PrintWriter out = resp.getWriter();
String pi = req.getPathInfo().substring(PATH.length());
- if (pi.length() > 1) {
- int mid = Integer.parseInt(pi.substring(1));
- AssuranceForm form = new AssuranceForm(req, mid);
- outputForm(req, out, mid, form);
-
- } else {
- HashMap<String, Object> vars = new HashMap<String, Object>();
- vars.put("DoB", ds);
- t.output(out, getLanguage(req), vars);
- }
+ HashMap<String, Object> vars = new HashMap<String, Object>();
+ vars.put("DoB", ds);
+ t.output(out, getLanguage(req), vars);
}
@Override
}
}
- private void outputForm(HttpServletRequest req, PrintWriter out, int mid, AssuranceForm form) {
+ private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) {
User myself = LoginPage.getUser(req);
- AssuranceResult check = Notary.checkAssuranceIsPossible(myself, new User(mid));
+ AssuranceResult check = Notary.checkAssuranceIsPossible(myself, form.getAssuree());
if (check != AssuranceResult.ASSURANCE_SUCCEDED) {
out.println(translate(req, check.getMessage()));
return;
}
- if (form == null || form.getAssuree().getId() != mid) {
- form = new AssuranceForm(req, mid);
- }
form.output(out, getLanguage(req), new HashMap<String, Object>());
}
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
PrintWriter out = resp.getWriter();
- String pi = req.getPathInfo().substring(PATH.length());
- if (pi.length() > 1) {
- User myself = getUser(req);
- int mid = Integer.parseInt(pi.substring(1));
- if (mid == myself.getId()) {
- out.println(translate(req, "Cannot assure myself."));
- return;
- }
-
+ if (req.getParameter("search") == null) {
AssuranceForm form = Form.getForm(req, AssuranceForm.class);
- if (mid != form.getAssuree().getId()) {
- return;
- }
if (form.submit(out, req)) {
out.println(translate(req, "Assurance complete."));
} else {
- outputForm(req, resp.getWriter(), mid, form);
+ outputForm(req, resp.getWriter(), form);
}
return;
} else {
if (verified == 0) {
out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
+ } else if (getUser(req).getId() == id) {
+
+ } else {
+ AssuranceForm form = new AssuranceForm(req, id);
+ outputForm(req, out, form);
}
- resp.sendRedirect(PATH + "/" + id);
}
} else {
out.print("<div class='formError'>");
@Test
public void testAssureSearch() throws IOException {
String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
- assertTrue(loc, loc.endsWith(AssurePage.PATH + "/" + assuree));
+ assertTrue(loc, loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
}
@Test
public void testAssureSearchEmail() throws IOException {
String loc = search("email=1" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
- assertNull(loc);
+ assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
}
@Test
public void testAssureSearchDob() throws IOException {
String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=2&month=1&year=1910");
- assertNull(loc);
+ assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=2&year=1910");
- assertNull(loc);
+ assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1911");
- assertNull(loc);
+ assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
}
private String search(String query) throws MalformedURLException, IOException, UnsupportedEncodingException {
URLConnection uc = u.openConnection();
uc.setDoOutput(true);
uc.addRequestProperty("Cookie", cookie);
- uc.getOutputStream().write((query).getBytes());
+ uc.getOutputStream().write(("search&" + query).getBytes());
uc.getOutputStream().flush();
- String loc = uc.getHeaderField("Location");
- return loc;
+ return IOUtils.readURL(uc);
}
@Test
assertTrue(resp.contains(uniqueLoc));
}
-
@Test
public void testAssurerListingValid() throws IOException {
String uniqueLoc = createUniqueName();
}
private URLConnection buildupAssureFormConnection(boolean doCSRF) throws MalformedURLException, IOException {
- URL u = new URL("https://" + getServerName() + AssurePage.PATH + "/" + assuree);
+ URL u = new URL("https://" + getServerName() + AssurePage.PATH);
URLConnection uc = u.openConnection();
uc.addRequestProperty("Cookie", cookie);
+ uc.setDoOutput(true);
+ uc.getOutputStream().write(("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes());
+
String csrf = getCSRF(uc);
uc = u.openConnection();
uc.addRequestProperty("Cookie", cookie);