X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FCertificateProfile.java;h=c31f6cbfa3449dbaebb4ceb2e7f2564765da2640;hb=d21c39f52385389984da44fd55d85d7f86a2d5c4;hp=d9a9e34f170383fe177f8aebfbebba94717e6fbf;hpb=a7aea81ff9eebb35aef0f91dfa8b5e3c797568f8;p=gigi.git diff --git a/src/org/cacert/gigi/dbObjects/CertificateProfile.java b/src/org/cacert/gigi/dbObjects/CertificateProfile.java index d9a9e34f..c31f6cbf 100644 --- a/src/org/cacert/gigi/dbObjects/CertificateProfile.java +++ b/src/org/cacert/gigi/dbObjects/CertificateProfile.java @@ -10,7 +10,6 @@ import java.util.List; import java.util.Map; import java.util.Properties; -import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; @@ -22,9 +21,9 @@ public class CertificateProfile implements IdCachable { private final String visibleName; - private static final HashMap byName = new HashMap<>(); + private static final Map byName; - private static final HashMap byId = new HashMap<>(); + private static final Map byId; private final Map pt; @@ -126,7 +125,9 @@ public class CertificateProfile implements IdCachable { private CertificateProfile(File f) throws IOException { Properties p = new Properties(); - p.load(new FileInputStream(f)); + try (FileInputStream inStream = new FileInputStream(f)) { + p.load(inStream); + } String[] parts = f.getName().split("\\.")[0].split("-", 2); id = Integer.parseInt(parts[0]); keyName = parts[1]; @@ -176,47 +177,55 @@ public class CertificateProfile implements IdCachable { } static { + final HashMap myName = new HashMap(); + final HashMap myId = new HashMap(); + for (File f : new File("config/profiles").listFiles()) { Properties p = new Properties(); - try { - p.load(new FileInputStream(f)); + try (FileInputStream inStream = new FileInputStream(f)) { + p.load(inStream); } catch (IOException e) { - e.printStackTrace(); + throw new Error("Unable to load profile from " + f.getName(), e); } - String[] parts = f.getName().split("\\.")[0].split("-", 2); - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT keyname, include, requires, name FROM `profiles` WHERE id=?"); - ps.setInt(1, Integer.parseInt(parts[0])); - GigiResultSet rs = ps.executeQuery(); - if (rs.next()) { - if ( !rs.getString("keyname").equals(parts[1])) { - throw new Error("Config error. Certificate Profile mismatch"); - } - if ( !rs.getString("include").equals(p.getProperty("include"))) { - throw new Error("Config error. Certificate Profile mismatch"); - } - if ( !rs.getString("requires").equals(p.getProperty("requires", ""))) { - throw new Error("Config error. Certificate Profile mismatch"); + String[] parts = f.getName().split("\\.")[0].split("-", 2); + try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `keyname`, `include`, `requires`, `name` FROM `profiles` WHERE `id`=?")) { + ps.setInt(1, Integer.parseInt(parts[0])); + GigiResultSet rs = ps.executeQuery(); + + if (rs.next()) { + if ( !rs.getString("keyname").equals(parts[1])) { + throw new Error("Config error. Certificate Profile mismatch"); + } + if ( !rs.getString("include").equals(p.getProperty("include"))) { + throw new Error("Config error. Certificate Profile mismatch"); + } + if ( !rs.getString("requires").equals(p.getProperty("requires", ""))) { + throw new Error("Config error. Certificate Profile mismatch"); + } + } else { + try (GigiPreparedStatement insert = new GigiPreparedStatement("INSERT INTO `profiles` SET `keyname`=?, `include`=?, `requires`=?, `name`=?, `id`=?")) { + insert.setString(1, parts[1]); + insert.setString(2, p.getProperty("include")); + insert.setString(3, p.getProperty("requires", "")); + insert.setString(4, p.getProperty("name")); + insert.setInt(5, Integer.parseInt(parts[0])); + insert.execute(); + } } - } else { - GigiPreparedStatement insert = DatabaseConnection.getInstance().prepare("INSERT INTO `profiles` SET keyname=?, include=?, requires=?, name=?, id=?"); - insert.setString(1, parts[1]); - insert.setString(2, p.getProperty("include")); - insert.setString(3, p.getProperty("requires", "")); - insert.setString(4, p.getProperty("name")); - insert.setInt(5, Integer.parseInt(parts[0])); - insert.execute(); } - - } - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id, keyname, name, requires, include FROM `profiles`"); - GigiResultSet rs = ps.executeQuery(); - while (rs.next()) { - CertificateProfile cp = new CertificateProfile(rs.getInt("id"), rs.getString("keyName"), rs.getString("name"), rs.getString("requires"), rs.getString("include")); - byId.put(cp.getId(), cp); - byName.put(cp.getKeyName(), cp); } + try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `id`, `keyname`, `name`, `requires`, `include` FROM `profiles`")) { + GigiResultSet rs = ps.executeQuery(); + while (rs.next()) { + CertificateProfile cp = new CertificateProfile(rs.getInt("id"), rs.getString("keyName"), rs.getString("name"), rs.getString("requires"), rs.getString("include")); + myId.put(cp.getId(), cp); + myName.put(cp.getKeyName(), cp); + } + } + byName = Collections.unmodifiableMap(myName); + byId = Collections.unmodifiableMap(myId); } public static CertificateProfile getById(int id) { @@ -231,18 +240,27 @@ public class CertificateProfile implements IdCachable { return byId.values().toArray(new CertificateProfile[byId.size()]); } - public boolean canBeIssuedBy(User u) { + public boolean canBeIssuedBy(CertificateOwner owner, User actor) { + if (pt.containsKey("orga")) { + if ( !(owner instanceof Organisation)) { + return false; + } + } else { + if (owner instanceof Organisation) { + return false; + } + } for (String s : req) { if (s.equals("points>=50")) { - if (u.getAssurancePoints() < 50) { + if (actor.getAssurancePoints() < 50) { return false; } } else if (s.equals("points>=100")) { - if (u.getAssurancePoints() < 100) { + if (actor.getAssurancePoints() < 100) { return false; } } else if (s.equals("codesign")) { - if (u.isInGroup(Group.CODESIGNING)) { + if ( !actor.isInGroup(Group.CODESIGNING)) { return false; } } else {