`locid` int(7) NOT NULL DEFAULT '0',
`listme` int(1) NOT NULL DEFAULT '0',
`contactinfo` varchar(255) NOT NULL DEFAULT '',
- `admin` tinyint(1) NOT NULL DEFAULT '0',
`language` varchar(5) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
- `locked` tinyint(1) NOT NULL DEFAULT '0',
- `assurer_blocked` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
KEY `ccid` (`ccid`),
KEY `regid` (`regid`),
CREATE TABLE IF NOT EXISTS `user_groups` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user` int(11) NOT NULL,
- `permission` enum('supporter','arbitrator','blockedassuree','blockedassurer','ttp-assurer','ttp-applicant', 'codesigning') NOT NULL,
+ `permission` enum('supporter','arbitrator','blockedassuree','blockedassurer','blockedlogin','ttp-assurer','ttp-applicant', 'codesigning') NOT NULL,
`granted` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`deleted` timestamp NULL DEFAULT NULL,
`grantedby` int(11) NOT NULL,
if (id != 0) {
throw new Error("refusing to insert");
}
- GigiPreparedStatement query = DatabaseConnection.getInstance().prepare("insert into `users` set `email`=?, `password`=?, " + "`fname`=?, `mname`=?, `lname`=?, " + "`suffix`=?, `dob`=?, `created`=NOW(), locked=0, `language`=?");
+ GigiPreparedStatement query = DatabaseConnection.getInstance().prepare("insert into `users` set `email`=?, `password`=?, " + "`fname`=?, `mname`=?, `lname`=?, " + "`suffix`=?, `dob`=?, `created`=NOW(), `language`=?");
query.setString(1, email);
query.setString(2, PasswordHash.hash(password));
query.setString(3, name.fname);
import org.cacert.gigi.database.DatabaseConnection;
import org.cacert.gigi.database.GigiPreparedStatement;
import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Group;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.util.PasswordHash;
private void tryAuthWithUnpw(HttpServletRequest req) {
String un = req.getParameter("username");
String pw = req.getParameter("password");
- GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password`, `id` FROM `users` WHERE `email`=? AND locked='0' AND verified='1'");
+ GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password`, `id` FROM `users` WHERE `email`=? AND verified='1'");
ps.setString(1, un);
GigiResultSet rs = ps.executeQuery();
if (rs.next()) {
private void tryAuthWithCertificate(HttpServletRequest req, X509Certificate x509Certificate) {
String serial = x509Certificate.getSerialNumber().toString(16).toUpperCase();
- GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` = " + "'0000-00-00 00:00:00'");
+ GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` = '0000-00-00 00:00:00'");
ps.setString(1, serial);
GigiResultSet rs = ps.executeQuery();
if (rs.next()) {
rs.close();
}
+ private static final Group LOGIN_BLOCKED = Group.getByString("blockedlogin");
+
private void loginSession(HttpServletRequest req, User user) {
+ if (user.isInGroup(LOGIN_BLOCKED)) {
+ return;
+ }
req.getSession().invalidate();
HttpSession hs = req.getSession();
hs.setAttribute(LOGGEDIN, true);
import org.cacert.gigi.database.DatabaseConnection;
import org.cacert.gigi.database.GigiPreparedStatement;
import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Group;
import org.cacert.gigi.dbObjects.Name;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.output.DateSelector;
}
}
+ public static final Group ASSURER_BLOCKED = Group.getByString("blockedassurer");
+
+ public static final Group ASSUREE_BLOCKED = Group.getByString("blockedassuree");
+
/**
* This method assures another user.
*
*/
public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date) throws GigiApiException {
GigiApiException gae = new GigiApiException();
-
+ if (assuree.isInGroup(ASSUREE_BLOCKED)) {
+ gae.mergeInto(new GigiApiException("The assuree is blocked."));
+ }
+ if (assurer.isInGroup(ASSURER_BLOCKED)) {
+ gae.mergeInto(new GigiApiException("The assurer is blocked."));
+ }
+ if ( !gae.isEmpty()) {
+ throw gae;
+ }
if (date == null || date.equals("")) {
gae.mergeInto(new GigiApiException("You must enter the date when you met the assuree."));
} else {