X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fadmin%2Fsupport%2FSupportUserDetailsPage.java;h=b0ddb8fee7cdce3cd9ef81590988e1a0ccae555c;hb=db3ef5c43aa600a5bba60e57efd92932d2323d8c;hp=234448088d91f5bcaa82b1eb357f8f81c25995db;hpb=117feb522905ad14aeacea42742c77035f2dd6cb;p=gigi.git diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java index 23444808..b0ddb8fe 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java @@ -9,13 +9,14 @@ import javax.servlet.http.HttpServletResponse; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.EmailAddress; -import org.cacert.gigi.dbObjects.Group; import org.cacert.gigi.dbObjects.SupportedUser; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; +import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class SupportUserDetailsPage extends Page { @@ -27,15 +28,18 @@ public class SupportUserDetailsPage extends Page { @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { - int id; + int id = -1; String[] idP = req.getPathInfo().split("/"); - id = Integer.parseInt(idP[idP.length - 1]); + try { + id = Integer.parseInt(idP[idP.length - 1]); + } catch (NumberFormatException e) { + resp.sendError(404); + } final User user = User.getById(id); - String ticket = (String) req.getSession().getAttribute("ticketNo" + user.getId()); - SupportUserDetailsForm f = new SupportUserDetailsForm(req, new SupportedUser(user, getUser(req), ticket)); + SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId()); + SupportUserDetailsForm f = new SupportUserDetailsForm(req, targetUser); HashMap vars = new HashMap(); vars.put("details", f); - vars.put("ticketNo", ticket); final EmailAddress[] addrs = user.getEmails(); vars.put("emails", new IterableDataset() { @@ -54,20 +58,14 @@ public class SupportUserDetailsPage extends Page { return true; } }); - vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, new SupportedUser(user, getUser(req), ticket))); - vars.put("tickethandling", new SupportEnterTicketForm(req, user)); + vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, targetUser)); getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars); } @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { try { - if (req.getParameter("setTicket") != null) { - - if ( !Form.getForm(req, SupportEnterTicketForm.class).submit(resp.getWriter(), req)) { - throw new GigiApiException("Invalid ticket number!"); - } - } else if (req.getParameter("revokeall") != null) { + if (req.getParameter("revokeall") != null) { if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submit(resp.getWriter(), req)) { throw new GigiApiException("No ticket number set."); } @@ -84,10 +82,7 @@ public class SupportUserDetailsPage extends Page { } @Override - public boolean isPermitted(User u) { - if (u == null) { - return false; - } - return u.isInGroup(Group.SUPPORTER); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.canSupport(); } }