ADD: Organisation selection in certificateIssueForm

[gigi.git] / src / org / cacert / gigi / pages / account / certs / CertificateIssueForm.java

diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
index e17f3bedebbcc87e49b3287737f4361a0c51877e..2df486c19d55279da51e47795cf597c52ae1fe8b 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
@@ -9,7 +9,9 @@ import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.Base64;
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.LinkedHashSet;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.TreeSet;
@@ -24,6 +26,7 @@ import org.cacert.gigi.dbObjects.Certificate.SANType;
 import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName;
 import org.cacert.gigi.dbObjects.CertificateProfile;
 import org.cacert.gigi.dbObjects.Digest;
+import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.CertificateValiditySelector;
@@ -239,6 +242,11 @@ public class CertificateIssueForm extends Form {
                         selectedDigest = Digest.valueOf(hashAlg);
                     }
                     profile = CertificateProfile.getByName(req.getParameter("profile"));
+                    if ( !u.canIssue(profile)) {
+                        profile = CertificateProfile.getById(1);
+                        outputError(out, req, "Certificate Profile is invalid.");
+                        return false;
+                    }
 
                     String pDNS = null;
                     String pMail = null;
@@ -297,7 +305,7 @@ public class CertificateIssueForm extends Form {
                         return false;
                     }
 
-                    result = new Certificate(LoginPage.getUser(req).getId(), subject.toString(), selectedDigest.toString(), //
+                    result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), //
                             this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()]));
                     result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000);
                     return true;
@@ -417,10 +425,14 @@ public class CertificateIssueForm extends Form {
 
             @Override
             public boolean next(Language l, Map<String, Object> vars) {
-                CertificateProfile cp = CertificateProfile.getById(i++);
-                if (cp == null) {
-                    return false;
-                }
+                CertificateProfile cp;
+                do {
+                    cp = CertificateProfile.getById(i++);
+                    if (cp == null) {
+                        return false;
+                    }
+                } while ( !u.canIssue(cp));
+
                 if (cp.getId() == profile.getId()) {
                     vars.put("selected", " selected");
                 } else {
@@ -431,6 +443,23 @@ public class CertificateIssueForm extends Form {
                 return true;
             }
         });
+        final List<Organisation> orgs = u.getOrganisations();
+        vars2.put("orga", orgs.size() == 0 ? null : new IterableDataset() {
+
+            Iterator<Organisation> iter = orgs.iterator();
+
+            @Override
+            public boolean next(Language l, Map<String, Object> vars) {
+                if ( !iter.hasNext()) {
+                    return false;
+                }
+                Organisation orga = iter.next();
+                vars.put("key", orga.getId());
+                vars.put("name", orga.getName());
+                return true;
+            }
+        });
+
         t.output(out, l, vars2);
     }
 }