X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FNotary.java;h=620eb89cb456b44bddc1760dfe5459a8b2fc4393;hb=f0409c63fad3833d4a2d4d8c3fd60f0ab829b299;hp=901e5ef62e46891479bf7af5f12d827d0bd4a1db;hpb=aa5723dbb64ec8efa63909d39ff72364f0a5ee96;p=gigi.git diff --git a/src/org/cacert/gigi/util/Notary.java b/src/org/cacert/gigi/util/Notary.java index 901e5ef6..620eb89c 100644 --- a/src/org/cacert/gigi/util/Notary.java +++ b/src/org/cacert/gigi/util/Notary.java @@ -17,6 +17,14 @@ import org.cacert.gigi.output.template.SprintfCommand; public class Notary { + // minimum date range between 2 verifications of the RA-Agent to the same + // Applicant + public final static int LIMIT_DAYS_VERIFICATION = TimeConditions.getInstance().getVerificationLimitDays(); + + // maximum date range from date when the verification took place and the + // entering to the system + public final static int LIMIT_MAX_MONTHS_VERIFICATION = TimeConditions.getInstance().getVerificationMaxAgeMonths(); + public static void writeUserAgreement(User member, String document, String method, String comment, boolean active, int secmemid) { try (GigiPreparedStatement q = new GigiPreparedStatement("INSERT INTO `user_agreements` SET `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?")) { q.setInt(1, member.getId()); @@ -29,21 +37,14 @@ public class Notary { } } - public static void checkAssuranceIsPossible(User assurer, User target) throws GigiApiException { - if (assurer.getId() == target.getId()) { - throw new GigiApiException("You cannot assure yourself."); - } - try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` where `to`=? and `from`=? AND `deleted` IS NULL")) { + public static boolean checkAssuranceIsPossible(User assurer, Name target) { + try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` where `to`=? and `from`=? and `method` = ? ::`notaryType` AND `deleted` IS NULL AND `when` > (now() - interval '1 days' * ?)")) { ps.setInt(1, target.getId()); ps.setInt(2, assurer.getId()); + ps.setString(3, AssuranceType.FACE_TO_FACE.getDescription()); + ps.setInt(4, LIMIT_DAYS_VERIFICATION); GigiResultSet rs = ps.executeQuery(); - if (rs.next()) { - rs.close(); - throw new GigiApiException("You have already assured this member."); - } - } - if ( !assurer.canAssure()) { - throw new GigiApiException("You are not an assurer."); + return !rs.next(); } } @@ -90,6 +91,11 @@ public class Notary { if (d.getTime() > gc.getTimeInMillis()) { gae.mergeInto(new GigiApiException("You must not enter a date in the future.")); } + gc.setTimeInMillis(System.currentTimeMillis()); + gc.add(Calendar.MONTH, -LIMIT_MAX_MONTHS_VERIFICATION); + if (d.getTime() < gc.getTimeInMillis()) { + gae.mergeInto(new GigiApiException(SprintfCommand.createSimple("Verifications older than {0} months are not accepted.", LIMIT_MAX_MONTHS_VERIFICATION))); + } } catch (ParseException e) { gae.mergeInto(new GigiApiException("You must enter the date in this format: YYYY-MM-DD.")); } @@ -101,16 +107,24 @@ public class Notary { gae.mergeInto(new GigiApiException("You must enter a location with at least 3 characters eg town and country.")); } synchronized (assuree) { + if (assurer.getId() == assuree.getId()) { + throw new GigiApiException("You cannot verify yourself."); + } + if (assureeName.getOwner() != assuree) { + throw new GigiApiException("Internal error, name does not belong to applicant."); + } + if ( !assurer.canAssure()) { + throw new GigiApiException("You are not an RA-Agent."); + } - try { - checkAssuranceIsPossible(assurer, assuree); - } catch (GigiApiException e) { - gae.mergeInto(e); + if ( !checkAssuranceIsPossible(assurer, assureeName)) { + gae.mergeInto(new GigiApiException(SprintfCommand.createSimple("You have already verified this applicant within the last {0} days.", LIMIT_DAYS_VERIFICATION))); } - if ( !assuree.getName().equals(assureeName) || !assuree.getDoB().equals(dob)) { + if ( !assuree.getDoB().equals(dob)) { gae.mergeInto(new GigiApiException("The person you are assuring changed his personal details.")); } + if (awarded < 0) { gae.mergeInto(new GigiApiException("The points you are trying to award are out of range.")); } else { @@ -130,11 +144,11 @@ public class Notary { } if (type == AssuranceType.FACE_TO_FACE) { - assureF2F(assurer, assuree, awarded, location, date); + assureF2F(assurer, assuree, assureeName, awarded, location, date); } else if (type == AssuranceType.NUCLEUS) { - assureNucleus(assurer, assuree, awarded, location, date); + assureNucleus(assurer, assuree, assureeName, awarded, location, date); } else if (type == AssuranceType.TTP_ASSISTED) { - assureTTP(assurer, assuree, awarded, location, date); + assureTTP(assurer, assuree, assureeName, awarded, location, date); } else { throw new GigiApiException(SprintfCommand.createSimple("Unknown Assurance type: {0}", type.toString())); } @@ -143,11 +157,11 @@ public class Notary { } } - private static void assureF2F(User assurer, User assuree, int awarded, String location, String date) throws GigiApiException { + private static void assureF2F(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException { may(assurer, assuree, AssuranceType.FACE_TO_FACE); try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) { ps.setInt(1, assurer.getId()); - ps.setInt(2, assuree.getId()); + ps.setInt(2, name.getId()); ps.setInt(3, awarded); ps.setString(4, location); ps.setString(5, date); @@ -155,11 +169,11 @@ public class Notary { } } - private static void assureTTP(User assurer, User assuree, int awarded, String location, String date) throws GigiApiException { + private static void assureTTP(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException { may(assurer, assuree, AssuranceType.TTP_ASSISTED); try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `method`='TTP-Assisted'")) { ps.setInt(1, assurer.getId()); - ps.setInt(2, assuree.getId()); + ps.setInt(2, name.getId()); ps.setInt(3, awarded); ps.setString(4, location); ps.setString(5, date); @@ -170,36 +184,36 @@ public class Notary { public static void may(User assurer, User assuree, AssuranceType t) throws GigiApiException { if (assuree.isInGroup(ASSUREE_BLOCKED)) { - throw new GigiApiException("The assuree is blocked."); + throw new GigiApiException("The applicant is blocked."); } if (assurer.isInGroup(ASSURER_BLOCKED)) { - throw new GigiApiException("The assurer is blocked."); + throw new GigiApiException("The RA Agent is blocked."); } if (t == AssuranceType.NUCLEUS) { if ( !assurer.isInGroup(Group.NUCLEUS_ASSURER)) { - throw new GigiApiException("Assurer needs to be Nucleus Assurer."); + throw new GigiApiException("RA Agent needs to be Nucleus RA Agent."); } return; } else if (t == AssuranceType.TTP_ASSISTED) { if ( !assurer.isInGroup(Group.TTP_ASSURER)) { - throw new GigiApiException("Assurer needs to be TTP Assurer."); + throw new GigiApiException("RA Agent needs to be TTP RA Agent."); } if ( !assuree.isInGroup(Group.TTP_APPLICANT)) { - throw new GigiApiException("Assuree needs to be TTP Applicant."); + throw new GigiApiException("Applicant needs to be TTP Applicant."); } return; } else if (t == AssuranceType.FACE_TO_FACE) { return; } - throw new GigiApiException("Assurance type not possible."); + throw new GigiApiException("Verification type not possible."); } - private static void assureNucleus(User assurer, User assuree, int awarded, String location, String date) throws GigiApiException { + private static void assureNucleus(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException { may(assurer, assuree, AssuranceType.NUCLEUS); // Do up to 35 points as f2f int f2fPoints = Math.min(assurer.getMaxAssurePoints(), awarded); - assureF2F(assurer, assuree, f2fPoints, location, date); + assureF2F(assurer, assuree, name, f2fPoints, location, date); awarded -= f2fPoints; if (awarded <= 0) { @@ -210,7 +224,7 @@ public class Notary { // Valid for 4 Weeks = 28 days try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `method`='Nucleus Bonus', `expire` = CURRENT_TIMESTAMP + interval '28 days'")) { ps.setInt(1, assurer.getId()); - ps.setInt(2, assuree.getId()); + ps.setInt(2, name.getId()); ps.setInt(3, awarded); ps.setString(4, location); ps.setString(5, date);