From: Felix Dörre <felix@dogcraft.de>
Date: Sun, 18 Feb 2018 16:00:30 +0000 (+0100)
Subject: Merge changes Ica9a9fc2,I5effef05
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=cbd469caf6d9b18a9e1b74ba5292e4f5a71fcbfd;hp=918282ccc64e46e3e83f5087328ce477d2b200e0

Merge changes Ica9a9fc2,I5effef05

* changes:
  chg: reword error message to match conditions
  chg: enable support to find organisation domains
---

diff --git a/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
index 969cbe62..7445c52c 100644
--- a/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
+++ b/src/club/wpia/gigi/pages/admin/support/SupportUserDetailsForm.java
@@ -6,6 +6,7 @@ import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 
+import club.wpia.gigi.Gigi;
 import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.dbObjects.Name;
@@ -20,6 +21,8 @@ import club.wpia.gigi.output.template.Form;
 import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.output.template.TranslateCommand;
 import club.wpia.gigi.pages.LoginPage;
+import club.wpia.gigi.pages.account.MyDetails;
+import club.wpia.gigi.util.AuthorizationContext;
 
 public class SupportUserDetailsForm extends Form {
 
@@ -42,12 +45,31 @@ public class SupportUserDetailsForm extends Form {
         if (user.getTicket() == null) {
             throw new GigiApiException("No ticket number set.");
         }
+
+        int numActions = 0;
+        numActions += req.getParameter("detailupdate") != null ? 1 : 0;
+        numActions += req.getParameter("addGroup") != null ? 1 : 0;
+        numActions += req.getParameter("removeGroup") != null ? 1 : 0;
+        numActions += req.getParameter("resetPass") != null ? 1 : 0;
+
+        if (numActions != 1) {
+            throw new GigiApiException("More than one action requested!");
+        }
+
         if (user.getTargetUser() == LoginPage.getUser(req)) {
+            if (req.getParameter("removeGroup") != null) {
+                value.update(req);
+                Group toMod = value.getGroup();
+                if (toMod == Group.SUPPORTER) {
+                    user.revoke(toMod);
+                    AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
+                    req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));
+                    return new RedirectResult(MyDetails.PATH);
+                }
+            }
             throw new GigiApiException("Supporter may not modify himself.");
         }
-        if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("addGroup") != null ? 1 : 0) + (req.getParameter("removeGroup") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
-            throw new GigiApiException("More than one action requested!");
-        }
+
         if (req.getParameter("addGroup") != null || req.getParameter("removeGroup") != null) {
             value.update(req);
             Group toMod = value.getGroup();
diff --git a/tests/club/wpia/gigi/pages/admin/TestSEAdminNotificationMail.java b/tests/club/wpia/gigi/pages/admin/TestSEAdminNotificationMail.java
index 30aeb64f..97ac6a00 100644
--- a/tests/club/wpia/gigi/pages/admin/TestSEAdminNotificationMail.java
+++ b/tests/club/wpia/gigi/pages/admin/TestSEAdminNotificationMail.java
@@ -7,6 +7,7 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.net.MalformedURLException;
+import java.net.URLConnection;
 import java.net.URLEncoder;
 import java.util.HashMap;
 import java.util.Locale;
@@ -17,10 +18,13 @@ import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.dbObjects.User;
 import club.wpia.gigi.localisation.Language;
+import club.wpia.gigi.pages.account.MyDetails;
 import club.wpia.gigi.pages.admin.support.SupportUserDetailsPage;
+import club.wpia.gigi.testUtils.IOUtils;
 import club.wpia.gigi.testUtils.SEClientTest;
 import club.wpia.gigi.testUtils.TestEmailReceiver.TestMail;
 import club.wpia.gigi.util.ServerConstants;
+import club.wpia.gigi.util.ServerConstants.Host;
 
 public class TestSEAdminNotificationMail extends SEClientTest {
 
@@ -141,4 +145,34 @@ public class TestSEAdminNotificationMail extends SEClientTest {
         message = getMailReceiver().receive(targetEmail).getMessage();
         assertThat(message, containsString("All certificates in your account have been revoked."));
     }
+
+    @Test
+    public void testSupportSupporterGroup() throws MalformedURLException, IOException {
+        // supporter adds to his own groups
+        String s = IOUtils.readURL(post(SupportUserDetailsPage.PATH + u.getId() + "/", "addGroup&groupToModify=" + URLEncoder.encode(Group.ORG_AGENT.getDBName(), "UTF-8")));
+        assertThat(s, containsString("Supporter may not modify himself."));
+
+        // supporter removes from his own groups
+        s = IOUtils.readURL(post(SupportUserDetailsPage.PATH + u.getId() + "/", "removeGroup&groupToModify=" + URLEncoder.encode(Group.ORG_AGENT.getDBName(), "UTF-8")));
+        assertThat(s, containsString("Supporter may not modify himself."));
+
+        // supporter removes supporter flag
+        URLConnection uc = post(SupportUserDetailsPage.PATH + u.getId() + "/", "removeGroup&groupToModify=" + URLEncoder.encode(Group.SUPPORTER.getDBName(), "UTF-8"));
+        assertEquals("https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + MyDetails.PATH, uc.getHeaderField("Location"));
+        StringWriter sw = new StringWriter();
+        PrintWriter pw = new PrintWriter(sw);
+        Group.SUPPORTER.getName().output(pw, Language.getInstance(Locale.ENGLISH), new HashMap<String, Object>());
+        // mail to support
+        String message = getMailReceiver().receive(ServerConstants.getSupportMailAddress()).getMessage();
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was revoked."));
+        // mail to user
+        message = getMailReceiver().receive(u.getEmail()).getMessage();
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was revoked from your account."));
+        // mail to board
+        message = getMailReceiver().receive(ServerConstants.getBoardMailAddress()).getMessage();
+        assertThat(message, containsString("The group permission '" + sw.toString() + "' was revoked for '" + u.getPreferredName().toString() + "'."));
+        s = IOUtils.readURL(get(cookie, MyDetails.PATH));
+        assertThat(s, not(containsString("supporter")));
+    }
+
 }
diff --git a/util-testing/club/wpia/gigi/pages/Manager.templ b/util-testing/club/wpia/gigi/pages/Manager.templ
index ea375e87..36afa443 100644
--- a/util-testing/club/wpia/gigi/pages/Manager.templ
+++ b/util-testing/club/wpia/gigi/pages/Manager.templ
@@ -1,10 +1,10 @@
 <form method='post'>
 <table class="table">
 <tr><td>
-Batch create users:
+Batch Create Users:
 </td><td></td><td>
 <div>
-  Email: 
+  Email:
   <input type="text" name="prefix"/> NNN@
   <input type="text" name="suffix"/>
 </div>
@@ -12,9 +12,9 @@ Amount:  <input type="slider" name="amount"/> <input type="submit" name="create"
 </td></tr>
 
 <tr><td>
-Add privilege:
+Add Privilege:
 </td><td>
-Email: <input type="text" name="email"/> 
+Email: <input type="text" name="email"/>
 </td><td>
 <select name="priv">
 <option>supporter</option>
@@ -27,8 +27,8 @@ Email: <input type="text" name="email"/>
 <option>codesigning</option>
 <option>org-agent</option>
 </select>
-<input type="submit" name="addpriv" value="Grant Privillege"/>
-<input type="submit" name="delpriv" value="Revoke Privillege"/>
+<input type="submit" name="addpriv" value="Grant Privilege"/>
+<input type="submit" name="delpriv" value="Revoke Privilege"/>
 </td><tr>
 
 <tr><td>
@@ -40,7 +40,7 @@ Email: <input type="text" name="femail"/>
 </td><tr>
 
 <tr><td>
-Add CATs entry:
+Add Qualifying Challenge Entry:
 </td><td>
 Email: <input type="text" name="catsEmail"/>
 </td><td>
@@ -49,7 +49,7 @@ Email: <input type="text" name="catsEmail"/>
 <option value="<?=$id?>"><?=$name?></option>
 <? } ?>
 </select>
-<input type="submit" value="Add CATs" name="cats"/>
+<input type="submit" value="Add Challenge" name="cats"/>
 </td></tr>
 <tr><td>
 Add 100 Verification Points:
@@ -62,7 +62,7 @@ Verification Points to issue to preferred name: </br>
 </td></tr>
 
 <tr><td>
-Verify 25 others (get 100 Experience Points)	:
+Verify 25 Others (get 100 Experience Points):
 </td><td>
 Email: <input type="text" name="letverifyEmail"/>
 </td><td>
@@ -70,12 +70,12 @@ Email: <input type="text" name="letverifyEmail"/>
 </td></tr>
 
 <tr><td>
-Add verified Email:
+Add Verified Email:
 </td><td>
 Email: <input type="text" name="addEmailEmail"/>
 </td><td>
-new Email: <input type="text" name="addEmailNew"/>
-<input type="submit" value="Add verified Email" name="addEmail"/>
+New Email: <input type="text" name="addEmailNew"/>
+<input type="submit" value="Add Verified Email" name="addEmail"/>
 </td></tr>
 
 <tr><td>
@@ -83,7 +83,7 @@ Add Client Cert:
 </td><td>
 Email: <input type="text" name="addCertEmail"/>
 </td><td>
-<input type="submit" value="Add an certificate" name="addCert"/>
+<input type="submit" value="Add a Certificate" name="addCert"/>
 </td></tr>
 
 <tr><td>
@@ -98,7 +98,7 @@ Domain: <input type="text" name="exemptDom"/>
 
 <table>
 <tr><th colspan="2">
-Test server settings
+Test Server Settings
 </th></tr>
 
 <tr><td>