Commit 9ed3ba13 authored by Daniel Henninger's avatar Daniel Henninger Committed by dhenninger

[JM-1232] Made checks for vcard changes more lenient.

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@9727 b35dd754-fafc-0310-a699-88a17e54d16e
parent d52c7d70
...@@ -171,6 +171,7 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener { ...@@ -171,6 +171,7 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener {
} }
else { else {
Object ob = attrs.get(attribute).get(); Object ob = attrs.get(attribute).get();
Log.debug("LdapVCardProvider: Found attribute "+attribute+" of type: "+ob.getClass());
if(ob instanceof String) { if(ob instanceof String) {
value = (String)ob; value = (String)ob;
} else { } else {
...@@ -229,6 +230,42 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener { ...@@ -229,6 +230,42 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener {
return vcard; return vcard;
} }
/**
* Returns a merged LDAP vCard combined with a PHOTO element provided in specified vCard.
*
* @param username User whose vCard this is.
* @param mergeVCard vCard element that we are merging PHOTO element from into the LDAP vCard.
* @return vCard element after merging in PHOTO element to LDAP data.
*/
private Element getMergedVCard(String username, Element mergeVCard) {
// Un-escape username.
username = JID.unescapeNode(username);
Map<String, String> map = getLdapAttributes(username);
Log.debug("LdapVCardProvider: Retrieving LDAP mapped vcard for " + username);
Element vcard = new VCard(template).getVCard(map);
if (mergeVCard == null) {
// No vcard passed in? Hrm. Fine, return LDAP vcard.
return vcard;
}
Element photoElement = mergeVCard.element("PHOTO").createCopy();
if (photoElement == null || photoElement.element("BINVAL") == null || photoElement.element("BINVAL").getText().matches("\\s*")) {
// We were passed something null or empty, so lets just return the LDAP based vcard.
return vcard;
}
// Now we need to check that the LDAP vcard doesn't have a PHOTO element that's filled in.
if (!((vcard.element("PHOTO") == null || vcard.element("PHOTO").element("BINVAL") == null || vcard.element("PHOTO").element("BINVAL").getText().matches("\\s*")))) {
// Hrm, it does, return the original vcard;
return vcard;
}
Log.debug("LdapVCardProvider: Merging avatar element from passed vcard");
Element currentElement = vcard.element("PHOTO");
if (currentElement != null) {
vcard.remove(currentElement);
}
vcard.add(photoElement);
return vcard;
}
/** /**
* Loads the avatar element from the user's DB stored vcard. * Loads the avatar element from the user's DB stored vcard.
* *
...@@ -251,7 +288,7 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener { ...@@ -251,7 +288,7 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener {
* @param vCardElement vCard element containing the new vcard. * @param vCardElement vCard element containing the new vcard.
* @throws UnsupportedOperationException If an invalid field is changed or we are in readonly mode. * @throws UnsupportedOperationException If an invalid field is changed or we are in readonly mode.
*/ */
public void createVCard(String username, Element vCardElement) public Element createVCard(String username, Element vCardElement)
throws UnsupportedOperationException, AlreadyExistsException { throws UnsupportedOperationException, AlreadyExistsException {
throw new UnsupportedOperationException("LdapVCardProvider: VCard changes not allowed."); throw new UnsupportedOperationException("LdapVCardProvider: VCard changes not allowed.");
} }
...@@ -263,18 +300,20 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener { ...@@ -263,18 +300,20 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener {
* @param vCardElement vCard element containing the new vcard. * @param vCardElement vCard element containing the new vcard.
* @throws UnsupportedOperationException If an invalid field is changed or we are in readonly mode. * @throws UnsupportedOperationException If an invalid field is changed or we are in readonly mode.
*/ */
public void updateVCard(String username, Element vCardElement) throws UnsupportedOperationException { public Element updateVCard(String username, Element vCardElement) throws UnsupportedOperationException {
if (dbStorageEnabled && defaultProvider != null) { if (dbStorageEnabled && defaultProvider != null) {
if (isValidVCardChange(username, vCardElement)) { if (isValidVCardChange(username, vCardElement)) {
Element mergedVCard = getMergedVCard(username, vCardElement);
try { try {
defaultProvider.updateVCard(username, vCardElement); defaultProvider.updateVCard(username, mergedVCard);
} catch (NotFoundException e) { } catch (NotFoundException e) {
try { try {
defaultProvider.createVCard(username, vCardElement); defaultProvider.createVCard(username, mergedVCard);
} catch (AlreadyExistsException e1) { } catch (AlreadyExistsException e1) {
// Ignore // Ignore
} }
} }
return mergedVCard;
} }
else { else {
throw new UnsupportedOperationException("LdapVCardProvider: Invalid vcard changes."); throw new UnsupportedOperationException("LdapVCardProvider: Invalid vcard changes.");
...@@ -295,206 +334,66 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener { ...@@ -295,206 +334,66 @@ public class LdapVCardProvider implements VCardProvider, PropertyEventListener {
throw new UnsupportedOperationException("LdapVCardProvider: Attempted to delete vcard in read-only mode."); throw new UnsupportedOperationException("LdapVCardProvider: Attempted to delete vcard in read-only mode.");
} }
/**
* Simple helper function to check if an element is empty (null or contains whitespace)
*
* @param elem element to check.
* @return True if the string is null or all whitespace/empty.
*/
private Boolean isEmptyElement(Element elem) {
if (elem == null) return true;
return elem.getText().matches("\\s*");
}
/**
* Compares two tree paths for equal contents.
*
* @param path Path to compare, separate pieces of path as elements in array
* @param firstElem First element to compare
* @param secondElem Second element to compare
* @return True or false if the path contents are different
*/
private Boolean isPathEqual(List<String> path, Element firstElem, Element secondElem) {
Element currentA = firstElem;
Element currentB = secondElem;
for (String node : path) {
if (currentA.element(node) != null && currentB.element(node) != null) {
currentA = currentA.element(node);
currentB = currentB.element(node);
}
else {
// Don't have the node in both trees, they are "equal".
return true;
}
}
// Current A and current B are pointing to the same equivalent node now
if (!isEmptyElement(currentA) && !isEmptyElement(currentB)) {
// Both not empty, lets compare
return currentA.getText().equals(currentB.getText());
}
else if (isEmptyElement(currentA) && isEmptyElement(currentB)) {
// Both empty, no problem, no change
return true;
}
else {
// Hrm, one empty, one not, that's not the same. ;)
return false;
}
}
/** /**
* Returns true or false if the change to the existing vcard is valid (only to PHOTO element) * Returns true or false if the change to the existing vcard is valid (only to PHOTO element)
* *
* @param username User who's LDAP-based vcard we will compare with. * @param username User who's LDAP-based vcard we will compare with.
* @param othervCard Other vCard Element we will compare against. * @param newvCard New vCard Element we will compare against.
* @return True or false if the changes made were valid (only to PHOTO element) * @return True or false if the changes made were valid (only to PHOTO element)
*/ */
private Boolean isValidVCardChange(String username, Element othervCard) { private Boolean isValidVCardChange(String username, Element newvCard) {
if (othervCard == null) { if (newvCard == null) {
// Well if there's nothing to change, of course it's valid. // Well if there's nothing to change, of course it's valid.
Log.debug("LdapVCardProvider: No new vcard provided (no changes), accepting.");
return true; return true;
} }
// Un-escape username. // Un-escape username.
username = JID.unescapeNode(username); username = JID.unescapeNode(username);
Map<String, String> map = getLdapAttributes(username); Map<String, String> map = getLdapAttributes(username);
// Retrieve LDAP created vcard for comparison // Retrieve LDAP created vcard for comparison
Element vcard = new VCard(template).getVCard(map); Element ldapvCard = new VCard(template).getVCard(map);
if (vcard == null) { if (ldapvCard == null) {
// This person has no vcard at all, may not change it! // This person has no vcard at all, may not change it!
Log.debug("LdapVCardProvider: User has no LDAP vcard, nothing they can change, rejecting.");
return false; return false;
} }
// Check Name // If the LDAP vcard has a non-empty PHOTO element set, then there is literally no way this will be accepted.
if (!isPathEqual(Arrays.asList("N","GIVEN"), vcard, othervCard)) return false; Element ldapPhotoElem = ldapvCard.element("PHOTO");
// Check Email if (ldapPhotoElem != null) {
if (!isPathEqual(Arrays.asList("EMAIL","USERID"), vcard, othervCard)) return false; Element ldapBinvalElem = ldapPhotoElem.element("BINVAL");
// Check Full Name if (ldapBinvalElem != null && !ldapBinvalElem.getTextTrim().matches("\\s*")) {
if (!isPathEqual(Arrays.asList("FN"), vcard, othervCard)) return false; // LDAP is providing a valid PHOTO element, byebye!
// Check Nickname Log.debug("LdapVCardProvider: LDAP has a PHOTO element set, no way to override, rejecting.");
if (!isPathEqual(Arrays.asList("NICKNAME"), vcard, othervCard)) return false; return false;
// Check Birthday
if (!isPathEqual(Arrays.asList("BDAY"), vcard, othervCard)) return false;
// Check Photo/Avatar
// We allow this, so moving on
// Check Addresses
for (Object obja : vcard.elements("ADR")) {
Element firstelem = (Element)obja;
if (firstelem.element("HOME") != null) {
for (Object objb : othervCard.elements("ADR")) {
Element secondelem = (Element)objb;
if (secondelem.element("HOME") != null) {
// Check Home - Street Address
if (!isPathEqual(Arrays.asList("STREET"), firstelem, secondelem)) return false;
// Check Home - City
if (!isPathEqual(Arrays.asList("LOCALITY"), firstelem, secondelem)) return false;
// Check Home - State/Province
if (!isPathEqual(Arrays.asList("REGION"), firstelem, secondelem)) return false;
// Check Home - Postal Code
if (!isPathEqual(Arrays.asList("PCODE"), firstelem, secondelem)) return false;
// Check Home - Country
if (!isPathEqual(Arrays.asList("CTRY"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("WORK") != null) {
for (Object objb : othervCard.elements("ADR")) {
Element secondelem = (Element)objb;
if (secondelem.element("WORK") != null) {
// Check Business - Street Address
if (!isPathEqual(Arrays.asList("STREET"), firstelem, secondelem)) return false;
// Check business - City
if (!isPathEqual(Arrays.asList("LOCALITY"), firstelem, secondelem)) return false;
// Check Business - State/Province
if (!isPathEqual(Arrays.asList("REGION"), firstelem, secondelem)) return false;
// Check Business - Postal Code
if (!isPathEqual(Arrays.asList("PCODE"), firstelem, secondelem)) return false;
// Check Business - Country
if (!isPathEqual(Arrays.asList("CTRY"), firstelem, secondelem)) return false;
}
}
}
}
// Check Phone Numbers
for (Object obja : vcard.elements("TEL")) {
Element firstelem = (Element)obja;
if (firstelem.element("HOME") != null && firstelem.element("VOICE") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("HOME") != null && secondelem.element("VOICE") != null) {
// Check Home - Phone Number
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("HOME") != null && firstelem.element("CELL") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("HOME") != null && secondelem.element("CELL") != null) {
// Check Home - Mobile Number
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("HOME") != null && firstelem.element("FAX") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("HOME") != null && secondelem.element("FAX") != null) {
// Check Home - Fax
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("HOME") != null && firstelem.element("PAGER") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("HOME") != null && secondelem.element("PAGER") != null) {
// Check Home - Pager
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
if (firstelem.element("WORK") != null && firstelem.element("VOICE") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("WORK") != null && secondelem.element("VOICE") != null) {
// Check Business - Phone Number
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("WORK") != null && firstelem.element("CELL") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("WORK") != null && secondelem.element("CELL") != null) {
// Check Business - Mobile Number
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
}
}
else if (firstelem.element("WORK") != null && firstelem.element("FAX") != null) {
for (Object objb : othervCard.elements("TEL")) {
Element secondelem = (Element)objb;
if (secondelem.element("WORK") != null && secondelem.element("FAX") != null) {
// Check Business - Fax
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false;
}
} }
} }
else if (firstelem.element("WORK") != null && firstelem.element("PAGER") != null) { // Retrieve database vcard, if it exists
for (Object objb : othervCard.elements("TEL")) { Element dbvCard = defaultProvider.loadVCard(username);
Element secondelem = (Element)objb; if (dbvCard != null) {
if (secondelem.element("WORK") != null && secondelem.element("PAGER") != null) { Element dbPhotoElem = dbvCard.element("PHOTO");
// Check Business - Pager if (dbPhotoElem == null) {
if (!isPathEqual(Arrays.asList("NUMBER"), firstelem, secondelem)) return false; // DB has no photo, lets accept what we got.
Log.debug("LdapVCardProvider: Database has no PHOTO element, accepting update.");
return true;
} }
else {
Element newPhotoElem = newvCard.element("PHOTO");
// Note: NodeComparator never seems to consider these equal, even if they are?
if (!dbPhotoElem.asXML().equals(newPhotoElem.asXML())) {
Log.debug("LdapVCardProvider: DB photo element is:\n"+dbPhotoElem.asXML());
Log.debug("LdapVCardProvider: New photo element is:\n"+newPhotoElem.asXML());
// Photo element was changed. Ignore all other changes and accept this.
Log.debug("LdapVCardProvider: PHOTO element changed, accepting update.");
return true;
} }
} }
} }
// Check Business - Job Title // Ok, either something bad changed or nothing changed. Either way, user either:
if (!isPathEqual(Arrays.asList("TITLE"), vcard, othervCard)) return false; // 1. should not have tried to change something 'readonly'
// Check Business - Department // 2. shouldn't have bothered submitting no changes
if (!isPathEqual(Arrays.asList("ORG","ORGUNIT"), vcard, othervCard)) return false; // So we'll consider this a bad return.
// Well.. we're through the gauntlet. Guess we're good. Log.debug("LdapVCardProvider: PHOTO element didn't change, no reason to accept this, rejecting.");
return true; return false;
} }
......
...@@ -94,7 +94,7 @@ public class DefaultVCardProvider implements VCardProvider { ...@@ -94,7 +94,7 @@ public class DefaultVCardProvider implements VCardProvider {
} }
} }
public void createVCard(String username, Element vCardElement) throws AlreadyExistsException { public Element createVCard(String username, Element vCardElement) throws AlreadyExistsException {
if (loadVCard(username) != null) { if (loadVCard(username) != null) {
// The user already has a vCard // The user already has a vCard
throw new AlreadyExistsException("Username " + username + " already has a vCard"); throw new AlreadyExistsException("Username " + username + " already has a vCard");
...@@ -118,9 +118,10 @@ public class DefaultVCardProvider implements VCardProvider { ...@@ -118,9 +118,10 @@ public class DefaultVCardProvider implements VCardProvider {
try { if (con != null) { con.close(); } } try { if (con != null) { con.close(); } }
catch (Exception e) { Log.error(e); } catch (Exception e) { Log.error(e); }
} }
return vCardElement;
} }
public void updateVCard(String username, Element vCardElement) throws NotFoundException { public Element updateVCard(String username, Element vCardElement) throws NotFoundException {
if (loadVCard(username) == null) { if (loadVCard(username) == null) {
// The user already has a vCard // The user already has a vCard
throw new NotFoundException("Username " + username + " does not have a vCard"); throw new NotFoundException("Username " + username + " does not have a vCard");
...@@ -143,6 +144,7 @@ public class DefaultVCardProvider implements VCardProvider { ...@@ -143,6 +144,7 @@ public class DefaultVCardProvider implements VCardProvider {
try { if (con != null) { con.close(); } } try { if (con != null) { con.close(); } }
catch (Exception e) { Log.error(e); } catch (Exception e) { Log.error(e); }
} }
return vCardElement;
} }
public void deleteVCard(String username) { public void deleteVCard(String username) {
......
...@@ -129,28 +129,31 @@ public class VCardManager extends BasicModule implements ServerFeaturesProvider ...@@ -129,28 +129,31 @@ public class VCardManager extends BasicModule implements ServerFeaturesProvider
// Only update the vCard in the database if the vCard has changed. // Only update the vCard in the database if the vCard has changed.
if (!oldVCard.equals(vCardElement)) { if (!oldVCard.equals(vCardElement)) {
try { try {
provider.updateVCard(username, vCardElement); Element newvCard = provider.updateVCard(username, vCardElement);
vcardCache.put(username, newvCard);
updated = true; updated = true;
} }
catch (NotFoundException e) { catch (NotFoundException e) {
Log.warn("Tried to update a vCard that does not exist", e); Log.warn("Tried to update a vCard that does not exist", e);
provider.createVCard(username, vCardElement); Element newvCard = provider.createVCard(username, vCardElement);
vcardCache.put(username, newvCard);
created = true; created = true;
} }
} }
} }
else { else {
try { try {
provider.createVCard(username, vCardElement); Element newvCard = provider.createVCard(username, vCardElement);
vcardCache.put(username, newvCard);
created = true; created = true;
} }
catch (AlreadyExistsException e) { catch (AlreadyExistsException e) {
Log.warn("Tried to create a vCard when one already exist", e); Log.warn("Tried to create a vCard when one already exist", e);
provider.updateVCard(username, vCardElement); Element newvCard = provider.updateVCard(username, vCardElement);
vcardCache.put(username, newvCard);
updated = true; updated = true;
} }
} }
vcardCache.put(username, vCardElement);
// Dispatch vCard events // Dispatch vCard events
if (created) { if (created) {
// Alert listeners that a new vCard has been created // Alert listeners that a new vCard has been created
...@@ -187,6 +190,7 @@ public class VCardManager extends BasicModule implements ServerFeaturesProvider ...@@ -187,6 +190,7 @@ public class VCardManager extends BasicModule implements ServerFeaturesProvider
* returned vCard will not be stored in the database. Use the returned vCard as a * returned vCard will not be stored in the database. Use the returned vCard as a
* read-only vCard. * read-only vCard.
* *
* @param username Username (not full JID) whose vCard to retrieve.
* @return the vCard of a given user. * @return the vCard of a given user.
*/ */
public Element getVCard(String username) { public Element getVCard(String username) {
......
...@@ -36,26 +36,36 @@ public interface VCardProvider { ...@@ -36,26 +36,36 @@ public interface VCardProvider {
* UnsupportedOperationException if this operation is not supported by * UnsupportedOperationException if this operation is not supported by
* the backend vcard store. * the backend vcard store.
* *
* The method is expected to return the vCard after it has had a chance
* to make any modifications to it that it needed to. In many cases, this
* may be a simple return of the passed in vCard. This change was made in 3.4.4.
*
* @param username the username. * @param username the username.
* @param vCardElement the vCard to save. * @param vCardElement the vCard to save.
* @return vCard as it is after the provider has a chance to adjust it.
* @throws AlreadyExistsException if the user already has a vCard. * @throws AlreadyExistsException if the user already has a vCard.
* @throws UnsupportedOperationException if the provider does not support the * @throws UnsupportedOperationException if the provider does not support the
* operation. * operation.
*/ */
void createVCard(String username, Element vCardElement) throws AlreadyExistsException; Element createVCard(String username, Element vCardElement) throws AlreadyExistsException;
/** /**
* Updates the user vcard in the backend store. This method should throw an * Updates the user vcard in the backend store. This method should throw an
* UnsupportedOperationException if this operation is not supported by * UnsupportedOperationException if this operation is not supported by
* the backend vcard store. * the backend vcard store.
* *
* The method is expected to return the vCard after it has had a chance
* to make any modifications to it that it needed to. In many cases, this
* may be a simple return of the passed in vCard. This change was made in 3.4.4.
*
* @param username the username. * @param username the username.
* @param vCardElement the vCard to save. * @param vCardElement the vCard to save.
* @return vCard as it is after the provider has a chance to adjust it.
* @throws NotFoundException if the vCard to update does not exist. * @throws NotFoundException if the vCard to update does not exist.
* @throws UnsupportedOperationException if the provider does not support the * @throws UnsupportedOperationException if the provider does not support the
* operation. * operation.
*/ */
void updateVCard(String username, Element vCardElement) throws NotFoundException; Element updateVCard(String username, Element vCardElement) throws NotFoundException;
/** /**
* Delets a user vcard. This method should throw an UnsupportedOperationException * Delets a user vcard. This method should throw an UnsupportedOperationException
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment