]> WPIA git - gigi.git/blobdiff - src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: enforce a more strict Form call pattern.
[gigi.git] / src / org / cacert / gigi / pages / admin / support / SupportUserDetailsForm.java
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
index ac7ffd00bb68e69b22478c7fc378ed9215d5d482..88b9b03b583a8081ef360f087f3a4ce646dbad05 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -18,6 +18,8 @@ import org.cacert.gigi.output.GroupIterator;
 import org.cacert.gigi.output.GroupSelector;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.pages.LoginPage;
 
 public class SupportUserDetailsForm extends Form {
 
@@ -36,9 +38,12 @@ public class SupportUserDetailsForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
         if (user.getTicket() == null) {
-            return false;
+            throw new GigiApiException("No ticket number set.");
+        }
+        if (user.getTargetUser() == LoginPage.getUser(req)) {
+            throw new GigiApiException("Supporter may not modify himself.");
         }
         if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("addGroup") != null ? 1 : 0) + (req.getParameter("removeGroup") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
             throw new GigiApiException("More than one action requested!");
@@ -51,22 +56,22 @@ public class SupportUserDetailsForm extends Form {
             } else {
                 user.revoke(toMod);
             }
-            return true;
+            return new RedirectResult(req.getPathInfo());
         }
         if (req.getParameter("resetPass") != null) {
             String aword = req.getParameter("aword");
             if (aword == null || aword.equals("")) {
                 throw new GigiApiException("An A-Word is required to perform a password reset.");
             }
-            user.triggerPasswordReset(aword, out, req);
-            return true;
+            user.triggerPasswordReset(aword, req);
+            return new SuccessMessageResult(new TranslateCommand("Password reset successful."));
         }
         dobSelector.update(req);
         if ( !dobSelector.isValid()) {
             throw new GigiApiException("Invalid date of birth!");
         }
         user.setDob(dobSelector.getDate());
-        return true;
+        return new RedirectResult(req.getPathInfo());
     }
 
     @Override
WPIA Certificate Web Issuance Platform