X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FOrganisation.java;h=b51d2838e4e045eb40296ed5c2dd301266a41f2e;hb=7431a1f62c8589e77dd8fcf198eeab4a4a39a49f;hp=d96f95a16a3cbc6e94ebbaaf2374ad9f0a06b29a;hpb=464967d119cb27b72323ffaff17e2e63edbd0de5;p=gigi.git diff --git a/src/org/cacert/gigi/dbObjects/Organisation.java b/src/org/cacert/gigi/dbObjects/Organisation.java index d96f95a1..b51d2838 100644 --- a/src/org/cacert/gigi/dbObjects/Organisation.java +++ b/src/org/cacert/gigi/dbObjects/Organisation.java @@ -3,6 +3,7 @@ package org.cacert.gigi.dbObjects; import java.util.ArrayList; import java.util.List; +import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; @@ -51,13 +52,16 @@ public class Organisation extends CertificateOwner { private String email; - public Organisation(String name, String state, String province, String city, String email, User creator) { + public Organisation(String name, String state, String province, String city, String email, User creator) throws GigiApiException { + if ( !creator.isInGroup(Group.ORGASSURER)) { + throw new GigiApiException("Only org-assurers may create organisations."); + } this.name = name; this.state = state; this.province = province; this.city = city; this.email = email; - int id = super.insert(); + int id = getId(); GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO organisations SET id=?, name=?, state=?, province=?, city=?, contactEmail=?, creator=?"); ps.setInt(1, id); ps.setString(2, name); @@ -109,15 +113,21 @@ public class Organisation extends CertificateOwner { return null; } - public synchronized void addAdmin(User admin, User actor, boolean master) { - GigiPreparedStatement ps1 = DatabaseConnection.getInstance().prepare("SELECT 1 FROM org_admin WHERE orgid=? AND memid=? AND deleted is null"); + public synchronized void addAdmin(User admin, User actor, boolean master) throws GigiApiException { + if ( !admin.canAssure()) { + throw new GigiApiException("Cannot add non-assurer."); + } + if ( !actor.isInGroup(Group.ORGASSURER) && !isMaster(actor)) { + throw new GigiApiException("Only org assurer or master-admin may add admins to an organisation."); + } + GigiPreparedStatement ps1 = DatabaseConnection.getInstance().prepare("SELECT 1 FROM `org_admin` WHERE `orgid`=? AND `memid`=? AND `deleted` IS NULL"); ps1.setInt(1, getId()); ps1.setInt(2, admin.getId()); GigiResultSet result = ps1.executeQuery(); if (result.next()) { return; } - GigiPreparedStatement ps2 = DatabaseConnection.getInstance().prepare("INSERT INTO org_admin SET orgid=?, memid=?, creator=?, master=?"); + GigiPreparedStatement ps2 = DatabaseConnection.getInstance().prepare("INSERT INTO `org_admin` SET `orgid`=?, `memid`=?, `creator`=?, `master`=?::`yesno`"); ps2.setInt(1, getId()); ps2.setInt(2, admin.getId()); ps2.setInt(3, actor.getId()); @@ -125,7 +135,10 @@ public class Organisation extends CertificateOwner { ps2.execute(); } - public void removeAdmin(User admin, User actor) { + public void removeAdmin(User admin, User actor) throws GigiApiException { + if ( !actor.isInGroup(Group.ORGASSURER) && !isMaster(actor)) { + throw new GigiApiException("Only org assurer or master-admin may delete admins from an organisation."); + } GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE org_admin SET deleter=?, deleted=NOW() WHERE orgid=? AND memid=?"); ps.setInt(1, actor.getId()); ps.setInt(2, getId()); @@ -134,7 +147,7 @@ public class Organisation extends CertificateOwner { } public List getAllAdmins() { - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT memid, master FROM org_admin WHERE orgid=? AND deleted is null"); + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepareScrollable("SELECT `memid`, `master` FROM `org_admin` WHERE `orgid`=? AND `deleted` IS NULL"); ps.setInt(1, getId()); GigiResultSet rs = ps.executeQuery(); rs.last(); @@ -147,7 +160,7 @@ public class Organisation extends CertificateOwner { } public static Organisation[] getOrganisations(int offset, int count) { - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT certOwners.id FROM organisations inner join certOwners on certOwners.id=organisations.id where certOwners.deleted is null LIMIT ?,?"); + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepareScrollable("SELECT `certOwners`.`id` FROM `organisations` INNER JOIN `certOwners` ON `certOwners`.`id`=`organisations`.`id` WHERE `certOwners`.`deleted` IS NULL OFFSET ? LIMIT ?"); ps.setInt(1, offset); ps.setInt(2, count); GigiResultSet res = ps.executeQuery(); @@ -167,7 +180,7 @@ public class Organisation extends CertificateOwner { cert.revoke(); } } - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE organisations SET name=?, state=?, province=?, city=?, contactEmail=?"); + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `organisations` SET `name`=?, `state`=?, `province`=?, `city`=?, `contactEmail`=?"); ps.setString(1, o); ps.setString(2, c); ps.setString(3, st); @@ -180,4 +193,18 @@ public class Organisation extends CertificateOwner { province = st; city = l; } + + public boolean isMaster(User u) { + for (Affiliation i : getAllAdmins()) { + if (i.isMaster() && i.getTarget() == u) { + return true; + } + } + return false; + } + + @Override + public boolean isValidEmail(String email) { + return isValidDomain(email.split("@", 2)[1]); + } }