src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.Date;
   6 import java.util.Calendar;
   7 import java.util.HashMap;
   8
   9 import javax.servlet.http.HttpServletRequest;
  10 import javax.servlet.http.HttpServletResponse;
  11
  12 import org.cacert.gigi.GigiApiException;
  13 import org.cacert.gigi.database.DatabaseConnection;
  14 import org.cacert.gigi.database.GigiPreparedStatement;
  15 import org.cacert.gigi.database.GigiResultSet;
  16 import org.cacert.gigi.dbObjects.User;
  17 import org.cacert.gigi.output.DateSelector;
  18 import org.cacert.gigi.output.template.Form;
  19 import org.cacert.gigi.output.template.Template;
  20 import org.cacert.gigi.pages.LoginPage;
  21 import org.cacert.gigi.pages.Page;
  22 import org.cacert.gigi.util.AuthorizationContext;
  23 import org.cacert.gigi.util.Notary;
  24
  25 public class AssurePage extends Page {
  26
  27     public static final String PATH = "/wot/assure";
  28
  29     DateSelector ds = new DateSelector("day", "month", "year");
  30
  31     Template t;
  32
  33     public AssurePage() {
  34         super("Assure someone");
  35         t = new Template(AssuranceForm.class.getResource("AssureeSearch.templ"));
  36
  37     }
  38
  39     @Override
  40     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  41
  42         PrintWriter out = resp.getWriter();
  43         String pi = req.getPathInfo().substring(PATH.length());
  44         HashMap<String, Object> vars = new HashMap<String, Object>();
  45         vars.put("DoB", ds);
  46         t.output(out, getLanguage(req), vars);
  47     }
  48
  49     @Override
  50     public boolean isPermitted(AuthorizationContext ac) {
  51         return ac != null && ac.getActor().canAssure();
  52     }
  53
  54     private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) {
  55         User myself = LoginPage.getUser(req);
  56         try {
  57             Notary.checkAssuranceIsPossible(myself, form.getAssuree());
  58         } catch (GigiApiException e) {
  59             e.format(out, Page.getLanguage(req));
  60         }
  61
  62         form.output(out, getLanguage(req), new HashMap<String, Object>());
  63     }
  64
  65     @Override
  66     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  67         PrintWriter out = resp.getWriter();
  68         if (req.getParameter("search") == null) {
  69             AssuranceForm form = Form.getForm(req, AssuranceForm.class);
  70             if (form.submit(out, req)) {
  71                 out.println(translate(req, "Assurance complete."));
  72             } else {
  73                 outputForm(req, resp.getWriter(), form);
  74             }
  75
  76             return;
  77         }
  78
  79         GigiResultSet rs = null;
  80         try {
  81             GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `users`.`id`, `verified` FROM `users` INNER JOIN `certOwners` ON `certOwners`.`id`=`users`.`id` WHERE `email`=? AND `dob`=? AND `deleted` IS NULL");
  82             ps.setString(1, req.getParameter("email"));
  83             Calendar c = Calendar.getInstance();
  84             c.set(Integer.parseInt(req.getParameter("year")), Integer.parseInt(req.getParameter("month")) - 1, Integer.parseInt(req.getParameter("day")));
  85             ps.setDate(2, new Date(c.getTimeInMillis()));
  86             rs = ps.executeQuery();
  87             int id = 0;
  88             if (rs.next()) {
  89                 id = rs.getInt(1);
  90                 boolean verified = rs.getBoolean(2);
  91                 if (rs.next()) {
  92                     out.println("Error, ambigous user. Please contact support@cacert.org.");
  93                 } else {
  94                     if ( !verified) {
  95                         out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
  96                     } else if (getUser(req).getId() == id) {
  97
  98                     } else {
  99                         AssuranceForm form = new AssuranceForm(req, User.getById(id));
 100                         outputForm(req, out, form);
 101                     }
 102                 }
 103             } else {
 104                 out.print("<div class='formError'>");
 105
 106                 out.println(translate(req, "I'm sorry, there was no email and date of birth matching" + " what you entered in the system. Please double check" + " your information."));
 107                 out.print("</div>");
 108             }
 109
 110             rs.close();
 111         } finally {
 112             if (rs != null) {
 113                 rs.close();
 114             }
 115         }
 116     }
 117 }