package org.cacert.gigi.pages.admin;
import java.io.IOException;
+import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.cacert.gigi.dbObjects.Group;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.localisation.Language;
-import org.cacert.gigi.output.Form;
+import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.IterableDataset;
+import org.cacert.gigi.output.template.SprintfCommand;
import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.error.PageNotFound;
+import org.cacert.gigi.util.AuthorizationContext;
public class TTPAdminPage extends Page {
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String path = req.getPathInfo();
- if (path != null && path.length() > PATH.length()) {
+ if (path != null && path.length() > PATH.length() + 1) {
int id = Integer.parseInt(path.substring(1 + PATH.length()));
User u = User.getById(id);
- if ( !u.isInGroup(TTP_APPLICANT)) {
+ if (u == null || !u.isInGroup(TTP_APPLICANT)) {
+ SprintfCommand command = new SprintfCommand("The TTP-request is not available anymore. You might want to go {0}back{1}.", Arrays.asList("!'<a href=\"" + PATH + "\">", "!'</a>"));
+ req.setAttribute(PageNotFound.MESSAGE_ATTRIBUTE, command);
resp.sendError(404);
return;
}
}
@Override
- public boolean isPermitted(User u) {
- return u != null && u.isInGroup(Group.getByString("ttp-assurer"));
+ public boolean isPermitted(AuthorizationContext ac) {
+ return ac != null && ac.isInGroup(Group.getByString("ttp-assurer"));
}
}
projects / gigi.git / blobdiff