import org.cacert.gigi.output.GroupIterator;
import org.cacert.gigi.output.GroupSelector;
import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.output.template.Outputable;
-import org.cacert.gigi.output.template.SprintfCommand;
import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.output.template.TranslateCommand;
-import org.cacert.gigi.pages.PasswordResetPage;
+import org.cacert.gigi.pages.LoginPage;
public class SupportUserDetailsForm extends Form {
if (user.getTicket() == null) {
return false;
}
- if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("grant") != null ? 1 : 0) + (req.getParameter("deny") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
+ if (user.getTargetUser() == LoginPage.getUser(req)) {
+ throw new GigiApiException("Supporter may not modify himself.");
+ }
+ if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("addGroup") != null ? 1 : 0) + (req.getParameter("removeGroup") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
throw new GigiApiException("More than one action requested!");
}
- if (req.getParameter("grant") != null || req.getParameter("deny") != null) {
- String actionType = "granted";
+ if (req.getParameter("addGroup") != null || req.getParameter("removeGroup") != null) {
value.update(req);
Group toMod = value.getGroup();
- if (req.getParameter("grant") != null) {
+ if (req.getParameter("addGroup") != null) {
user.grant(toMod);
} else {
- actionType = "revoked";
user.revoke(toMod);
}
- String subject = "Change Group Permissions";
- Outputable message = SprintfCommand.createSimple("The group permission {0} was {1}.", toMod.getDatabaseName(), actionType);
- user.sendSupportNotification(subject, message);
return true;
}
if (req.getParameter("resetPass") != null) {
if (aword == null || aword.equals("")) {
throw new GigiApiException("An A-Word is required to perform a password reset.");
}
- Language l = Language.getInstance(user.getTargetUser().getPreferredLocale());
- String method = l.getTranslation("A password reset was triggered. Please enter the required text sent to you by support on this page:");
- String subject = l.getTranslation("Password reset by support.");
- PasswordResetPage.initPasswordResetProcess(out, user.getTargetUser(), req, aword, l, method, subject);
- Outputable message = new TranslateCommand("A password reset was triggered and an email was sent to user.");
- user.sendSupportNotification(subject, message);
+ user.triggerPasswordReset(aword, out, req);
return true;
}
dobSelector.update(req);
throw new GigiApiException("Invalid date of birth!");
}
user.setDob(dobSelector.getDate());
-
- String subject = "Change Account Data";
- Outputable message = new TranslateCommand("The account data was changed.");
- user.sendSupportNotification(subject, message);
return true;
}
projects / gigi.git / blobdiff