import org.cacert.gigi.output.Template;
import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.util.Notary;
+import org.cacert.gigi.util.Notary.AssuranceResult;
public class AssuranceForm extends Form {
User assuree;
static final Template templ;
static {
- templ = new Template(new InputStreamReader(
- AssuranceForm.class.getResourceAsStream("AssuranceForm.templ")));
+ templ = new Template(new InputStreamReader(AssuranceForm.class.getResourceAsStream("AssuranceForm.templ")));
}
public AssuranceForm(int assuree) {
this.assuree = new User(assuree);
}
+
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
@Override
- public void output(PrintWriter out, Language l, Map<String, Object> vars) {
+ public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
HashMap<String, Object> res = new HashMap<String, Object>();
res.putAll(vars);
res.put("name", assuree.getName());
@Override
public boolean submit(PrintWriter out, HttpServletRequest req) {
+ checkCSRF(req);
+
out.println("<div class='formError'>");
boolean failed = false;
- if (!"1".equals(req.getParameter("certify"))
- || !"1".equals(req.getParameter("rules"))
- || !"1".equals(req.getParameter("CCAAgreed"))
- || !"1".equals(req.getParameter("assertion"))) {
+ if (!"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules"))
+ || !"1".equals(req.getParameter("CCAAgreed")) || !"1".equals(req.getParameter("assertion"))) {
outputError(out, req, "You failed to check all boxes to validate"
- + " your adherence to the rules and policies of CAcert");
+ + " your adherence to the rules and policies of CAcert");
failed = true;
}
- if (req.getParameter("date") == null
- || req.getParameter("date").equals("")) {
- outputError(out, req,
- "You must enter the date when you met the assuree.");
+ if (req.getParameter("date") == null || req.getParameter("date").equals("")) {
+ outputError(out, req, "You must enter the date when you met the assuree.");
failed = true;
} else {
try {
Date d = sdf.parse(req.getParameter("date"));
if (d.getTime() > System.currentTimeMillis()) {
- outputError(out, req,
- "You must not enter a date in the future.");
+ outputError(out, req, "You must not enter a date in the future.");
failed = true;
}
} catch (ParseException e) {
- outputError(out, req,
- "You must enter the date in this format: YYYY-MM-DD.");
+ outputError(out, req, "You must enter the date in this format: YYYY-MM-DD.");
failed = true;
}
}
// check location, min 3 characters
- if (req.getParameter("location") == null
- || req.getParameter("location").equals("")) {
- outputError(out, req,
- "You failed to enter a location of your meeting.");
+ if (req.getParameter("location") == null || req.getParameter("location").equals("")) {
+ outputError(out, req, "You failed to enter a location of your meeting.");
failed = true;
} else if (req.getParameter("location").length() <= 2) {
- outputError(out, req,
- "You must enter a location with at least 3 characters eg town and country.");
+ outputError(out, req, "You must enter a location with at least 3 characters eg town and country.");
failed = true;
}
// TODO checkPoints
return false;
}
try {
- boolean success = Notary.assure(LoginPage.getUser(req), assuree,
- Integer.parseInt(req.getParameter("points")),
- req.getParameter("location"), req.getParameter("date"));
- if (!success) {
- outputError(out, req,
- "Assurance failed. Maybe user data changed.");
+ AssuranceResult success = Notary.assure(LoginPage.getUser(req), assuree,
+ Integer.parseInt(req.getParameter("points")), req.getParameter("location"), req.getParameter("date"));
+ if (success != AssuranceResult.ASSURANCE_SUCCEDED) {
+ outputError(out, req, success.getMessage());
}
out.println("</div>");
- return success;
+ return success == AssuranceResult.ASSURANCE_SUCCEDED;
} catch (SQLException e) {
e.printStackTrace();
}
out.println("</div>");
return false;
}
+
}