X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FCertificate.java;h=0c63c2cdee088add0a37f51154cd01a41863d76d;hb=d4802b68c651a984f0b98a462ac1e7721aa50388;hp=756a70fdff3c592a0d23413aafb021220b8fbdfe;hpb=3e123160ad59a2e1162518923965562ff947b6d1;p=gigi.git

diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java
index 756a70fd..0c63c2cd 100644
--- a/src/org/cacert/gigi/dbObjects/Certificate.java
+++ b/src/org/cacert/gigi/dbObjects/Certificate.java
@@ -108,7 +108,7 @@ public class Certificate {
 
     private int id;
 
-    private int ownerId;
+    private User owner;
 
     private String serial;
 
@@ -128,8 +128,11 @@ public class Certificate {
 
     private CertificateProfile profile;
 
-    public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) {
-        this.ownerId = ownerId;
+    public Certificate(User owner, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException {
+        if ( !owner.canIssue(profile)) {
+            throw new GigiApiException("You are not allowed to issue these certificates.");
+        }
+        this.owner = owner;
         this.dn = dn;
         this.md = md;
         this.csr = csr;
@@ -150,7 +153,7 @@ public class Certificate {
         md = rs.getString(3);
         csrName = rs.getString(4);
         crtName = rs.getString(5);
-        ownerId = rs.getInt(6);
+        owner = User.getById(rs.getInt(6));
         profile = CertificateProfile.getById(rs.getInt(7));
         this.serial = serial;
 
@@ -233,13 +236,13 @@ public class Certificate {
         if (getStatus() != CertificateStatus.DRAFT) {
             throw new IllegalStateException();
         }
-        Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0);
+        Notary.writeUserAgreement(owner, "CCA", "issue certificate", "", true, 0);
 
         GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=?");
         inserter.setString(1, md);
         inserter.setString(2, dn);
         inserter.setString(3, csrType.toString());
-        inserter.setInt(4, ownerId);
+        inserter.setInt(4, owner.getId());
         inserter.setInt(5, profile.getId());
         inserter.execute();
         id = inserter.lastInsertId();
@@ -315,8 +318,8 @@ public class Certificate {
         return md;
     }
 
-    public int getOwnerId() {
-        return ownerId;
+    public User getOwner() {
+        return owner;
     }
 
     public List<SubjectAlternateName> getSANs() {