src/org/cacert/gigi/api/FindAgent.java

   1 package org.cacert.gigi.api;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.util.HashMap;
   6
   7 import javax.servlet.http.HttpServletRequest;
   8 import javax.servlet.http.HttpServletResponse;
   9
  10 import org.cacert.gigi.dbObjects.Certificate;
  11 import org.cacert.gigi.dbObjects.CertificateOwner;
  12 import org.cacert.gigi.dbObjects.Group;
  13 import org.cacert.gigi.dbObjects.Organisation;
  14 import org.cacert.gigi.dbObjects.User;
  15 import org.cacert.gigi.email.EmailProvider;
  16 import org.cacert.gigi.pages.account.FindAgentAccess;
  17 import org.cacert.gigi.util.ServerConstants;
  18 import org.json.JSONWriter;
  19
  20 public class FindAgent extends APIPoint {
  21
  22     public static final String PATH_RESOLVE = "/find-agent/resolve";
  23
  24     public static final String PATH_INFO = "/find-agent/info";
  25
  26     public static final String PATH_MAIL = "/find-agent/email";
  27
  28     public FindAgent() {}
  29
  30     public static void register(HashMap<String, APIPoint> api) {
  31         APIPoint p = new FindAgent();
  32         api.put(PATH_RESOLVE, p);
  33         api.put(PATH_INFO, p);
  34         api.put(PATH_MAIL, p);
  35     }
  36
  37     @Override
  38     public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
  39         if ( !(u instanceof Organisation)) {
  40             resp.sendError(500, "Error, invalid cert");
  41             return;
  42         }
  43         if ( !((Organisation) u).isSelfOrganisation()) {
  44             resp.sendError(500, "Error, invalid cert");
  45             return;
  46         }
  47         String pi = req.getPathInfo();
  48         if (pi.equals(PATH_RESOLVE)) {
  49             String serial = req.getParameter("serial");
  50             if (serial == null) {
  51                 resp.sendError(500, "Error, requires serial");
  52                 return;
  53             }
  54             Certificate c = Certificate.getBySerial(serial);
  55             if (c == null) {
  56                 resp.sendError(500, "Error, requires serial");
  57                 return;
  58             }
  59             CertificateOwner co = c.getOwner();
  60             if ( !(co instanceof User)) {
  61                 resp.sendError(500, "Error, requires serial");
  62                 return;
  63             }
  64             User us = (User) co;
  65             if ( !us.isInGroup(Group.LOCATE_AGENT)) {
  66                 resp.setStatus(501);
  67                 resp.setContentType("text/plain; charset=UTF-8");
  68                 resp.getWriter().println("https://" + ServerConstants.getSecureHostNamePortSecure() + FindAgentAccess.PATH);
  69                 return;
  70             }
  71             resp.setContentType("text/plain; charset=UTF-8");
  72             resp.getWriter().print(us.getId());
  73         } else if (pi.equals(PATH_INFO)) {
  74             resp.setContentType("application/json; charset=UTF-8");
  75             PrintWriter out = resp.getWriter();
  76             String[] uids = req.getParameterValues("id");
  77             JSONWriter jw = new JSONWriter(out);
  78             jw.array();
  79             for (String i : uids) {
  80                 User u1 = User.getById(Integer.parseInt(i));
  81                 if ( !u1.isInGroup(Group.LOCATE_AGENT)) {
  82                     continue;
  83                 }
  84                 // date, recheck(?), name
  85                 jw.object();
  86                 jw.key("id");
  87                 jw.value(u1.getId());
  88
  89                 jw.key("canAssure");
  90                 jw.value(u1.canAssure());
  91
  92                 jw.key("name");
  93                 jw.value(u1.getPreferredName().toAbbreviatedString());
  94                 jw.endObject();
  95             }
  96             jw.endArray();
  97         } else if (pi.equals(PATH_MAIL)) {
  98             String id = req.getParameter("from");
  99             String rid = req.getParameter("to");
 100             String subject = req.getParameter("subject");
 101             String body = req.getParameter("body");
 102             if (id == null || rid == null || subject == null || body == null) {
 103                 resp.sendError(500, "Error, parameter missing");
 104                 return;
 105             }
 106             User from = User.getById(Integer.parseInt(id));
 107             User to = User.getById(Integer.parseInt(rid));
 108             if (from == null || to == null) {
 109                 resp.sendError(500, "Error, user not found");
 110                 return;
 111             }
 112             if ( !from.isInGroup(Group.LOCATE_AGENT) || !to.isInGroup(Group.LOCATE_AGENT)) {
 113                 resp.sendError(501, "Error, user needs to enable access");
 114                 return;
 115
 116             }
 117             EmailProvider.getInstance().sendMail(to.getEmail(), "[Find Agent] " + subject, body, null, null, null, null, false);
 118         }
 119     }
 120 }