X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fadmin%2Fsupport%2FSupportUserDetailsPage.java;h=eea69f6dbfcbb9ebe0961157b4b8c78bf920356d;hp=b1ec3abf7bf041af50bad7260444130903075850;hb=abff88a2bf173198fe55c35ead97c9c7cdb5924c;hpb=4d9b0e8bdf122324cec9f3dd387c02d14c30877e

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
index b1ec3abf..eea69f6d 100644
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
@@ -7,40 +7,56 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.Domain;
 import org.cacert.gigi.dbObjects.EmailAddress;
-import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.SupportedUser;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
 import org.cacert.gigi.output.template.IterableDataset;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
 import org.cacert.gigi.util.AuthorizationContext;
 
-public class SupportUserDetailsPage extends Page {
+public class SupportUserDetailsPage extends ManagedMultiFormPage {
 
     public static final String PATH = "/support/user/";
 
-    public SupportUserDetailsPage(String title) {
-        super(title);
+    public SupportUserDetailsPage() {
+        super("Support: User Details");
     }
 
     @Override
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        User user = getUser(req, resp);
+        if (user == null) {
+            return;
+        }
+        SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
+        outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), new SupportUserDetailsForm(req, targetUser));
+    }
+
+    private User getUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         int id = -1;
+        if ( !req.getPathInfo().endsWith("/")) {
+            resp.sendError(404);
+            return null;
+        }
         String[] idP = req.getPathInfo().split("/");
         try {
             id = Integer.parseInt(idP[idP.length - 1]);
         } catch (NumberFormatException e) {
             resp.sendError(404);
+            return null;
         }
         final User user = User.getById(id);
-        String ticket = (String) req.getSession().getAttribute("ticketNo" + user.getId());
-        SupportUserDetailsForm f = new SupportUserDetailsForm(req, new SupportedUser(user, getUser(req), ticket));
+        return user;
+    }
+
+    private void outputContents(HttpServletRequest req, HttpServletResponse resp, final User user, SupportRevokeCertificatesForm certificatesForm, SupportUserDetailsForm f) throws IOException {
         HashMap<String, Object> vars = new HashMap<String, Object>();
         vars.put("details", f);
-        vars.put("ticketNo", ticket);
         final EmailAddress[] addrs = user.getEmails();
         vars.put("emails", new IterableDataset() {
 
@@ -48,48 +64,72 @@ public class SupportUserDetailsPage extends Page {
 
             @Override
             public boolean next(Language l, Map<String, Object> vars) {
-                if (i == addrs.length) {
-                    return false;
+                for (; i < addrs.length;) {
+                    EmailAddress secAddress = addrs[i++];
+                    String address = secAddress.getAddress();
+                    if ( !address.equals(user.getEmail())) {
+                        vars.put("secmail", address);
+                        vars.put("status", l.getTranslation(secAddress.isVerified() ? "verified" : "not verified"));
+                        return true;
+                    }
                 }
-                String address = addrs[i].getAddress();
-                i++;
-                if ( !address.equals(user.getEmail())) {
-                    vars.put("secmail", address);
+                return false;
+            }
+        });
+
+        final Domain[] doms = user.getDomains();
+        vars.put("domains", new IterableDataset() {
+
+            private int point = 0;
+
+            @Override
+            public boolean next(Language l, Map<String, Object> vars) {
+                if (point >= doms.length) {
+                    return false;
                 }
+                Domain domain = doms[point];
+                vars.put("domain", domain.getSuffix());
+                vars.put("status", l.getTranslation(domain.isVerified() ? "verified" : "not verified"));
+                point++;
                 return true;
             }
         });
-        vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, new SupportedUser(user, getUser(req), ticket)));
-        vars.put("tickethandling", new SupportEnterTicketForm(req, user));
+
+        vars.put("certifrevoke", certificatesForm);
         getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
     }
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        try {
-            if (req.getParameter("setTicket") != null) {
+        User user = getUser(req, resp);
+        if (user == null) {
+            return;
+        }
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form f = getForm(req);
+            SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
 
-                if ( !Form.getForm(req, SupportEnterTicketForm.class).submit(resp.getWriter(), req)) {
-                    throw new GigiApiException("Invalid ticket number!");
-                }
-            } else if (req.getParameter("revokeall") != null) {
-                if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submit(resp.getWriter(), req)) {
-                    throw new GigiApiException("No ticket number set.");
-                }
-            } else if (req.getParameter("detailupdate") != null) {
-                if ( !Form.getForm(req, SupportUserDetailsForm.class).submit(resp.getWriter(), req)) {
-                    throw new GigiApiException("No ticket number set.");
-                }
+            if (f instanceof SupportUserDetailsForm) {
+                outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), (SupportUserDetailsForm) f);
+            } else if (f instanceof SupportRevokeCertificatesForm) {
+                outputContents(req, resp, user, (SupportRevokeCertificatesForm) f, new SupportUserDetailsForm(req, targetUser));
             }
-        } catch (GigiApiException e) {
-            e.printStackTrace();
-            e.format(resp.getWriter(), getLanguage(req));
         }
-        super.doPost(req, resp);
+
     }
 
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
-        return ac != null && ac.isInGroup(Group.SUPPORTER);
+        return ac != null && ac.canSupport();
+    }
+
+    @Override
+    public Form getForm(HttpServletRequest req) throws CSRFException {
+        if (req.getParameter("revokeall") != null) {
+            return Form.getForm(req, SupportRevokeCertificatesForm.class);
+        } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
+            return Form.getForm(req, SupportUserDetailsForm.class);
+        }
+        return null;
     }
 }