upd: use a more strict pattern for handling forms

Change-Id: I55e1087868820e652fccc7454c9ae290b6947119

diff --git a/src/org/cacert/gigi/dbObjects/SupportedUser.java b/src/org/cacert/gigi/dbObjects/SupportedUser.java
index 67b5e1199e2167da36278dfef0af200bbce082c3..e600b85bf2d2fca302375d18e06693e19108c056 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/SupportedUser.java
+++ b/src/org/cacert/gigi/dbObjects/SupportedUser.java
@@ -1,7 +1,6 @@
 package org.cacert.gigi.dbObjects;
 
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.util.HashMap;
 import java.util.Locale;
 
@@ -175,11 +174,11 @@ public class SupportedUser {
         }
     }
 
-    public void triggerPasswordReset(String aword, PrintWriter out, HttpServletRequest req) {
+    public void triggerPasswordReset(String aword, HttpServletRequest req) {
         Language l = Language.getInstance(target.getPreferredLocale());
         String method = l.getTranslation("A password reset was triggered. Please enter the required text sent to you by support on this page:");
         String subject = l.getTranslation("Password reset by support.");
-        PasswordResetPage.initPasswordResetProcess(out, target, req, aword, l, method, subject);
+        PasswordResetPage.initPasswordResetProcess(target, req, aword, l, method, subject);
         Outputable message = new TranslateCommand("A password reset was triggered and an email was sent to user.");
         sendSupportNotification(subject, message);
     }

diff --git a/src/org/cacert/gigi/output/template/Form.java b/src/org/cacert/gigi/output/template/Form.java
index 1eb0efa04e5f8ca4a87fc906bf2906f3eb7d3a4d..9e58a3cdf2fa44c9a2f3f360ade984c582f0a84d 100644 (file)
--- a/src/org/cacert/gigi/output/template/Form.java
+++ b/src/org/cacert/gigi/output/template/Form.java
@@ -11,6 +11,7 @@ import javax.servlet.http.HttpSession;
 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.RandomToken;
 
 /**
@@ -18,8 +19,22 @@ import org.cacert.gigi.util.RandomToken;
  */
 public abstract class Form implements Outputable {
 
+    public static class PermamentFormException extends RuntimeException {
+
+        public PermamentFormException(GigiApiException cause) {
+            super(cause);
+        }
+
+        @Override
+        public synchronized GigiApiException getCause() {
+            return (GigiApiException) super.getCause();
+        }
+    }
+
     public static final String CSRF_FIELD = "csrf";
 
+    private static final String SUBMIT_EXCEPTION = "form-submit-exception";
+
     private final String csrf;
 
     private final String action;
@@ -52,15 +67,13 @@ public abstract class Form implements Outputable {
     /**
      * Update the forms internal state based on submitted data.
      * 
-     * @param out
-     *            the stream to the user.
      * @param req
      *            the request to take the initial data from.
      * @return true, iff the form succeeded and the user should be redirected.
      * @throws GigiApiException
-     *             if internal operations went wrong.
+     *             if form data had problems or operations went wrong.
      */
-    public abstract boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException;
+    public abstract boolean submit(HttpServletRequest req) throws GigiApiException;
 
     /**
      * Calls {@link #submit(PrintWriter, HttpServletRequest)} while catching and
@@ -77,8 +90,10 @@ public abstract class Form implements Outputable {
      */
     public boolean submitProtected(PrintWriter out, HttpServletRequest req) {
         try {
-            boolean succeeded = submit(out, req);
+            boolean succeeded = submit(req);
             if (succeeded) {
+                HttpSession hs = req.getSession();
+                hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
                 return true;
             }
         } catch (GigiApiException e) {
@@ -88,6 +103,45 @@ public abstract class Form implements Outputable {
         return false;
     }
 
+    public boolean submitExceptionProtected(HttpServletRequest req) {
+        try {
+            if (submit(req)) {
+                HttpSession hs = req.getSession();
+                hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
+                return true;
+            }
+            return false;
+        } catch (PermamentFormException e) {
+            req.setAttribute(SUBMIT_EXCEPTION, e);
+            return false;
+        } catch (GigiApiException e) {
+            req.setAttribute(SUBMIT_EXCEPTION, e);
+            return false;
+        }
+    }
+
+    /**
+     * Prints any errors in any form submits on this request.
+     * 
+     * @param req
+     *            The request to extract the errors from.
+     * @param out
+     *            the output stream to the user to write the errors to.
+     * @return true if no permanent errors occurred and the form should be
+     *         reprinted.
+     */
+    public static boolean printFormErrors(HttpServletRequest req, PrintWriter out) {
+        Object o = req.getAttribute(SUBMIT_EXCEPTION);
+        if (o != null && (o instanceof PermamentFormException)) {
+            ((PermamentFormException) o).getCause().format(out, Page.getLanguage(req));
+            return false;
+        }
+        if (o != null && (o instanceof GigiApiException)) {
+            ((GigiApiException) o).format(out, Page.getLanguage(req));
+        }
+        return true;
+    }
+
     protected String getCsrfFieldName() {
         return CSRF_FIELD;
     }

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index 1c002e57a00959da796c408c91e0838381448747..b19de897aa5e7b3f71f9ba122d1fb70a00938696 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -39,7 +39,7 @@ public class LoginPage extends Page {
         }
 
         @Override
-        public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+        public boolean submit(HttpServletRequest req) throws GigiApiException {
             if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
                 throw new RateLimitException();
             }
@@ -64,10 +64,6 @@ public class LoginPage extends Page {
 
     @Override
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        Object o = req.getAttribute(SUBMIT_EXCEPTION);
-        if (o != null) {
-            ((GigiApiException) o).format(resp.getWriter(), getLanguage(req));
-        }
         if (req.getHeader("Host").equals(ServerConstants.getSecureHostNamePort())) {
             resp.getWriter().println(getLanguage(req).getTranslation("Authentication with certificate failed. Try another certificate or use a password."));
         } else {
@@ -75,6 +71,13 @@ public class LoginPage extends Page {
         }
     }
 
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, LoginForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        }
+    }
+
     @Override
     public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH);
@@ -84,10 +87,7 @@ public class LoginPage extends Page {
                 tryAuthWithCertificate(req, cert);
             }
             if (req.getMethod().equals("POST")) {
-                try {
-                    Form.getForm(req, LoginForm.class).submit(resp.getWriter(), req);
-                } catch (GigiApiException e) {
-                    req.setAttribute(SUBMIT_EXCEPTION, e);
+                if ( !Form.getForm(req, LoginForm.class).submitExceptionProtected(req)) {
                     return false;
                 }
             }

diff --git a/src/org/cacert/gigi/pages/Page.java b/src/org/cacert/gigi/pages/Page.java
index 8d64d94f93cb884bfd7a94836c18debea283ee36..054a1e52020bf1172a095ea26a82ce5c3b4595dd 100644 (file)
--- a/src/org/cacert/gigi/pages/Page.java
+++ b/src/org/cacert/gigi/pages/Page.java
@@ -58,6 +58,29 @@ public abstract class Page implements PermissionCheckable {
      *             if output goes wrong.
      */
     public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (req.getMethod().equals("POST")) {
+            return beforePost(req, resp);
+        }
+        return false;
+    }
+
+    /**
+     * This method can be overridden to execute code and do stuff before the
+     * default template is applied when the request is a post request and the
+     * default implementation of
+     * {@link #beforeTemplate(HttpServletRequest, HttpServletResponse)} is
+     * called.
+     * 
+     * @param req
+     *            the request to handle.
+     * @param resp
+     *            the response to write to
+     * @return true, if the request is consumed and the default template should
+     *         not be applied.
+     * @throws IOException
+     *             if output goes wrong.
+     */
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         return false;
     }
 

diff --git a/src/org/cacert/gigi/pages/PasswordResetPage.java b/src/org/cacert/gigi/pages/PasswordResetPage.java
index 4090bdd49b140822e7d516a879acdf0c6f9df9e1..4ac3b188ab10ffac60adf4e859835a11193b797a 100644 (file)
--- a/src/org/cacert/gigi/pages/PasswordResetPage.java
+++ b/src/org/cacert/gigi/pages/PasswordResetPage.java
@@ -59,7 +59,7 @@ public class PasswordResetPage extends Page {
         }
 
         @Override
-        public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+        public boolean submit(HttpServletRequest req) throws GigiApiException {
             try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) {
                 passwordReset.setInt(1, HOUR_MAX);
                 passwordReset.execute();
@@ -114,7 +114,7 @@ public class PasswordResetPage extends Page {
 
     private static final MailTemplate passwordResetMail = new MailTemplate(PasswordResetPage.class.getResource("PasswordResetMail.templ"));
 
-    public static void initPasswordResetProcess(PrintWriter out, User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
+    public static void initPasswordResetProcess(User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
         String ptok = RandomToken.generateToken(32);
         int id = targetUser.generatePasswordResetTicket(Page.getUser(req), ptok, aword);
         try {
@@ -126,7 +126,6 @@ public class PasswordResetPage extends Page {
             vars.put("hour_max", HOUR_MAX);
 
             passwordResetMail.sendMail(l, vars, Page.getUser(req).getEmail());
-            out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
         } catch (IOException e) {
             e.printStackTrace();
         }

diff --git a/src/org/cacert/gigi/pages/Verify.java b/src/org/cacert/gigi/pages/Verify.java
index 2a5950e91e23e586329cec5446f3f0707bcca228..a17ec62b78964c6ee248432ca3d70d22bd332f52 100644 (file)
--- a/src/org/cacert/gigi/pages/Verify.java
+++ b/src/org/cacert/gigi/pages/Verify.java
@@ -48,30 +48,24 @@ public class Verify extends Page {
                 Domain domain = Domain.getById(Integer.parseInt(id));
                 subject = domain.getSuffix();
                 target = domain;
+            } else {
+                throw new IllegalArgumentException();
             }
         }
 
         @Override
-        public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
-            HashMap<String, Object> data = new HashMap<>();
-            data.put("subject", subject);
+        public boolean submit(HttpServletRequest req) throws GigiApiException {
             if ("email".equals(type)) {
                 try {
                     target.verify(hash);
-                    emailAddressVerified.output(out, getLanguage(req), data);
                 } catch (IllegalArgumentException e) {
-                    out.println(translate(req, "The email address is invalid."));
-                } catch (GigiApiException e) {
-                    e.format(out, getLanguage(req));
+                    throw new GigiApiException("The email address is invalid.");
                 }
             } else if ("domain".equals(type)) {
                 try {
                     target.verify(hash);
-                    domainVerified.output(out, getLanguage(req), data);
                 } catch (IllegalArgumentException e) {
-                    out.println(translate(req, "The domain is invalid."));
-                } catch (GigiApiException e) {
-                    e.format(out, getLanguage(req));
+                    throw new GigiApiException("The domain is invalid.");
                 }
             }
             return true;
@@ -101,7 +95,17 @@ public class Verify extends Page {
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (Form.getForm(req, VerificationForm.class).submitProtected(resp.getWriter(), req)) {
+        VerificationForm form = Form.getForm(req, VerificationForm.class);
+        if (form.submitProtected(resp.getWriter(), req)) {
+            String type = form.type;
+            HashMap<String, Object> data = new HashMap<>();
+            data.put("subject", form.subject);
+            PrintWriter out = resp.getWriter();
+            if ("email".equals(type)) {
+                emailAddressVerified.output(out, getLanguage(req), data);
+            } else if ("domain".equals(type)) {
+                domainVerified.output(out, getLanguage(req), data);
+            }
         }
     }
 
@@ -111,7 +115,6 @@ public class Verify extends Page {
             new VerificationForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
         } catch (IllegalArgumentException e) {
             resp.getWriter().println(translate(req, "The object to verify is invalid."));
-
         }
     }
 

diff --git a/src/org/cacert/gigi/pages/account/ChangeForm.java b/src/org/cacert/gigi/pages/account/ChangeForm.java
index 667dc751fbc84a9e28637e410ba728e4e922a4b8..582fea07428f47d41ce68af5a2a985c81c2d0bbc 100644 (file)
--- a/src/org/cacert/gigi/pages/account/ChangeForm.java
+++ b/src/org/cacert/gigi/pages/account/ChangeForm.java
@@ -10,7 +10,6 @@ import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
 
 public class ChangeForm extends Form {
 
@@ -29,18 +28,16 @@ public class ChangeForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String oldpassword = req.getParameter("oldpassword");
         String p1 = req.getParameter("pword1");
         String p2 = req.getParameter("pword2");
         GigiApiException error = new GigiApiException();
         if (oldpassword == null || p1 == null || p2 == null) {
-            new GigiApiException("All fields are required.").format(out, Page.getLanguage(req));
-            return false;
+            throw new GigiApiException("All fields are required.");
         }
         if ( !p1.equals(p2)) {
-            new GigiApiException("New passwords do not match.").format(out, Page.getLanguage(req));
-            return false;
+            throw new GigiApiException("New passwords do not match.");
         }
         try {
             target.changePassword(oldpassword, p1);
@@ -48,8 +45,7 @@ public class ChangeForm extends Form {
             error.mergeInto(e);
         }
         if ( !error.isEmpty()) {
-            error.format(out, Page.getLanguage(req));
-            return false;
+            throw error;
         }
         return true;
     }

diff --git a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
index 8432f027b0aaedc687d189a6605ab350ab34e65e..a88d6a24c0011f3850478cd2d84170c8bb1c229c 100644 (file)
--- a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
+++ b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
@@ -26,8 +26,7 @@ public class ChangePasswordPage extends Page {
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        ChangeForm f = Form.getForm(req, ChangeForm.class);
-        f.submit(resp.getWriter(), req);
+        Form.getForm(req, ChangeForm.class).submitProtected(resp.getWriter(), req);
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/FindAgentAccess.java b/src/org/cacert/gigi/pages/account/FindAgentAccess.java
index 98ee3ae35d0a6f156da8bc8577ac340c585e88c5..0728cdd4e221943fb7779d2157bccd5ea7b1a44d 100644 (file)
--- a/src/org/cacert/gigi/pages/account/FindAgentAccess.java
+++ b/src/org/cacert/gigi/pages/account/FindAgentAccess.java
@@ -27,7 +27,7 @@ public class FindAgentAccess extends Form {
     private static final Template t = new Template(ChangePasswordPage.class.getResource("FindAgentAccess.templ"));
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String nv = req.getParameter("new-val");
         if (nv == null) {
             return false;

diff --git a/src/org/cacert/gigi/pages/account/MyDetails.java b/src/org/cacert/gigi/pages/account/MyDetails.java
index bf80d47beaf53fb1197a5f169944342ab04fbe44..321e90939a879d8d9636911ed93725037b4a44ac 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyDetails.java
+++ b/src/org/cacert/gigi/pages/account/MyDetails.java
@@ -32,23 +32,29 @@ public class MyDetails extends Page {
     }
 
     @Override
-    public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (req.getParameter("orgaForm") != null) {
-            Form.getForm(req, MyOrganisationsForm.class).submit(resp.getWriter(), req);
-        } else {
-            return false;
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (req.getParameter("orgaForm") != null && Form.getForm(req, MyOrganisationsForm.class).submitExceptionProtected(req)) {
+            resp.sendRedirect(PATH);
+            return true;
         }
-        resp.sendRedirect(PATH);
-        return true;
+        if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
+            if (Form.getForm(req, MyDetailsForm.class).submitExceptionProtected(req)) {
+                resp.sendRedirect(PATH);
+                return true;
+            }
+        }
+        return false;
     }
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
-            if (Form.getForm(req, MyDetailsForm.class).submit(resp.getWriter(), req)) {
-                resp.sendRedirect(PATH);
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            if (req.getParameter("orgaForm") != null) {
+                Form.getForm(req, MyOrganisationsForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+            }
+            if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
+                Form.getForm(req, MyDetailsForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
             }
         }
-        super.doPost(req, resp);
     }
 }

diff --git a/src/org/cacert/gigi/pages/account/MyDetailsForm.java b/src/org/cacert/gigi/pages/account/MyDetailsForm.java
index 813902289e623f925e5b89c2d9dad7ef10123169..6a1bb25a3404b9d1bcd7c119791f7f7345a3363b 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyDetailsForm.java
+++ b/src/org/cacert/gigi/pages/account/MyDetailsForm.java
@@ -19,7 +19,6 @@ import org.cacert.gigi.output.GroupSelector;
 import org.cacert.gigi.output.NameInput;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
 
 public class MyDetailsForm extends Form {
 
@@ -56,7 +55,7 @@ public class MyDetailsForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         try {
             String rn = req.getParameter("removeName");
             if (rn != null) {
@@ -115,12 +114,8 @@ public class MyDetailsForm extends Form {
                 return true;
             }
 
-        } catch (GigiApiException e) {
-            e.format(out, Page.getLanguage(req));
-            return false;
         } catch (NumberFormatException e) {
-            new GigiApiException("Invalid value.").format(out, Page.getLanguage(req));
-            return false;
+            throw new GigiApiException("Invalid value.");
         }
         return false;
     }

diff --git a/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java b/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java
index 706e95976d0b4222e4541cbef277d23228891af2..9879c37d55cbe557f63cc211d70079b6271e8ce8 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java
+++ b/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java
@@ -9,6 +9,7 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 
 import org.cacert.gigi.Gigi;
+import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
@@ -29,7 +30,7 @@ public class MyOrganisationsForm extends Form {
     private static final Template template = new Template(MyOrganisationsForm.class.getResource("MyOrganisationsForm.templ"));
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("org-leave") != null) {
             req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(target.getActor(), target.getActor()));
             return true;
@@ -43,8 +44,7 @@ public class MyOrganisationsForm extends Form {
                 if (orgId == -1) {
                     orgId = id;
                 } else {
-                    out.println(LoginPage.getLanguage(req).getTranslation("Error: invalid parameter."));
-                    return false;
+                    throw new GigiApiException("Error: invalid parameter.");
                 }
             }
         }

diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java b/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java
index e37b930cd040a835e7baca178f4d490c4115c7f7..eeb3eafb1ab552449d27c0d06115b5d39ab37349 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java
@@ -28,23 +28,31 @@ public class CertificateAdd extends Page {
     }
 
     @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
-        if (f.submit(resp.getWriter(), req)) {
+        if (f.submitExceptionProtected(req)) {
             Certificate c = f.getResult();
             if (c.getStatus() != CertificateStatus.ISSUED) {
                 resp.getWriter().println("Timeout while waiting for certificate.");
-                return;
+                return false;
             }
             String ser = c.getSerial();
             if (ser.isEmpty()) {
                 resp.getWriter().println("Timeout while waiting for certificate.");
-                return;
+                return false;
             }
             resp.sendRedirect(Certificates.PATH + "/" + ser);
+            return true;
         }
-        f.output(resp.getWriter(), getLanguage(req), Collections.<String, Object>emptyMap());
+        return super.beforePost(req, resp);
+    }
 
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
+            f.output(resp.getWriter(), getLanguage(req), Collections.<String, Object>emptyMap());
+        }
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
index 0a95497d17935bc00b72a9428795daeb49b4dcc1..badef543fdc4474cc4e569f558c9b402a9c81ce1 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
@@ -20,7 +20,6 @@ import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.Template;
 import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.AuthorizationContext;
 import org.cacert.gigi.util.RandomToken;
 
@@ -57,61 +56,58 @@ public class CertificateIssueForm extends Form {
     CertificateValiditySelector issueDate = new CertificateValiditySelector();
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String csr = req.getParameter("CSR");
         String spkac = req.getParameter("SPKAC");
         try {
-            try {
-                if (csr != null) {
-                    cr = new CertificateRequest(c, csr);
-                    cr.checkKeyStrength(out);
-                } else if (spkac != null) {
-                    cr = new CertificateRequest(c, spkac, spkacChallenge);
-                    cr.checkKeyStrength(out);
-                } else if (cr != null) {
-                    login = "1".equals(req.getParameter("login"));
-                    issueDate.update(req);
-                    GigiApiException error = new GigiApiException();
-
-                    try {
-                        cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), //
-                                req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"));
-                    } catch (GigiApiException e) {
-                        error.mergeInto(e);
-                    }
+            if (csr != null) {
+                cr = new CertificateRequest(c, csr);
+                // TODO cr.checkKeyStrength(out);
+                return false;
+            } else if (spkac != null) {
+                cr = new CertificateRequest(c, spkac, spkacChallenge);
+                // TODO cr.checkKeyStrength(out);
+                return false;
+            } else if (cr != null) {
+                login = "1".equals(req.getParameter("login"));
+                issueDate.update(req);
+                GigiApiException error = new GigiApiException();
+
+                try {
+                    cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), //
+                            req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"));
+                } catch (GigiApiException e) {
+                    error.mergeInto(e);
+                }
 
-                    Certificate result = null;
-                    try {
-                        result = cr.draft();
-                    } catch (GigiApiException e) {
-                        error.mergeInto(e);
-                    }
-                    if ( !error.isEmpty() || result == null) {
-                        error.format(out, Page.getLanguage(req));
-                        return false;
-                    }
-                    if (login) {
-                        result.setLoginEnabled(true);
-                    }
-                    result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000);
-                    this.result = result;
-                    return true;
-                } else {
-                    throw new GigiApiException("Error no action.");
+                Certificate result = null;
+                try {
+                    result = cr.draft();
+                } catch (GigiApiException e) {
+                    error.mergeInto(e);
+                }
+                if ( !error.isEmpty() || result == null) {
+                    throw error;
                 }
-            } catch (IOException e) {
-                e.printStackTrace();
-            } catch (IllegalArgumentException e) {
-                e.printStackTrace();
-                throw new GigiApiException("Certificate Request format is invalid.");
-            } catch (GeneralSecurityException e) {
-                e.printStackTrace();
-                throw new GigiApiException("Certificate Request format is invalid.");
+                if (login) {
+                    result.setLoginEnabled(true);
+                }
+                result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000);
+                this.result = result;
+                return true;
+            } else {
+                throw new GigiApiException("Error no action.");
             }
-        } catch (GigiApiException e) {
-            e.format(out, Page.getLanguage(req));
+        } catch (IOException e) {
+            e.printStackTrace();
+            throw new GigiApiException("Certificate Request format is invalid.");
+        } catch (IllegalArgumentException e) {
+            e.printStackTrace();
+            throw new GigiApiException("Certificate Request format is invalid.");
+        } catch (GeneralSecurityException e) {
+            e.printStackTrace();
+            throw new GigiApiException("Certificate Request format is invalid.");
         }
-        return false;
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java
index fc36792091f27ce0f451937d206f5ec17d5d4085..e6f53cce877a9f2098f1ff44b07838c20e8b3bed 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java
@@ -32,7 +32,7 @@ public class CertificateModificationForm extends Form {
     private static final Template myTemplate = new Template(CertificateModificationForm.class.getResource("CertificateModificationForm.templ"));
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) {
         String action = req.getParameter("action");
         if ( !"revoke".equals(action)) {
             return false;

diff --git a/src/org/cacert/gigi/pages/account/certs/Certificates.java b/src/org/cacert/gigi/pages/account/certs/Certificates.java
index 4db201cc38fcf4b1be4381283514a84b977dcd1c..8acd48422c03044aa9f06f36e6952e787d97e5c4 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/Certificates.java
+++ b/src/org/cacert/gigi/pages/account/certs/Certificates.java
@@ -49,6 +49,9 @@ public class Certificates extends Page implements HandlesMixedRequest {
 
     @Override
     public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if ("POST".equals(req.getMethod())) {
+            return beforePost(req, resp);
+        }
 
         String pi = req.getPathInfo().substring(PATH.length());
         if (pi.length() == 0) {
@@ -98,24 +101,43 @@ public class Certificates extends Page implements HandlesMixedRequest {
         return true;
     }
 
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (support && "revoke".equals(req.getParameter("action"))) {
+            if (Form.getForm(req, RevokeSingleCertForm.class).submitExceptionProtected(req)) {
+                resp.sendRedirect(req.getPathInfo());
+                return true;
+            }
+            return false;
+        }
+        if ( !req.getPathInfo().equals(PATH)) {
+            resp.sendError(500);
+            return true;
+        }
+        if (Form.getForm(req, CertificateModificationForm.class).submitExceptionProtected(req)) {
+            resp.sendRedirect(PATH);
+            return true;
+        }
+        return false;
+    }
+
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         if (req.getQueryString() != null && !req.getQueryString().equals("") && !req.getQueryString().equals("withRevoked")) {
             return;// Block actions by get parameters.
         }
+
         if (support && "revoke".equals(req.getParameter("action"))) {
-            if (Form.getForm(req, RevokeSingleCertForm.class).submitProtected(resp.getWriter(), req)) {
-                resp.sendRedirect(req.getPathInfo());
-                return;
+            if (Form.printFormErrors(req, resp.getWriter())) {
+                Form.getForm(req, RevokeSingleCertForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
             }
+            return;
         }
         if ( !req.getPathInfo().equals(PATH)) {
             resp.sendError(500);
             return;
         }
-        Form.getForm(req, CertificateModificationForm.class).submit(resp.getWriter(), req);
-
-        doGet(req, resp);
+        Form.getForm(req, CertificateModificationForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java b/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java
index 5219081aded3b03641448bd39497b8dd9ee2c3ed..7cb2cbc635243926bd8b4e9920091bd852e1eadc 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java
@@ -27,7 +27,7 @@ public class RevokeSingleCertForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (target != null) {
             target.revokeCertificate(c);
         } else {

diff --git a/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java b/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java
index a0e5685bb109a13b7c2943280441843ecb326b72..7625abc07a0768e1f0a46cde76900827bc47d7d2 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java
@@ -12,7 +12,6 @@ import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Outputable;
 import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
 
 public class DomainAddForm extends Form {
 
@@ -29,7 +28,7 @@ public class DomainAddForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         try {
             String parameter = req.getParameter("newdomain");
             if (parameter.trim().isEmpty()) {
@@ -37,14 +36,10 @@ public class DomainAddForm extends Form {
             }
             Domain d = new Domain(target, target, parameter);
             pcf.setTarget(d);
-            pcf.submit(out, req);
+            pcf.submit(req);
             return true;
         } catch (NumberFormatException e) {
-            new GigiApiException("A number could not be parsed").format(out, Page.getLanguage(req));
-            return false;
-        } catch (GigiApiException e) {
-            e.format(out, Page.getLanguage(req));
-            return false;
+            throw new GigiApiException("A number could not be parsed");
         }
     }
 

diff --git a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
index 568c8a3ad42521ccc8f3e81573ce2128dc3c6ae3..5b97d321b9871ee2e35d84e7a8ca7d3d953dcb5c 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
@@ -28,7 +28,7 @@ public class DomainManagementForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String dels = req.getParameter("delete");
 
         int delId = Integer.parseInt(dels);

diff --git a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java
index 97c47eeb43f41414f9fa442fc2fb6da7cb3cb056..4d8165df3f86c4c7944ea8778de7e9dd3e1db8dc 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java
@@ -27,6 +27,7 @@ public class DomainOverview extends Page {
         CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
         String pi = req.getPathInfo();
         if (pi.length() - PATH.length() > 0) {
+            Form.printFormErrors(req, resp.getWriter());
             int i = Integer.parseInt(pi.substring(PATH.length()));
             Domain d;
             try {
@@ -63,30 +64,31 @@ public class DomainOverview extends Page {
     }
 
     @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         String pi = req.getPathInfo();
         if (pi.length() - PATH.length() > 0) {
-            try {
-                if (req.getParameter("configId") != null) {
-                    if ( !Form.getForm(req, DomainPinglogForm.class).submit(resp.getWriter(), req)) {
-                        // error?
-                    }
-
-                } else {
-                    if ( !Form.getForm(req, PingConfigForm.class).submit(resp.getWriter(), req)) {
+            if (req.getParameter("configId") != null) {
+                if (Form.getForm(req, DomainPinglogForm.class).submitExceptionProtected(req)) {
+                    resp.sendRedirect(pi);
+                    return true;
+                }
 
-                    }
+            } else {
+                if (Form.getForm(req, PingConfigForm.class).submitExceptionProtected(req)) {
+                    resp.sendRedirect(pi);
+                    return true;
                 }
-            } catch (GigiApiException e) {
-                e.format(resp.getWriter(), getLanguage(req));
-                return;
             }
 
-            resp.sendRedirect(pi);
         }
+        return super.beforePost(req, resp);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         if (req.getParameter("adddomain") != null) {
             DomainAddForm f = Form.getForm(req, DomainAddForm.class);
-            if (f.submit(resp.getWriter(), req)) {
+            if (f.submitProtected(resp.getWriter(), req)) {
                 resp.sendRedirect(PATH);
             }
         } else if (req.getParameter("delete") != null) {

diff --git a/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java b/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java
index 525cd125c0ac5eef7c26d6a9f50b854fc20ac695..d2e8306675c36b41098aaa1c9753f5e8f26dd636 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java
@@ -28,18 +28,18 @@ public class DomainPinglogForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
 
         int i = Integer.parseInt(req.getPathInfo().substring(DomainOverview.PATH.length()));
         Domain d = Domain.getById(i);
         if (u.getId() != d.getOwner().getId()) {
-            return false;
+            throw new GigiApiException("Error, owner mismatch.");
         }
         int reping = Integer.parseInt(req.getParameter("configId"));
         DomainPingConfiguration dpc = DomainPingConfiguration.getById(reping);
         if (dpc.getTarget() != d) {
-            return false;
+            throw new GigiApiException("Error, target mismatch.");
         }
         dpc.requestReping();
         return true;

diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
index 496bc4cfb213b9b0ba70e05749af68acd7ff9be4..6c3ca4002981a42234a4dd80ddb19030497a7e74 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
@@ -108,7 +108,7 @@ public class PingConfigForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         target.clearPings();
         if (req.getParameter("emailType") != null && req.getParameter("email") != null) {
             try {
@@ -142,7 +142,7 @@ public class PingConfigForm extends Form {
             }
         }
         Gigi.notifyPinger(null);
-        return false;
+        return true;
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/mail/MailAddForm.java b/src/org/cacert/gigi/pages/account/mail/MailAddForm.java
index 1a67f8e23214cf137a906d571bc0dbe6ebec61d7..bb28a119aa797f85978337ae619995961a00b0b8 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailAddForm.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailAddForm.java
@@ -28,7 +28,7 @@ public class MailAddForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String formMail = req.getParameter("newemail");
         mail = formMail;
         try {

diff --git a/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java b/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java
index 9a399884a94a502a70e0a0ec533bd83df55e58b1..2287a015fd533ba6706daeaef1e387b345731fda 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java
@@ -27,7 +27,7 @@ public class MailManagementForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         try {
             String d;
             if ((d = req.getParameter("default")) != null) {
@@ -37,14 +37,10 @@ public class MailManagementForm extends Form {
             } else if ((d = req.getParameter("reping")) != null) {
                 EmailAddress.getById(Integer.parseInt(d)).requestReping(Page.getLanguage(req));
             }
-        } catch (GigiApiException e) {
-            e.format(out, Page.getLanguage(req));
-            return false;
+            return true;
         } catch (IOException e1) {
-            new GigiApiException("Error while doing reping.").format(out, Page.getLanguage(req));
-            return false;
+            throw new GigiApiException("Error while doing reping.");
         }
-        return true;
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/mail/MailOverview.java b/src/org/cacert/gigi/pages/account/mail/MailOverview.java
index b828b7189d7e6fcc8b10bd966cce9cbf7023003f..4177d79cca7dfeb820607bac63ce07979a0f6886 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailOverview.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailOverview.java
@@ -1,7 +1,6 @@
 package org.cacert.gigi.pages.account.mail;
 
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
@@ -34,21 +33,20 @@ public class MailOverview extends Page {
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        PrintWriter out = resp.getWriter();
-        if (req.getParameter("addmail") != null) {
-            MailAddForm f = Form.getForm(req, MailAddForm.class);
-            try {
-                if (f.submit(out, req)) {
+        try {
+            if (req.getParameter("addmail") != null) {
+                MailAddForm f = Form.getForm(req, MailAddForm.class);
+                if (f.submit(req)) {
+                    resp.sendRedirect(MailOverview.DEFAULT_PATH);
+                }
+            } else {
+                MailManagementForm f = Form.getForm(req, MailManagementForm.class);
+                if (f.submit(req)) {
                     resp.sendRedirect(MailOverview.DEFAULT_PATH);
                 }
-            } catch (GigiApiException e) {
-                e.format(resp.getWriter(), getLanguage(req));
-            }
-        } else {
-            MailManagementForm f = Form.getForm(req, MailManagementForm.class);
-            if (f.submit(out, req)) {
-                resp.sendRedirect(MailOverview.DEFAULT_PATH);
             }
+        } catch (GigiApiException e) {
+            e.format(resp.getWriter(), getLanguage(req));
         }
         super.doPost(req, resp);
     }

diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminForm.java b/src/org/cacert/gigi/pages/admin/TTPAdminForm.java
index ce6eecb3bc6249d7b2b4ba47f56ada7eff185b34..8b38b18d30cfb2b9526428e4e8ae5c94a4055182 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/TTPAdminForm.java
+++ b/src/org/cacert/gigi/pages/admin/TTPAdminForm.java
@@ -27,7 +27,7 @@ public class TTPAdminForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("deny") != null) {
             u.revokeGroup(ttpAdmin, TTPAdminPage.TTP_APPLICANT);
         }

diff --git a/src/org/cacert/gigi/pages/admin/support/FindCertForm.java b/src/org/cacert/gigi/pages/admin/support/FindCertForm.java
index 07d9b929ddd143d378c626f023e9cd8a56521d70..8ffee24942e35b52594275c32d434ab7d1bbc307 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindCertForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindCertForm.java
@@ -28,7 +28,7 @@ public class FindCertForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         this.certType = req.getParameter("certType");
         String request = req.getParameter("cert").trim();
 

diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java
index cce4aa0d84929f1a041a51d76451ceec1485f3ae..35fa8f2432dcd6b8c86ef766fdddb9951cceed01 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java
@@ -24,7 +24,7 @@ public class FindUserByDomainForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String request = req.getParameter("domain");
         Domain d = null;
         if (request.matches("#[0-9]+")) {

diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java
index 12c33e97d75fcac13c077ad47986439bc0ccc0a3..70a66b048ba0cbed95565f9bc9750866f819abce 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java
@@ -23,7 +23,7 @@ public class FindUserByEmailForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         EmailAddress[] emails = EmailAddress.findByAllEmail(req.getParameter("email"));
         if (emails.length == 0) {
             throw new GigiApiException(SprintfCommand.createSimple("No users found matching {0}", req.getParameter("email")));

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
index 18afc0c662279ccf76ca0fd503e57693220c4272..c4ed0dbed60c24b5b06e107a5dab72b0b2809610 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -22,7 +22,7 @@ public class SupportEnterTicketForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("setTicket") != null) {
             // [asdmASDM]\d{8}\.\d+
             String ticket = req.getParameter("ticketno");

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java
index eb1cfcabf3d19a5ab8bddad35296592935491ed3..1c59db30d64b8a83239d29a93a18bd5784859e6d 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java
@@ -6,7 +6,6 @@ import java.util.HashMap;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.pages.LoginPage;
@@ -22,18 +21,14 @@ public class SupportEnterTicketPage extends Page {
     }
 
     @Override
-    public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         if (req.getParameter("setTicket") == null && req.getParameter("deleteTicket") == null) {
             return false;
         }
         SupportEnterTicketForm f = Form.getForm(req, SupportEnterTicketForm.class);
-        try {
-            if (f.submit(resp.getWriter(), req)) {
-                resp.sendRedirect(PATH);
-                return true;
-            }
-        } catch (GigiApiException e) {
-            e.format(resp.getWriter(), getLanguage(req));
+        if (f.submitExceptionProtected(req)) {
+            resp.sendRedirect(PATH);
+            return true;
         }
         return false;
 
@@ -46,6 +41,14 @@ public class SupportEnterTicketPage extends Page {
         new SupportEnterTicketForm(req).output(resp.getWriter(), getLanguage(req), vars);
     }
 
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            SupportEnterTicketForm f = Form.getForm(req, SupportEnterTicketForm.class);
+            f.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        }
+    }
+
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
         return ac != null && ac.isInGroup(Group.SUPPORTER);

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
index 9c1f3f5be3ae726cd98cab710ac1be4dcd41695c..b43220c239bc1fdad5ec154b42e97b261a468ccd 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
@@ -30,12 +30,12 @@ public class SupportRevokeCertificatesForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
-        if (user.getTicket() != null) {
-            user.revokeAllCertificates();
-            return true;
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
+        if (user.getTicket() == null) {
+            throw new GigiApiException("No ticket number set.");
         }
-        return false;
+        user.revokeAllCertificates();
+        return true;
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
index d3589c8e4ad6b9a187b681400f7251a6399c7634..10fb19e51b5c72a015c14c797ae77811e35835f7 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -30,6 +30,8 @@ public class SupportUserDetailsForm extends Form {
 
     private GroupSelector value = new GroupSelector("groupToModify", true);
 
+    private boolean wasWithPasswordReset = false;
+
     public SupportUserDetailsForm(HttpServletRequest hsr, SupportedUser user) {
         super(hsr);
         this.user = user;
@@ -37,9 +39,9 @@ public class SupportUserDetailsForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (user.getTicket() == null) {
-            return false;
+            throw new GigiApiException("No ticket number set.");
         }
         if (user.getTargetUser() == LoginPage.getUser(req)) {
             throw new GigiApiException("Supporter may not modify himself.");
@@ -62,7 +64,8 @@ public class SupportUserDetailsForm extends Form {
             if (aword == null || aword.equals("")) {
                 throw new GigiApiException("An A-Word is required to perform a password reset.");
             }
-            user.triggerPasswordReset(aword, out, req);
+            user.triggerPasswordReset(aword, req);
+            wasWithPasswordReset = true;
             return true;
         }
         dobSelector.update(req);
@@ -73,6 +76,10 @@ public class SupportUserDetailsForm extends Form {
         return true;
     }
 
+    public boolean wasWithPasswordReset() {
+        return wasWithPasswordReset;
+    }
+
     @Override
     protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
         User user = this.user.getTargetUser();

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
index 04898f8ca20be6777c2ace5aff6dafcc6c66e15a..2a8ef874d8069d78303cabdb25b96ea945654b50 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
@@ -18,6 +18,7 @@ import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
 
 public class SupportUserDetailsPage extends Page {
 
@@ -90,11 +91,15 @@ public class SupportUserDetailsPage extends Page {
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         try {
             if (req.getParameter("revokeall") != null) {
-                if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submit(resp.getWriter(), req)) {
+                if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submitProtected(resp.getWriter(), req)) {
                     throw new GigiApiException("No ticket number set.");
                 }
             } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
-                if ( !Form.getForm(req, SupportUserDetailsForm.class).submit(resp.getWriter(), req)) {
+                SupportUserDetailsForm f = Form.getForm(req, SupportUserDetailsForm.class);
+                if (f.wasWithPasswordReset()) {
+                    resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
+                }
+                if ( !f.submitProtected(resp.getWriter(), req)) {
                     throw new GigiApiException("No ticket number set.");
                 }
             }

diff --git a/src/org/cacert/gigi/pages/main/RegisterPage.java b/src/org/cacert/gigi/pages/main/RegisterPage.java
index 30c428333702991664e451aa3dc6b9b9452d32d7..1d43a75a135ae0cf56ebf4a6d5a702fb6c29eb8b 100644 (file)
--- a/src/org/cacert/gigi/pages/main/RegisterPage.java
+++ b/src/org/cacert/gigi/pages/main/RegisterPage.java
@@ -44,7 +44,7 @@ public class RegisterPage extends Page {
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
         Signup s = Form.getForm(req, Signup.class);
         try {
-            if (s.submit(resp.getWriter(), req)) {
+            if (s.submit(req)) {
                 HttpSession hs = req.getSession();
                 hs.setAttribute(SIGNUP_PROCESS, null);
                 resp.getWriter().println(translate(req, "Your information has been submitted" + " into our system. You will now be sent an email with a web link," + " you need to open that link in your web browser within 24 hours" + " or your information will be removed from our system!"));

diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java
index 819bfd5b08286215aa3ce144195f80c03378f7e7..5ec0d12c2ac956cfa7bbfdde926240c82679c78d 100644 (file)
--- a/src/org/cacert/gigi/pages/main/Signup.java
+++ b/src/org/cacert/gigi/pages/main/Signup.java
@@ -93,7 +93,7 @@ public class Signup extends Form {
     }
 
     @Override
-    public synchronized boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public synchronized boolean submit(HttpServletRequest req) throws GigiApiException {
         if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
             throw new RateLimitException();
         }

diff --git a/src/org/cacert/gigi/pages/orga/AffiliationForm.java b/src/org/cacert/gigi/pages/orga/AffiliationForm.java
index cef4dc912e2c8d340483213227dd54caf3d1b0ad..bf455bdecccf4a911cd9a837e2b69aa7e47ff8c0 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/AffiliationForm.java
+++ b/src/org/cacert/gigi/pages/orga/AffiliationForm.java
@@ -16,7 +16,6 @@ import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.Template;
 import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
 
 public class AffiliationForm extends Form {
 
@@ -30,7 +29,7 @@ public class AffiliationForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("del") != null) {
             User toRemove = User.getByEmail(req.getParameter("del"));
             if (toRemove != null) {
@@ -43,11 +42,10 @@ public class AffiliationForm extends Form {
                 o.addAdmin(byEmail, LoginPage.getUser(req), req.getParameter("master") != null);
                 return true;
             } else {
-                out.println(Page.getLanguage(req).getTranslation("Requested user is not a RA Agent. We need a RA Agent here."));
+                throw new GigiApiException("Requested user is not a RA Agent. We need a RA Agent here.");
             }
         }
-        out.println(Page.getLanguage(req).getTranslation("No action could have been carried out."));
-        return false;
+        throw new GigiApiException("No action could have been carried out.");
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgForm.java b/src/org/cacert/gigi/pages/orga/CreateOrgForm.java
index 36bbbe8e511c23ac168891b886f79d6db376349f..086b3059cc591a6ca8bf66278039b379261cfdb2 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/CreateOrgForm.java
+++ b/src/org/cacert/gigi/pages/orga/CreateOrgForm.java
@@ -6,7 +6,6 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 
 import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.dbObjects.Country;
 import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.email.EmailProvider;
 import org.cacert.gigi.localisation.Language;
@@ -59,7 +58,7 @@ public class CreateOrgForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String action = req.getParameter("action");
         if (action == null) {
             return false;

diff --git a/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java b/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java
index c18cf8f11494cd7399accb31019596923c348dc7..e880e41e8d57489ce377127f339f5a781325f8ee 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java
+++ b/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java
@@ -29,7 +29,7 @@ public class OrgDomainAddForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String domain = req.getParameter("domain");
         new Domain(LoginPage.getUser(req), target, domain);
         return true;

diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java
index 8ad735fbd8b78e48f0c261a05d73c1fa0c235443..558375326a2dd419bd36aa5d1f7642b5488ee586 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java
+++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java
@@ -134,7 +134,7 @@ public class AssuranceForm extends Form {
     }
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         location = req.getParameter("location");
         date = req.getParameter("date");
         cs.update(req);
@@ -196,15 +196,19 @@ public class AssuranceForm extends Form {
 
         Notary.assureAll(assurer, assuree, dob, pointsI, location, req.getParameter("date"), type, toAssure.toArray(new Name[toAssure.size()]), cs.getCountry());
 
-        if (aword != null && !aword.equals("")) {
+        if (isWithPasswordReset()) {
             Language langApplicant = Language.getInstance(assuree.getPreferredLocale());
             String method = langApplicant.getTranslation("A password reset was triggered. If you did a password reset by verification, please enter your secret password using this form:");
             String subject = langApplicant.getTranslation("Password reset by verification");
-            PasswordResetPage.initPasswordResetProcess(out, assuree, req, aword, langApplicant, method, subject);
+            PasswordResetPage.initPasswordResetProcess(assuree, req, aword, langApplicant, method, subject);
         }
         return true;
     }
 
+    public boolean isWithPasswordReset() {
+        return aword != null && !aword.equals("");
+    }
+
     public User getAssuree() {
         return assuree;
     }

diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java
index 95ab35f0bc223b3246d61325e0577f446864596c..c29b2388cd83a13e7cabd63fe9b6142b08df0603 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/AssurePage.java
+++ b/src/org/cacert/gigi/pages/wot/AssurePage.java
@@ -16,6 +16,7 @@ import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Template;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
 
 public class AssurePage extends Page {
 
@@ -50,6 +51,9 @@ public class AssurePage extends Page {
         if (req.getParameter("search") == null) {
             AssuranceForm form = Form.getForm(req, AssuranceForm.class);
             if (form.submitProtected(out, req)) {
+                if (form.isWithPasswordReset()) {
+                    resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
+                }
                 out.println(translate(req, "Verification complete."));
                 return;
             }

diff --git a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
index 3a6f7fe422c9e2ec885909c317e800e211140484..449c35b755a0fd0b09082d5cce33e7f081938955 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
+++ b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
@@ -32,7 +32,7 @@ public class RequestTTPForm extends Form {
     };
 
     @Override
-    public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+    public boolean submit(HttpServletRequest req) throws GigiApiException {
         String country = req.getParameter("country");
         if (country != null) {
             int cid = Integer.parseInt(country);

diff --git a/tests/org/cacert/gigi/testUtils/ManagedTest.java b/tests/org/cacert/gigi/testUtils/ManagedTest.java
index 01ee4c5980b869b56054abc0b647a639eb0ff5bd..89b380a96520d2ab9a9062a456852ab78a68e8a0 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/ManagedTest.java
+++ b/tests/org/cacert/gigi/testUtils/ManagedTest.java
@@ -437,7 +437,10 @@ public class ManagedTest extends ConfiguredTest {
     }
 
     public static String executeBasicWebInteraction(String cookie, String path, String query, int formIndex) throws IOException, MalformedURLException, UnsupportedEncodingException {
-        URLConnection uc = post(cookie, path, query, formIndex);
+        HttpURLConnection uc = post(cookie, path, query, formIndex);
+        if (uc.getResponseCode() == 302) {
+            return null;
+        }
         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
         return error;
     }