diff --git a/api/src/domain/mutations/__tests__/remove-domain.test.js b/api/src/domain/mutations/__tests__/remove-domain.test.js index 24f8eba50..4ca5e3cac 100644 --- a/api/src/domain/mutations/__tests__/remove-domain.test.js +++ b/api/src/domain/mutations/__tests__/remove-domain.test.js @@ -3424,7 +3424,7 @@ describe('removing a domain', () => { removeDomain: { result: { code: 403, - description: 'Permission Denied: Please contact super admin for help with removing domain.', + description: 'Permission Denied: Please contact organization admin for help with removing domain.', }, }, }, @@ -3432,7 +3432,7 @@ describe('removing a domain', () => { expect(response).toEqual(error) expect(consoleOutput).toEqual([ - `User: 123 attempted to remove domain.gc.ca in temp-org but does not have permission to remove a domain from a verified check org.`, + `User: 123 attempted to remove domain.gc.ca in temp-org however they do not have permission in that org.`, ]) }) }) @@ -3499,7 +3499,7 @@ describe('removing a domain', () => { removeDomain: { result: { code: 403, - description: 'Permission Denied: Please contact super admin for help with removing domain.', + description: 'Permission Denied: Please contact organization admin for help with removing domain.', }, }, }, @@ -3507,7 +3507,7 @@ describe('removing a domain', () => { expect(response).toEqual(error) expect(consoleOutput).toEqual([ - `User: 123 attempted to remove domain.gc.ca in temp-org but does not have permission to remove a domain from a verified check org.`, + `User: 123 attempted to remove domain.gc.ca in temp-org however they do not have permission in that org.`, ]) }) }) @@ -4572,7 +4572,7 @@ describe('removing a domain', () => { result: { code: 403, description: - "Permission refusée : Veuillez contacter l'utilisateur de l'organisation pour obtenir de l'aide sur la mise à jour de ce domaine.", + "Permission refusée : Veuillez contacter l'administrateur de l'organisation pour obtenir de l'aide afin de supprimer le domaine.", }, }, }, @@ -4580,7 +4580,7 @@ describe('removing a domain', () => { expect(response).toEqual(error) expect(consoleOutput).toEqual([ - `User: 123 attempted to remove domain.gc.ca in temp-org but does not have permission to remove a domain from a verified check org.`, + `User: 123 attempted to remove domain.gc.ca in temp-org however they do not have permission in that org.`, ]) }) }) @@ -4648,7 +4648,7 @@ describe('removing a domain', () => { result: { code: 403, description: - "Permission refusée : Veuillez contacter l'utilisateur de l'organisation pour obtenir de l'aide sur la mise à jour de ce domaine.", + "Permission refusée : Veuillez contacter l'administrateur de l'organisation pour obtenir de l'aide afin de supprimer le domaine.", }, }, }, @@ -4656,7 +4656,7 @@ describe('removing a domain', () => { expect(response).toEqual(error) expect(consoleOutput).toEqual([ - `User: 123 attempted to remove domain.gc.ca in temp-org but does not have permission to remove a domain from a verified check org.`, + `User: 123 attempted to remove domain.gc.ca in temp-org however they do not have permission in that org.`, ]) }) }) diff --git a/api/src/domain/mutations/remove-domain.js b/api/src/domain/mutations/remove-domain.js index dffa9eb78..13098c91f 100644 --- a/api/src/domain/mutations/remove-domain.js +++ b/api/src/domain/mutations/remove-domain.js @@ -84,26 +84,27 @@ export const removeDomain = new mutationWithClientMutationId({ // Get permission const permission = await checkPermission({ orgId: org._id }) - // Check to see if domain belongs to verified check org - if (org.verified && permission !== 'super_admin') { + if (permission !== 'super_admin' && permission !== 'admin') { console.warn( - `User: ${userKey} attempted to remove ${domain.domain} in ${org.slug} but does not have permission to remove a domain from a verified check org.`, + `User: ${userKey} attempted to remove ${domain.domain} in ${org.slug} however they do not have permission in that org.`, ) return { _type: 'error', code: 403, - description: i18n._(t`Permission Denied: Please contact super admin for help with removing domain.`), + description: i18n._(t`Permission Denied: Please contact organization admin for help with removing domain.`), } } - if (permission !== 'super_admin' && permission !== 'admin') { + // Check to see if domain belongs to verified check org + // if domain returns NXDOMAIN, allow removal + if (org.verified && permission !== 'super_admin' && domain.rcode !== 'NXDOMAIN') { console.warn( - `User: ${userKey} attempted to remove ${domain.domain} in ${org.slug} however they do not have permission in that org.`, + `User: ${userKey} attempted to remove ${domain.domain} in ${org.slug} but does not have permission to remove a domain from a verified check org.`, ) return { _type: 'error', code: 403, - description: i18n._(t`Permission Denied: Please contact organization admin for help with removing domain.`), + description: i18n._(t`Permission Denied: Please contact super admin for help with removing domain.`), } } diff --git a/frontend/src/admin/AdminDomainCard.js b/frontend/src/admin/AdminDomainCard.js index cad20ca49..aa89a109d 100644 --- a/frontend/src/admin/AdminDomainCard.js +++ b/frontend/src/admin/AdminDomainCard.js @@ -6,7 +6,7 @@ import { ExternalLinkIcon } from '@chakra-ui/icons' import { sanitizeUrl } from '../utilities/sanitizeUrl' -export function AdminDomainCard({ url, tags, isHidden, isArchived, ...rest }) { +export function AdminDomainCard({ url, tags, isHidden, isArchived, rcode, ...rest }) { return ( @@ -35,6 +35,11 @@ export function AdminDomainCard({ url, tags, isHidden, isArchived, ...rest }) { ) })} + {rcode === 'NXDOMAIN' && ( + + NXDOMAIN + + )} {isHidden && ( @@ -59,4 +64,5 @@ AdminDomainCard.propTypes = { tags: array, isHidden: bool, isArchived: bool, + rcode: string, } diff --git a/frontend/src/admin/AdminDomains.js b/frontend/src/admin/AdminDomains.js index 6a86ca4c3..00eded66f 100644 --- a/frontend/src/admin/AdminDomains.js +++ b/frontend/src/admin/AdminDomains.js @@ -48,8 +48,12 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { const { i18n } = useLingui() const [newDomainUrl, setNewDomainUrl] = useState('') - const [selectedRemoveDomainUrl, setSelectedRemoveDomainUrl] = useState() - const [selectedRemoveDomainId, setSelectedRemoveDomainId] = useState() + const [selectedRemoveProps, setSelectedRemoveProps] = useState({ + domain: '', + domainId: '', + rcode: '', + }) + // const [selectedRemoveDomainId, setSelectedRemoveDomainId] = useState() const [debouncedSearchTerm, setDebouncedSearchTerm] = useState('') const [modalProps, setModalProps] = useState({ hidden: false, @@ -61,34 +65,19 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { editingDomainUrl: '', }) - const { - isOpen: updateIsOpen, - onOpen: updateOnOpen, - onClose: updateOnClose, - } = useDisclosure() - const { - isOpen: removeIsOpen, - onOpen: removeOnOpen, - onClose: removeOnClose, - } = useDisclosure() + const { isOpen: updateIsOpen, onOpen: updateOnOpen, onClose: updateOnClose } = useDisclosure() + const { isOpen: removeIsOpen, onOpen: removeOnOpen, onClose: removeOnClose } = useDisclosure() - const { - loading, - isLoadingMore, - error, - nodes, - next, - previous, - hasNextPage, - hasPreviousPage, - } = usePaginatedCollection({ - fetchForward: FORWARD, - recordsPerPage: domainsPerPage, - variables: { orgSlug, search: debouncedSearchTerm }, - relayRoot: 'findOrganizationBySlug.domains', - fetchPolicy: 'cache-and-network', - nextFetchPolicy: 'cache-first', - }) + const { loading, isLoadingMore, error, nodes, next, previous, hasNextPage, hasPreviousPage } = usePaginatedCollection( + { + fetchForward: FORWARD, + recordsPerPage: domainsPerPage, + variables: { orgSlug, search: debouncedSearchTerm }, + relayRoot: 'findOrganizationBySlug.domains', + fetchPolicy: 'cache-and-network', + nextFetchPolicy: 'cache-first', + }, + ) const memoizedSetDebouncedSearchTermCallback = useCallback(() => { setDebouncedSearchTerm(newDomainUrl) @@ -157,26 +146,14 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { )} > - {( - { - id: domainId, - domain, - selectors, - claimTags, - hidden, - archived, - organizations, - }, - index, - ) => ( + {({ id: domainId, domain, selectors, claimTags, hidden, archived, rcode, organizations }, index) => ( { - setSelectedRemoveDomainUrl(domain) - setSelectedRemoveDomainId(domainId) + setSelectedRemoveProps({ domain, domainId, rcode }) removeOnOpen() }} variant="danger" @@ -210,6 +187,7 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { tags={claimTags} isHidden={hidden} isArchived={archived} + rcode={rcode} locale={i18n.locale} flexGrow={1} fontSize={{ base: '75%', sm: '100%' }} @@ -241,21 +219,10 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { }} > - + Search: - + @@ -267,12 +234,7 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { onChange={(e) => setNewDomainUrl(e.target.value)} /> - @@ -300,16 +262,12 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { permission={permission} /> - + { removeDomain({ variables: { - domainId: selectedRemoveDomainId, + domainId: selectedRemoveProps.selectedRemoveDomainId, orgId: orgId, reason: values.reason, }, }) }} > - {({ handleSubmit, isSubmitting, handleChange }) => ( + {({ values, handleSubmit, isSubmitting, handleChange }) => (
Remove Domain @@ -335,15 +293,13 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { Confirm removal of domain: - {selectedRemoveDomainUrl} + {selectedRemoveProps.selectedRemoveDomainUrl} - A domain may only be removed for one of the reasons - below. For a domain to no longer exist, it must be - removed from the DNS. If you need to remove this domain - for a different reason, please contact TBS Cyber - Security. + A domain may only be removed for one of the reasons below. For a domain to no longer exist, it + must be removed from the DNS. If you need to remove this domain for a different reason, please + contact TBS Cyber Security. @@ -353,23 +309,20 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { @@ -377,12 +330,7 @@ export function AdminDomains({ orgSlug, domainsPerPage, orgId, permission }) { - diff --git a/frontend/src/fixtures/orgDomainListData.js b/frontend/src/fixtures/orgDomainListData.js index 5a2085e5b..e22a1b596 100644 --- a/frontend/src/fixtures/orgDomainListData.js +++ b/frontend/src/fixtures/orgDomainListData.js @@ -13,6 +13,10 @@ export const rawOrgDomainListData = { claimTags: [], archived: false, hidden: false, + rcode: 'NOERROR', + organizations: { + totalCount: 1, + }, __typename: 'Domain', }, __typename: 'DomainEdge', @@ -26,6 +30,10 @@ export const rawOrgDomainListData = { claimTags: [], archived: false, hidden: false, + rcode: 'NOERROR', + organizations: { + totalCount: 1, + }, __typename: 'Domain', }, __typename: 'DomainEdge', @@ -39,6 +47,10 @@ export const rawOrgDomainListData = { claimTags: [], archived: false, hidden: false, + rcode: 'NOERROR', + organizations: { + totalCount: 1, + }, __typename: 'Domain', }, __typename: 'DomainEdge', diff --git a/frontend/src/graphql/queries.js b/frontend/src/graphql/queries.js index 5c7560c3b..8c22907c0 100644 --- a/frontend/src/graphql/queries.js +++ b/frontend/src/graphql/queries.js @@ -189,6 +189,7 @@ export const PAGINATED_ORG_DOMAINS_ADMIN_PAGE = gql` claimTags hidden archived + rcode organizations(first: 1) { totalCount }