upd: enforce a more strict Form call pattern.

author Felix Dörre <felix@dogcraft.de>

Fri, 9 Sep 2016 23:37:33 +0000 (01:37 +0200)

committer Felix Dörre <felix@dogcraft.de>

Mon, 12 Sep 2016 16:40:58 +0000 (18:40 +0200)
author Felix Dörre <felix@dogcraft.de>
Fri, 9 Sep 2016 23:37:33 +0000 (01:37 +0200)
committer Felix Dörre <felix@dogcraft.de>
Mon, 12 Sep 2016 16:40:58 +0000 (18:40 +0200)
diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java

index afe6bcb72e86f787f37c89cb1cbc00294a08574b..23f10df990b812243f1644f6e5cb06584d5c2e5a 100644 (file)
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -32,7 +32,6 @@ import org.cacert.gigi.output.MenuCollector;
  import org.cacert.gigi.output.PageMenuItem;
  import org.cacert.gigi.output.SimpleMenuItem;
  import org.cacert.gigi.output.SimpleUntranslatedMenuItem;
-import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.Form.CSRFException;
  import org.cacert.gigi.output.template.Outputable;
  import org.cacert.gigi.output.template.Template;
@@ -56,6 +55,7 @@ import org.cacert.gigi.pages.account.UserTrainings;
  import org.cacert.gigi.pages.account.certs.CertificateAdd;
  import org.cacert.gigi.pages.account.certs.Certificates;
  import org.cacert.gigi.pages.account.domain.DomainOverview;
+import org.cacert.gigi.pages.account.domain.EditDomain;
  import org.cacert.gigi.pages.account.mail.MailOverview;
  import org.cacert.gigi.pages.admin.TTPAdminPage;
  import org.cacert.gigi.pages.admin.support.FindCertPage;
@@ -145,7 +145,8 @@ public final class Gigi extends HttpServlet {
              putPage(RegisterPage.PATH, new RegisterPage(), "SomeCA.org");
              putPage(CertificateAdd.PATH, new CertificateAdd(), "Certificates");
              putPage(MailOverview.DEFAULT_PATH, new MailOverview(), "Certificates");
-            putPage(DomainOverview.PATH + "*", new DomainOverview(), "Certificates");
+            putPage(DomainOverview.PATH, new DomainOverview(), "Certificates");
+            putPage(EditDomain.PATH + "*", new EditDomain(), null);
  
              putPage(AssurePage.PATH + "/*", new AssurePage(), "Web of Trust");
              putPage(Points.PATH, new Points(false), "Web of Trust");
@@ -163,13 +164,7 @@ public final class Gigi extends HttpServlet {
              putPage(SupportUserDetailsPage.PATH + "*", new SupportUserDetailsPage(), null);
              putPage(ChangePasswordPage.PATH, new ChangePasswordPage(), "My Account");
              putPage(History.PATH, new History(false), "My Account");
-            putPage(FindAgentAccess.PATH, new OneFormPage("Access to Find Agent", FindAgentAccess.class) {
-
-                @Override
-                public String getSuccessPath(Form f) {
-                    return FindAgentAccess.PATH;
-                }
-            }, "My Account");
+            putPage(FindAgentAccess.PATH, new OneFormPage("Access to Find Agent", FindAgentAccess.class), "My Account");
              putPage(History.SUPPORT_PATH, new History(true), null);
              putPage(UserTrainings.PATH, new UserTrainings(false), "My Account");
              putPage(MyDetails.PATH, new MyDetails(), "My Account");
diff --git a/src/org/cacert/gigi/output/template/Form.java b/src/org/cacert/gigi/output/template/Form.java

index 9e58a3cdf2fa44c9a2f3f360ade984c582f0a84d..82d9e60074542ce0900f313d346f3d91b96a1a7c 100644 (file)
--- a/src/org/cacert/gigi/output/template/Form.java
+++ b/src/org/cacert/gigi/output/template/Form.java
@@ -6,11 +6,11 @@ import java.util.HashMap;
  import java.util.Map;
  
  import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
  import javax.servlet.http.HttpSession;
  
  import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.localisation.Language;
-import org.cacert.gigi.pages.LoginPage;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.RandomToken;
  
@@ -31,9 +31,66 @@ public abstract class Form implements Outputable {
          }
      }
  
+    /**
+     * Encapsulates a (non-failure) outcome of a form.
+     */
+    public static abstract class SubmissionResult {
+
+        public abstract boolean endsForm();
+    }
+
+    /**
+     * The form has finished and the user should see the successful completion
+     * on a regular page.
+     */
+    public static class RedirectResult extends SubmissionResult {
+
+        private final String target;
+
+        public RedirectResult(String target) {
+            this.target = target;
+        }
+
+        @Override
+        public boolean endsForm() {
+            return true;
+        }
+
+    }
+
+    /**
+     * The form has not finished and should be re-emitted, however no error
+     * occurred.
+     */
+    public static class FormContinue extends SubmissionResult {
+
+        @Override
+        public boolean endsForm() {
+            return false;
+        }
+    }
+
+    /**
+     * The form has successfully finished and a message should be emitted on a
+     * stateful page.
+     */
+    public static class SuccessMessageResult extends SubmissionResult {
+
+        private final Outputable message;
+
+        public SuccessMessageResult(Outputable message) {
+            this.message = message;
+        }
+
+        @Override
+        public boolean endsForm() {
+            return true;
+        }
+    }
+
      public static final String CSRF_FIELD = "csrf";
  
-    private static final String SUBMIT_EXCEPTION = "form-submit-exception";
+    public static final String SUBMIT_RESULT = "form-submit-result";
  
      private final String csrf;
  
@@ -73,49 +130,26 @@ public abstract class Form implements Outputable {
       * @throws GigiApiException
       *             if form data had problems or operations went wrong.
       */
-    public abstract boolean submit(HttpServletRequest req) throws GigiApiException;
+    public abstract SubmissionResult submit(HttpServletRequest req) throws GigiApiException;
  
-    /**
-     * Calls {@link #submit(PrintWriter, HttpServletRequest)} while catching and
-     * displaying errors ({@link GigiApiException}), and re-outputing the form
-     * via {@link #output(PrintWriter, Language, Map)}.
-     * 
-     * @param out
-     *            the target to write the form and errors to
-     * @param req
-     *            the request that this submit originated (for submit and for
-     *            language)
-     * @return as {@link #submit(PrintWriter, HttpServletRequest)}: true, iff
-     *         the form succeeded and the user should be redirected.
-     */
-    public boolean submitProtected(PrintWriter out, HttpServletRequest req) {
+    public boolean submitExceptionProtected(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          try {
-            boolean succeeded = submit(req);
-            if (succeeded) {
-                HttpSession hs = req.getSession();
-                hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
+            SubmissionResult res = submit(req);
+            req.setAttribute(SUBMIT_RESULT, res);
+            if (res instanceof RedirectResult) {
+                resp.sendRedirect(((RedirectResult) res).target);
                  return true;
              }
-        } catch (GigiApiException e) {
-            e.format(out, LoginPage.getLanguage(req));
-        }
-        output(out, LoginPage.getLanguage(req), new HashMap<String, Object>());
-        return false;
-    }
-
-    public boolean submitExceptionProtected(HttpServletRequest req) {
-        try {
-            if (submit(req)) {
+            if (res.endsForm()) {
                  HttpSession hs = req.getSession();
                  hs.removeAttribute("form/" + getClass().getName() + "/" + csrf);
-                return true;
              }
              return false;
          } catch (PermamentFormException e) {
-            req.setAttribute(SUBMIT_EXCEPTION, e);
+            req.setAttribute(SUBMIT_RESULT, e);
              return false;
          } catch (GigiApiException e) {
-            req.setAttribute(SUBMIT_EXCEPTION, e);
+            req.setAttribute(SUBMIT_RESULT, e);
              return false;
          }
      }
@@ -128,16 +162,29 @@ public abstract class Form implements Outputable {
       * @param out
       *            the output stream to the user to write the errors to.
       * @return true if no permanent errors occurred and the form should be
-     *         reprinted.
+     *         reprinted (and it has not already been successfully submitted)
       */
      public static boolean printFormErrors(HttpServletRequest req, PrintWriter out) {
-        Object o = req.getAttribute(SUBMIT_EXCEPTION);
+        Object o = req.getAttribute(SUBMIT_RESULT);
          if (o != null && (o instanceof PermamentFormException)) {
              ((PermamentFormException) o).getCause().format(out, Page.getLanguage(req));
              return false;
          }
          if (o != null && (o instanceof GigiApiException)) {
              ((GigiApiException) o).format(out, Page.getLanguage(req));
+            return true;
+        }
+        if (o != null && (o instanceof FormContinue)) {
+            return true;
+        }
+        if (o != null && (o instanceof SuccessMessageResult)) {
+            Outputable message = ((SuccessMessageResult) o).message;
+            if (message != null) {
+                out.println("<div class='alert alert-success'>");
+                message.output(out, Page.getLanguage(req), new HashMap<String, Object>());
+                out.println("</div>");
+            }
+            return false;
          }
          return true;
      }
diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java

index b19de897aa5e7b3f71f9ba122d1fb70a00938696..5232c09446733bfd3e8290fd200f44fa83f24a31 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -39,12 +39,12 @@ public class LoginPage extends Page {
          }
  
          @Override
-        public boolean submit(HttpServletRequest req) throws GigiApiException {
+        public RedirectResult submit(HttpServletRequest req) throws GigiApiException {
              if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
                  throw new RateLimitException();
              }
              tryAuthWithUnpw(req);
-            return false;
+            return new RedirectResult(redirectPath(req));
          }
  
          @Override
@@ -56,8 +56,6 @@ public class LoginPage extends Page {
  
      public static final String LOGIN_RETURNPATH = "login-returnpath";
  
-    private static final String SUBMIT_EXCEPTION = "login-submit-exception";
-
      public LoginPage() {
          super("Password Login");
      }
@@ -80,34 +78,36 @@ public class LoginPage extends Page {
  
      @Override
      public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH);
          if (req.getSession().getAttribute("loggedin") == null) {
              X509Certificate cert = getCertificateFromRequest(req);
              if (cert != null) {
                  tryAuthWithCertificate(req, cert);
              }
              if (req.getMethod().equals("POST")) {
-                if ( !Form.getForm(req, LoginForm.class).submitExceptionProtected(req)) {
-                    return false;
-                }
+                return Form.getForm(req, LoginForm.class).submitExceptionProtected(req, resp);
              }
          }
  
          if (req.getSession().getAttribute("loggedin") != null) {
-            String s = redir;
-            if (s != null) {
-                if ( !s.startsWith("/")) {
-                    s = "/" + s;
-                }
-                resp.sendRedirect(s);
-            } else {
-                resp.sendRedirect("/");
-            }
+            resp.sendRedirect(redirectPath(req));
              return true;
          }
          return false;
      }
  
+    private static String redirectPath(HttpServletRequest req) {
+        String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH);
+        String s = redir;
+        if (s != null) {
+            if ( !s.startsWith("/")) {
+                s = "/" + s;
+            }
+            return s;
+        } else {
+            return "/";
+        }
+    }
+
      @Override
      public boolean needsLogin() {
          return false;
diff --git a/src/org/cacert/gigi/pages/ManagedFormPage.java b/src/org/cacert/gigi/pages/ManagedFormPage.java

new file mode 100644 (file)

index 0000000..eabc902
--- /dev/null
+++ b/src/org/cacert/gigi/pages/ManagedFormPage.java
@@ -0,0 +1,33 @@
+package org.cacert.gigi.pages;
+
+import java.io.IOException;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.cacert.gigi.output.template.Form;
+
+public abstract class ManagedFormPage extends Page {
+
+    Class<? extends Form> c;
+
+    public ManagedFormPage(String title, Class<? extends Form> t) {
+        super(title);
+        c = t;
+    }
+
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form form = Form.getForm(req, c);
+            form.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        }
+    }
+
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, c).submitExceptionProtected(req, resp);
+    }
+
+}
diff --git a/src/org/cacert/gigi/pages/ManagedMultiFormPage.java b/src/org/cacert/gigi/pages/ManagedMultiFormPage.java

new file mode 100644 (file)

index 0000000..938a7f7
--- /dev/null
+++ b/src/org/cacert/gigi/pages/ManagedMultiFormPage.java
@@ -0,0 +1,32 @@
+package org.cacert.gigi.pages;
+
+import java.io.IOException;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
+
+public abstract class ManagedMultiFormPage extends Page {
+
+    public ManagedMultiFormPage(String title) {
+        super(title);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            getForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        }
+    }
+
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return getForm(req).submitExceptionProtected(req, resp);
+    }
+
+    public abstract Form getForm(HttpServletRequest req) throws CSRFException;
+
+}
diff --git a/src/org/cacert/gigi/pages/OneFormPage.java b/src/org/cacert/gigi/pages/OneFormPage.java

index cfcc1983167675cffe15ff5a53218426e0c31ce8..512dad49367aeb126453531ad791f57b350c38df 100644 (file)
--- a/src/org/cacert/gigi/pages/OneFormPage.java
+++ b/src/org/cacert/gigi/pages/OneFormPage.java
@@ -9,7 +9,7 @@ import javax.servlet.http.HttpServletResponse;
  import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.output.template.Form;
  
-public abstract class OneFormPage extends Page {
+public class OneFormPage extends Page {
  
      Class<? extends Form> c;
  
@@ -18,11 +18,16 @@ public abstract class OneFormPage extends Page {
          c = t;
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, c).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          Form form = Form.getForm(req, c);
-        if (form.submitProtected(resp.getWriter(), req)) {
-            resp.sendRedirect(getSuccessPath(form));
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            form.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
          }
      }
  
@@ -35,6 +40,4 @@ public abstract class OneFormPage extends Page {
          }
      }
  
-    public abstract String getSuccessPath(Form f);
-
  }
diff --git a/src/org/cacert/gigi/pages/PasswordResetPage.java b/src/org/cacert/gigi/pages/PasswordResetPage.java

index 4ac3b188ab10ffac60adf4e859835a11193b797a..580d0e54235da0c4e0305200f853fd1800ba86be 100644 (file)
--- a/src/org/cacert/gigi/pages/PasswordResetPage.java
+++ b/src/org/cacert/gigi/pages/PasswordResetPage.java
@@ -16,8 +16,8 @@ import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.MailTemplate;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  import org.cacert.gigi.util.AuthorizationContext;
-import org.cacert.gigi.util.HTMLEncoder;
  import org.cacert.gigi.util.RandomToken;
  import org.cacert.gigi.util.ServerConstants;
  
@@ -59,7 +59,7 @@ public class PasswordResetPage extends Page {
          }
  
          @Override
-        public boolean submit(HttpServletRequest req) throws GigiApiException {
+        public SuccessMessageResult submit(HttpServletRequest req) throws GigiApiException {
              try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) {
                  passwordReset.setInt(1, HOUR_MAX);
                  passwordReset.execute();
@@ -75,26 +75,26 @@ public class PasswordResetPage extends Page {
                  throw new GigiApiException("New passwords differ.");
              }
              u.consumePasswordResetTicket(id, tok, p1);
-            return true;
+            return new SuccessMessageResult(new TranslateCommand("Password reset successful."));
          }
  
          @Override
          protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
-
              t.output(out, l, vars);
          }
  
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, PasswordResetForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        PasswordResetForm form = Form.getForm(req, PasswordResetForm.class);
-        PrintWriter w = resp.getWriter();
-        if (form.submitProtected(w, req)) {
-            w.println("<div class='alert alert-success'>");
-            w.println(HTMLEncoder.encodeHTML(getLanguage(req).getTranslation("Password reset successful.")));
-            w.println("</div>");
-            return;
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            PasswordResetForm form = Form.getForm(req, PasswordResetForm.class);
+            form.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
          }
      }
  
diff --git a/src/org/cacert/gigi/pages/Verify.java b/src/org/cacert/gigi/pages/Verify.java

index a17ec62b78964c6ee248432ca3d70d22bd332f52..d7e5aed6bfe405c22512822755ab108da412c759 100644 (file)
--- a/src/org/cacert/gigi/pages/Verify.java
+++ b/src/org/cacert/gigi/pages/Verify.java
@@ -15,6 +15,7 @@ import org.cacert.gigi.dbObjects.EmailAddress;
  import org.cacert.gigi.dbObjects.Verifyable;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Scope;
  import org.cacert.gigi.output.template.SprintfCommand;
  
  public class Verify extends Page {
@@ -54,21 +55,26 @@ public class Verify extends Page {
          }
  
          @Override
-        public boolean submit(HttpServletRequest req) throws GigiApiException {
+        public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
+            HashMap<String, Object> data = new HashMap<>();
+            data.put("subject", subject);
              if ("email".equals(type)) {
                  try {
                      target.verify(hash);
                  } catch (IllegalArgumentException e) {
                      throw new GigiApiException("The email address is invalid.");
                  }
+                return new SuccessMessageResult(new Scope(emailAddressVerified, data));
              } else if ("domain".equals(type)) {
                  try {
                      target.verify(hash);
                  } catch (IllegalArgumentException e) {
                      throw new GigiApiException("The domain is invalid.");
                  }
+                return new SuccessMessageResult(new Scope(domainVerified, data));
+            } else {
+                throw new GigiApiException("Invalid object type.");
              }
-            return true;
          }
  
          @Override
@@ -93,19 +99,15 @@ public class Verify extends Page {
          return false;
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, VerificationForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        VerificationForm form = Form.getForm(req, VerificationForm.class);
-        if (form.submitProtected(resp.getWriter(), req)) {
-            String type = form.type;
-            HashMap<String, Object> data = new HashMap<>();
-            data.put("subject", form.subject);
-            PrintWriter out = resp.getWriter();
-            if ("email".equals(type)) {
-                emailAddressVerified.output(out, getLanguage(req), data);
-            } else if ("domain".equals(type)) {
-                domainVerified.output(out, getLanguage(req), data);
-            }
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, VerificationForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
          }
      }
  
diff --git a/src/org/cacert/gigi/pages/account/ChangeForm.java b/src/org/cacert/gigi/pages/account/ChangeForm.java

index 582fea07428f47d41ce68af5a2a985c81c2d0bbc..086c8a85c503aa350917eb5780f6780d484cee57 100644 (file)
--- a/src/org/cacert/gigi/pages/account/ChangeForm.java
+++ b/src/org/cacert/gigi/pages/account/ChangeForm.java
@@ -10,6 +10,7 @@ import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  
  public class ChangeForm extends Form {
  
@@ -28,7 +29,7 @@ public class ChangeForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String oldpassword = req.getParameter("oldpassword");
          String p1 = req.getParameter("pword1");
          String p2 = req.getParameter("pword2");
@@ -47,7 +48,7 @@ public class ChangeForm extends Form {
          if ( !error.isEmpty()) {
              throw error;
          }
-        return true;
+        return new SuccessMessageResult(new TranslateCommand("Password changed."));
      }
  
  }
diff --git a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java

index a88d6a24c0011f3850478cd2d84170c8bb1c229c..60cfaa0b33ceacd7735685ebad8aca9d690fa6d1 100644 (file)
--- a/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
+++ b/src/org/cacert/gigi/pages/account/ChangePasswordPage.java
@@ -7,16 +7,15 @@ import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
  import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedFormPage;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class ChangePasswordPage extends Page {
+public class ChangePasswordPage extends ManagedFormPage {
  
      public static final String PATH = "/account/password";
  
      public ChangePasswordPage() {
-        super("Change Password");
+        super("Change Password", ChangeForm.class);
      }
  
      @Override
@@ -24,11 +23,6 @@ public class ChangePasswordPage extends Page {
          new ChangeForm(req, getUser(req)).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
      }
  
-    @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        Form.getForm(req, ChangeForm.class).submitProtected(resp.getWriter(), req);
-    }
-
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
          return ac != null && ac.getTarget() instanceof User;
diff --git a/src/org/cacert/gigi/pages/account/FindAgentAccess.java b/src/org/cacert/gigi/pages/account/FindAgentAccess.java

index 0728cdd4e221943fb7779d2157bccd5ea7b1a44d..47735f3273cf3220da81c0963441c883ec12a878 100644 (file)
--- a/src/org/cacert/gigi/pages/account/FindAgentAccess.java
+++ b/src/org/cacert/gigi/pages/account/FindAgentAccess.java
@@ -27,17 +27,17 @@ public class FindAgentAccess extends Form {
      private static final Template t = new Template(ChangePasswordPage.class.getResource("FindAgentAccess.templ"));
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String nv = req.getParameter("new-val");
          if (nv == null) {
-            return false;
+            throw new GigiApiException("Parameter new-val missing.");
          }
          if (nv.equals("enable")) {
              target.grantGroup(target, Group.LOCATE_AGENT);
          } else {
              target.revokeGroup(target, Group.LOCATE_AGENT);
          }
-        return true;
+        return new RedirectResult(FindAgentAccess.PATH);
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/MyDetails.java b/src/org/cacert/gigi/pages/account/MyDetails.java

index 321e90939a879d8d9636911ed93725037b4a44ac..e6ba3ead537408fa6f1e36a0abfe480f01e4884a 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyDetails.java
+++ b/src/org/cacert/gigi/pages/account/MyDetails.java
@@ -33,15 +33,11 @@ public class MyDetails extends Page {
  
      @Override
      public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (req.getParameter("orgaForm") != null && Form.getForm(req, MyOrganisationsForm.class).submitExceptionProtected(req)) {
-            resp.sendRedirect(PATH);
-            return true;
+        if (req.getParameter("orgaForm") != null) {
+            return Form.getForm(req, MyOrganisationsForm.class).submitExceptionProtected(req, resp);
          }
          if (req.getParameter("action") != null || req.getParameter("removeName") != null || req.getParameter("deprecateName") != null || req.getParameter("preferred") != null) {
-            if (Form.getForm(req, MyDetailsForm.class).submitExceptionProtected(req)) {
-                resp.sendRedirect(PATH);
-                return true;
-            }
+            return Form.getForm(req, MyDetailsForm.class).submitExceptionProtected(req, resp);
          }
          return false;
      }
diff --git a/src/org/cacert/gigi/pages/account/MyDetailsForm.java b/src/org/cacert/gigi/pages/account/MyDetailsForm.java

index 6a1bb25a3404b9d1bcd7c119791f7f7345a3363b..f5b6f514fc6c3c9eca77816f5ab00a8b1d1eeefe 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyDetailsForm.java
+++ b/src/org/cacert/gigi/pages/account/MyDetailsForm.java
@@ -55,7 +55,7 @@ public class MyDetailsForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          try {
              String rn = req.getParameter("removeName");
              if (rn != null) {
@@ -67,7 +67,7 @@ public class MyDetailsForm extends Form {
                      throw new GigiApiException("Cannot remove the account's preferred name.");
                  }
                  n.remove();
-                return true;
+                return new RedirectResult(MyDetails.PATH);
              }
              String dn = req.getParameter("deprecateName");
              if (dn != null) {
@@ -79,31 +79,29 @@ public class MyDetailsForm extends Form {
                      throw new GigiApiException("Cannot deprecate the account's preferred name.");
                  }
                  n.deprecate();
-                return true;
+                return new RedirectResult(MyDetails.PATH);
              }
              String pn = req.getParameter("preferred");
              if (pn != null) {
                  Name n = Name.getById(Integer.parseInt(pn));
                  target.setPreferredName(n);
-                return true;
+                return new RedirectResult(MyDetails.PATH);
              }
  
              String action = req.getParameter("action");
              if ("addName".equals(action)) {
                  ni.update(req);
                  ni.createName(target);
-                return true;
-            }
-            if ("updateDoB".equals(action)) {
+                return new RedirectResult(MyDetails.PATH);
+            } else if ("updateDoB".equals(action)) {
                  ds.update(req);
                  target.setDoB(ds.getDate());
-            }
-            if ("updateResidenceCountry".equals(action)) {
+                return new RedirectResult(MyDetails.PATH);
+            } else if ("updateResidenceCountry".equals(action)) {
                  cs.update(req);
                  target.setResidenceCountry(cs.getCountry());
-            }
-
-            if ("addGroup".equals(action) || "removeGroup".equals(action)) {
+                return new RedirectResult(MyDetails.PATH);
+            } else if ("addGroup".equals(action) || "removeGroup".equals(action)) {
                  selectedGroup.update(req);
                  Group toMod = selectedGroup.getGroup();
                  if ("addGroup".equals(action)) {
@@ -111,13 +109,14 @@ public class MyDetailsForm extends Form {
                  } else {
                      target.revokeGroup(target, toMod);
                  }
-                return true;
+                return new RedirectResult(MyDetails.PATH);
+            } else {
+                throw new GigiApiException("Invalid action.");
              }
  
          } catch (NumberFormatException e) {
              throw new GigiApiException("Invalid value.");
          }
-        return false;
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java b/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java

index 9879c37d55cbe557f63cc211d70079b6271e8ce8..aaa84173e09cf8a78c283fb60199c0d521ae93ac 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java
+++ b/src/org/cacert/gigi/pages/account/MyOrganisationsForm.java
@@ -30,10 +30,10 @@ public class MyOrganisationsForm extends Form {
      private static final Template template = new Template(MyOrganisationsForm.class.getResource("MyOrganisationsForm.templ"));
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (req.getParameter("org-leave") != null) {
              req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(target.getActor(), target.getActor()));
-            return true;
+            return new RedirectResult(MyDetails.PATH);
          }
          Enumeration<String> i = req.getParameterNames();
          int orgId = -1;
@@ -52,11 +52,10 @@ public class MyOrganisationsForm extends Form {
              if (org.getId() == orgId) {
  
                  req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(org, target.getActor()));
-                return true;
+                return new RedirectResult(MyDetails.PATH);
              }
          }
-        System.out.println("Switch fialed");
-        return false;
+        throw new PermamentFormException(new GigiApiException("Context switch failed."));
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java b/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java

index eeb3eafb1ab552449d27c0d06115b5d39ab37349..b61ec3ec62eaca1fc070a8513c2a5c509de3b7b2 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateAdd.java
@@ -1,25 +1,21 @@
  package org.cacert.gigi.pages.account.certs;
  
  import java.io.IOException;
-import java.util.Collections;
  import java.util.HashMap;
  
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
-import org.cacert.gigi.dbObjects.Certificate;
-import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  import org.cacert.gigi.dbObjects.Group;
-import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedFormPage;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class CertificateAdd extends Page {
+public class CertificateAdd extends ManagedFormPage {
  
      public static final String PATH = "/account/certs/new";
  
      public CertificateAdd() {
-        super("Create certificate");
+        super("Create certificate", CertificateIssueForm.class);
      }
  
      @Override
@@ -27,34 +23,6 @@ public class CertificateAdd extends Page {
          new CertificateIssueForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
      }
  
-    @Override
-    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
-        if (f.submitExceptionProtected(req)) {
-            Certificate c = f.getResult();
-            if (c.getStatus() != CertificateStatus.ISSUED) {
-                resp.getWriter().println("Timeout while waiting for certificate.");
-                return false;
-            }
-            String ser = c.getSerial();
-            if (ser.isEmpty()) {
-                resp.getWriter().println("Timeout while waiting for certificate.");
-                return false;
-            }
-            resp.sendRedirect(Certificates.PATH + "/" + ser);
-            return true;
-        }
-        return super.beforePost(req, resp);
-    }
-
-    @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (Form.printFormErrors(req, resp.getWriter())) {
-            CertificateIssueForm f = Form.getForm(req, CertificateIssueForm.class);
-            f.output(resp.getWriter(), getLanguage(req), Collections.<String, Object>emptyMap());
-        }
-    }
-
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
          return super.isPermitted(ac) && !ac.isInGroup(Group.BLOCKEDCERT);
diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java

index badef543fdc4474cc4e569f558c9b402a9c81ce1..0a29fb2d7506e8037750e455426485508048b564 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java
@@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletRequest;
  
  import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName;
  import org.cacert.gigi.dbObjects.CertificateProfile;
  import org.cacert.gigi.dbObjects.Organisation;
@@ -56,18 +57,18 @@ public class CertificateIssueForm extends Form {
      CertificateValiditySelector issueDate = new CertificateValiditySelector();
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String csr = req.getParameter("CSR");
          String spkac = req.getParameter("SPKAC");
          try {
              if (csr != null) {
                  cr = new CertificateRequest(c, csr);
                  // TODO cr.checkKeyStrength(out);
-                return false;
+                return new FormContinue();
              } else if (spkac != null) {
                  cr = new CertificateRequest(c, spkac, spkacChallenge);
                  // TODO cr.checkKeyStrength(out);
-                return false;
+                return new FormContinue();
              } else if (cr != null) {
                  login = "1".equals(req.getParameter("login"));
                  issueDate.update(req);
@@ -94,7 +95,15 @@ public class CertificateIssueForm extends Form {
                  }
                  result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000);
                  this.result = result;
-                return true;
+                Certificate c = result;
+                if (c.getStatus() != CertificateStatus.ISSUED) {
+                    throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate."));
+                }
+                String ser = c.getSerial();
+                if (ser.isEmpty()) {
+                    throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate."));
+                }
+                return new RedirectResult(Certificates.PATH + "/" + ser);
              } else {
                  throw new GigiApiException("Error no action.");
              }
diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java

index e6f53cce877a9f2098f1ff44b07838c20e8b3bed..7c3f7840689ea24c9c2c9136896a9a6d19b1d287 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java
@@ -6,6 +6,7 @@ import java.util.Map;
  
  import javax.servlet.http.HttpServletRequest;
  
+import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Certificate;
  import org.cacert.gigi.dbObjects.CertificateOwner;
  import org.cacert.gigi.dbObjects.Job;
@@ -32,15 +33,14 @@ public class CertificateModificationForm extends Form {
      private static final Template myTemplate = new Template(CertificateModificationForm.class.getResource("CertificateModificationForm.templ"));
  
      @Override
-    public boolean submit(HttpServletRequest req) {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String action = req.getParameter("action");
          if ( !"revoke".equals(action)) {
-            return false;
+            throw new GigiApiException("Incorrect action given.");
          }
          String[] certs = req.getParameterValues("certs[]");
          if (certs == null) {
-            // nothing to do
-            return false;
+            throw new GigiApiException("No certificates to revoke.");
          }
          LinkedList<Job> revokes = new LinkedList<Job>();
          for (String serial : certs) {
@@ -59,8 +59,7 @@ public class CertificateModificationForm extends Form {
                  break; // canceled... waited too log
              }
          }
-
-        return false;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/certs/Certificates.java b/src/org/cacert/gigi/pages/account/certs/Certificates.java

index 8acd48422c03044aa9f06f36e6952e787d97e5c4..23cd915da26b0a7b4dd5daf297af9afbbd526688 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/Certificates.java
+++ b/src/org/cacert/gigi/pages/account/certs/Certificates.java
@@ -104,21 +104,13 @@ public class Certificates extends Page implements HandlesMixedRequest {
      @Override
      public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          if (support && "revoke".equals(req.getParameter("action"))) {
-            if (Form.getForm(req, RevokeSingleCertForm.class).submitExceptionProtected(req)) {
-                resp.sendRedirect(req.getPathInfo());
-                return true;
-            }
-            return false;
+            return Form.getForm(req, RevokeSingleCertForm.class).submitExceptionProtected(req, resp);
          }
          if ( !req.getPathInfo().equals(PATH)) {
              resp.sendError(500);
              return true;
          }
-        if (Form.getForm(req, CertificateModificationForm.class).submitExceptionProtected(req)) {
-            resp.sendRedirect(PATH);
-            return true;
-        }
-        return false;
+        return Form.getForm(req, CertificateModificationForm.class).submitExceptionProtected(req, resp);
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java b/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java

index 7cb2cbc635243926bd8b4e9920091bd852e1eadc..372b5568e5f5bad691d0116f4a51de88baf25a29 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java
+++ b/src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java
@@ -27,13 +27,13 @@ public class RevokeSingleCertForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public RedirectResult submit(HttpServletRequest req) throws GigiApiException {
          if (target != null) {
              target.revokeCertificate(c);
          } else {
              c.revoke().waitFor(60000);
          }
-        return true;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java b/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java

index 7625abc07a0768e1f0a46cde76900827bc47d7d2..584821796f6496b6e657d4a33a573421ba9e7aba 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainAddForm.java
@@ -28,7 +28,7 @@ public class DomainAddForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          try {
              String parameter = req.getParameter("newdomain");
              if (parameter.trim().isEmpty()) {
@@ -37,7 +37,7 @@ public class DomainAddForm extends Form {
              Domain d = new Domain(target, target, parameter);
              pcf.setTarget(d);
              pcf.submit(req);
-            return true;
+            return new RedirectResult(DomainOverview.PATH);
          } catch (NumberFormatException e) {
              throw new GigiApiException("A number could not be parsed");
          }
diff --git a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java

index 5b97d321b9871ee2e35d84e7a8ca7d3d953dcb5c..c6ea009f1d3dc669c8edfcfc8ed3fca1e9060bca 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java
@@ -12,6 +12,7 @@ import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.orga.ViewOrgPage;
  
  public class DomainManagementForm extends Form {
  
@@ -28,7 +29,7 @@ public class DomainManagementForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String dels = req.getParameter("delete");
  
          int delId = Integer.parseInt(dels);
@@ -38,11 +39,11 @@ public class DomainManagementForm extends Form {
          } else {
              throw new GigiApiException("Domain was not found.");
          }
-        return true;
-    }
-
-    public CertificateOwner getTarget() {
-        return target;
+        if (foreign) {
+            return new RedirectResult(ViewOrgPage.DEFAULT_PATH + "/" + target.getId());
+        } else {
+            return new RedirectResult(DomainOverview.PATH);
+        }
      }
  
      @Override
@@ -60,7 +61,7 @@ public class DomainManagementForm extends Form {
                  Domain domain = doms[point];
                  vars.put("id", domain.getId());
                  if ( !foreign) {
-                    vars.put("domainhref", DomainOverview.PATH + domain.getId());
+                    vars.put("domainhref", DomainOverview.PATH + "/" + domain.getId());
                  }
                  vars.put("domain", domain.getSuffix());
                  vars.put("status", l.getTranslation(domain.isVerified() ? "verified" : "not verified"));
diff --git a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java

index 4d8165df3f86c4c7944ea8778de7e9dd3e1db8dc..aa2043a1fbd0765f867b12229279213577f86f8b 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java
@@ -8,15 +8,15 @@ import javax.servlet.http.HttpServletResponse;
  
  import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.CertificateOwner;
-import org.cacert.gigi.dbObjects.Domain;
  import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
  import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
  
-public class DomainOverview extends Page {
+public class DomainOverview extends ManagedMultiFormPage {
  
-    public static final String PATH = "/account/domains/";
+    public static final String PATH = "/account/domains";
  
      public DomainOverview() {
          super("Domains");
@@ -25,30 +25,6 @@ public class DomainOverview extends Page {
      @Override
      public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
-        String pi = req.getPathInfo();
-        if (pi.length() - PATH.length() > 0) {
-            Form.printFormErrors(req, resp.getWriter());
-            int i = Integer.parseInt(pi.substring(PATH.length()));
-            Domain d;
-            try {
-                d = Domain.getById(i);
-            } catch (IllegalArgumentException e) {
-                resp.getWriter().println(getLanguage(req).getTranslation("Access denied"));
-                return;
-            }
-            if (d == null || u.getId() != d.getOwner().getId()) {
-                resp.getWriter().println(getLanguage(req).getTranslation("Access denied"));
-                return;
-            }
-            new DomainPinglogForm(req, d).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
-            try {
-                new PingConfigForm(req, d).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
-            } catch (GigiApiException e) {
-                e.format(resp.getWriter(), getLanguage(req));
-            }
-            return;
-
-        }
          try {
              DomainManagementForm domMan = new DomainManagementForm(req, u, false);
              HashMap<String, Object> vars = new HashMap<>();
@@ -64,39 +40,12 @@ public class DomainOverview extends Page {
      }
  
      @Override
-    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        String pi = req.getPathInfo();
-        if (pi.length() - PATH.length() > 0) {
-            if (req.getParameter("configId") != null) {
-                if (Form.getForm(req, DomainPinglogForm.class).submitExceptionProtected(req)) {
-                    resp.sendRedirect(pi);
-                    return true;
-                }
-
-            } else {
-                if (Form.getForm(req, PingConfigForm.class).submitExceptionProtected(req)) {
-                    resp.sendRedirect(pi);
-                    return true;
-                }
-            }
-
-        }
-        return super.beforePost(req, resp);
-    }
-
-    @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+    public Form getForm(HttpServletRequest req) throws CSRFException {
          if (req.getParameter("adddomain") != null) {
-            DomainAddForm f = Form.getForm(req, DomainAddForm.class);
-            if (f.submitProtected(resp.getWriter(), req)) {
-                resp.sendRedirect(PATH);
-            }
+            return Form.getForm(req, DomainAddForm.class);
          } else if (req.getParameter("delete") != null) {
-            DomainManagementForm f = Form.getForm(req, DomainManagementForm.class);
-            if (f.submitProtected(resp.getWriter(), req)) {
-                resp.sendRedirect(PATH);
-            }
+            return Form.getForm(req, DomainManagementForm.class);
          }
-        super.doPost(req, resp);
+        return null;
      }
  }
diff --git a/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java b/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java

index d2e8306675c36b41098aaa1c9753f5e8f26dd636..54209b20f34784894ee4b09e539d8daaa9b94e40 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java
@@ -28,10 +28,10 @@ public class DomainPinglogForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
  
-        int i = Integer.parseInt(req.getPathInfo().substring(DomainOverview.PATH.length()));
+        int i = Integer.parseInt(req.getPathInfo().substring(DomainOverview.PATH.length() + 1));
          Domain d = Domain.getById(i);
          if (u.getId() != d.getOwner().getId()) {
              throw new GigiApiException("Error, owner mismatch.");
@@ -42,7 +42,7 @@ public class DomainPinglogForm extends Form {
              throw new GigiApiException("Error, target mismatch.");
          }
          dpc.requestReping();
-        return true;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/domain/EditDomain.java b/src/org/cacert/gigi/pages/account/domain/EditDomain.java

new file mode 100644 (file)

index 0000000..f7df490
--- /dev/null
+++ b/src/org/cacert/gigi/pages/account/domain/EditDomain.java
@@ -0,0 +1,67 @@
+package org.cacert.gigi.pages.account.domain;
+
+import java.io.IOException;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.CertificateOwner;
+import org.cacert.gigi.dbObjects.Domain;
+import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
+import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
+
+public class EditDomain extends ManagedMultiFormPage {
+
+    public static final String PATH = "/account/domains/";
+
+    public EditDomain() {
+        super("Domain");
+    }
+
+    @Override
+    public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        CertificateOwner u = LoginPage.getAuthorizationContext(req).getTarget();
+        String pi = req.getPathInfo();
+        if (pi.length() - PATH.length() <= 0) {
+            return;
+        }
+        Form.printFormErrors(req, resp.getWriter());
+        int i = Integer.parseInt(pi.substring(PATH.length()));
+        Domain d;
+        try {
+            d = Domain.getById(i);
+        } catch (IllegalArgumentException e) {
+            resp.getWriter().println(getLanguage(req).getTranslation("Access denied"));
+            return;
+        }
+        if (d == null || u.getId() != d.getOwner().getId()) {
+            resp.getWriter().println(getLanguage(req).getTranslation("Access denied"));
+            return;
+        }
+        new DomainPinglogForm(req, d).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        try {
+            new PingConfigForm(req, d).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        } catch (GigiApiException e) {
+            e.format(resp.getWriter(), getLanguage(req));
+        }
+
+    }
+
+    @Override
+    public Form getForm(HttpServletRequest req) throws CSRFException {
+        String pi = req.getPathInfo();
+        if (pi.length() - PATH.length() <= 0) {
+            return null;
+        }
+        if (req.getParameter("configId") != null) {
+            return Form.getForm(req, DomainPinglogForm.class);
+        } else {
+            return Form.getForm(req, PingConfigForm.class);
+        }
+    }
+
+}
diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java

index 6c3ca4002981a42234a4dd80ddb19030497a7e74..6d23c3a0a14ea4fbe0732cf9069bfc3cb2bece3d 100644 (file)
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
@@ -108,7 +108,7 @@ public class PingConfigForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          target.clearPings();
          if (req.getParameter("emailType") != null && req.getParameter("email") != null) {
              try {
@@ -142,7 +142,7 @@ public class PingConfigForm extends Form {
              }
          }
          Gigi.notifyPinger(null);
-        return true;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/mail/MailAddForm.java b/src/org/cacert/gigi/pages/account/mail/MailAddForm.java

index bb28a119aa797f85978337ae619995961a00b0b8..47cd8384e831ba7899a9b8b82a553f96afc1b1fe 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailAddForm.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailAddForm.java
@@ -28,7 +28,7 @@ public class MailAddForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String formMail = req.getParameter("newemail");
          mail = formMail;
          try {
@@ -36,7 +36,7 @@ public class MailAddForm extends Form {
          } catch (IllegalArgumentException e) {
              throw new GigiApiException(new PlainOutputable("Invalid address."));
          }
-        return true;
+        return new RedirectResult(MailOverview.DEFAULT_PATH);
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java b/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java

index 2287a015fd533ba6706daeaef1e387b345731fda..87087b7484c2de0a48295fda323b645087f9914b 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailManagementForm.java
@@ -27,7 +27,7 @@ public class MailManagementForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          try {
              String d;
              if ((d = req.getParameter("default")) != null) {
@@ -37,7 +37,7 @@ public class MailManagementForm extends Form {
              } else if ((d = req.getParameter("reping")) != null) {
                  EmailAddress.getById(Integer.parseInt(d)).requestReping(Page.getLanguage(req));
              }
-            return true;
+            return new RedirectResult(MailOverview.DEFAULT_PATH);
          } catch (IOException e1) {
              throw new GigiApiException("Error while doing reping.");
          }
diff --git a/src/org/cacert/gigi/pages/account/mail/MailOverview.java b/src/org/cacert/gigi/pages/account/mail/MailOverview.java

index 4177d79cca7dfeb820607bac63ce07979a0f6886..ef98a091238c35bc1e76ae7e0687cbfcce2c65bf 100644 (file)
--- a/src/org/cacert/gigi/pages/account/mail/MailOverview.java
+++ b/src/org/cacert/gigi/pages/account/mail/MailOverview.java
@@ -6,14 +6,15 @@ import java.util.HashMap;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
-import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class MailOverview extends Page {
+public class MailOverview extends ManagedMultiFormPage {
  
      public static final String DEFAULT_PATH = "/account/mails";
  
@@ -23,36 +24,43 @@ public class MailOverview extends Page {
  
      @Override
      public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        final User us = getUser(req);
+        User user = getUser(req);
+        output(req, resp, new MailAddForm(req, user), new MailManagementForm(req, user));
+    }
+
+    private void output(HttpServletRequest req, HttpServletResponse resp, MailAddForm addForm, MailManagementForm mgmtForm) throws IOException {
          Language lang = Page.getLanguage(req);
          HashMap<String, Object> vars = new HashMap<>();
-        vars.put("addForm", new MailAddForm(req, us));
-        vars.put("manForm", new MailManagementForm(req, us));
+        vars.put("addForm", addForm);
+        vars.put("manForm", mgmtForm);
          getDefaultTemplate().output(resp.getWriter(), lang, vars);
      }
  
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        try {
-            if (req.getParameter("addmail") != null) {
-                MailAddForm f = Form.getForm(req, MailAddForm.class);
-                if (f.submit(req)) {
-                    resp.sendRedirect(MailOverview.DEFAULT_PATH);
-                }
+        Form current = getForm(req);
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            User user = getUser(req);
+            if (current instanceof MailAddForm) {
+                output(req, resp, (MailAddForm) current, new MailManagementForm(req, user));
              } else {
-                MailManagementForm f = Form.getForm(req, MailManagementForm.class);
-                if (f.submit(req)) {
-                    resp.sendRedirect(MailOverview.DEFAULT_PATH);
-                }
+                output(req, resp, new MailAddForm(req, user), (MailManagementForm) current);
              }
-        } catch (GigiApiException e) {
-            e.format(resp.getWriter(), getLanguage(req));
          }
-        super.doPost(req, resp);
+    }
+
+    @Override
+    public Form getForm(HttpServletRequest req) throws CSRFException {
+        if (req.getParameter("addmail") != null) {
+            return Form.getForm(req, MailAddForm.class);
+        } else {
+            return Form.getForm(req, MailManagementForm.class);
+        }
      }
  
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
          return ac != null && ac.getTarget() instanceof User;
      }
+
  }
diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminForm.java b/src/org/cacert/gigi/pages/admin/TTPAdminForm.java

index 8b38b18d30cfb2b9526428e4e8ae5c94a4055182..2f3ee8429c830cbcef2b2a7fe4f7d3ecc58e1b80 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/TTPAdminForm.java
+++ b/src/org/cacert/gigi/pages/admin/TTPAdminForm.java
@@ -27,11 +27,11 @@ public class TTPAdminForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (req.getParameter("deny") != null) {
              u.revokeGroup(ttpAdmin, TTPAdminPage.TTP_APPLICANT);
          }
-        return false;
+        return new RedirectResult(TTPAdminPage.PATH);
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java

index bf773cb4b9ac1946bae5d38b1c319baac3d28bf4..286a08d5639b377fb650d301c27153985a1a9d93 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
+++ b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java
@@ -28,10 +28,15 @@ public class TTPAdminPage extends Page {
          super("TTP-Admin");
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, TTPAdminForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        if (Form.getForm(req, TTPAdminForm.class).submitProtected(resp.getWriter(), req)) {
-            resp.sendRedirect(PATH);
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, TTPAdminForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
          }
      }
  
diff --git a/src/org/cacert/gigi/pages/admin/support/FindCertForm.java b/src/org/cacert/gigi/pages/admin/support/FindCertForm.java

index 8ffee24942e35b52594275c32d434ab7d1bbc307..207a2a8a6242c1e3ff1f85e30e5a1b0c89ffbaa5 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindCertForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindCertForm.java
@@ -15,6 +15,20 @@ import org.cacert.gigi.output.template.Template;
  
  public class FindCertForm extends Form {
  
+    public static class FindResult extends SuccessMessageResult {
+
+        private final Certificate[] certs;
+
+        public FindResult(Certificate[] certs) {
+            super(null);
+            this.certs = certs;
+        }
+
+        public Certificate[] getCerts() {
+            return certs;
+        }
+    }
+
      private static final Template t = new Template(FindCertForm.class.getResource("FindCertForm.templ"));
  
      private final String SERIAL = "serial";
@@ -28,7 +42,7 @@ public class FindCertForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          this.certType = req.getParameter("certType");
          String request = req.getParameter("cert").trim();
  
@@ -50,7 +64,7 @@ public class FindCertForm extends Form {
                  throw new GigiApiException(SprintfCommand.createSimple("No certificate found matching {0}", request));
              }
          }
-        return true;
+        return new FindCertForm.FindResult(getCerts());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/FindCertPage.java b/src/org/cacert/gigi/pages/admin/support/FindCertPage.java

index 2e1f913471797551e9e9b3ffe4968683385b0fd2..e7f6b95e4a4a9558a45f0328f51a7de4394973c6 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindCertPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindCertPage.java
@@ -33,11 +33,15 @@ public class FindCertPage extends Page {
          new FindCertForm(req).output(resp.getWriter(), Page.getLanguage(req), new HashMap<String, Object>());
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, FindCertForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        FindCertForm form = Form.getForm(req, FindCertForm.class);
-        if (form.submitProtected(resp.getWriter(), req)) {
-            final Certificate[] certs = form.getCerts();
+        if ( !Form.printFormErrors(req, resp.getWriter())) {
+            final Certificate[] certs = ((FindCertForm.FindResult) req.getAttribute(Form.SUBMIT_RESULT)).getCerts();
              if (certs.length == 1) {
                  resp.sendRedirect(Certificates.SUPPORT_PATH + "/" + certs[0].getSerial());
              } else {
diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java

index 35fa8f2432dcd6b8c86ef766fdddb9951cceed01..9aae447036155ec8e4dd4e986b49f0db239591fe 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java
@@ -8,6 +8,8 @@ import javax.servlet.http.HttpServletRequest;
  import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.CertificateOwner;
  import org.cacert.gigi.dbObjects.Domain;
+import org.cacert.gigi.dbObjects.Organisation;
+import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.SprintfCommand;
@@ -15,6 +17,20 @@ import org.cacert.gigi.output.template.Template;
  
  public class FindUserByDomainForm extends Form {
  
+    public static class FindDomainResult extends SuccessMessageResult {
+
+        private final CertificateOwner owner;
+
+        public FindDomainResult(CertificateOwner owner) {
+            super(null);
+            this.owner = owner;
+        }
+
+        public CertificateOwner getOwner() {
+            return owner;
+        }
+    }
+
      private CertificateOwner res = null;
  
      private static final Template t = new Template(FindUserByDomainForm.class.getResource("FindUserByDomainForm.templ"));
@@ -24,7 +40,7 @@ public class FindUserByDomainForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String request = req.getParameter("domain");
          Domain d = null;
          if (request.matches("#[0-9]+")) {
@@ -40,7 +56,13 @@ public class FindUserByDomainForm extends Form {
              throw new GigiApiException(SprintfCommand.createSimple("No personal domains found matching {0}", request));
          }
          res = d.getOwner();
-        return true;
+        if (res instanceof User) {
+            return new RedirectResult(SupportUserDetailsPage.PATH + res.getId() + "/");
+        } else if (res instanceof Organisation) {
+            return new RedirectResult("/support/domain/" + res.getId());
+        } else {
+            throw new PermamentFormException(new GigiApiException("Unknown owner type."));
+        }
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainPage.java b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainPage.java

index 3572d3e626460699d2d2ca4ef28189c81977cb1f..8a64218087c871c49de63299faffa9dab5c7d1c5 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByDomainPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByDomainPage.java
@@ -1,13 +1,16 @@
  package org.cacert.gigi.pages.admin.support;
  
-import org.cacert.gigi.dbObjects.CertificateOwner;
-import org.cacert.gigi.dbObjects.Organisation;
-import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.pages.OneFormPage;
+import java.io.IOException;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.cacert.gigi.pages.ManagedFormPage;
+import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class FindUserByDomainPage extends OneFormPage {
+public class FindUserByDomainPage extends ManagedFormPage {
  
      public static final String PATH = "/support/find/domain";
  
@@ -16,15 +19,8 @@ public class FindUserByDomainPage extends OneFormPage {
      }
  
      @Override
-    public String getSuccessPath(Form f) {
-        CertificateOwner res = ((FindUserByDomainForm) f).getRes();
-        if (res instanceof User) {
-            return SupportUserDetailsPage.PATH + res.getId() + "/";
-        } else if (res instanceof Organisation) {
-            return "/support/domain/" + res.getId();
-        } else {
-            throw new Error("Unknown owner type.");
-        }
+    public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        new FindUserByDomainForm(req).output(resp.getWriter(), Page.getLanguage(req), new HashMap<String, Object>());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java

index 70a66b048ba0cbed95565f9bc9750866f819abce..2978c48e213ce6435775713ea2c4bfad1ed7f0b4 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java
@@ -14,7 +14,19 @@ import org.cacert.gigi.output.template.Template;
  
  public class FindUserByEmailForm extends Form {
  
-    private EmailAddress emails[];
+    public static class FindEmailResult extends SuccessMessageResult {
+
+        private final EmailAddress[] emails;
+
+        public FindEmailResult(EmailAddress[] emails) {
+            super(null);
+            this.emails = emails;
+        }
+
+        public EmailAddress[] getEmails() {
+            return emails;
+        }
+    }
  
      private static final Template t = new Template(FindUserByDomainForm.class.getResource("FindUserByEmailForm.templ"));
  
@@ -23,22 +35,16 @@ public class FindUserByEmailForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          EmailAddress[] emails = EmailAddress.findByAllEmail(req.getParameter("email"));
          if (emails.length == 0) {
              throw new GigiApiException(SprintfCommand.createSimple("No users found matching {0}", req.getParameter("email")));
          }
-        this.emails = emails;
-        return true;
+        return new FindUserByEmailForm.FindEmailResult(emails);
      }
  
      @Override
      protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
          t.output(out, l, vars);
      }
-
-    public EmailAddress[] getEmails() {
-        return emails;
-    }
-
  }
diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailPage.java b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailPage.java

index 15e6933e69a2d9a602f374bde77c2d1598f1402d..9d731712cb9df146018f48ba14c293ba0b8d23a3 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/FindUserByEmailPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/FindUserByEmailPage.java
@@ -30,11 +30,17 @@ public class FindUserByEmailPage extends Page {
          new FindUserByEmailForm(req).output(resp.getWriter(), Page.getLanguage(req), new HashMap<String, Object>());
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, FindUserByEmailForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        FindUserByEmailForm form = Form.getForm(req, FindUserByEmailForm.class);
-        if (form.submitProtected(resp.getWriter(), req)) {
-            final EmailAddress[] emails = form.getEmails();
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, FindUserByEmailForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        } else {
+            final EmailAddress[] emails = ((FindUserByEmailForm.FindEmailResult) req.getAttribute(Form.SUBMIT_RESULT)).getEmails();
              if (emails.length == 1) {
                  resp.sendRedirect(SupportUserDetailsPage.PATH + emails[0].getOwner().getId() + "/");
              } else {
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java

index c4ed0dbed60c24b5b06e107a5dab72b0b2809610..e2e30a93d153169fced9f5858167be37e48b0510 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -22,22 +22,22 @@ public class SupportEnterTicketForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (req.getParameter("setTicket") != null) {
              // [asdmASDM]\d{8}\.\d+
              String ticket = req.getParameter("ticketno");
              if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
                  AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
                  req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ticket));
-                return true;
+                return new RedirectResult(SupportEnterTicketPage.PATH);
              }
-            return false;
+            throw new GigiApiException("Ticket format malformed");
          } else if (req.getParameter("deleteTicket") != null) {
              AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
              req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));
-            return true;
+            return new RedirectResult(SupportEnterTicketPage.PATH);
          }
-        return false;
+        throw new GigiApiException("No valid action given.");
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java

index 1c59db30d64b8a83239d29a93a18bd5784859e6d..01cc695fbe7a79edb8da2a0d91cbd0d6d8ff01a9 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java
@@ -26,11 +26,7 @@ public class SupportEnterTicketPage extends Page {
              return false;
          }
          SupportEnterTicketForm f = Form.getForm(req, SupportEnterTicketForm.class);
-        if (f.submitExceptionProtected(req)) {
-            resp.sendRedirect(PATH);
-            return true;
-        }
-        return false;
+        return f.submitExceptionProtected(req, resp);
  
      }
  
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java

index b43220c239bc1fdad5ec154b42e97b261a468ccd..5b163cc46af10ab6f82a158102b01b605e0003c0 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java
@@ -30,12 +30,12 @@ public class SupportRevokeCertificatesForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (user.getTicket() == null) {
              throw new GigiApiException("No ticket number set.");
          }
          user.revokeAllCertificates();
-        return true;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java

index 10fb19e51b5c72a015c14c797ae77811e35835f7..88b9b03b583a8081ef360f087f3a4ce646dbad05 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -18,6 +18,7 @@ import org.cacert.gigi.output.GroupIterator;
  import org.cacert.gigi.output.GroupSelector;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  import org.cacert.gigi.pages.LoginPage;
  
  public class SupportUserDetailsForm extends Form {
@@ -30,8 +31,6 @@ public class SupportUserDetailsForm extends Form {
  
      private GroupSelector value = new GroupSelector("groupToModify", true);
  
-    private boolean wasWithPasswordReset = false;
-
      public SupportUserDetailsForm(HttpServletRequest hsr, SupportedUser user) {
          super(hsr);
          this.user = user;
@@ -39,7 +38,7 @@ public class SupportUserDetailsForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (user.getTicket() == null) {
              throw new GigiApiException("No ticket number set.");
          }
@@ -57,7 +56,7 @@ public class SupportUserDetailsForm extends Form {
              } else {
                  user.revoke(toMod);
              }
-            return true;
+            return new RedirectResult(req.getPathInfo());
          }
          if (req.getParameter("resetPass") != null) {
              String aword = req.getParameter("aword");
@@ -65,19 +64,14 @@ public class SupportUserDetailsForm extends Form {
                  throw new GigiApiException("An A-Word is required to perform a password reset.");
              }
              user.triggerPasswordReset(aword, req);
-            wasWithPasswordReset = true;
-            return true;
+            return new SuccessMessageResult(new TranslateCommand("Password reset successful."));
          }
          dobSelector.update(req);
          if ( !dobSelector.isValid()) {
              throw new GigiApiException("Invalid date of birth!");
          }
          user.setDob(dobSelector.getDate());
-        return true;
-    }
-
-    public boolean wasWithPasswordReset() {
-        return wasWithPasswordReset;
+        return new RedirectResult(req.getPathInfo());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java

index 2a8ef874d8069d78303cabdb25b96ea945654b50..eea69f6dbfcbb9ebe0961157b4b8c78bf920356d 100644 (file)
--- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java
@@ -7,20 +7,19 @@ import java.util.Map;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
-import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.dbObjects.Domain;
  import org.cacert.gigi.dbObjects.EmailAddress;
  import org.cacert.gigi.dbObjects.SupportedUser;
  import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
  import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
  import org.cacert.gigi.util.AuthorizationContext;
-import org.cacert.gigi.util.HTMLEncoder;
  
-public class SupportUserDetailsPage extends Page {
+public class SupportUserDetailsPage extends ManagedMultiFormPage {
  
      public static final String PATH = "/support/user/";
  
@@ -30,19 +29,32 @@ public class SupportUserDetailsPage extends Page {
  
      @Override
      public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        User user = getUser(req, resp);
+        if (user == null) {
+            return;
+        }
+        SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
+        outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), new SupportUserDetailsForm(req, targetUser));
+    }
+
+    private User getUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          int id = -1;
          if ( !req.getPathInfo().endsWith("/")) {
              resp.sendError(404);
+            return null;
          }
          String[] idP = req.getPathInfo().split("/");
          try {
              id = Integer.parseInt(idP[idP.length - 1]);
          } catch (NumberFormatException e) {
              resp.sendError(404);
+            return null;
          }
          final User user = User.getById(id);
-        SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
-        SupportUserDetailsForm f = new SupportUserDetailsForm(req, targetUser);
+        return user;
+    }
+
+    private void outputContents(HttpServletRequest req, HttpServletResponse resp, final User user, SupportRevokeCertificatesForm certificatesForm, SupportUserDetailsForm f) throws IOException {
          HashMap<String, Object> vars = new HashMap<String, Object>();
          vars.put("details", f);
          final EmailAddress[] addrs = user.getEmails();
@@ -83,35 +95,41 @@ public class SupportUserDetailsPage extends Page {
              }
          });
  
-        vars.put("certifrevoke", new SupportRevokeCertificatesForm(req, targetUser));
+        vars.put("certifrevoke", certificatesForm);
          getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
      }
  
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        try {
-            if (req.getParameter("revokeall") != null) {
-                if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submitProtected(resp.getWriter(), req)) {
-                    throw new GigiApiException("No ticket number set.");
-                }
-            } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
-                SupportUserDetailsForm f = Form.getForm(req, SupportUserDetailsForm.class);
-                if (f.wasWithPasswordReset()) {
-                    resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
-                }
-                if ( !f.submitProtected(resp.getWriter(), req)) {
-                    throw new GigiApiException("No ticket number set.");
-                }
+        User user = getUser(req, resp);
+        if (user == null) {
+            return;
+        }
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form f = getForm(req);
+            SupportedUser targetUser = new SupportedUser(user, getUser(req), LoginPage.getAuthorizationContext(req).getSupporterTicketId());
+
+            if (f instanceof SupportUserDetailsForm) {
+                outputContents(req, resp, user, new SupportRevokeCertificatesForm(req, targetUser), (SupportUserDetailsForm) f);
+            } else if (f instanceof SupportRevokeCertificatesForm) {
+                outputContents(req, resp, user, (SupportRevokeCertificatesForm) f, new SupportUserDetailsForm(req, targetUser));
              }
-        } catch (GigiApiException e) {
-            e.printStackTrace();
-            e.format(resp.getWriter(), getLanguage(req));
          }
-        super.doPost(req, resp);
+
      }
  
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
          return ac != null && ac.canSupport();
      }
+
+    @Override
+    public Form getForm(HttpServletRequest req) throws CSRFException {
+        if (req.getParameter("revokeall") != null) {
+            return Form.getForm(req, SupportRevokeCertificatesForm.class);
+        } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("removeGroup") != null || req.getParameter("addGroup") != null) {
+            return Form.getForm(req, SupportUserDetailsForm.class);
+        }
+        return null;
+    }
  }
diff --git a/src/org/cacert/gigi/pages/main/RegisterPage.java b/src/org/cacert/gigi/pages/main/RegisterPage.java

index 1d43a75a135ae0cf56ebf4a6d5a702fb6c29eb8b..69dc4c1085062d042484c4e60f4730496b5c13ef 100644 (file)
--- a/src/org/cacert/gigi/pages/main/RegisterPage.java
+++ b/src/org/cacert/gigi/pages/main/RegisterPage.java
@@ -1,14 +1,11 @@
  package org.cacert.gigi.pages.main;
  
  import java.io.IOException;
-import java.io.PrintWriter;
  import java.util.HashMap;
  
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
  
-import org.cacert.gigi.GigiApiException;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.AuthorizationContext;
@@ -16,8 +13,6 @@ import org.cacert.gigi.util.RateLimit;
  
  public class RegisterPage extends Page {
  
-    private static final String SIGNUP_PROCESS = "signupProcess";
-
      public static final String PATH = "/register";
  
      // 50 per 5 min
@@ -34,27 +29,21 @@ public class RegisterPage extends Page {
      }
  
      private void outputGet(HttpServletRequest req, HttpServletResponse resp, Signup s) throws IOException {
-        PrintWriter out = resp.getWriter();
-        HashMap<String, Object> vars = new HashMap<String, Object>();
-        getDefaultTemplate().output(out, getLanguage(req), vars);
-        s.output(out, getLanguage(req), vars);
+        getDefaultTemplate().output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        s.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+    }
+
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, Signup.class).submitExceptionProtected(req, resp);
      }
  
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        Signup s = Form.getForm(req, Signup.class);
-        try {
-            if (s.submit(req)) {
-                HttpSession hs = req.getSession();
-                hs.setAttribute(SIGNUP_PROCESS, null);
-                resp.getWriter().println(translate(req, "Your information has been submitted" + " into our system. You will now be sent an email with a web link," + " you need to open that link in your web browser within 24 hours" + " or your information will be removed from our system!"));
-                return;
-            }
-        } catch (GigiApiException e) {
-            e.format(resp.getWriter(), getLanguage(req));
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Signup s = Form.getForm(req, Signup.class);
+            outputGet(req, resp, s);
          }
-
-        outputGet(req, resp, s);
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java

index 5ec0d12c2ac956cfa7bbfdde926240c82679c78d..011b63843d43aaee07d8c405f268236a5ad516ba 100644 (file)
--- a/src/org/cacert/gigi/pages/main/Signup.java
+++ b/src/org/cacert/gigi/pages/main/Signup.java
@@ -20,6 +20,7 @@ import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.PlainOutputable;
  import org.cacert.gigi.output.template.SprintfCommand;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.CalendarUtil;
  import org.cacert.gigi.util.HTMLEncoder;
@@ -93,7 +94,7 @@ public class Signup extends Form {
      }
  
      @Override
-    public synchronized boolean submit(HttpServletRequest req) throws GigiApiException {
+    public synchronized SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
              throw new RateLimitException();
          }
@@ -183,7 +184,7 @@ public class Signup extends Form {
              throw ga2;
          }
          run(req, pw1);
-        return true;
+        return new SuccessMessageResult(new TranslateCommand("Your information has been submitted" + " into our system. You will now be sent an email with a web link," + " you need to open that link in your web browser within 24 hours" + " or your information will be removed from our system!"));
      }
  
      private void run(HttpServletRequest req, String password) throws GigiApiException {
diff --git a/src/org/cacert/gigi/pages/orga/AffiliationForm.java b/src/org/cacert/gigi/pages/orga/AffiliationForm.java

index bf455bdecccf4a911cd9a837e2b69aa7e47ff8c0..42682fedcf949371ac1e83e5b7ca5bdae05eadc4 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/AffiliationForm.java
+++ b/src/org/cacert/gigi/pages/orga/AffiliationForm.java
@@ -29,18 +29,18 @@ public class AffiliationForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          if (req.getParameter("del") != null) {
              User toRemove = User.getByEmail(req.getParameter("del"));
              if (toRemove != null) {
                  o.removeAdmin(toRemove, LoginPage.getUser(req));
-                return true;
+                return new RedirectResult(ViewOrgPage.DEFAULT_PATH + "/" + o.getId());
              }
          } else if (req.getParameter("do_affiliate") != null) {
              User byEmail = User.getByEmail(req.getParameter("email"));
              if (byEmail != null && byEmail.canAssure()) {
                  o.addAdmin(byEmail, LoginPage.getUser(req), req.getParameter("master") != null);
-                return true;
+                return new RedirectResult(ViewOrgPage.DEFAULT_PATH + "/" + o.getId());
              } else {
                  throw new GigiApiException("Requested user is not a RA Agent. We need a RA Agent here.");
              }
@@ -69,8 +69,4 @@ public class AffiliationForm extends Form {
          });
          t.output(out, l, vars);
      }
-
-    public Organisation getOrganisation() {
-        return o;
-    }
  }
diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgForm.java b/src/org/cacert/gigi/pages/orga/CreateOrgForm.java

index 086b3059cc591a6ca8bf66278039b379261cfdb2..4abcafa363c77e9b85c64d6f10222efb6ac8a9f4 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/CreateOrgForm.java
+++ b/src/org/cacert/gigi/pages/orga/CreateOrgForm.java
@@ -58,10 +58,10 @@ public class CreateOrgForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String action = req.getParameter("action");
          if (action == null) {
-            return false;
+            throw new GigiApiException("No action given.");
          }
  
          if (action.equals("new")) {
@@ -69,18 +69,16 @@ public class CreateOrgForm extends Form {
              checkOrganisationData(req);
              Organisation ne = new Organisation(o, cs.getCountry(), st, l, email, optionalName, postalAddress, LoginPage.getUser(req));
              result = ne;
-            return true;
          } else if (action.equals("updateOrganisationData")) {
              checkOrganisationData(req);
              result.updateOrgData(email, optionalName, postalAddress);
-            return true;
          } else if (action.equals("updateCertificateData")) {
              checkCertData(req);
              result.updateCertData(o, cs.getCountry(), st, l);
-            return true;
+        } else {
+            throw new GigiApiException("No valid action given.");
          }
-
-        return false;
+        return new RedirectResult(ViewOrgPage.DEFAULT_PATH + "/" + result.getId());
      }
  
      private void checkOrganisationData(HttpServletRequest req) throws GigiApiException {
@@ -120,10 +118,6 @@ public class CreateOrgForm extends Form {
          return parameter.trim();
      }
  
-    public Organisation getResult() {
-        return result;
-    }
-
      @Override
      protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
          vars.put("O", o);
diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java

index 249871f29f31ea57bba7c7f90afcabcdd12e00f4..17d2a318a519296adc73766ed5e4ab05f3e9d224 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java
+++ b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java
@@ -7,18 +7,17 @@ import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
  import org.cacert.gigi.dbObjects.Group;
-import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedFormPage;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class CreateOrgPage extends Page {
+public class CreateOrgPage extends ManagedFormPage {
  
      public static final Group ORG_ASSURER = Group.ORGASSURER;
  
      public static final String DEFAULT_PATH = "/orga/new";
  
      public CreateOrgPage() {
-        super("Create Organisation");
+        super("Create Organisation", CreateOrgForm.class);
      }
  
      @Override
@@ -26,15 +25,6 @@ public class CreateOrgPage extends Page {
          return ac != null && ac.isInGroup(ORG_ASSURER);
      }
  
-    @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        CreateOrgForm form = Form.getForm(req, CreateOrgForm.class);
-        if (form.submitProtected(resp.getWriter(), req)) {
-            resp.sendRedirect(ViewOrgPage.DEFAULT_PATH + "/" + form.getResult().getId());
-            return;
-        }
-    }
-
      @Override
      public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          new CreateOrgForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
diff --git a/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java b/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java

index e880e41e8d57489ce377127f339f5a781325f8ee..78e04b405b46f94461af02717e9382f46f0f578f 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java
+++ b/src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java
@@ -24,15 +24,11 @@ public class OrgDomainAddForm extends Form {
          this.target = target;
      }
  
-    public Organisation getOrganisation() {
-        return target;
-    }
-
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String domain = req.getParameter("domain");
          new Domain(LoginPage.getUser(req), target, domain);
-        return true;
+        return new RedirectResult(ViewOrgPage.DEFAULT_PATH + "/" + target.getId());
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java

index d1d1d51906a1df6e5fd0ce924a628199575f97f0..887761076759dd37df1fd5170f2cfa481172f7d8 100644 (file)
--- a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java
+++ b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java
@@ -13,14 +13,15 @@ import org.cacert.gigi.dbObjects.Organisation;
  import org.cacert.gigi.dbObjects.User;
  import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.Form.CSRFException;
  import org.cacert.gigi.output.template.IterableDataset;
  import org.cacert.gigi.output.template.Template;
  import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.ManagedMultiFormPage;
  import org.cacert.gigi.pages.account.domain.DomainManagementForm;
  import org.cacert.gigi.util.AuthorizationContext;
  
-public class ViewOrgPage extends Page {
+public class ViewOrgPage extends ManagedMultiFormPage {
  
      private static final Template orgas = new Template(ViewOrgPage.class.getResource("ViewOrgs.templ"));
  
@@ -38,38 +39,22 @@ public class ViewOrgPage extends Page {
      }
  
      @Override
-    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        User u = LoginPage.getUser(req);
+    public Form getForm(HttpServletRequest req) throws CSRFException {
          if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) {
-            AffiliationForm form = Form.getForm(req, AffiliationForm.class);
-            if (form.submitProtected(resp.getWriter(), req)) {
-                resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId());
-            }
-            return;
+            return Form.getForm(req, AffiliationForm.class);
          } else {
-            if ( !u.isInGroup(CreateOrgPage.ORG_ASSURER)) {
-                resp.sendError(403, "Access denied");
-                return;
+            if ( !getUser(req).isInGroup(CreateOrgPage.ORG_ASSURER)) {
+                return null;
              }
  
              if (req.getParameter("addDomain") != null) {
-                OrgDomainAddForm form = Form.getForm(req, OrgDomainAddForm.class);
-                if (form.submitProtected(resp.getWriter(), req)) {
-                    resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId());
-                }
+                return Form.getForm(req, OrgDomainAddForm.class);
              } else if (req.getParameter("delete") != null) {
-                DomainManagementForm form = Form.getForm(req, DomainManagementForm.class);
-                if (form.submitProtected(resp.getWriter(), req)) {
-                    resp.sendRedirect(DEFAULT_PATH + "/" + form.getTarget().getId());
-                }
+                return Form.getForm(req, DomainManagementForm.class);
              } else {
-                CreateOrgForm form = Form.getForm(req, CreateOrgForm.class);
-                if (form.submitProtected(resp.getWriter(), req)) {
-                    resp.sendRedirect(DEFAULT_PATH + "/" + form.getResult().getId());
-                }
+                return Form.getForm(req, CreateOrgForm.class);
              }
          }
-
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java

index 558375326a2dd419bd36aa5d1f7642b5488ee586..b46dfdd530637785a4fcb10b974f8b0459a34061 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java
+++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java
@@ -20,8 +20,10 @@ import org.cacert.gigi.output.ArrayIterable;
  import org.cacert.gigi.output.CountrySelector;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.IterableDataset;
+import org.cacert.gigi.output.template.Outputable;
  import org.cacert.gigi.output.template.SprintfCommand;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.pages.PasswordResetPage;
  import org.cacert.gigi.util.DayDate;
@@ -29,6 +31,25 @@ import org.cacert.gigi.util.Notary;
  
  public class AssuranceForm extends Form {
  
+    public static class ConcatOutputable implements Outputable {
+
+        private Outputable[] outputables;
+
+        public ConcatOutputable(Outputable... outputables) {
+            this.outputables = outputables;
+        }
+
+        @Override
+        public void output(PrintWriter out, Language l, Map<String, Object> vars) {
+            for (int i = 0; i < outputables.length; i++) {
+                if (i != 0) {
+                    out.println();
+                }
+                outputables[i].output(out, l, vars);
+            }
+        }
+    }
+
      private User assuree;
  
      private Name[] assureeNames;
@@ -134,7 +155,7 @@ public class AssuranceForm extends Form {
      }
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          location = req.getParameter("location");
          date = req.getParameter("date");
          cs.update(req);
@@ -195,14 +216,15 @@ public class AssuranceForm extends Form {
          }
  
          Notary.assureAll(assurer, assuree, dob, pointsI, location, req.getParameter("date"), type, toAssure.toArray(new Name[toAssure.size()]), cs.getCountry());
-
+        Outputable result = new TranslateCommand("Verification complete.");
          if (isWithPasswordReset()) {
              Language langApplicant = Language.getInstance(assuree.getPreferredLocale());
              String method = langApplicant.getTranslation("A password reset was triggered. If you did a password reset by verification, please enter your secret password using this form:");
              String subject = langApplicant.getTranslation("Password reset by verification");
              PasswordResetPage.initPasswordResetProcess(assuree, req, aword, langApplicant, method, subject);
+            result = new ConcatOutputable(result, new TranslateCommand("Password reset successful."));
          }
-        return true;
+        return new SuccessMessageResult(result);
      }
  
      public boolean isWithPasswordReset() {
diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java

index c29b2388cd83a13e7cabd63fe9b6142b08df0603..8ce8f72b4dd7c1f1ab5262c113785a7ad9fc4847 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/AssurePage.java
+++ b/src/org/cacert/gigi/pages/wot/AssurePage.java
@@ -16,7 +16,6 @@ import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.Template;
  import org.cacert.gigi.pages.Page;
  import org.cacert.gigi.util.AuthorizationContext;
-import org.cacert.gigi.util.HTMLEncoder;
  
  public class AssurePage extends Page {
  
@@ -45,17 +44,22 @@ public class AssurePage extends Page {
          return ac != null && ac.canAssure();
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if (req.getParameter("search") == null) {
+            AssuranceForm form = Form.getForm(req, AssuranceForm.class);
+            return form.submitExceptionProtected(req, resp);
+        }
+        return super.beforePost(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
          PrintWriter out = resp.getWriter();
          if (req.getParameter("search") == null) {
-            AssuranceForm form = Form.getForm(req, AssuranceForm.class);
-            if (form.submitProtected(out, req)) {
-                if (form.isWithPasswordReset()) {
-                    resp.getWriter().println(HTMLEncoder.encodeHTML(translate(req, "Password reset successful.")));
-                }
-                out.println(translate(req, "Verification complete."));
-                return;
+            if (Form.printFormErrors(req, out)) {
+                AssuranceForm form = Form.getForm(req, AssuranceForm.class);
+                form.output(out, getLanguage(req), new HashMap<String, Object>());
              }
              return;
          }
diff --git a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java

index 449c35b755a0fd0b09082d5cce33e7f081938955..7348346fc30a35fc4831803d01a15e20f2e9867a 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
+++ b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
@@ -12,6 +12,7 @@ import org.cacert.gigi.localisation.Language;
  import org.cacert.gigi.output.template.Form;
  import org.cacert.gigi.output.template.OutputableArrayIterable;
  import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
  import org.cacert.gigi.pages.LoginPage;
  
  public class RequestTTPForm extends Form {
@@ -32,7 +33,7 @@ public class RequestTTPForm extends Form {
      };
  
      @Override
-    public boolean submit(HttpServletRequest req) throws GigiApiException {
+    public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
          String country = req.getParameter("country");
          if (country != null) {
              int cid = Integer.parseInt(country);
@@ -46,12 +47,11 @@ public class RequestTTPForm extends Form {
          User uReq = LoginPage.getUser(req);
  
          if ( !u.equals(uReq)) {
-            return false;
+            throw new GigiApiException("Internal logic error.");
          }
  
          u.grantGroup(u, TTP_APPLICANT);
-
-        return false;
+        return new SuccessMessageResult(new TranslateCommand("Successfully applied for TTP."));
      }
  
      @Override
diff --git a/src/org/cacert/gigi/pages/wot/RequestTTPPage.java b/src/org/cacert/gigi/pages/wot/RequestTTPPage.java

index 7e50059d63172f58db35d536017e045ee8ae29ff..f4b739c462cadf6b6ef27caa042c62a1d6997409 100644 (file)
--- a/src/org/cacert/gigi/pages/wot/RequestTTPPage.java
+++ b/src/org/cacert/gigi/pages/wot/RequestTTPPage.java
@@ -21,9 +21,16 @@ public class RequestTTPPage extends Page {
          super("Request TTP");
      }
  
+    @Override
+    public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        return Form.getForm(req, RequestTTPForm.class).submitExceptionProtected(req, resp);
+    }
+
      @Override
      public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        Form.getForm(req, RequestTTPForm.class).submitProtected(resp.getWriter(), req);
+        if (Form.printFormErrors(req, resp.getWriter())) {
+            Form.getForm(req, RequestTTPForm.class).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+        }
      }
  
      @Override
diff --git a/tests/org/cacert/gigi/testUtils/ManagedTest.java b/tests/org/cacert/gigi/testUtils/ManagedTest.java

index 89b380a96520d2ab9a9062a456852ab78a68e8a0..0c7aced4cae714482f96eb11bca77c4f910bfaf7 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/ManagedTest.java
+++ b/tests/org/cacert/gigi/testUtils/ManagedTest.java
@@ -234,6 +234,9 @@ public class ManagedTest extends ConfiguredTest {
          uc.addRequestProperty("Cookie", headerField);
          uc.setDoOutput(true);
          uc.getOutputStream().write((param + "&csrf=" + csrf).getBytes("UTF-8"));
+        if (uc.getResponseCode() == 302) {
+            return "";
+        }
          String d = IOUtils.readURL(uc);
          return d;
      }
@@ -346,6 +349,9 @@ public class ManagedTest extends ConfiguredTest {
          if (headerField == null) {
              return "";
          }
+        if (huc.getResponseCode() != 302) {
+            fail(fetchStartErrorMessage(IOUtils.readURL(huc)));
+        }
          return stripCookie(headerField);
      }
  
diff --git a/tests/org/cacert/gigi/testUtils/PingTest.java b/tests/org/cacert/gigi/testUtils/PingTest.java

index 967fdb2ded062a95e998f640767bd77ecbee4cfc..55c5683ac46a965ceda4f473586261bfb90e604b 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/PingTest.java
+++ b/tests/org/cacert/gigi/testUtils/PingTest.java
@@ -53,16 +53,16 @@ public abstract class PingTest extends ClientTest {
          openConnection.getHeaderField("Location");
          int code = ((HttpURLConnection) openConnection).getResponseCode();
          if (code != 302) {
-            throw new Error("Code was: " + code + "\ncontent was: " + IOUtils.readURL(openConnection));
+            throw new Error("Code was: " + code + "\ncontent was: " + fetchStartErrorMessage(IOUtils.readURL(openConnection)));
          }
  
          String newcontent = IOUtils.readURL(get(DomainOverview.PATH));
-        Pattern dlink = Pattern.compile(DomainOverview.PATH + "([0-9]+)'>");
+        Pattern dlink = Pattern.compile(DomainOverview.PATH + "/([0-9]+)'>");
          Matcher m1 = dlink.matcher(newcontent);
          if ( !m1.find()) {
              throw new Error(newcontent);
          }
-        return DomainOverview.PATH + m1.group(1);
+        return DomainOverview.PATH + "/" + m1.group(1);
      }
  
      protected Matcher initailizeDomainForm() throws IOException, Error {
diff --git a/util-testing/org/cacert/gigi/localisation/conf.txt b/util-testing/org/cacert/gigi/localisation/conf.txt

index 21b2452567f30552d3bb9055f8f795b11f36201f..30694f09566d372dcb3279074936f04d45d2cee0 100644 (file)
--- a/util-testing/org/cacert/gigi/localisation/conf.txt
+++ b/util-testing/org/cacert/gigi/localisation/conf.txt
@@ -17,3 +17,5 @@ org.cacert.gigi.output.template TranslateCommand.TranslateCommand(String),0=>org
  org.cacert.gigi.pages.account.domain DomainOverview.DomainOverview(String),0
  org.cacert.gigi.dbObjects Group.Group(String, String, boolean, boolean, boolean),1
  org.cacert.gigi.output.template SprintfCommand.createSimple(String, Object[]),0
+org.cacert.gigi.pages ManagedFormPage.ManagedFormPage(String, Class),0
+org.cacert.gigi.pages ManagedMultiFormPage.ManagedMultiFormPage(String),0
author	Felix Dörre <felix@dogcraft.de>
	Fri, 9 Sep 2016 23:37:33 +0000 (01:37 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Mon, 12 Sep 2016 16:40:58 +0000 (18:40 +0200)
src/org/cacert/gigi/Gigi.java		patch \| blob \| history
src/org/cacert/gigi/output/template/Form.java		patch \| blob \| history
src/org/cacert/gigi/pages/LoginPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/ManagedFormPage.java	[new file with mode: 0644]	patch \| blob
src/org/cacert/gigi/pages/ManagedMultiFormPage.java	[new file with mode: 0644]	patch \| blob
src/org/cacert/gigi/pages/OneFormPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/PasswordResetPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/Verify.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/ChangeForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/ChangePasswordPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/FindAgentAccess.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/MyDetails.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/MyDetailsForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/MyOrganisationsForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/CertificateAdd.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/CertificateModificationForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/Certificates.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/RevokeSingleCertForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/DomainAddForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/DomainOverview.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/DomainPinglogForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/domain/EditDomain.java	[new file with mode: 0644]	patch \| blob
src/org/cacert/gigi/pages/account/domain/PingConfigForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/mail/MailAddForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/mail/MailManagementForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/mail/MailOverview.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/TTPAdminForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/TTPAdminPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindCertForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindCertPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindUserByDomainForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindUserByDomainPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindUserByEmailForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/FindUserByEmailPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportEnterTicketPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportRevokeCertificatesForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/main/RegisterPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/main/Signup.java		patch \| blob \| history
src/org/cacert/gigi/pages/orga/AffiliationForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/orga/CreateOrgForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/orga/CreateOrgPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/orga/OrgDomainAddForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/orga/ViewOrgPage.java		patch \| blob \| history
src/org/cacert/gigi/pages/wot/AssuranceForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/wot/AssurePage.java		patch \| blob \| history
src/org/cacert/gigi/pages/wot/RequestTTPForm.java		patch \| blob \| history
src/org/cacert/gigi/pages/wot/RequestTTPPage.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/ManagedTest.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/PingTest.java		patch \| blob \| history
util-testing/org/cacert/gigi/localisation/conf.txt		patch \| blob \| history