X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Futil%2FAuthorizationContext.java;h=566436ac5e2834989f5074a07781704a7298b5d9;hb=a10b57f7b91204aa32ecd8070fb9b1f5efb88fed;hp=40a63335fe59929f15f3b7c5f8adabb7a844d472;hpb=08c941629aea14473e5c42ab6f5d590be4af4bf8;p=gigi.git diff --git a/src/club/wpia/gigi/util/AuthorizationContext.java b/src/club/wpia/gigi/util/AuthorizationContext.java index 40a63335..566436ac 100644 --- a/src/club/wpia/gigi/util/AuthorizationContext.java +++ b/src/club/wpia/gigi/util/AuthorizationContext.java @@ -18,24 +18,41 @@ public class AuthorizationContext implements Outputable, Serializable { private static final long serialVersionUID = -2596733469159940154L; - private CertificateOwner target; + private final CertificateOwner target; - private User actor; + private final User actor; - private String supporterTicketId; + private final String supporterTicketId; - public AuthorizationContext(CertificateOwner target, User actor) { + private final boolean isStronglyAuthenticated; + + public AuthorizationContext(CertificateOwner target, User actor, boolean isStronglyAuthenticated) { + if (actor == null) { + throw new Error("Internal Error: The actor of an AuthorizationContext must not be null!"); + } + if (target == null) { + throw new Error("Internal Error: The target of an AuthorizationContext must not be null!"); + } this.target = target; this.actor = actor; + this.supporterTicketId = null; + this.isStronglyAuthenticated = isStronglyAuthenticated; } public AuthorizationContext(User actor, String supporterTicket) throws GigiApiException { + if (actor == null) { + throw new Error("Internal Error: The actor of an AuthorizationContext must not be null!"); + } + if (supporterTicket == null) { + throw new Error("Internal Error: The AuthorizationContext for a Support Engineer requires a valid ticket!"); + } this.target = actor; this.actor = actor; if ( !isInGroup(Group.SUPPORTER)) { throw new GigiApiException("requires a supporter"); } - supporterTicketId = supporterTicket; + this.supporterTicketId = supporterTicket; + this.isStronglyAuthenticated = true; } public CertificateOwner getTarget() { @@ -50,7 +67,7 @@ public class AuthorizationContext implements Outputable, Serializable { return actor.isInGroup(g); } - public User getActor(AuthorizationContext ac) { + public static User getActor(AuthorizationContext ac) { if (ac == null) { return null; } @@ -62,12 +79,12 @@ public class AuthorizationContext implements Outputable, Serializable { } public boolean canSupport() { - return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER); + return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER) && isStronglyAuthenticated(); } private static final SprintfCommand sp = new SprintfCommand("Logged in as {0} via {1}.", Arrays.asList("${username", "${loginMethod")); - private static final SprintfCommand inner = new SprintfCommand("{0} (on behalf of {1})", Arrays.asList("${user", "${target")); + private static final SprintfCommand inner = new SprintfCommand("{0}, acting as {1},", Arrays.asList("${user", "${target")); @Override public void output(PrintWriter out, Language l, Map vars) { @@ -77,8 +94,8 @@ public class AuthorizationContext implements Outputable, Serializable { @Override public void output(PrintWriter out, Language l, Map vars) { if (target != actor) { - vars.put("user", ((Organisation) target).getName().toString()); - vars.put("target", actor.getPreferredName().toString()); + vars.put("target", ((Organisation) target).getName().toString()); + vars.put("user", actor.getPreferredName().toString()); inner.output(out, l, vars); } else { out.println(actor.getPreferredName().toString()); @@ -96,6 +113,10 @@ public class AuthorizationContext implements Outputable, Serializable { } public boolean canVerify() { - return target instanceof User && ((User) target).canVerify(); + return target instanceof User && ((User) target).canVerify() && isStronglyAuthenticated(); + } + + public boolean isStronglyAuthenticated() { + return isStronglyAuthenticated; } }