upd: use a more strict pattern for handling forms

[gigi.git] / src / org / cacert / gigi / pages / account / ChangePasswordPage.java

diff --git a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
index 75fd6bb27812e8eccc4c52244f09a09b471a7c53..a88d6a24c0011f3850478cd2d84170c8bb1c229c 100644 (file)
--- a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
+++ b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
@@ -6,27 +6,31 @@ import java.util.HashMap;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.output.Form;
-import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.AuthorizationContext;
 
 public class ChangePasswordPage extends Page {
-       public static final String PATH = "/account/password";
 
-       public ChangePasswordPage() {
-               super("Change Password");
-       }
+    public static final String PATH = "/account/password";
 
-       @Override
-       public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-               new ChangeForm(req, LoginPage.getUser(req)).output(resp.getWriter(), getLanguage(req),
-                       new HashMap<String, Object>());
-       }
+    public ChangePasswordPage() {
+        super("Change Password");
+    }
 
-       @Override
-       public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-               ChangeForm f = Form.getForm(req, ChangeForm.class);
-               f.submit(resp.getWriter(), req);
-       }
+    @Override
+    public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        new ChangeForm(req, getUser(req)).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+    }
 
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        Form.getForm(req, ChangeForm.class).submitProtected(resp.getWriter(), req);
+    }
+
+    @Override
+    public boolean isPermitted(AuthorizationContext ac) {
+        return ac != null && ac.getTarget() instanceof User;
+    }
 }