src/org/cacert/gigi/pages/wot/AssuranceForm.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.net.URLEncoder;
   6 import java.text.SimpleDateFormat;
   7 import java.util.Date;
   8 import java.util.HashMap;
   9 import java.util.Iterator;
  10 import java.util.LinkedList;
  11 import java.util.Map;
  12
  13 import javax.servlet.http.HttpServletRequest;
  14
  15 import org.cacert.gigi.GigiApiException;
  16 import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
  17 import org.cacert.gigi.dbObjects.Name;
  18 import org.cacert.gigi.dbObjects.User;
  19 import org.cacert.gigi.email.Sendmail;
  20 import org.cacert.gigi.localisation.Language;
  21 import org.cacert.gigi.output.template.Form;
  22 import org.cacert.gigi.output.template.IterableDataset;
  23 import org.cacert.gigi.output.template.Template;
  24 import org.cacert.gigi.pages.Page;
  25 import org.cacert.gigi.pages.PasswordResetPage;
  26 import org.cacert.gigi.util.Notary;
  27 import org.cacert.gigi.util.RandomToken;
  28 import org.cacert.gigi.util.ServerConstants;
  29
  30 public class AssuranceForm extends Form {
  31
  32     private User assuree;
  33
  34     private Name assureeName;
  35
  36     private Date dob;
  37
  38     private String location = "";
  39
  40     private String date = "";
  41
  42     private String aword;
  43
  44     private User assurer;
  45
  46     private AssuranceType type = AssuranceType.FACE_TO_FACE;
  47
  48     private static final Template templ;
  49     static {
  50         templ = new Template(AssuranceForm.class.getResource("AssuranceForm.templ"));
  51     }
  52
  53     public AssuranceForm(HttpServletRequest hsr, User assuree) {
  54         super(hsr);
  55         assurer = Page.getUser(hsr);
  56         this.assuree = assuree;
  57         assureeName = this.assuree.getName();
  58         dob = this.assuree.getDoB();
  59     }
  60
  61     SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
  62
  63     SimpleDateFormat sdf2 = new SimpleDateFormat("dd. MMM yyyy");
  64
  65     @Override
  66     public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
  67         HashMap<String, Object> res = new HashMap<String, Object>();
  68         res.putAll(vars);
  69         res.put("nameExplicit", assuree.getName());
  70         res.put("name", assuree.getName().toString());
  71         res.put("maxpoints", assurer.getMaxAssurePoints());
  72         res.put("dob", sdf.format(assuree.getDoB()));
  73         res.put("dobFmt2", sdf2.format(assuree.getDoB()));
  74         res.put("location", location);
  75         res.put("date", date);
  76         res.put("aword", aword);
  77         final LinkedList<AssuranceType> ats = new LinkedList<>();
  78         for (AssuranceType at : AssuranceType.values()) {
  79             try {
  80                 Notary.may(assurer, assuree, at);
  81                 ats.add(at);
  82             } catch (GigiApiException e) {
  83             }
  84         }
  85         res.put("ats", new IterableDataset() {
  86
  87             Iterator<AssuranceType> t = ats.iterator();
  88
  89             @Override
  90             public boolean next(Language l, Map<String, Object> vars) {
  91                 if ( !t.hasNext()) {
  92                     return false;
  93                 }
  94                 AssuranceType t1 = t.next();
  95                 vars.put("type", t1.getDescription());
  96                 vars.put("id", t1.toString());
  97                 vars.put("sel", t1 == type ? " selected" : "");
  98                 return true;
  99             }
 100         });
 101         templ.output(out, l, res);
 102     }
 103
 104     @Override
 105     public boolean submit(PrintWriter out, HttpServletRequest req) {
 106         location = req.getParameter("location");
 107         date = req.getParameter("date");
 108         if (date == null || location == null) {
 109             outputError(out, req, "You need to enter location and date!");
 110         }
 111
 112         if ( !"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules")) || !"1".equals(req.getParameter("CCAAgreed")) || !"1".equals(req.getParameter("assertion"))) {
 113             outputError(out, req, "You failed to check all boxes to validate" + " your adherence to the rules and policies of CAcert");
 114
 115         }
 116         if ("1".equals(req.getParameter("passwordReset"))) {
 117             aword = req.getParameter("passwordResetValue");
 118             if ("".equals(aword)) {
 119                 aword = null;
 120             }
 121         } else {
 122             aword = null;
 123         }
 124         String val = req.getParameter("assuranceType");
 125         if (val != null) {
 126             try {
 127                 type = AssuranceType.valueOf(val);
 128             } catch (IllegalArgumentException e) {
 129                 outputError(out, req, "Assurance Type wrong.");
 130             }
 131         }
 132
 133         int pointsI = 0;
 134         String points = req.getParameter("points");
 135         if (points == null || "".equals(points)) {
 136             outputError(out, req, "For an assurance, you need to enter points.");
 137         } else {
 138             try {
 139                 pointsI = Integer.parseInt(points);
 140             } catch (NumberFormatException e) {
 141                 outputError(out, req, "The points entered were not a number.");
 142             }
 143         }
 144
 145         if (isFailed(out)) {
 146             return false;
 147         }
 148         try {
 149             Notary.assure(assurer, assuree, assureeName, dob, pointsI, location, req.getParameter("date"), type);
 150             if (aword != null && !aword.equals("")) {
 151                 String systemToken = RandomToken.generateToken(32);
 152                 int id = assuree.generatePasswordResetTicket(Page.getUser(req), systemToken, aword);
 153                 try {
 154                     Language l = Language.getInstance(assuree.getPreferredLocale());
 155                     StringBuffer body = new StringBuffer();
 156                     body.append(l.getTranslation("Hi,") + "\n\n");
 157                     body.append(l.getTranslation("A password reset was triggered. If you did a password reset by assurance, please enter your secret password using this form: \nhttps://"));
 158                     body.append(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH);
 159                     body.append("?id=");
 160                     body.append(id);
 161                     body.append("&token=");
 162                     body.append(URLEncoder.encode(systemToken, "UTF-8"));
 163                     body.append("\n");
 164                     body.append("\n");
 165                     body.append(l.getTranslation("Best regards"));
 166                     body.append("\n");
 167                     body.append(l.getTranslation("CAcert.org Support!"));
 168                     Sendmail.getInstance().sendmail(assuree.getEmail(), "[CAcert.org] " + l.getTranslation("Password reset by assurance"), body.toString(), "support@cacert.org", null, null, null, null, false);
 169                 } catch (IOException e) {
 170                     e.printStackTrace();
 171                 }
 172             }
 173             return true;
 174         } catch (GigiApiException e) {
 175             e.format(out, Page.getLanguage(req));
 176         }
 177
 178         return false;
 179     }
 180
 181     public User getAssuree() {
 182         return assuree;
 183     }
 184
 185 }