upd: prevent supporter and org-actor at same time

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
index f7ddea07d3e9a1af09fb132efc129c372a78fb64..5b57a1c7330aeb76710593dab98c15eb96ff0e66 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -5,6 +5,7 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 
 
 import javax.servlet.http.HttpServletRequest;
 

+import org.cacert.gigi.Gigi;

 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;


@@ -31,13 +32,13 @@ public class SupportEnterTicketForm extends Form {
             String ticket = req.getParameter("ticketno");
             if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
                 AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
             String ticket = req.getParameter("ticketno");
             if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
                 AuthorizationContext ac = LoginPage.getAuthorizationContext(req);

-                ac.setSupporterTicketId(ticket);
+                req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ticket));

                 return true;
             }
             return false;
         } else if (req.getParameter("deleteTicket") != null) {
             AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
                 return true;
             }
             return false;
         } else if (req.getParameter("deleteTicket") != null) {
             AuthorizationContext ac = LoginPage.getAuthorizationContext(req);

-            ac.setSupporterTicketId(null);
+            req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));

             return true;
         }
         return false;
             return true;
         }
         return false;

diff --git a/src/org/cacert/gigi/util/AuthorizationContext.java b/src/org/cacert/gigi/util/AuthorizationContext.java
index 16f458cafd09d934d29686acfab91ce4caac0a80..412ebc5a66e18872571f70c7d33c47c583802333 100644 (file)
--- a/src/org/cacert/gigi/util/AuthorizationContext.java
+++ b/src/org/cacert/gigi/util/AuthorizationContext.java
@@ -24,6 +24,15 @@ public class AuthorizationContext implements Outputable {
         this.actor = actor;
     }
 
         this.actor = actor;
     }
 

+    public AuthorizationContext(User actor, String supporterTicket) throws GigiApiException {
+        this.target = actor;
+        this.actor = actor;
+        if ( !isInGroup(Group.SUPPORTER)) {
+            throw new GigiApiException("requires a supporter");
+        }
+        supporterTicketId = supporterTicket;
+    }
+

     public CertificateOwner getTarget() {
         return target;
     }
     public CertificateOwner getTarget() {
         return target;
     }


@@ -43,13 +52,6 @@ public class AuthorizationContext implements Outputable {
         return ac.getActor();
     }
 
         return ac.getActor();
     }
 

-    public void setSupporterTicketId(String supporterTicketId) throws GigiApiException {
-        if ( !isInGroup(Group.SUPPORTER)) {
-            throw new GigiApiException("requires a supporter");
-        }
-        this.supporterTicketId = supporterTicketId;
-    }
-

     public String getSupporterTicketId() {
         return supporterTicketId;
     }
     public String getSupporterTicketId() {
         return supporterTicketId;
     }