X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=d07b65d46842b268643e76a321b42663d5b68e08;hp=1414e1d4c92fc929d5eabbe2c82a68c39a791fc9;hb=1db93167c35304e1d56e99dae6aa1cfa83842a2e;hpb=d914944d45e769edf887466f979afa3f403f2b39 diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 1414e1d4..d07b65d4 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -9,7 +9,9 @@ import java.security.interfaces.ECPublicKey; import java.security.interfaces.RSAPublicKey; import java.util.Base64; import java.util.HashMap; +import java.util.Iterator; import java.util.LinkedHashSet; +import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; @@ -24,6 +26,7 @@ import org.cacert.gigi.dbObjects.Certificate.SANType; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; import org.cacert.gigi.dbObjects.CertificateProfile; import org.cacert.gigi.dbObjects.Digest; +import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.CertificateValiditySelector; @@ -114,6 +117,10 @@ public class CertificateIssueForm extends Form { private CertificateProfile profile = CertificateProfile.getById(1); + private String ou = ""; + + private Organisation org = null; + public CertificateIssueForm(HttpServletRequest hsr) { super(hsr); u = Page.getUser(hsr); @@ -239,6 +246,16 @@ public class CertificateIssueForm extends Form { selectedDigest = Digest.valueOf(hashAlg); } profile = CertificateProfile.getByName(req.getParameter("profile")); + String newOrgStr = req.getParameter("org"); + if (newOrgStr != null) { + Organisation neworg = Organisation.getById(Integer.parseInt(newOrgStr)); + if (neworg == null || u.getOrganisations().contains(neworg)) { + org = neworg; + } else { + outputError(out, req, "Selected Organisation is not part of your account."); + } + } + ou = req.getParameter("OU"); if ( !u.canIssue(profile)) { profile = CertificateProfile.getById(1); outputError(out, req, "Certificate Profile is invalid."); @@ -273,28 +290,32 @@ public class CertificateIssueForm extends Form { SANs = filteredSANs; if ( !u.isValidName(CN) && !server && !CN.equals(DEFAULT_CN)) { CN = DEFAULT_CN; - outputError(out, req, "The real name entered cannot be verified with your account."); + outputError(out, req, "The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been assured in your account."); } - final StringBuffer subject = new StringBuffer(); + HashMap subject = new HashMap<>(); if (server && pDNS != null) { - subject.append("/commonName="); - subject.append(pDNS); + subject.put("CN", pDNS); if (pMail != null) { outputError(out, req, "No email is included in this certificate."); } if (CN.equals("")) { CN = ""; - outputError(out, req, "No real name is included in this certificate."); + outputError(out, req, "No real name is included in this certificate. The real name, you entered will be ignored."); } } else { - subject.append("/commonName="); - subject.append(CN); + subject.put("CN", CN); if (pMail != null) { - subject.append("/emailAddress="); - subject.append(pMail); + subject.put("EMAIL", pMail); } } + if (org != null) { + subject.put("O", org.getName()); + subject.put("C", org.getState()); + subject.put("ST", org.getProvince()); + subject.put("L", org.getCity()); + subject.put("OU", ou); + } if (req.getParameter("CCA") == null) { outputError(out, req, "You need to accept the CCA."); } @@ -302,7 +323,7 @@ public class CertificateIssueForm extends Form { return false; } - result = new Certificate(LoginPage.getUser(req).getId(), subject.toString(), selectedDigest.toString(), // + result = new Certificate(LoginPage.getUser(req), subject, selectedDigest.toString(), // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); return true; @@ -413,6 +434,7 @@ public class CertificateIssueForm extends Form { } vars2.put("CN", CN); + vars2.put("department", ou); vars2.put("validity", issueDate); vars2.put("emails", content.toString()); vars2.put("hashs", new HashAlgorithms(selectedDigest)); @@ -440,6 +462,28 @@ public class CertificateIssueForm extends Form { return true; } }); + final List orgs = u.getOrganisations(); + vars2.put("orga", orgs.size() == 0 ? null : new IterableDataset() { + + Iterator iter = orgs.iterator(); + + @Override + public boolean next(Language l, Map vars) { + if ( !iter.hasNext()) { + return false; + } + Organisation orga = iter.next(); + vars.put("key", orga.getId()); + vars.put("name", orga.getName()); + if (orga == org) { + vars.put("selected", " selected"); + } else { + vars.put("selected", ""); + } + return true; + } + }); + t.output(out, l, vars2); } }