('auth_key not in sync for %s, known is %s, real is %s' % (
domain, known_auth_key, real_auth_key, ))
return errors
known_domain.auth_key = real_auth_key
known_domain.save()
logger.debug('known auth_key for %s updated : %s', known_domain, real_auth_key)
else:
if real_auth_key:
if known_domain:
if dry_run:
errors.append('auth_key was not set for %s, real is %s' % (
domain, real_auth_key, ))
return errors
known_domain.auth_key = real_auth_key
known_domain.save()
logger.debug('auth_key was not set for %s, now updated : %s', known_domain, real_auth_key)
#--- check nameservers
for i in range(4):
if real_nameservers[i] != known_nameservers[i]:
if dry_run:
errors.append('nameserver at position %s not in sync for %s, known is %s, real is %s' % (
domain, known_nameservers[i], real_nameservers[i], ))
return errors
#--- update nameservers
if not dry_run:
zdomains.update_nameservers(known_domain, real_nameservers)
if errors and dry_run:
return errors
#--- DONE, existing domain updated
return errors
def setUp(self):
self.account = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
self.client.login(email='*****@*****.**', password='******')
def doDBCheckCreateUserAccount(self, *args, **kwargs):
"""
Action method.
"""
if self.known_registrant:
logger.info(
'registrant already known so skip creating user account')
return
known_owner = zusers.find_account(
self.current_registrant_info['email'])
if not known_owner:
known_owner = zusers.create_account(
email=self.current_registrant_info['email'],
account_password=zusers.generate_password(length=10),
also_profile=True,
is_active=True,
person_name=self.current_registrant_address_info.get(
'name', 'unknown'),
organization_name=self.current_registrant_address_info.get(
'org', 'unknown'),
address_street=self.current_registrant_address_info.get(
'street', 'unknown'),
address_city=self.current_registrant_address_info.get(
'city', 'unknown'),
address_province=self.current_registrant_address_info.get(
'sp', 'unknown'),
address_postal_code=self.current_registrant_address_info.get(
'pc', 'unknown'),
address_country=self.current_registrant_address_info.get(
'cc', 'AF'),
contact_voice=zcontacts.extract_phone_number(
self.current_registrant_info.get('voice', '')),
contact_fax=zcontacts.extract_phone_number(
self.current_registrant_info.get('fax', '')),
contact_email=self.current_registrant_info['email'],
)
if not hasattr(known_owner, 'profile'):
zusers.create_profile(
known_owner,
person_name=self.current_registrant_address_info.get(
'name', 'unknown'),
organization_name=self.current_registrant_address_info.get(
'org', 'unknown'),
address_street=self.current_registrant_address_info.get(
'street', 'unknown'),
address_city=self.current_registrant_address_info.get(
'city', 'unknown'),
address_province=self.current_registrant_address_info.get(
'sp', 'unknown'),
address_postal_code=self.current_registrant_address_info.get(
'pc', 'unknown'),
address_country=self.current_registrant_address_info.get(
'cc', 'AF'),
contact_voice=zcontacts.extract_phone_number(
self.current_registrant_info.get('voice', '')),
contact_fax=zcontacts.extract_phone_number(
self.current_registrant_info.get('fax', '')),
contact_email=self.current_registrant_info['email'],
)
self.received_registrant_epp_id = self.new_registrant_epp_id
self.known_registrant = zcontacts.registrant_find(
epp_id=self.received_registrant_epp_id)
if not self.known_registrant:
logger.info('new registrant will be created for %r', known_owner)
self.known_registrant = zcontacts.registrant_create_from_profile(
owner=known_owner,
profile_object=known_owner.profile,
epp_id=self.received_registrant_epp_id,
)
if self.target_domain:
zdomains.domain_detach_contact(self.target_domain, 'admin')
zdomains.domain_detach_contact(self.target_domain, 'billing')
zdomains.domain_detach_contact(self.target_domain, 'tech')
self.new_domain_contacts.pop('admin', None)
self.new_domain_contacts.pop('billing', None)
self.new_domain_contacts.pop('tech', None)
if self.target_domain:
self.target_domain.refresh_from_db()
def test_order_execute_within_same_registrar(self, mock_sync_contacts,
mock_sync_backend,
mock_domain_set_auth_info):
account_to_transfer = zusers.create_account('*****@*****.**',
account_password='******',
is_active=True)
self.client.login(email='*****@*****.**', password='******')
Registrant.registrants.create(
person_name='TesterA',
organization_name='TestingCorporation',
address_street='Testers Boulevard 123',
address_city='Testopia',
address_province='TestingLands',
address_postal_code='1234AB',
address_country='NL',
contact_voice='+31612341234',
contact_fax='+31656785678',
contact_email='*****@*****.**',
owner=account_to_transfer)
# Create the order and order_item for the account_to_transfer
order = Order.orders.create(
owner=account_to_transfer,
started_at=datetime.datetime(2019, 3, 23, 13, 34, 0),
status='processed',
)
OrderItem.order_items.create(order=order,
type='domain_transfer',
price=0,
details={
'internal': True,
'transfer_code': 'abcd1234',
},
name='test.ai')
# Create a domain owned by previous user.
ai_zone = Zone.zones.create(name='ai')
Domain.domains.create(owner=self.account,
name='test.ai',
expiry_date=datetime.datetime(2099, 1, 1),
create_date=datetime.datetime(1970, 1, 1),
zone=ai_zone,
epp_id='epp2',
status='active',
auth_key='abcd1234')
# mock_sync_backend.return_value = []
response = self.client.post(f'/billing/order/process/{order.id}/')
assert response.status_code == 302
assert response.url == '/domains/'
# Check if backends is called to sync the domain info
mock_sync_contacts.assert_called_once()
mock_sync_backend.assert_called_once()
mock_domain_set_auth_info.assert_called_once()
# Check if domain is transfered to the new owner in database
transfered_domain = Domain.domains.filter(name='test.ai')[0]
assert transfered_domain.auth_key == ''
assert transfered_domain.owner == account_to_transfer
