X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FUser.java;h=b4bfcc1cece2bea5b14f21505256b7dbd68c9e95;hb=e79c07912f681f445446b295f3be7dfa607a3e15;hp=69b76ad2004ec9aa24c5401b7d8f1f0f42845c12;hpb=d0470c5987aaecbc444c7100319df69b6f740680;p=gigi.git diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java index 69b76ad2..b4bfcc1c 100644 --- a/src/org/cacert/gigi/dbObjects/User.java +++ b/src/org/cacert/gigi/dbObjects/User.java @@ -68,22 +68,15 @@ public class User extends CertificateOwner { private Country residenceCountry; - protected User(GigiResultSet rs) { + protected User(GigiResultSet rs) throws GigiApiException { super(rs.getInt("id")); - updateName(rs); - } - private void updateName(GigiResultSet rs) { dob = new DayDate(rs.getDate("dob")); email = rs.getString("email"); preferredName = Name.getById(rs.getInt("preferredName")); - try { - if (rs.getString("Country") != null) { - residenceCountry = Country.getCountryByCode(rs.getString("Country"), Country.CountryCodeType.CODE_2_CHARS); - } - } catch (GigiApiException e) { - throw new Error(e); + if (rs.getString("country") != null) { + residenceCountry = Country.getCountryByCode(rs.getString("Country"), Country.CountryCodeType.CODE_2_CHARS); } String localeStr = rs.getString("language"); @@ -130,18 +123,19 @@ public class User extends CertificateOwner { public Name[] getNames() { try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `id` FROM `names` WHERE `uid`=? AND `deleted` IS NULL", true)) { + gps.setInt(1, getId()); return fetchNamesToArray(gps); } } public Name[] getNonDeprecatedNames() { try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `id` FROM `names` WHERE `uid`=? AND `deleted` IS NULL AND `deprecated` IS NULL", true)) { + gps.setInt(1, getId()); return fetchNamesToArray(gps); } } private Name[] fetchNamesToArray(GigiPreparedStatement gps) { - gps.setInt(1, getId()); GigiResultSet rs = gps.executeQuery(); rs.last(); Name[] dt = new Name[rs.getRow()]; @@ -261,7 +255,7 @@ public class User extends CertificateOwner { public int getExperiencePoints() { try (GigiPreparedStatement query = new GigiPreparedStatement("SELECT count(*) FROM ( SELECT `names`.`uid` FROM `notary` INNER JOIN `names` ON `names`.`id` = `to` WHERE `from`=? AND `notary`.`deleted` IS NULL AND `method` = ? ::`notaryType` GROUP BY `names`.`uid`) as p")) { query.setInt(1, getId()); - query.setString(2, AssuranceType.FACE_TO_FACE.getDescription()); + query.setEnum(2, AssuranceType.FACE_TO_FACE); GigiResultSet rs = query.executeQuery(); int points = 0; @@ -448,20 +442,26 @@ public class User extends CertificateOwner { if (toGrant.isManagedBySupport() && !granter.isInGroup(Group.SUPPORTER)) { throw new GigiApiException("Group may only be managed by supporter"); } + if (toGrant.isManagedBySupport() && granter == this) { + throw new GigiApiException("Group may only be managed by supporter that is not oneself"); + } groups.add(toGrant); try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) { ps.setInt(1, getId()); - ps.setString(2, toGrant.getDatabaseName()); + ps.setEnum(2, toGrant); ps.setInt(3, granter.getId()); ps.execute(); } } - public void revokeGroup(User revoker, Group toRevoke) { + public void revokeGroup(User revoker, Group toRevoke) throws GigiApiException { + if (toRevoke.isManagedBySupport() && !revoker.isInGroup(Group.SUPPORTER)) { + throw new GigiApiException("Group may only be managed by supporter"); + } groups.remove(toRevoke); try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `user_groups` SET `deleted`=CURRENT_TIMESTAMP, `revokedby`=? WHERE `deleted` IS NULL AND `permission`=?::`userGroup` AND `user`=?")) { ps.setInt(1, revoker.getId()); - ps.setString(2, toRevoke.getDatabaseName()); + ps.setEnum(2, toRevoke); ps.setInt(3, getId()); ps.execute(); }