implemented editing of list credentials for admin/owner, fixed bug:

if login fails due to wrong auth, it is no longer repeated. instead, the list is disabeld
2022-04-22 18:20:03 +02:00
parent f234cded1b
commit 6abee6e977
15 changed files with 276 additions and 97 deletions
--- a/src/main/java/de/srsoftware/widerhall/web/Web.java
+++ b/src/main/java/de/srsoftware/widerhall/web/Web.java
@@ -21,6 +21,7 @@ import java.util.Map;
 import static de.srsoftware.widerhall.Constants.*;
 import static de.srsoftware.widerhall.Util.t;
 import static de.srsoftware.widerhall.data.MailingList.*;
+import static de.srsoftware.widerhall.data.User.PERMISSION_ADMIN;

 public class Web extends TemplateServlet {
    public static final String WEB_ROOT = "/web";
@@ -29,6 +30,7 @@ public class Web extends TemplateServlet {
    private static final String CSS = "css";
    private static final Logger LOG = LoggerFactory.getLogger(Web.class);
    private static final String ADMIN = "admin";
+    private static final String EDIT_LIST = "edit_list";
    private static final String INSPECT = "inspect";
    private static final String LOGIN = "login";
    private static final String LOGOUT = "logout";
@@ -48,13 +50,10 @@ public class Web extends TemplateServlet {
    private static final int PRIMARY_KEY_CONSTRAINT = 19;

    private String addList(HttpServletRequest req, HttpServletResponse resp) {
-
-        var o = req.getSession().getAttribute(USER);
-        if (!(o instanceof User user)) {
-            return redirectTo(LOGIN,resp);
-        }
+        var user = Util.getUser(req);
+        if (user == null) return redirectTo(LOGIN,resp);
        var data = new HashMap<String, Object>();
-        data.put(USER, user);
+        data.put(USER, user.safeMap());

        if (!user.hashPermission(User.PERMISSION_CREATE_LISTS)){
            data.put(ERROR,t("You are not allowed to create new mailing lists!"));
@@ -128,7 +127,7 @@ public class Web extends TemplateServlet {
        try {
            var list = MailingList.create(email, name, imapHost, imapPort, imapUser, imapPass, inbox, smtpHost, smtpPort, smtpUser, smtpPass);
            ListMember.create(list, user, ListMember.STATE_OWNER);
-            return redirectTo(INDEX, resp);
+            return redirectTo(ADMIN, resp);
        } catch (SQLException e) {
            return t("Failed to create list '{}': {}", name, e.getMessage());
        }
@@ -164,6 +163,91 @@ public class Web extends TemplateServlet {
        if (error != null) resp.sendError(400,error);
    }

+    public String editList(HttpServletRequest req, HttpServletResponse resp) {
+        var user = Util.getUser(req);
+        if (user == null) return redirectTo(LOGIN,resp);
+
+        var data = new HashMap<String, Object>();
+        data.put(USER,user.safeMap());
+
+        var list = Util.getMailingList(req);
+        data.put(LIST,list.safeMap());
+        try {
+            var allowed = user.hashPermission(PERMISSION_ADMIN) || ListMember.load(list,user).isOwner();
+            if (!allowed) return loadTemplate(ADMIN,data,resp);
+
+            var name = req.getParameter(NAME);
+            data.put(NAME, name);
+
+            var email = req.getParameter(EMAIL);
+            data.put(EMAIL, email);
+
+            var imapHost = req.getParameter(IMAP_HOST);
+            data.put(IMAP_HOST, imapHost);
+            var imapUser = req.getParameter(IMAP_USER);
+            data.put(IMAP_USER, imapUser);
+            var imapPass = req.getParameter(IMAP_PASS);
+            var inbox = req.getParameter(INBOX);
+            if (inbox == null || inbox.isBlank()) inbox = DEFAULT_INBOX;
+            data.put(INBOX, inbox);
+
+            var smtpHost = req.getParameter(SMTP_HOST);
+            data.put(SMTP_HOST, smtpHost);
+            var smtpUser = req.getParameter(SMTP_USER);
+            data.put(SMTP_USER, smtpUser);
+            var smtpPass = req.getParameter(SMTP_PASS);
+
+            Integer imapPort = 993;
+            data.put(IMAP_PORT, imapPort);
+
+            Integer smtpPort = 465;
+            data.put(SMTP_PORT, smtpPort);
+
+            if (name == null || name.isBlank() || email == null || email.isBlank()) {
+                data.put(ERROR, "List name and address are required!");
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+            if (!Util.isEmail(email)) {
+                data.put(ERROR, t("List email ({}) is not a valid email address!", email));
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+            if (imapHost == null || imapHost.isBlank() || imapUser == null || imapUser.isBlank() || imapPass == null || imapPass.isBlank()) {
+                data.put(ERROR, "IMAP credentials are required!");
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+
+            try {
+                imapPort = Integer.parseInt(req.getParameter(IMAP_PORT));
+                data.put(IMAP_PORT, imapPort);
+            } catch (NumberFormatException nfe) {
+                data.put(ERROR, t("'{}' is not a proper port number!", req.getParameter(IMAP_PORT)));
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+            if (smtpHost == null || smtpHost.isBlank() || smtpUser == null || smtpUser.isBlank() || smtpPass == null || smtpPass.isBlank()) {
+                data.put(ERROR, "SMTP credentials are required!");
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+            try {
+                smtpPort = Integer.parseInt(req.getParameter(SMTP_PORT));
+                data.put(SMTP_PORT, smtpPort);
+            } catch (NumberFormatException nfe) {
+                data.put(ERROR, t("'{}' is not a proper port number!", req.getParameter(SMTP_PORT)));
+                return loadTemplate(EDIT_LIST, data, resp);
+            }
+
+            list.update(name,email,imapHost,imapPort,imapUser,imapPass,inbox,smtpHost,smtpPort,smtpUser,smtpPass);
+            return loadTemplate(ADMIN,data,resp);
+        } catch (SQLException e) {
+            LOG.warn("Editing list {} by {} failed",list.email(),user.email(),e);
+            return t("Editing list {} by {} failed",list.email(),user.email());
+        }
+    }
+
    private SQLException getCausingException(SQLException sqle) {
        Throwable cause = sqle.getCause();
        while (cause instanceof SQLException){
@@ -230,7 +314,10 @@ public class Web extends TemplateServlet {

        if (user != null){
            if (list != null) data.put(LIST,req.getParameter(LIST));
-            //data.put(NOTES,notes);
+            switch (path){
+                case EDIT_LIST:
+                    return editList(req,resp);
+            }
            return loadTemplate(path,data,resp);
        }
        return redirectTo(LOGIN,resp);
@@ -263,6 +350,8 @@ public class Web extends TemplateServlet {
        switch (path){
            case ADD_LIST:
                return addList(req,resp);
+            case EDIT_LIST:
+                return editList(req,resp);
            case INSPECT:
                return inspect(req,resp);
            case LOGIN:
@@ -367,7 +456,7 @@ public class Web extends TemplateServlet {

        try {
            var user = User.create(email, name, pass);
-            if (firstUser) user.addPermission(User.PERMISSION_ADMIN|User.PERMISSION_CREATE_LISTS);
+            if (firstUser) user.addPermission(PERMISSION_ADMIN|User.PERMISSION_CREATE_LISTS);
            req.getSession().setAttribute("user",user);
            return redirectTo(INDEX,resp);
        } catch (SQLException e) {