From: Felix Dörre Date: Thu, 4 Sep 2014 17:48:57 +0000 (+0200) Subject: UPD: Change the assurance API (and document it) X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=3e9f3d6f2655dd7ff819a77fba2076da3c1f3717 UPD: Change the assurance API (and document it) for cleaner race-condition checks in the future. --- diff --git a/src/org/cacert/gigi/dbObjects/Name.java b/src/org/cacert/gigi/dbObjects/Name.java index 512dc769..e28bf2b2 100644 --- a/src/org/cacert/gigi/dbObjects/Name.java +++ b/src/org/cacert/gigi/dbObjects/Name.java @@ -6,7 +6,7 @@ import java.util.Map; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.Outputable; -public class Name implements Outputable { +public class Name implements Outputable, Cloneable { String fname; @@ -101,4 +101,13 @@ public class Name implements Outputable { (mname != null && suffix != null && text.equals(fname + " " + mname + " " + lname + " " + suffix)); } + @Override + protected Name clone() { + try { + return (Name) super.clone(); + } catch (CloneNotSupportedException e) { + throw new Error(e); + } + } + } diff --git a/src/org/cacert/gigi/pages/wot/AssuranceForm.java b/src/org/cacert/gigi/pages/wot/AssuranceForm.java index bb378dfb..3020390d 100644 --- a/src/org/cacert/gigi/pages/wot/AssuranceForm.java +++ b/src/org/cacert/gigi/pages/wot/AssuranceForm.java @@ -3,12 +3,14 @@ package org.cacert.gigi.pages.wot; import java.io.PrintWriter; import java.sql.SQLException; import java.text.SimpleDateFormat; +import java.util.Date; import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.Form; @@ -20,6 +22,10 @@ public class AssuranceForm extends Form { private User assuree; + private Name assureeName; + + private Date dob; + private static final Template templ; static { templ = new Template(AssuranceForm.class.getResource("AssuranceForm.templ")); @@ -28,6 +34,8 @@ public class AssuranceForm extends Form { public AssuranceForm(HttpServletRequest hsr, int assuree) { super(hsr); this.assuree = new User(assuree); + assureeName = this.assuree.getName(); + dob = this.assuree.getDob(); } SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); @@ -72,7 +80,7 @@ public class AssuranceForm extends Form { return false; } try { - Notary.assure(Page.getUser(req), assuree, pointsI, req.getParameter("location"), req.getParameter("date")); + Notary.assure(Page.getUser(req), assuree, assureeName, dob, pointsI, req.getParameter("location"), req.getParameter("date")); return true; } catch (SQLException e) { e.printStackTrace(); diff --git a/src/org/cacert/gigi/util/Notary.java b/src/org/cacert/gigi/util/Notary.java index 7f937236..184ca8bc 100644 --- a/src/org/cacert/gigi/util/Notary.java +++ b/src/org/cacert/gigi/util/Notary.java @@ -8,6 +8,7 @@ import java.util.Date; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.output.DateSelector; @@ -46,7 +47,31 @@ public class Notary { } } - public synchronized static void assure(User assurer, User target, int awarded, String location, String date) throws SQLException, GigiApiException { + /** + * This method assures another user. + * + * @see User#canAssure() (for assurer) + * @see #checkAssuranceIsPossible(User, User) (for assurer or assuree) + * @param assurer + * the person that wants to assure + * @param assuree + * the person that should be assured + * @param assureeName + * the Name that was personally verified + * @param dob + * the Date of birth that the assurer verified + * @param awarded + * the points that should be awarded in total + * @param location + * the location where the assurance took place + * @param date + * the date when the assurance took place + * @throws SQLException + * if SQL goes wrong + * @throws GigiApiException + * if the assurance fails (for various reasons) + */ + public synchronized static void assure(User assurer, User assuree, Name assureeName, Date dob, int awarded, String location, String date) throws SQLException, GigiApiException { GigiApiException gae = new GigiApiException(); if (date == null || date.equals("")) { @@ -69,13 +94,12 @@ public class Notary { } try { - checkAssuranceIsPossible(assurer, target); + checkAssuranceIsPossible(assurer, assuree); } catch (GigiApiException e) { gae.mergeInto(e); } - User u = new User(target.getId()); - if ( !u.equals(target)) { + if ( !assuree.getName().equals(assureeName) || !assuree.getDob().equals(dob)) { gae.mergeInto(new GigiApiException("The person you are assuring changed his personal details.")); } if (awarded > assurer.getMaxAssurePoints() || awarded < 0) { @@ -87,12 +111,12 @@ public class Notary { PreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?"); ps.setInt(1, assurer.getId()); - ps.setInt(2, target.getId()); + ps.setInt(2, assuree.getId()); ps.setInt(3, awarded); ps.setString(4, location); ps.setString(5, date); ps.execute(); assurer.invalidateMadeAssurances(); - target.invalidateReceivedAssurances(); + assuree.invalidateReceivedAssurances(); } } diff --git a/tests/org/cacert/gigi/util/TestNotary.java b/tests/org/cacert/gigi/util/TestNotary.java index 2f99840d..03aa60a6 100644 --- a/tests/org/cacert/gigi/util/TestNotary.java +++ b/tests/org/cacert/gigi/util/TestNotary.java @@ -28,7 +28,7 @@ public class TestNotary extends ManagedTest { }; try { - Notary.assure(assurer, users[0], -1, "test-notary", "2014-01-01"); + Notary.assure(assurer, users[0], users[0].getName(), users[0].getDob(), -1, "test-notary", "2014-01-01"); fail("This shouldn't have passed"); } catch (GigiApiException e) { // expected @@ -37,7 +37,7 @@ public class TestNotary extends ManagedTest { assertEquals(result[i], assurer.getMaxAssurePoints()); assuranceFail(assurer, users[i], result[i] + 1, "test-notary", "2014-01-01"); - Notary.assure(assurer, users[i], result[i], "test-notary", "2014-01-01"); + Notary.assure(assurer, users[i], users[i].getName(), users[i].getDob(), result[i], "test-notary", "2014-01-01"); assuranceFail(assurer, users[i], result[i], "test-notary", "2014-01-01"); } @@ -49,7 +49,7 @@ public class TestNotary extends ManagedTest { private void assuranceFail(User assurer, User user, int i, String location, String date) throws SQLException { try { - Notary.assure(assurer, user, i, location, date); + Notary.assure(assurer, user, user.getName(), user.getDob(), i, location, date); fail("This shouldn't have passed"); } catch (GigiApiException e) { // expected @@ -71,7 +71,7 @@ public class TestNotary extends ManagedTest { for (int i = 0; i < users.length; i++) { assuranceFail(assurer, users[i], -1, "test-notary", "2014-01-01"); assuranceFail(assurer, users[i], 11, "test-notary", "2014-01-01"); - Notary.assure(assurer, users[i], 10, "test-notary", "2014-01-01"); + Notary.assure(assurer, users[i], users[i].getName(), users[i].getDob(), 10, "test-notary", "2014-01-01"); assuranceFail(assurer, users[i], 10, "test-notary", "2014-01-01"); } } @@ -106,7 +106,7 @@ public class TestNotary extends ManagedTest { assuranceFail(assuree, assuranceUser, 10, "notary-junit-test", "2014-01-01"); // valid - Notary.assure(assuranceUser, assuree, 10, "notary-junit-test", "2014-01-01"); + Notary.assure(assuranceUser, assuree, assuree.getName(), assuree.getDob(), 10, "notary-junit-test", "2014-01-01"); // assure double assuranceFail(assuranceUser, assuree, 10, "notary-junit-test", "2014-01-01");