Allow only verified emails and domains.

author Felix Dörre <felix@dogcraft.de>

Mon, 2 Nov 2015 20:09:49 +0000 (21:09 +0100)

committer Felix Dörre <felix@dogcraft.de>

Mon, 2 Nov 2015 20:49:50 +0000 (21:49 +0100)
author Felix Dörre <felix@dogcraft.de>
Mon, 2 Nov 2015 20:09:49 +0000 (21:09 +0100)
committer Felix Dörre <felix@dogcraft.de>
Mon, 2 Nov 2015 20:49:50 +0000 (21:49 +0100)
diff --git a/src/org/cacert/gigi/dbObjects/CertificateOwner.java b/src/org/cacert/gigi/dbObjects/CertificateOwner.java

index 84acca2eefb7d55e8f670e29147d8686c93ef1ab..661033fbf903996e43c8bdbe3826a0660de787d2 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/CertificateOwner.java
+++ b/src/org/cacert/gigi/dbObjects/CertificateOwner.java
@@ -87,7 +87,7 @@ public abstract class CertificateOwner implements IdCachable {
          for (Domain d : getDomains()) {
              String sfx = d.getSuffix();
              if (domainname.equals(sfx) || domainname.endsWith("." + sfx)) {
-                return true;
+                return d.isVerified();
              }
          }
  
diff --git a/src/org/cacert/gigi/dbObjects/Domain.java b/src/org/cacert/gigi/dbObjects/Domain.java

index 6b0e82830d07a2f9e0c4121a0910c3217d7674aa..bf76d4359d59f5c29d7ab826cecaf64d1b5d03cc 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/Domain.java
+++ b/src/org/cacert/gigi/dbObjects/Domain.java
@@ -192,7 +192,7 @@ public class Domain implements IdCachable, Verifyable {
      }
  
      public synchronized void verify(String hash) throws GigiApiException {
-        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `domainPinglog` SET `state`='success' WHERE `challenge`=? AND `configId` IN (SELECT `id` FROM `pingconfig` WHERE `domainid`=?)");
+        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `domainPinglog` SET `state`='success' WHERE `challenge`=? AND `state`='open' AND `configId` IN (SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='email')");
          ps.setString(1, hash);
          ps.setInt(2, id);
          ps.executeUpdate();
diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java

index eeb79dfdbaa4d3bb03abafe68122c8f44923443c..1b4b52eaf17c69f53afbb17a72e8d6d67d5569ad 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/User.java
+++ b/src/org/cacert/gigi/dbObjects/User.java
@@ -461,7 +461,7 @@ public class User extends CertificateOwner {
      public boolean isValidEmail(String email) {
          for (EmailAddress em : getEmails()) {
              if (em.getAddress().equals(email)) {
-                return true;
+                return em.isVerified();
              }
          }
  
diff --git a/tests/org/cacert/gigi/TestUser.java b/tests/org/cacert/gigi/TestUser.java

index 9fd1fe7a331d3e63d0a5c50571be67af7a5c8191..e276fddf68a57c6b3f8efa1c484c01d4e92b690d 100644 (file)
--- a/tests/org/cacert/gigi/TestUser.java
+++ b/tests/org/cacert/gigi/TestUser.java
@@ -2,6 +2,7 @@ package org.cacert.gigi;
  
  import static org.junit.Assert.*;
  
+import java.io.IOException;
  import java.sql.Date;
  import java.sql.SQLException;
  import java.util.Locale;
@@ -58,16 +59,18 @@ public class TestUser extends ManagedTest {
      }
  
      @Test
-    public void testMatcherMethods() throws SQLException, GigiApiException {
+    public void testMatcherMethods() throws SQLException, GigiApiException, IOException {
          String uq = createUniqueName();
          int id = createVerifiedUser("aä", "b", uq + "a@email.org", TEST_PASSWORD);
  
          User u = User.getById(id);
          new EmailAddress(u, uq + "b@email.org", Locale.ENGLISH);
+        getMailReciever().receive().verify();
          new EmailAddress(u, uq + "c@email.org", Locale.ENGLISH);
-        new Domain(u, uq + "a-testdomain.org");
-        new Domain(u, uq + "b-testdomain.org");
-        new Domain(u, uq + "c-testdomain.org");
+        getMailReciever().receive();// no-verify
+        verify(new Domain(u, uq + "a-testdomain.org"));
+        verify(new Domain(u, uq + "b-testdomain.org"));
+        verify(new Domain(u, uq + "c-testdomain.org"));
          assertEquals(3, u.getEmails().length);
          assertEquals(3, u.getDomains().length);
          assertTrue(u.isValidDomain(uq + "a-testdomain.org"));
@@ -82,6 +85,7 @@ public class TestUser extends ManagedTest {
          assertTrue(u.isValidEmail(uq + "b@email.org"));
          assertFalse(u.isValidEmail(uq + "b+6@email.org"));
          assertFalse(u.isValidEmail(uq + "b*@email.org"));
+        assertFalse(u.isValidEmail(uq + "c@email.org"));
  
          assertTrue(u.isValidName("aä b"));
          assertFalse(u.isValidName("aä c"));
diff --git a/tests/org/cacert/gigi/testUtils/ManagedTest.java b/tests/org/cacert/gigi/testUtils/ManagedTest.java

index cc3215c140f20d84a957e638453f8fd4f11281d5..279f08c7a89640cae2caeae60aa0de7dc56e8223 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/ManagedTest.java
+++ b/tests/org/cacert/gigi/testUtils/ManagedTest.java
@@ -39,6 +39,8 @@ import org.cacert.gigi.database.DatabaseConnection;
  import org.cacert.gigi.database.GigiPreparedStatement;
  import org.cacert.gigi.database.GigiResultSet;
  import org.cacert.gigi.database.SQLFileManager.ImportType;
+import org.cacert.gigi.dbObjects.Domain;
+import org.cacert.gigi.dbObjects.DomainPingType;
  import org.cacert.gigi.dbObjects.EmailAddress;
  import org.cacert.gigi.dbObjects.Group;
  import org.cacert.gigi.dbObjects.ObjectCache;
@@ -481,4 +483,18 @@ public class ManagedTest extends ConfiguredTest {
          return openConnection;
      }
  
+    public static void verify(Domain d) {
+        try {
+            System.out.println(d.getId());
+            d.addPing(DomainPingType.EMAIL, "admin");
+            TestMail testMail = ter.receive();
+            testMail.verify();
+            assertTrue(d.isVerified());
+        } catch (GigiApiException e) {
+            throw new Error(e);
+        } catch (IOException e) {
+            throw new Error(e);
+        }
+    }
+
  }
diff --git a/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java b/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java

index 30e62e5ed5db9cd4c34be0998f81c2211da8b16e..24b7f78a4c8ca35d5ba6357d72b25d458c0025c3 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java
+++ b/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java
@@ -74,7 +74,9 @@ public final class TestEmailReceiver extends EmailProvider implements Runnable {
          }
  
          public void verify() throws IOException {
-            String[] parts = extractLink().split("\\?");
+            String link = extractLink();
+            System.out.println(link);
+            String[] parts = link.split("\\?");
              URL u = new URL("https://" + ManagedTest.getServerName() + "/verify?" + parts[1]);
  
              URLConnection csrfConn = u.openConnection();
author	Felix Dörre <felix@dogcraft.de>
	Mon, 2 Nov 2015 20:09:49 +0000 (21:09 +0100)
committer	Felix Dörre <felix@dogcraft.de>
	Mon, 2 Nov 2015 20:49:50 +0000 (21:49 +0100)
src/org/cacert/gigi/dbObjects/CertificateOwner.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/Domain.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/User.java		patch \| blob \| history
tests/org/cacert/gigi/TestUser.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/ManagedTest.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/TestEmailReceiver.java		patch \| blob \| history