]> WPIA git - gigi.git/blobdiff - src/org/cacert/gigi/api/CATSImport.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix: restrict access to CATS-API even more
[gigi.git] / src / org / cacert / gigi / api / CATSImport.java
diff --git a/src/org/cacert/gigi/api/CATSImport.java b/src/org/cacert/gigi/api/CATSImport.java
index 507a4a000f0e822134f38a400e16dc0576960385..afa0f2a6fdbc6fd73896e06e0ca22b667e51ba49 100644 (file)
--- a/src/org/cacert/gigi/api/CATSImport.java
+++ b/src/org/cacert/gigi/api/CATSImport.java
@@ -8,40 +8,42 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.cacert.gigi.dbObjects.CATS;
 import org.cacert.gigi.dbObjects.CertificateOwner;
-import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
 
-public class CATSImport extends APIPoint {
+public class CATSImport extends CATSRestrictedApi {
 
-    public static final String PATH = "/cats_import";
+    public static final String PATH = "/cats/import";
 
     @Override
-    public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
-        if ( !(u instanceof Organisation)) {
-            resp.sendError(500, "Error, invalid cert");
+    public void processAuthenticated(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        String target = req.getParameter("mid");
+        String testType = req.getParameter("variant");
+        String date = req.getParameter("date");
+        if (target == null || testType == null || date == null) {
+            resp.sendError(500, "Error, requires mid, variant and date");
             return;
         }
-        if ( !"CAcert".equals(((Organisation) u).getName())) {
-            resp.sendError(500, "Error, invalid cert");
+        String language = req.getParameter("language");
+        String version = req.getParameter("version");
+        if (language == null || version == null) {
+            resp.sendError(500, "Error, requires also language and version");
             return;
-
         }
-        String target = req.getParameter("serial");
-        String testType = req.getParameter("variant");
-        String date = req.getParameter("date");
-        if (target == null || testType == null || date == null) {
-            resp.sendError(500, "Error, requires serial, variant and date");
+        int id;
+        try {
+            id = Integer.parseInt(target);
+        } catch (NumberFormatException e) {
+            resp.sendError(500, "Error, requires mid to be integer.");
             return;
         }
-        // TODO is "byEnabledSerial" desired?
-        CertificateOwner o = CertificateOwner.getByEnabledSerial(target);
+        CertificateOwner o = CertificateOwner.getById(id);
         if ( !(o instanceof User)) {
-            resp.sendError(500, "Error, requires valid serial");
+            resp.sendError(500, "Error, requires valid userid");
             return;
         }
         System.out.println("CATS: " + target + ": " + testType);
         User targetUser = (User) o;
         System.out.println(targetUser.getId());
-        CATS.enterResult(targetUser, testType, new Date(Long.parseLong(date)));
+        CATS.enterResult(targetUser, testType, new Date(Long.parseLong(date)), language, version);
     }
 }
WPIA Certificate Web Issuance Platform