From 7431a1f62c8589e77dd8fcf198eeab4a4a39a49f Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Wed, 11 Nov 2015 00:03:48 +0100
Subject: [PATCH] upd: prevent supporter and org-actor at same time

---
 .../admin/support/SupportEnterTicketForm.java    |  5 +++--
 .../cacert/gigi/util/AuthorizationContext.java   | 16 +++++++++-------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
index f7ddea07..5b57a1c7 100644
--- a/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/org/cacert/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -5,6 +5,7 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.cacert.gigi.Gigi;
 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.Form;
@@ -31,13 +32,13 @@ public class SupportEnterTicketForm extends Form {
             String ticket = req.getParameter("ticketno");
             if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
                 AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
-                ac.setSupporterTicketId(ticket);
+                req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ticket));
                 return true;
             }
             return false;
         } else if (req.getParameter("deleteTicket") != null) {
             AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
-            ac.setSupporterTicketId(null);
+            req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));
             return true;
         }
         return false;
diff --git a/src/org/cacert/gigi/util/AuthorizationContext.java b/src/org/cacert/gigi/util/AuthorizationContext.java
index 16f458ca..412ebc5a 100644
--- a/src/org/cacert/gigi/util/AuthorizationContext.java
+++ b/src/org/cacert/gigi/util/AuthorizationContext.java
@@ -24,6 +24,15 @@ public class AuthorizationContext implements Outputable {
         this.actor = actor;
     }
 
+    public AuthorizationContext(User actor, String supporterTicket) throws GigiApiException {
+        this.target = actor;
+        this.actor = actor;
+        if ( !isInGroup(Group.SUPPORTER)) {
+            throw new GigiApiException("requires a supporter");
+        }
+        supporterTicketId = supporterTicket;
+    }
+
     public CertificateOwner getTarget() {
         return target;
     }
@@ -43,13 +52,6 @@ public class AuthorizationContext implements Outputable {
         return ac.getActor();
     }
 
-    public void setSupporterTicketId(String supporterTicketId) throws GigiApiException {
-        if ( !isInGroup(Group.SUPPORTER)) {
-            throw new GigiApiException("requires a supporter");
-        }
-        this.supporterTicketId = supporterTicketId;
-    }
-
     public String getSupporterTicketId() {
         return supporterTicketId;
     }
-- 
2.39.2