upd: enforce a more strict Form call pattern.

[gigi.git] / src / org / cacert / gigi / pages / admin / TTPAdminPage.java

diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
index 2f2c25d253edc60c985035d19f0720f91a91c098..286a08d5639b377fb650d301c27153985a1a9d93 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
+++ b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
@@ -8,7 +8,6 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
@@ -17,25 +16,28 @@ import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.SprintfCommand;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.pages.error.PageNotFound;
+import org.cacert.gigi.util.AuthorizationContext;
 
 public class TTPAdminPage extends Page {
 
     public static final String PATH = "/admin/ttp";
 
-    public static final Group TTP_APPLICANT = Group.getByString("ttp-applicant");
+    public static final Group TTP_APPLICANT = Group.TTP_APPLICANT;
 
     public TTPAdminPage() {
         super("TTP-Admin");
     }
 
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, TTPAdminForm.class).submitExceptionProtected(req, resp);
+    }
+
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        try {
-            Form.getForm(req, TTPAdminForm.class).submit(resp.getWriter(), req);
-        } catch (GigiApiException e) {
-            e.format(resp.getWriter(), getLanguage(req));
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, TTPAdminForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
         }
-        resp.sendRedirect(PATH);
     }
 
     private static final int PAGE_LEN = 30;
@@ -47,7 +49,7 @@ public class TTPAdminPage extends Page {
             int id = Integer.parseInt(path.substring(1 + PATH.length()));
             User u = User.getById(id);
             if (u == null || !u.isInGroup(TTP_APPLICANT)) {
-                SprintfCommand command = new SprintfCommand("The TTP-request is not available anymore. You might want to go {0}back{1}.", Arrays.asList("!\"<a href='" + PATH + "'>", "!\"</a>"));
+                SprintfCommand command = new SprintfCommand("The TTP-request is not available anymore. You might want to go {0}back{1}.", Arrays.asList("!'<a href=\"" + PATH + "\">", "!'</a>"));
                 req.setAttribute(PageNotFound.MESSAGE_ATTRIBUTE, command);
                 resp.sendError(404);
                 return;
@@ -73,7 +75,7 @@ public class TTPAdminPage extends Page {
                     return false;
                 }
                 vars.put("id", Integer.toString(users[i].getId()));
-                vars.put("name", users[i].getName().toString());
+                vars.put("name", users[i].getPreferredName().toString());
                 vars.put("email", users[i].getEmail());
 
                 i++;
@@ -87,7 +89,7 @@ public class TTPAdminPage extends Page {
     }
 
     @Override
-    public boolean isPermitted(User u) {
-        return u != null && u.isInGroup(Group.getByString("ttp-assurer"));
+    public boolean isPermitted(AuthorizationContext ac) {
+        return ac != null && ac.isInGroup(Group.TTP_ASSURER);
     }
 }