Commit 883e29d1 authored by guus's avatar guus

Applying Guenthers patch that will prevent illegal affiliation JIDs in MUC (OF-42)

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11471 b35dd754-fafc-0310-a699-88a17e54d16e
parent 8d184d20
...@@ -306,9 +306,22 @@ public interface MUCRoom extends Externalizable, Result { ...@@ -306,9 +306,22 @@ public interface MUCRoom extends Externalizable, Result {
* @return the list of updated presences of all the client resources that the client used to * @return the list of updated presences of all the client resources that the client used to
* join the room. * join the room.
* @throws ForbiddenException If the user is not allowed to modify the owner list. * @throws ForbiddenException If the user is not allowed to modify the owner list.
* @deprecated Replaced by {@link #addOwner(JID, MUCRole)}
*/ */
@Deprecated
public List<Presence> addOwner(String bareJID, MUCRole senderRole) throws ForbiddenException; public List<Presence> addOwner(String bareJID, MUCRole senderRole) throws ForbiddenException;
/**
* Adds a new user to the list of owners.
*
* @param jid The JID of the user to add as owner.
* @param senderRole the role of the user that is trying to modify the owners list.
* @return the list of updated presences of all the client resources that the client used to
* join the room.
* @throws ForbiddenException If the user is not allowed to modify the owner list.
*/
public List<Presence> addOwner(JID jid, MUCRole senderRole) throws ForbiddenException;
/** /**
* Adds a list of users to the list of owners. * Adds a list of users to the list of owners.
* *
...@@ -343,10 +356,25 @@ public interface MUCRoom extends Externalizable, Result { ...@@ -343,10 +356,25 @@ public interface MUCRoom extends Externalizable, Result {
* join the room. * join the room.
* @throws ForbiddenException If the user is not allowed to modify the admin list. * @throws ForbiddenException If the user is not allowed to modify the admin list.
* @throws ConflictException If the room was going to lose all its owners. * @throws ConflictException If the room was going to lose all its owners.
* @deprecated Replaced by {@link #addAdmin(JID, MUCRole)}
*/ */
@Deprecated
public List<Presence> addAdmin(String bareJID, MUCRole senderRole) throws ForbiddenException, public List<Presence> addAdmin(String bareJID, MUCRole senderRole) throws ForbiddenException,
ConflictException; ConflictException;
/**
* Adds a new user to the list of admins.
*
* @param jid The JID of the user to add as admin.
* @param senderRole The role of the user that is trying to modify the admins list.
* @return the list of updated presences of all the client resources that the client used to
* join the room.
* @throws ForbiddenException If the user is not allowed to modify the admin list.
* @throws ConflictException If the room was going to lose all its owners.
*/
public List<Presence> addAdmin(JID jid, MUCRole senderRole) throws ForbiddenException,
ConflictException;
/** /**
* Adds a new user to the list of members. * Adds a new user to the list of members.
* *
...@@ -358,10 +386,27 @@ public interface MUCRoom extends Externalizable, Result { ...@@ -358,10 +386,27 @@ public interface MUCRoom extends Externalizable, Result {
* @throws ForbiddenException If the user is not allowed to modify the members list. * @throws ForbiddenException If the user is not allowed to modify the members list.
* @throws ConflictException If the desired room nickname is already reserved for the room or if * @throws ConflictException If the desired room nickname is already reserved for the room or if
* the room was going to lose all its owners. * the room was going to lose all its owners.
* @deprecated Replaced by {@link #addMember(JID, String, MUCRole)}
*/ */
@Deprecated
public List<Presence> addMember(String bareJID, String nickname, MUCRole senderRole) public List<Presence> addMember(String bareJID, String nickname, MUCRole senderRole)
throws ForbiddenException, ConflictException; throws ForbiddenException, ConflictException;
/**
* Adds a new user to the list of members.
*
* @param jid The JID of the user to add as a member.
* @param nickname The reserved nickname of the member for the room or null if none.
* @param senderRole the role of the user that is trying to modify the members list.
* @return the list of updated presences of all the client resources that the client used to
* join the room.
* @throws ForbiddenException If the user is not allowed to modify the members list.
* @throws ConflictException If the desired room nickname is already reserved for the room or if
* the room was going to lose all its owners.
*/
public List<Presence> addMember(JID jid, String nickname, MUCRole senderRole)
throws ForbiddenException, ConflictException;
/** /**
* Adds a new user to the list of outcast users. * Adds a new user to the list of outcast users.
* *
...@@ -373,10 +418,27 @@ public interface MUCRoom extends Externalizable, Result { ...@@ -373,10 +418,27 @@ public interface MUCRoom extends Externalizable, Result {
* @throws NotAllowedException Thrown if trying to ban an owner or an administrator. * @throws NotAllowedException Thrown if trying to ban an owner or an administrator.
* @throws ForbiddenException If the user is not allowed to modify the outcast list. * @throws ForbiddenException If the user is not allowed to modify the outcast list.
* @throws ConflictException If the room was going to lose all its owners. * @throws ConflictException If the room was going to lose all its owners.
* @deprecated Replaced by {@link #addOutcast(JID, String, MUCRole)}
*/ */
@Deprecated
public List<Presence> addOutcast(String bareJID, String reason, MUCRole senderRole) public List<Presence> addOutcast(String bareJID, String reason, MUCRole senderRole)
throws NotAllowedException, ForbiddenException, ConflictException; throws NotAllowedException, ForbiddenException, ConflictException;
/**
* Adds a new user to the list of outcast users.
*
* @param jid The JID of the user to add as an outcast.
* @param reason The reason why the user was banned.
* @param senderRole The role of the user that initiated the ban.
* @return the list of updated presences of all the client resources that the client used to
* join the room.
* @throws NotAllowedException Thrown if trying to ban an owner or an administrator.
* @throws ForbiddenException If the user is not allowed to modify the outcast list.
* @throws ConflictException If the room was going to lose all its owners.
*/
public List<Presence> addOutcast(JID jid, String reason, MUCRole senderRole)
throws NotAllowedException, ForbiddenException, ConflictException;
/** /**
* Removes the user from all the other affiliation list thus giving the user a NONE affiliation. * Removes the user from all the other affiliation list thus giving the user a NONE affiliation.
* *
...@@ -386,10 +448,24 @@ public interface MUCRoom extends Externalizable, Result { ...@@ -386,10 +448,24 @@ public interface MUCRoom extends Externalizable, Result {
* join the room or null if none was updated. * join the room or null if none was updated.
* @throws ForbiddenException If the user is not allowed to modify the none list. * @throws ForbiddenException If the user is not allowed to modify the none list.
* @throws ConflictException If the room was going to lose all its owners. * @throws ConflictException If the room was going to lose all its owners.
* @deprecated Replaced by {@link #addNone(JID, MUCRole)}
*/ */
public List<Presence> addNone(String bareJID, MUCRole senderRole) throws ForbiddenException, public List<Presence> addNone(String bareJID, MUCRole senderRole) throws ForbiddenException,
ConflictException; ConflictException;
/**
* Removes the user from all the other affiliation list thus giving the user a NONE affiliation.
*
* @param jid The JID of the user to keep with a NONE affiliation.
* @param senderRole The role of the user that set the affiliation to none.
* @return the list of updated presences of all the client resources that the client used to
* join the room or null if none was updated.
* @throws ForbiddenException If the user is not allowed to modify the none list.
* @throws ConflictException If the room was going to lose all its owners.
*/
public List<Presence> addNone(JID jid, MUCRole senderRole) throws ForbiddenException,
ConflictException;
/** /**
* Changes the role of the user within the room to moderator. A moderator is allowed to kick * Changes the role of the user within the room to moderator. A moderator is allowed to kick
* occupants as well as granting/revoking voice from occupants. * occupants as well as granting/revoking voice from occupants.
......
...@@ -243,7 +243,7 @@ public class IQAdminHandler { ...@@ -243,7 +243,7 @@ public class IQAdminHandler {
} else if ("member".equals(target)) { } else if ("member".equals(target)) {
// Add the user as a member of the room based on the bare JID // Add the user as a member of the room based on the bare JID
boolean hadAffiliation = room.getAffiliation(jid.toBareJID()) != MUCRole.Affiliation.none; boolean hadAffiliation = room.getAffiliation(jid.toBareJID()) != MUCRole.Affiliation.none;
presences.addAll(room.addMember(jid.toBareJID(), nick, senderRole)); presences.addAll(room.addMember(jid, nick, senderRole));
// If the user had an affiliation don't send an invitation. Otherwise // If the user had an affiliation don't send an invitation. Otherwise
// send an invitation if the room is members-only // send an invitation if the room is members-only
if (!hadAffiliation && room.isMembersOnly()) { if (!hadAffiliation && room.isMembersOnly()) {
...@@ -251,11 +251,11 @@ public class IQAdminHandler { ...@@ -251,11 +251,11 @@ public class IQAdminHandler {
} }
} else if ("outcast".equals(target)) { } else if ("outcast".equals(target)) {
// Add the user as an outcast of the room based on the bare JID // Add the user as an outcast of the room based on the bare JID
presences.addAll(room.addOutcast(jid.toBareJID(), item.elementTextTrim("reason"), senderRole)); presences.addAll(room.addOutcast(jid, item.elementTextTrim("reason"), senderRole));
} else if ("none".equals(target)) { } else if ("none".equals(target)) {
if (hasAffiliation) { if (hasAffiliation) {
// Set that this jid has a NONE affiliation based on the bare JID // Set that this jid has a NONE affiliation based on the bare JID
presences.addAll(room.addNone(jid.toBareJID(), senderRole)); presences.addAll(room.addNone(jid, senderRole));
} else { } else {
// Kick the user from the room // Kick the user from the room
if (MUCRole.Role.moderator != senderRole.getRole()) { if (MUCRole.Role.moderator != senderRole.getRole()) {
......
...@@ -169,7 +169,7 @@ class IQMUCRegisterHandler { ...@@ -169,7 +169,7 @@ class IQMUCRegisterHandler {
if (ElementUtil.includesProperty(iq, "query.remove")) { if (ElementUtil.includesProperty(iq, "query.remove")) {
// The user is deleting his registration // The user is deleting his registration
presences.addAll(room.addNone(packet.getFrom().toBareJID(), room.getRole())); presences.addAll(room.addNone(packet.getFrom(), room.getRole()));
} }
else { else {
// The user is trying to register with a room // The user is trying to register with a room
...@@ -188,7 +188,7 @@ class IQMUCRegisterHandler { ...@@ -188,7 +188,7 @@ class IQMUCRegisterHandler {
// MUCRoom.addMember in order to receive a RegistrationInfo (new class) // MUCRoom.addMember in order to receive a RegistrationInfo (new class)
// Add the new member to the members list // Add the new member to the members list
presences.addAll(room.addMember(packet.getFrom().toBareJID(), presences.addAll(room.addMember(packet.getFrom(),
nickname, nickname,
room.getRole())); room.getRole()));
} }
......
...@@ -219,21 +219,21 @@ public class IQOwnerHandler { ...@@ -219,21 +219,21 @@ public class IQOwnerHandler {
} }
else { else {
// The client is modifying the list of owners or admins // The client is modifying the list of owners or admins
Map<String,String> jids = new HashMap<String,String>(); Map<JID,String> jids = new HashMap<JID,String>();
String nick; String nick;
// Collect the new affiliations for the specified jids // Collect the new affiliations for the specified jids
for (final Element item : itemsList) { for (final Element item : itemsList) {
try { try {
String affiliation = item.attributeValue("affiliation"); String affiliation = item.attributeValue("affiliation");
String bareJID; JID jid;
if (hasJID) { if (hasJID) {
bareJID = new JID(item.attributeValue("jid")).toBareJID(); jid = new JID(item.attributeValue("jid"));
} else { } else {
// Get the bare JID based on the requested nick // Get the bare JID based on the requested nick
nick = item.attributeValue("nick"); nick = item.attributeValue("nick");
bareJID = room.getOccupant(nick).getUserAddress().toBareJID(); jid = room.getOccupant(nick).getUserAddress();
} }
jids.put(bareJID, affiliation); jids.put(jid, affiliation);
} }
catch (UserNotFoundException e) { catch (UserNotFoundException e) {
// Do nothing // Do nothing
...@@ -255,26 +255,26 @@ public class IQOwnerHandler { ...@@ -255,26 +255,26 @@ public class IQOwnerHandler {
room.lock.readLock().unlock(); room.lock.readLock().unlock();
try { try {
for (String bareJID : jids.keySet()) { for (JID jid : jids.keySet()) {
String targetAffiliation = jids.get(bareJID); String targetAffiliation = jids.get(jid);
if ("owner".equals(targetAffiliation)) { if ("owner".equals(targetAffiliation)) {
// Add the new user as an owner of the room // Add the new user as an owner of the room
presences.addAll(room.addOwner(bareJID, senderRole)); presences.addAll(room.addOwner(jid, senderRole));
} else if ("admin".equals(targetAffiliation)) { } else if ("admin".equals(targetAffiliation)) {
// Add the new user as an admin of the room // Add the new user as an admin of the room
presences.addAll(room.addAdmin(bareJID, senderRole)); presences.addAll(room.addAdmin(jid, senderRole));
} else if ("member".equals(targetAffiliation)) { } else if ("member".equals(targetAffiliation)) {
// Add the new user as a member of the room // Add the new user as a member of the room
boolean hadAffiliation = room.getAffiliation(bareJID) != MUCRole.Affiliation.none; boolean hadAffiliation = room.getAffiliation(jid.toBareJID()) != MUCRole.Affiliation.none;
presences.addAll(room.addMember(bareJID, null, senderRole)); presences.addAll(room.addMember(jid, null, senderRole));
// If the user had an affiliation don't send an invitation. Otherwise // If the user had an affiliation don't send an invitation. Otherwise
// send an invitation if the room is members-only // send an invitation if the room is members-only
if (!hadAffiliation && room.isMembersOnly()) { if (!hadAffiliation && room.isMembersOnly()) {
room.sendInvitation(new JID(bareJID), null, senderRole, null); room.sendInvitation(jid, null, senderRole, null);
} }
} else if ("none".equals(targetAffiliation)) { } else if ("none".equals(targetAffiliation)) {
// Set that this jid has a NONE affiliation // Set that this jid has a NONE affiliation
presences.addAll(room.addNone(bareJID, senderRole)); presences.addAll(room.addNone(jid, senderRole));
} }
} }
} }
...@@ -524,7 +524,7 @@ public class IQOwnerHandler { ...@@ -524,7 +524,7 @@ public class IQOwnerHandler {
ownersToRemove.removeAll(admins); ownersToRemove.removeAll(admins);
ownersToRemove.removeAll(owners); ownersToRemove.removeAll(owners);
for (String jid : ownersToRemove) { for (String jid : ownersToRemove) {
presences.addAll(room.addMember(jid, null, senderRole)); presences.addAll(room.addMember(new JID(jid), null, senderRole));
} }
} }
...@@ -535,7 +535,7 @@ public class IQOwnerHandler { ...@@ -535,7 +535,7 @@ public class IQOwnerHandler {
adminsToRemove.removeAll(admins); adminsToRemove.removeAll(admins);
adminsToRemove.removeAll(owners); adminsToRemove.removeAll(owners);
for (String jid : adminsToRemove) { for (String jid : adminsToRemove) {
presences.addAll(room.addMember(jid, null, senderRole)); presences.addAll(room.addMember(new JID(jid), null, senderRole));
} }
} }
......
...@@ -315,15 +315,16 @@ public class LocalMUCUser implements MUCUser { ...@@ -315,15 +315,16 @@ public class LocalMUCUser implements MUCUser {
// Send invitations to invitees // Send invitations to invitees
for (Iterator it=userInfo.elementIterator("invite");it.hasNext();) { for (Iterator it=userInfo.elementIterator("invite");it.hasNext();) {
Element info = (Element) it.next(); Element info = (Element) it.next();
JID jid = new JID(info.attributeValue("to"));
// Add the user as a member of the room if the room is // Add the user as a member of the room if the room is
// members only // members only
if (room.isMembersOnly()) { if (room.isMembersOnly()) {
room.addMember(info.attributeValue("to"), null, role); room.addMember(jid, null, role);
} }
// Send the invitation to the invitee // Send the invitation to the invitee
room.sendInvitation(new JID(info.attributeValue("to")), room.sendInvitation(jid,
info.elementTextTrim("reason"), role, extensions); info.elementTextTrim("reason"), role, extensions);
} }
} }
......
...@@ -263,7 +263,7 @@ public class MUCPersistenceManager { ...@@ -263,7 +263,7 @@ public class MUCPersistenceManager {
pstmt.setLong(1, room.getID()); pstmt.setLong(1, room.getID());
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
while (rs.next()) { while (rs.next()) {
String jid = rs.getString(1); JID jid = new JID(rs.getString(1));
MUCRole.Affiliation affiliation = MUCRole.Affiliation.valueOf(rs.getInt(2)); MUCRole.Affiliation affiliation = MUCRole.Affiliation.valueOf(rs.getInt(2));
try { try {
switch (affiliation) { switch (affiliation) {
...@@ -278,7 +278,7 @@ public class MUCPersistenceManager { ...@@ -278,7 +278,7 @@ public class MUCPersistenceManager {
break; break;
default: default:
Log.error("Unkown affiliation value " + affiliation + " for user " Log.error("Unkown affiliation value " + affiliation + " for user "
+ jid + " in persistent room " + room.getID()); + jid.toBareJID() + " in persistent room " + room.getID());
} }
} }
catch (Exception e) { catch (Exception e) {
...@@ -293,7 +293,7 @@ public class MUCPersistenceManager { ...@@ -293,7 +293,7 @@ public class MUCPersistenceManager {
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
while (rs.next()) { while (rs.next()) {
try { try {
room.addMember(rs.getString(1), rs.getString(2), room.getRole()); room.addMember(new JID(rs.getString(1)), rs.getString(2), room.getRole());
} }
catch (Exception e) { catch (Exception e) {
Log.error(e.getMessage(), e); Log.error(e.getMessage(), e);
...@@ -556,7 +556,7 @@ public class MUCPersistenceManager { ...@@ -556,7 +556,7 @@ public class MUCPersistenceManager {
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
while (rs.next()) { while (rs.next()) {
long roomID = rs.getLong(1); long roomID = rs.getLong(1);
String jid = rs.getString(2); JID jid = new JID(rs.getString(2));
MUCRole.Affiliation affiliation = MUCRole.Affiliation.valueOf(rs.getInt(3)); MUCRole.Affiliation affiliation = MUCRole.Affiliation.valueOf(rs.getInt(3));
LocalMUCRoom room = rooms.get(roomID); LocalMUCRoom room = rooms.get(roomID);
// Skip to the next position if the room does not exist // Skip to the next position if the room does not exist
...@@ -596,7 +596,7 @@ public class MUCPersistenceManager { ...@@ -596,7 +596,7 @@ public class MUCPersistenceManager {
continue; continue;
} }
try { try {
room.addMember(rs.getString(2), rs.getString(3), room.getRole()); room.addMember(new JID(rs.getString(2)), rs.getString(3), room.getRole());
} }
catch (Exception e) { catch (Exception e) {
Log.error(e.getMessage(), e); Log.error(e.getMessage(), e);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment