- public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- try {
- User u = LoginPage.getUser(req);
- if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) {
- AffiliationForm form = Form.getForm(req, AffiliationForm.class);
- if (form.submit(resp.getWriter(), req)) {
- resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId());
- }
- return;
- } else if (req.getParameter("addDomain") != null) {
- if (Form.getForm(req, OrgDomainAddForm.class).submit(resp.getWriter(), req)) {
- // resp.sendRedirect(DEFAULT_PATH + "/" +
- // form.getOrganisation().getId());
- }
- } else {
- if ( !u.isInGroup(CreateOrgPage.ORG_ASSURER)) {
- resp.sendError(403, "Access denied");
- return;
- }
- Form.getForm(req, CreateOrgForm.class).submit(resp.getWriter(), req);
+ public Form getForm(HttpServletRequest req) throws CSRFException {
+ if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) {
+ return Form.getForm(req, AffiliationForm.class);
+ } else {
+ if ( !getUser(req).isInGroup(CreateOrgPage.ORG_ASSURER)) {
+ return null;