Merge "add: script to generate changelog based on git info"

diff --git a/src/club/wpia/gigi/database/DatabaseConnection.java b/src/club/wpia/gigi/database/DatabaseConnection.java
index 40eeae69f02426feab1b385124d4740b611ffc24..04351d1a38e8ab2af427c6f3c1473a5dfcac322a 100644 (file)
--- a/src/club/wpia/gigi/database/DatabaseConnection.java
+++ b/src/club/wpia/gigi/database/DatabaseConnection.java
@@ -181,7 +181,7 @@ public class DatabaseConnection {
 
     }
 
-    public static final int CURRENT_SCHEMA_VERSION = 35;
+    public static final int CURRENT_SCHEMA_VERSION = 36;
 
     public static final int CONNECTION_TIMEOUT = 24 * 60 * 60;
 

diff --git a/src/club/wpia/gigi/database/tableStructure.sql b/src/club/wpia/gigi/database/tableStructure.sql
index 82aedc72a9b0e02c919e11678b7f61a92b4f6e97..8c697f78a93376352554274e245d03e40adbe21d 100644 (file)
--- a/src/club/wpia/gigi/database/tableStructure.sql
+++ b/src/club/wpia/gigi/database/tableStructure.sql
@@ -115,16 +115,6 @@ CREATE TABLE "baddomains" (
 );
 
 
-DROP TABLE IF EXISTS "alerts";
-CREATE TABLE "alerts" (
-  "memid" int NOT NULL DEFAULT '0',
-  "general" boolean NOT NULL DEFAULT 'false',
-  "country" boolean NOT NULL DEFAULT 'false',
-  "regional" boolean NOT NULL DEFAULT 'false',
-  "radius" boolean NOT NULL DEFAULT 'false',
-  PRIMARY KEY ("memid")
-);
-
 DROP TABLE IF EXISTS "user_agreements";
 CREATE TABLE "user_agreements" (
   "id" serial NOT NULL,
@@ -380,7 +370,7 @@ CREATE TABLE "schemeVersion" (
   "version" smallint NOT NULL,
   PRIMARY KEY ("version")
 );
-INSERT INTO "schemeVersion" (version)  VALUES(35);
+INSERT INTO "schemeVersion" (version)  VALUES(36);
 
 DROP TABLE IF EXISTS `passwordResetTickets`;
 CREATE TABLE `passwordResetTickets` (

diff --git a/src/club/wpia/gigi/database/upgrade/from_35.sql b/src/club/wpia/gigi/database/upgrade/from_35.sql
new file mode 100644 (file)
index 0000000..53dcc4d
--- /dev/null
+++ b/src/club/wpia/gigi/database/upgrade/from_35.sql
@@ -0,0 +1 @@
+DROP TABLE IF EXISTS "alerts";

diff --git a/src/club/wpia/gigi/dbObjects/CertificateOwner.java b/src/club/wpia/gigi/dbObjects/CertificateOwner.java
index f608b2fc01bea94610a6e826af84bed7d573305e..007d98d3a1092c7d5401c9ba3014f0e676f62bef 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/CertificateOwner.java
+++ b/src/club/wpia/gigi/dbObjects/CertificateOwner.java
@@ -24,7 +24,15 @@ public abstract class CertificateOwner implements IdCachable, Serializable {
         this.id = id;
     }
 
-    protected CertificateOwner() {
+    /**
+     * This constructor has a dummy parameter to allow callers to do checks
+     * before invoking the super constructor.
+     * 
+     * @param dummy
+     *            a parameter that is not used to allow callers to do checks
+     *            before super constructor invocation.
+     */
+    protected CertificateOwner(Void dummy) {
         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `certOwners` DEFAULT VALUES")) {
             ps.execute();
             id = ps.lastInsertId();

diff --git a/src/club/wpia/gigi/dbObjects/Organisation.java b/src/club/wpia/gigi/dbObjects/Organisation.java
index 4ee25d0ede565e6a9187bddc71a63377462d9e95..c9754565744b0d107baee2515f802e2e2cae9fbe 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/Organisation.java
+++ b/src/club/wpia/gigi/dbObjects/Organisation.java
@@ -68,12 +68,7 @@ public class Organisation extends CertificateOwner {
     private String postalAddress;
 
     public Organisation(String name, Country country, String province, String city, String email, String optionalName, String postalAddress, User creator) throws GigiApiException {
-        if ( !creator.isInGroup(Group.ORG_AGENT)) {
-            throw new GigiApiException("Only Organisation RA Agents may create organisations.");
-        }
-        if (country == null) {
-            throw new GigiApiException("Got country code of illegal type.");
-        }
+        super(validate(creator, country));
         this.name = name;
         this.country = country;
         this.province = province;
@@ -98,6 +93,16 @@ public class Organisation extends CertificateOwner {
         }
     }
 
+    private static Void validate(User creator, Country country) throws GigiApiException {
+        if ( !creator.isInGroup(Group.ORG_AGENT)) {
+            throw new GigiApiException("Only Organisation RA Agents may create organisations.");
+        }
+        if (country == null) {
+            throw new GigiApiException("Got country code of illegal type.");
+        }
+        return null;
+    }
+
     protected Organisation(GigiResultSet rs) throws GigiApiException {
         super(rs.getInt("id"));
         name = rs.getString("name");

diff --git a/src/club/wpia/gigi/dbObjects/User.java b/src/club/wpia/gigi/dbObjects/User.java
index cdd00d6f3533b2ba7656203a960f4014aad426d7..3c2cd6b03f284d9b8ed71c14a14c59dc3a8400dd 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/User.java
+++ b/src/club/wpia/gigi/dbObjects/User.java
@@ -105,10 +105,7 @@ public class User extends CertificateOwner {
     }
 
     public User(String email, String password, DayDate dob, Locale locale, Country residenceCountry, NamePart... preferred) throws GigiApiException {
-        // Avoid storing information that obviously won't get through
-        if ( !EmailProvider.isValidMailAddress(email)) {
-            throw new IllegalArgumentException("Invalid email.");
-        }
+        super(validate(email));
 
         this.email = email;
         this.dob = dob;
@@ -128,6 +125,14 @@ public class User extends CertificateOwner {
         new EmailAddress(this, email, locale);
     }
 
+    private static Void validate(String email) {
+        // Avoid storing information that obviously won't get through
+        if ( !EmailProvider.isValidMailAddress(email)) {
+            throw new IllegalArgumentException("Invalid email.");
+        }
+        return null;
+    }
+
     public Name[] getNames() {
         try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `id` FROM `names` WHERE `uid`=? AND `deleted` IS NULL", true)) {
             gps.setInt(1, getId());

diff --git a/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
index 0a98dfd124a58c2791fa75b303b7074b85ded05f..58b2997e11ae9b84174d3bf9a5b8886a797db6bd 100644 (file)
--- a/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -12,11 +12,14 @@ import club.wpia.gigi.output.template.Form;
 import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.pages.LoginPage;
 import club.wpia.gigi.util.AuthorizationContext;
+import club.wpia.gigi.util.CalendarUtil;
 
 public class SupportEnterTicketForm extends Form {
 
     private static final Template t = new Template(SupportEnterTicketForm.class.getResource("SupportEnterTicketForm.templ"));
 
+    public static final String TICKET_PREFIX = "acdhi";
+
     public SupportEnterTicketForm(HttpServletRequest hsr) {
         super(hsr);
     }
@@ -24,9 +27,9 @@ public class SupportEnterTicketForm extends Form {
     @Override
     public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("setTicket") != null) {
-            // [asdmASDM]\d{8}\.\d+
-            String ticket = req.getParameter("ticketno");
-            if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
+            // [acdhi]\d{8}\.\d+ according to numbering scheme
+            String ticket = req.getParameter("ticketno").toLowerCase();
+            if (ticket.matches("[" + TICKET_PREFIX + "]\\d{8}\\.\\d+") && CalendarUtil.isDateValid(ticket.substring(1, 9))) {
                 AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
                 req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ticket));
                 return new RedirectResult(SupportEnterTicketPage.PATH);

diff --git a/src/club/wpia/gigi/pages/main/Signup.java b/src/club/wpia/gigi/pages/main/Signup.java
index c5dcadf75c48585cf2912b5b6a00296befc8e690..d9b2cc1f8de65fc0744c023a72e555fa370062cb 100644 (file)
--- a/src/club/wpia/gigi/pages/main/Signup.java
+++ b/src/club/wpia/gigi/pages/main/Signup.java
@@ -37,8 +37,6 @@ public class Signup extends Form {
 
     private static final Template t = new Template(Signup.class.getResource("Signup.templ"));
 
-    private boolean general = true, country = true, regional = true, radius = true;
-
     private CountrySelector cs;
 
     public Signup(HttpServletRequest hsr) {
@@ -55,10 +53,6 @@ public class Signup extends Form {
         vars.put("name", ni);
         vars.put("dob", myDoB);
         vars.put("email", HTMLEncoder.encodeHTML(email));
-        vars.put("general", general ? " checked=\"checked\"" : "");
-        vars.put("country", country ? " checked=\"checked\"" : "");
-        vars.put("regional", regional ? " checked=\"checked\"" : "");
-        vars.put("radius", radius ? " checked=\"checked\"" : "");
         vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the wiki{1}", Arrays.asList("!(/wiki/names", "!'</a>")));
         vars.put("csrf", getCSRFToken());
         vars.put("dobmin", User.MINIMUM_AGE + "");
@@ -70,10 +64,6 @@ public class Signup extends Form {
         if (r.getParameter("email") != null) {
             email = r.getParameter("email");
         }
-        general = "1".equals(r.getParameter("general"));
-        country = "1".equals(r.getParameter("country"));
-        regional = "1".equals(r.getParameter("regional"));
-        radius = "1".equals(r.getParameter("radius"));
         GigiApiException problems = new GigiApiException();
         try {
             ni.update(r);
@@ -190,15 +180,6 @@ public class Signup extends Form {
 
     private void run(HttpServletRequest req, String password) throws GigiApiException {
         User u = new User(email, password, myDoB.getDate(), Page.getLanguage(req).getLocale(), cs.getCountry(), ni.getNameParts());
-
-        try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `alerts` SET `memid`=?," + " `general`=?, `country`=?, `regional`=?, `radius`=?")) {
-            ps.setInt(1, u.getId());
-            ps.setBoolean(2, general);
-            ps.setBoolean(3, country);
-            ps.setBoolean(4, regional);
-            ps.setBoolean(5, radius);
-            ps.execute();
-        }
         Notary.writeUserAgreement(u, "ToS", "account creation", "", true, 0);
     }
 

diff --git a/src/club/wpia/gigi/pages/main/Signup.templ b/src/club/wpia/gigi/pages/main/Signup.templ
index d241a8634b02110bcd4e7770605a10a394d43cdf..bc602e78cd97997c2854da1944b502af9f13332c 100644 (file)
--- a/src/club/wpia/gigi/pages/main/Signup.templ
+++ b/src/club/wpia/gigi/pages/main/Signup.templ
@@ -45,26 +45,14 @@
   <tr>
     <td colspan="3"><font color="red">*</font><?=_Your password is one of many factors to protect your account from unauthorised access. A good password is hard to guess, long, and contains a diverse set of characters. For the current requirements and to learn more, visit our !(/wiki/goodPassword)FAQ!'</a>'.?></td>
   </tr>
-  <tr>
-    <td colspan="3"><?=_It's possible to get notifications of up and coming events and even just general announcements, untick any notifications you don't wish to receive. For country, regional and radius notifications to work you must choose your location once you've verified your account and logged in.?></td>
-  </tr>
 
   <tr>
-    <td valign="top"><?=_Alert me if?>: </td>
-    <td align="left">
-        <input type="checkbox" name="general" value="1"<?=$!general?>><?=_General Announcements?><br>
-        <input type="checkbox" name="country" value="1"<?=$!country?>><?=_Country Announcements?><br>
-        <input type="checkbox" name="regional" value="1"<?=$!regional?>><?=_Regional Announcements?><br>
-        <input type="checkbox" name="radius" value="1"<?=$!radius?>><?=_Within 200km Announcements?></td>
-    <td>&nbsp;</td>
+    <td colspan="3"><input type="checkbox" name="tos_agree" value="1"><?=_I agree to the Terms of Service (!(/policy/ToS)ToS!'</a>').?></td>
   </tr>
 
   <tr>
     <td colspan="3"><?=_When you click on next, we will send a confirmation email to the email address you have entered above.?></td>
   </tr>
-  <tr>
-    <td colspan="3"><input type="checkbox" name="tos_agree" value="1"><?=_I agree to the Terms of Service (!(/policy/ToS)ToS!'</a>').?></td>
-  </tr>
 
   <tr>
     <td colspan="3"><input class="btn btn-primary" type="submit" name="process" value="<?=_Next?>"></td>

diff --git a/src/club/wpia/gigi/util/CalendarUtil.java b/src/club/wpia/gigi/util/CalendarUtil.java
index c7b2bb0faef15015a59545606417692db72f7a8b..9c4cf70ae66bf1392d8712ee5c6e2ac8927e1bca 100644 (file)
--- a/src/club/wpia/gigi/util/CalendarUtil.java
+++ b/src/club/wpia/gigi/util/CalendarUtil.java
@@ -15,6 +15,17 @@ public class CalendarUtil {
 
     }
 
+    /**
+     * @param date
+     *            YYYYMMDD
+     */
+    public static boolean isDateValid(String date) {
+        int year = Integer.parseInt(date.substring(0, 4));
+        int month = Integer.parseInt(date.substring(4, 6));
+        int day = Integer.parseInt(date.substring(6, 8));
+        return isDateValid(year, month, day);
+    }
+
     public static boolean isOfAge(DayDate dob, int age) {
         return isYearsInFuture(dob.start(), age);
     }

diff --git a/tests/club/wpia/gigi/pages/admin/TestSEAdminTicketSetting.java b/tests/club/wpia/gigi/pages/admin/TestSEAdminTicketSetting.java
index 59f042793af7dbb0033b446cea12d03fecaa1a27..e20b4944da0e88bdc7b145a5e9e15df4bb00d99f 100644 (file)
--- a/tests/club/wpia/gigi/pages/admin/TestSEAdminTicketSetting.java
+++ b/tests/club/wpia/gigi/pages/admin/TestSEAdminTicketSetting.java
@@ -1,10 +1,13 @@
 package club.wpia.gigi.pages.admin;
 
+import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.*;
 
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.MalformedURLException;
+import java.util.Random;
 
 import org.junit.Test;
 
@@ -12,8 +15,10 @@ import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.pages.admin.support.FindUserByDomainPage;
 import club.wpia.gigi.pages.admin.support.FindUserByEmailPage;
+import club.wpia.gigi.pages.admin.support.SupportEnterTicketForm;
 import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
 import club.wpia.gigi.testUtils.ClientTest;
+import club.wpia.gigi.testUtils.IOUtils;
 
 public class TestSEAdminTicketSetting extends ClientTest {
 
@@ -32,4 +37,66 @@ public class TestSEAdminTicketSetting extends ClientTest {
         assertEquals(403, get(FindUserByEmailPage.PATH).getResponseCode());
     }
 
+    @Test
+    public void testSetTicketNumberCharacter() throws MalformedURLException, UnsupportedEncodingException, IOException {
+        String ticket;
+        String alphabet = "abcdefghijklmnopqrstuvwxyz";
+
+        // test allowed character
+        for (char ch : SupportEnterTicketForm.TICKET_PREFIX.toCharArray()) {
+            ticket = ch + "20171212.1";
+            assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=" + ticket + "&setTicket=action", 0).getResponseCode());
+            ticket = Character.toUpperCase(ch) + "20171212.1";
+            assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=" + ticket + "&setTicket=action", 0).getResponseCode());
+            alphabet = alphabet.replaceAll(Character.toString(ch), "");
+        }
+
+        // test not allowed character
+        Random rnd = new Random();
+        char ch = alphabet.charAt(rnd.nextInt(alphabet.length()));
+        assertWrongTicketNumber(ch + "20171212.1");
+    }
+
+    @Test
+    public void testSetTicketNumberDatepart() throws MalformedURLException, UnsupportedEncodingException, IOException {
+        char ch = getValidCharacter();
+
+        assertWrongTicketNumber(ch + "220171212.1");
+
+        assertWrongTicketNumber(ch + "0171212.1");
+
+        assertWrongTicketNumber(ch + "20171512.1");
+
+        assertWrongTicketNumber(ch + "20170229.1");
+
+        assertWrongTicketNumber(ch + ch + "20171212.1");
+
+        assertWrongTicketNumber("20171212.1");
+
+        assertWrongTicketNumber(ch + "20171212" + ch + ".1");
+
+        assertWrongTicketNumber(ch + "201721" + ch + "21.1");
+    }
+
+    @Test
+    public void testSetTicketNumberNumberpart() throws MalformedURLException, UnsupportedEncodingException, IOException {
+        char ch = getValidCharacter();
+
+        assertWrongTicketNumber(ch + "20171212.");
+
+        assertWrongTicketNumber(ch + "20171212");
+
+        assertWrongTicketNumber(ch + "20171212.1" + ch);
+
+    }
+
+    private char getValidCharacter() {
+        Random rnd = new Random();
+        return SupportEnterTicketForm.TICKET_PREFIX.charAt(rnd.nextInt(SupportEnterTicketForm.TICKET_PREFIX.length()));
+    }
+
+    private void assertWrongTicketNumber(String ticket) throws IOException {
+        String res = IOUtils.readURL(post(SupportEnterTicketPage.PATH, "ticketno=" + ticket + "&setTicket=action"));
+        assertThat(res, containsString("Ticket format malformed"));
+    }
 }

diff --git a/tests/club/wpia/gigi/pages/main/RegisterPageTest.java b/tests/club/wpia/gigi/pages/main/RegisterPageTest.java
index d9de3a910d1095f4999fd023687f3dbd80902c0b..85e34b92e97072220d3cf12560f850a140dc9e56 100644 (file)
--- a/tests/club/wpia/gigi/pages/main/RegisterPageTest.java
+++ b/tests/club/wpia/gigi/pages/main/RegisterPageTest.java
@@ -49,14 +49,14 @@ public class RegisterPageTest extends ManagedTest {
 
         String defaultSignup = "fname=" + URLEncoder.encode("ab", "UTF-8") + "&lname=" + URLEncoder.encode("b", "UTF-8") + "&pword1=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&pword2=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&day=1&month=1&year=1910&tos_agree=1&mname=mn&suffix=sf&email=";
 
-        String query = defaultSignup + URLEncoder.encode("correct3_" + uniq + "@email.de", "UTF-8") + "&general=1&country=1&regional=1&radius=1&name-type=western";
+        String query = defaultSignup + URLEncoder.encode("correct3_" + uniq + "@email.de", "UTF-8") + "&name-type=western";
         String data = fetchStartErrorMessage(runRegister(query));
         assertNull(data);
         assertSuccessfullRegMail("correct3_" + uniq + "@email.de");
 
         getMailReceiver().setEmailCheckError("400 Greylisted");
         getMailReceiver().setApproveRegex(Pattern.compile("a"));
-        query = defaultSignup + URLEncoder.encode("correct4_" + uniq + "@email.de", "UTF-8") + "&general=1&country=1&regional=1&radius=1";
+        query = defaultSignup + URLEncoder.encode("correct4_" + uniq + "@email.de", "UTF-8");
         data = fetchStartErrorMessage(runRegister(query));
         assertNotNull(data);
 
@@ -170,20 +170,6 @@ public class RegisterPageTest extends ManagedTest {
         assertThat(run, containsString("<option selected=\"selected\">28</option>"));
     }
 
-    @Test
-    public void testCheckboxesStay() throws IOException {
-        String run2 = runRegister("general=1&country=a&regional=1&radius=0");
-        assertThat(run2, containsString("name=\"general\" value=\"1\" checked=\"checked\">"));
-        assertThat(run2, containsString("name=\"country\" value=\"1\">"));
-        assertThat(run2, containsString("name=\"regional\" value=\"1\" checked=\"checked\">"));
-        assertThat(run2, containsString("name=\"radius\" value=\"1\">"));
-        run2 = runRegister("general=0&country=1&radius=1");
-        assertThat(run2, containsString("name=\"general\" value=\"1\">"));
-        assertThat(run2, containsString("name=\"country\" value=\"1\" checked=\"checked\">"));
-        assertThat(run2, containsString("name=\"regional\" value=\"1\">"));
-        assertThat(run2, containsString("name=\"radius\" value=\"1\" checked=\"checked\">"));
-    }
-
     @Test
     public void testDoubleMail() throws IOException {
         long uniq = System.currentTimeMillis();
@@ -221,7 +207,7 @@ public class RegisterPageTest extends ManagedTest {
 
         String defaultSignup = "fname=" + URLEncoder.encode("ab", "UTF-8") + "&lname=" + URLEncoder.encode("b", "UTF-8") + "&pword1=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&pword2=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&day=1&month=1&year=1910&tos_agree=1&mname=mn&suffix=sf&email=";
 
-        String query = defaultSignup + URLEncoder.encode(email, "UTF-8") + "&general=1&country=1&regional=1&radius=1&name-type=western&residenceCountry=DE";
+        String query = defaultSignup + URLEncoder.encode(email, "UTF-8") + "&name-type=western&residenceCountry=DE";
         String data = fetchStartErrorMessage(runRegister(query));
         assertNull(data);
         User u = User.getByEmail(email);
@@ -236,7 +222,7 @@ public class RegisterPageTest extends ManagedTest {
 
         String defaultSignup = "fname=" + URLEncoder.encode("ab", "UTF-8") + "&lname=" + URLEncoder.encode("b", "UTF-8") + "&pword1=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&pword2=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") + "&day=1&month=1&year=1910&tos_agree=1&mname=mn&suffix=sf&email=";
 
-        String query = defaultSignup + URLEncoder.encode(email, "UTF-8") + "&general=1&country=1&regional=1&radius=1&name-type=western&residenceCountry=invalid";
+        String query = defaultSignup + URLEncoder.encode(email, "UTF-8") + "&name-type=western&residenceCountry=invalid";
         String data = fetchStartErrorMessage(runRegister(query));
         assertNull(data);
         User u = User.getByEmail(email);