add: check DoB upper limit

fixes issue #83

Change-Id: I45a667f4eb0976e2cdc4072ab5eeb75db7ce0562

diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java
index e5175694ed1b8ac1083ad728de76740a283d4cc9..4312d9acd00a897e7a2159b0b6f34442ed9d978a 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/User.java
+++ b/src/org/cacert/gigi/dbObjects/User.java
@@ -43,6 +43,8 @@ public class User extends CertificateOwner {
 
     public static final int MINIMUM_AGE = 16;
 
+    public static final int MAXIMUM_PLAUSIBLE_AGE = 110;
+
     public static final int POJAM_AGE = 14;
 
     public static final int ADULT_AGE = 18;
@@ -136,6 +138,14 @@ public class User extends CertificateOwner {
             if (getReceivedAssurances().length != 0) {
                 throw new GigiApiException("No change after assurance allowed.");
             }
+
+            if ( !CalendarUtil.isOfAge(dob, User.MINIMUM_AGE)) {
+                throw new GigiApiException("Entered date of birth is below the restricted age requirements.");
+            }
+
+            if (CalendarUtil.isOfAge(dob, User.MAXIMUM_PLAUSIBLE_AGE)) {
+                throw new GigiApiException("Entered date of birth exceeds the maximum age set in our policies. Please check your DoB is correct and contact support if the issue persists.");
+            }
             this.dob = dob;
             rawUpdateUserData();
         }

diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java
index 7cc389e72e2ac2b249c0b4c78773cdc5a8f3d04a..416788e5f77846ff5f290cf7b5ac416b87eb073f 100644 (file)
--- a/src/org/cacert/gigi/pages/main/Signup.java
+++ b/src/org/cacert/gigi/pages/main/Signup.java
@@ -93,7 +93,11 @@ public class Signup extends Form {
         }
 
         if ( !CalendarUtil.isOfAge(myDoB.getDate(), User.MINIMUM_AGE)) {
-            ga.mergeInto(new GigiApiException("Entered dated of birth is below the restricted age requirements."));
+            ga.mergeInto(new GigiApiException("Entered date of birth is below the restricted age requirements."));
+        }
+
+        if (CalendarUtil.isOfAge(myDoB.getDate(), User.MAXIMUM_PLAUSIBLE_AGE)) {
+            ga.mergeInto(new GigiApiException("Entered date of birth exceeds the maximum age set in our policies. Please check your DoB is correct and contact support if the issue persists."));
         }
 
         if ( !"1".equals(req.getParameter("tos_agree"))) {

diff --git a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java
index 6917a1418b2d9d94a1d7adace4f3c5c4ba9fdf8d..d9f8e3d824dba320ae3a9041d4a8fa87219285ec 100644 (file)
--- a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java
+++ b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java
@@ -6,6 +6,7 @@ import java.io.IOException;
 import java.sql.Date;
 import java.util.Arrays;
 import java.util.Calendar;
+import java.util.GregorianCalendar;
 import java.util.TimeZone;
 
 import org.cacert.gigi.GigiApiException;
@@ -77,4 +78,20 @@ public class TestMyDetailsEdit extends ManagedTest {
     public void testChangeDOBInvalid() throws IOException {
         assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "day=1&month=1&year=test&action=updateDoB", 0));
     }
+
+    @Test
+    public void testChangeTooYoung() throws IOException {
+        Calendar c = GregorianCalendar.getInstance();
+        c.add(Calendar.YEAR, -User.MINIMUM_AGE);
+        c.add(Calendar.DAY_OF_MONTH, +1);
+        assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "day=" + c.get(Calendar.DAY_OF_MONTH) + "&month=" + (c.get(Calendar.MONTH) + 1) + "&year=" + c.get(Calendar.YEAR) + "&action=updateDoB", 0));
+    }
+
+    @Test
+    public void testChangeTooOld() throws IOException {
+        Calendar c = GregorianCalendar.getInstance();
+        c.add(Calendar.YEAR, -User.MAXIMUM_PLAUSIBLE_AGE);
+        c.add(Calendar.DAY_OF_MONTH, -1);
+        assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "day=" + c.get(Calendar.DAY_OF_MONTH) + "&month=" + (c.get(Calendar.MONTH) + 1) + "&year=" + c.get(Calendar.YEAR) + "&action=updateDoB", 0));
+    }
 }