diff --git a/src/main/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidator.java b/src/main/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidator.java index f3062fc2..30e04c0d 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidator.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidator.java @@ -1,13 +1,17 @@ package net.hostsharing.hsadminng.hs.booking.item.validators; +import net.hostsharing.hsadminng.hs.booking.item.HsBookingItem; import net.hostsharing.hsadminng.mapper.Array; +import java.util.ArrayList; +import java.util.List; + import static net.hostsharing.hsadminng.hs.validation.StringProperty.stringProperty; class HsDomainSetupBookingItemValidator extends HsBookingItemEntityValidator { public static final String FQDN_REGEX = "^((?!-)[A-Za-z0-9-]{1,63}(? validateEntity(final HsBookingItem bookingItem) { + final var violations = new ArrayList(); + final var domainName = bookingItem.getDirectValue(DOMAIN_NAME_PROPERTY_NAME, String.class); + if ( !bookingItem.isLoaded() && + domainName.matches("hostsharing.(com|net|org|coop)") ) { + violations.add("'" + bookingItem.toShortString() + ".resources." + DOMAIN_NAME_PROPERTY_NAME + "' = '" + domainName + "' is a forbidden Hostsharing domain name"); + } + violations.addAll(super.validateEntity(bookingItem)); + return violations; + } } diff --git a/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsDomainSetupHostingAssetValidator.java b/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsDomainSetupHostingAssetValidator.java index 8701d2fe..ea306453 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsDomainSetupHostingAssetValidator.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsDomainSetupHostingAssetValidator.java @@ -25,20 +25,6 @@ class HsDomainSetupHostingAssetValidator extends HostingAssetEntityValidator { public List validateEntity(final HsHostingAsset assetEntity) { // TODO.impl: for newly created entities, check the permission of setting up a domain // - // reject, if the domain is any of these: - // hostsharing.com|net|org|coop, // just to be on the safe side - // [^.}+, // top-level-domain - // co.uk, org.uk, gov.uk, ac.uk, sch.uk, - // com.au, net.au, org.au, edu.au, gov.au, asn.au, id.au, - // co.jp, ne.jp, or.jp, ac.jp, go.jp, - // com.cn, net.cn, org.cn, gov.cn, edu.cn, ac.cn, - // com.br, net.br, org.br, gov.br, edu.br, mil.br, art.br, - // co.in, net.in, org.in, gen.in, firm.in, ind.in, - // com.mx, net.mx, org.mx, gob.mx, edu.mx, - // gov.it, edu.it, - // co.nz, net.nz, org.nz, govt.nz, ac.nz, school.nz, geek.nz, kiwi.nz, - // co.kr, ne.kr, or.kr, go.kr, re.kr, pe.kr - // // allow if // - user has Admin/Agent-role for all its sub-domains and the direct parent-Domain which are set up at at Hostsharing // - domain has DNS zone with TXT record approval diff --git a/src/test/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidatorUnitTest.java b/src/test/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidatorUnitTest.java index 7305967b..40f9d4cd 100644 --- a/src/test/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidatorUnitTest.java +++ b/src/test/java/net/hostsharing/hsadminng/hs/booking/item/validators/HsDomainSetupBookingItemValidatorUnitTest.java @@ -11,7 +11,6 @@ import jakarta.persistence.EntityManager; import java.util.Map; import static java.util.Map.entry; -import static net.hostsharing.hsadminng.hs.booking.item.HsBookingItemType.CLOUD_SERVER; import static net.hostsharing.hsadminng.hs.booking.item.HsBookingItemType.DOMAIN_SETUP; import static org.assertj.core.api.Assertions.assertThat; @@ -29,7 +28,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { @Test void acceptsUnregisteredDomain() { // given - final var cloudServerBookingItemEntity = HsBookingItemRealEntity.builder() + final var domainSetupBookingItemEntity = HsBookingItemRealEntity.builder() .type(DOMAIN_SETUP) .project(project) .caption("Test-Domain") @@ -39,7 +38,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { .build(); // when - final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, cloudServerBookingItemEntity); + final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, domainSetupBookingItemEntity); // then assertThat(result).isEmpty(); @@ -48,7 +47,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { @Test void rejectsTopLevelDomain() { // given - final var cloudServerBookingItemEntity = HsBookingItemRealEntity.builder() + final var domainSetupBookingItemEntity = HsBookingItemRealEntity.builder() .type(DOMAIN_SETUP) .project(project) .caption("Test-Domain") @@ -58,7 +57,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { .build(); // when - final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, cloudServerBookingItemEntity); + final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, domainSetupBookingItemEntity); // then assertThat(result).containsExactly("'D-12345:Test-Project:Test-Domain.resources.domainName' = 'org' is not a (non-top-level) fully qualified domain name"); @@ -79,7 +78,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { }) void reject2ndLevelRegistrarDomain(final String secondLevelRegistrarDomain) { // given - final var cloudServerBookingItemEntity = HsBookingItemRealEntity.builder() + final var domainSetupBookingItemEntity = HsBookingItemRealEntity.builder() .type(DOMAIN_SETUP) .project(project) .caption("Test-Domain") @@ -89,7 +88,7 @@ class HsDomainSetupBookingItemValidatorUnitTest { .build(); // when - final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, cloudServerBookingItemEntity); + final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, domainSetupBookingItemEntity); // then assertThat(result).containsExactly( @@ -98,6 +97,31 @@ class HsDomainSetupBookingItemValidatorUnitTest { "' is a forbidden registrar-level domain name"); } + @ParameterizedTest + @ValueSource(strings = { + "hostsharing.net", "hostsharing.org", "hostsharing.com", "hostsharing.coop" + }) + void rejectHostsharingDomain(final String secondLevelRegistrarDomain) { + // given + final var domainSetupBookingItemEntity = HsBookingItemRealEntity.builder() + .type(DOMAIN_SETUP) + .project(project) + .caption("Test-Domain") + .resources(Map.ofEntries( + entry("domainName", secondLevelRegistrarDomain) + )) + .build(); + + // when + final var result = HsBookingItemEntityValidatorRegistry.doValidate(em, domainSetupBookingItemEntity); + + // then + assertThat(result).containsExactly( + "'D-12345:Test-Project:Test-Domain.resources.domainName' = '" + + secondLevelRegistrarDomain + + "' is a forbidden Hostsharing domain name"); + } + @Test void containsAllValidations() { // when diff --git a/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java b/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java index 306337bb..8b04bbb0 100644 --- a/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java +++ b/src/test/java/net/hostsharing/hsadminng/hs/hosting/asset/HsHostingAssetControllerAcceptanceTest.java @@ -256,6 +256,8 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup .project(givenProject) .type(HsBookingItemType.DOMAIN_SETUP) .caption("some temp domain setup booking item") + .resources(Map.ofEntries( + entry("domainName", "example.org"))) .build() );