From b207e1989b166619e924946731e40ccf98457fae Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Wed, 27 Jan 2016 15:17:33 +0100 Subject: [PATCH] add: granting and revoking groups by supporters --- .../cacert/gigi/dbObjects/SupportedUser.java | 8 +++ src/org/cacert/gigi/output/DateSelector.java | 3 +- src/org/cacert/gigi/output/GroupSelector.java | 50 ++++++++++++++ .../admin/support/SupportUserDetailsForm.java | 44 ++++++++++--- .../support/SupportUserDetailsForm.templ | 66 +++---------------- .../admin/support/SupportUserDetailsPage.java | 2 +- 6 files changed, 106 insertions(+), 67 deletions(-) create mode 100644 src/org/cacert/gigi/output/GroupSelector.java diff --git a/src/org/cacert/gigi/dbObjects/SupportedUser.java b/src/org/cacert/gigi/dbObjects/SupportedUser.java index e957aa08..044f712b 100644 --- a/src/org/cacert/gigi/dbObjects/SupportedUser.java +++ b/src/org/cacert/gigi/dbObjects/SupportedUser.java @@ -82,4 +82,12 @@ public class SupportedUser { target.rawUpdateUserData(); } + public void grant(Group toMod) { + target.grantGroup(supporter, toMod); + } + + public void revoke(Group toMod) { + target.revokeGroup(supporter, toMod); + } + } diff --git a/src/org/cacert/gigi/output/DateSelector.java b/src/org/cacert/gigi/output/DateSelector.java index 20939e49..ad1bdf33 100644 --- a/src/org/cacert/gigi/output/DateSelector.java +++ b/src/org/cacert/gigi/output/DateSelector.java @@ -14,6 +14,7 @@ import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Outputable; +import org.cacert.gigi.util.HTMLEncoder; public class DateSelector implements Outputable { @@ -30,7 +31,7 @@ public class DateSelector implements Outputable { public DateSelector(String day, String month, String year) { this.names = new String[] { - day, month, year + HTMLEncoder.encodeHTML(day), HTMLEncoder.encodeHTML(month), HTMLEncoder.encodeHTML(year) }; } diff --git a/src/org/cacert/gigi/output/GroupSelector.java b/src/org/cacert/gigi/output/GroupSelector.java new file mode 100644 index 00000000..a26be9b8 --- /dev/null +++ b/src/org/cacert/gigi/output/GroupSelector.java @@ -0,0 +1,50 @@ +package org.cacert.gigi.output; + +import java.io.PrintWriter; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Group; +import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.output.template.Outputable; +import org.cacert.gigi.util.HTMLEncoder; + +public class GroupSelector implements Outputable { + + String name; + + Group value = null; + + public GroupSelector(String name) { + this.name = HTMLEncoder.encodeHTML(name); + } + + public void update(HttpServletRequest r) throws GigiApiException { + String vS = r.getParameter(name); + value = null; + for (Group g : Group.values()) { + if (g.getDatabaseName().equals(vS)) { + value = g; + } + } + } + + @Override + public void output(PrintWriter out, Language l, Map vars) { + out.println(""); + } + + public Group getGroup() { + return value; + } +} diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java index 685adf3d..e1c94c6b 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java @@ -3,7 +3,9 @@ package org.cacert.gigi.pages.admin.support; import java.io.IOException; import java.io.PrintWriter; import java.net.URLEncoder; +import java.util.Iterator; import java.util.Map; +import java.util.Set; import javax.servlet.http.HttpServletRequest; @@ -15,7 +17,9 @@ import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.email.Sendmail; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.DateSelector; +import org.cacert.gigi.output.GroupSelector; import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.Page; import org.cacert.gigi.pages.PasswordResetPage; @@ -30,6 +34,8 @@ public class SupportUserDetailsForm extends Form { private DateSelector dobSelector; + private GroupSelector value = new GroupSelector("groupToModify"); + static { t = new Template(FindDomainForm.class.getResource("SupportUserDetailsForm.templ")); } @@ -45,6 +51,19 @@ public class SupportUserDetailsForm extends Form { if (user.getTicket() == null) { return false; } + if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("grant") != null ? 1 : 0) + (req.getParameter("deny") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) { + throw new GigiApiException("More than one action requested!"); + } + if (req.getParameter("grant") != null || req.getParameter("deny") != null) { + value.update(req); + Group toMod = value.getGroup(); + if (req.getParameter("grant") != null) { + user.grant(toMod); + } else { + user.revoke(toMod); + } + return true; + } if (req.getParameter("resetPass") != null) { String aword = req.getParameter("aword"); if (aword == null || aword.equals("")) { @@ -103,16 +122,25 @@ public class SupportUserDetailsForm extends Form { vars.put("suffix", name.getSuffix()); vars.put("assurer", user.canAssure()); vars.put("dob", dobSelector); - vars.put("blockedassurer", user.isInGroup(Group.BLOCKEDASSURER)); - vars.put("codesign", user.isInGroup(Group.CODESIGNING)); - vars.put("orgassurer", user.isInGroup(Group.ORGASSURER)); vars.put("assurancepoints", user.getAssurancePoints()); - vars.put("blockedassuree", user.isInGroup(Group.BLOCKEDASSUREE)); - vars.put("ttpassurer", user.isInGroup(Group.TTP_ASSURER)); - vars.put("ttpapplicant", user.isInGroup(Group.TTP_APPLICANT)); - vars.put("blockedlogin", user.isInGroup(Group.BLOCKEDLOGIN)); - vars.put("supporter", user.isInGroup(Group.SUPPORTER)); + vars.put("exppoints", user.getExperiencePoints()); vars.put("id", user.getId()); + final Set gr = user.getGroups(); + vars.put("groups", new IterableDataset() { + + Iterator i = gr.iterator(); + + @Override + public boolean next(Language l, Map vars) { + if ( !i.hasNext()) { + return false; + } + Group g = i.next(); + vars.put("group_name", l.getTranslation("Group: " + g.getDatabaseName())); + return true; + } + }); + vars.put("groupSelector", value); t.output(out, l, vars); } diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ index 689f2620..244bbdbc 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.templ @@ -46,66 +46,22 @@ - - : - - - - - - - + + : + - : - - - - - - - + : + + - : - - - - - + : +

,

+

- : - - - - - - - - - - : - - - - - - - - - - : - - - - - - - - - : @@ -115,10 +71,6 @@ - - - : - diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java index 3d83b201..5cc35b53 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java @@ -68,7 +68,7 @@ public class SupportUserDetailsPage extends Page { if ( !Form.getForm(req, SupportRevokeCertificatesForm.class).submit(resp.getWriter(), req)) { throw new GigiApiException("No ticket number set."); } - } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null) { + } else if (req.getParameter("detailupdate") != null || req.getParameter("resetPass") != null || req.getParameter("deny") != null || req.getParameter("grant") != null) { if ( !Form.getForm(req, SupportUserDetailsForm.class).submit(resp.getWriter(), req)) { throw new GigiApiException("No ticket number set."); } -- 2.39.2