From 6dcec2ace981aadba1f0a04e20e2bafe19b47976 Mon Sep 17 00:00:00 2001 From: Janis Streib Date: Sat, 21 Mar 2015 17:57:57 +0100 Subject: [PATCH] UPD: Stricter name part handling --- src/org/cacert/gigi/dbObjects/Name.java | 24 ++++++++-- src/org/cacert/gigi/dbObjects/User.java | 48 ++++--------------- .../gigi/pages/account/MyDetailsForm.java | 15 +++--- .../admin/support/SupportUserDetailsForm.java | 10 ++-- src/org/cacert/gigi/pages/main/Signup.java | 30 +++++++----- .../gigi/util/PasswordStrengthChecker.java | 10 ++-- tests/org/cacert/gigi/TestObjectCache.java | 6 +-- tests/org/cacert/gigi/TestUser.java | 28 +++++------ .../gigi/pages/account/TestMyDetailsEdit.java | 20 ++++---- .../util/TestPasswordStrengthChecker.java | 6 +-- .../org/cacert/gigi/pages/Manager.java | 6 +-- 11 files changed, 92 insertions(+), 111 deletions(-) diff --git a/src/org/cacert/gigi/dbObjects/Name.java b/src/org/cacert/gigi/dbObjects/Name.java index 7c803b8a..ed0aec6d 100644 --- a/src/org/cacert/gigi/dbObjects/Name.java +++ b/src/org/cacert/gigi/dbObjects/Name.java @@ -9,13 +9,13 @@ import org.cacert.gigi.util.HTMLEncoder; public class Name implements Outputable { - String fname; + private String fname; - String mname; + private String mname; - String lname; + private String lname; - String suffix; + private String suffix; public Name(String fname, String lname, String mname, String suffix) { this.fname = fname; @@ -102,4 +102,20 @@ public class Name implements Outputable { (mname != null && suffix != null && text.equals(fname + " " + mname + " " + lname + " " + suffix)); } + public String getFname() { + return fname; + } + + public String getLname() { + return lname; + } + + public String getMname() { + return mname; + } + + public String getSuffix() { + return suffix; + } + } diff --git a/src/org/cacert/gigi/dbObjects/User.java b/src/org/cacert/gigi/dbObjects/User.java index ccbe53fb..c346ab53 100644 --- a/src/org/cacert/gigi/dbObjects/User.java +++ b/src/org/cacert/gigi/dbObjects/User.java @@ -64,34 +64,10 @@ public class User extends CertificateOwner { public User() {} - public String getFName() { - return name.fname; - } - - public String getLName() { - return name.lname; - } - - public String getMName() { - return name.mname; - } - public Name getName() { return name; } - public void setMName(String mname) { - this.name.mname = mname; - } - - public String getSuffix() { - return name.suffix; - } - - public void setSuffix(String suffix) { - this.name.suffix = suffix; - } - public Date getDoB() { return dob; } @@ -108,23 +84,15 @@ public class User extends CertificateOwner { this.email = email; } - public void setFName(String fname) { - this.name.fname = fname; - } - - public void setLName(String lname) { - this.name.lname = lname; - } - public void insert(String password) { int id = super.insert(); GigiPreparedStatement query = DatabaseConnection.getInstance().prepare("insert into `users` set `email`=?, `password`=?, " + "`fname`=?, `mname`=?, `lname`=?, " + "`suffix`=?, `dob`=?, `language`=?, id=?"); query.setString(1, email); query.setString(2, PasswordHash.hash(password)); - query.setString(3, name.fname); - query.setString(4, name.mname); - query.setString(5, name.lname); - query.setString(6, name.suffix); + query.setString(3, name.getFname()); + query.setString(4, name.getMname()); + query.setString(5, name.getLname()); + query.setString(6, name.getSuffix()); query.setDate(7, new java.sql.Date(dob.getTime())); query.setString(8, locale.toString()); query.setInt(9, id); @@ -347,10 +315,10 @@ public class User extends CertificateOwner { } GigiPreparedStatement update = DatabaseConnection.getInstance().prepare("UPDATE users SET fname=?, lname=?, mname=?, suffix=?, dob=? WHERE id=?"); - update.setString(1, getFName()); - update.setString(2, getLName()); - update.setString(3, getMName()); - update.setString(4, getSuffix()); + update.setString(1, name.getFname()); + update.setString(2, name.getLname()); + update.setString(3, name.getMname()); + update.setString(4, name.getSuffix()); update.setDate(5, getDoB()); update.setInt(6, getId()); update.executeUpdate(); diff --git a/src/org/cacert/gigi/pages/account/MyDetailsForm.java b/src/org/cacert/gigi/pages/account/MyDetailsForm.java index 803bdea1..8f7c7bf8 100644 --- a/src/org/cacert/gigi/pages/account/MyDetailsForm.java +++ b/src/org/cacert/gigi/pages/account/MyDetailsForm.java @@ -6,6 +6,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.DateSelector; @@ -44,10 +45,7 @@ public class MyDetailsForm extends Form { if (newLname.isEmpty()) { throw new GigiApiException("Last name cannot be empty."); } - target.setFName(newFname); - target.setLName(newLname); - target.setMName(newMname); - target.setSuffix(newSuffix); + target.setName(new Name(newFname, newLname, newMname, newSuffix)); ds.update(req); target.setDoB(ds.getDate()); target.updateUserData(); @@ -66,10 +64,11 @@ public class MyDetailsForm extends Form { @Override protected void outputContent(PrintWriter out, Language l, Map vars) { - vars.put("fname", HTMLEncoder.encodeHTML(target.getFName())); - vars.put("mname", target.getMName() == null ? "" : HTMLEncoder.encodeHTML(target.getMName())); - vars.put("lname", HTMLEncoder.encodeHTML(target.getLName())); - vars.put("suffix", target.getSuffix() == null ? "" : HTMLEncoder.encodeHTML(target.getSuffix())); + Name name = target.getName(); + vars.put("fname", HTMLEncoder.encodeHTML(name.getFname())); + vars.put("mname", name.getMname() == null ? "" : HTMLEncoder.encodeHTML(name.getMname())); + vars.put("lname", HTMLEncoder.encodeHTML(name.getLname())); + vars.put("suffix", name.getSuffix() == null ? "" : HTMLEncoder.encodeHTML(name.getSuffix())); vars.put("details", ""); if (target.getAssurancePoints() == 0) { vars.put("DoB", ds); diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java index eff2b0f2..3a8dc30e 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsForm.java @@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Group; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.DateSelector; @@ -35,11 +36,12 @@ public class SupportUserDetailsForm extends Form { @Override protected void outputContent(PrintWriter out, Language l, Map vars) { + Name name = user.getName(); vars.put("mail", user.getEmail()); - vars.put("fname", user.getFName()); - vars.put("mname", user.getMName()); - vars.put("lname", user.getLName()); - vars.put("suffix", user.getSuffix()); + vars.put("fname", name.getFname()); + vars.put("mname", name.getMname()); + vars.put("lname", name.getLname()); + vars.put("suffix", name.getSuffix()); vars.put("assurer", user.canAssure()); vars.put("dob", new DateSelector("dobd", "dobm", "doby", user.getDoB())); vars.put("blockedassurer", user.isInGroup(Group.BLOCKEDASSURER)); diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java index 844a227b..66665af2 100644 --- a/src/org/cacert/gigi/pages/main/Signup.java +++ b/src/org/cacert/gigi/pages/main/Signup.java @@ -14,6 +14,7 @@ import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; import org.cacert.gigi.dbObjects.EmailAddress; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.email.EmailProvider; import org.cacert.gigi.localisation.Language; @@ -36,10 +37,7 @@ public class Signup extends Form { public Signup(HttpServletRequest hsr) { super(hsr); t = new Template(Signup.class.getResource("Signup.templ")); - buildup.setFName(""); - buildup.setMName(""); - buildup.setLName(""); - buildup.setSuffix(""); + buildup.setName(new Name("", "", "", "")); buildup.setEmail(""); buildup.setDoB(new Date(0)); } @@ -49,10 +47,11 @@ public class Signup extends Form { @Override public void outputContent(PrintWriter out, Language l, Map outerVars) { HashMap vars = new HashMap(); - vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFName())); - vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMName())); - vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLName())); - vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix())); + Name buildupName = buildup.getName(); + vars.put("fname", HTMLEncoder.encodeHTML(buildupName.getFname())); + vars.put("mname", HTMLEncoder.encodeHTML(buildupName.getMname())); + vars.put("lname", HTMLEncoder.encodeHTML(buildupName.getLname())); + vars.put("suffix", HTMLEncoder.encodeHTML(buildupName.getSuffix())); vars.put("dob", myDoB); vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail())); vars.put("general", general ? " checked=\"checked\"" : ""); @@ -65,21 +64,26 @@ public class Signup extends Form { } private void update(HttpServletRequest r) { + String fname = buildup.getName().getFname(); + String lname = buildup.getName().getLname(); + String mname = buildup.getName().getMname(); + String suffix = buildup.getName().getSuffix(); if (r.getParameter("fname") != null) { - buildup.setFName(r.getParameter("fname")); + fname = r.getParameter("fname"); } if (r.getParameter("lname") != null) { - buildup.setLName(r.getParameter("lname")); + lname = r.getParameter("lname"); } if (r.getParameter("mname") != null) { - buildup.setMName(r.getParameter("mname")); + mname = r.getParameter("mname"); } if (r.getParameter("suffix") != null) { - buildup.setSuffix(r.getParameter("suffix")); + suffix = r.getParameter("suffix"); } if (r.getParameter("email") != null) { buildup.setEmail(r.getParameter("email")); } + buildup.setName(new Name(fname, lname, mname, suffix)); general = "1".equals(r.getParameter("general")); country = "1".equals(r.getParameter("country")); regional = "1".equals(r.getParameter("regional")); @@ -93,7 +97,7 @@ public class Signup extends Form { @Override public synchronized boolean submit(PrintWriter out, HttpServletRequest req) { update(req); - if (buildup.getLName().trim().equals("")) { + if (buildup.getName().getLname().trim().equals("")) { outputError(out, req, "Last name were blank."); } if ( !myDoB.isValid()) { diff --git a/src/org/cacert/gigi/util/PasswordStrengthChecker.java b/src/org/cacert/gigi/util/PasswordStrengthChecker.java index 6ae79181..1eac560f 100644 --- a/src/org/cacert/gigi/util/PasswordStrengthChecker.java +++ b/src/org/cacert/gigi/util/PasswordStrengthChecker.java @@ -3,6 +3,7 @@ package org.cacert.gigi.util; import java.util.regex.Pattern; import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; public class PasswordStrengthChecker { @@ -55,20 +56,21 @@ public class PasswordStrengthChecker { if (pw == null) { return 0; } + Name name = u.getName(); int light = checkpwlight(pw); if (contained(pw, u.getEmail())) { light -= 2; } - if (contained(pw, u.getFName())) { + if (contained(pw, name.getFname())) { light -= 2; } - if (contained(pw, u.getLName())) { + if (contained(pw, name.getLname())) { light -= 2; } - if (contained(pw, u.getMName())) { + if (contained(pw, name.getMname())) { light -= 2; } - if (contained(pw, u.getSuffix())) { + if (contained(pw, name.getSuffix())) { light -= 2; } // TODO dictionary check diff --git a/tests/org/cacert/gigi/TestObjectCache.java b/tests/org/cacert/gigi/TestObjectCache.java index f143c471..d55bef1e 100644 --- a/tests/org/cacert/gigi/TestObjectCache.java +++ b/tests/org/cacert/gigi/TestObjectCache.java @@ -10,6 +10,7 @@ import java.util.Locale; import org.cacert.gigi.dbObjects.Domain; import org.cacert.gigi.dbObjects.EmailAddress; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.testUtils.ManagedTest; @@ -24,10 +25,7 @@ public class TestObjectCache extends ManagedTest { assertThat(User.getById(uid), is(sameInstance(User.getById(uid)))); User u = new User(); - u.setFName("fname"); - u.setMName("mname"); - u.setSuffix("suffix"); - u.setLName("lname"); + u.setName(new Name("fname", "lname", "mname", "suffix")); u.setEmail(createUniqueName() + "@example.org"); Calendar c = Calendar.getInstance(); c.set(1950, 1, 1); diff --git a/tests/org/cacert/gigi/TestUser.java b/tests/org/cacert/gigi/TestUser.java index 93deebaa..0bbc4cbb 100644 --- a/tests/org/cacert/gigi/TestUser.java +++ b/tests/org/cacert/gigi/TestUser.java @@ -9,6 +9,7 @@ import java.util.Locale; import org.cacert.gigi.dbObjects.Assurance; import org.cacert.gigi.dbObjects.Domain; import org.cacert.gigi.dbObjects.EmailAddress; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.testUtils.ManagedTest; @@ -19,10 +20,7 @@ public class TestUser extends ManagedTest { @Test public void testStoreAndLoad() throws SQLException { User u = new User(); - u.setFName("user"); - u.setLName("last"); - u.setMName(""); - u.setSuffix(""); + u.setName(new Name("user", "last", "", "")); u.setPreferredLocale(Locale.ENGLISH); long dob = System.currentTimeMillis(); dob -= dob % (1000 * 60 * 60 * 24); @@ -40,10 +38,11 @@ public class TestUser extends ManagedTest { public void testWebStoreAndLoad() throws SQLException { int id = createVerifiedUser("aä", "b", createUniqueName() + "a@email.org", TEST_PASSWORD); - User u = User.getById(id); - assertEquals("aä", u.getFName()); - assertEquals("b", u.getLName()); - assertEquals("", u.getMName()); + Name u = User.getById(id).getName(); + + assertEquals("aä", u.getFname()); + assertEquals("b", u.getLname()); + assertEquals("", u.getMname()); } @Test @@ -58,10 +57,10 @@ public class TestUser extends ManagedTest { assertEquals(2, expPoints); assertTrue(u.hasPassedCATS()); assertEquals(10, u.getMaxAssurePoints()); - - assertEquals("aä", u.getFName()); - assertEquals("b", u.getLName()); - assertEquals("", u.getMName()); + Name name = u.getName(); + assertEquals("aä", name.getFname()); + assertEquals("b", name.getLname()); + assertEquals("", name.getMname()); } @Test @@ -99,10 +98,7 @@ public class TestUser extends ManagedTest { @Test public void testDoubleInsert() { User u = new User(); - u.setFName("f"); - u.setLName("l"); - u.setMName("m"); - u.setSuffix("s"); + u.setName(new Name("f", "k", "m", "s")); u.setEmail(createUniqueName() + "@example.org"); u.setDoB(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 24 * 365)); u.setPreferredLocale(Locale.ENGLISH); diff --git a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java index 57bb4206..536634be 100644 --- a/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java +++ b/tests/org/cacert/gigi/pages/account/TestMyDetailsEdit.java @@ -26,7 +26,7 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "fname=" + newName + "&lname=Hansel&mname=&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getFName()); + assertEquals(newName, u.getName().getFname()); } @Test @@ -34,7 +34,7 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "lname=" + newName + "&fname=Kurti&mname=&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getLName()); + assertEquals(newName, u.getName().getLname()); } @Test @@ -42,7 +42,7 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "mname=" + newName + "&fname=Kurti&lname=Hansel&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getMName()); + assertEquals(newName, u.getName().getMname()); } @Test @@ -50,7 +50,7 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "mname=&fname=Kurti&lname=Hansel&suffix=" + newName + "&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getSuffix()); + assertEquals(newName, u.getName().getSuffix()); } @Test @@ -58,18 +58,18 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "mname=&fname=Kurti&lname=Hansel&suffix=" + newName + "&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getSuffix()); + assertEquals(newName, u.getName().getSuffix()); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "mname=&fname=Kurti&lname=Hansel&suffix=&day=1&month=1&year=2000&processDetails", 0)); clearCaches(); u = User.getById(id); - assertEquals("", u.getSuffix()); + assertEquals("", u.getName().getSuffix()); } @Test public void testUnsetFname() throws IOException { assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "fname=&lname=Hansel&mname=&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals("", u.getFName()); + assertEquals("", u.getName().getFname()); } @@ -77,7 +77,7 @@ public class TestMyDetailsEdit extends ManagedTest { public void testUnsetLname() throws IOException { assertNotNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "lname=&fname=Kurti&mname=&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals("Hansel", u.getLName()); + assertEquals("Hansel", u.getName().getLname()); } @Test @@ -85,11 +85,11 @@ public class TestMyDetailsEdit extends ManagedTest { String newName = createUniqueName(); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "mname=" + newName + "&fname=Kurti&lname=Hansel&suffix=&day=1&month=1&year=2000&processDetails", 0)); User u = User.getById(id); - assertEquals(newName, u.getMName()); + assertEquals(newName, u.getName().getMname()); assertNull(executeBasicWebInteraction(cookie, MyDetails.PATH, "lname=Hansel&fname=Kurti&mname=&suffix=&day=1&month=1&year=2000&processDetails", 0)); clearCaches(); u = User.getById(id); - assertEquals("", u.getMName()); + assertEquals("", u.getName().getMname()); } diff --git a/tests/org/cacert/gigi/util/TestPasswordStrengthChecker.java b/tests/org/cacert/gigi/util/TestPasswordStrengthChecker.java index eabb042b..ffabbb7c 100644 --- a/tests/org/cacert/gigi/util/TestPasswordStrengthChecker.java +++ b/tests/org/cacert/gigi/util/TestPasswordStrengthChecker.java @@ -2,6 +2,7 @@ package org.cacert.gigi.util; import static org.junit.Assert.*; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.junit.Test; @@ -11,11 +12,8 @@ public class TestPasswordStrengthChecker { public TestPasswordStrengthChecker() { u = new User(); - u.setFName("fname"); - u.setLName("lname"); - u.setMName("mname"); + u.setName(new Name("fname", "lname", "mname", "suffix")); u.setEmail("email"); - u.setSuffix("suffix"); } @Test diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java index 9f4567e7..e76b7c0a 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.java +++ b/util-testing/org/cacert/gigi/pages/Manager.java @@ -21,6 +21,7 @@ import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.dbObjects.EmailAddress; import org.cacert.gigi.dbObjects.Group; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.email.EmailProvider; import org.cacert.gigi.localisation.Language; @@ -155,10 +156,7 @@ public class Manager extends Page { private void createUser(String email) throws GigiApiException, IllegalAccessException { User u = new User(); - u.setFName("Först"); - u.setMName("Müddle"); - u.setLName("Läst"); - u.setSuffix("Süffix"); + u.setName(new Name("Först", "Läst", "Müddle", "Süffix")); u.setEmail(email); Calendar gc = GregorianCalendar.getInstance(); gc.set(1990, 0, 1); -- 2.39.2