X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2FdbObjects%2FUser.java;h=9868e36a1d912efbeb6de98bc8d96537365fc6f0;hp=b65dbc5a027f5edee63c301b3dd12cd42f661957;hb=a068c177bb6cdbc3b117038047818ae58f9aa1de;hpb=0d5ae34e23b50f59e759702b1ebf6f5a3a7137f4 diff --git a/src/club/wpia/gigi/dbObjects/User.java b/src/club/wpia/gigi/dbObjects/User.java index b65dbc5a..9868e36a 100644 --- a/src/club/wpia/gigi/dbObjects/User.java +++ b/src/club/wpia/gigi/dbObjects/User.java @@ -10,7 +10,9 @@ import java.util.LinkedList; import java.util.List; import java.util.Locale; import java.util.Set; +import java.util.TreeSet; +import club.wpia.gigi.Gigi; import club.wpia.gigi.GigiApiException; import club.wpia.gigi.database.GigiPreparedStatement; import club.wpia.gigi.database.GigiResultSet; @@ -21,11 +23,11 @@ import club.wpia.gigi.email.EmailProvider; import club.wpia.gigi.localisation.Language; import club.wpia.gigi.output.DateSelector; import club.wpia.gigi.pages.PasswordResetPage; +import club.wpia.gigi.passwords.PasswordStrengthChecker; import club.wpia.gigi.util.CalendarUtil; import club.wpia.gigi.util.DayDate; import club.wpia.gigi.util.Notary; import club.wpia.gigi.util.PasswordHash; -import club.wpia.gigi.util.PasswordStrengthChecker; import club.wpia.gigi.util.TimeConditions; /** @@ -105,10 +107,7 @@ public class User extends CertificateOwner { } public User(String email, String password, DayDate dob, Locale locale, Country residenceCountry, NamePart... preferred) throws GigiApiException { - // Avoid storing information that obviously won't get through - if ( !EmailProvider.isValidMailAddress(email)) { - throw new IllegalArgumentException("Invalid email."); - } + super(validate(email)); this.email = email; this.dob = dob; @@ -128,6 +127,14 @@ public class User extends CertificateOwner { new EmailAddress(this, email, locale); } + private static Void validate(String email) { + // Avoid storing information that obviously won't get through + if ( !EmailProvider.isValidMailAddress(email)) { + throw new IllegalArgumentException("Invalid email."); + } + return null; + } + public Name[] getNames() { try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `id` FROM `names` WHERE `uid`=? AND `deleted` IS NULL", true)) { gps.setInt(1, getId()); @@ -167,7 +174,7 @@ public class User extends CertificateOwner { throw new GigiApiException("Entered date of birth is below the restricted age requirements."); } - if (CalendarUtil.isOfAge(dob, User.MAXIMUM_PLAUSIBLE_AGE)) { + if (CalendarUtil.isYearsInFuture(dob.end(), User.MAXIMUM_PLAUSIBLE_AGE)) { throw new GigiApiException("Entered date of birth exceeds the maximum age set in our policies. Please check your DoB is correct and contact support if the issue persists."); } this.dob = dob; @@ -204,7 +211,17 @@ public class User extends CertificateOwner { } private void setPassword(String newPass) throws GigiApiException { - PasswordStrengthChecker.assertStrongPassword(newPass, getNames(), getEmail()); + Name[] names = getNames(); + TreeSet nameParts = new TreeSet<>(); + for (int i = 0; i < names.length; i++) { + for (NamePart string : names[i].getParts()) { + nameParts.add(string.getValue()); + } + } + GigiApiException gaPassword = Gigi.getPasswordChecker().checkPassword(newPass, nameParts.toArray(new String[nameParts.size()]), getEmail()); + if (gaPassword != null) { + throw gaPassword; + } try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE users SET `password`=? WHERE id=?")) { ps.setString(1, PasswordHash.hash(newPass)); ps.setInt(2, getId());