X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FUser.java;h=0e1ee22ca51fc4a85a44dd77373cfe456cdf81cc;hb=e7d86f1ac66e3c7a8d0c95c3cf4abc5d49c9e68a;hp=d5b0a9043bce2ff0575a8d48ba9129e05f40a21a;hpb=590ed6b59f95c729f7f9f797a20fb11e18d77d61;p=gigi.git

diff --git a/src/org/cacert/gigi/User.java b/src/org/cacert/gigi/User.java
index d5b0a904..0e1ee22c 100644
--- a/src/org/cacert/gigi/User.java
+++ b/src/org/cacert/gigi/User.java
@@ -1,13 +1,14 @@
 package org.cacert.gigi;
 
+import java.sql.Date;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.sql.Date;
 import java.util.Calendar;
 
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.util.PasswordHash;
+import org.cacert.gigi.util.PasswordStrengthChecker;
 
 public class User {
 
@@ -116,6 +117,30 @@ public class User {
 		id = DatabaseConnection.lastInsertId(query);
 	}
 
+	public void changePassword(String oldPass, String newPass) throws GigiApiException {
+		try {
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password` FROM users WHERE id=?");
+			ps.setInt(1, id);
+			ResultSet rs = ps.executeQuery();
+			if (!rs.next()) {
+				throw new GigiApiException("User not found... very bad.");
+			}
+			if (!PasswordHash.verifyHash(oldPass, rs.getString(1))) {
+				throw new GigiApiException("Old password does not match.");
+			}
+			rs.close();
+			PasswordStrengthChecker.assertStrongPassword(newPass, this);
+			ps = DatabaseConnection.getInstance().prepare("UPDATE users SET `password`=? WHERE id=?");
+			ps.setString(1, PasswordHash.hash(newPass));
+			ps.setInt(2, id);
+			if (ps.executeUpdate() != 1) {
+				throw new GigiApiException("Password update failed.");
+			}
+		} catch (SQLException e) {
+			throw new GigiApiException(e);
+		}
+	}
+
 	public boolean canAssure() throws SQLException {
 		if (getAssurancePoints() < 100) {
 			return false;
@@ -242,4 +267,40 @@ public class User {
 
 		return null;
 	}
+
+	public void updateDefaultEmail(EmailAddress newMail) throws GigiApiException {
+		try {
+			EmailAddress[] adrs = getEmails();
+			for (int i = 0; i < adrs.length; i++) {
+				if (adrs[i].getAddress().equals(newMail.getAddress())) {
+					if (!adrs[i].isVerified()) {
+						throw new GigiApiException("Email not verified.");
+					}
+					PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+						"UPDATE users SET email=? WHERE id=?");
+					ps.setString(1, newMail.getAddress());
+					ps.setInt(2, getId());
+					ps.execute();
+					email = newMail.getAddress();
+					return;
+				}
+			}
+			throw new GigiApiException("Given address not an address of the user.");
+		} catch (SQLException e) {
+			throw new GigiApiException(e);
+		}
+	}
+
+	public void deleteEmail(EmailAddress mail) {
+		if (getEmail().equals(mail.getAddress())) {
+			throw new IllegalArgumentException("Can't delete user's default e-mail.");
+		}
+		try {
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare("DELETE FROM email WHERE id=?");
+			ps.setInt(1, mail.getId());
+			ps.execute();
+		} catch (SQLException e) {
+			e.printStackTrace();
+		}
+	}
 }