src/org/cacert/gigi/api/FindAgent.java

   1 package org.cacert.gigi.api;
   2
   3 import java.io.IOException;
   4 import java.util.HashMap;
   5
   6 import javax.servlet.http.HttpServletRequest;
   7 import javax.servlet.http.HttpServletResponse;
   8
   9 import org.cacert.gigi.dbObjects.Certificate;
  10 import org.cacert.gigi.dbObjects.CertificateOwner;
  11 import org.cacert.gigi.dbObjects.Group;
  12 import org.cacert.gigi.dbObjects.Organisation;
  13 import org.cacert.gigi.dbObjects.User;
  14 import org.cacert.gigi.email.EmailProvider;
  15 import org.cacert.gigi.pages.account.FindAgentAccess;
  16 import org.cacert.gigi.util.ServerConstants;
  17
  18 public class FindAgent extends APIPoint {
  19
  20     public static final String PATH_RESOLVE = "/find-agent/resolve";
  21
  22     public static final String PATH_INFO = "/find-agent/info";
  23
  24     public static final String PATH_MAIL = "/find-agent/email";
  25
  26     public FindAgent() {}
  27
  28     public static void register(HashMap<String, APIPoint> api) {
  29         APIPoint p = new FindAgent();
  30         api.put(PATH_RESOLVE, p);
  31         api.put(PATH_INFO, p);
  32         api.put(PATH_MAIL, p);
  33     }
  34
  35     @Override
  36     public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
  37         if ( !(u instanceof Organisation)) {
  38             resp.sendError(500, "Error, invalid cert");
  39             return;
  40         }
  41         if ( !((Organisation) u).isSelfOrganisation()) {
  42             resp.sendError(500, "Error, invalid cert");
  43             return;
  44         }
  45         String pi = req.getPathInfo();
  46         if (pi.equals(PATH_RESOLVE)) {
  47             String serial = req.getParameter("serial");
  48             if (serial == null) {
  49                 resp.sendError(500, "Error, requires serial");
  50                 return;
  51             }
  52             Certificate c = Certificate.getBySerial(serial);
  53             if (c == null) {
  54                 resp.sendError(500, "Error, requires serial");
  55                 return;
  56             }
  57             CertificateOwner co = c.getOwner();
  58             if ( !(co instanceof User)) {
  59                 resp.sendError(500, "Error, requires serial");
  60                 return;
  61             }
  62             User us = (User) co;
  63             if ( !us.isInGroup(Group.LOCATE_AGENT)) {
  64                 resp.setStatus(501);
  65                 resp.setContentType("text/plain; charset=UTF-8");
  66                 resp.getWriter().println("https://" + ServerConstants.getSecureHostNamePort() + FindAgentAccess.PATH);
  67                 return;
  68             }
  69             resp.setContentType("text/plain; charset=UTF-8");
  70             resp.getWriter().print(us.getId());
  71         } else if (pi.equals(PATH_INFO)) {
  72             resp.setContentType("text/plain; charset=UTF-8");
  73             String[] uids = req.getParameterValues("id");
  74             for (String i : uids) {
  75                 User u1 = User.getById(Integer.parseInt(i));
  76                 if ( !u1.isInGroup(Group.LOCATE_AGENT)) {
  77                     continue;
  78                 }
  79                 // date, recheck(?), name
  80                 resp.getWriter().println(i + "," + u1.canAssure() + "," + u1.getPreferredName().toAbbreviatedString());
  81             }
  82         } else if (pi.equals(PATH_MAIL)) {
  83             String id = req.getParameter("from");
  84             String rid = req.getParameter("to");
  85             String subject = req.getParameter("subject");
  86             String body = req.getParameter("body");
  87             if (id == null || rid == null || subject == null || body == null) {
  88                 resp.sendError(500, "Error, parameter missing");
  89                 return;
  90             }
  91             User from = User.getById(Integer.parseInt(id));
  92             User to = User.getById(Integer.parseInt(rid));
  93             if (from == null || to == null) {
  94                 resp.sendError(500, "Error, user not found");
  95                 return;
  96             }
  97             if ( !from.isInGroup(Group.LOCATE_AGENT) || !to.isInGroup(Group.LOCATE_AGENT)) {
  98                 resp.sendError(501, "Error, user needs to enable access");
  99                 return;
 100
 101             }
 102             EmailProvider.getInstance().sendMail(to.getEmail(), "[Find Agent] " + subject, body, null, null, null, null, false);
 103         }
 104     }
 105 }