add: support should be able to see verifications of user

[gigi.git] / src / org / cacert / gigi / pages / wot / MyPoints.java

diff --git a/src/org/cacert/gigi/pages/wot/MyPoints.java b/src/org/cacert/gigi/pages/wot/MyPoints.java
index cd8b732e454b3cd4d5209c236fcd3afc7e3c5abc..9d8a3e3bc0565651b5990faa0f125ed7b86ac7a0 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/MyPoints.java
+++ b/src/org/cacert/gigi/pages/wot/MyPoints.java
@@ -1,43 +1,77 @@
 package org.cacert.gigi.pages.wot;
 
 import java.io.IOException;
-import java.sql.SQLException;
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.User;
+import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.output.AssurancesDisplay;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.AuthorizationContext;
 
 public class MyPoints extends Page {
 
+    public static final String SUPPORT_PATH = "/support/user/*/points";
+
     public static final String PATH = "/wot/mypoints";
 
-    private AssurancesDisplay myDisplay = new AssurancesDisplay("asArr");
+    private static final int intStart = SUPPORT_PATH.indexOf('*');
+
+    private boolean support;
+
+    private AssurancesDisplay myDisplay;
 
-    private AssurancesDisplay toOtherDisplay = new AssurancesDisplay("otherAsArr");
+    private AssurancesDisplay toOtherDisplay;
 
-    public MyPoints(String title) {
-        super(title);
+    public MyPoints(boolean support) {
+        super(support ? "Support User Points" : "My Points");
+        this.support = support;
+        myDisplay = new AssurancesDisplay("asArr", false, support);
+        toOtherDisplay = new AssurancesDisplay("otherAsArr", true, support);
     }
 
     @Override
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        User user;
+        if (support) {
+            String info = req.getPathInfo();
+            int id = Integer.parseInt(info.substring(intStart, info.length() - SUPPORT_PATH.length() + intStart + 1));
+            user = User.getById(id);
+            if (user == null) {
+                resp.sendError(404);
+                return;
+            }
+        } else {
+            user = getUser(req);
+        }
+
         HashMap<String, Object> vars = new HashMap<String, Object>();
+        vars.put("support", support);
+        vars.put("username", user.getPreferredName().toString());
         vars.put("pointlist", myDisplay);
         vars.put("madelist", toOtherDisplay);
-        try {
-            User user = getUser(req);
-            vars.put("asArr", user.getReceivedAssurances());
-            vars.put("otherAsArr", user.getMadeAssurances());
-        } catch (SQLException e) {
-            new GigiApiException(e).format(resp.getWriter(), getLanguage(req));
-            return;
+        vars.put("asArr", user.getReceivedAssurances());
+        vars.put("otherAsArr", user.getMadeAssurances());
+        vars.put("assP", user.getAssurancePoints());
+        if (user.canAssure()) {
+            vars.put("expP", user.getExperiencePoints());
+            vars.put("maxP", user.getMaxAssurePoints());
         }
         getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
     }
 
+    @Override
+    public boolean isPermitted(AuthorizationContext ac) {
+        if (ac == null) {
+            return false;
+        }
+        if (support) {
+            return ac.canSupport();
+        } else {
+            return ac.getTarget() instanceof User;
+        }
+    }
+
 }