Started to add information on all the limitations of the current sand…

…box environment
Punktum-dk · May 7, 2021 · ed2ed7d · ed2ed7d
1 parent 43d2245
commit ed2ed7d
Showing 1 changed file with 116 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -1,11 +1,11 @@
-![DK Hostmaster Logo](https://www.dk-hostmaster.dk/sites/default/files/dk-logo_0.png)
+![DK Hostmaster Logo][DKHMLOGO]
 
 # DK Hostmaster Sandbox Environment Specification
 
 ![Markdownlint Action](https://github.com/DK-Hostmaster/sandbox-environment-specification/workflows/Markdownlint%20Action/badge.svg)
 ![Spellcheck Action](https://github.com/DK-Hostmaster/sandbox-environment-specification/workflows/Spellcheck%20Action/badge.svg)
 
-2019-07-30 Revision 2.2
+2021-05-07 Revision 2.3
 
 ## Table of Contents
 
@@ -27,6 +27,12 @@
   - [Additional Facilities](#additional-facilities)
     - [Domain Application Processing](#domain-application-processing)
 - [Implementation Requirements](#implementation-requirements)
+- [Sandbox Limitations](#sandbox-limitations)
+  - [Self-service Portal](self-service-portal)
+  - [Domain Creation and Order Confirmation](domain-creation-and-order-confirmation)
+  - [Privilege Grants](privilege-grants)
+  - [Role Acceptance For Domain Applications](#role-acceptance-for-domain-applications)
+  - [Host and Role Acceptance For Name Server Applications](#host-and-role-acceptance-for-name-applications)
 
 <!-- /MarkdownTOC -->
 
@@ -56,6 +62,10 @@ This document is copyright by DK Hostmaster A/S and is licensed under the MIT Li
 <a id="document-history"></a>
 ### Document History
 
+2.3 2021-05-07
+
+- Added new section on sandbox limitations
+
 2.2 2019-07-30
 
 - Added more test data
@@ -155,3 +165,107 @@ Please see the specific service specification for details:
 - For details on the service version etc. please see [the EPP Service Wiki](https://github.com/DK-Hostmaster/epp-service-specification/wiki)
 - [DK Hostmaster RP Service Specification](https://github.com/DK-Hostmaster/rp-service-specification)
 - For details on the service version etc. please see [the RP Service Wiki](https://github.com/DK-Hostmaster/rp-service-specification/wiki)
+
+<a id="sandbox-limitations"></a>
+## Sandbox Limitations
+
+<a id="self-service-portal"></a>
+### Self-service Portal
+
+As listed under the available services, a self-service portal aimed at end-users, meaning non-registrars is not available.
+
+This mean that processes relying on registrant interaction are not possible, simulation can be implemented where this is possible, please see the list of specific limitations below.
+
+<a id="domain-creation-and-order-confirmation"></a>
+### Domain Creation and Order Confirmation
+
+As described in the ["Implementation guide for registration of .dk"][IMPLGUIDE] there are two methods for registration of domain names.
+
+1. Method 1: Requires that the accept of terms and conditions is done at the registrar and this is communicated via the application
+1. Method 2: Requires that the accept of terms and conditions is done at the registry (with DK Hostmaster)
+
+Method 2 can at this time not be simulated, as described in the section on the self-service portal.
+
+The recommended way to a bypass this is by using method 1, eventhough this might not match you final implementation.
+
+The bypass can be accomplished by adding a time stamp to the application, whether it is via: EPP or the registrar portal (RP)
+
+Please see the below references for details:
+
+- [DK Hostmaster EPP Service Specification: create domain](https://github.com/DK-Hostmaster/epp-service-specification#create-domain)
+- [DK Hostmaster RP Service Specification: Domain Application](https://github.com/DK-Hostmaster/rp-service-specification#domain-application)
+
+<a id="privilege-grants"></a>
+### Privilege Grants
+
+When operations are being completed in the sandbox services, privileges might change and privileges are granted and revoked based on business rules.
+
+The privileges and business rules implemented in the sandbox environment are unchanged from the production environment and hence this can be quite strict.
+
+We aim to implement simulated interactions with external components or user entities where possible to simulate a production like flow and to avoid any blocking process steps.
+
+When an application is approved and a domain is created, it requires an acknowledgement from our finance syste. A finance system is not available in our sandbox environment so this is simulated. This mean that the initial privileges granted to registrant, registrar etc. are activated.
+
+<a id="sandbox-limitations"></a>
+### Role Acceptance For Domain Applications
+
+When an application is processed and the contacts assigned to the roles of:
+
+- Proxy/admin
+- Billing
+
+Are pointing to user entities:
+
+- not equal to the registrant
+- not equal to the applicant (registrar)
+- not a member of the registrar account group
+
+An accept of the role is required.
+
+In production this is accomplished using the self-service portal.
+
+As stated in the section on the self-service portal, a instance of this portal is not available in the sandbox environment, so this accept cannot be collected.
+
+Currently the acceptance is not simulated either.
+
+The recommendation is to point to users associated with the registrar account group, so the collection is not required.
+
+For details on registrar account groups, please see - [DK Hostmaster RP Service Specification: registrar account group](https://github.com/DK-Hostmaster/rp-service-specification#registrar-account-group)
+
+<a id="sandbox-limitations"></a>
+### Host and Role Acceptance For Name Server Applications
+
+When an application for creation of a name server is processed there are a number of possible scenarios depending on the data submitted with the application.
+
+If the hostname of the name server is a subordinate to to a .dk domain name and the domain name is under registrant management the application require the approval of the registrant.
+
+This approval has to be accomplished in our self-service platform. So this is currently not possible.
+
+For domain names under registrar managment, this approval is not necessary.
+
+To bypass this step, it is recommended to create name servers for domain names under registrar management and in own portfolio.
+
+See additional references:
+
+- [DK Hostmaster EPP Service Specification: create host](https://github.com/DK-Hostmaster/epp-service-specification#create-domain)
+- [DK Hostmaster RP Service Specification: Name Server Application](https://github.com/DK-Hostmaster/rp-service-specification#name-server-application)
+
+Next up is the evaluation of the designated name server administrator (NSA).
+
+1. If the designated user is the same as the requestor, approval of the role should not required (it is implicit)
+1. If the requester and the designated user is in the same registrar account group the same rule apply
+1. If the designated user is not the same as the requester and they are not related by group, the role has to be accepted by the designed name server administrator
+    - If the user is not in a registrar group, the user has to accept the role via the self-service portal, which is currently not available in the sandbox environment
+    - If the user is in another registrar group, this has to be accomplished in the registrar portal. Do note that this is a somewhat constructed  scenario, since it would mean that name server administrators are appointed across registrar groups, there is however no reason not to support this, since it comes with the implementation, which handles the above scenario
+
+To bypass this step, it is recommended to appoint name server adminstrators in own registrar account group.
+
+For details on registrar account groups, please see - [DK Hostmaster RP Service Specification: registrar account group](https://github.com/DK-Hostmaster/rp-service-specification#registrar-account-group)
+
+See the same additional references for details on name server/host creation:
+
+- [DK Hostmaster EPP Service Specification: create host](https://github.com/DK-Hostmaster/epp-service-specification#create-domain)
+- [DK Hostmaster RP Service Specification: Name Server Application](https://github.com/DK-Hostmaster/rp-service-specification#name-server-application)
+
+[DKHMLOGO]: https://www.dk-hostmaster.dk/sites/default/files/dk-logo_0.png
+[IMPLGUIDE]: https://www.dk-hostmaster.dk/en/implementation-guide-registration-dk