X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpages%2Fadmin%2Fsupport%2FSupportUserDetailsForm.java;h=7445c52c54946cc87c00c02780aebdefeef88f20;hp=969cbe62fee6d1df01b09f37ec3eff885f48274a;hb=30d927a45f76ad0e28cae6e12a850be61ca22ebc;hpb=6f881fb69406219a4528e4c69e8779a7db0ceb8b

diff --git a/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
index 969cbe62..7445c52c 100644
--- a/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -6,6 +6,7 @@ import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 
+import club.wpia.gigi.Gigi;
 import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.dbObjects.Name;
@@ -20,6 +21,8 @@ import club.wpia.gigi.output.template.Form;
 import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.output.template.TranslateCommand;
 import club.wpia.gigi.pages.LoginPage;
+import club.wpia.gigi.pages.account.MyDetails;
+import club.wpia.gigi.util.AuthorizationContext;
 
 public class SupportUserDetailsForm extends Form {
 
@@ -42,12 +45,31 @@ public class SupportUserDetailsForm extends Form {
         if (user.getTicket() == null) {
             throw new GigiApiException("No ticket number set.");
         }
+
+        int numActions = 0;
+        numActions += req.getParameter("detailupdate") != null ? 1 : 0;
+        numActions += req.getParameter("addGroup") != null ? 1 : 0;
+        numActions += req.getParameter("removeGroup") != null ? 1 : 0;
+        numActions += req.getParameter("resetPass") != null ? 1 : 0;
+
+        if (numActions != 1) {
+            throw new GigiApiException("More than one action requested!");
+        }
+
         if (user.getTargetUser() == LoginPage.getUser(req)) {
+            if (req.getParameter("removeGroup") != null) {
+                value.update(req);
+                Group toMod = value.getGroup();
+                if (toMod == Group.SUPPORTER) {
+                    user.revoke(toMod);
+                    AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
+                    req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));
+                    return new RedirectResult(MyDetails.PATH);
+                }
+            }
             throw new GigiApiException("Supporter may not modify himself.");
         }
-        if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("addGroup") != null ? 1 : 0) + (req.getParameter("removeGroup") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
-            throw new GigiApiException("More than one action requested!");
-        }
+
         if (req.getParameter("addGroup") != null || req.getParameter("removeGroup") != null) {
             value.update(req);
             Group toMod = value.getGroup();