Commit 67ca571e authored by Stephane Glondu's avatar Stephane Glondu

Check that cookies are not blocked on ballot submission

parent 0df0ab16
Pipeline #77548 passed with stages
in 16 minutes and 20 seconds
......@@ -92,6 +92,7 @@ let election_vote = create ~path:(Path ["vote.html"]) ~meth:(Get unit) ()
let election_cast = create ~path:(Path ["election"; "cast"]) ~meth:(Get (uuid "uuid")) ()
let election_submit_ballot = create ~path:(Path ["election"; "submit-ballot"]) ~meth:(Post (unit, string "encrypted_vote")) ()
let election_submit_ballot_file = create ~path:(Path ["election"; "submit-ballot-file"]) ~meth:(Post (unit, file "encrypted_vote")) ()
let election_submit_ballot_check = create ~path:(Path ["election"; "submit-ballot-check"]) ~meth:(Get unit) ()
let election_cast_confirm = create_attached_post ~csrf_safe:true ~fallback:election_cast ~post_params:unit ()
let election_pretty_ballots = create ~path:(Path ["elections"]) ~meth:(Get (suffix (uuid "uuid" ** suffix_const "ballots"))) ()
let election_pretty_ballot = create ~path:(Path ["elections"]) ~meth:(Get (suffix_prod (uuid "uuid" ** suffix_const "ballot") (string "hash"))) ()
......
......@@ -1377,20 +1377,8 @@ let () =
let submit_ballot ballot =
let ballot = PString.trim ballot in
let%lwt uuid =
try
let ballot = ballot_of_string Yojson.Safe.read_json ballot in
return ballot.election_uuid
with _ -> fail_http 400
in
match%lwt Web_persist.get_draft_election uuid with
| Some _ -> redir_preapply election_draft uuid ()
| None ->
let%lwt user = Web_state.get_election_user uuid in
let%lwt () = Eliom_reference.set Web_state.ballot (Some ballot) in
match user with
| None -> redir_preapply election_login ((uuid, ()), None) ()
| Some _ -> redir_preapply election_cast uuid ()
let%lwt () = Eliom_reference.set Web_state.ballot (Some ballot) in
redir_preapply election_submit_ballot_check () ()
let () =
Any.register ~service:election_submit_ballot
......@@ -1406,6 +1394,30 @@ let () =
submit_ballot ballot
)
let () =
Any.register ~service:election_submit_ballot_check
(fun () () ->
match%lwt Eliom_reference.get Web_state.ballot with
| None ->
let%lwt lang = Eliom_reference.get Web_state.language in
let module L = (val Web_i18n.get_lang lang) in
T.generic_page ~title:L.cookies_are_blocked L.please_enable_them ()
>>= Html.send
| Some ballot ->
match
try
let ballot = ballot_of_string Yojson.Safe.read_json ballot in
Some ballot.election_uuid
with _ -> None
with
| None ->
T.generic_page ~title:"Error" "Ill-formed ballot" () >>= Html.send
| Some uuid ->
match%lwt Web_persist.get_draft_election uuid with
| Some _ -> redir_preapply election_draft uuid ()
| None -> redir_preapply election_login ((uuid, ()), None) ()
)
let send_confirmation_email uuid revote user email hash =
let%lwt election = find_election uuid in
let title = election.e_params.e_name in
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment