add: accept data protection policy during registration

[gigi.git] / src / club / wpia / gigi / pages / main / Signup.java

diff --git a/src/club/wpia/gigi/pages/main/Signup.java b/src/club/wpia/gigi/pages/main/Signup.java
index 746fd803a6bee2790cd6f37c2ac4070ee8a47fde..cbe96c0e7ad39f0856e6c4b7fab777b9552830e5 100644 (file)
--- a/src/club/wpia/gigi/pages/main/Signup.java
+++ b/src/club/wpia/gigi/pages/main/Signup.java
@@ -8,6 +8,7 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 
+import club.wpia.gigi.Gigi;
 import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.database.GigiPreparedStatement;
 import club.wpia.gigi.database.GigiResultSet;
@@ -26,7 +27,6 @@ import club.wpia.gigi.pages.Page;
 import club.wpia.gigi.util.CalendarUtil;
 import club.wpia.gigi.util.HTMLEncoder;
 import club.wpia.gigi.util.Notary;
-import club.wpia.gigi.util.PasswordStrengthChecker;
 import club.wpia.gigi.util.RateLimit.RateLimitException;
 
 public class Signup extends Form {
@@ -37,8 +37,6 @@ public class Signup extends Form {
 
     private static final Template t = new Template(Signup.class.getResource("Signup.templ"));
 
-    private boolean general = true, country = true, regional = true, radius = true;
-
     private CountrySelector cs;
 
     public Signup(HttpServletRequest hsr) {
@@ -55,11 +53,7 @@ public class Signup extends Form {
         vars.put("name", ni);
         vars.put("dob", myDoB);
         vars.put("email", HTMLEncoder.encodeHTML(email));
-        vars.put("general", general ? " checked=\"checked\"" : "");
-        vars.put("country", country ? " checked=\"checked\"" : "");
-        vars.put("regional", regional ? " checked=\"checked\"" : "");
-        vars.put("radius", radius ? " checked=\"checked\"" : "");
-        vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the wiki{1}", Arrays.asList("!(/wiki/names", "!'</a>")));
+        vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the knowledge base{1}", Arrays.asList("!(/kb/names", "!'</a>")));
         vars.put("csrf", getCSRFToken());
         vars.put("dobmin", User.MINIMUM_AGE + "");
         vars.put("countryCode", cs);
@@ -70,10 +64,6 @@ public class Signup extends Form {
         if (r.getParameter("email") != null) {
             email = r.getParameter("email");
         }
-        general = "1".equals(r.getParameter("general"));
-        country = "1".equals(r.getParameter("country"));
-        regional = "1".equals(r.getParameter("regional"));
-        radius = "1".equals(r.getParameter("radius"));
         GigiApiException problems = new GigiApiException();
         try {
             ni.update(r);
@@ -127,23 +117,28 @@ public class Signup extends Form {
         if ( !"1".equals(req.getParameter("tos_agree"))) {
             ga.mergeInto(new GigiApiException("Acceptance of the ToS is required to continue."));
         }
+
+        if ( !"1".equals(req.getParameter("dp_agree"))) {
+            ga.mergeInto(new GigiApiException("Acceptance of the Data Protection Policy is required to continue."));
+        }
+
         if (email.equals("")) {
             ga.mergeInto(new GigiApiException("Email Address was blank"));
         }
         String pw1 = req.getParameter("pword1");
         String pw2 = req.getParameter("pword2");
         if (pw1 == null || pw1.equals("")) {
-            ga.mergeInto(new GigiApiException("Pass Phrases were blank"));
+            ga.mergeInto(new GigiApiException("Passwords were blank"));
         } else if ( !pw1.equals(pw2)) {
-            ga.mergeInto(new GigiApiException("Pass Phrases don't match"));
-        }
-        int pwpoints = PasswordStrengthChecker.checkpw(pw1, ni.getNamePartsPlain(), email);
-        if (pwpoints < 3) {
-            ga.mergeInto(new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address."));
+            ga.mergeInto(new GigiApiException("Passwords don't match"));
         }
         if ( !ga.isEmpty()) {
             throw ga;
         }
+        GigiApiException gaPassword = Gigi.getPasswordChecker().checkPassword(pw1, ni.getNamePartsPlain(), email);
+        if (gaPassword != null) {
+            throw gaPassword;
+        }
         GigiApiException ga2 = new GigiApiException();
         try (GigiPreparedStatement q1 = new GigiPreparedStatement("SELECT * FROM `emails` WHERE `email`=? AND `deleted` IS NULL"); GigiPreparedStatement q2 = new GigiPreparedStatement("SELECT * FROM `certOwners` INNER JOIN `users` ON `users`.`id`=`certOwners`.`id` WHERE `email`=? AND `deleted` IS NULL")) {
             q1.setString(1, email);
@@ -190,16 +185,8 @@ public class Signup extends Form {
 
     private void run(HttpServletRequest req, String password) throws GigiApiException {
         User u = new User(email, password, myDoB.getDate(), Page.getLanguage(req).getLocale(), cs.getCountry(), ni.getNameParts());
-
-        try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `alerts` SET `memid`=?," + " `general`=?, `country`=?, `regional`=?, `radius`=?")) {
-            ps.setInt(1, u.getId());
-            ps.setBoolean(2, general);
-            ps.setBoolean(3, country);
-            ps.setBoolean(4, regional);
-            ps.setBoolean(5, radius);
-            ps.execute();
-        }
         Notary.writeUserAgreement(u, "ToS", "account creation", "", true, 0);
+        Notary.writeUserAgreement(u, "Data Protection Policy", "account creation", "", true, 0);
     }
 
 }