import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.CertificateOwner;
import org.cacert.gigi.dbObjects.Organisation;
import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.util.ServerConstants;
-public class CATSResolve extends APIPoint {
+public class CATSResolve extends CATSRestrictedApi {
public static final String PATH = "/cats/resolve";
@Override
- public void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
- if ( !(u instanceof Organisation)) {
- resp.sendError(500, "Error, invalid cert");
- return;
- }
- if ( !((Organisation) u).isSelfOrganisation()) {
- resp.sendError(500, "Error, invalid cert");
- return;
- }
+ public void processAuthenticated(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String target = req.getParameter("serial");
if (target == null) {
resp.sendError(500, "Error, requires a serial parameter");
return;
}
-
+ target = target.toLowerCase();
+ Certificate clientCert = Certificate.getBySerial(target);
+ if (clientCert == null) {
+ resp.sendError(500, "Error, requires valid serial");
+ return;
+ }
CertificateOwner o = CertificateOwner.getByEnabledSerial(target);
+ if (o instanceof Organisation) {
+ Organisation org = (Organisation) o;
+ if (org.isSelfOrganisation()) {
+ if (hasMail(clientCert, ServerConstants.getQuizAdminMailAddress())) {
+ resp.setContentType("text/plain; charset=UTF-8");
+ resp.getWriter().print("admin");
+ return;
+ }
+ }
+ }
if ( !(o instanceof User)) {
resp.sendError(500, "Error, requires valid serial");
return;