X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fadmin%2Fsupport%2FSupportUserDetailsPage.java;h=eea69f6dbfcbb9ebe0961157b4b8c78bf920356d;hp=2a8ef874d8069d78303cabdb25b96ea945654b50;hb=abff88a2bf173198fe55c35ead97c9c7cdb5924c;hpb=17a15662212d973d12ed4cea3f5eaa9c0d1169ed diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java index 2a8ef874..eea69f6d 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java @@ -7,20 +7,19 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Domain; import org.cacert.gigi.dbObjects.EmailAddress; import org.cacert.gigi.dbObjects.SupportedUser; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.Form.CSRFException; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.pages.LoginPage; -import org.cacert.gigi.pages.Page; +import org.cacert.gigi.pages.ManagedMultiFormPage; import org.cacert.gigi.util.AuthorizationContext; -import org.cacert.gigi.util.HTMLEncoder; -public class SupportUserDetailsPage extends Page { +public class SupportUserDetailsPage extends ManagedMultiFormPage { public static final String PATH = "/support/user/"; @@ -30,19 +29,32 @@ public class SupportUserDetailsPage extends Page { @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { + User user = getUser(req, resp); + if (user == null) { + return; + } + SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId()); + outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), new SupportUserDetailsForm(req, targetUser)); + } + + private User getUser(HttpServletRequest req, HttpServletResponse resp) throws IOException { int id = -1; if ( !req.getPathInfo().endsWith("/")) { resp.sendError(404); + return null; } String[] idP = req.getPathInfo().split("/"); try { id = Integer.parseInt(idP[idP.length - 1]); } catch (NumberFormatException e) { resp.sendError(404); + return null; } final User user = User.getById(id); - SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId()); - SupportUserDetailsForm f = new SupportUserDetailsForm(req, targetUser); + return user; + } + + private void outputContents(HttpServletRequest req, HttpServletResponse resp, final User user, SupportRevokeCertificatesForm certificatesForm, SupportUserDetailsForm f) throws IOException { HashMap vars = new HashMap(); vars.put("details", f); final EmailAddress[] addrs = user.getEmails(); @@ -83,35 +95,41 @@ public class SupportUserDetailsPage extends Page { } }); - vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, targetUser)); + vars.put("certifrevoke", certificatesForm); getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars); } @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { - try { - if (req.getParameter("revokeall") != null) { - if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submitProtected(resp.getWriter(), req)) { - throw new GigiApiException("No ticket number set."); - } - } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) { - SupportUserDetailsForm f = Form.getForm(req, SupportUserDetailsForm.class); - if (f.wasWithPasswordReset()) { - resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful."))); - } - if ( !f.submitProtected(resp.getWriter(), req)) { - throw new GigiApiException("No ticket number set."); - } + User user = getUser(req, resp); + if (user == null) { + return; + } + if (Form.printFormErrors(req, resp.getWriter())) { + Form f = getForm(req); + SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId()); + + if (f instanceof SupportUserDetailsForm) { + outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), (SupportUserDetailsForm) f); + } else if (f instanceof SupportRevokeCertificatesForm) { + outputContents(req, resp, user, (SupportRevokeCertificatesForm) f, new SupportUserDetailsForm(req, targetUser)); } - } catch (GigiApiException e) { - e.printStackTrace(); - e.format(resp.getWriter(), getLanguage(req)); } - super.doPost(req, resp); + } @Override public boolean isPermitted(AuthorizationContext ac) { return ac != null && ac.canSupport(); } + + @Override + public Form getForm(HttpServletRequest req) throws CSRFException { + if (req.getParameter("revokeall") != null) { + return Form.getForm(req, SupportRevokeCertificatesForm.class); + } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) { + return Form.getForm(req, SupportUserDetailsForm.class); + } + return null; + } }