src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java

   1 package org.cacert.gigi.pages.admin.support;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.net.URLEncoder;
   6 import java.util.Iterator;
   7 import java.util.Map;
   8 import java.util.Set;
   9
  10 import javax.servlet.http.HttpServletRequest;
  11
  12 import org.cacert.gigi.GigiApiException;
  13 import org.cacert.gigi.dbObjects.Group;
  14 import org.cacert.gigi.dbObjects.Name;
  15 import org.cacert.gigi.dbObjects.SupportedUser;
  16 import org.cacert.gigi.dbObjects.User;
  17 import org.cacert.gigi.email.Sendmail;
  18 import org.cacert.gigi.localisation.Language;
  19 import org.cacert.gigi.output.DateSelector;
  20 import org.cacert.gigi.output.GroupSelector;
  21 import org.cacert.gigi.output.template.Form;
  22 import org.cacert.gigi.output.template.IterableDataset;
  23 import org.cacert.gigi.output.template.Template;
  24 import org.cacert.gigi.pages.Page;
  25 import org.cacert.gigi.pages.PasswordResetPage;
  26 import org.cacert.gigi.util.RandomToken;
  27 import org.cacert.gigi.util.ServerConstants;
  28
  29 public class SupportUserDetailsForm extends Form {
  30
  31     private static Template t;
  32
  33     private SupportedUser user;
  34
  35     private DateSelector dobSelector;
  36
  37     private GroupSelector value = new GroupSelector("groupToModify");
  38
  39     static {
  40         t = new Template(FindDomainForm.class.getResource("SupportUserDetailsForm.templ"));
  41     }
  42
  43     public SupportUserDetailsForm(HttpServletRequest hsr, SupportedUser user) {
  44         super(hsr);
  45         this.user = user;
  46         dobSelector = new DateSelector("dobd", "dobm", "doby", user.getTargetUser().getDoB());
  47     }
  48
  49     @Override
  50     public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
  51         if (user.getTicket() == null) {
  52             return false;
  53         }
  54         if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("grant") != null ? 1 : 0) + (req.getParameter("deny") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
  55             throw new GigiApiException("More than one action requested!");
  56         }
  57         if (req.getParameter("grant") != null || req.getParameter("deny") != null) {
  58             value.update(req);
  59             Group toMod = value.getGroup();
  60             if (req.getParameter("grant") != null) {
  61                 user.grant(toMod);
  62             } else {
  63                 user.revoke(toMod);
  64             }
  65             return true;
  66         }
  67         if (req.getParameter("resetPass") != null) {
  68             String aword = req.getParameter("aword");
  69             if (aword == null || aword.equals("")) {
  70                 throw new GigiApiException("An A-Word is required to perform a password reset.");
  71             }
  72             String ptok = RandomToken.generateToken(32);
  73             int id = user.getTargetUser().generatePasswordResetTicket(Page.getUser(req), ptok, aword);
  74             try {
  75                 Language l = Language.getInstance(user.getTargetUser().getPreferredLocale());
  76                 StringBuffer body = new StringBuffer();
  77                 body.append(l.getTranslation("Hi,") + "\n\n");
  78                 body.append(l.getTranslation("A password reset was triggered. Please enter the required text sent to you by support on this page:"));
  79                 body.append("\n\nhttps://");
  80                 body.append(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH);
  81                 body.append("?id=");
  82                 body.append(id);
  83                 body.append("&token=");
  84                 body.append(URLEncoder.encode(ptok, "UTF-8"));
  85                 body.append("\n");
  86                 body.append("\n");
  87                 body.append(l.getTranslation("Best regards"));
  88                 body.append("\n");
  89                 body.append(l.getTranslation("SomeCA.org Support!"));
  90                 Sendmail.getInstance().sendmail(user.getTargetUser().getEmail(), "[SomeCA.org] " + l.getTranslation("Password reset by support."), body.toString(), "support@cacert.org", null, null, null, null, false);
  91                 out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
  92             } catch (IOException e) {
  93                 e.printStackTrace();
  94             }
  95             return true;
  96         }
  97         dobSelector.update(req);
  98         String fname = req.getParameter("fname");
  99         String mname = req.getParameter("mname");
 100         String lname = req.getParameter("lname");
 101         String suffix = req.getParameter("suffix");
 102         if (fname == null || mname == null || lname == null | suffix == null) {
 103             throw new GigiApiException("Incomplete request!");
 104         }
 105         if ( !dobSelector.isValid()) {
 106             throw new GigiApiException("Invalid date of birth!");
 107         }
 108         Name newName = new Name(fname, lname, mname, suffix);
 109         synchronized (user.getTargetUser()) {
 110             if (user.setDob(dobSelector.getDate()) | user.setName(newName)) {
 111                 user.submitSupportAction();
 112             }
 113         }
 114         return true;
 115     }
 116
 117     @Override
 118     protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
 119         User user = this.user.getTargetUser();
 120         Name name = user.getName();
 121         vars.put("mail", user.getEmail());
 122         vars.put("fname", name.getFname());
 123         vars.put("mname", name.getMname());
 124         vars.put("lname", name.getLname());
 125         vars.put("suffix", name.getSuffix());
 126         vars.put("assurer", user.canAssure());
 127         vars.put("dob", dobSelector);
 128         vars.put("assurancepoints", user.getAssurancePoints());
 129         vars.put("exppoints", user.getExperiencePoints());
 130         vars.put("id", user.getId());
 131         final Set<Group> gr = user.getGroups();
 132         vars.put("groups", new IterableDataset() {
 133
 134             Iterator<Group> i = gr.iterator();
 135
 136             @Override
 137             public boolean next(Language l, Map<String, Object> vars) {
 138                 if ( !i.hasNext()) {
 139                     return false;
 140                 }
 141                 Group g = i.next();
 142                 vars.put("group_name", g.getName());
 143                 return true;
 144             }
 145         });
 146         vars.put("groupSelector", value);
 147         t.output(out, l, vars);
 148     }
 149
 150 }