add: accept data protection policy during registration

[gigi.git] / src / club / wpia / gigi / pages / main / Signup.java

diff --git a/src/club/wpia/gigi/pages/main/Signup.java b/src/club/wpia/gigi/pages/main/Signup.java
index d9b2cc1f8de65fc0744c023a72e555fa370062cb..cbe96c0e7ad39f0856e6c4b7fab777b9552830e5 100644 (file)
--- a/src/club/wpia/gigi/pages/main/Signup.java
+++ b/src/club/wpia/gigi/pages/main/Signup.java
@@ -8,6 +8,7 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 
+import club.wpia.gigi.Gigi;
 import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.database.GigiPreparedStatement;
 import club.wpia.gigi.database.GigiResultSet;
@@ -26,7 +27,6 @@ import club.wpia.gigi.pages.Page;
 import club.wpia.gigi.util.CalendarUtil;
 import club.wpia.gigi.util.HTMLEncoder;
 import club.wpia.gigi.util.Notary;
-import club.wpia.gigi.util.PasswordStrengthChecker;
 import club.wpia.gigi.util.RateLimit.RateLimitException;
 
 public class Signup extends Form {
@@ -53,7 +53,7 @@ public class Signup extends Form {
         vars.put("name", ni);
         vars.put("dob", myDoB);
         vars.put("email", HTMLEncoder.encodeHTML(email));
-        vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the wiki{1}", Arrays.asList("!(/wiki/names", "!'</a>")));
+        vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the knowledge base{1}", Arrays.asList("!(/kb/names", "!'</a>")));
         vars.put("csrf", getCSRFToken());
         vars.put("dobmin", User.MINIMUM_AGE + "");
         vars.put("countryCode", cs);
@@ -117,6 +117,11 @@ public class Signup extends Form {
         if ( !"1".equals(req.getParameter("tos_agree"))) {
             ga.mergeInto(new GigiApiException("Acceptance of the ToS is required to continue."));
         }
+
+        if ( !"1".equals(req.getParameter("dp_agree"))) {
+            ga.mergeInto(new GigiApiException("Acceptance of the Data Protection Policy is required to continue."));
+        }
+
         if (email.equals("")) {
             ga.mergeInto(new GigiApiException("Email Address was blank"));
         }
@@ -127,13 +132,13 @@ public class Signup extends Form {
         } else if ( !pw1.equals(pw2)) {
             ga.mergeInto(new GigiApiException("Passwords don't match"));
         }
-        int pwpoints = PasswordStrengthChecker.checkpw(pw1, ni.getNamePartsPlain(), email);
-        if (pwpoints < 3) {
-            ga.mergeInto(new GigiApiException(new SprintfCommand("The Password you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. For the current requirements and to learn more, visit our {0}FAQ{1}.", Arrays.asList("!(/wiki/goodPassword", "!'</a>'"))));
-        }
         if ( !ga.isEmpty()) {
             throw ga;
         }
+        GigiApiException gaPassword = Gigi.getPasswordChecker().checkPassword(pw1, ni.getNamePartsPlain(), email);
+        if (gaPassword != null) {
+            throw gaPassword;
+        }
         GigiApiException ga2 = new GigiApiException();
         try (GigiPreparedStatement q1 = new GigiPreparedStatement("SELECT * FROM `emails` WHERE `email`=? AND `deleted` IS NULL"); GigiPreparedStatement q2 = new GigiPreparedStatement("SELECT * FROM `certOwners` INNER JOIN `users` ON `users`.`id`=`certOwners`.`id` WHERE `email`=? AND `deleted` IS NULL")) {
             q1.setString(1, email);
@@ -181,6 +186,7 @@ public class Signup extends Form {
     private void run(HttpServletRequest req, String password) throws GigiApiException {
         User u = new User(email, password, myDoB.getDate(), Page.getLanguage(req).getLocale(), cs.getCountry(), ni.getNameParts());
         Notary.writeUserAgreement(u, "ToS", "account creation", "", true, 0);
+        Notary.writeUserAgreement(u, "Data Protection Policy", "account creation", "", true, 0);
     }
 
 }