upd: restrict permissions of org "master" admin on organisation

[gigi.git] / src / org / cacert / gigi / pages / orga / ViewOrgPage.java

diff --git a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java
index 3996095e774224e7c805fd24b464304b0aa4baba..815a2cebeb4fb7bc325293d2601b30326776e165 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java
+++ b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java
@@ -18,6 +18,7 @@ import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.Template;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.AuthorizationContext;
 
 public class ViewOrgPage extends Page {
 
@@ -32,8 +33,8 @@ public class ViewOrgPage extends Page {
     }
 
     @Override
-    public boolean isPermitted(User u) {
-        return u != null && (u.isInGroup(CreateOrgPage.ORG_ASSURER) || u.getOrganisations().size() != 0);
+    public boolean isPermitted(AuthorizationContext ac) {
+        return ac != null && (ac.isInGroup(CreateOrgPage.ORG_ASSURER) || ac.getActor().getOrganisations(true).size() != 0);
     }
 
     @Override
@@ -46,6 +47,11 @@ public class ViewOrgPage extends Page {
                     resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId());
                 }
                 return;
+            } else if (req.getParameter("addDomain") != null) {
+                if (Form.getForm(req, OrgDomainAddForm.class).submit(resp.getWriter(), req)) {
+                    // resp.sendRedirect(DEFAULT_PATH + "/" +
+                    // form.getOrganisation().getId());
+                }
             } else {
                 if ( !u.isInGroup(CreateOrgPage.ORG_ASSURER)) {
                     resp.sendError(403, "Access denied");
@@ -68,7 +74,7 @@ public class ViewOrgPage extends Page {
         if (idS.length() < DEFAULT_PATH.length() + 2) {
             final Organisation[] orgas = Organisation.getOrganisations(0, 30);
             HashMap<String, Object> map = new HashMap<>();
-            final List<Organisation> myOrgs = u.getOrganisations();
+            final List<Organisation> myOrgs = u.getOrganisations(true);
             final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
             if (orgAss) {
                 map.put("orgas", makeOrgDataset(orgas));
@@ -80,16 +86,28 @@ public class ViewOrgPage extends Page {
         }
         idS = idS.substring(DEFAULT_PATH.length() + 1);
         int id = Integer.parseInt(idS);
-        Organisation o = Organisation.getById(id);
+        Organisation o;
+        try {
+            o = Organisation.getById(id);
+        } catch (IllegalArgumentException e) {
+            resp.sendError(404);
+            return;
+        }
         final List<Organisation> myOrgs = u.getOrganisations();
         final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
-        if (o == null || ( !orgAss && !myOrgs.contains(o))) {
+        if ( !orgAss && !myOrgs.contains(o)) {
             resp.sendError(404);
             return;
         }
         HashMap<String, Object> vars = new HashMap<>();
-        vars.put("editForm", new CreateOrgForm(req, o));
-        vars.put("affForm", new AffiliationForm(req, o));
+        if (orgAss) {
+            vars.put("editForm", new CreateOrgForm(req, o));
+            vars.put("affForm", new AffiliationForm(req, o));
+            vars.put("addDom", new OrgDomainAddForm(req, o));
+        } else {
+            vars.put("affForm", new AffiliationForm(req, o));
+            vars.put("orgName", o.getName());
+        }
         mainTempl.output(out, lang, vars);
     }