X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FVerify.java;h=2b4cd82605cfe2ffc62fa76b2cde50e489717ad0;hp=8d292667df203c07f99907dee14c862f4a750207;hb=b37c20b3c3f2bc96ee9a93ac67949e523969be66;hpb=2b2cdb102fe3f3a34d8fcfd22e24b30ca09fe4ba diff --git a/src/org/cacert/gigi/pages/Verify.java b/src/org/cacert/gigi/pages/Verify.java index 8d292667..2b4cd826 100644 --- a/src/org/cacert/gigi/pages/Verify.java +++ b/src/org/cacert/gigi/pages/Verify.java @@ -2,71 +2,122 @@ package org.cacert.gigi.pages; import java.io.IOException; import java.io.PrintWriter; -import java.sql.PreparedStatement; -import java.sql.ResultSet; -import java.sql.SQLException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Domain; +import org.cacert.gigi.dbObjects.EmailAddress; +import org.cacert.gigi.dbObjects.Verifyable; +import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.Scope; +import org.cacert.gigi.output.template.SprintfCommand; public class Verify extends Page { - public static final String PATH = "/verify"; - public Verify() { - super("Verify email"); - } - @Override - public boolean needsLogin() { - return false; - } - @Override - public void doGet(HttpServletRequest req, HttpServletResponse resp) - throws IOException { - PrintWriter out = resp.getWriter(); - String hash = req.getParameter("hash"); - String type = req.getParameter("type"); - String id = req.getParameter("id"); - if ("email".equals(type)) { - try { - PreparedStatement ps = DatabaseConnection - .getInstance() - .prepare( - "select email, memid from `email` where `id`=? and `hash`=? and `hash` != '' and `deleted` = 0"); - ps.setString(1, id); - ps.setString(2, hash); - ResultSet rs = ps.executeQuery(); - rs.last(); - if (rs.getRow() == 1) { - PreparedStatement ps1 = DatabaseConnection - .getInstance() - .prepare( - "update `email` set `hash`='', `modified`=NOW() where `id`=?"); - ps1.setString(1, id); - ps1.execute(); - PreparedStatement ps2 = DatabaseConnection - .getInstance() - .prepare( - "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'"); - ps2.setString(1, rs.getString(2)); - ps2.setString(2, rs.getString(1)); - ps2.execute(); - out.println("Your email is good."); - } else { - out.println("Your request is invalid"); - } - } catch (SQLException e) { - e.printStackTrace(); - } - } - } - @Override - public void doPost(HttpServletRequest req, HttpServletResponse resp) - throws IOException { - String hash = req.getParameter("hash"); - String type = req.getParameter("type"); - if ("email".equals(type)) { - - } - } + + private static final SprintfCommand emailAddressVerified = new SprintfCommand("Email address {0} verified", Arrays.asList("${subject}")); + + private static final SprintfCommand domainVerified = new SprintfCommand("Domain {0} verified", Arrays.asList("${subject}")); + + private class VerificationForm extends Form { + + private String hash; + + private String type; + + private String id; + + private Verifyable target; + + String subject; + + public VerificationForm(HttpServletRequest hsr) { + super(hsr, PATH); + hash = hsr.getParameter("hash"); + type = hsr.getParameter("type"); + id = hsr.getParameter("id"); + if ("email".equals(type)) { + EmailAddress addr = EmailAddress.getById(Integer.parseInt(id)); + subject = addr.getAddress(); + target = addr; + } else if ("domain".equals(type)) { + Domain domain = Domain.getById(Integer.parseInt(id)); + subject = domain.getSuffix(); + target = domain; + } else { + throw new IllegalArgumentException(); + } + } + + @Override + public SubmissionResult submit(HttpServletRequest req) throws GigiApiException { + HashMap data = new HashMap<>(); + data.put("subject", subject); + if ("email".equals(type)) { + try { + target.verify(hash); + } catch (IllegalArgumentException e) { + throw new PermamentFormException(new GigiApiException("Given token could not be found to complete the verification process (Email Ping).")); + } + return new SuccessMessageResult(new Scope(emailAddressVerified, data)); + } else if ("domain".equals(type)) { + try { + target.verify(hash); + } catch (IllegalArgumentException e) { + throw new PermamentFormException(new GigiApiException("Given token could not be found to complete the verification process (Domain Ping).")); + } + return new SuccessMessageResult(new Scope(domainVerified, data)); + } else { + throw new GigiApiException("Invalid object type."); + } + } + + @Override + protected void outputContent(PrintWriter out, Language l, Map vars) { + vars.put("hash", hash); + vars.put("id", id); + vars.put("type", type); + + vars.put("subject", subject); + getDefaultTemplate().output(out, l, vars); + } + } + + public static final String PATH = "/verify"; + + public Verify() { + super("Verify email"); + } + + @Override + public boolean needsLogin() { + return false; + } + + @Override + public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + return Form.getForm(req, VerificationForm.class).submitExceptionProtected(req, resp); + } + + @Override + public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + if (Form.printFormErrors(req, resp.getWriter())) { + Form.getForm(req, VerificationForm.class).output(resp.getWriter(), getLanguage(req), new HashMap()); + } + } + + @Override + public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { + try { + new VerificationForm(req).output(resp.getWriter(), getLanguage(req), new HashMap()); + } catch (IllegalArgumentException e) { + resp.getWriter().println(translate(req, "The object to verify is invalid.")); + } + } + }