ADD: Mail delete

[gigi.git] / src / org / cacert / gigi / User.java

diff --git a/src/org/cacert/gigi/User.java b/src/org/cacert/gigi/User.java
index d5b0a9043bce2ff0575a8d48ba9129e05f40a21a..0eed2b8c501cfd93aa20754535a20f5e3464c66a 100644 (file)
--- a/src/org/cacert/gigi/User.java
+++ b/src/org/cacert/gigi/User.java
@@ -1,13 +1,14 @@
 package org.cacert.gigi;
 
+import java.sql.Date;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.sql.Date;
 import java.util.Calendar;
 
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.util.PasswordHash;
+import org.cacert.gigi.util.PasswordStrengthChecker;
 
 public class User {
 
@@ -116,6 +117,30 @@ public class User {
                id = DatabaseConnection.lastInsertId(query);
        }
 
+       public void changePassword(String oldPass, String newPass) throws GigiApiException {
+               try {
+                       PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password` FROM users WHERE id=?");
+                       ps.setInt(1, id);
+                       ResultSet rs = ps.executeQuery();
+                       if (!rs.next()) {
+                               throw new GigiApiException("User not found... very bad.");
+                       }
+                       if (!PasswordHash.verifyHash(oldPass, rs.getString(1))) {
+                               throw new GigiApiException("Old password does not match.");
+                       }
+                       rs.close();
+                       PasswordStrengthChecker.assertStrongPassword(newPass, this);
+                       ps = DatabaseConnection.getInstance().prepare("UPDATE users SET `password`=? WHERE id=?");
+                       ps.setString(1, PasswordHash.hash(newPass));
+                       ps.setInt(2, id);
+                       if (ps.executeUpdate() != 1) {
+                               throw new GigiApiException("Password update failed.");
+                       }
+               } catch (SQLException e) {
+                       throw new GigiApiException(e);
+               }
+       }
+
        public boolean canAssure() throws SQLException {
                if (getAssurancePoints() < 100) {
                        return false;
@@ -242,4 +267,37 @@ public class User {
 
                return null;
        }
+
+       public void updateDefaultEmail(EmailAddress newMail) {
+               try {
+                       EmailAddress[] adrs = getEmails();
+                       for (int i = 0; i < adrs.length; i++) {
+                               if (adrs[i].getAddress().equals(newMail.getAddress())) {
+                                       PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+                                               "UPDATE users SET email=? WHERE id=?");
+                                       ps.setString(1, newMail.getAddress());
+                                       ps.setInt(2, getId());
+                                       ps.execute();
+                                       email = newMail.getAddress();
+                                       return;
+                               }
+                       }
+                       throw new IllegalArgumentException("Given address not an address of the user.");
+               } catch (SQLException e) {
+                       e.printStackTrace();
+               }
+       }
+
+       public void deleteEmail(EmailAddress mail) {
+               if (getEmail().equals(mail.getAddress())) {
+                       throw new IllegalArgumentException("Can't delete user's default e-mail.");
+               }
+               try {
+                       PreparedStatement ps = DatabaseConnection.getInstance().prepare("DELETE FROM email WHERE id=?");
+                       ps.setInt(1, mail.getId());
+                       ps.execute();
+               } catch (SQLException e) {
+                       e.printStackTrace();
+               }
+       }
 }