X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Fclub%2Fwpia%2Fgigi%2Futil%2FAuthorizationContext.java;h=9888309af233a1920e25327194f3a679253c6342;hb=7c9a443cdc81dfc8129f898d510e13bccc558ee0;hp=fdc9187b8e80267267bc9b52f912b402d8e08271;hpb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e;p=gigi.git diff --git a/src/club/wpia/gigi/util/AuthorizationContext.java b/src/club/wpia/gigi/util/AuthorizationContext.java index fdc9187b..9888309a 100644 --- a/src/club/wpia/gigi/util/AuthorizationContext.java +++ b/src/club/wpia/gigi/util/AuthorizationContext.java @@ -18,24 +18,41 @@ public class AuthorizationContext implements Outputable, Serializable { private static final long serialVersionUID = -2596733469159940154L; - private CertificateOwner target; + private final CertificateOwner target; - private User actor; + private final User actor; - private String supporterTicketId; + private final String supporterTicketId; - public AuthorizationContext(CertificateOwner target, User actor) { + private final boolean isStronglyAuthenticated; + + public AuthorizationContext(CertificateOwner target, User actor, boolean isStronglyAuthenticated) { + if (actor == null) { + throw new Error("Internal Error: The actor of an AuthorizationContext must not be null!"); + } + if (target == null) { + throw new Error("Internal Error: The target of an AuthorizationContext must not be null!"); + } this.target = target; this.actor = actor; + this.supporterTicketId = null; + this.isStronglyAuthenticated = isStronglyAuthenticated; } public AuthorizationContext(User actor, String supporterTicket) throws GigiApiException { + if (actor == null) { + throw new Error("Internal Error: The actor of an AuthorizationContext must not be null!"); + } + if (supporterTicket == null) { + throw new Error("Internal Error: The AuthorizationContext for a Support Engineer requires a valid ticket!"); + } this.target = actor; this.actor = actor; if ( !isInGroup(Group.SUPPORTER)) { throw new GigiApiException("requires a supporter"); } - supporterTicketId = supporterTicket; + this.supporterTicketId = supporterTicket; + this.isStronglyAuthenticated = true; } public CertificateOwner getTarget() { @@ -50,7 +67,7 @@ public class AuthorizationContext implements Outputable, Serializable { return actor.isInGroup(g); } - public User getActor(AuthorizationContext ac) { + public static User getActor(AuthorizationContext ac) { if (ac == null) { return null; } @@ -62,12 +79,12 @@ public class AuthorizationContext implements Outputable, Serializable { } public boolean canSupport() { - return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER); + return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER) && isStronglyAuthenticated(); } - private static final SprintfCommand sp = new SprintfCommand("Logged in as {0} via {1}.", Arrays.asList("${username}", "${loginMethod}")); + private static final SprintfCommand sp = new SprintfCommand("Logged in as {0} via {1}.", Arrays.asList("${username", "${loginMethod")); - private static final SprintfCommand inner = new SprintfCommand("{0} (on behalf of {1})", Arrays.asList("${user}", "${target}")); + private static final SprintfCommand inner = new SprintfCommand("{0}, acting as {1},", Arrays.asList("${user", "${target")); @Override public void output(PrintWriter out, Language l, Map vars) { @@ -77,8 +94,8 @@ public class AuthorizationContext implements Outputable, Serializable { @Override public void output(PrintWriter out, Language l, Map vars) { if (target != actor) { - vars.put("user", ((Organisation) target).getName().toString()); - vars.put("target", actor.getPreferredName().toString()); + vars.put("target", ((Organisation) target).getName().toString()); + vars.put("user", actor.getPreferredName().toString()); inner.output(out, l, vars); } else { out.println(actor.getPreferredName().toString()); @@ -95,7 +112,11 @@ public class AuthorizationContext implements Outputable, Serializable { } } - public boolean canAssure() { - return target instanceof User && ((User) target).canAssure(); + public boolean canVerify() { + return target instanceof User && ((User) target).canVerify(); + } + + public boolean isStronglyAuthenticated() { + return isStronglyAuthenticated; } }