Merge "Update notes about password security"

[gigi.git] / src / org / cacert / gigi / pages / account / domain / DomainManagementForm.java
diff --git a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java

index 617d3d6540e1bd2f3aa35f4910af29ed3ca99767..4e80123af307fcba1ae4d99b579f5a61c5b9bc08 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
@@ -6,39 +6,39 @@ import java.util.Map;
  import javax.servlet.http.HttpServletRequest;
  
  import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.CertificateOwner;
  import org.cacert.gigi.dbObjects.Domain;
-import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.output.template.Template;
  import org.cacert.gigi.pages.Page;
-import org.cacert.gigi.util.ServerConstants;
  
  public class DomainManagementForm extends Form {
  
      private static final Template t = new Template(DomainManagementForm.class.getResource("DomainManagementForm.templ"));
  
-    private User target;
+    private CertificateOwner target;
  
-    public DomainManagementForm(HttpServletRequest hsr, User target) {
+    private boolean foreign;
+
+    public DomainManagementForm(HttpServletRequest hsr, CertificateOwner target, boolean foreign) {
          super(hsr);
          this.target = target;
+        this.foreign = foreign;
      }
  
      @Override
      public boolean submit(PrintWriter out, HttpServletRequest req) {
          try {
-            String[] dels = req.getParameterValues("delid[]");
-            Domain[] usDomains = target.getDomains();
-            for (int i = 0; i < dels.length; i++) {
-                int delId = Integer.parseInt(dels[i]);
-                for (int j = 0; j < usDomains.length; j++) {
-                    if (usDomains[j].getId() == delId) {
-                        usDomains[j].delete();
-                        break;
-                    }
-                }
+            String dels = req.getParameter("delete");
+
+            int delId = Integer.parseInt(dels);
+            Domain d = Domain.getById(delId);
+            if (d != null && d.getOwner() == target) {
+                d.delete();
+            } else {
+                throw new GigiApiException("Domain was not found.");
              }
          } catch (GigiApiException e) {
              e.format(out, Page.getLanguage(req));
@@ -47,9 +47,13 @@ public class DomainManagementForm extends Form {
          return true;
      }
  
+    public CertificateOwner getTarget() {
+        return target;
+    }
+
      @Override
      protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
-        final Domain[] doms = (Domain[]) vars.get("doms");
+        final Domain[] doms = target.getDomains();
          IterableDataset dts = new IterableDataset() {
  
              private int point = 0;
@@ -61,7 +65,9 @@ public class DomainManagementForm extends Form {
                  }
                  Domain domain = doms[point];
                  vars.put("id", domain.getId());
-                vars.put("domainhref", "https://" + ServerConstants.getWwwHostNamePortSecure() + DomainOverview.PATH + domain.getId());
+                if ( !foreign) {
+                    vars.put("domainhref", DomainOverview.PATH + domain.getId());
+                }
                  vars.put("domain", domain.getSuffix());
                  vars.put("status", l.getTranslation(domain.isVerified() ? "verified" : "not verified"));
                  point++;