From ce8b5899ae8bccd467b30e3a95e7ccc2eff8bc3f Mon Sep 17 00:00:00 2001
From: Daniel M Brasil <danielmbrasil@protonmail.com>
Date: Mon, 22 May 2023 08:44:49 -0300
Subject: [PATCH] Fix POST `/api/v1/admin/domain_allows` returning 200 when no
 domain is specified (#24958)

---
 app/controllers/api/v1/admin/domain_allows_controller.rb  | 2 +-
 .../api/v1/admin/domain_allows_controller_spec.rb         | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/v1/admin/domain_allows_controller.rb b/app/controllers/api/v1/admin/domain_allows_controller.rb
index 61e1d481c..dd54d6710 100644
--- a/app/controllers/api/v1/admin/domain_allows_controller.rb
+++ b/app/controllers/api/v1/admin/domain_allows_controller.rb
@@ -29,7 +29,7 @@ class Api::V1::Admin::DomainAllowsController < Api::BaseController
   def create
     authorize :domain_allow, :create?
 
-    @domain_allow = DomainAllow.find_by(resource_params)
+    @domain_allow = DomainAllow.find_by(domain: resource_params[:domain])
 
     if @domain_allow.nil?
       @domain_allow = DomainAllow.create!(resource_params)
diff --git a/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb b/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb
index 9db8a35b4..ca63ea5a7 100644
--- a/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb
@@ -128,5 +128,13 @@ RSpec.describe Api::V1::Admin::DomainAllowsController do
         expect(response).to have_http_status(422)
       end
     end
+
+    context 'when domain name is not specified' do
+      it 'returns http unprocessable entity' do
+        post :create
+
+        expect(response).to have_http_status(422)
+      end
+    end
   end
 end