]> WPIA git - gigi.git/blob - src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
projects / gigi.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add: granting and revoking groups by supporters
[gigi.git] / src / org / cacert / gigi / pages / admin / support / SupportUserDetailsForm.java
1 package org.cacert.gigi.pages.admin.support;
2
3 import java.io.IOException;
4 import java.io.PrintWriter;
5 import java.net.URLEncoder;
6 import java.util.Iterator;
7 import java.util.Map;
8 import java.util.Set;
9
10 import javax.servlet.http.HttpServletRequest;
11
12 import org.cacert.gigi.GigiApiException;
13 import org.cacert.gigi.dbObjects.Group;
14 import org.cacert.gigi.dbObjects.Name;
15 import org.cacert.gigi.dbObjects.SupportedUser;
16 import org.cacert.gigi.dbObjects.User;
17 import org.cacert.gigi.email.Sendmail;
18 import org.cacert.gigi.localisation.Language;
19 import org.cacert.gigi.output.DateSelector;
20 import org.cacert.gigi.output.GroupSelector;
21 import org.cacert.gigi.output.template.Form;
22 import org.cacert.gigi.output.template.IterableDataset;
23 import org.cacert.gigi.output.template.Template;
24 import org.cacert.gigi.pages.Page;
25 import org.cacert.gigi.pages.PasswordResetPage;
26 import org.cacert.gigi.util.RandomToken;
27 import org.cacert.gigi.util.ServerConstants;
28
29 public class SupportUserDetailsForm extends Form {
30
31     private static Template t;
32
33     private SupportedUser user;
34
35     private DateSelector dobSelector;
36
37     private GroupSelector value = new GroupSelector("groupToModify");
38
39     static {
40         t = new Template(FindDomainForm.class.getResource("SupportUserDetailsForm.templ"));
41     }
42
43     public SupportUserDetailsForm(HttpServletRequest hsr, SupportedUser user) {
44         super(hsr);
45         this.user = user;
46         dobSelector = new DateSelector("dobd", "dobm", "doby", user.getTargetUser().getDoB());
47     }
48
49     @Override
50     public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
51         if (user.getTicket() == null) {
52             return false;
53         }
54         if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("grant") != null ? 1 : 0) + (req.getParameter("deny") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
55             throw new GigiApiException("More than one action requested!");
56         }
57         if (req.getParameter("grant") != null || req.getParameter("deny") != null) {
58             value.update(req);
59             Group toMod = value.getGroup();
60             if (req.getParameter("grant") != null) {
61                 user.grant(toMod);
62             } else {
63                 user.revoke(toMod);
64             }
65             return true;
66         }
67         if (req.getParameter("resetPass") != null) {
68             String aword = req.getParameter("aword");
69             if (aword == null || aword.equals("")) {
70                 throw new GigiApiException("An A-Word is required to perform a password reset.");
71             }
72             String ptok = RandomToken.generateToken(32);
73             int id = user.getTargetUser().generatePasswordResetTicket(Page.getUser(req), ptok, aword);
74             try {
75                 Language l = Language.getInstance(user.getTargetUser().getPreferredLocale());
76                 StringBuffer body = new StringBuffer();
77                 body.append(l.getTranslation("Hi,") + "\n\n");
78                 body.append(l.getTranslation("A password reset was triggered. Please enter the required text sent to you by support on this page: \nhttps://"));
79                 body.append(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH);
80                 body.append("?id=");
81                 body.append(id);
82                 body.append("&token=");
83                 body.append(URLEncoder.encode(ptok, "UTF-8"));
84                 body.append("\n");
85                 body.append("\n");
86                 body.append(l.getTranslation("Best regards"));
87                 body.append("\n");
88                 body.append(l.getTranslation("CAcert.org Support!"));
89                 Sendmail.getInstance().sendmail(user.getTargetUser().getEmail(), "[CAcert.org] " + l.getTranslation("Password reset by support."), body.toString(), "support@cacert.org", null, null, null, null, false);
90                 out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
91             } catch (IOException e) {
92                 e.printStackTrace();
93             }
94             return true;
95         }
96         dobSelector.update(req);
97         String fname = req.getParameter("fname");
98         String mname = req.getParameter("mname");
99         String lname = req.getParameter("lname");
100         String suffix = req.getParameter("suffix");
101         if (fname == null || mname == null || lname == null | suffix == null) {
102             throw new GigiApiException("Incomplete request!");
103         }
104         if ( !dobSelector.isValid()) {
105             throw new GigiApiException("Invalid date of birth!");
106         }
107         Name newName = new Name(fname, lname, mname, suffix);
108         if (user.setDob(dobSelector.getDate()) | user.setName(newName)) {
109             user.submitSupportAction();
110         }
111         return true;
112     }
113
114     @Override
115     protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
116         User user = this.user.getTargetUser();
117         Name name = user.getName();
118         vars.put("mail", user.getEmail());
119         vars.put("fname", name.getFname());
120         vars.put("mname", name.getMname());
121         vars.put("lname", name.getLname());
122         vars.put("suffix", name.getSuffix());
123         vars.put("assurer", user.canAssure());
124         vars.put("dob", dobSelector);
125         vars.put("assurancepoints", user.getAssurancePoints());
126         vars.put("exppoints", user.getExperiencePoints());
127         vars.put("id", user.getId());
128         final Set<Group> gr = user.getGroups();
129         vars.put("groups", new IterableDataset() {
130
131             Iterator<Group> i = gr.iterator();
132
133             @Override
134             public boolean next(Language l, Map<String, Object> vars) {
135                 if ( !i.hasNext()) {
136                     return false;
137                 }
138                 Group g = i.next();
139                 vars.put("group_name", l.getTranslation("Group: " + g.getDatabaseName()));
140                 return true;
141             }
142         });
143         vars.put("groupSelector", value);
144         t.output(out, l, vars);
145     }
146
147 }
WPIA Certificate Web Issuance Platform