about.addItem(new SimpleMenuItem("//wiki.cacert.org/Board", "CAcert Board"));
about.addItem(new SimpleMenuItem("//lists.cacert.org/wws", "Mailing Lists"));
about.addItem(new SimpleMenuItem("//blog.CAcert.org/feed", "RSS News Feed"));
+ about.addItem(new SimpleMenuItem("//wiki.cacert.org/Impress", "Impress"));
Menu languages = new Menu("Translations");
for (Locale l : Language.getSupportedLocales()) {
package org.cacert.gigi.dbObjects;
-import org.cacert.gigi.database.GigiResultSet;
import org.cacert.gigi.dbObjects.wrappers.DataContainer;
@DataContainer
private String date;
- public Assurance(GigiResultSet res) {
- super();
- this.id = res.getInt("id");
- this.from = User.getById(res.getInt("from"));
- this.to = User.getById(res.getInt("to"));
- this.location = res.getString("location");
- this.method = res.getString("method");
- this.points = res.getInt("points");
- this.date = res.getString("date");
+ public Assurance(int id, User from, User to, String location, String method, int points, String date) {
+ this.id = id;
+ this.from = from;
+ this.to = to;
+ this.location = location;
+ this.method = method;
+ this.points = points;
+ this.date = date;
+
}
public User getFrom() {
import org.cacert.gigi.database.GigiPreparedStatement;
import org.cacert.gigi.database.GigiResultSet;
import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
+import org.cacert.gigi.dbObjects.wrappers.DataContainer;
public class Organisation extends CertificateOwner {
- public class Affiliation {
+ @DataContainer
+ public static class Affiliation {
private final User target;
private final String fixedOU;
- public Affiliation(User target, boolean master, String fixedOU) {
+ private Organisation o;
+
+ public Affiliation(Organisation o, User target, boolean master, String fixedOU) {
+ this.o = o;
this.target = target;
this.master = master;
this.fixedOU = fixedOU;
}
public Organisation getOrganisation() {
- return Organisation.this;
+ return o;
}
}
ArrayList<Affiliation> al = new ArrayList<>(rs.getRow());
rs.beforeFirst();
while (rs.next()) {
- al.add(new Affiliation(User.getById(rs.getInt(1)), rs.getString(2).equals("y"), null));
+ al.add(new Affiliation(this, User.getById(rs.getInt(1)), rs.getString(2).equals("y"), null));
}
return al;
}
}
public int getAssurancePoints() {
- try (GigiPreparedStatement query = new GigiPreparedStatement("SELECT sum(points) FROM `notary` where `to`=? AND `deleted` is NULL")) {
+ try (GigiPreparedStatement query = new GigiPreparedStatement("SELECT sum(points) FROM `notary` where `to`=? AND `deleted` is NULL AND (`expire` IS NULL OR `expire` > CURRENT_TIMESTAMP)")) {
query.setInt(1, getId());
GigiResultSet rs = query.executeQuery();
List<Assurance> assurances = new LinkedList<Assurance>();
while (res.next()) {
- assurances.add(new Assurance(res));
+ assurances.add(assuranceByRes(res));
}
this.receivedAssurances = assurances.toArray(new Assurance[0]);
List<Assurance> assurances = new LinkedList<Assurance>();
while (res.next()) {
- assurances.add(new Assurance(res));
+ assurances.add(assuranceByRes(res));
}
this.madeAssurances = assurances.toArray(new Assurance[0]);
ps.executeUpdate();
}
}
+
+ private Assurance assuranceByRes(GigiResultSet res) {
+ return new Assurance(res.getInt("id"), User.getById(res.getInt("from")), User.getById(res.getInt("to")), res.getString("location"), res.getString("method"), res.getInt("points"), res.getString("date"));
+ }
}
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedList;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
import org.cacert.gigi.dbObjects.Name;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.email.Sendmail;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.IterableDataset;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.pages.Page;
import org.cacert.gigi.pages.PasswordResetPage;
private User assurer;
+ private AssuranceType type = AssuranceType.FACE_TO_FACE;
+
private static final Template templ;
static {
templ = new Template(AssuranceForm.class.getResource("AssuranceForm.templ"));
res.put("location", location);
res.put("date", date);
res.put("aword", aword);
+ final LinkedList<AssuranceType> ats = new LinkedList<>();
+ for (AssuranceType at : AssuranceType.values()) {
+ try {
+ Notary.may(assurer, assuree, at);
+ ats.add(at);
+ } catch (GigiApiException e) {
+ }
+ }
+ res.put("ats", new IterableDataset() {
+
+ Iterator<AssuranceType> t = ats.iterator();
+
+ @Override
+ public boolean next(Language l, Map<String, Object> vars) {
+ if ( !t.hasNext()) {
+ return false;
+ }
+ AssuranceType t1 = t.next();
+ vars.put("type", t1.getDescription());
+ vars.put("id", t1.toString());
+ vars.put("sel", t1 == type ? " selected" : "");
+ return true;
+ }
+ });
templ.output(out, l, res);
}
} else {
aword = null;
}
+ String val = req.getParameter("assuranceType");
+ if (val != null) {
+ try {
+ type = AssuranceType.valueOf(val);
+ } catch (IllegalArgumentException e) {
+ outputError(out, req, "Assurance Type wrong.");
+ }
+ }
int pointsI = 0;
String points = req.getParameter("points");
return false;
}
try {
- Notary.assure(assurer, assuree, assureeName, dob, pointsI, location, req.getParameter("date"));
+ Notary.assure(assurer, assuree, assureeName, dob, pointsI, location, req.getParameter("date"), type);
if (aword != null && !aword.equals("")) {
String systemToken = RandomToken.generateToken(32);
int id = assuree.generatePasswordResetTicket(Page.getUser(req), systemToken, aword);
<td><?=_Points?></td>
<td><input type="text" name="points"><br/>(Max. <?=$maxpoints?>)</td>
</tr>
+ <tr>
+ <td><?=_Type?></td>
+ <td><select name="assuranceType"><? foreach($ats) { ?><option value="<?=$id?>"<?=$sel?>><?=$type?></option><? } ?></select></td>
+ </tr>
<tr>
<td><input type="checkbox" name="passwordReset" value="1" <? if($aword) { ?>checked<? } ?>></td>
<td><?=_I have conducted a passwort reset with assurance. The established "A-Word" is:?><input type="text" name="passwordResetValue" value="<? if($aword) { ?><?=$aword?><? } ?>"></td>
return ac != null && ac.canAssure();
}
- private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) {
- User myself = LoginPage.getUser(req);
- try {
- Notary.checkAssuranceIsPossible(myself, form.getAssuree());
- } catch (GigiApiException e) {
- e.format(out, Page.getLanguage(req));
- }
-
- form.output(out, getLanguage(req), new HashMap<String, Object>());
- }
-
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
PrintWriter out = resp.getWriter();
if (form.submit(out, req)) {
out.println(translate(req, "Assurance complete."));
} else {
- outputForm(req, resp.getWriter(), form);
+ try {
+ Notary.checkAssuranceIsPossible(LoginPage.getUser(req), form.getAssuree());
+ form.output(out, getLanguage(req), new HashMap<String, Object>());
+ } catch (GigiApiException e) {
+ e.format(out, Page.getLanguage(req));
+ }
}
return;
} else if (getUser(req).getId() == id) {
} else {
- AssuranceForm form = new AssuranceForm(req, User.getById(id));
- outputForm(req, out, form);
+ User assuree = User.getById(id);
+ User myself = LoginPage.getUser(req);
+ try {
+ Notary.checkAssuranceIsPossible(myself, assuree);
+ new AssuranceForm(req, assuree).output(out, getLanguage(req), new HashMap<String, Object>());
+ } catch (GigiApiException e) {
+ e.format(out, Page.getLanguage(req));
+ }
}
}
} else {
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.database.GigiPreparedStatement;
import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
import org.cacert.gigi.dbObjects.Group;
import org.cacert.gigi.dbObjects.Name;
import org.cacert.gigi.dbObjects.User;
* @throws GigiApiException
* if the assurance fails (for various reasons)
*/
- public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date) throws GigiApiException {
+ public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date, AssuranceType type) throws GigiApiException {
+ may(assurer, assuree, AssuranceType.FACE_TO_FACE);
GigiApiException gae = new GigiApiException();
- if (assuree.isInGroup(ASSUREE_BLOCKED)) {
- gae.mergeInto(new GigiApiException("The assuree is blocked."));
- }
- if (assurer.isInGroup(ASSURER_BLOCKED)) {
- gae.mergeInto(new GigiApiException("The assurer is blocked."));
- }
if ( !gae.isEmpty()) {
throw gae;
}
if ( !assuree.getName().equals(assureeName) || !assuree.getDoB().equals(dob)) {
gae.mergeInto(new GigiApiException("The person you are assuring changed his personal details."));
}
- if (awarded > assurer.getMaxAssurePoints() || awarded < 0) {
+ if (awarded < 0) {
gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
+ } else {
+ if (type == AssuranceType.NUCLEUS) {
+ if (awarded > 50) {
+ gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
+ }
+ } else {
+ if (awarded > assurer.getMaxAssurePoints()) {
+ gae.mergeInto(new GigiApiException("The points you are trying to award are out of range."));
+ }
+ }
}
+
if ( !gae.isEmpty()) {
throw gae;
}
+ if (type == AssuranceType.FACE_TO_FACE) {
+ assureF2F(assurer, assuree, awarded, location, date);
+ } else if (type == AssuranceType.TTP_ASSISTED) {
+ assureTTP(assurer, assuree, awarded, location, date);
+ } else {
+ throw new GigiApiException("Unknown Assurance type: " + type);
+ }
+ assurer.invalidateMadeAssurances();
+ assuree.invalidateReceivedAssurances();
+ }
+
+ private static void assureF2F(User assurer, User assuree, int awarded, String location, String date) throws GigiApiException {
+ may(assurer, assuree, AssuranceType.FACE_TO_FACE);
try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) {
ps.setInt(1, assurer.getId());
ps.setInt(2, assuree.getId());
ps.setString(5, date);
ps.execute();
}
- assurer.invalidateMadeAssurances();
- assuree.invalidateReceivedAssurances();
+ }
+
+ private static void assureTTP(User assurer, User assuree, int awarded, String location, String date) throws GigiApiException {
+ may(assurer, assuree, AssuranceType.TTP_ASSISTED);
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `method`='TTP-Assisted'")) {
+ ps.setInt(1, assurer.getId());
+ ps.setInt(2, assuree.getId());
+ ps.setInt(3, awarded);
+ ps.setString(4, location);
+ ps.setString(5, date);
+ ps.execute();
+ assuree.revokeGroup(assurer, Group.TTP_APPLICANT);
+ }
+ }
+
+ public static void may(User assurer, User assuree, AssuranceType t) throws GigiApiException {
+ if (assuree.isInGroup(ASSUREE_BLOCKED)) {
+ throw new GigiApiException("The assuree is blocked.");
+ }
+ if (assurer.isInGroup(ASSURER_BLOCKED)) {
+ throw new GigiApiException("The assurer is blocked.");
+ }
+
+ if (t == AssuranceType.NUCLEUS) {
+ if ( !assurer.isInGroup(Group.NUCLEUS_ASSURER)) {
+ throw new GigiApiException("Assurer needs to be Nucleus Assurer.");
+ }
+ return;
+ } else if (t == AssuranceType.TTP_ASSISTED) {
+ if ( !assurer.isInGroup(Group.TTP_ASSURER)) {
+ throw new GigiApiException("Assurer needs to be TTP Assurer.");
+ }
+ if ( !assuree.isInGroup(Group.TTP_APPLICANT)) {
+ throw new GigiApiException("Assuree needs to be TTP Applicant.");
+ }
+ return;
+ } else if (t == AssuranceType.FACE_TO_FACE) {
+ return;
+ }
+ throw new GigiApiException("Assurance type not possible.");
}
}
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.output.DateSelector;
import org.cacert.gigi.testUtils.ManagedTest;
};
try {
- Notary.assure(assurer, users[0], users[0].getName(), users[0].getDoB(), -1, "test-notary", "2014-01-01");
+ Notary.assure(assurer, users[0], users[0].getName(), users[0].getDoB(), -1, "test-notary", "2014-01-01", AssuranceType.FACE_TO_FACE);
fail("This shouldn't have passed");
} catch (GigiApiException e) {
// expected
assertEquals(result[i], assurer.getMaxAssurePoints());
assuranceFail(assurer, users[i], result[i] + 1, "test-notary", "2014-01-01");
- Notary.assure(assurer, users[i], users[i].getName(), users[i].getDoB(), result[i], "test-notary", "2014-01-01");
+ Notary.assure(assurer, users[i], users[i].getName(), users[i].getDoB(), result[i], "test-notary", "2014-01-01", AssuranceType.FACE_TO_FACE);
assuranceFail(assurer, users[i], result[i], "test-notary", "2014-01-01");
}
private void assuranceFail(User assurer, User user, int i, String location, String date) throws SQLException {
try {
- Notary.assure(assurer, user, user.getName(), user.getDoB(), i, location, date);
+ Notary.assure(assurer, user, user.getName(), user.getDoB(), i, location, date, AssuranceType.FACE_TO_FACE);
fail("This shouldn't have passed");
} catch (GigiApiException e) {
// expected
for (int i = 0; i < users.length; i++) {
assuranceFail(assurer, users[i], -1, "test-notary", "2014-01-01");
assuranceFail(assurer, users[i], 11, "test-notary", "2014-01-01");
- Notary.assure(assurer, users[i], users[i].getName(), users[i].getDoB(), 10, "test-notary", "2014-01-01");
+ Notary.assure(assurer, users[i], users[i].getName(), users[i].getDoB(), 10, "test-notary", "2014-01-01", AssuranceType.FACE_TO_FACE);
assuranceFail(assurer, users[i], 10, "test-notary", "2014-01-01");
}
}
assuranceFail(assuree, assuranceUser, 10, "notary-junit-test", "2014-01-01");
// valid
- Notary.assure(assuranceUser, assuree, assuree.getName(), assuree.getDoB(), 10, "notary-junit-test", "2014-01-01");
+ Notary.assure(assuranceUser, assuree, assuree.getName(), assuree.getDoB(), 10, "notary-junit-test", "2014-01-01", AssuranceType.FACE_TO_FACE);
// assure double
assuranceFail(assuranceUser, assuree, 10, "notary-junit-test", "2014-01-01");
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.crypto.SPKAC;
import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
import org.cacert.gigi.dbObjects.CertificateOwner;
}
try {
for (int i = 0; i < getAssurers().length; i++) {
- Notary.assure(getAssurers()[i], byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06");
+ Notary.assure(getAssurers()[i], byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE);
}
} catch (GigiApiException e) {
throw new Error(e);