X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssuranceForm.java;h=919128fff37fd579280aedcd366fbbdfea91a88f;hp=056a28ab6963714cc5ce0ee5a2222ea10e31991f;hb=d1080ab12183cad2bab5d1f94bafe67960fbf4c8;hpb=c6f6367097ed2e771bf1253f15e4191a93752e21 diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java index 056a28ab..919128ff 100644 --- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java +++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java @@ -1,108 +1,185 @@ package org.cacert.gigi.pages.wot; -import java.io.InputStreamReader; +import java.io.IOException; import java.io.PrintWriter; -import java.sql.SQLException; -import java.text.ParseException; +import java.net.URLEncoder; import java.text.SimpleDateFormat; import java.util.Date; import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.cacert.gigi.Language; -import org.cacert.gigi.User; -import org.cacert.gigi.output.Form; -import org.cacert.gigi.output.Template; -import org.cacert.gigi.pages.LoginPage; +import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Assurance.AssuranceType; +import org.cacert.gigi.dbObjects.Name; +import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.email.Sendmail; +import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.IterableDataset; +import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.pages.Page; +import org.cacert.gigi.pages.PasswordResetPage; import org.cacert.gigi.util.Notary; +import org.cacert.gigi.util.RandomToken; +import org.cacert.gigi.util.ServerConstants; public class AssuranceForm extends Form { - User assuree; - static final Template templ; - static { - templ = new Template(new InputStreamReader( - AssuranceForm.class.getResourceAsStream("AssuranceForm.templ"))); - } - - public AssuranceForm(int assuree) { - this.assuree = new User(assuree); - } - SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); - - @Override - public void output(PrintWriter out, Language l, Map vars) { - HashMap res = new HashMap(); - res.putAll(vars); - res.put("name", assuree.getName()); - res.put("dob", sdf.format(assuree.getDob())); - templ.output(out, l, res); - } - - @Override - public boolean submit(PrintWriter out, HttpServletRequest req) { - out.println("
"); - boolean failed = false; - - if (!"1".equals(req.getParameter("certify")) - || !"1".equals(req.getParameter("rules")) - || !"1".equals(req.getParameter("CCAAgreed")) - || !"1".equals(req.getParameter("assertion"))) { - outputError(out, req, "You failed to check all boxes to validate" - + " your adherence to the rules and policies of CAcert"); - failed = true; - - } - if (req.getParameter("date") == null - || req.getParameter("date").equals("")) { - outputError(out, req, - "You must enter the date when you met the assuree."); - failed = true; - } else { - try { - Date d = sdf.parse(req.getParameter("date")); - if (d.getTime() > System.currentTimeMillis()) { - outputError(out, req, - "You must not enter a date in the future."); - failed = true; - } - } catch (ParseException e) { - outputError(out, req, - "You must enter the date in this format: YYYY-MM-DD."); - failed = true; - } - } - // check location, min 3 characters - if (req.getParameter("location") == null - || req.getParameter("location").equals("")) { - outputError(out, req, - "You failed to enter a location of your meeting."); - failed = true; - } else if (req.getParameter("location").length() <= 2) { - outputError(out, req, - "You must enter a location with at least 3 characters eg town and country."); - failed = true; - } - // TODO checkPoints - String points = req.getParameter("points"); - if (points == null || "".equals(points)) { - // TODO message - failed = true; - } - out.println("
"); - if (failed) { - return false; - } - try { - boolean success = Notary.assure(LoginPage.getUser(req), assuree, - Integer.parseInt(req.getParameter("points")), - req.getParameter("location"), req.getParameter("date")); - return success; - } catch (SQLException e) { - e.printStackTrace(); - } - - return false; - } + + private User assuree; + + private Name assureeName; + + private Date dob; + + private String location = ""; + + private String date = ""; + + private String aword; + + private User assurer; + + private AssuranceType type = AssuranceType.FACE_TO_FACE; + + private static final Template templ; + static { + templ = new Template(AssuranceForm.class.getResource("AssuranceForm.templ")); + } + + public AssuranceForm(HttpServletRequest hsr, User assuree) { + super(hsr); + assurer = Page.getUser(hsr); + this.assuree = assuree; + assureeName = this.assuree.getName(); + dob = this.assuree.getDoB(); + } + + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); + + SimpleDateFormat sdf2 = new SimpleDateFormat("dd. MMM yyyy"); + + @Override + public void outputContent(PrintWriter out, Language l, Map vars) { + HashMap res = new HashMap(); + res.putAll(vars); + res.put("nameExplicit", assuree.getName()); + res.put("name", assuree.getName().toString()); + res.put("maxpoints", assurer.getMaxAssurePoints()); + res.put("dob", sdf.format(assuree.getDoB())); + res.put("dobFmt2", sdf2.format(assuree.getDoB())); + res.put("location", location); + res.put("date", date); + res.put("aword", aword); + final LinkedList ats = new LinkedList<>(); + for (AssuranceType at : AssuranceType.values()) { + try { + Notary.may(assurer, assuree, at); + ats.add(at); + } catch (GigiApiException e) { + } + } + res.put("ats", new IterableDataset() { + + Iterator t = ats.iterator(); + + @Override + public boolean next(Language l, Map vars) { + if ( !t.hasNext()) { + return false; + } + AssuranceType t1 = t.next(); + vars.put("type", t1.getDescription()); + vars.put("id", t1.toString()); + vars.put("sel", t1 == type ? " selected" : ""); + return true; + } + }); + templ.output(out, l, res); + } + + @Override + public boolean submit(PrintWriter out, HttpServletRequest req) { + location = req.getParameter("location"); + date = req.getParameter("date"); + if (date == null || location == null) { + outputError(out, req, "You need to enter location and date!"); + } + + if ( !"1".equals(req.getParameter("certify")) || !"1".equals(req.getParameter("rules")) || !"1".equals(req.getParameter("CCAAgreed")) || !"1".equals(req.getParameter("assertion"))) { + outputError(out, req, "You failed to check all boxes to validate" + " your adherence to the rules and policies of CAcert"); + + } + if ("1".equals(req.getParameter("passwordReset"))) { + aword = req.getParameter("passwordResetValue"); + if ("".equals(aword)) { + aword = null; + } + } else { + aword = null; + } + String val = req.getParameter("assuranceType"); + if (val != null) { + try { + type = AssuranceType.valueOf(val); + } catch (IllegalArgumentException e) { + outputError(out, req, "Assurance Type wrong."); + } + } + + int pointsI = 0; + String points = req.getParameter("points"); + if (points == null || "".equals(points)) { + outputError(out, req, "For an assurance, you need to enter points."); + } else { + try { + pointsI = Integer.parseInt(points); + } catch (NumberFormatException e) { + outputError(out, req, "The points entered were not a number."); + } + } + + if (isFailed(out)) { + return false; + } + try { + Notary.assure(assurer, assuree, assureeName, dob, pointsI, location, req.getParameter("date"), type); + if (aword != null && !aword.equals("")) { + String systemToken = RandomToken.generateToken(32); + int id = assuree.generatePasswordResetTicket(Page.getUser(req), systemToken, aword); + try { + Language l = Language.getInstance(assuree.getPreferredLocale()); + StringBuffer body = new StringBuffer(); + body.append(l.getTranslation("Hi,") + "\n\n"); + body.append(l.getTranslation("A password reset was triggered. If you did a password reset by assurance, please enter your secret password using this form: \nhttps://")); + body.append(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH); + body.append("?id="); + body.append(id); + body.append("&token="); + body.append(URLEncoder.encode(systemToken, "UTF-8")); + body.append("\n"); + body.append("\n"); + body.append(l.getTranslation("Best regards")); + body.append("\n"); + body.append(l.getTranslation("CAcert.org Support!")); + Sendmail.getInstance().sendmail(assuree.getEmail(), "[CAcert.org] " + l.getTranslation("Password reset by assurance"), body.toString(), "support@cacert.org", null, null, null, null, false); + } catch (IOException e) { + e.printStackTrace(); + } + } + return true; + } catch (GigiApiException e) { + e.format(out, Page.getLanguage(req)); + } + + return false; + } + + public User getAssuree() { + return assuree; + } + }