X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssuranceForm.java;h=3743e3214b50f4c41a70b84609584d7234ca7f42;hb=2824d1c165c501e2f3a8809044788b33b81f478a;hp=498cd6ad7ed324844394c1963be85a44bed4b01b;hpb=4c18a047f1f09f0fd7c2013bd42bb69c44efb73a;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java
index 498cd6ad..3743e321 100644
--- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java
+++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java
@@ -17,71 +17,70 @@ import org.cacert.gigi.output.Form;
 import org.cacert.gigi.output.Template;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.util.Notary;
+import org.cacert.gigi.util.Notary.AssuranceResult;
 
 public class AssuranceForm extends Form {
 	User assuree;
 	static final Template templ;
 	static {
-		templ = new Template(new InputStreamReader(
-				AssuranceForm.class.getResourceAsStream("AssuranceForm.templ")));
+		templ = new Template(new InputStreamReader(AssuranceForm.class.getResourceAsStream("AssuranceForm.templ")));
 	}
 
 	public AssuranceForm(int assuree) {
 		this.assuree = new User(assuree);
 	}
+
 	SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 
 	@Override
-	public void output(PrintWriter out, Language l, Map<String, Object> vars) {
+	public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
 		HashMap<String, Object> res = new HashMap<String, Object>();
 		res.putAll(vars);
 		res.put("name", assuree.getName());
+		try {
+			res.put("maxpoints", assuree.getMaxAssurePoints());
+		} catch (SQLException e) {
+			e.printStackTrace();
+		}
 		res.put("dob", sdf.format(assuree.getDob()));
 		templ.output(out, l, res);
 	}
 
 	@Override
 	public boolean submit(PrintWriter out, HttpServletRequest req) {
+		checkCSRF(req);
+
 		out.println("<div class='formError'>");
 		boolean failed = false;
 
-		if (!"1".equals(req.getParameter("certify"))
-				|| !"1".equals(req.getParameter("rules"))
-				|| !"1".equals(req.getParameter("CCAAgreed"))
-				|| !"1".equals(req.getParameter("assertion"))) {
+		if (!"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules"))
+			|| !"1".equals(req.getParameter("CCAAgreed")) || !"1".equals(req.getParameter("assertion"))) {
 			outputError(out, req, "You failed to check all boxes to validate"
-					+ " your adherence to the rules and policies of CAcert");
+				+ " your adherence to the rules and policies of CAcert");
 			failed = true;
 
 		}
-		if (req.getParameter("date") == null
-				|| req.getParameter("date").equals("")) {
-			outputError(out, req,
-					"You must enter the date when you met the assuree.");
+		if (req.getParameter("date") == null || req.getParameter("date").equals("")) {
+			outputError(out, req, "You must enter the date when you met the assuree.");
 			failed = true;
 		} else {
 			try {
 				Date d = sdf.parse(req.getParameter("date"));
 				if (d.getTime() > System.currentTimeMillis()) {
-					outputError(out, req,
-							"You must not enter a date in the future.");
+					outputError(out, req, "You must not enter a date in the future.");
 					failed = true;
 				}
 			} catch (ParseException e) {
-				outputError(out, req,
-						"You must enter the date in this format: YYYY-MM-DD.");
+				outputError(out, req, "You must enter the date in this format: YYYY-MM-DD.");
 				failed = true;
 			}
 		}
 		// check location, min 3 characters
-		if (req.getParameter("location") == null
-				|| req.getParameter("location").equals("")) {
-			outputError(out, req,
-					"You failed to enter a location of your meeting.");
+		if (req.getParameter("location") == null || req.getParameter("location").equals("")) {
+			outputError(out, req, "You failed to enter a location of your meeting.");
 			failed = true;
 		} else if (req.getParameter("location").length() <= 2) {
-			outputError(out, req,
-					"You must enter a location with at least 3 characters eg town and country.");
+			outputError(out, req, "You must enter a location with at least 3 characters eg town and country.");
 			failed = true;
 		}
 		// TODO checkPoints
@@ -95,15 +94,13 @@ public class AssuranceForm extends Form {
 			return false;
 		}
 		try {
-			boolean success = Notary.assure(LoginPage.getUser(req), assuree,
-					Integer.parseInt(req.getParameter("points")),
-					req.getParameter("location"), req.getParameter("date"));
-			if (!success) {
-				outputError(out, req,
-						"Assurance failed. Maybe user data changed.");
+			AssuranceResult success = Notary.assure(LoginPage.getUser(req), assuree,
+				Integer.parseInt(req.getParameter("points")), req.getParameter("location"), req.getParameter("date"));
+			if (success != AssuranceResult.ASSURANCE_SUCCEDED) {
+				outputError(out, req, success.getMessage());
 			}
 			out.println("</div>");
-			return success;
+			return success == AssuranceResult.ASSURANCE_SUCCEDED;
 		} catch (SQLException e) {
 			e.printStackTrace();
 		}
@@ -111,4 +108,5 @@ public class AssuranceForm extends Form {
 		out.println("</div>");
 		return false;
 	}
+
 }