src/club/wpia/gigi/api/FindAgent.java

   1 package club.wpia.gigi.api;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.util.HashMap;
   6
   7 import javax.servlet.http.HttpServletRequest;
   8 import javax.servlet.http.HttpServletResponse;
   9
  10 import org.json.JSONWriter;
  11
  12 import club.wpia.gigi.dbObjects.Certificate;
  13 import club.wpia.gigi.dbObjects.CertificateOwner;
  14 import club.wpia.gigi.dbObjects.Group;
  15 import club.wpia.gigi.dbObjects.Organisation;
  16 import club.wpia.gigi.dbObjects.User;
  17 import club.wpia.gigi.email.EmailProvider;
  18 import club.wpia.gigi.pages.account.FindAgentAccess;
  19 import club.wpia.gigi.util.ServerConstants;
  20
  21 public class FindAgent extends APIPoint {
  22
  23     public static final String PATH_RESOLVE = "/find-agent/resolve";
  24
  25     public static final String PATH_INFO = "/find-agent/info";
  26
  27     public static final String PATH_MAIL = "/find-agent/email";
  28
  29     public FindAgent() {}
  30
  31     public static void register(HashMap<String, APIPoint> api) {
  32         APIPoint p = new FindAgent();
  33         api.put(PATH_RESOLVE, p);
  34         api.put(PATH_INFO, p);
  35         api.put(PATH_MAIL, p);
  36     }
  37
  38     @Override
  39     public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
  40         if ( !(u instanceof Organisation)) {
  41             resp.sendError(500, "Error, invalid cert");
  42             return;
  43         }
  44         if ( !((Organisation) u).isSelfOrganisation()) {
  45             resp.sendError(500, "Error, invalid cert");
  46             return;
  47         }
  48         String pi = req.getPathInfo();
  49         if (pi.equals(PATH_RESOLVE)) {
  50             String serial = req.getParameter("serial");
  51             if (serial == null) {
  52                 resp.sendError(500, "Error, requires serial");
  53                 return;
  54             }
  55             Certificate c = Certificate.getBySerial(serial);
  56             if (c == null) {
  57                 resp.sendError(500, "Error, requires serial");
  58                 return;
  59             }
  60             CertificateOwner co = c.getOwner();
  61             if ( !(co instanceof User)) {
  62                 resp.sendError(500, "Error, requires serial");
  63                 return;
  64             }
  65             User us = (User) co;
  66             if ( !us.isInGroup(Group.LOCATE_AGENT)) {
  67                 resp.setStatus(501);
  68                 resp.setContentType("text/plain; charset=UTF-8");
  69                 resp.getWriter().println("https://" + ServerConstants.getSecureHostNamePortSecure() + FindAgentAccess.PATH);
  70                 return;
  71             }
  72             resp.setContentType("text/plain; charset=UTF-8");
  73             resp.getWriter().print(us.getId());
  74         } else if (pi.equals(PATH_INFO)) {
  75             resp.setContentType("application/json; charset=UTF-8");
  76             PrintWriter out = resp.getWriter();
  77             String[] uids = req.getParameterValues("id");
  78             JSONWriter jw = new JSONWriter(out);
  79             jw.array();
  80             for (String i : uids) {
  81                 User u1 = User.getById(Integer.parseInt(i));
  82                 if ( !u1.isInGroup(Group.LOCATE_AGENT)) {
  83                     continue;
  84                 }
  85                 // date, recheck(?), name
  86                 jw.object();
  87                 jw.key("id");
  88                 jw.value(u1.getId());
  89
  90                 jw.key("canAssure");
  91                 jw.value(u1.canAssure());
  92
  93                 jw.key("name");
  94                 jw.value(u1.getPreferredName().toAbbreviatedString());
  95                 jw.endObject();
  96             }
  97             jw.endArray();
  98         } else if (pi.equals(PATH_MAIL)) {
  99             String id = req.getParameter("from");
 100             String rid = req.getParameter("to");
 101             String subject = req.getParameter("subject");
 102             String body = req.getParameter("body");
 103             if (id == null || rid == null || subject == null || body == null) {
 104                 resp.sendError(500, "Error, parameter missing");
 105                 return;
 106             }
 107             User from = User.getById(Integer.parseInt(id));
 108             User to = User.getById(Integer.parseInt(rid));
 109             if (from == null || to == null) {
 110                 resp.sendError(500, "Error, user not found");
 111                 return;
 112             }
 113             if ( !from.isInGroup(Group.LOCATE_AGENT) || !to.isInGroup(Group.LOCATE_AGENT)) {
 114                 resp.sendError(501, "Error, user needs to enable access");
 115                 return;
 116
 117             }
 118             EmailProvider.getInstance().sendMail(to.getEmail(), "[Find Agent] " + subject, body, null, null, null, null, false);
 119         }
 120     }
 121 }