Commit a5d9666c authored by Gaston Dombiak's avatar Gaston Dombiak Committed by gato

Allow to have bare JIDs inside shared groups. Missing validation of remote users. JM-210

git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@3118 b35dd754-fafc-0310-a699-88a17e54d16e
parent 80b0b21b
......@@ -14,10 +14,11 @@
java.util.*,
org.jivesoftware.messenger.group.*,
java.net.URLEncoder,
org.jivesoftware.messenger.user.UserManager,
org.jivesoftware.messenger.user.UserNotFoundException"
org.jivesoftware.messenger.user.UserManager"
errorPage="error.jsp"
%>
<%@ page import="org.jivesoftware.stringprep.Stringprep"%>
<%@ page import="org.xmpp.packet.JID"%>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
......@@ -91,10 +92,20 @@
while (tokenizer.hasMoreTokens()) {
String username = tokenizer.nextToken();
try {
UserManager.getInstance().getUser(username);
newGroup.getMembers().add(username);
if (username.indexOf('@') == -1) {
// No @ was found so assume this is a JID of a local user
username = Stringprep.nodeprep(username);
UserManager.getInstance().getUser(username);
newGroup.getMembers().add(webManager.getXMPPServer().createJID(username, null));
}
else {
// Admin entered a JID. Add the JID directly to the list of group members
newGroup.getMembers().add(new JID(username));
}
}
catch (Exception e) {
throw new IllegalArgumentException("Invalid user.", e);
}
catch (UserNotFoundException unfe) { }
}
}
// Successful, so redirect
......
......@@ -16,6 +16,10 @@
java.io.UnsupportedEncodingException,
org.jivesoftware.util.*"
%>
<%@ page import="org.xmpp.packet.JID"%>
<%@ page import="org.jivesoftware.stringprep.Stringprep"%>
<%@ page import="org.jivesoftware.messenger.user.UserManager"%>
<%@ page import="org.jivesoftware.messenger.user.UserNotFoundException"%>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c"%>
<%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
......@@ -99,9 +103,9 @@
if (update) {
Set adminIDSet = new HashSet();
Set<JID> adminIDSet = new HashSet<JID>();
for (int i = 0; i < adminIDs.length; i++) {
String newAdmin = adminIDs[i];
JID newAdmin = new JID(adminIDs[i]);
adminIDSet.add(newAdmin);
boolean isAlreadyAdmin = group.getAdmins().contains(newAdmin);
if (!isAlreadyAdmin) {
......@@ -109,17 +113,17 @@
group.getAdmins().add(newAdmin);
}
}
Iterator groupIter = Collections.unmodifiableCollection(group.getAdmins()).iterator();
Set removeList = new HashSet();
Iterator<JID> groupIter = Collections.unmodifiableCollection(group.getAdmins()).iterator();
Set<JID> removeList = new HashSet<JID>();
while (groupIter.hasNext()) {
String m = (String) groupIter.next();
JID m = (JID) groupIter.next();
if (!adminIDSet.contains(m)) {
removeList.add(m);
}
}
Iterator i = removeList.iterator();
Iterator<JID> i = removeList.iterator();
while (i.hasNext()) {
String m = (String) i.next();
JID m = (JID) i.next();
group.getMembers().add(m);
}
// Get admin list and compare it the admin posted list.
......@@ -135,21 +139,33 @@
username = username.toLowerCase();
// Add to group as member by default.
if (!group.getMembers().contains(username) && !group.getAdmins().contains(username)) {
// Ensure that the user is valid
try {
group.getMembers().add(username);
try {
boolean added = false;
if (username.indexOf('@') == -1) {
// No @ was found so assume this is a JID of a local user
username = Stringprep.nodeprep(username);
UserManager.getInstance().getUser(username);
added = group.getMembers().add(webManager.getXMPPServer().createJID(username, null));
}
else {
// Admin entered a JID. Add the JID directly to the list of group members
added = group.getMembers().add(new JID(username));
}
if (added) {
count++;
}
catch (IllegalArgumentException unfe) {
else {
errorBuf.append("<br>").append(
LocaleUtils.getLocalizedString("group.edit.inexistent_user",
LocaleUtils.getLocalizedString("group.edit.already_user",
JiveGlobals.getLocale(), Arrays.asList(username)));
}
}
else {
catch (Exception e) {
Log.debug("Problem adding new user to existing group", e);
errorBuf.append("<br>").append(
LocaleUtils.getLocalizedString("group.edit.already_user",
LocaleUtils.getLocalizedString("group.edit.inexistent_user",
JiveGlobals.getLocale(), Arrays.asList(username)));
}
}
......@@ -169,7 +185,7 @@
}
else if (delete) {
for (int i = 0; i < deleteMembers.length; i++) {
String member = deleteMembers[i];
JID member = new JID(deleteMembers[i]);
group.getMembers().remove(member);
group.getAdmins().remove(member);
}
......@@ -455,8 +471,8 @@
<!-- Add admins first -->
<%
int memberCount = group.getMembers().size() + group.getAdmins().size();
Iterator members = group.getMembers().iterator();
Iterator admins = group.getAdmins().iterator();
Iterator<JID> members = group.getMembers().iterator();
Iterator<JID> admins = group.getAdmins().iterator();
%>
<%
if (memberCount == 0) {
......@@ -475,15 +491,15 @@
<%
boolean showUpdateButtons = memberCount > 0;
while (admins.hasNext()) {
String username = (String)admins.next();
JID user = (JID)admins.next();
%>
<tr>
<td><%= username %></td>
<td><%= user %></td>
<td align="center">
<input type="checkbox" name="admin" value="<%= username %>" checked>
<input type="checkbox" name="admin" value="<%= user %>" checked>
</td>
<td align="center">
<input type="checkbox" name="delete" value="<%= username %>">
<input type="checkbox" name="delete" value="<%= user %>">
</td>
</tr>
<%
......@@ -491,15 +507,15 @@
%>
<%
while (members.hasNext()) {
String username = (String)members.next();
JID user = (JID)members.next();
%>
<tr>
<td><%= username %></td>
<td><%= user %></td>
<td align="center">
<input type="checkbox" name="admin" value="<%= username %>">
<input type="checkbox" name="admin" value="<%= user %>">
</td>
<td align="center">
<input type="checkbox" name="delete" value="<%= username %>">
<input type="checkbox" name="delete" value="<%= user %>">
</td>
</tr>
<%
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment