X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FNotary.java;h=767230b0a82dfd470af7b356500a07dff3b8a056;hb=4b91927aa8d90226414872ce5b3006d0e0f5d273;hp=184ca8bc44f4a8036c83ef73933b3f2c47e47047;hpb=3e9f3d6f2655dd7ff819a77fba2076da3c1f3717;p=gigi.git

diff --git a/src/org/cacert/gigi/util/Notary.java b/src/org/cacert/gigi/util/Notary.java
index 184ca8bc..767230b0 100644
--- a/src/org/cacert/gigi/util/Notary.java
+++ b/src/org/cacert/gigi/util/Notary.java
@@ -1,22 +1,22 @@
 package org.cacert.gigi.util;
 
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
 import java.text.ParseException;
 import java.util.Date;
 
 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.Name;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.output.DateSelector;
 
 public class Notary {
 
-    public static void writeUserAgreement(int memid, String document, String method, String comment, boolean active, int secmemid) throws SQLException {
-        PreparedStatement q = DatabaseConnection.getInstance().prepare("insert into `user_agreements` set `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?");
-        q.setInt(1, memid);
+    public static void writeUserAgreement(User member, String document, String method, String comment, boolean active, int secmemid) {
+        GigiPreparedStatement q = DatabaseConnection.getInstance().prepare("insert into `user_agreements` set `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?");
+        q.setInt(1, member.getId());
         q.setInt(2, secmemid);
         q.setString(3, document);
         q.setInt(4, active ? 1 : 0);
@@ -29,24 +29,24 @@ public class Notary {
         if (assurer.getId() == target.getId()) {
             throw new GigiApiException("You cannot assure yourself.");
         }
-        try {
-            PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT 1 FROM `notary` where `to`=? and `from`=? AND `deleted`=0");
-            ps.setInt(1, target.getId());
-            ps.setInt(2, assurer.getId());
-            ResultSet rs = ps.executeQuery();
-            if (rs.next()) {
-                rs.close();
-                throw new GigiApiException("You have already assured this member.");
-            }
+        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT 1 FROM `notary` where `to`=? and `from`=? AND `deleted` IS NULL");
+        ps.setInt(1, target.getId());
+        ps.setInt(2, assurer.getId());
+        GigiResultSet rs = ps.executeQuery();
+        if (rs.next()) {
             rs.close();
-            if ( !assurer.canAssure()) {
-                throw new GigiApiException("You are not an assurer.");
-            }
-        } catch (SQLException e) {
-            throw new GigiApiException(e);
+            throw new GigiApiException("You have already assured this member.");
+        }
+        rs.close();
+        if ( !assurer.canAssure()) {
+            throw new GigiApiException("You are not an assurer.");
         }
     }
 
+    public static final Group ASSURER_BLOCKED = Group.getByString("blockedassurer");
+
+    public static final Group ASSUREE_BLOCKED = Group.getByString("blockedassuree");
+
     /**
      * This method assures another user.
      * 
@@ -66,14 +66,20 @@ public class Notary {
      *            the location where the assurance took place
      * @param date
      *            the date when the assurance took place
-     * @throws SQLException
-     *             if SQL goes wrong
      * @throws GigiApiException
      *             if the assurance fails (for various reasons)
      */
-    public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date) throws SQLException, GigiApiException {
+    public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date) throws GigiApiException {
         GigiApiException gae = new GigiApiException();
-
+        if (assuree.isInGroup(ASSUREE_BLOCKED)) {
+            gae.mergeInto(new GigiApiException("The assuree is blocked."));
+        }
+        if (assurer.isInGroup(ASSURER_BLOCKED)) {
+            gae.mergeInto(new GigiApiException("The assurer is blocked."));
+        }
+        if ( !gae.isEmpty()) {
+            throw gae;
+        }
         if (date == null || date.equals("")) {
             gae.mergeInto(new GigiApiException("You must enter the date when you met the assuree."));
         } else {
@@ -99,7 +105,7 @@ public class Notary {
             gae.mergeInto(e);
         }
 
-        if ( !assuree.getName().equals(assureeName) || !assuree.getDob().equals(dob)) {
+        if ( !assuree.getName().equals(assureeName) || !assuree.getDoB().equals(dob)) {
             gae.mergeInto(new GigiApiException("The person you are assuring changed his personal details."));
         }
         if (awarded > assurer.getMaxAssurePoints() || awarded < 0) {
@@ -109,7 +115,7 @@ public class Notary {
             throw gae;
         }
 
-        PreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?");
+        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?");
         ps.setInt(1, assurer.getId());
         ps.setInt(2, assuree.getId());
         ps.setInt(3, awarded);