From be2db6c7661ba6d00aaf1395fb4b7cf6cf16cf9c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Thu, 11 Aug 2016 12:36:08 +0200 Subject: [PATCH] fix: re-display form on error in some cases. Change-Id: I428c31912e6bcfe4010bf71dcb66b20e94a76715 --- src/org/cacert/gigi/output/template/Form.java | 28 ++++++++++ .../account/domain/DomainManagementForm.java | 22 +++----- .../pages/account/domain/DomainOverview.java | 2 +- .../cacert/gigi/pages/orga/CreateOrgPage.java | 3 +- .../cacert/gigi/pages/orga/ViewOrgPage.java | 55 +++++++++---------- 5 files changed, 64 insertions(+), 46 deletions(-) diff --git a/src/org/cacert/gigi/output/template/Form.java b/src/org/cacert/gigi/output/template/Form.java index 3f7ab6d1..1eb0efa0 100644 --- a/src/org/cacert/gigi/output/template/Form.java +++ b/src/org/cacert/gigi/output/template/Form.java @@ -2,6 +2,7 @@ package org.cacert.gigi.output.template; import java.io.IOException; import java.io.PrintWriter; +import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; @@ -9,6 +10,7 @@ import javax.servlet.http.HttpSession; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.util.RandomToken; /** @@ -60,6 +62,32 @@ public abstract class Form implements Outputable { */ public abstract boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException; + /** + * Calls {@link #submit(PrintWriter, HttpServletRequest)} while catching and + * displaying errors ({@link GigiApiException}), and re-outputing the form + * via {@link #output(PrintWriter, Language, Map)}. + * + * @param out + * the target to write the form and errors to + * @param req + * the request that this submit originated (for submit and for + * language) + * @return as {@link #submit(PrintWriter, HttpServletRequest)}: true, iff + * the form succeeded and the user should be redirected. + */ + public boolean submitProtected(PrintWriter out, HttpServletRequest req) { + try { + boolean succeeded = submit(out, req); + if (succeeded) { + return true; + } + } catch (GigiApiException e) { + e.format(out, LoginPage.getLanguage(req)); + } + output(out, LoginPage.getLanguage(req), new HashMap()); + return false; + } + protected String getCsrfFieldName() { return CSRF_FIELD; } diff --git a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java index 4e80123a..568c8a3a 100644 --- a/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java +++ b/src/org/cacert/gigi/pages/account/domain/DomainManagementForm.java @@ -12,7 +12,6 @@ import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; -import org.cacert.gigi.pages.Page; public class DomainManagementForm extends Form { @@ -29,20 +28,15 @@ public class DomainManagementForm extends Form { } @Override - public boolean submit(PrintWriter out, HttpServletRequest req) { - try { - String dels = req.getParameter("delete"); + public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException { + String dels = req.getParameter("delete"); - int delId = Integer.parseInt(dels); - Domain d = Domain.getById(delId); - if (d != null && d.getOwner() == target) { - d.delete(); - } else { - throw new GigiApiException("Domain was not found."); - } - } catch (GigiApiException e) { - e.format(out, Page.getLanguage(req)); - return false; + int delId = Integer.parseInt(dels); + Domain d = Domain.getById(delId); + if (d != null && d.getOwner() == target) { + d.delete(); + } else { + throw new GigiApiException("Domain was not found."); } return true; } diff --git a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java index 9c379218..c4b91ad0 100644 --- a/src/org/cacert/gigi/pages/account/domain/DomainOverview.java +++ b/src/org/cacert/gigi/pages/account/domain/DomainOverview.java @@ -91,7 +91,7 @@ public class DomainOverview extends Page { } } else if (req.getParameter("domdel") != null) { DomainManagementForm f = Form.getForm(req, DomainManagementForm.class); - if (f.submit(resp.getWriter(), req)) { + if (f.submitProtected(resp.getWriter(), req)) { resp.sendRedirect(PATH); } } diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java index 4d6a3879..eaf8ad28 100644 --- a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java +++ b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java @@ -29,8 +29,8 @@ public class CreateOrgPage extends Page { @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + CreateOrgForm form = Form.getForm(req, CreateOrgForm.class); try { - CreateOrgForm form = Form.getForm(req, CreateOrgForm.class); if (form.submit(resp.getWriter(), req)) { resp.sendRedirect(ViewOrgPage.DEFAULT_PATH + "/" + form.getResult().getId()); return; @@ -38,6 +38,7 @@ public class CreateOrgPage extends Page { } catch (GigiApiException e) { e.format(resp.getWriter(), getLanguage(req)); } + form.output(resp.getWriter(), getLanguage(req), new HashMap()); } @Override diff --git a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java index 17ad0707..98f76353 100644 --- a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java +++ b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java @@ -9,7 +9,6 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; @@ -40,41 +39,37 @@ public class ViewOrgPage extends Page { @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { - try { - User u = LoginPage.getUser(req); - if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) { - AffiliationForm form = Form.getForm(req, AffiliationForm.class); - if (form.submit(resp.getWriter(), req)) { + User u = LoginPage.getUser(req); + if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) { + AffiliationForm form = Form.getForm(req, AffiliationForm.class); + if (form.submitProtected(resp.getWriter(), req)) { + resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId()); + } + return; + } else { + if ( !u.isInGroup(CreateOrgPage.ORG_ASSURER)) { + resp.sendError(403, "Access denied"); + return; + } + + if (req.getParameter("addDomain") != null) { + OrgDomainAddForm form = Form.getForm(req, OrgDomainAddForm.class); + if (form.submitProtected(resp.getWriter(), req)) { resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId()); } - return; - } else { - if ( !u.isInGroup(CreateOrgPage.ORG_ASSURER)) { - resp.sendError(403, "Access denied"); - return; + } else if (req.getParameter("delete") != null) { + DomainManagementForm form = Form.getForm(req, DomainManagementForm.class); + if (form.submitProtected(resp.getWriter(), req)) { + resp.sendRedirect(DEFAULT_PATH + "/" + form.getTarget().getId()); } - - if (req.getParameter("addDomain") != null) { - OrgDomainAddForm form = Form.getForm(req, OrgDomainAddForm.class); - if (form.submit(resp.getWriter(), req)) { - resp.sendRedirect(DEFAULT_PATH + "/" + form.getOrganisation().getId()); - } - } else if (req.getParameter("delete") != null) { - DomainManagementForm form = Form.getForm(req, DomainManagementForm.class); - if (form.submit(resp.getWriter(), req)) { - resp.sendRedirect(DEFAULT_PATH + "/" + form.getTarget().getId()); - } - } else { - CreateOrgForm form = Form.getForm(req, CreateOrgForm.class); - if (form.submit(resp.getWriter(), req)) { - resp.sendRedirect(DEFAULT_PATH + "/" + form.getResult().getId()); - } + } else { + CreateOrgForm form = Form.getForm(req, CreateOrgForm.class); + if (form.submitProtected(resp.getWriter(), req)) { + resp.sendRedirect(DEFAULT_PATH + "/" + form.getResult().getId()); } } - - } catch (GigiApiException e) { - e.format(resp.getWriter(), getLanguage(req)); } + } @Override -- 2.39.2