]> WPIA git - gigi.git/blob - src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
projects / gigi.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
upd: use a more strict pattern for handling forms
[gigi.git] / src / org / cacert / gigi / pages / admin / support / SupportUserDetailsPage.java
1 package org.cacert.gigi.pages.admin.support;
2
3 import java.io.IOException;
4 import java.util.HashMap;
5 import java.util.Map;
6
7 import javax.servlet.http.HttpServletRequest;
8 import javax.servlet.http.HttpServletResponse;
9
10 import org.cacert.gigi.GigiApiException;
11 import org.cacert.gigi.dbObjects.Domain;
12 import org.cacert.gigi.dbObjects.EmailAddress;
13 import org.cacert.gigi.dbObjects.SupportedUser;
14 import org.cacert.gigi.dbObjects.User;
15 import org.cacert.gigi.localisation.Language;
16 import org.cacert.gigi.output.template.Form;
17 import org.cacert.gigi.output.template.IterableDataset;
18 import org.cacert.gigi.pages.LoginPage;
19 import org.cacert.gigi.pages.Page;
20 import org.cacert.gigi.util.AuthorizationContext;
21 import org.cacert.gigi.util.HTMLEncoder;
22
23 public class SupportUserDetailsPage extends Page {
24
25     public static final String PATH = "/support/user/";
26
27     public SupportUserDetailsPage() {
28         super("Support: User Details");
29     }
30
31     @Override
32     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
33         int id = -1;
34         if ( !req.getPathInfo().endsWith("/")) {
35             resp.sendError(404);
36         }
37         String[] idP = req.getPathInfo().split("/");
38         try {
39             id = Integer.parseInt(idP[idP.length - 1]);
40         } catch (NumberFormatException e) {
41             resp.sendError(404);
42         }
43         final User user = User.getById(id);
44         SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
45         SupportUserDetailsForm f = new SupportUserDetailsForm(req, targetUser);
46         HashMap<String, Object> vars = new HashMap<String, Object>();
47         vars.put("details", f);
48         final EmailAddress[] addrs = user.getEmails();
49         vars.put("emails", new IterableDataset() {
50
51             int i = 0;
52
53             @Override
54             public boolean next(Language l, Map<String, Object> vars) {
55                 for (; i < addrs.length;) {
56                     EmailAddress secAddress = addrs[i++];
57                     String address = secAddress.getAddress();
58                     if ( !address.equals(user.getEmail())) {
59                         vars.put("secmail", address);
60                         vars.put("status", l.getTranslation(secAddress.isVerified() ? "verified" : "not verified"));
61                         return true;
62                     }
63                 }
64                 return false;
65             }
66         });
67
68         final Domain[] doms = user.getDomains();
69         vars.put("domains", new IterableDataset() {
70
71             private int point = 0;
72
73             @Override
74             public boolean next(Language l, Map<String, Object> vars) {
75                 if (point >= doms.length) {
76                     return false;
77                 }
78                 Domain domain = doms[point];
79                 vars.put("domain", domain.getSuffix());
80                 vars.put("status", l.getTranslation(domain.isVerified() ? "verified" : "not verified"));
81                 point++;
82                 return true;
83             }
84         });
85
86         vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, targetUser));
87         getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
88     }
89
90     @Override
91     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
92         try {
93             if (req.getParameter("revokeall") != null) {
94                 if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submitProtected(resp.getWriter(), req)) {
95                     throw new GigiApiException("No ticket number set.");
96                 }
97             } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
98                 SupportUserDetailsForm f = Form.getForm(req, SupportUserDetailsForm.class);
99                 if (f.wasWithPasswordReset()) {
100                     resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
101                 }
102                 if ( !f.submitProtected(resp.getWriter(), req)) {
103                     throw new GigiApiException("No ticket number set.");
104                 }
105             }
106         } catch (GigiApiException e) {
107             e.printStackTrace();
108             e.format(resp.getWriter(), getLanguage(req));
109         }
110         super.doPost(req, resp);
111     }
112
113     @Override
114     public boolean isPermitted(AuthorizationContext ac) {
115         return ac != null && ac.canSupport();
116     }
117 }
WPIA Certificate Web Issuance Platform