=================
Fred-verification
=================

Fred-verification is a service for validation and verification of registry contacts' data.

Learn more about the project and our community on the `FRED's home page`__

.. _FRED: https://fred.nic.cz

__ FRED_

Configuration
=============

Verification searches for configuration files in following order:

1. Configuration file set by ``--config`` option of a command.
2. Configuration file set by ``VERIFICATION_CONFIG`` environment variable.
3. ``~/.fred/verification.conf``
4. ``/etc/fred/verification.conf``

The configuration file is in YAML format with following options:

``check_domains``
=================
Defines a configuration for a check of high ranked domains.
Can be defined as a mapping with following keys:

* ``count_limit`` sets a limit on number of domains owned by the contact to consider them high ranked.
Default is ``0``, i.e. no limit.
* ``notification_email`` sets an email address for sending a notification about verification being paused.
Default is ``None``, i.e. notifications disabled.
* ``rank_query`` contains a complete URL to retrieve a list of high ranked domains.
May use python format language with variables ``handle`` with a contact handle and ``last_month`` with a first date
of the last month.
* ``rank_headers`` may contain additional headers for the query. Empty by default.
* ``rank_timeout`` contains timeout for a connection. For possible values see documentation of ``requests`` library.
Default is ``3.05``.

Default is ``None``, i.e. check is disabled.

``checks``
----------
Definition of contact scoring checks.
The setting maps check name to its settings.
Each check setting has to define ``class`` with dotted path to a check class used and optionally keyword arguments for the check.
Example:

.. code-block:: yaml

checks:
ruian:
- class: verification.checks.RuianCheck
throttle: 42

By default, no checks are defined.

The order of the checks doesn't affect the scoring result.

``db_connection``
-----------------
A connection string to database.
See https://docs.sqlalchemy.org/core/engines.html#database-urls for possible values.
Default is ``sqlite:///:memory:``.

``db_echo``
-----------
Whether to log SQL statements.
Default is ``False``.

``db_poolclass``
----------------
Dotted path to a pool class.
See https://docs.sqlalchemy.org/core/pooling.html for details.
Default is ``None``, i.e. use SQLAlchemy default pool class.

``db_schema``
-------------
Which database schema name to use.
Default is ``None``, i.e. the default.

``dispersion``
==============
Defines a configuration for a verification dispersion, i.e. a new verification is created for a contact to which
a domain is transferred from a contact which is already being verified.
Can be defined as a mapping with following keys:

* ``max_age`` sets a number of days for which a contact is considered verified.
Applies to having a successful verification or one of ``transient_statuses`` status flags.
Default is ``0``, i.e. unlimited (all verifications are considered permanent).
* ``transient_statuses`` a list of status flag names that are considered as temporarily verified.
Default is ``[]``.
* ``verified_statuses`` a list of status flag names that are considered as permanently verified.
Default is ``[]``.

Default is ``None``, i.e. dispersion is disabled.

``fileman_netloc``
------------------

Network location, i.e. host and port, of the fileman server.
Default is ``localhost:50051``.

``fileman_ssl_cert``
--------------------

Path to file with SSL root certificate.
Default value is ``None``, i.e. no SSL encryption.

``grpc_jobs``
-------------
Set a number of jobs to start when running ``server`` command.
Default is 0, i.e. use all available processors.

``grpc_maximum_concurrent_rpcs``
--------------------------------
The maximum number of concurrent RPCs this server will service, see http://grpc.github.io/grpc/python/grpc.html#grpc.server.
Default is ``None``, i.e. no limit.

``grpc_options``
----------------
Custom options for a gRPC server.
Valid value is a list of key-value pairs.
Default is ``None``, i.e. use gRPC defaults.

``grpc_port``
-------------
Port to which the messenger gRPC service will bind and listen.
Default is 50051.

``logging``
-----------
Logging configuration, see https://docs.python.org/library/logging.config.html for possible values.
Default is ``None``, i.e. use ``logging`` defaults.

``messenger_netloc``
--------------------

Network location, i.e. host and port, of the messenger server.
Default is ``localhost:50051``.

``messenger_ssl_cert``
----------------------

Path to file with SSL root certificate.
Default value is ``None``, i.e. no SSL encryption.

``processors``
--------------
Definition of verification processors.
The setting maps processor name to its settings.
Each processor setting has to define ``class`` with dotted path to a processor class used and optionally keyword arguments for the processor.
Example:

.. code-block:: yaml

processors:
letter:
- class: verification.processors.LetterProcessor
outzone_limit: 42

By default, no processors are defined.

The order of the processors matter.
When a verification has no method activated, the first applicable processor is used instead.

``registry_netloc``
-------------------

Network location, i.e. host and port, of the registry server.
Default is ``localhost:50050``.

``registry_ssl_cert``
---------------------

Path to file with SSL root certificate.
Default value is ``None``, i.e. no SSL encryption.

``secretary_timeout``
---------------------

A timeout for connection to django-secretary service.
For possible values see documentation of ``requests`` library.
Default is ``3.05``.

``secretary_token``
-------------------

Token for authentication at django-secretary service.
Default is ``None``, i.e. no authentication.

``secretary_url``
-----------------

URL of django-secretary service API.
Default is ``http://localhost/``.

``sentry``
----------
Sentry settings in a nested structure.
May contain following keys:

* ``dsn`` contains data source name (DSN), see https://docs.sentry.io/product/sentry-basics/dsn-explainer/.
If not provided, Sentry client is not set up.
* ``environment`` may contain an environment identifier.
* ``release`` may contain a release identifier.
* ``ca_certs`` may contain a path to CA certificates file.

``test_db_connection``
----------------------
A connection string to database to be used in tests.
See https://docs.sqlalchemy.org/core/engines.html#database-urls for possible values.
Default is ``sqlite:///:memory:``.

.. toctree::
:maxdepth: 2
:caption: Contents:

docs/workflow
docs/processors
docs/events
docs/messages


Indices and tables
==================

* :ref:`genindex`
* :ref:`modindex`
* :ref:`search`

ChangeLog
=========

.. contents:: Releases
:backlinks: none
:local:

Unreleased
----------

1.6.0 (2024-11-04)
------------------

* Drop support for python 3.8.
* Add support for python 3.13.
* Switch to pydantic v2 (#256).
* Replace frgal with fred-frgal.
* Update filed to 0.4.0.
* Relax protobuf version.
* Handle unicode access tokens (#255).
* Skip notifications for contacts with no domains (#259, #260).
* Use contact handle directly in events (#239).
* Update project setup.

1.5.3 (2024-10-09)
------------------

* Fix ``affected_domains`` for verifications with no domains left (#257).

1.5.2 (2024-09-04)
------------------

* Process cancel events on approve manual (#254).
* Fix tests for frgal 3.15.

1.5.1 (2024-06-20)
------------------

* Handle deleted contacts in handle migration (#250).
* Fix domain migrations (#251, #253).
* Update ``skipped_at`` on ``SkipEvaluation`` (#252).

1.5.0 (2024-06-17)
------------------

* Add contact handle to verification (#236).
* Explicitly store domains affected by verification (#237).
* Store domains on ``create`` (#230).
* Check domains as part of verification processing (#232, #244).
* Release transferred domains (#248).
* Add dispersion (#233).
* Fix sorting of evaluation candidates (#247).
* Handle persistent errors in contact evaluation (#234).
* Add delay for skipped evaluations (#246).
* Add ``VerificationHandler.create`` (#245).
* Add ``Verification.affected_domains`` (#231, #249).
* Add ``Domain.ref`` (#242).
* Update outzone processing (#205).
* Update ``list`` filter by domain ID (#241).
* Update project setup.

1.4.1 (2024-05-28)
------------------

* Prevent repeated processing of some events (#235).

1.4.0 (2024-05-21)
------------------

* Skip instance refresh when not needed (#225).
* Optimize event queries (#226).
* Serialize info in ``list`` asynchronously (#227).
* Use ``filterfalse`` from ``asyncstdlib`` (#228).
* Deduplicate RUIAN queries (#229).
* Update RUIAN check some more (#229).
* Add ``query`` to RUIAN check details (#229).
* Add docs for checks.
* Update project setup.

1.3.0 (2024-04-09)
------------------

* Add ``Score`` index (#219).
* Update RUIAN check (#221).
* Update handling RUIAN errors (#214).
* Handle ``order_by`` in ``list`` method (#192).
* Filter domains in ``CheckDomainsEvent`` (#217).
* Use ``fred-setapp`` (#222).
* Update test database creation (#201).
* Update project setup.

1.2.1 (2023-12-19)
------------------

* Optimize ``Evaluator.evaluate_all`` (#216).
* Optimize ``load-score-queue`` (#215).

1.2.0 (2023-12-13)
------------------

* Add support for python 3.12.
* Update models (#198).
* Add models for scoring (#193).
* Add ``ContactHistoryId`` to type map (#204).
* Make ``override_settings`` sync context manager (#200).
* Add ``BaseCheck`` (#194).
* Add ``Evaluator`` (#194).
* Add ``load-score-queue`` command (#196).
* Add throttle to evaluator (#202).
* Add skip evaluation option (#203).
* Add ``evalute`` command (#195).
* Add ``RuianAddressCheck`` (#197, #213).
* Separate failed event notification (#207).
* Separate failed event (#208).
* Autofail verifications with no domains (#209).
* Add ``__init__.py`` to ``commands`` (#211).
* Refactor test utils for database (#199).
* Fix occasional test failures in service tests.
* Update project setup.

1.1.0 (2023-08-31)
------------------

* Block domains on outzone (#191).
* Fix typing.
* Fix tests.

1.0.0 (2023-08-07)
------------------

* Add new statuses - ``paused`` and ``manual`` (#161).
* Check whether verification can be created (#145).
* Add ``reason_url`` (#150).
* Filter ``list`` by domain ID (#171, #185).
* Handle ``check`` flag in ``verify_token`` (#154).
* Check verification ID in token verification (#152).
* Add verification info to ``ApproveFutileReply`` (#126).
* Add ``resume`` to service (#175).
* Add ``approve_manual`` to service (#162, #176).
* Add ``set_contact_representative`` to service (#138).
* Try to complete verification within service (#149).
* Fix events ordering (#167).
* Turn ``ScheduledEvent.to_event`` async (refs #147)
* Refactor ``ScheduledEvent`` details (#147, #148).
* Process also recently closed verifications (#155, #184).
* Explicitly check whether contact exist in process (#189, #190).
* Add notification events (#156, #157, #158, #159, #177, #181, #186).
* Add ``CheckDomainsEvent`` (#163, #172, #173, #174, #180, #187, #188).
* Yet another message context (#169, #182).
* Fix ``is_applicable`` errors if contact does not exist (#166).
* Add representative processor (#136, #165).
* Rename ``OPEN_STATUSES`` (and fix wording elsewhere) (#170).
* Add database indexes (#153).
* Add workflow diagram (#168, #179).
* Fix annotations.
* Update project setup.

0.2.0 (2023-06-14)
------------------

* Switch database API to async (#140).
* Fix recording of domain state request IDs (#141).
* Use every method only once (#142).
* Drop verification states when initializing (#143).
* Omit email from verification checks (#144).

0.1.1 (2023-05-25)
------------------

* Add a ``db_poolclass`` setting (#139).

0.1.0 (2023-05-23)
------------------

Initial version.


Render warnings:
<string>:216: (ERROR/3) Unknown directive type "toctree".

.. toctree::
:maxdepth: 2
:caption: Contents:

docs/workflow
docs/processors
docs/events
docs/messages