fixed issue with incorrect identifiers

f2dcf242 · Felix Sidokhine · 99b47d05 · f2dcf242 · f2dcf242 · f2dcf242
Commit f2dcf242 authored 4 years ago by Felix Sidokhine
--- a/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeDeviceFlow.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeDeviceFlow.java
@@ -30,6 +30,7 @@ public class RevokeDeviceFlow {
                log.error("Could not find device!");
                return null;
            }
+            request.setIdentifier(device.getCertificate().getSerialNumber());
            certificateAuthority.revokeCertificate(request);
            long statTime = System.currentTimeMillis();
            while(certificateAuthority.getLatestCRL().get()

--- a/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeUserFlow.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeUserFlow.java
 package net.jami.jams.server.core.workflows;

+import lombok.extern.slf4j.Slf4j;
+import net.jami.jams.common.dao.StatementElement;
+import net.jami.jams.common.dao.StatementList;
+import net.jami.jams.common.objects.devices.Device;
+import net.jami.jams.common.objects.requests.RevocationRequest;
+import net.jami.jams.common.objects.responses.DeviceRevocationResponse;
+import net.jami.jams.common.objects.user.User;
+
+import static net.jami.jams.server.Server.certificateAuthority;
+import static net.jami.jams.server.Server.dataStore;
+
+@Slf4j
 public class RevokeUserFlow {
+
+    public static DeviceRevocationResponse revokeUser(String username, RevocationRequest request){
+        DeviceRevocationResponse response = new DeviceRevocationResponse();
+        try {
+            StatementList statementList = new StatementList();
+            StatementElement st1 = new StatementElement("username","=",username,"");
+            statementList.addStatement(st1);
+            User user = dataStore.getUserDao().getObjects(statementList).get(0);
+            if (user == null) {
+                log.error("Could not find user!");
+                return null;
+            }
+            request.setIdentifier(user.getCertificate().getSerialNumber());
+            certificateAuthority.revokeCertificate(request);
+            long statTime = System.currentTimeMillis();
+            while(certificateAuthority.getLatestCRL().get()
+                    .getRevokedCertificate(user.getCertificate().getSerialNumber()) == null){
+                log.warn("Certificate has not yet appeared in CRL!");
+                if(System.currentTimeMillis() - statTime > 1000){
+                    log.error("The certificate has not appeared within 1 second, we are considering the operation has failed");
+                    response.setSuccess(false);
+                    return response;
+                }
+            }
+            //Finally we return the successful response
+            response.setSuccess(true);
+            return response;
+        }
+        catch (Exception e){
+            log.error("An exception has occurred while trying to revoke a device with error {}", e.getMessage());
+            response.setSuccess(false);
+            response.setErrorDetails(e.getMessage());
+            return response;
+        }
+    }
 }
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java
 package net.jami.jams.server.servlets.api.admin.users;

+import com.jsoniter.output.JsonStream;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
 import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import net.jami.jams.common.objects.requests.RevocationRequest;
+import net.jami.jams.common.objects.requests.RevocationType;
+import net.jami.jams.common.objects.responses.DeviceRevocationResponse;
+import net.jami.jams.server.core.workflows.RevokeDeviceFlow;
+import net.jami.jams.server.core.workflows.RevokeUserFlow;

 import java.io.IOException;
+import java.math.BigInteger;

 @WebServlet("/api/admin/user/*")
 public class UserServlet extends HttpServlet {
@@ -32,6 +39,10 @@ public class UserServlet extends HttpServlet {
    //Revoke a user.
    @Override
    protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        super.doDelete(req, resp);
+        RevocationRequest request = new RevocationRequest();
+        request.setRevocationType(RevocationType.USER);
+        DeviceRevocationResponse devResponse = RevokeUserFlow.revokeUser(req.getParameter("username").toString(), request);
+        if(devResponse != null) resp.getOutputStream().write(JsonStream.serialize(devResponse).getBytes());
+        else resp.sendError(500,"An exception has occurred while trying to revoke a device!");
    }
 }