X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=2df486c19d55279da51e47795cf597c52ae1fe8b;hb=3395fce1b4cf2ad4a01536f6aeabd59951ccee08;hp=e848854fa19d7b50b9558d44f5acb8e6b3652283;hpb=3e123160ad59a2e1162518923965562ff947b6d1;p=gigi.git diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index e848854f..2df486c1 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -9,7 +9,9 @@ import java.security.interfaces.ECPublicKey; import java.security.interfaces.RSAPublicKey; import java.util.Base64; import java.util.HashMap; +import java.util.Iterator; import java.util.LinkedHashSet; +import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; @@ -19,12 +21,13 @@ import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.crypto.SPKAC; import org.cacert.gigi.dbObjects.Certificate; -import org.cacert.gigi.dbObjects.CertificateProfile; -import org.cacert.gigi.dbObjects.Digest; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.Certificate.SANType; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; +import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; +import org.cacert.gigi.dbObjects.Organisation; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.CertificateValiditySelector; import org.cacert.gigi.output.Form; @@ -239,6 +242,11 @@ public class CertificateIssueForm extends Form { selectedDigest = Digest.valueOf(hashAlg); } profile = CertificateProfile.getByName(req.getParameter("profile")); + if ( !u.canIssue(profile)) { + profile = CertificateProfile.getById(1); + outputError(out, req, "Certificate Profile is invalid."); + return false; + } String pDNS = null; String pMail = null; @@ -297,7 +305,7 @@ public class CertificateIssueForm extends Form { return false; } - result = new Certificate(LoginPage.getUser(req).getId(), subject.toString(), selectedDigest.toString(), // + result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); return true; @@ -417,10 +425,14 @@ public class CertificateIssueForm extends Form { @Override public boolean next(Language l, Map vars) { - CertificateProfile cp = CertificateProfile.getById(i++); - if (cp == null) { - return false; - } + CertificateProfile cp; + do { + cp = CertificateProfile.getById(i++); + if (cp == null) { + return false; + } + } while ( !u.canIssue(cp)); + if (cp.getId() == profile.getId()) { vars.put("selected", " selected"); } else { @@ -431,6 +443,23 @@ public class CertificateIssueForm extends Form { return true; } }); + final List orgs = u.getOrganisations(); + vars2.put("orga", orgs.size() == 0 ? null : new IterableDataset() { + + Iterator iter = orgs.iterator(); + + @Override + public boolean next(Language l, Map vars) { + if ( !iter.hasNext()) { + return false; + } + Organisation orga = iter.next(); + vars.put("key", orga.getId()); + vars.put("name", orga.getName()); + return true; + } + }); + t.output(out, l, vars2); } }