]> WPIA git - gigi.git/blob - src/org/cacert/gigi/pages/wot/AssurePage.java
projects / gigi.git / blob
? search:


aa99a2fbb7e992278bea88d93a4becdc587352d9
[gigi.git] / src / org / cacert / gigi / pages / wot / AssurePage.java
1 package org.cacert.gigi.pages.wot;
2
3 import java.io.IOException;
4 import java.io.PrintWriter;
5 import java.util.HashMap;
6
7 import javax.servlet.http.HttpServletRequest;
8 import javax.servlet.http.HttpServletResponse;
9
10 import org.cacert.gigi.GigiApiException;
11 import org.cacert.gigi.database.DatabaseConnection;
12 import org.cacert.gigi.database.GigiPreparedStatement;
13 import org.cacert.gigi.database.GigiResultSet;
14 import org.cacert.gigi.dbObjects.User;
15 import org.cacert.gigi.output.DateSelector;
16 import org.cacert.gigi.output.Form;
17 import org.cacert.gigi.output.template.Template;
18 import org.cacert.gigi.pages.LoginPage;
19 import org.cacert.gigi.pages.Page;
20 import org.cacert.gigi.util.Notary;
21
22 public class AssurePage extends Page {
23
24     public static final String PATH = "/wot/assure";
25
26     DateSelector ds = new DateSelector("day", "month", "year");
27
28     Template t;
29
30     public AssurePage() {
31         super("Assure someone");
32         t = new Template(AssuranceForm.class.getResource("AssureeSearch.templ"));
33
34     }
35
36     @Override
37     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
38
39         PrintWriter out = resp.getWriter();
40         String pi = req.getPathInfo().substring(PATH.length());
41         HashMap<String, Object> vars = new HashMap<String, Object>();
42         vars.put("DoB", ds);
43         t.output(out, getLanguage(req), vars);
44     }
45
46     @Override
47     public boolean isPermitted(User u) {
48         return u != null && u.canAssure();
49     }
50
51     private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) {
52         User myself = LoginPage.getUser(req);
53         try {
54             Notary.checkAssuranceIsPossible(myself, form.getAssuree());
55         } catch (GigiApiException e) {
56             e.format(out, Page.getLanguage(req));
57         }
58
59         form.output(out, getLanguage(req), new HashMap<String, Object>());
60     }
61
62     @Override
63     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
64         PrintWriter out = resp.getWriter();
65         if (req.getParameter("search") == null) {
66             AssuranceForm form = Form.getForm(req, AssuranceForm.class);
67             if (form.submit(out, req)) {
68                 out.println(translate(req, "Assurance complete."));
69             } else {
70                 outputForm(req, resp.getWriter(), form);
71             }
72
73             return;
74         }
75
76         GigiResultSet rs = null;
77         try {
78             GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
79             ps.setString(1, req.getParameter("email"));
80             String day = req.getParameter("year") + "-" + req.getParameter("month") + "-" + req.getParameter("day");
81             ps.setString(2, day);
82             rs = ps.executeQuery();
83             int id = 0;
84             if (rs.next()) {
85                 id = rs.getInt(1);
86                 int verified = rs.getInt(2);
87                 if (rs.next()) {
88                     out.println("Error, ambigous user. Please contact support@cacert.org.");
89                 } else {
90                     if (verified == 0) {
91                         out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
92                     } else if (getUser(req).getId() == id) {
93
94                     } else {
95                         AssuranceForm form = new AssuranceForm(req, User.getById(id));
96                         outputForm(req, out, form);
97                     }
98                 }
99             } else {
100                 out.print("<div class='formError'>");
101
102                 out.println(translate(req, "I'm sorry, there was no email and date of birth matching" + " what you entered in the system. Please double check" + " your information."));
103                 out.print("</div>");
104             }
105
106             rs.close();
107         } finally {
108             if (rs != null) {
109                 rs.close();
110             }
111         }
112     }
113 }
WPIA Certificate Web Issuance Platform