fix: ensure that Users and Organisations only are inserted completely

[gigi.git] / src / club / wpia / gigi / dbObjects / Organisation.java

diff --git a/src/club/wpia/gigi/dbObjects/Organisation.java b/src/club/wpia/gigi/dbObjects/Organisation.java
index c47a7837ba3cbda87d7cb83390bd2d73194faf92..c9754565744b0d107baee2515f802e2e2cae9fbe 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/Organisation.java
+++ b/src/club/wpia/gigi/dbObjects/Organisation.java
@@ -10,6 +10,7 @@ import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.database.GigiPreparedStatement;
 import club.wpia.gigi.database.GigiResultSet;
 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
+import club.wpia.gigi.dbObjects.Certificate.RevocationType;
 import club.wpia.gigi.dbObjects.Country.CountryCodeType;
 import club.wpia.gigi.dbObjects.wrappers.DataContainer;
 
@@ -67,12 +68,7 @@ public class Organisation extends CertificateOwner {
     private String postalAddress;
 
     public Organisation(String name, Country country, String province, String city, String email, String optionalName, String postalAddress, User creator) throws GigiApiException {
-        if ( !creator.isInGroup(Group.ORG_AGENT)) {
-            throw new GigiApiException("Only Organisation RA Agents may create organisations.");
-        }
-        if (country == null) {
-            throw new GigiApiException("Got country code of illegal type.");
-        }
+        super(validate(creator, country));
         this.name = name;
         this.country = country;
         this.province = province;
@@ -97,6 +93,16 @@ public class Organisation extends CertificateOwner {
         }
     }
 
+    private static Void validate(User creator, Country country) throws GigiApiException {
+        if ( !creator.isInGroup(Group.ORG_AGENT)) {
+            throw new GigiApiException("Only Organisation RA Agents may create organisations.");
+        }
+        if (country == null) {
+            throw new GigiApiException("Got country code of illegal type.");
+        }
+        return null;
+    }
+
     protected Organisation(GigiResultSet rs) throws GigiApiException {
         super(rs.getInt("id"));
         name = rs.getString("name");
@@ -145,6 +151,9 @@ public class Organisation extends CertificateOwner {
     }
 
     public synchronized void addAdmin(User admin, User actor, boolean master) throws GigiApiException {
+        if (actor == admin) {
+            throw new GigiApiException("You may not add yourself as Organisation Admin. Ask another Organisation Agent to do so.");
+        }
         if ( !admin.canVerify()) {
             throw new GigiApiException("Cannot add person who is not RA Agent.");
         }
@@ -195,7 +204,7 @@ public class Organisation extends CertificateOwner {
     }
 
     public static Organisation[] getOrganisations(int offset, int count) {
-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certOwners`.`id` FROM `organisations` INNER JOIN `certOwners` ON `certOwners`.`id`=`organisations`.`id` WHERE `certOwners`.`deleted` IS NULL OFFSET ? LIMIT ?", true)) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certOwners`.`id` FROM `organisations` INNER JOIN `certOwners` ON `certOwners`.`id`=`organisations`.`id` WHERE `certOwners`.`deleted` IS NULL OFFSET ?::INTEGER LIMIT ?::INTEGER", true)) {
             ps.setInt(1, offset);
             ps.setInt(2, count);
             GigiResultSet res = ps.executeQuery();
@@ -216,7 +225,7 @@ public class Organisation extends CertificateOwner {
         }
         for (Certificate cert : getCertificates(false)) {
             if (cert.getStatus() == CertificateStatus.ISSUED) {
-                cert.revoke();
+                cert.revoke(RevocationType.USER);
             }
         }
         try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `organisations` SET `name`=?, `country`=?, `province`=?, `city`=? WHERE `id`=?")) {