X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FUser.java;h=b259968816e7891f686e20ccffd693edb1a3c144;hp=cf43f80f3182a4377a1578b3f11ac370375f8e53;hb=c256866ad0f399530c686380db62b47883e3f63b;hpb=557a8a2e5f395400467459f003956bf7660cc044

diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java
index cf43f80f..b2599688 100644
--- a/src/org/cacert/gigi/dbObjects/User.java
+++ b/src/org/cacert/gigi/dbObjects/User.java
@@ -1,5 +1,8 @@
 package org.cacert.gigi.dbObjects;
 
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -13,6 +16,7 @@ import org.cacert.gigi.database.GigiPreparedStatement;
 import org.cacert.gigi.database.GigiResultSet;
 import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
 import org.cacert.gigi.dbObjects.CATS.CATSType;
+import org.cacert.gigi.dbObjects.Country.CountryCodeType;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.DateSelector;
 import org.cacert.gigi.pages.PasswordResetPage;
@@ -29,6 +33,8 @@ import org.cacert.gigi.util.TimeConditions;
  */
 public class User extends CertificateOwner {
 
+    private static final long serialVersionUID = -7915843843752264176L;
+
     private DayDate dob;
 
     private String email;
@@ -39,7 +45,7 @@ public class User extends CertificateOwner {
 
     private Locale locale;
 
-    private final Set<Group> groups = new HashSet<>();
+    private Set<Group> groups = new HashSet<>();
 
     public static final int MINIMUM_AGE = 16;
 
@@ -60,6 +66,8 @@ public class User extends CertificateOwner {
 
     private Name preferredName;
 
+    private Country residenceCountry;
+
     protected User(GigiResultSet rs) {
         super(rs.getInt("id"));
         updateName(rs);
@@ -70,6 +78,14 @@ public class User extends CertificateOwner {
         email = rs.getString("email");
         preferredName = Name.getById(rs.getInt("preferredName"));
 
+        try {
+            if (rs.getString("Country") != null) {
+                residenceCountry = Country.getCountryByCode(rs.getString("Country"), Country.CountryCodeType.CODE_2_CHARS);
+            }
+        } catch (GigiApiException e) {
+            throw new Error(e);
+        }
+
         String localeStr = rs.getString("language");
         if (localeStr == null || localeStr.equals("")) {
             locale = Locale.getDefault();
@@ -77,29 +93,36 @@ public class User extends CertificateOwner {
             locale = Language.getLocaleFromString(localeStr);
         }
 
+        refreshGroups();
+    }
+
+    public synchronized void refreshGroups() {
+        HashSet<Group> hs = new HashSet<>();
         try (GigiPreparedStatement psg = new GigiPreparedStatement("SELECT `permission` FROM `user_groups` WHERE `user`=? AND `deleted` is NULL")) {
-            psg.setInt(1, rs.getInt("id"));
+            psg.setInt(1, getId());
 
             try (GigiResultSet rs2 = psg.executeQuery()) {
                 while (rs2.next()) {
-                    groups.add(Group.getByString(rs2.getString(1)));
+                    hs.add(Group.getByString(rs2.getString(1)));
                 }
             }
         }
+        groups = hs;
     }
 
-    public User(String email, String password, DayDate dob, Locale locale, NamePart... preferred) throws GigiApiException {
+    public User(String email, String password, DayDate dob, Locale locale, Country residenceCountry, NamePart... preferred) throws GigiApiException {
         this.email = email;
         this.dob = dob;
         this.locale = locale;
         this.preferredName = new Name(this, preferred);
-        try (GigiPreparedStatement query = new GigiPreparedStatement("INSERT INTO `users` SET `email`=?, `password`=?, `dob`=?, `language`=?, id=?, `preferredName`=?")) {
+        try (GigiPreparedStatement query = new GigiPreparedStatement("INSERT INTO `users` SET `email`=?, `password`=?, `dob`=?, `language`=?, id=?, `preferredName`=?, `country` = ?")) {
             query.setString(1, email);
             query.setString(2, PasswordHash.hash(password));
             query.setDate(3, dob.toSQLDate());
             query.setString(4, locale.toString());
             query.setInt(5, getId());
             query.setInt(6, preferredName.getId());
+            query.setString(7, residenceCountry == null ? null : residenceCountry.getCode());
             query.execute();
         }
         new EmailAddress(this, email, locale);
@@ -421,7 +444,13 @@ public class User extends CertificateOwner {
         return Collections.unmodifiableSet(groups);
     }
 
-    public void grantGroup(User granter, Group toGrant) {
+    public void grantGroup(User granter, Group toGrant) throws GigiApiException {
+        if (toGrant.isManagedBySupport() && !granter.isInGroup(Group.SUPPORTER)) {
+            throw new GigiApiException("Group may only be managed by supporter");
+        }
+        if (toGrant.isManagedBySupport() && granter == this) {
+            throw new GigiApiException("Group may only be managed by supporter that is not oneself");
+        }
         groups.add(toGrant);
         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) {
             ps.setInt(1, getId());
@@ -431,7 +460,10 @@ public class User extends CertificateOwner {
         }
     }
 
-    public void revokeGroup(User revoker, Group toRevoke) {
+    public void revokeGroup(User revoker, Group toRevoke) throws GigiApiException {
+        if (toRevoke.isManagedBySupport() && !revoker.isInGroup(Group.SUPPORTER)) {
+            throw new GigiApiException("Group may only be managed by supporter");
+        }
         groups.remove(toRevoke);
         try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `user_groups` SET `deleted`=CURRENT_TIMESTAMP, `revokedby`=? WHERE `deleted` IS NULL AND `permission`=?::`userGroup` AND `user`=?")) {
             ps.setInt(1, revoker.getId());
@@ -590,7 +622,11 @@ public class User extends CertificateOwner {
     }
 
     private Assurance assuranceByRes(GigiResultSet res) {
-        return new Assurance(res.getInt("id"), User.getById(res.getInt("from")), Name.getById(res.getInt("to")), res.getString("location"), res.getString("method"), res.getInt("points"), res.getString("date"));
+        try {
+            return new Assurance(res.getInt("id"), User.getById(res.getInt("from")), Name.getById(res.getInt("to")), res.getString("location"), res.getString("method"), res.getInt("points"), res.getString("date"), res.getString("country") == null ? null : Country.getCountryByCode(res.getString("country"), CountryCodeType.CODE_2_CHARS));
+        } catch (GigiApiException e) {
+            throw new Error(e);
+        }
     }
 
     public boolean isInVerificationLimit() {
@@ -603,4 +639,24 @@ public class User extends CertificateOwner {
         }
     }
 
+    private void writeObject(ObjectOutputStream oos) throws IOException {}
+
+    private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {}
+
+    public Country getResidenceCountry() {
+        return residenceCountry;
+    }
+
+    public void setResidenceCountry(Country residenceCountry) {
+        this.residenceCountry = residenceCountry;
+        rawUpdateCountryData();
+    }
+
+    private void rawUpdateCountryData() {
+        try (GigiPreparedStatement update = new GigiPreparedStatement("UPDATE users SET country=? WHERE id=?")) {
+            update.setString(1, residenceCountry == null ? null : residenceCountry.getCode());
+            update.setInt(2, getId());
+            update.executeUpdate();
+        }
+    }
 }