Merge "Fix typo and spelling"

author Benny Baumann <BenBE1987@gmx.net>

Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)

committer Gerrit Code Review <gigi-system@dogcraft.de>

Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)
author Benny Baumann <BenBE1987@gmx.net>
Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)
committer Gerrit Code Review <gigi-system@dogcraft.de>
Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)
diff --git a/src/org/cacert/gigi/dbObjects/Group.java b/src/org/cacert/gigi/dbObjects/Group.java

index 13080efb208490a4ae7fc489cd57b5fb462a4001..287187a2d73482f5de592997a837da595c8f0827 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/Group.java
+++ b/src/org/cacert/gigi/dbObjects/Group.java
@@ -6,18 +6,18 @@ import org.cacert.gigi.output.template.Outputable;
  import org.cacert.gigi.output.template.TranslateCommand;
  
  public enum Group {
-    SUPPORTER("supporter", "supporter", true, true), //
-    ARBITRATOR("arbitrator", "arbitrator", true, true), //
-    BLOCKEDASSURER("blockedassurer", "may not verify", true, false), //
-    BLOCKEDASSUREE("blockedassuree", "may not be verified", true, false), //
-    BLOCKEDLOGIN("blockedlogin", "may not login", true, false), //
-    BLOCKEDCERT("blockedcert", "may not issue certificates", true, false), //
-    TTP_ASSURER("ttp-assurer", "may verify via TTP", true, true), //
-    TTP_APPLICANT("ttp-applicant", "requests to be verified via ttp", true, false), //
-    CODESIGNING("codesigning", "may issue codesigning certificates", true, false), //
-    ORGASSURER("orgassurer", "may verify organisations", true, true), //
-    NUCLEUS_ASSURER("nucleus-assurer", "may enter nucleus verifications", true, true), //
-    LOCATE_AGENT("locate-agent", "wants access to the locate agent system", false, false);
+    SUPPORTER("supporter", "supporter", true, false, true), //
+    ARBITRATOR("arbitrator", "arbitrator", true, false, true), //
+    BLOCKEDASSURER("blockedassurer", "may not verify", true, false, false), //
+    BLOCKEDASSUREE("blockedassuree", "may not be verified", true, false, false), //
+    BLOCKEDLOGIN("blockedlogin", "may not login", true, false, false), //
+    BLOCKEDCERT("blockedcert", "may not issue certificates", true, false, false), //
+    TTP_ASSURER("ttp-assurer", "may verify via TTP", true, false, true), //
+    TTP_APPLICANT("ttp-applicant", "requests to be verified via ttp", false, true, false), //
+    CODESIGNING("codesigning", "may issue codesigning certificates", true, false, false), //
+    ORGASSURER("orgassurer", "may verify organisations", true, false, true), //
+    NUCLEUS_ASSURER("nucleus-assurer", "may enter nucleus verifications", true, false, true), //
+    LOCATE_AGENT("locate-agent", "wants access to the locate agent system", false, true, false);
  
      private final String dbName;
  
@@ -25,6 +25,8 @@ public enum Group {
  
      private final boolean managedBySupport;
  
+    private final boolean managedByUser;
+
      private final boolean isSelfViewable;
  
      /**
@@ -40,9 +42,16 @@ public enum Group {
       * @param isSelfViewable
       *            true iff user should be able to see others in the same group
       */
-    private Group(String name, String display, boolean managedBySupport, boolean isSelfViewable) {
+    private Group(String name, String display, boolean managedBySupport, boolean managedByUser, boolean isSelfViewable) {
          dbName = name;
          tc = new TranslateCommand(display);
+        if (managedByUser && managedBySupport) {
+            throw new IllegalArgumentException("We do not allow groups to be user and support managable.");
+        }
+        if (managedByUser && isSelfViewable) {
+            throw new IllegalArgumentException("We do not allow groups to be self-viewable and managable by user.");
+        }
+        this.managedByUser = managedByUser;
          this.managedBySupport = managedBySupport;
          this.isSelfViewable = isSelfViewable;
      }
@@ -55,6 +64,10 @@ public enum Group {
          return managedBySupport;
      }
  
+    public boolean isManagedByUser() {
+        return managedByUser;
+    }
+
      public boolean isSelfViewable() {
          return isSelfViewable;
      }
diff --git a/src/org/cacert/gigi/dbObjects/SupportNotificationMail.templ b/src/org/cacert/gigi/dbObjects/SupportNotificationMail.templ

index 42254b7364a2eaccf7934edc85f31630d3f6c5b3..b6b857eea86592fbfba7e7776b97bf9c6f072066 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/SupportNotificationMail.templ
+++ b/src/org/cacert/gigi/dbObjects/SupportNotificationMail.templ
@@ -1,9 +1,7 @@
-Subject: [<?=${ticket}?>] <?=${subject}?>
+Subject: [<?=$ticket?>] <?=$subject?>
  
  <?=_Hi?>,
  
  <?=_supporter ${supporter} triggered:?>
  
  <?=$action?>
-
-RA DB
diff --git a/src/org/cacert/gigi/dbObjects/SupportUserNotificationMail.templ b/src/org/cacert/gigi/dbObjects/SupportUserNotificationMail.templ

new file mode 100644 (file)

index 0000000..6b69f18
--- /dev/null
+++ b/src/org/cacert/gigi/dbObjects/SupportUserNotificationMail.templ
@@ -0,0 +1,7 @@
+Subject: [<?=$ticket?>] Support action: <?=$subject?>
+
+<?=_Hi?>,
+
+<?=_support triggered:?>
+
+<?=$action?>
diff --git a/src/org/cacert/gigi/dbObjects/SupportedUser.java b/src/org/cacert/gigi/dbObjects/SupportedUser.java

index a663215a8c658913c0d4991b552de9cc68941c6d..e5daeb31bc0be4923418d595b006147068385f6b 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/SupportedUser.java
+++ b/src/org/cacert/gigi/dbObjects/SupportedUser.java
@@ -10,6 +10,7 @@ import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.MailTemplate;
  import org.cacert.gigi.output.template.Outputable;
+import org.cacert.gigi.output.template.SprintfCommand;
  import org.cacert.gigi.util.DayDate;
  import org.cacert.gigi.util.ServerConstants;
  
@@ -53,6 +54,14 @@ public class SupportedUser {
          if (cert.getStatus() == CertificateStatus.ISSUED) {
              writeSELog("SE Revoke certificate");
              cert.revoke().waitFor(60000);
+            // send notification to support
+            String subject = "Revoke certificate";
+            Outputable message = SprintfCommand.createSimple("Certificate with serial number {0} for {1} <{2}>, has been revoked.", cert.getSerial(), target.getPreferredName().toString(), target.getEmail());
+            sendSupportNotification(subject, message);
+            // send notification to user
+            subject = "Revoke certificate";
+            message = SprintfCommand.createSimple("Certificate with serial number {0} with subject distinguished name {1} has been revoked.", cert.getSerial(), cert.getDistinguishedName());
+            sendSupportUserNotification(subject, message);
          }
      }
  
@@ -85,7 +94,7 @@ public class SupportedUser {
          return target;
      }
  
-    public void grant(Group toMod) {
+    public void grant(Group toMod) throws GigiApiException {
          target.grantGroup(supporter, toMod);
      }
  
@@ -109,4 +118,19 @@ public class SupportedUser {
              e.printStackTrace();
          }
      }
+
+    private static final MailTemplate supportUserNotification = new MailTemplate(SupportedUser.class.getResource("SupportUserNotificationMail.templ"));
+
+    public void sendSupportUserNotification(String subject, Outputable message) {
+        try {
+            HashMap<String, Object> vars = new HashMap<>();
+            vars.put("action", message);
+            vars.put("ticket", this.getTicket());
+            vars.put("subject", subject);
+
+            supportUserNotification.sendMail(Language.getInstance(Locale.ENGLISH), vars, target.getEmail());
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
  }
diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java

index 3c9b972dba9930612a334d74b9d1236e77c40ce3..69b76ad2004ec9aa24c5401b7d8f1f0f42845c12 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/User.java
+++ b/src/org/cacert/gigi/dbObjects/User.java
@@ -45,7 +45,7 @@ public class User extends CertificateOwner {
  
      private Locale locale;
  
-    private final Set<Group> groups = new HashSet<>();
+    private Set<Group> groups = new HashSet<>();
  
      public static final int MINIMUM_AGE = 16;
  
@@ -93,15 +93,21 @@ public class User extends CertificateOwner {
              locale = Language.getLocaleFromString(localeStr);
          }
  
+        refreshGroups();
+    }
+
+    public synchronized void refreshGroups() {
+        HashSet<Group> hs = new HashSet<>();
          try (GigiPreparedStatement psg = new GigiPreparedStatement("SELECT `permission` FROM `user_groups` WHERE `user`=? AND `deleted` is NULL")) {
-            psg.setInt(1, rs.getInt("id"));
+            psg.setInt(1, getId());
  
              try (GigiResultSet rs2 = psg.executeQuery()) {
                  while (rs2.next()) {
-                    groups.add(Group.getByString(rs2.getString(1)));
+                    hs.add(Group.getByString(rs2.getString(1)));
                  }
              }
          }
+        groups = hs;
      }
  
      public User(String email, String password, DayDate dob, Locale locale, Country residenceCountry, NamePart... preferred) throws GigiApiException {
@@ -438,7 +444,10 @@ public class User extends CertificateOwner {
          return Collections.unmodifiableSet(groups);
      }
  
-    public void grantGroup(User granter, Group toGrant) {
+    public void grantGroup(User granter, Group toGrant) throws GigiApiException {
+        if (toGrant.isManagedBySupport() && !granter.isInGroup(Group.SUPPORTER)) {
+            throw new GigiApiException("Group may only be managed by supporter");
+        }
          groups.add(toGrant);
          try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) {
              ps.setInt(1, getId());
diff --git a/src/org/cacert/gigi/output/GroupSelector.java b/src/org/cacert/gigi/output/GroupSelector.java

index 66236e1610bb64657381f049b846552eb5240157..49db7050f94fe3e80f580cfbe2ed48a521d2f9bd 100644 (file)
--- a/src/org/cacert/gigi/output/GroupSelector.java
+++ b/src/org/cacert/gigi/output/GroupSelector.java
@@ -17,20 +17,22 @@ public class GroupSelector implements Outputable {
  
      private Group value = null;
  
-    private final boolean supportFlag;
+    private final boolean bySupporter;
  
-    public GroupSelector(String name, boolean supportFlag) {
+    public GroupSelector(String name, boolean bySupporter) {
          this.name = HTMLEncoder.encodeHTML(name);
-        this.supportFlag = supportFlag;
+        this.bySupporter = bySupporter;
      }
  
      public void update(HttpServletRequest r) throws GigiApiException {
          String vS = r.getParameter(name);
-        value = null;
-        for (Group g : Group.values()) {
-            if (g.getDatabaseName().equals(vS)) {
-                value = g;
-            }
+        if (vS == null) {
+            throw new GigiApiException("No value for group.");
+        }
+        try {
+            value = Group.getByString(vS);
+        } catch (IllegalArgumentException e) {
+            throw new GigiApiException("Invalid value for group.");
          }
      }
  
@@ -38,7 +40,7 @@ public class GroupSelector implements Outputable {
      public void output(PrintWriter out, Language l, Map<String, Object> vars) {
          out.println("<select name='" + name + "'>");
          for (Group g : Group.values()) {
-            if (supportFlag == g.isManagedBySupport()) {
+            if (mayManage(g)) {
                  out.print("<option value='" + g.getDatabaseName());
                  if (g.equals(value)) {
                      out.print(" selected");
@@ -51,6 +53,10 @@ public class GroupSelector implements Outputable {
          out.println("</select>");
      }
  
+    private boolean mayManage(Group g) {
+        return (bySupporter && g.isManagedBySupport()) || ( !bySupporter && g.isManagedByUser());
+    }
+
      public Group getGroup() {
          return value;
      }
diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java

index c206ad444df43c5b0df0a08e4add6612fda6f5c4..1c002e57a00959da796c408c91e0838381448747 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -188,7 +188,7 @@ public class LoginPage extends Page {
          return uc;
      }
  
-    private static final Group LOGIN_BLOCKED = Group.getByString("blockedlogin");
+    private static final Group LOGIN_BLOCKED = Group.BLOCKEDLOGIN;
  
      private void loginSession(HttpServletRequest req, User user) {
          if (user.isInGroup(LOGIN_BLOCKED)) {
diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java

index 8d9e47171d8ce7523de2ee84c44e79672c326207..bf773cb4b9ac1946bae5d38b1c319baac3d28bf4 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
+++ b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
@@ -22,7 +22,7 @@ public class TTPAdminPage extends Page {
  
      public static final String PATH = "/admin/ttp";
  
-    public static final Group TTP_APPLICANT = Group.getByString("ttp-applicant");
+    public static final Group TTP_APPLICANT = Group.TTP_APPLICANT;
  
      public TTPAdminPage() {
          super("TTP-Admin");
@@ -85,6 +85,6 @@ public class TTPAdminPage extends Page {
  
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
-        return ac != null && ac.isInGroup(Group.getByString("ttp-assurer"));
+        return ac != null && ac.isInGroup(Group.TTP_ASSURER);
      }
  }
diff --git a/src/org/cacert/gigi/pages/admin/support/FindCertPage.java b/src/org/cacert/gigi/pages/admin/support/FindCertPage.java

index fb9d14f748fd991268170d6a6833e21ba14c44d9..2e1f913471797551e9e9b3ffe4968683385b0fd2 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindCertPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindCertPage.java
@@ -39,7 +39,7 @@ public class FindCertPage extends Page {
          if (form.submitProtected(resp.getWriter(), req)) {
              final Certificate[] certs = form.getCerts();
              if (certs.length == 1) {
-                resp.sendRedirect(Certificates.SUPPORT_PATH + certs[0].getSerial() + "/");
+                resp.sendRedirect(Certificates.SUPPORT_PATH + "/" + certs[0].getSerial());
              } else {
                  HashMap<String, Object> vars = new HashMap<String, Object>();
                  Language l = LoginPage.getLanguage(req);
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java

index ff64c6f5b1d3d10e5b70aa6c4ca1c10097c4bf6b..8c106dcb5d8d6bbd3cf5fdfd1e12e86dd2925cf7 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
@@ -13,12 +13,13 @@ import org.cacert.gigi.dbObjects.Certificate;
  import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  import org.cacert.gigi.dbObjects.CertificateProfile;
  import org.cacert.gigi.dbObjects.SupportedUser;
+import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.output.template.Outputable;
+import org.cacert.gigi.output.template.SprintfCommand;
  import org.cacert.gigi.output.template.Template;
-import org.cacert.gigi.output.template.TranslateCommand;
  
  public class SupportRevokeCertificatesForm extends Form {
  
@@ -35,9 +36,15 @@ public class SupportRevokeCertificatesForm extends Form {
      public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
          if (user.getTicket() != null) {
              user.revokeAllCertificates();
+            User target = user.getTargetUser();
+            // send notification to support
              String subject = "Revoke certificates";
-            Outputable message = new TranslateCommand("All certificates in the account have been revoked.");
+            Outputable message = SprintfCommand.createSimple("All certificates in the account {0} <{1}> have been revoked.", target.getPreferredName().toString(), target.getEmail());
              user.sendSupportNotification(subject, message);
+            // send notification to user
+            subject = "Revoke certificate";
+            message = SprintfCommand.createSimple("All certificates in your account have been revoked.");
+            user.sendSupportUserNotification(subject, message);
              return true;
          }
          return false;
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java

index ccfb3cc75518886ef8ec86f2bc7939f0aabcd01b..5738203661cb504326a19898e45f3905ed9d48d1 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -48,18 +48,23 @@ public class SupportUserDetailsForm extends Form {
              throw new GigiApiException("More than one action requested!");
          }
          if (req.getParameter("addGroup") != null || req.getParameter("removeGroup") != null) {
-            String actionType = "granted";
              value.update(req);
              Group toMod = value.getGroup();
+            boolean grant;
              if (req.getParameter("addGroup") != null) {
+                grant = true;
                  user.grant(toMod);
              } else {
-                actionType = "revoked";
+                grant = false;
                  user.revoke(toMod);
              }
              String subject = "Change Group Permissions";
-            Outputable message = SprintfCommand.createSimple("The group permission {0} was {1}.", toMod.getDatabaseName(), actionType);
+            // send notification to support
+            Outputable message = SprintfCommand.createSimple(grant ? "The group permission '{0}' was granted." : "The group permission '{0}' was revoked.", toMod.getName());
              user.sendSupportNotification(subject, message);
+            // send notification to user
+            message = SprintfCommand.createSimple(grant ? "The group permission '{0}' was granted to your account." : "The group permission '{0}' was revoked from your account.", toMod.getName());
+            user.sendSupportUserNotification(subject, message);
              return true;
          }
          if (req.getParameter("resetPass") != null) {
@@ -81,9 +86,13 @@ public class SupportUserDetailsForm extends Form {
          }
          user.setDob(dobSelector.getDate());
  
-        String subject = "Change Account Data";
-        Outputable message = new TranslateCommand("The account data was changed.");
+        String subject = "Change DoB Data";
+        // send notification to support
+        Outputable message = new TranslateCommand("The DoB was changed.");
          user.sendSupportNotification(subject, message);
+        // send notification to user
+        message = SprintfCommand.createSimple("The DoB in your account was changed to {0}.", dobSelector.getDate());
+        user.sendSupportUserNotification(subject, message);
          return true;
      }
  
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ

index 892620ce07843b49ea5283ad1c9b6066e2c5d7d4..03be88e7dddd2bf90494b7973aea0630b5fbefe6 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ
@@ -15,7 +15,7 @@
          <tr>
              <td><?=_Date of Birth?>:</td>
              <td>
-                <?=$dob?>
+                <?=$dob?> <input class="btn btn-warning" name="detailupdate" type="submit" value="<?=_Update?>"/>
              </td>
          </tr>
          <tr>
@@ -65,7 +65,6 @@
          <tr>
              <td colspan="2"><a href="history"><?=_Show account history?></a></td>
          </tr>
-        <tr><td colspan="2"><input class="btn btn-warning" name="detailupdate" type="submit" value="<?=_Update?>"/></td></tr>
      </tbody>
  </table>
  <br/>
diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java

index 3219fc019afb11c32ff20ce79d25b0cb6560dc1a..249871f29f31ea57bba7c7f90afcabcdd12e00f4 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java
+++ b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java
@@ -13,7 +13,7 @@ import org.cacert.gigi.util.AuthorizationContext;
  
  public class CreateOrgPage extends Page {
  
-    public static final Group ORG_ASSURER = Group.getByString("orgassurer");
+    public static final Group ORG_ASSURER = Group.ORGASSURER;
  
      public static final String DEFAULT_PATH = "/orga/new";
  
diff --git a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java

index 85041860526a41ab6c4ac696bcfe02852a16755d..3a6f7fe422c9e2ec885909c317e800e211140484 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
+++ b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
@@ -16,7 +16,7 @@ import org.cacert.gigi.pages.LoginPage;
  
  public class RequestTTPForm extends Form {
  
-    public static final Group TTP_APPLICANT = Group.getByString("ttp-applicant");
+    public static final Group TTP_APPLICANT = Group.TTP_APPLICANT;
  
      private static final Template t = new Template(RequestTTPForm.class.getResource("RequestTTPForm.templ"));
  
diff --git a/src/org/cacert/gigi/util/Notary.java b/src/org/cacert/gigi/util/Notary.java

index 2e6edd66524f4c16e471c163b2ea1b5cc3a7b423..996ddf595110479e54efe71f974a2a12826a8722 100644 (file)
--- a/src/org/cacert/gigi/util/Notary.java
+++ b/src/org/cacert/gigi/util/Notary.java
@@ -55,9 +55,9 @@ public class Notary {
          }
      }
  
-    public static final Group ASSURER_BLOCKED = Group.getByString("blockedassurer");
+    public static final Group ASSURER_BLOCKED = Group.BLOCKEDASSURER;
  
-    public static final Group ASSUREE_BLOCKED = Group.getByString("blockedassuree");
+    public static final Group ASSUREE_BLOCKED = Group.BLOCKEDASSUREE;
  
      /**
       * This method assures another user.
diff --git a/tests/org/cacert/gigi/TestOrga.java b/tests/org/cacert/gigi/TestOrga.java

index 1a0a0aaf189b74537cc8a95971254df689e8ee80..ff3a56cc82fd3bc998101d1fd400fe78edde5b2e 100644 (file)
--- a/tests/org/cacert/gigi/TestOrga.java
+++ b/tests/org/cacert/gigi/TestOrga.java
@@ -17,13 +17,13 @@ public class TestOrga extends BusinessTest {
      @Test
      public void testAddRm() throws GigiApiException, IOException {
          User u1 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u1.grantGroup(u1, Group.ORGASSURER);
+        u1.grantGroup(getSupporter(), Group.ORGASSURER);
          User u2 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u2.grantGroup(u1, Group.ORGASSURER);
+        u2.grantGroup(getSupporter(), Group.ORGASSURER);
          User u3 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u3.grantGroup(u1, Group.ORGASSURER);
+        u3.grantGroup(getSupporter(), Group.ORGASSURER);
          User u4 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u4.grantGroup(u1, Group.ORGASSURER);
+        u4.grantGroup(getSupporter(), Group.ORGASSURER);
          Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "prov", "city", "email", "optional name", "postal address", u1);
          assertEquals(0, o1.getAllAdmins().size());
          o1.addAdmin(u2, u1, false);
diff --git a/tests/org/cacert/gigi/TestUserGroupMembership.java b/tests/org/cacert/gigi/TestUserGroupMembership.java

index 32bb1a991de9120fadf00e2be0782ca9ff28b7f4..bd1fd4f79d943075666944064f943827ec7ee67b 100644 (file)
--- a/tests/org/cacert/gigi/TestUserGroupMembership.java
+++ b/tests/org/cacert/gigi/TestUserGroupMembership.java
@@ -3,6 +3,7 @@ package org.cacert.gigi;
  import static org.hamcrest.CoreMatchers.*;
  import static org.junit.Assert.*;
  
+import java.io.IOException;
  import java.sql.SQLException;
  import java.util.Arrays;
  import java.util.Collections;
@@ -18,15 +19,15 @@ import org.junit.Test;
  
  public class TestUserGroupMembership extends BusinessTest {
  
-    private final Group ttpGroup = Group.getByString("ttp-assurer");
+    private final Group ttpGroup = Group.TTP_ASSURER;
  
-    private final Group supporter = Group.getByString("supporter");
+    private final Group supporter = Group.SUPPORTER;
  
      @Test
-    public void testAddObject() throws GigiApiException, SQLException {
+    public void testAddObject() throws GigiApiException, SQLException, IOException {
          User u = User.getById(createVerifiedUser("fname", "lname", createUniqueName() + "@example.org", TEST_PASSWORD));
  
-        User granter = User.getById(createVerifiedUser("grFname", "lname", createUniqueName() + "@example.org", TEST_PASSWORD));
+        User granter = getSupporter();
          assertBehavesEmpty(u);
  
          u.grantGroup(granter, ttpGroup);
@@ -55,10 +56,10 @@ public class TestUserGroupMembership extends BusinessTest {
      }
  
      @Test
-    public void testRemoveObject() throws GigiApiException, SQLException {
+    public void testRemoveObject() throws GigiApiException, SQLException, IOException {
          User u = User.getById(createVerifiedUser("fname", "lname", createUniqueName() + "@example.org", TEST_PASSWORD));
  
-        User granter = User.getById(createVerifiedUser("grFname", "lname", createUniqueName() + "@example.org", TEST_PASSWORD));
+        User granter = getSupporter();
  
          assertBehavesEmpty(u);
          u.grantGroup(granter, ttpGroup);
@@ -99,20 +100,20 @@ public class TestUserGroupMembership extends BusinessTest {
      }
  
      @Test
-    public void testListGroup() throws GigiApiException {
-        Group g = Group.getByString("supporter");
+    public void testListGroup() throws GigiApiException, IOException {
+        Group g = Group.SUPPORTER;
          int start = g.getMembers(0, 10).length;
          User ux = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
          User ux2 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
          assertEquals(0, g.getMembers(0, 10).length + start);
-        ux.grantGroup(ux, g);
-        assertEquals(1, g.getMembers(0, 10).length + start);
-        ux2.grantGroup(ux, g);
+        ux.grantGroup(getSupporter(), g); // creates a supporter
          assertEquals(2, g.getMembers(0, 10).length + start);
+        ux2.grantGroup(ux, g);
+        assertEquals(3, g.getMembers(0, 10).length + start);
          ux2.revokeGroup(ux, g);
-        assertEquals(1, g.getMembers(0, 10).length + start);
+        assertEquals(2, g.getMembers(0, 10).length + start);
          ux.revokeGroup(ux, g);
-        assertEquals(0, g.getMembers(0, 10).length + start);
+        assertEquals(1, g.getMembers(0, 10).length + start);
  
      }
  
diff --git a/tests/org/cacert/gigi/api/IssueCert.java b/tests/org/cacert/gigi/api/IssueCert.java

index 03ab3f3e53bc90767ad8d7e2f44440c43144a7a6..fc1e9d1ce0991dc52cce96cf7c1257742d9be4fe 100644 (file)
--- a/tests/org/cacert/gigi/api/IssueCert.java
+++ b/tests/org/cacert/gigi/api/IssueCert.java
@@ -18,9 +18,9 @@ import java.security.cert.X509Certificate;
  import org.cacert.gigi.dbObjects.Certificate;
  import org.cacert.gigi.dbObjects.Certificate.CSRType;
  import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
-import org.cacert.gigi.dbObjects.Country.CountryCodeType;
  import org.cacert.gigi.dbObjects.CertificateProfile;
  import org.cacert.gigi.dbObjects.Country;
+import org.cacert.gigi.dbObjects.Country.CountryCodeType;
  import org.cacert.gigi.dbObjects.Digest;
  import org.cacert.gigi.dbObjects.Domain;
  import org.cacert.gigi.dbObjects.Group;
@@ -87,7 +87,7 @@ public class IssueCert extends ClientTest {
      @Test
      public void testIssueOrgCert() throws Exception {
          makeAssurer(id);
-        u.grantGroup(u, Group.ORGASSURER);
+        u.grantGroup(getSupporter(), Group.ORGASSURER);
  
          Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "pr", "st", "test@mail", "", "", u);
          o1.addAdmin(u, u, false);
diff --git a/tests/org/cacert/gigi/api/TestFindAgent.java b/tests/org/cacert/gigi/api/TestFindAgent.java

index 3b8b9927e912107851c71d21765f17e79dad72d0..d7213961359eb67663f1f6090f5e1c07ba3af16b 100644 (file)
--- a/tests/org/cacert/gigi/api/TestFindAgent.java
+++ b/tests/org/cacert/gigi/api/TestFindAgent.java
@@ -33,7 +33,7 @@ public class TestFindAgent extends RestrictedApiTest {
          assertEquals(501, v.getResponseCode());
          assertThat(IOUtils.readURL(new InputStreamReader(v.getErrorStream(), "UTF-8")), containsString(FindAgentAccess.PATH));
  
-        grant(u.getEmail(), Group.LOCATE_AGENT);
+        grant(u, Group.LOCATE_AGENT);
          v = doApi(FindAgent.PATH_RESOLVE, "serial=" + target2.getSerial().toLowerCase());
          assertEquals(u.getId(), Integer.parseInt(IOUtils.readURL(v)));
      }
@@ -58,13 +58,13 @@ public class TestFindAgent extends RestrictedApiTest {
          assertThat(v.getResponseMessage(), containsString("needs to enable access"));
  
          // even if sender enables service
-        grant((userUFirst ? u : us2).getEmail(), Group.LOCATE_AGENT);
+        grant((userUFirst ? u : us2), Group.LOCATE_AGENT);
          v = doApi(FindAgent.PATH_MAIL, "from=" + id + "&to=" + u2 + "&subject=the-subject&body=body");
          assertEquals(v.getResponseMessage(), 501, v.getResponseCode());
          assertThat(v.getResponseMessage(), containsString("needs to enable access"));
  
          // receiver needs to enable access as well
-        grant((userUFirst ? us2 : u).getEmail(), Group.LOCATE_AGENT);
+        grant((userUFirst ? us2 : u), Group.LOCATE_AGENT);
          v = doApi(FindAgent.PATH_MAIL, "from=" + id + "&to=" + u2 + "&subject=the-subject&body=body");
          assertEquals(v.getResponseMessage(), 200, v.getResponseCode());
          TestMail mail = getMailReceiver().receive();
@@ -79,8 +79,8 @@ public class TestFindAgent extends RestrictedApiTest {
  
          String res = IOUtils.readURL(doApi(FindAgent.PATH_INFO, "id=" + id + "&id=" + u2)).replace("\r", "");
          assertEquals(res, "");
-        grant(email, Group.LOCATE_AGENT);
-        grant(User.getById(u2).getEmail(), Group.LOCATE_AGENT);
+        grant(u, Group.LOCATE_AGENT);
+        grant(User.getById(u2), Group.LOCATE_AGENT);
          res = IOUtils.readURL(doApi(FindAgent.PATH_INFO, "id=" + id + "&id=" + u2)).replace("\r", "");
          assertEquals(id + ",true," + u.getPreferredName().toAbbreviatedString() + "\n" + u2 + ",false," + User.getById(u2).getPreferredName().toAbbreviatedString() + "\n", res);
      }
diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java b/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java

index 98f105f0995427570cbb637a9ee3b7ec006772d5..0beaef87998a8b24e1e4a7387bd9534329390094 100644 (file)
--- a/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java
+++ b/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java
@@ -20,11 +20,9 @@ public class TestCertificateRequest extends ClientTest {
  
      AuthorizationContext ac;
  
-    public TestCertificateRequest() throws GeneralSecurityException, IOException {
+    public TestCertificateRequest() throws GeneralSecurityException, IOException, GigiApiException {
          ac = new AuthorizationContext(u, u);
          makeAssurer(u.getId());
-        grant(email, Group.CODESIGNING);
-
      }
  
      @Test
@@ -62,7 +60,7 @@ public class TestCertificateRequest extends ClientTest {
      @Test
      public void testCodesignModifiedName() throws Exception {
          try {
-            u.grantGroup(u, Group.CODESIGNING);
+            u.grantGroup(getSupporter(), Group.CODESIGNING);
              CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
              cr.update("name", "SHA512", "code-a", null, null, "email:" + email);
              cr.draft();
diff --git a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java

index 43a110ea6eb9d899e2f82b8d91624b1b3c561d96..38f691ab7a61c7a152e7e4f47460e29e222b2366 100644 (file)
--- a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java
+++ b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java
@@ -3,6 +3,7 @@ package org.cacert.gigi.pages.account;
  import static org.junit.Assert.*;
  
  import java.io.IOException;
+import java.net.URLEncoder;
  import java.sql.Date;
  import java.util.Arrays;
  import java.util.Calendar;
@@ -10,6 +11,7 @@ import java.util.GregorianCalendar;
  import java.util.TimeZone;
  
  import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.dbObjects.Name;
  import org.cacert.gigi.dbObjects.NamePart;
  import org.cacert.gigi.dbObjects.NamePart.NamePartType;
@@ -108,4 +110,32 @@ public class TestMyDetailsEdit extends ManagedTest {
          assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "residenceCountry=invalid&action=updateResidenceCountry", 0));
          assertEquals(null, user.getResidenceCountry());
      }
+
+    @Test
+    public void testModifyUserGroup() throws IOException {
+        User user = User.getById(id);
+        // test add group
+        assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "action=addGroup&groupToModify=" + URLEncoder.encode(Group.LOCATE_AGENT.getDatabaseName(), "UTF-8"), 0));
+
+        user = User.getById(id);
+        user.refreshGroups();
+        assertTrue(user.isInGroup(Group.LOCATE_AGENT));
+
+        // test remove group
+        assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "action=removeGroup&groupToModify=" + URLEncoder.encode(Group.LOCATE_AGENT.getDatabaseName(), "UTF-8"), 0));
+
+        user = User.getById(id);
+        user.refreshGroups();
+        assertFalse(user.isInGroup(Group.LOCATE_AGENT));
+
+        // test add group that only support can add
+        assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "action=addGroup&groupToModify=" + URLEncoder.encode(Group.SUPPORTER.getDatabaseName(), "UTF-8"), 0));
+
+        user = User.getById(id);
+        user.refreshGroups();
+        assertFalse(user.isInGroup(Group.SUPPORTER));
+
+        // test add invalid group
+        assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "action=addGroup&groupToModify=non-existing", 0));
+    }
  }
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminNotificationMail.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminNotificationMail.java

index 689fb5137e813ea046dce5d58697d3b2f04bf4a8..dac9053e0eb1dd01da52eb3cddd502c053e77924 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminNotificationMail.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminNotificationMail.java
@@ -4,9 +4,17 @@ import static org.hamcrest.CoreMatchers.*;
  import static org.junit.Assert.*;
  
  import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
  import java.net.MalformedURLException;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.Locale;
  
+import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Group;
+import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.pages.admin.support.SupportEnterTicketPage;
  import org.cacert.gigi.pages.admin.support.SupportUserDetailsPage;
  import org.cacert.gigi.testUtils.ClientTest;
@@ -18,8 +26,9 @@ public class TestSEAdminNotificationMail extends ClientTest {
  
      private int targetID;
  
-    public TestSEAdminNotificationMail() throws IOException {
-        grant(email, Group.SUPPORTER);
+    public TestSEAdminNotificationMail() throws IOException, GigiApiException {
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
          assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
  
          String email = createUniqueName() + "@example.com";
@@ -33,10 +42,13 @@ public class TestSEAdminNotificationMail extends ClientTest {
  
          executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "dobd=1&dobm=2&doby=2000&detailupdate", 0);
  
+        // mail to support
          String message = getMailReceiver().receive().getMessage();
-        assertThat(message, containsString("The account data was changed."));
+        assertThat(message, containsString("The DoB was changed"));
          assertThat(message, containsString("supporter " + u.getPreferredName().toString() + " triggered:"));
-
+        // mail to user
+        message = getMailReceiver().receive().getMessage();
+        assertThat(message, containsString("The DoB in your account was changed to 2000-02-01."));
      }
  
      @Test
@@ -52,26 +64,46 @@ public class TestSEAdminNotificationMail extends ClientTest {
  
      @Test
      public void testGrantUserGroup() throws MalformedURLException, IOException {
-        executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "addGroup&groupToModify=supporter", 0);
+        executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "addGroup&groupToModify=" + URLEncoder.encode(Group.SUPPORTER.getDatabaseName(), "UTF-8"), 0);
+
+        StringWriter sw = new StringWriter();
+        PrintWriter pw = new PrintWriter(sw);
+        Group.SUPPORTER.getName().output(pw, Language.getInstance(Locale.ENGLISH), new HashMap<String, Object>());
  
+        // mail to support
          String message = getMailReceiver().receive().getMessage();
-        assertThat(message, containsString("The group permission supporter was granted."));
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was granted."));
+        // mail to user
+        message = getMailReceiver().receive().getMessage();
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was granted to your account."));
      }
  
      @Test
      public void testRemoveUserGroup() throws MalformedURLException, IOException {
-        executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "removeGroup&groupToModify=supporter", 0);
+        executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "removeGroup&groupToModify=" + URLEncoder.encode(Group.SUPPORTER.getDatabaseName(), "UTF-8"), 0);
  
+        StringWriter sw = new StringWriter();
+        PrintWriter pw = new PrintWriter(sw);
+        Group.SUPPORTER.getName().output(pw, Language.getInstance(Locale.ENGLISH), new HashMap<String, Object>());
+
+        // mail to support
          String message = getMailReceiver().receive().getMessage();
-        assertThat(message, containsString("The group permission supporter was revoked."));
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was revoked."));
+        // mail to user
+        message = getMailReceiver().receive().getMessage();
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was revoked from your account."));
      }
  
      @Test
-    public void testRevokeCertificates() throws MalformedURLException, IOException {
+    public void testRevokeAllCertificates() throws MalformedURLException, IOException {
          executeBasicWebInteraction(cookie, SupportUserDetailsPage.PATH + targetID + "/", "revokeall", 1);
+        User user = User.getById(targetID);
  
+        // mail to support
          String message = getMailReceiver().receive().getMessage();
-        assertThat(message, containsString("All certificates in the account have been revoked."));
-
+        assertThat(message, containsString("All certificates in the account " + user.getPreferredName().toString()));
+        // mail to user
+        message = getMailReceiver().receive().getMessage();
+        assertThat(message, containsString("All certificates in your account have been revoked."));
      }
  }
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageDetails.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageDetails.java

index 08541decf47f3eab2102b125983263b2d0eb4fff..e9b31abba12e6331f8e4f648b5ac0df8ff9ac612 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageDetails.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageDetails.java
@@ -27,8 +27,9 @@ import org.junit.Test;
  
  public class TestSEAdminPageDetails extends ClientTest {
  
-    public TestSEAdminPageDetails() throws IOException {
-        grant(email, Group.SUPPORTER);
+    public TestSEAdminPageDetails() throws IOException, GigiApiException {
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
          assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
      }
  
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserDomainSearch.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserDomainSearch.java

index d1916c10d6bfa4cf139f1e46c633970bff2dab87..57c5c15cdcf84c06df864ff2da9e22c17f651580 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserDomainSearch.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserDomainSearch.java
@@ -32,7 +32,8 @@ public class TestSEAdminPageUserDomainSearch extends ClientTest {
      private int tid;
  
      public TestSEAdminPageUserDomainSearch() throws IOException, GigiApiException {
-        grant(email, Group.SUPPORTER);
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
          assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
  
          String mail = createUniqueName() + "@example.com";
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java

index 71dfeaee5071f1f52ad3ac95f172f699eab5a849..29918b5a0a55c5618e940a450c21c646d586a754 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
@@ -22,8 +22,9 @@ import org.junit.Test;
  
  public class TestSEAdminPageUserMailSearch extends ClientTest {
  
-    public TestSEAdminPageUserMailSearch() throws IOException {
-        grant(email, Group.SUPPORTER);
+    public TestSEAdminPageUserMailSearch() throws IOException, GigiApiException {
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
          assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
      }
  
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminTicketSetting.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminTicketSetting.java

index 62d89de297e2ab527fcd0c83721b68ba90b80ee9..01e17b3c8568e2ba50415564c4d36b04a1e092c1 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminTicketSetting.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminTicketSetting.java
@@ -6,6 +6,7 @@ import java.io.IOException;
  import java.io.UnsupportedEncodingException;
  import java.net.MalformedURLException;
  
+import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.pages.admin.support.FindUserByDomainPage;
  import org.cacert.gigi.pages.admin.support.FindUserByEmailPage;
@@ -15,8 +16,9 @@ import org.junit.Test;
  
  public class TestSEAdminTicketSetting extends ClientTest {
  
-    public TestSEAdminTicketSetting() throws IOException {
-        grant(email, Group.SUPPORTER);
+    public TestSEAdminTicketSetting() throws IOException, GigiApiException {
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
      }
  
      @Test
diff --git a/tests/org/cacert/gigi/pages/orga/TestOrgDomain.java b/tests/org/cacert/gigi/pages/orga/TestOrgDomain.java

index d1b930db2edc0627b502d213492d2b393a0cdb24..b24bb83e9caa1ea6072b323d0c7b438a76cef89d 100644 (file)
--- a/tests/org/cacert/gigi/pages/orga/TestOrgDomain.java
+++ b/tests/org/cacert/gigi/pages/orga/TestOrgDomain.java
@@ -13,7 +13,7 @@ import org.junit.Test;
  
  public class TestOrgDomain extends OrgTest {
  
-    public TestOrgDomain() throws IOException {
+    public TestOrgDomain() throws IOException, GigiApiException {
  
      }
  
diff --git a/tests/org/cacert/gigi/pages/orga/TestOrgManagement.java b/tests/org/cacert/gigi/pages/orga/TestOrgManagement.java

index 760ca198c5ba7c199eb410df307abb4933b3bb42..65951dc8fe7abab569a9dbdc2e4ee73f526f3740 100644 (file)
--- a/tests/org/cacert/gigi/pages/orga/TestOrgManagement.java
+++ b/tests/org/cacert/gigi/pages/orga/TestOrgManagement.java
@@ -26,7 +26,7 @@ import org.junit.Test;
  
  public class TestOrgManagement extends OrgTest {
  
-    public TestOrgManagement() throws IOException {
+    public TestOrgManagement() throws IOException, GigiApiException {
  
      }
  
diff --git a/tests/org/cacert/gigi/pages/wot/TestTTP.java b/tests/org/cacert/gigi/pages/wot/TestTTP.java

index 34b0ca6dfc78c50d7ffad6d3c6a6a461ef72254d..560d1b5653559b183bbf34da63fc0013477937bf 100644 (file)
--- a/tests/org/cacert/gigi/pages/wot/TestTTP.java
+++ b/tests/org/cacert/gigi/pages/wot/TestTTP.java
@@ -21,13 +21,13 @@ public class TestTTP extends ClientTest {
      public void testTTPApply() throws IOException {
          String ttp = IOUtils.readURL(get(RequestTTPPage.PATH));
          assertThat(ttp, containsString("<form"));
-        executeBasicWebInteraction(cookie, RequestTTPPage.PATH, "country=0");
+        assertNull(executeBasicWebInteraction(cookie, RequestTTPPage.PATH, "country=0"));
  
          ttp = IOUtils.readURL(get(RequestTTPPage.PATH));
          assertThat(ttp, not(containsString("<form")));
          ObjectCache.clearAllCaches();
          u = User.getById(u.getId());
-        assertTrue(u.isInGroup(Group.getByString("ttp-applicant")));
+        assertTrue(u.isInGroup(Group.TTP_APPLICANT));
      }
  
      @Test
diff --git a/tests/org/cacert/gigi/pages/wot/TestTTPAdmin.java b/tests/org/cacert/gigi/pages/wot/TestTTPAdmin.java

index 31b0e51bd9d5bb3d77483fee2586cecc110a4ff7..12430b7c84ea36e4c3e6b06d8244230e7328c80a 100644 (file)
--- a/tests/org/cacert/gigi/pages/wot/TestTTPAdmin.java
+++ b/tests/org/cacert/gigi/pages/wot/TestTTPAdmin.java
@@ -5,6 +5,7 @@ import static org.junit.Assert.*;
  import java.io.IOException;
  import java.net.MalformedURLException;
  
+import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.pages.admin.TTPAdminPage;
@@ -20,20 +21,20 @@ public class TestTTPAdmin extends ClientTest {
      }
  
      @Test
-    public void testHasRight() throws IOException {
+    public void testHasRight() throws IOException, GigiApiException {
          testTTPAdmin(true);
      }
  
      @Test
-    public void testHasNoRight() throws IOException {
+    public void testHasNoRight() throws IOException, GigiApiException {
          testTTPAdmin(false);
      }
  
-    public void testTTPAdmin(boolean hasRight) throws IOException {
+    public void testTTPAdmin(boolean hasRight) throws IOException, GigiApiException {
          if (hasRight) {
-            grant(email, Group.getByString("ttp-assurer"));
+            grant(u, Group.TTP_ASSURER);
          }
-        grant(u.getEmail(), TTPAdminPage.TTP_APPLICANT);
+        grant(u, TTPAdminPage.TTP_APPLICANT);
          cookie = login(u.getEmail(), TEST_PASSWORD);
  
          assertEquals( !hasRight ? 403 : 200, fetchStatusCode(TTPAdminPage.PATH));
diff --git a/tests/org/cacert/gigi/testUtils/BusinessTest.java b/tests/org/cacert/gigi/testUtils/BusinessTest.java

index cc095e30091a0f827c842917cb3ef564ec0e665a..db888c03e0088d75bfddd6b78a4549429d7f5ee3 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/BusinessTest.java
+++ b/tests/org/cacert/gigi/testUtils/BusinessTest.java
@@ -15,8 +15,10 @@ import java.util.regex.Matcher;
  import java.util.regex.Pattern;
  
  import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.database.GigiPreparedStatement;
  import org.cacert.gigi.dbObjects.Domain;
  import org.cacert.gigi.dbObjects.EmailAddress;
+import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.dbObjects.NamePart;
  import org.cacert.gigi.dbObjects.NamePart.NamePartType;
  import org.cacert.gigi.dbObjects.User;
@@ -155,4 +157,21 @@ public abstract class BusinessTest extends ConfiguredTest {
      public MailReceiver getMailReceiver() {
          return InVMEmail.getInstance();
      }
+
+    private User supporter;
+
+    public User getSupporter() throws GigiApiException, IOException {
+        if (supporter != null) {
+            return supporter;
+        }
+        supporter = createVerifiedUser();
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) {
+            ps.setInt(1, supporter.getId());
+            ps.setString(2, Group.SUPPORTER.getDatabaseName());
+            ps.setInt(3, supporter.getId());
+            ps.execute();
+        }
+        supporter.refreshGroups();
+        return supporter;
+    }
  }
diff --git a/tests/org/cacert/gigi/testUtils/ManagedTest.java b/tests/org/cacert/gigi/testUtils/ManagedTest.java

index a0228f161180b27d231887ebaea05bec063e2966..22da1eab4a5ef9851d3187331cbabaff09608cbf 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/ManagedTest.java
+++ b/tests/org/cacert/gigi/testUtils/ManagedTest.java
@@ -42,7 +42,6 @@ import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.dbObjects.Job;
  import org.cacert.gigi.dbObjects.ObjectCache;
  import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.pages.Manager;
  import org.cacert.gigi.pages.account.MyDetails;
  import org.cacert.gigi.pages.main.RegisterPage;
  import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail;
@@ -289,11 +288,9 @@ public class ManagedTest extends ConfiguredTest {
          }
      }
  
-    public static void grant(String email, Group g) throws IOException {
-        HttpURLConnection huc = (HttpURLConnection) new URL("https://" + getServerName() + Manager.PATH).openConnection();
-        huc.setDoOutput(true);
-        huc.getOutputStream().write(("addpriv=y&priv=" + URLEncoder.encode(g.getDatabaseName(), "UTF-8") + "&email=" + URLEncoder.encode(email, "UTF-8")).getBytes("UTF-8"));
-        assertEquals(200, huc.getResponseCode());
+    public static void grant(User u, Group g) throws IOException, GigiApiException {
+        u.grantGroup(getSupporter(), g);
+        clearCaches();
      }
  
      /**
@@ -486,4 +483,21 @@ public class ManagedTest extends ConfiguredTest {
          return openConnection;
      }
  
+    private static User supporter;
+
+    public static User getSupporter() throws GigiApiException, IOException {
+        if (supporter != null) {
+            return supporter;
+        }
+        int i = createVerifiedUser("fn", "ln", createUniqueName() + "@email.com", TEST_PASSWORD);
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) {
+            ps.setInt(1, i);
+            ps.setString(2, Group.SUPPORTER.getDatabaseName());
+            ps.setInt(3, i);
+            ps.execute();
+        }
+        clearCaches();
+        supporter = User.getById(i);
+        return supporter;
+    }
  }
diff --git a/tests/org/cacert/gigi/testUtils/OrgTest.java b/tests/org/cacert/gigi/testUtils/OrgTest.java

index 2a9f5da7fce27068953619bf0d903da998b44c84..5a42a4a6d8d44932d84a136da2aa8d339eb32df3 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/OrgTest.java
+++ b/tests/org/cacert/gigi/testUtils/OrgTest.java
@@ -10,9 +10,9 @@ import org.cacert.gigi.dbObjects.Organisation;
  
  public class OrgTest extends ClientTest {
  
-    public OrgTest() throws IOException {
+    public OrgTest() throws IOException, GigiApiException {
          makeAssurer(u.getId());
-        u.grantGroup(u, Group.ORGASSURER);
+        u.grantGroup(getSupporter(), Group.ORGASSURER);
          clearCaches();
          cookie = login(email, TEST_PASSWORD);
      }
diff --git a/tests/org/cacert/gigi/testUtils/RestrictedApiTest.java b/tests/org/cacert/gigi/testUtils/RestrictedApiTest.java

index 2301b0ae45471a5a5a8c02026d4337d6a55494c6..e4ec22b98ddf381b0f31847b753b105114b24901 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/RestrictedApiTest.java
+++ b/tests/org/cacert/gigi/testUtils/RestrictedApiTest.java
@@ -39,7 +39,7 @@ public class RestrictedApiTest extends ClientTest {
          initEnvironment();
          try {
              User u = User.getById(createAssuranceUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD));
-            grant(u.getEmail(), Group.ORGASSURER);
+            grant(u, Group.ORGASSURER);
              clearCaches();
              u = User.getById(u.getId());
              Organisation o = new Organisation(Organisation.SELF_ORG_NAME, Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "NA", "NA", "contact@cacert.org", "", "", u);
diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java

index a2435c95612d2a9b4c830ff5efa2738b48428257..2fd78ba7195bf3b84618e5b8df46e00d8015ed15 100644 (file)
--- a/util-testing/org/cacert/gigi/pages/Manager.java
+++ b/util-testing/org/cacert/gigi/pages/Manager.java
@@ -96,6 +96,28 @@ public class Manager extends Page {
          }
      }
  
+    public User getSupporter() {
+        if (supporter != null) {
+            return supporter;
+        }
+        try {
+            User u = createAssurer( -1);
+            if ( !u.isInGroup(Group.SUPPORTER)) {
+                try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `user_groups` SET `user`=?, `permission`=?::`userGroup`, `grantedby`=?")) {
+                    ps.setInt(1, u.getId());
+                    ps.setString(2, Group.SUPPORTER.getDatabaseName());
+                    ps.setInt(3, u.getId());
+                    ps.execute();
+                }
+                u.refreshGroups();
+            }
+            supporter = u;
+        } catch (ReflectiveOperationException | GigiApiException e) {
+            e.printStackTrace();
+        }
+        return supporter;
+    }
+
      public User getAssurer(int i) {
          if (assurers[i] != null) {
              return assurers[i];
@@ -261,6 +283,8 @@ public class Manager extends Page {
  
      User[] assurers = new User[25];
  
+    User supporter;
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          if (req.getParameter("create") != null) {
@@ -273,7 +297,11 @@ public class Manager extends Page {
                  return;
              }
              if (req.getParameter("addpriv") != null) {
-                u.grantGroup(u, Group.getByString(req.getParameter("priv")));
+                try {
+                    u.grantGroup(getSupporter(), Group.getByString(req.getParameter("priv")));
+                } catch (GigiApiException e) {
+                    throw new Error(e);
+                }
                  resp.getWriter().println("Privilege granted");
              } else {
                  u.revokeGroup(u, Group.getByString(req.getParameter("priv")));
diff --git a/util-testing/org/cacert/gigi/util/SimpleSigner.java b/util-testing/org/cacert/gigi/util/SimpleSigner.java

index 6b498988628d5b125063a232f857074e7a910738..9a2fb1074f612bd62ce4f5f850d31ec644b87fd8 100644 (file)
--- a/util-testing/org/cacert/gigi/util/SimpleSigner.java
+++ b/util-testing/org/cacert/gigi/util/SimpleSigner.java
@@ -28,6 +28,7 @@ import java.text.SimpleDateFormat;
  import java.util.Base64;
  import java.util.Calendar;
  import java.util.Date;
+import java.util.GregorianCalendar;
  import java.util.HashMap;
  import java.util.LinkedList;
  import java.util.List;
@@ -327,7 +328,8 @@ public class SimpleSigner {
                      PKCS10 p10 = new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", new String(data, "UTF-8")));
                      pk = p10.getSubjectPublicKeyInfo();
                  }
-                String ca = caP.getProperty("ca") + "_2015_1";
+                Calendar cal = GregorianCalendar.getInstance();
+                String ca = caP.getProperty("ca") + "_" + cal.get(Calendar.YEAR) + (cal.get(Calendar.MONTH) >= 6 ? "_2" : "_1");
                  File parent = new File("signer/ca");
                  File[] caFiles = parent.listFiles();
                  if (null == caFiles) {
author	Benny Baumann <BenBE1987@gmx.net>
	Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)
committer	Gerrit Code Review <gigi-system@dogcraft.de>
	Thu, 25 Aug 2016 19:41:08 +0000 (21:41 +0200)
src/org/cacert/gigi/dbObjects/Group.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/SupportNotificationMail.templ		patch \| blob \| history
src/org/cacert/gigi/dbObjects/SupportUserNotificationMail.templ	[new file with mode: 0644]	patch \| blob
src/org/cacert/gigi/dbObjects/SupportedUser.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/User.java		patch \| blob \| history
src/org/cacert/gigi/output/GroupSelector.java		patch \| blob \| history
src/org/cacert/gigi/pages/LoginPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/TTPAdminPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindCertPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ		patch \| blob \| history
src/org/cacert/gigi/pages/orga/CreateOrgPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/wot/RequestTTPForm.java		patch \| blob \| history
src/org/cacert/gigi/util/Notary.java		patch \| blob \| history
tests/org/cacert/gigi/TestOrga.java		patch \| blob \| history
tests/org/cacert/gigi/TestUserGroupMembership.java		patch \| blob \| history
tests/org/cacert/gigi/api/IssueCert.java		patch \| blob \| history
tests/org/cacert/gigi/api/TestFindAgent.java		patch \| blob \| history
tests/org/cacert/gigi/pages/account/TestCertificateRequest.java		patch \| blob \| history
tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java		patch \| blob \| history
tests/org/cacert/gigi/pages/admin/TestSEAdminNotificationMail.java		patch \| blob \| history
tests/org/cacert/gigi/pages/admin/TestSEAdminPageDetails.java		patch \| blob \| history
tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserDomainSearch.java		patch \| blob \| history
tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java		patch \| blob \| history
tests/org/cacert/gigi/pages/admin/TestSEAdminTicketSetting.java		patch \| blob \| history
tests/org/cacert/gigi/pages/orga/TestOrgDomain.java		patch \| blob \| history
tests/org/cacert/gigi/pages/orga/TestOrgManagement.java		patch \| blob \| history
tests/org/cacert/gigi/pages/wot/TestTTP.java		patch \| blob \| history
tests/org/cacert/gigi/pages/wot/TestTTPAdmin.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/BusinessTest.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/ManagedTest.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/OrgTest.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/RestrictedApiTest.java		patch \| blob \| history
util-testing/org/cacert/gigi/pages/Manager.java		patch \| blob \| history
util-testing/org/cacert/gigi/util/SimpleSigner.java		patch \| blob \| history