upd: enforce a more strict Form call pattern.

[gigi.git] / src / org / cacert / gigi / pages / account / mail / MailOverview.java

diff --git a/src/org/cacert/gigi/pages/account/mail/MailOverview.java b/src/org/cacert/gigi/pages/account/mail/MailOverview.java
index 61f583ab9d84471807a359e90f4958f00c48a0d4..ef98a091238c35bc1e76ae7e0687cbfcce2c65bf 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailOverview.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailOverview.java
@@ -1,7 +1,6 @@
 package org.cacert.gigi.pages.account.mail;
 
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
@@ -10,46 +9,58 @@ import javax.servlet.http.HttpServletResponse;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.AuthorizationContext;
 
-public class MailOverview extends Page {
+public class MailOverview extends ManagedMultiFormPage {
 
     public static final String DEFAULT_PATH = "/account/mails";
 
-    public MailOverview(String title) {
-        super(title);
+    public MailOverview() {
+        super("Email addresses");
     }
 
     @Override
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        final User us = getUser(req);
+        User user = getUser(req);
+        output(req, resp, new MailAddForm(req, user), new MailManagementForm(req, user));
+    }
+
+    private void output(HttpServletRequest req, HttpServletResponse resp, MailAddForm addForm, MailManagementForm mgmtForm) throws IOException {
         Language lang = Page.getLanguage(req);
         HashMap<String, Object> vars = new HashMap<>();
-        vars.put("addForm", new MailAddForm(req, us));
-        vars.put("manForm", new MailManagementForm(req, us));
+        vars.put("addForm", addForm);
+        vars.put("manForm", mgmtForm);
         getDefaultTemplate().output(resp.getWriter(), lang, vars);
     }
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        PrintWriter out = resp.getWriter();
-        if (req.getParameter("addmail") != null) {
-            MailAddForm f = Form.getForm(req, MailAddForm.class);
-            if (f.submit(out, req)) {
-                resp.sendRedirect(MailOverview.DEFAULT_PATH);
-            }
-        } else if (req.getParameter("makedefault") != null || req.getParameter("delete") != null) {
-            MailManagementForm f = Form.getForm(req, MailManagementForm.class);
-            if (f.submit(out, req)) {
-                resp.sendRedirect(MailOverview.DEFAULT_PATH);
+        Form current = getForm(req);
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            User user = getUser(req);
+            if (current instanceof MailAddForm) {
+                output(req, resp, (MailAddForm) current, new MailManagementForm(req, user));
+            } else {
+                output(req, resp, new MailAddForm(req, user), (MailManagementForm) current);
             }
         }
-        super.doPost(req, resp);
+    }
+
+    @Override
+    public Form getForm(HttpServletRequest req) throws CSRFException {
+        if (req.getParameter("addmail") != null) {
+            return Form.getForm(req, MailAddForm.class);
+        } else {
+            return Form.getForm(req, MailManagementForm.class);
+        }
     }
 
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
         return ac != null && ac.getTarget() instanceof User;
     }
+
 }