src/org/cacert/gigi/util/Notary.java

   1 package org.cacert.gigi.util;
   2
   3 import java.text.ParseException;
   4 import java.util.Calendar;
   5 import java.util.Date;
   6 import java.util.GregorianCalendar;
   7
   8 import org.cacert.gigi.GigiApiException;
   9 import org.cacert.gigi.database.GigiPreparedStatement;
  10 import org.cacert.gigi.database.GigiResultSet;
  11 import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
  12 import org.cacert.gigi.dbObjects.Group;
  13 import org.cacert.gigi.dbObjects.Name;
  14 import org.cacert.gigi.dbObjects.User;
  15 import org.cacert.gigi.output.DateSelector;
  16 import org.cacert.gigi.output.template.SprintfCommand;
  17
  18 public class Notary {
  19
  20     // minimum date range between 2 verifications of the RA-Agent to the same
  21     // Applicant
  22     public final static int LIMIT_DAYS_VERIFICATION = TimeConditions.getInstance().getVerificationLimitDays();
  23
  24     // maximum date range from date when the verification took place and the
  25     // entering to the system
  26     public final static int LIMIT_MAX_MONTHS_VERIFICATION = TimeConditions.getInstance().getVerificationMaxAgeMonths();
  27
  28     public static void writeUserAgreement(User member, String document, String method, String comment, boolean active, int secmemid) {
  29         try (GigiPreparedStatement q = new GigiPreparedStatement("INSERT INTO `user_agreements` SET `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?")) {
  30             q.setInt(1, member.getId());
  31             q.setInt(2, secmemid);
  32             q.setString(3, document);
  33             q.setBoolean(4, active);
  34             q.setString(5, method);
  35             q.setString(6, comment);
  36             q.execute();
  37         }
  38     }
  39
  40     public static boolean checkAssuranceIsPossible(User assurer, Name target) {
  41         try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` where `to`=? and `from`=? and `method` = ? ::`notaryType` AND `deleted` IS NULL AND `when` > (now() - interval '1 days' * ?)")) {
  42             ps.setInt(1, target.getId());
  43             ps.setInt(2, assurer.getId());
  44             ps.setString(3, AssuranceType.FACE_TO_FACE.getDescription());
  45             ps.setInt(4, LIMIT_DAYS_VERIFICATION);
  46             GigiResultSet rs = ps.executeQuery();
  47             return !rs.next();
  48         }
  49     }
  50
  51     public static final Group ASSURER_BLOCKED = Group.getByString("blockedassurer");
  52
  53     public static final Group ASSUREE_BLOCKED = Group.getByString("blockedassuree");
  54
  55     /**
  56      * This method assures another user.
  57      *
  58      * @see User#canAssure() (for assurer)
  59      * @see #checkAssuranceIsPossible(User, User) (for assurer or assuree)
  60      * @param assurer
  61      *            the person that wants to assure
  62      * @param assuree
  63      *            the person that should be assured
  64      * @param assureeName
  65      *            the Name that was personally verified
  66      * @param dob
  67      *            the Date of birth that the assurer verified
  68      * @param awarded
  69      *            the points that should be awarded in total
  70      * @param location
  71      *            the location where the assurance took place
  72      * @param date
  73      *            the date when the assurance took place
  74      * @throws GigiApiException
  75      *             if the assurance fails (for various reasons)
  76      */
  77     public synchronized static void assure(User assurer, User assuree, Name assureeName, DayDate dob, int awarded, String location, String date, AssuranceType type) throws GigiApiException {
  78         may(assurer, assuree, AssuranceType.FACE_TO_FACE);
  79         GigiApiException gae = new GigiApiException();
  80         if ( !gae.isEmpty()) {
  81             throw gae;
  82         }
  83         if (date == null || date.equals("")) {
  84             gae.mergeInto(new GigiApiException("You must enter the date when you met the assuree."));
  85         } else {
  86             try {
  87                 Date d = DateSelector.getDateFormat().parse(date);
  88                 Calendar gc = GregorianCalendar.getInstance();
  89                 gc.setTimeInMillis(System.currentTimeMillis());
  90                 gc.add(Calendar.HOUR_OF_DAY, 12);
  91                 if (d.getTime() > gc.getTimeInMillis()) {
  92                     gae.mergeInto(new GigiApiException("You must not enter a date in the future."));
  93                 }
  94                 gc.setTimeInMillis(System.currentTimeMillis());
  95                 gc.add(Calendar.MONTH, -LIMIT_MAX_MONTHS_VERIFICATION);
  96                 if (d.getTime() < gc.getTimeInMillis()) {
  97                     gae.mergeInto(new GigiApiException(SprintfCommand.createSimple("Verifications older than {0} months are not accepted.", LIMIT_MAX_MONTHS_VERIFICATION)));
  98                 }
  99             } catch (ParseException e) {
 100                 gae.mergeInto(new GigiApiException("You must enter the date in this format: YYYY-MM-DD."));
 101             }
 102         }
 103         // check location, min 3 characters
 104         if (location == null || location.equals("")) {
 105             gae.mergeInto(new GigiApiException("You failed to enter a location of your meeting."));
 106         } else if (location.length() <= 2) {
 107             gae.mergeInto(new GigiApiException("You must enter a location with at least 3 characters eg town and country."));
 108         }
 109         synchronized (assuree) {
 110             if (assurer.getId() == assuree.getId()) {
 111                 throw new GigiApiException("You cannot verify yourself.");
 112             }
 113             if (assureeName.getOwner() != assuree) {
 114                 throw new GigiApiException("Internal error, name does not belong to applicant.");
 115             }
 116             if ( !assurer.canAssure()) {
 117                 throw new GigiApiException("You are not an RA-Agent.");
 118             }
 119
 120             if ( !checkAssuranceIsPossible(assurer, assureeName)) {
 121                 gae.mergeInto(new GigiApiException(SprintfCommand.createSimple("You have already verified this applicant within the last {0} days.", LIMIT_DAYS_VERIFICATION)));
 122             }
 123
 124             if ( !assuree.getDoB().equals(dob)) {
 125                 gae.mergeInto(new GigiApiException("The person you are assuring changed his personal details."));
 126             }
 127
 128             if (awarded < 0) {
 129                 gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
 130             } else {
 131                 if (type == AssuranceType.NUCLEUS) {
 132                     if (awarded > 50) {
 133                         gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
 134                     }
 135                 } else {
 136                     if (awarded > assurer.getMaxAssurePoints()) {
 137                         gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
 138                     }
 139                 }
 140             }
 141
 142             if ( !gae.isEmpty()) {
 143                 throw gae;
 144             }
 145
 146             if (type == AssuranceType.FACE_TO_FACE) {
 147                 assureF2F(assurer, assuree, assureeName, awarded, location, date);
 148             } else if (type == AssuranceType.NUCLEUS) {
 149                 assureNucleus(assurer, assuree, assureeName, awarded, location, date);
 150             } else if (type == AssuranceType.TTP_ASSISTED) {
 151                 assureTTP(assurer, assuree, assureeName, awarded, location, date);
 152             } else {
 153                 throw new GigiApiException(SprintfCommand.createSimple("Unknown Assurance type: {0}", type.toString()));
 154             }
 155             assurer.invalidateMadeAssurances();
 156             assuree.invalidateReceivedAssurances();
 157         }
 158     }
 159
 160     private static void assureF2F(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException {
 161         may(assurer, assuree, AssuranceType.FACE_TO_FACE);
 162         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) {
 163             ps.setInt(1, assurer.getId());
 164             ps.setInt(2, name.getId());
 165             ps.setInt(3, awarded);
 166             ps.setString(4, location);
 167             ps.setString(5, date);
 168             ps.execute();
 169         }
 170     }
 171
 172     private static void assureTTP(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException {
 173         may(assurer, assuree, AssuranceType.TTP_ASSISTED);
 174         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `method`='TTP-Assisted'")) {
 175             ps.setInt(1, assurer.getId());
 176             ps.setInt(2, name.getId());
 177             ps.setInt(3, awarded);
 178             ps.setString(4, location);
 179             ps.setString(5, date);
 180             ps.execute();
 181             assuree.revokeGroup(assurer, Group.TTP_APPLICANT);
 182         }
 183     }
 184
 185     public static void may(User assurer, User assuree, AssuranceType t) throws GigiApiException {
 186         if (assuree.isInGroup(ASSUREE_BLOCKED)) {
 187             throw new GigiApiException("The applicant is blocked.");
 188         }
 189         if (assurer.isInGroup(ASSURER_BLOCKED)) {
 190             throw new GigiApiException("The RA Agent is blocked.");
 191         }
 192
 193         if (t == AssuranceType.NUCLEUS) {
 194             if ( !assurer.isInGroup(Group.NUCLEUS_ASSURER)) {
 195                 throw new GigiApiException("RA Agent needs to be Nucleus RA Agent.");
 196             }
 197             return;
 198         } else if (t == AssuranceType.TTP_ASSISTED) {
 199             if ( !assurer.isInGroup(Group.TTP_ASSURER)) {
 200                 throw new GigiApiException("RA Agent needs to be TTP RA Agent.");
 201             }
 202             if ( !assuree.isInGroup(Group.TTP_APPLICANT)) {
 203                 throw new GigiApiException("Applicant needs to be TTP Applicant.");
 204             }
 205             return;
 206         } else if (t == AssuranceType.FACE_TO_FACE) {
 207             return;
 208         }
 209         throw new GigiApiException("Verification type not possible.");
 210     }
 211
 212     private static void assureNucleus(User assurer, User assuree, Name name, int awarded, String location, String date) throws GigiApiException {
 213         may(assurer, assuree, AssuranceType.NUCLEUS);
 214         // Do up to 35 points as f2f
 215         int f2fPoints = Math.min(assurer.getMaxAssurePoints(), awarded);
 216         assureF2F(assurer, assuree, name, f2fPoints, location, date);
 217
 218         awarded -= f2fPoints;
 219         if (awarded <= 0) {
 220             return;
 221         }
 222
 223         // Assure remaining points as "Nucleus Bonus"
 224         // Valid for 4 Weeks = 28 days
 225         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `method`='Nucleus Bonus', `expire` = CURRENT_TIMESTAMP + interval '28 days'")) {
 226             ps.setInt(1, assurer.getId());
 227             ps.setInt(2, name.getId());
 228             ps.setInt(3, awarded);
 229             ps.setString(4, location);
 230             ps.setString(5, date);
 231             ps.execute();
 232         }
 233     }
 234 }