X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FUser.java;h=010df4a9773cd48ee705d79d4a50c0f6491c16f8;hb=11cd210415b857684a9ec7edf057bf7bfe41af8f;hp=c3ca2164d542b8e3bd91d1bf82f983f76152622c;hpb=5725fc461f2f5d3d767a9d2d445eff96857287a5;p=gigi.git

diff --git a/src/org/cacert/gigi/User.java b/src/org/cacert/gigi/User.java
index c3ca2164..010df4a9 100644
--- a/src/org/cacert/gigi/User.java
+++ b/src/org/cacert/gigi/User.java
@@ -1,13 +1,14 @@
 package org.cacert.gigi;
 
+import java.sql.Date;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.sql.Date;
 import java.util.Calendar;
 
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.util.PasswordHash;
+import org.cacert.gigi.util.PasswordStrengthChecker;
 
 public class User {
 
@@ -116,6 +117,30 @@ public class User {
 		id = DatabaseConnection.lastInsertId(query);
 	}
 
+	public void changePassword(String oldPass, String newPass) throws GigiApiException {
+		try {
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password` FROM users WHERE id=?");
+			ps.setInt(1, id);
+			ResultSet rs = ps.executeQuery();
+			if (!rs.next()) {
+				throw new GigiApiException("User not found... very bad.");
+			}
+			if (!PasswordHash.verifyHash(oldPass, rs.getString(1))) {
+				throw new GigiApiException("Old password does not match.");
+			}
+			rs.close();
+			PasswordStrengthChecker.assertStrongPassword(newPass, this);
+			ps = DatabaseConnection.getInstance().prepare("UPDATE users SET `password`=? WHERE id=?");
+			ps.setString(1, PasswordHash.hash(newPass));
+			ps.setInt(2, id);
+			if (ps.executeUpdate() != 1) {
+				throw new GigiApiException("Password update failed.");
+			}
+		} catch (SQLException e) {
+			throw new GigiApiException(e);
+		}
+	}
+
 	public boolean canAssure() throws SQLException {
 		if (getAssurancePoints() < 100) {
 			return false;
@@ -219,4 +244,99 @@ public class User {
 		return new User(id);
 	}
 
+	public EmailAddress[] getEmails() {
+		try {
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+				"SELECT id FROM email WHERE memid=? AND deleted=0");
+			ps.setInt(1, id);
+			ResultSet rs = ps.executeQuery();
+			rs.last();
+			int count = rs.getRow();
+			EmailAddress[] data = new EmailAddress[count];
+			rs.beforeFirst();
+			for (int i = 0; i < data.length; i++) {
+				if (!rs.next()) {
+					throw new Error("Internal sql api violation.");
+				}
+				data[i] = EmailAddress.getById(rs.getInt(1));
+			}
+			rs.close();
+			return data;
+		} catch (SQLException e) {
+			e.printStackTrace();
+		}
+
+		return null;
+	}
+
+	public Domain[] getDomains() {
+		try {
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+				"SELECT id FROM domain WHERE memid=? AND deleted IS NULL");
+			ps.setInt(1, id);
+			ResultSet rs = ps.executeQuery();
+			rs.last();
+			int count = rs.getRow();
+			Domain[] data = new Domain[count];
+			rs.beforeFirst();
+			for (int i = 0; i < data.length; i++) {
+				if (!rs.next()) {
+					throw new Error("Internal sql api violation.");
+				}
+				data[i] = Domain.getById(rs.getInt(1));
+			}
+			rs.close();
+			return data;
+		} catch (SQLException e) {
+			e.printStackTrace();
+		}
+
+		return null;
+	}
+
+	public void updateDefaultEmail(EmailAddress newMail) throws GigiApiException {
+		try {
+			EmailAddress[] adrs = getEmails();
+			for (int i = 0; i < adrs.length; i++) {
+				if (adrs[i].getAddress().equals(newMail.getAddress())) {
+					if (!adrs[i].isVerified()) {
+						throw new GigiApiException("Email not verified.");
+					}
+					PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+						"UPDATE users SET email=? WHERE id=?");
+					ps.setString(1, newMail.getAddress());
+					ps.setInt(2, getId());
+					ps.execute();
+					email = newMail.getAddress();
+					return;
+				}
+			}
+			throw new GigiApiException("Given address not an address of the user.");
+		} catch (SQLException e) {
+			throw new GigiApiException(e);
+		}
+	}
+
+	public void deleteEmail(EmailAddress mail) throws GigiApiException {
+		if (getEmail().equals(mail.getAddress())) {
+			throw new GigiApiException("Can't delete user's default e-mail.");
+		}
+		EmailAddress[] emails = getEmails();
+		for (int i = 0; i < emails.length; i++) {
+			if (emails[i].getId() == mail.getId()) {
+				try {
+					PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+						"UPDATE email SET deleted=? WHERE id=?");
+					ps.setDate(1, new Date(System.currentTimeMillis()));
+					ps.setInt(2, mail.getId());
+					ps.execute();
+				} catch (SQLException e) {
+					e.printStackTrace();
+					throw new GigiApiException(e);
+				}
+				return;
+			}
+		}
+		throw new GigiApiException("Email not one user's mail addresses.");
+	}
 }