src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.Date;
   6 import java.util.Calendar;
   7 import java.util.HashMap;
   8
   9 import javax.servlet.http.HttpServletRequest;
  10 import javax.servlet.http.HttpServletResponse;
  11
  12 import org.cacert.gigi.GigiApiException;
  13 import org.cacert.gigi.database.DatabaseConnection;
  14 import org.cacert.gigi.database.GigiPreparedStatement;
  15 import org.cacert.gigi.database.GigiResultSet;
  16 import org.cacert.gigi.dbObjects.User;
  17 import org.cacert.gigi.output.DateSelector;
  18 import org.cacert.gigi.output.template.Form;
  19 import org.cacert.gigi.output.template.Template;
  20 import org.cacert.gigi.pages.LoginPage;
  21 import org.cacert.gigi.pages.Page;
  22 import org.cacert.gigi.util.AuthorizationContext;
  23 import org.cacert.gigi.util.Notary;
  24
  25 public class AssurePage extends Page {
  26
  27     public static final String PATH = "/wot/assure";
  28
  29     DateSelector ds = new DateSelector("day", "month", "year");
  30
  31     Template t;
  32
  33     public AssurePage() {
  34         super("Assure someone");
  35         t = new Template(AssuranceForm.class.getResource("AssureeSearch.templ"));
  36
  37     }
  38
  39     @Override
  40     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  41
  42         PrintWriter out = resp.getWriter();
  43         HashMap<String, Object> vars = new HashMap<String, Object>();
  44         vars.put("DoB", ds);
  45         t.output(out, getLanguage(req), vars);
  46     }
  47
  48     @Override
  49     public boolean isPermitted(AuthorizationContext ac) {
  50         return ac != null && ac.canAssure();
  51     }
  52
  53     private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) {
  54         User myself = LoginPage.getUser(req);
  55         try {
  56             Notary.checkAssuranceIsPossible(myself, form.getAssuree());
  57         } catch (GigiApiException e) {
  58             e.format(out, Page.getLanguage(req));
  59         }
  60
  61         form.output(out, getLanguage(req), new HashMap<String, Object>());
  62     }
  63
  64     @Override
  65     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  66         PrintWriter out = resp.getWriter();
  67         if (req.getParameter("search") == null) {
  68             AssuranceForm form = Form.getForm(req, AssuranceForm.class);
  69             if (form.submit(out, req)) {
  70                 out.println(translate(req, "Assurance complete."));
  71             } else {
  72                 outputForm(req, resp.getWriter(), form);
  73             }
  74
  75             return;
  76         }
  77
  78         GigiResultSet rs = null;
  79         try {
  80             GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `users`.`id`, `verified` FROM `users` INNER JOIN `certOwners` ON `certOwners`.`id`=`users`.`id` WHERE `email`=? AND `dob`=? AND `deleted` IS NULL");
  81             ps.setString(1, req.getParameter("email"));
  82             Calendar c = Calendar.getInstance();
  83             c.set(Integer.parseInt(req.getParameter("year")), Integer.parseInt(req.getParameter("month")) - 1, Integer.parseInt(req.getParameter("day")));
  84             ps.setDate(2, new Date(c.getTimeInMillis()));
  85             rs = ps.executeQuery();
  86             int id = 0;
  87             if (rs.next()) {
  88                 id = rs.getInt(1);
  89                 boolean verified = rs.getBoolean(2);
  90                 if (rs.next()) {
  91                     out.println("Error, ambigous user. Please contact support@cacert.org.");
  92                 } else {
  93                     if ( !verified) {
  94                         out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
  95                     } else if (getUser(req).getId() == id) {
  96
  97                     } else {
  98                         AssuranceForm form = new AssuranceForm(req, User.getById(id));
  99                         outputForm(req, out, form);
 100                     }
 101                 }
 102             } else {
 103                 out.print("<div class='formError'>");
 104
 105                 out.println(translate(req, "I'm sorry, there was no email and date of birth matching" + " what you entered in the system. Please double check" + " your information."));
 106                 out.print("</div>");
 107             }
 108
 109             rs.close();
 110         } finally {
 111             if (rs != null) {
 112                 rs.close();
 113             }
 114         }
 115     }
 116 }