package org.cacert.gigi.dbObjects;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Locale;
}
}
- public void triggerPasswordReset(String aword, PrintWriter out, HttpServletRequest req) {
+ public void triggerPasswordReset(String aword, HttpServletRequest req) {
Language l = Language.getInstance(target.getPreferredLocale());
String method = l.getTranslation("A password reset was triggered. Please enter the required text sent to you by support on this page:");
String subject = l.getTranslation("Password reset by support.");
- PasswordResetPage.initPasswordResetProcess(out, target, req, aword, l, method, subject);
+ PasswordResetPage.initPasswordResetProcess(target, req, aword, l, method, subject);
Outputable message = new TranslateCommand("A password reset was triggered and an email was sent to user.");
sendSupportNotification(subject, message);
}
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.Page;
import org.cacert.gigi.util.RandomToken;
/**
*/
public abstract class Form implements Outputable {
+ public static class PermamentFormException extends RuntimeException {
+
+ public PermamentFormException(GigiApiException cause) {
+ super(cause);
+ }
+
+ @Override
+ public synchronized GigiApiException getCause() {
+ return (GigiApiException) super.getCause();
+ }
+ }
+
public static final String CSRF_FIELD = "csrf";
+ private static final String SUBMIT_EXCEPTION = "form-submit-exception";
+
private final String csrf;
private final String action;
/**
* Update the forms internal state based on submitted data.
*
- * @param out
- * the stream to the user.
* @param req
* the request to take the initial data from.
* @return true, iff the form succeeded and the user should be redirected.
* @throws GigiApiException
- * if internal operations went wrong.
+ * if form data had problems or operations went wrong.
*/
- public abstract boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException;
+ public abstract boolean submit(HttpServletRequest req) throws GigiApiException;
/**
* Calls {@link #submit(PrintWriter, HttpServletRequest)} while catching and
*/
public boolean submitProtected(PrintWriter out, HttpServletRequest req) {
try {
- boolean succeeded = submit(out, req);
+ boolean succeeded = submit(req);
if (succeeded) {
+ HttpSession hs = req.getSession();
+ hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
return true;
}
} catch (GigiApiException e) {
return false;
}
+ public boolean submitExceptionProtected(HttpServletRequest req) {
+ try {
+ if (submit(req)) {
+ HttpSession hs = req.getSession();
+ hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
+ return true;
+ }
+ return false;
+ } catch (PermamentFormException e) {
+ req.setAttribute(SUBMIT_EXCEPTION, e);
+ return false;
+ } catch (GigiApiException e) {
+ req.setAttribute(SUBMIT_EXCEPTION, e);
+ return false;
+ }
+ }
+
+ /**
+ * Prints any errors in any form submits on this request.
+ *
+ * @param req
+ * The request to extract the errors from.
+ * @param out
+ * the output stream to the user to write the errors to.
+ * @return true if no permanent errors occurred and the form should be
+ * reprinted.
+ */
+ public static boolean printFormErrors(HttpServletRequest req, PrintWriter out) {
+ Object o = req.getAttribute(SUBMIT_EXCEPTION);
+ if (o != null && (o instanceof PermamentFormException)) {
+ ((PermamentFormException) o).getCause().format(out, Page.getLanguage(req));
+ return false;
+ }
+ if (o != null && (o instanceof GigiApiException)) {
+ ((GigiApiException) o).format(out, Page.getLanguage(req));
+ }
+ return true;
+ }
+
protected String getCsrfFieldName() {
return CSRF_FIELD;
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
throw new RateLimitException();
}
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- Object o = req.getAttribute(SUBMIT_EXCEPTION);
- if (o != null) {
- ((GigiApiException) o).format(resp.getWriter(), getLanguage(req));
- }
if (req.getHeader("Host").equals(ServerConstants.getSecureHostNamePort())) {
resp.getWriter().println(getLanguage(req).getTranslation("Authentication with certificate failed. Try another certificate or use a password."));
} else {
}
}
+ @Override
+ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (Form.printFormErrors(req, resp.getWriter())) {
+ Form.getForm(req, LoginForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ }
+ }
+
@Override
public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH);
tryAuthWithCertificate(req, cert);
}
if (req.getMethod().equals("POST")) {
- try {
- Form.getForm(req, LoginForm.class).submit(resp.getWriter(), req);
- } catch (GigiApiException e) {
- req.setAttribute(SUBMIT_EXCEPTION, e);
+ if ( !Form.getForm(req, LoginForm.class).submitExceptionProtected(req)) {
return false;
}
}
* if output goes wrong.
*/
public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (req.getMethod().equals("POST")) {
+ return beforePost(req, resp);
+ }
+ return false;
+ }
+
+ /**
+ * This method can be overridden to execute code and do stuff before the
+ * default template is applied when the request is a post request and the
+ * default implementation of
+ * {@link #beforeTemplate(HttpServletRequest, HttpServletResponse)} is
+ * called.
+ *
+ * @param req
+ * the request to handle.
+ * @param resp
+ * the response to write to
+ * @return true, if the request is consumed and the default template should
+ * not be applied.
+ * @throws IOException
+ * if output goes wrong.
+ */
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
return false;
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) {
passwordReset.setInt(1, HOUR_MAX);
passwordReset.execute();
private static final MailTemplate passwordResetMail = new MailTemplate(PasswordResetPage.class.getResource("PasswordResetMail.templ"));
- public static void initPasswordResetProcess(PrintWriter out, User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
+ public static void initPasswordResetProcess(User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
String ptok = RandomToken.generateToken(32);
int id = targetUser.generatePasswordResetTicket(Page.getUser(req), ptok, aword);
try {
vars.put("hour_max", HOUR_MAX);
passwordResetMail.sendMail(l, vars, Page.getUser(req).getEmail());
- out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
} catch (IOException e) {
e.printStackTrace();
}
Domain domain = Domain.getById(Integer.parseInt(id));
subject = domain.getSuffix();
target = domain;
+ } else {
+ throw new IllegalArgumentException();
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
- HashMap<String, Object> data = new HashMap<>();
- data.put("subject", subject);
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if ("email".equals(type)) {
try {
target.verify(hash);
- emailAddressVerified.output(out, getLanguage(req), data);
} catch (IllegalArgumentException e) {
- out.println(translate(req, "The email address is invalid."));
- } catch (GigiApiException e) {
- e.format(out, getLanguage(req));
+ throw new GigiApiException("The email address is invalid.");
}
} else if ("domain".equals(type)) {
try {
target.verify(hash);
- domainVerified.output(out, getLanguage(req), data);
} catch (IllegalArgumentException e) {
- out.println(translate(req, "The domain is invalid."));
- } catch (GigiApiException e) {
- e.format(out, getLanguage(req));
+ throw new GigiApiException("The domain is invalid.");
}
}
return true;
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- if (Form.getForm(req, VerificationForm.class).submitProtected(resp.getWriter(), req)) {
+ VerificationForm form = Form.getForm(req, VerificationForm.class);
+ if (form.submitProtected(resp.getWriter(), req)) {
+ String type = form.type;
+ HashMap<String, Object> data = new HashMap<>();
+ data.put("subject", form.subject);
+ PrintWriter out = resp.getWriter();
+ if ("email".equals(type)) {
+ emailAddressVerified.output(out, getLanguage(req), data);
+ } else if ("domain".equals(type)) {
+ domainVerified.output(out, getLanguage(req), data);
+ }
}
}
new VerificationForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
} catch (IllegalArgumentException e) {
resp.getWriter().println(translate(req, "The object to verify is invalid."));
-
}
}
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
public class ChangeForm extends Form {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String oldpassword = req.getParameter("oldpassword");
String p1 = req.getParameter("pword1");
String p2 = req.getParameter("pword2");
GigiApiException error = new GigiApiException();
if (oldpassword == null || p1 == null || p2 == null) {
- new GigiApiException("All fields are required.").format(out, Page.getLanguage(req));
- return false;
+ throw new GigiApiException("All fields are required.");
}
if ( !p1.equals(p2)) {
- new GigiApiException("New passwords do not match.").format(out, Page.getLanguage(req));
- return false;
+ throw new GigiApiException("New passwords do not match.");
}
try {
target.changePassword(oldpassword, p1);
error.mergeInto(e);
}
if ( !error.isEmpty()) {
- error.format(out, Page.getLanguage(req));
- return false;
+ throw error;
}
return true;
}
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- ChangeForm f = Form.getForm(req, ChangeForm.class);
- f.submit(resp.getWriter(), req);
+ Form.getForm(req, ChangeForm.class).submitProtected(resp.getWriter(), req);
}
@Override
private static final Template t = new Template(ChangePasswordPage.class.getResource("FindAgentAccess.templ"));
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String nv = req.getParameter("new-val");
if (nv == null) {
return false;
}
@Override
- public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- if (req.getParameter("orgaForm") != null) {
- Form.getForm(req, MyOrganisationsForm.class).submit(resp.getWriter(), req);
- } else {
- return false;
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (req.getParameter("orgaForm") != null && Form.getForm(req, MyOrganisationsForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(PATH);
+ return true;
}
- resp.sendRedirect(PATH);
- return true;
+ if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
+ if (Form.getForm(req, MyDetailsForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(PATH);
+ return true;
+ }
+ }
+ return false;
}
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
- if (Form.getForm(req, MyDetailsForm.class).submit(resp.getWriter(), req)) {
- resp.sendRedirect(PATH);
+ if (Form.printFormErrors(req, resp.getWriter())) {
+ if (req.getParameter("orgaForm") != null) {
+ Form.getForm(req, MyOrganisationsForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ }
+ if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
+ Form.getForm(req, MyDetailsForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
}
}
- super.doPost(req, resp);
}
}
import org.cacert.gigi.output.NameInput;
import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
public class MyDetailsForm extends Form {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
try {
String rn = req.getParameter("removeName");
if (rn != null) {
return true;
}
- } catch (GigiApiException e) {
- e.format(out, Page.getLanguage(req));
- return false;
} catch (NumberFormatException e) {
- new GigiApiException("Invalid value.").format(out, Page.getLanguage(req));
- return false;
+ throw new GigiApiException("Invalid value.");
}
return false;
}
import javax.servlet.http.HttpServletRequest;
import org.cacert.gigi.Gigi;
+import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.dbObjects.Organisation;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
private static final Template template = new Template(MyOrganisationsForm.class.getResource("MyOrganisationsForm.templ"));
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (req.getParameter("org-leave") != null) {
req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(target.getActor(), target.getActor()));
return true;
if (orgId == -1) {
orgId = id;
} else {
- out.println(LoginPage.getLanguage(req).getTranslation("Error: invalid parameter."));
- return false;
+ throw new GigiApiException("Error: invalid parameter.");
}
}
}
}
@Override
- public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
- if (f.submit(resp.getWriter(), req)) {
+ if (f.submitExceptionProtected(req)) {
Certificate c = f.getResult();
if (c.getStatus() != CertificateStatus.ISSUED) {
resp.getWriter().println("Timeout while waiting for certificate.");
- return;
+ return false;
}
String ser = c.getSerial();
if (ser.isEmpty()) {
resp.getWriter().println("Timeout while waiting for certificate.");
- return;
+ return false;
}
resp.sendRedirect(Certificates.PATH + "/" + ser);
+ return true;
}
- f.output(resp.getWriter(), getLanguage(req), Collections.<String, Object>emptyMap());
+ return super.beforePost(req, resp);
+ }
+ @Override
+ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (Form.printFormErrors(req, resp.getWriter())) {
+ CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
+ f.output(resp.getWriter(), getLanguage(req), Collections.<String, Object>emptyMap());
+ }
}
@Override
import org.cacert.gigi.output.template.IterableDataset;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
import org.cacert.gigi.util.AuthorizationContext;
import org.cacert.gigi.util.RandomToken;
CertificateValiditySelector issueDate = new CertificateValiditySelector();
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String csr = req.getParameter("CSR");
String spkac = req.getParameter("SPKAC");
try {
- try {
- if (csr != null) {
- cr = new CertificateRequest(c, csr);
- cr.checkKeyStrength(out);
- } else if (spkac != null) {
- cr = new CertificateRequest(c, spkac, spkacChallenge);
- cr.checkKeyStrength(out);
- } else if (cr != null) {
- login = "1".equals(req.getParameter("login"));
- issueDate.update(req);
- GigiApiException error = new GigiApiException();
-
- try {
- cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), //
- req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"));
- } catch (GigiApiException e) {
- error.mergeInto(e);
- }
+ if (csr != null) {
+ cr = new CertificateRequest(c, csr);
+ // TODO cr.checkKeyStrength(out);
+ return false;
+ } else if (spkac != null) {
+ cr = new CertificateRequest(c, spkac, spkacChallenge);
+ // TODO cr.checkKeyStrength(out);
+ return false;
+ } else if (cr != null) {
+ login = "1".equals(req.getParameter("login"));
+ issueDate.update(req);
+ GigiApiException error = new GigiApiException();
+
+ try {
+ cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), //
+ req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"));
+ } catch (GigiApiException e) {
+ error.mergeInto(e);
+ }
- Certificate result = null;
- try {
- result = cr.draft();
- } catch (GigiApiException e) {
- error.mergeInto(e);
- }
- if ( !error.isEmpty() || result == null) {
- error.format(out, Page.getLanguage(req));
- return false;
- }
- if (login) {
- result.setLoginEnabled(true);
- }
- result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000);
- this.result = result;
- return true;
- } else {
- throw new GigiApiException("Error no action.");
+ Certificate result = null;
+ try {
+ result = cr.draft();
+ } catch (GigiApiException e) {
+ error.mergeInto(e);
+ }
+ if ( !error.isEmpty() || result == null) {
+ throw error;
}
- } catch (IOException e) {
- e.printStackTrace();
- } catch (IllegalArgumentException e) {
- e.printStackTrace();
- throw new GigiApiException("Certificate Request format is invalid.");
- } catch (GeneralSecurityException e) {
- e.printStackTrace();
- throw new GigiApiException("Certificate Request format is invalid.");
+ if (login) {
+ result.setLoginEnabled(true);
+ }
+ result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000);
+ this.result = result;
+ return true;
+ } else {
+ throw new GigiApiException("Error no action.");
}
- } catch (GigiApiException e) {
- e.format(out, Page.getLanguage(req));
+ } catch (IOException e) {
+ e.printStackTrace();
+ throw new GigiApiException("Certificate Request format is invalid.");
+ } catch (IllegalArgumentException e) {
+ e.printStackTrace();
+ throw new GigiApiException("Certificate Request format is invalid.");
+ } catch (GeneralSecurityException e) {
+ e.printStackTrace();
+ throw new GigiApiException("Certificate Request format is invalid.");
}
- return false;
}
@Override
private static final Template myTemplate = new Template(CertificateModificationForm.class.getResource("CertificateModificationForm.templ"));
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) {
String action = req.getParameter("action");
if ( !"revoke".equals(action)) {
return false;
@Override
public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if ("POST".equals(req.getMethod())) {
+ return beforePost(req, resp);
+ }
String pi = req.getPathInfo().substring(PATH.length());
if (pi.length() == 0) {
return true;
}
+ @Override
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (support && "revoke".equals(req.getParameter("action"))) {
+ if (Form.getForm(req, RevokeSingleCertForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(req.getPathInfo());
+ return true;
+ }
+ return false;
+ }
+ if ( !req.getPathInfo().equals(PATH)) {
+ resp.sendError(500);
+ return true;
+ }
+ if (Form.getForm(req, CertificateModificationForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(PATH);
+ return true;
+ }
+ return false;
+ }
+
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
if (req.getQueryString() != null && !req.getQueryString().equals("") && !req.getQueryString().equals("withRevoked")) {
return;// Block actions by get parameters.
}
+
if (support && "revoke".equals(req.getParameter("action"))) {
- if (Form.getForm(req, RevokeSingleCertForm.class).submitProtected(resp.getWriter(), req)) {
- resp.sendRedirect(req.getPathInfo());
- return;
+ if (Form.printFormErrors(req, resp.getWriter())) {
+ Form.getForm(req, RevokeSingleCertForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
}
+ return;
}
if ( !req.getPathInfo().equals(PATH)) {
resp.sendError(500);
return;
}
- Form.getForm(req, CertificateModificationForm.class).submit(resp.getWriter(), req);
-
- doGet(req, resp);
+ Form.getForm(req, CertificateModificationForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
}
@Override
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (target != null) {
target.revokeCertificate(c);
} else {
import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.Outputable;
import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.pages.Page;
public class DomainAddForm extends Form {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
try {
String parameter = req.getParameter("newdomain");
if (parameter.trim().isEmpty()) {
}
Domain d = new Domain(target, target, parameter);
pcf.setTarget(d);
- pcf.submit(out, req);
+ pcf.submit(req);
return true;
} catch (NumberFormatException e) {
- new GigiApiException("A number could not be parsed").format(out, Page.getLanguage(req));
- return false;
- } catch (GigiApiException e) {
- e.format(out, Page.getLanguage(req));
- return false;
+ throw new GigiApiException("A number could not be parsed");
}
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String dels = req.getParameter("delete");
int delId = Integer.parseInt(dels);
CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
String pi = req.getPathInfo();
if (pi.length() - PATH.length() > 0) {
+ Form.printFormErrors(req, resp.getWriter());
int i = Integer.parseInt(pi.substring(PATH.length()));
Domain d;
try {
}
@Override
- public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String pi = req.getPathInfo();
if (pi.length() - PATH.length() > 0) {
- try {
- if (req.getParameter("configId") != null) {
- if ( !Form.getForm(req, DomainPinglogForm.class).submit(resp.getWriter(), req)) {
- // error?
- }
-
- } else {
- if ( !Form.getForm(req, PingConfigForm.class).submit(resp.getWriter(), req)) {
+ if (req.getParameter("configId") != null) {
+ if (Form.getForm(req, DomainPinglogForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(pi);
+ return true;
+ }
- }
+ } else {
+ if (Form.getForm(req, PingConfigForm.class).submitExceptionProtected(req)) {
+ resp.sendRedirect(pi);
+ return true;
}
- } catch (GigiApiException e) {
- e.format(resp.getWriter(), getLanguage(req));
- return;
}
- resp.sendRedirect(pi);
}
+ return super.beforePost(req, resp);
+ }
+
+ @Override
+ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
if (req.getParameter("adddomain") != null) {
DomainAddForm f = Form.getForm(req, DomainAddForm.class);
- if (f.submit(resp.getWriter(), req)) {
+ if (f.submitProtected(resp.getWriter(), req)) {
resp.sendRedirect(PATH);
}
} else if (req.getParameter("delete") != null) {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
int i = Integer.parseInt(req.getPathInfo().substring(DomainOverview.PATH.length()));
Domain d = Domain.getById(i);
if (u.getId() != d.getOwner().getId()) {
- return false;
+ throw new GigiApiException("Error, owner mismatch.");
}
int reping = Integer.parseInt(req.getParameter("configId"));
DomainPingConfiguration dpc = DomainPingConfiguration.getById(reping);
if (dpc.getTarget() != d) {
- return false;
+ throw new GigiApiException("Error, target mismatch.");
}
dpc.requestReping();
return true;
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
target.clearPings();
if (req.getParameter("emailType") != null && req.getParameter("email") != null) {
try {
}
}
Gigi.notifyPinger(null);
- return false;
+ return true;
}
@Override
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String formMail = req.getParameter("newemail");
mail = formMail;
try {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
try {
String d;
if ((d = req.getParameter("default")) != null) {
} else if ((d = req.getParameter("reping")) != null) {
EmailAddress.getById(Integer.parseInt(d)).requestReping(Page.getLanguage(req));
}
- } catch (GigiApiException e) {
- e.format(out, Page.getLanguage(req));
- return false;
+ return true;
} catch (IOException e1) {
- new GigiApiException("Error while doing reping.").format(out, Page.getLanguage(req));
- return false;
+ throw new GigiApiException("Error while doing reping.");
}
- return true;
}
@Override
package org.cacert.gigi.pages.account.mail;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- PrintWriter out = resp.getWriter();
- if (req.getParameter("addmail") != null) {
- MailAddForm f = Form.getForm(req, MailAddForm.class);
- try {
- if (f.submit(out, req)) {
+ try {
+ if (req.getParameter("addmail") != null) {
+ MailAddForm f = Form.getForm(req, MailAddForm.class);
+ if (f.submit(req)) {
+ resp.sendRedirect(MailOverview.DEFAULT_PATH);
+ }
+ } else {
+ MailManagementForm f = Form.getForm(req, MailManagementForm.class);
+ if (f.submit(req)) {
resp.sendRedirect(MailOverview.DEFAULT_PATH);
}
- } catch (GigiApiException e) {
- e.format(resp.getWriter(), getLanguage(req));
- }
- } else {
- MailManagementForm f = Form.getForm(req, MailManagementForm.class);
- if (f.submit(out, req)) {
- resp.sendRedirect(MailOverview.DEFAULT_PATH);
}
+ } catch (GigiApiException e) {
+ e.format(resp.getWriter(), getLanguage(req));
}
super.doPost(req, resp);
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (req.getParameter("deny") != null) {
u.revokeGroup(ttpAdmin, TTPAdminPage.TTP_APPLICANT);
}
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
this.certType = req.getParameter("certType");
String request = req.getParameter("cert").trim();
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String request = req.getParameter("domain");
Domain d = null;
if (request.matches("#[0-9]+")) {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
EmailAddress[] emails = EmailAddress.findByAllEmail(req.getParameter("email"));
if (emails.length == 0) {
throw new GigiApiException(SprintfCommand.createSimple("No users found matching {0}", req.getParameter("email")));
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (req.getParameter("setTicket") != null) {
// [asdmASDM]\d{8}\.\d+
String ticket = req.getParameter("ticketno");
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.dbObjects.Group;
import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.pages.LoginPage;
}
@Override
- public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
if (req.getParameter("setTicket") == null && req.getParameter("deleteTicket") == null) {
return false;
}
SupportEnterTicketForm f = Form.getForm(req, SupportEnterTicketForm.class);
- try {
- if (f.submit(resp.getWriter(), req)) {
- resp.sendRedirect(PATH);
- return true;
- }
- } catch (GigiApiException e) {
- e.format(resp.getWriter(), getLanguage(req));
+ if (f.submitExceptionProtected(req)) {
+ resp.sendRedirect(PATH);
+ return true;
}
return false;
new SupportEnterTicketForm(req).output(resp.getWriter(), getLanguage(req), vars);
}
+ @Override
+ public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ if (Form.printFormErrors(req, resp.getWriter())) {
+ SupportEnterTicketForm f = Form.getForm(req, SupportEnterTicketForm.class);
+ f.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ }
+ }
+
@Override
public boolean isPermitted(AuthorizationContext ac) {
return ac != null && ac.isInGroup(Group.SUPPORTER);
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
- if (user.getTicket() != null) {
- user.revokeAllCertificates();
- return true;
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
+ if (user.getTicket() == null) {
+ throw new GigiApiException("No ticket number set.");
}
- return false;
+ user.revokeAllCertificates();
+ return true;
}
@Override
private GroupSelector value = new GroupSelector("groupToModify", true);
+ private boolean wasWithPasswordReset = false;
+
public SupportUserDetailsForm(HttpServletRequest hsr, SupportedUser user) {
super(hsr);
this.user = user;
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (user.getTicket() == null) {
- return false;
+ throw new GigiApiException("No ticket number set.");
}
if (user.getTargetUser() == LoginPage.getUser(req)) {
throw new GigiApiException("Supporter may not modify himself.");
if (aword == null || aword.equals("")) {
throw new GigiApiException("An A-Word is required to perform a password reset.");
}
- user.triggerPasswordReset(aword, out, req);
+ user.triggerPasswordReset(aword, req);
+ wasWithPasswordReset = true;
return true;
}
dobSelector.update(req);
return true;
}
+ public boolean wasWithPasswordReset() {
+ return wasWithPasswordReset;
+ }
+
@Override
protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
User user = this.user.getTargetUser();
import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.pages.Page;
import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
public class SupportUserDetailsPage extends Page {
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
try {
if (req.getParameter("revokeall") != null) {
- if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submit(resp.getWriter(), req)) {
+ if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submitProtected(resp.getWriter(), req)) {
throw new GigiApiException("No ticket number set.");
}
} else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
- if ( !Form.getForm(req, SupportUserDetailsForm.class).submit(resp.getWriter(), req)) {
+ SupportUserDetailsForm f = Form.getForm(req, SupportUserDetailsForm.class);
+ if (f.wasWithPasswordReset()) {
+ resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
+ }
+ if ( !f.submitProtected(resp.getWriter(), req)) {
throw new GigiApiException("No ticket number set.");
}
}
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
Signup s = Form.getForm(req, Signup.class);
try {
- if (s.submit(resp.getWriter(), req)) {
+ if (s.submit(req)) {
HttpSession hs = req.getSession();
hs.setAttribute(SIGNUP_PROCESS, null);
resp.getWriter().println(translate(req, "Your information has been submitted" + " into our system. You will now be sent an email with a web link," + " you need to open that link in your web browser within 24 hours" + " or your information will be removed from our system!"));
}
@Override
- public synchronized boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public synchronized boolean submit(HttpServletRequest req) throws GigiApiException {
if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
throw new RateLimitException();
}
import org.cacert.gigi.output.template.IterableDataset;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
public class AffiliationForm extends Form {
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
if (req.getParameter("del") != null) {
User toRemove = User.getByEmail(req.getParameter("del"));
if (toRemove != null) {
o.addAdmin(byEmail, LoginPage.getUser(req), req.getParameter("master") != null);
return true;
} else {
- out.println(Page.getLanguage(req).getTranslation("Requested user is not a RA Agent. We need a RA Agent here."));
+ throw new GigiApiException("Requested user is not a RA Agent. We need a RA Agent here.");
}
}
- out.println(Page.getLanguage(req).getTranslation("No action could have been carried out."));
- return false;
+ throw new GigiApiException("No action could have been carried out.");
}
@Override
import javax.servlet.http.HttpServletRequest;
import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.dbObjects.Country;
import org.cacert.gigi.dbObjects.Organisation;
import org.cacert.gigi.email.EmailProvider;
import org.cacert.gigi.localisation.Language;
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String action = req.getParameter("action");
if (action == null) {
return false;
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String domain = req.getParameter("domain");
new Domain(LoginPage.getUser(req), target, domain);
return true;
}
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
location = req.getParameter("location");
date = req.getParameter("date");
cs.update(req);
Notary.assureAll(assurer, assuree, dob, pointsI, location, req.getParameter("date"), type, toAssure.toArray(new Name[toAssure.size()]), cs.getCountry());
- if (aword != null && !aword.equals("")) {
+ if (isWithPasswordReset()) {
Language langApplicant = Language.getInstance(assuree.getPreferredLocale());
String method = langApplicant.getTranslation("A password reset was triggered. If you did a password reset by verification, please enter your secret password using this form:");
String subject = langApplicant.getTranslation("Password reset by verification");
- PasswordResetPage.initPasswordResetProcess(out, assuree, req, aword, langApplicant, method, subject);
+ PasswordResetPage.initPasswordResetProcess(assuree, req, aword, langApplicant, method, subject);
}
return true;
}
+ public boolean isWithPasswordReset() {
+ return aword != null && !aword.equals("");
+ }
+
public User getAssuree() {
return assuree;
}
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.pages.Page;
import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
public class AssurePage extends Page {
if (req.getParameter("search") == null) {
AssuranceForm form = Form.getForm(req, AssuranceForm.class);
if (form.submitProtected(out, req)) {
+ if (form.isWithPasswordReset()) {
+ resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
+ }
out.println(translate(req, "Verification complete."));
return;
}
};
@Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ public boolean submit(HttpServletRequest req) throws GigiApiException {
String country = req.getParameter("country");
if (country != null) {
int cid = Integer.parseInt(country);
}
public static String executeBasicWebInteraction(String cookie, String path, String query, int formIndex) throws IOException, MalformedURLException, UnsupportedEncodingException {
- URLConnection uc = post(cookie, path, query, formIndex);
+ HttpURLConnection uc = post(cookie, path, query, formIndex);
+ if (uc.getResponseCode() == 302) {
+ return null;
+ }
String error = fetchStartErrorMessage(IOUtils.readURL(uc));
return error;
}