X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util-testing%2Forg%2Fcacert%2Fgigi%2Fpages%2FManager.java;h=38b45f6eb11f6be12edeb5d69f5ee171e2d651df;hp=460fc4d22ff13203831ba313e48b8e7a53b82059;hb=d7271af56f7c4f3381ea079f1be1a52124e1d241;hpb=c0d62ad52b65d78806431b34ed2ae24bf58c1ada diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java index 460fc4d2..38b45f6e 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.java +++ b/util-testing/org/cacert/gigi/pages/Manager.java @@ -7,16 +7,22 @@ import java.security.GeneralSecurityException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.Signature; +import java.text.SimpleDateFormat; import java.util.Base64; import java.util.Calendar; +import java.util.Date; import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Iterator; import java.util.LinkedList; +import java.util.List; import java.util.Locale; import java.util.Map; import java.util.Properties; +import java.util.Random; import java.util.TreeSet; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -26,17 +32,21 @@ import org.cacert.gigi.GigiApiException; import org.cacert.gigi.crypto.SPKAC; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.dbObjects.Assurance.AssuranceType; +import org.cacert.gigi.dbObjects.CATS; +import org.cacert.gigi.dbObjects.CATS.CATSType; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.CertificateOwner; +import org.cacert.gigi.dbObjects.Country; import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.Domain; import org.cacert.gigi.dbObjects.DomainPingType; import org.cacert.gigi.dbObjects.EmailAddress; import org.cacert.gigi.dbObjects.Group; -import org.cacert.gigi.dbObjects.Name; +import org.cacert.gigi.dbObjects.NamePart; +import org.cacert.gigi.dbObjects.NamePart.NamePartType; import org.cacert.gigi.dbObjects.User; -import org.cacert.gigi.email.EmailProvider; +import org.cacert.gigi.email.DelegateMailProvider; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; @@ -46,27 +56,32 @@ import org.cacert.gigi.ping.PingerDaemon; import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.DayDate; import org.cacert.gigi.util.Notary; +import org.cacert.gigi.util.TimeConditions; import sun.security.x509.X509Key; public class Manager extends Page { - public static final String PATH = "/manager"; + public static String validVerificationDateString() { + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); + Calendar c = Calendar.getInstance(); + c.setTimeInMillis(System.currentTimeMillis()); + c.add(Calendar.MONTH, -Notary.LIMIT_MAX_MONTHS_VERIFICATION + 1); + return sdf.format(new Date(c.getTimeInMillis())); + } - Field f; + public static Country getRandomCountry() { + List cc = Country.getCountries(); + int rnd = new Random().nextInt(cc.size()); + return cc.get(rnd); + } + + public static final String PATH = "/manager"; private static HashMap dps; private Manager() { super("Test Manager"); - try { - f = EmailAddress.class.getDeclaredField("hash"); - f.setAccessible(true); - } catch (ReflectiveOperationException e) { - // TODO - System.out.println("I don't have 'hash', we are working probably in layered mode. Test Manager may not work."); - // throw new Error(e); - } try { Field gigiInstance = Gigi.class.getDeclaredField("instance"); @@ -90,6 +105,28 @@ public class Manager extends Page { } } + public User getSupporter() { + if (supporter != null) { + return supporter; + } + try { + User u = createAssurer( -1); + if ( !u.isInGroup(Group.SUPPORTER)) { + try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) { + ps.setInt(1, u.getId()); + ps.setString(2, Group.SUPPORTER.getDBName()); + ps.setInt(3, u.getId()); + ps.execute(); + } + u.refreshGroups(); + } + supporter = u; + } catch (ReflectiveOperationException | GigiApiException e) { + e.printStackTrace(); + } + return supporter; + } + public User getAssurer(int i) { if (assurers[i] != null) { return assurers[i]; @@ -105,35 +142,33 @@ public class Manager extends Page { } private User createAssurer(int i) throws GigiApiException, IllegalAccessException { - try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) { + try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `country`=?")) { String mail = "test-assurer" + i + "@example.com"; User u = User.getByEmail(mail); if (u == null) { - System.out.println("Creating assurer"); + System.out.println("Creating RA-Agent"); createUser(mail); u = User.getByEmail(mail); - passCATS(u); + passCATS(u, CATSType.ASSURER_CHALLENGE); ps.setInt(1, u.getId()); - ps.setInt(2, u.getId()); + ps.setInt(2, u.getPreferredName().getId()); ps.setInt(3, 100); ps.setString(4, "Manager init code"); ps.setString(5, "1990-01-01"); + ps.setString(6, getRandomCountry().getCode()); ps.execute(); } return u; } } - private void passCATS(User u) { - try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO cats_passed SET user_id=?, variant_id=1")) { - ps.setInt(1, u.getId()); - ps.execute(); - } + private void passCATS(User u, CATSType t) { + CATS.enterResult(u, t, new Date(System.currentTimeMillis()), "en_EN", "1"); } private static Manager instance; - Template t = new Template(Manager.class.getResource("ManagerMails.templ")); + private static final Template t = new Template(Manager.class.getResource("ManagerMails.templ")); HashMap> emails = new HashMap<>(); @@ -146,9 +181,23 @@ public class Manager extends Page { return instance; } - public static class MailFetcher extends EmailProvider { + public static class MailFetcher extends DelegateMailProvider { - public MailFetcher(Properties p) {} + Pattern[] toForward; + + public MailFetcher(Properties props) { + super(props, props.getProperty("emailProvider.manager.target")); + String str = props.getProperty("emailProvider.manager.filter"); + if (str == null) { + toForward = new Pattern[0]; + } else { + String[] parts = str.split(" "); + toForward = new Pattern[parts.length]; + for (int i = 0; i < parts.length; i++) { + toForward[i] = Pattern.compile(parts[i]); + } + } + } @Override public String checkEmailServer(int forUid, String address) throws IOException { @@ -156,13 +205,19 @@ public class Manager extends Page { } @Override - public synchronized void sendmail(String to, String subject, String message, String from, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException { + public synchronized void sendMail(String to, String subject, String message, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException { HashMap> mails = Manager.getInstance().emails; LinkedList hismails = mails.get(to); if (hismails == null) { mails.put(to, hismails = new LinkedList<>()); } hismails.addFirst(subject + "\n" + message); + for (int i = 0; i < toForward.length; i++) { + if (toForward[i].matcher(to).matches()) { + super.sendMail(to, subject, message, replyto, toname, fromname, errorsto, extra); + return; + } + } } } @@ -209,20 +264,36 @@ public class Manager extends Page { private void createUser(String email) throws GigiApiException, IllegalAccessException { Calendar gc = GregorianCalendar.getInstance(); + gc.setTimeInMillis(0); gc.set(1990, 0, 1); - User u = new User(email, "xvXV12°§", new Name("Först", "Läst", "Müddle", "Süffix"), new DayDate(gc.getTime().getTime()), Locale.ENGLISH); + + Country country = getRandomCountry(); + + User u = new User(email, "xvXV12°§", new DayDate(gc.getTime().getTime()), Locale.ENGLISH, country, // + new NamePart(NamePartType.FIRST_NAME, "Först"), new NamePart(NamePartType.FIRST_NAME, "Müddle"), // + new NamePart(NamePartType.LAST_NAME, "Läst"), new NamePart(NamePartType.SUFFIX, "Süffix")); EmailAddress ea = u.getEmails()[0]; - if (f == null) { - System.out.println("verification failed"); - return; - } - String hash = (String) f.get(ea); + verify(email, ea); + } - ea.verify(hash); + private void verify(String email, EmailAddress ea) throws GigiApiException { + LinkedList i = emails.get(email); + while (i.size() > 0 && !ea.isVerified()) { + String lst = i.getLast(); + Pattern p = Pattern.compile("hash=([a-zA-Z0-9]+)"); + Matcher m = p.matcher(lst); + if (m.find()) { + ea.verify(m.group(1)); + } + i.removeLast(); + } + // ea.verify(hash); } User[] assurers = new User[25]; + User supporter; + @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { if (req.getParameter("create") != null) { @@ -234,47 +305,82 @@ public class Manager extends Page { resp.getWriter().println("User not found."); return; } - if (req.getParameter("addpriv") != null) { - u.grantGroup(u, Group.getByString(req.getParameter("priv"))); - resp.getWriter().println("Privilege granted"); - } else { - u.revokeGroup(u, Group.getByString(req.getParameter("priv"))); - resp.getWriter().println("Privilege revoked"); + try { + if (req.getParameter("addpriv") != null) { + u.grantGroup(getSupporter(), Group.getByString(req.getParameter("priv"))); + resp.getWriter().println("Privilege granted"); + } else { + u.revokeGroup(getSupporter(), Group.getByString(req.getParameter("priv"))); + resp.getWriter().println("Privilege revoked"); + } + } catch (GigiApiException e) { + throw new Error(e); } } else if (req.getParameter("fetch") != null) { String mail = req.getParameter("femail"); fetchMails(req, resp, mail); } else if (req.getParameter("cats") != null) { String mail = req.getParameter("catsEmail"); + String testId = req.getParameter("catsType"); User byEmail = User.getByEmail(mail); if (byEmail == null) { resp.getWriter().println("User not found."); return; } - passCATS(byEmail); - resp.getWriter().println("User has been passed CATS"); + if (testId == null) { + resp.getWriter().println("No test given."); + return; + } + CATSType test = CATSType.values()[Integer.parseInt(testId)]; + passCATS(byEmail, test); + resp.getWriter().println("Test '" + test.getDisplayName() + "' was added to user account."); } else if (req.getParameter("assure") != null) { String mail = req.getParameter("assureEmail"); + String verificationPoints = req.getParameter("verificationPoints"); User byEmail = User.getByEmail(mail); + if (byEmail == null) { resp.getWriter().println("User not found."); return; } + + int vp = 0; + int agentNumber = 0; + try { - for (int i = 0; i < 10; i++) { - Notary.assure(getAssurer(i), byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE); + try { + vp = Integer.parseInt(verificationPoints); + } catch (NumberFormatException e) { + throw new GigiApiException("No valid Verification Points entered."); + } + + if (vp > 100) { // only allow max 100 Verification points + vp = 100; + } + + while (vp > 0) { + int currentVP = 10; + if (vp < 10) { + currentVP = vp; + } + Notary.assure(getAssurer(agentNumber), byEmail, byEmail.getPreferredName(), byEmail.getDoB(), currentVP, "Testmanager Verify up code", validVerificationDateString(), AssuranceType.FACE_TO_FACE, getRandomCountry()); + agentNumber += 1; + vp -= currentVP; } + } catch (GigiApiException e) { throw new Error(e); } - resp.getWriter().println("User has been assured."); + + resp.getWriter().println("User has been assured " + agentNumber + " times."); + } else if (req.getParameter("letassure") != null) { String mail = req.getParameter("letassureEmail"); User byEmail = User.getByEmail(mail); try { for (int i = 0; i < 25; i++) { User a = getAssurer(i); - Notary.assure(byEmail, a, a.getName(), a.getDoB(), 10, "Testmanager exp up code", "2014-11-06", AssuranceType.FACE_TO_FACE); + Notary.assure(byEmail, a, a.getNames()[0], a.getDoB(), 10, "Testmanager exp up code", validVerificationDateString(), AssuranceType.FACE_TO_FACE, getRandomCountry()); } } catch (GigiApiException e) { throw new Error(e); @@ -283,19 +389,10 @@ public class Manager extends Page { User u = User.getByEmail(req.getParameter("addEmailEmail")); try { EmailAddress ea = new EmailAddress(u, req.getParameter("addEmailNew"), Locale.ENGLISH); - if (f != null) { - String hash = (String) f.get(ea); - ea.verify(hash); - resp.getWriter().println("Email added and verified"); - } else { - resp.getWriter().println("Email added but verificatio failed."); - } + verify(ea.getAddress(), ea); } catch (IllegalArgumentException e) { e.printStackTrace(); resp.getWriter().println("An internal error occured."); - } catch (IllegalAccessException e) { - e.printStackTrace(); - resp.getWriter().println("An internal error occured."); } catch (GigiApiException e) { e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); } @@ -312,7 +409,7 @@ public class Manager extends Page { byte[] res = s.getEncoded(sign); CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), Base64.getEncoder().encodeToString(res), "challange"); - cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail(), resp.getWriter(), req); + cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail()); Certificate draft = cr.draft(); draft.issue(null, "2y", u).waitFor(10000); if (draft.getStatus() == CertificateStatus.ISSUED) { @@ -325,9 +422,6 @@ public class Manager extends Page { resp.getWriter().println("error"); } catch (GigiApiException e) { e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); - } catch (InterruptedException e) { - e.printStackTrace(); - resp.getWriter().println("interrupted"); } } else if (req.getParameter("addExDom") != null) { @@ -369,7 +463,7 @@ public class Manager extends Page { } } - private Template form = new Template(Manager.class.getResource("Manager.templ")); + private static final Template form = new Template(Manager.class.getResource("Manager.templ")); @Override public boolean needsLogin() { @@ -384,7 +478,31 @@ public class Manager extends Page { fetchMails(req, resp, mail); return; } + HashMap vars = new HashMap<>(); + vars.put("cats_types", new IterableDataset() { + + CATSType[] type = CATSType.values(); + + int i = 0; + + @Override + public boolean next(Language l, Map vars) { + if (i >= type.length) { + return false; + } + CATSType t = type[i++]; + vars.put("id", i - 1); + vars.put("name", t.getDisplayName()); + return true; + } + }); + + vars.put("testValidMonths", TimeConditions.getInstance().getTestMonths()); + vars.put("reverificationDays", TimeConditions.getInstance().getVerificationLimitDays()); + vars.put("verificationFreshMonths", TimeConditions.getInstance().getVerificationMonths()); + vars.put("verificationMaxAgeMonths", TimeConditions.getInstance().getVerificationMaxAgeMonths()); + vars.put("emailPingMonths", TimeConditions.getInstance().getEmailPingMonths()); - form.output(resp.getWriter(), getLanguage(req), new HashMap()); + form.output(resp.getWriter(), getLanguage(req), vars); } }