From: Felix Dörre Date: Fri, 26 Sep 2014 15:40:31 +0000 (+0200) Subject: UPD: Update the api to work more with "Users" than with their ids. X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=90771b77a6e7cd00bce47feeb35786f0371b89bd UPD: Update the api to work more with "Users" than with their ids. --- diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java index 756a70fd..991310ad 100644 --- a/src/org/cacert/gigi/dbObjects/Certificate.java +++ b/src/org/cacert/gigi/dbObjects/Certificate.java @@ -108,7 +108,7 @@ public class Certificate { private int id; - private int ownerId; + private User owner; private String serial; @@ -128,8 +128,8 @@ public class Certificate { private CertificateProfile profile; - public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) { - this.ownerId = ownerId; + public Certificate(User owner, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) { + this.owner = owner; this.dn = dn; this.md = md; this.csr = csr; @@ -150,7 +150,7 @@ public class Certificate { md = rs.getString(3); csrName = rs.getString(4); crtName = rs.getString(5); - ownerId = rs.getInt(6); + owner = User.getById(rs.getInt(6)); profile = CertificateProfile.getById(rs.getInt(7)); this.serial = serial; @@ -233,13 +233,13 @@ public class Certificate { if (getStatus() != CertificateStatus.DRAFT) { throw new IllegalStateException(); } - Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0); + Notary.writeUserAgreement(owner, "CCA", "issue certificate", "", true, 0); GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=?"); inserter.setString(1, md); inserter.setString(2, dn); inserter.setString(3, csrType.toString()); - inserter.setInt(4, ownerId); + inserter.setInt(4, owner.getId()); inserter.setInt(5, profile.getId()); inserter.execute(); id = inserter.lastInsertId(); @@ -315,8 +315,8 @@ public class Certificate { return md; } - public int getOwnerId() { - return ownerId; + public User getOwner() { + return owner; } public List getSANs() { diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 1414e1d4..153a5ce0 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -302,7 +302,7 @@ public class CertificateIssueForm extends Form { return false; } - result = new Certificate(LoginPage.getUser(req).getId(), subject.toString(), selectedDigest.toString(), // + result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); return true; diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.templ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.templ index 34c58512..ea23e332 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.templ +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.templ @@ -34,7 +34,12 @@ SANs - + + + + + + diff --git a/src/org/cacert/gigi/pages/account/certs/Certificates.java b/src/org/cacert/gigi/pages/account/certs/Certificates.java index 0c028222..ac2289f3 100644 --- a/src/org/cacert/gigi/pages/account/certs/Certificates.java +++ b/src/org/cacert/gigi/pages/account/certs/Certificates.java @@ -56,7 +56,7 @@ public class Certificates extends Page { String serial = pi; try { Certificate c = Certificate.getBySerial(serial); - if (c == null || getUser(req).getId() != c.getOwnerId()) { + if (c == null || getUser(req).getId() != c.getOwner().getId()) { resp.sendError(404); return true; } @@ -92,7 +92,7 @@ public class Certificates extends Page { String serial = pi; Certificate c = Certificate.getBySerial(serial); - if (c == null || LoginPage.getUser(req).getId() != c.getOwnerId()) { + if (c == null || LoginPage.getUser(req).getId() != c.getOwner().getId()) { resp.sendError(404); return; } diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java index 6f2bf6ef..a512a017 100644 --- a/src/org/cacert/gigi/pages/main/Signup.java +++ b/src/org/cacert/gigi/pages/main/Signup.java @@ -185,7 +185,7 @@ public class Signup extends Form { ps.setString(4, regional ? "1" : "0"); ps.setString(5, radius ? "1" : "0"); ps.execute(); - Notary.writeUserAgreement(memid, "CCA", "account creation", "", true, 0); + Notary.writeUserAgreement(buildup, "CCA", "account creation", "", true, 0); DatabaseConnection.getInstance().commitTransaction(); } finally { diff --git a/src/org/cacert/gigi/ping/SSLPinger.java b/src/org/cacert/gigi/ping/SSLPinger.java index 2f49b446..6a20dafe 100644 --- a/src/org/cacert/gigi/ping/SSLPinger.java +++ b/src/org/cacert/gigi/ping/SSLPinger.java @@ -208,7 +208,7 @@ public class SSLPinger extends DomainPinger { BigInteger serial = first.getSerialNumber(); Certificate c = Certificate.getBySerial(serial.toString(16)); - if (c.getOwnerId() != subject.getId()) { + if (c.getOwner().getId() != subject.getId()) { return "Owner mismatch"; } return PING_SUCCEDED; diff --git a/src/org/cacert/gigi/util/Notary.java b/src/org/cacert/gigi/util/Notary.java index 2b1a2d92..bd6f7625 100644 --- a/src/org/cacert/gigi/util/Notary.java +++ b/src/org/cacert/gigi/util/Notary.java @@ -14,9 +14,9 @@ import org.cacert.gigi.output.DateSelector; public class Notary { - public static void writeUserAgreement(int memid, String document, String method, String comment, boolean active, int secmemid) { + public static void writeUserAgreement(User member, String document, String method, String comment, boolean active, int secmemid) { GigiPreparedStatement q = DatabaseConnection.getInstance().prepare("insert into `user_agreements` set `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?"); - q.setInt(1, memid); + q.setInt(1, member.getId()); q.setInt(2, secmemid); q.setString(3, document); q.setInt(4, active ? 1 : 0); diff --git a/tests/org/cacert/gigi/TestCertificate.java b/tests/org/cacert/gigi/TestCertificate.java index 99a51157..f494befb 100644 --- a/tests/org/cacert/gigi/TestCertificate.java +++ b/tests/org/cacert/gigi/TestCertificate.java @@ -17,6 +17,7 @@ import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.Certificate.SANType; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.ManagedTest; import org.junit.Test; @@ -24,11 +25,13 @@ import sun.security.x509.GeneralNameInterface; public class TestCertificate extends ManagedTest { + User u = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.com", TEST_PASSWORD)); + @Test public void testClientCertLoginStates() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key1 = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y").waitFor(60000); final X509Certificate ce = c.cert(); @@ -39,7 +42,7 @@ public class TestCertificate extends ManagedTest { public void testSANs() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1),// + Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1),// new SubjectAlternateName(SANType.EMAIL, "testmail@example.com"), new SubjectAlternateName(SANType.DNS, "testmail.example.com")); testFails(CertificateStatus.DRAFT, c); @@ -90,7 +93,7 @@ public class TestCertificate extends ManagedTest { public void testCertLifeCycle() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); testFails(CertificateStatus.DRAFT, c); diff --git a/tests/org/cacert/gigi/TestCrossDomainAccess.java b/tests/org/cacert/gigi/TestCrossDomainAccess.java index 8a67e64a..f20ee261 100644 --- a/tests/org/cacert/gigi/TestCrossDomainAccess.java +++ b/tests/org/cacert/gigi/TestCrossDomainAccess.java @@ -16,6 +16,7 @@ import java.sql.SQLException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.ManagedTest; import org.cacert.gigi.util.ServerConstants; @@ -49,7 +50,7 @@ public class TestCrossDomainAccess extends ManagedTest { int id = createVerifiedUser("Kurti", "Hansel", email, TEST_PASSWORD); KeyPair kp = generateKeypair(); String key1 = generatePEMCSR(kp, "CN=" + email); - Certificate c = new Certificate(id, "/CN=" + email, "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(User.getById(id), "/CN=" + email, "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y").waitFor(60000); final X509Certificate ce = c.cert(); diff --git a/tests/org/cacert/gigi/TestSeparateSessionScope.java b/tests/org/cacert/gigi/TestSeparateSessionScope.java index d4115be1..1e583b78 100644 --- a/tests/org/cacert/gigi/TestSeparateSessionScope.java +++ b/tests/org/cacert/gigi/TestSeparateSessionScope.java @@ -14,6 +14,7 @@ import java.sql.SQLException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.ManagedTest; import org.junit.Test; @@ -26,7 +27,7 @@ public class TestSeparateSessionScope extends ManagedTest { String cookie = login(mail, TEST_PASSWORD); KeyPair kp = generateKeypair(); String csr = generatePEMCSR(kp, "CN=felix@dogcraft.de"); - Certificate c = new Certificate(user, "/CN=testmail@example.com", "sha256", csr, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(User.getById(user), "/CN=testmail@example.com", "sha256", csr, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y").waitFor(60000); final X509Certificate ce = c.cert(); diff --git a/tests/org/cacert/gigi/ping/TestSSL.java b/tests/org/cacert/gigi/ping/TestSSL.java index 9404e17b..71ee55eb 100644 --- a/tests/org/cacert/gigi/ping/TestSSL.java +++ b/tests/org/cacert/gigi/ping/TestSSL.java @@ -32,6 +32,7 @@ import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.pages.account.domain.DomainOverview; import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.PingTest; @@ -138,7 +139,7 @@ public class TestSSL extends PingTest { private void createCertificate(String test, CertificateProfile profile) throws GeneralSecurityException, IOException, SQLException, InterruptedException, GigiApiException { kp = generateKeypair(); String csr = generatePEMCSR(kp, "CN=" + test); - c = new Certificate(userid, "/CN=" + test, "sha256", csr, CSRType.CSR, profile); + c = new Certificate(User.getById(userid), "/CN=" + test, "sha256", csr, CSRType.CSR, profile); c.issue(null, "2y").waitFor(60000); }