X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fapi%2FCATSResolve.java;h=6e7c83dd58aafb035c779f318f288b86e63fd43a;hb=c9ed09f0007fc2c813815be927a5a24b23dab83c;hp=1b25e9d5dd241c49d8e04f94272ad9b505ff1670;hpb=bb61cf9360044b8f75d210a52ca628fde72387e8;p=gigi.git

diff --git a/src/org/cacert/gigi/api/CATSResolve.java b/src/org/cacert/gigi/api/CATSResolve.java
index 1b25e9d5..6e7c83dd 100644
--- a/src/org/cacert/gigi/api/CATSResolve.java
+++ b/src/org/cacert/gigi/api/CATSResolve.java
@@ -5,31 +5,40 @@ import java.io.IOException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.dbObjects.Certificate;
 import org.cacert.gigi.dbObjects.CertificateOwner;
 import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.util.ServerConstants;
 
-public class CATSResolve extends APIPoint {
+public class CATSResolve extends CATSRestrictedApi {
 
     public static final String PATH = "/cats/resolve";
 
     @Override
-    public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
-        if ( !(u instanceof Organisation)) {
-            resp.sendError(500, "Error, invalid cert");
-            return;
-        }
-        if ( !((Organisation) u).isSelfOrganisation()) {
-            resp.sendError(500, "Error, invalid cert");
-            return;
-        }
+    public void processAuthenticated(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         String target = req.getParameter("serial");
         if (target == null) {
             resp.sendError(500, "Error, requires a serial parameter");
             return;
         }
-
+        target = target.toLowerCase();
+        Certificate clientCert = Certificate.getBySerial(target);
+        if (clientCert == null) {
+            resp.sendError(500, "Error, requires valid serial");
+            return;
+        }
         CertificateOwner o = CertificateOwner.getByEnabledSerial(target);
+        if (o instanceof Organisation) {
+            Organisation org = (Organisation) o;
+            if (org.isSelfOrganisation()) {
+                if (hasMail(clientCert, ServerConstants.getQuizAdminMailAddress())) {
+                    resp.setContentType("text/plain; charset=UTF-8");
+                    resp.getWriter().print("admin");
+                    return;
+                }
+            }
+        }
         if ( !(o instanceof User)) {
             resp.sendError(500, "Error, requires valid serial");
             return;