- public static User getById(int id) {
- User u = myCache.get(id);
- if (u == null) {
- synchronized (User.class) {
- myCache.put(u = new User(id));
- }
+ public Set<Group> getGroups() {
+ return Collections.unmodifiableSet(groups);
+ }
+
+ public void grantGroup(User granter, Group toGrant) {
+ groups.add(toGrant);
+ GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO user_groups SET user=?, permission=?, grantedby=?");
+ ps.setInt(1, getId());
+ ps.setString(2, toGrant.getDatabaseName());
+ ps.setInt(3, granter.getId());
+ ps.execute();
+ }
+
+ public void revokeGroup(User revoker, Group toRevoke) {
+ groups.remove(toRevoke);
+ GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE user_groups SET deleted=CURRENT_TIMESTAMP, revokedby=? WHERE deleted is NULL AND permission=? AND user=?");
+ ps.setInt(1, revoker.getId());
+ ps.setString(2, toRevoke.getDatabaseName());
+ ps.setInt(3, getId());
+ ps.execute();
+ }
+
+ public static synchronized User getById(int id) {
+ CertificateOwner co = CertificateOwner.getById(id);
+ if (co instanceof User) {
+ return (User) co;
+ }
+ return null;
+ }
+
+ public boolean canIssue(CertificateProfile p) {
+ switch (p.getCAId()) {
+ case 0:
+ return true;
+ case 1:
+ return getAssurancePoints() > 50;
+ case 2:
+ return getAssurancePoints() > 50 && isInGroup(Group.getByString("codesigning"));
+ case 3:
+ case 4:
+ return false; // has an orga
+ default:
+ return false;