use of org.jivesoftware.openfire.muc.ForbiddenException in project Openfire by igniterealtime.
the class LocalMUCRoom method addOwner.
@Override
public List<Presence> addOwner(JID jid, MUCRole sendRole) throws ForbiddenException {
final JID bareJID = jid.asBareJID();
lock.writeLock().lock();
try {
MUCRole.Affiliation oldAffiliation = MUCRole.Affiliation.none;
if (MUCRole.Affiliation.owner != sendRole.getAffiliation()) {
throw new ForbiddenException();
}
// Check if user is already an owner (explicitly)
if (owners.contains(bareJID)) {
// Do nothing
return Collections.emptyList();
}
owners.add(bareJID);
// Remove the user from other affiliation lists
if (removeAdmin(bareJID)) {
oldAffiliation = MUCRole.Affiliation.admin;
} else if (removeMember(bareJID)) {
oldAffiliation = MUCRole.Affiliation.member;
} else if (removeOutcast(bareJID)) {
oldAffiliation = MUCRole.Affiliation.outcast;
}
// Update the DB if the room is persistent
MUCPersistenceManager.saveAffiliationToDB(this, bareJID, null, MUCRole.Affiliation.owner, oldAffiliation);
} finally {
lock.writeLock().unlock();
}
// Update other cluster nodes with new affiliation
CacheFactory.doClusterTask(new AddAffiliation(this, jid.toBareJID(), MUCRole.Affiliation.owner));
// based on the group(s) of the affected user(s)
return applyAffiliationChange(getRole(), bareJID, null);
}
use of org.jivesoftware.openfire.muc.ForbiddenException in project Openfire by igniterealtime.
the class LocalMUCRoom method joinRoom.
@Override
public LocalMUCRole joinRoom(String nickname, String password, HistoryRequest historyRequest, LocalMUCUser user, Presence presence) throws UnauthorizedException, UserAlreadyExistsException, RoomLockedException, ForbiddenException, RegistrationRequiredException, ConflictException, ServiceUnavailableException, NotAcceptableException {
if (((MultiUserChatServiceImpl) mucService).getMUCDelegate() != null) {
if (!((MultiUserChatServiceImpl) mucService).getMUCDelegate().joiningRoom(this, user.getAddress())) {
// Delegate said no, reject join.
throw new UnauthorizedException();
}
}
LocalMUCRole joinRole = null;
lock.writeLock().lock();
boolean clientOnlyJoin = false;
// A "client only join" here is one where the client is already joined, but has re-joined.
try {
// If the room has a limit of max user then check if the limit has been reached
if (!canJoinRoom(user)) {
throw new ServiceUnavailableException();
}
final JID bareJID = user.getAddress().asBareJID();
boolean isOwner = owners.includes(bareJID);
// If the room is locked and this user is not an owner raise a RoomLocked exception
if (isLocked()) {
if (!isOwner) {
throw new RoomLockedException();
}
}
// Check if the nickname is already used in the room
if (occupantsByNickname.containsKey(nickname.toLowerCase())) {
List<MUCRole> occupants = occupantsByNickname.get(nickname.toLowerCase());
MUCRole occupant = occupants.size() > 0 ? occupants.get(0) : null;
if (occupant != null && !occupant.getUserAddress().toBareJID().equals(bareJID.toBareJID())) {
// Nickname is already used, and not by the same JID
throw new UserAlreadyExistsException();
}
if (occupant.getUserAddress().equals(user.getAddress())) {
// This user is already an occupant. The client thinks it isn't. (Or else this is a broken gmail).
clientOnlyJoin = true;
}
}
// Unauthorized exception
if (isPasswordProtected()) {
if (password == null || !password.equals(getPassword())) {
throw new UnauthorizedException();
}
}
// raise a ConflictException
if (members.containsValue(nickname.toLowerCase())) {
if (!nickname.toLowerCase().equals(members.get(bareJID))) {
throw new ConflictException();
}
}
if (isLoginRestrictedToNickname()) {
String reservedNickname = members.get(bareJID);
if (reservedNickname != null && !nickname.toLowerCase().equals(reservedNickname)) {
throw new NotAcceptableException();
}
}
// Set the corresponding role based on the user's affiliation
MUCRole.Role role;
MUCRole.Affiliation affiliation;
if (isOwner) {
// The user is an owner. Set the role and affiliation accordingly.
role = MUCRole.Role.moderator;
affiliation = MUCRole.Affiliation.owner;
} else if (mucService.isSysadmin(bareJID)) {
// The user is a system administrator of the MUC service. Treat him as an owner
// although he won't appear in the list of owners
role = MUCRole.Role.moderator;
affiliation = MUCRole.Affiliation.owner;
} else if (admins.includes(bareJID)) {
// The user is an admin. Set the role and affiliation accordingly.
role = MUCRole.Role.moderator;
affiliation = MUCRole.Affiliation.admin;
} else // explicit outcast status has higher precedence than member status
if (outcasts.contains(bareJID)) {
// The user is an outcast. Raise a "Forbidden" exception.
throw new ForbiddenException();
} else if (members.includesKey(bareJID)) {
// The user is a member. Set the role and affiliation accordingly.
role = MUCRole.Role.participant;
affiliation = MUCRole.Affiliation.member;
} else // this checks if the user is an outcast implicitly (via a group)
if (outcasts.includes(bareJID)) {
// The user is an outcast. Raise a "Forbidden" exception.
throw new ForbiddenException();
} else {
// The user has no affiliation (i.e. NONE). Set the role accordingly.
if (isMembersOnly()) {
// "Registration Required" exception.
throw new RegistrationRequiredException();
}
role = (isModerated() ? MUCRole.Role.visitor : MUCRole.Role.participant);
affiliation = MUCRole.Affiliation.none;
}
if (!clientOnlyJoin) {
// Create a new role for this user in this room
joinRole = new LocalMUCRole(mucService, this, nickname, role, affiliation, user, presence, router);
// Add the new user as an occupant of this room
List<MUCRole> occupants = occupantsByNickname.get(nickname.toLowerCase());
if (occupants == null) {
occupants = new ArrayList<>();
occupantsByNickname.put(nickname.toLowerCase(), occupants);
}
occupants.add(joinRole);
// Update the tables of occupants based on the bare and full JID
List<MUCRole> list = occupantsByBareJID.get(bareJID);
if (list == null) {
list = new ArrayList<>();
occupantsByBareJID.put(bareJID, list);
}
list.add(joinRole);
occupantsByFullJID.put(user.getAddress(), joinRole);
} else {
// Grab the existing one.
joinRole = (LocalMUCRole) occupantsByFullJID.get(user.getAddress());
}
} finally {
lock.writeLock().unlock();
}
// Notify other cluster nodes that a new occupant joined the room
CacheFactory.doClusterTask(new OccupantAddedEvent(this, joinRole));
// Send presence of existing occupants to new occupant
sendInitialPresences(joinRole);
// It is assumed that the room is new based on the fact that it's locked and
// that it was locked when it was created.
boolean isRoomNew = isLocked() && creationDate.getTime() == lockedTime;
try {
// Send the presence of this new occupant to existing occupants
Presence joinPresence = joinRole.getPresence().createCopy();
broadcastPresence(joinPresence, true);
} catch (Exception e) {
Log.error(LocaleUtils.getLocalizedString("admin.error"), e);
}
// confirmed" message
if (!isRoomNew && isLocked()) {
// http://xmpp.org/extensions/xep-0045.html#enter-locked
Presence presenceItemNotFound = new Presence(Presence.Type.error);
presenceItemNotFound.setError(PacketError.Condition.item_not_found);
presenceItemNotFound.setFrom(role.getRoleAddress());
joinRole.send(presenceItemNotFound);
}
if (historyRequest == null) {
Iterator<Message> history = roomHistory.getMessageHistory();
while (history.hasNext()) {
joinRole.send(history.next());
}
} else {
historyRequest.sendHistory(joinRole, roomHistory);
}
Message roomSubject = roomHistory.getChangedSubject();
if (roomSubject != null) {
joinRole.send(roomSubject);
}
if (!clientOnlyJoin) {
// Update the date when the last occupant left the room
setEmptyDate(null);
// Fire event that occupant joined the room
MUCEventDispatcher.occupantJoined(getRole().getRoleAddress(), user.getAddress(), joinRole.getNickname());
}
return joinRole;
}
use of org.jivesoftware.openfire.muc.ForbiddenException in project Openfire by igniterealtime.
the class LocalMUCRoom method addMember.
@Override
public List<Presence> addMember(JID jid, String nickname, MUCRole sendRole) throws ForbiddenException, ConflictException {
final JID bareJID = jid.asBareJID();
lock.writeLock().lock();
try {
MUCRole.Affiliation oldAffiliation = (members.containsKey(bareJID) ? MUCRole.Affiliation.member : MUCRole.Affiliation.none);
if (isMembersOnly()) {
if (!canOccupantsInvite()) {
if (MUCRole.Affiliation.admin != sendRole.getAffiliation() && MUCRole.Affiliation.owner != sendRole.getAffiliation()) {
throw new ForbiddenException();
}
}
} else {
if (MUCRole.Affiliation.admin != sendRole.getAffiliation() && MUCRole.Affiliation.owner != sendRole.getAffiliation()) {
throw new ForbiddenException();
}
}
// Check if the desired nickname is already reserved for another member
if (nickname != null && nickname.trim().length() > 0 && members.containsValue(nickname.toLowerCase())) {
if (!nickname.equals(members.get(bareJID))) {
throw new ConflictException();
}
} else if (isLoginRestrictedToNickname() && (nickname == null || nickname.trim().length() == 0)) {
throw new ConflictException();
}
// Check that the room always has an owner
if (owners.contains(bareJID) && owners.size() == 1) {
throw new ConflictException();
}
// Check if user is already an member
if (members.containsKey(bareJID)) {
// Do nothing
return Collections.emptyList();
}
// Associate the reserved nickname with the bareJID. If nickname is null then associate an
// empty string
members.put(bareJID, (nickname == null ? "" : nickname.toLowerCase()));
// Remove the user from other affiliation lists
if (removeOwner(bareJID)) {
oldAffiliation = MUCRole.Affiliation.owner;
} else if (removeAdmin(bareJID)) {
oldAffiliation = MUCRole.Affiliation.admin;
} else if (removeOutcast(bareJID)) {
oldAffiliation = MUCRole.Affiliation.outcast;
}
// Update the DB if the room is persistent
MUCPersistenceManager.saveAffiliationToDB(this, bareJID, nickname, MUCRole.Affiliation.member, oldAffiliation);
} finally {
lock.writeLock().unlock();
}
// Update other cluster nodes with new member
CacheFactory.doClusterTask(new AddMember(this, jid.toBareJID(), (nickname == null ? "" : nickname)));
// based on the group(s) of the affected user(s)
return applyAffiliationChange(getRole(), bareJID, null);
}
use of org.jivesoftware.openfire.muc.ForbiddenException in project Openfire by igniterealtime.
the class LocalMUCRoom method addAdmin.
@Override
public List<Presence> addAdmin(JID jid, MUCRole sendRole) throws ForbiddenException, ConflictException {
final JID bareJID = jid.asBareJID();
lock.writeLock().lock();
try {
MUCRole.Affiliation oldAffiliation = MUCRole.Affiliation.none;
if (MUCRole.Affiliation.owner != sendRole.getAffiliation()) {
throw new ForbiddenException();
}
// Check that the room always has an owner
if (owners.contains(bareJID) && owners.size() == 1) {
throw new ConflictException();
}
// Check if user is already an admin
if (admins.contains(bareJID)) {
// Do nothing
return Collections.emptyList();
}
admins.add(bareJID);
// Remove the user from other affiliation lists
if (removeOwner(bareJID)) {
oldAffiliation = MUCRole.Affiliation.owner;
} else if (removeMember(bareJID)) {
oldAffiliation = MUCRole.Affiliation.member;
} else if (removeOutcast(bareJID)) {
oldAffiliation = MUCRole.Affiliation.outcast;
}
// Update the DB if the room is persistent
MUCPersistenceManager.saveAffiliationToDB(this, bareJID, null, MUCRole.Affiliation.admin, oldAffiliation);
} finally {
lock.writeLock().unlock();
}
// Update other cluster nodes with new affiliation
CacheFactory.doClusterTask(new AddAffiliation(this, jid.toBareJID(), MUCRole.Affiliation.admin));
// based on the group(s) of the affected user(s)
return applyAffiliationChange(getRole(), bareJID, null);
}
use of org.jivesoftware.openfire.muc.ForbiddenException in project Openfire by igniterealtime.
the class MultiUserChatServiceImpl method processSendingInvitationMessage.
/**
* Process a room-invitation message sent by an occupant of the room.
*
* @param packet The stanza to process
* @param room The room that the stanza was addressed to.
* @param preExistingRole The role of this user in the addressed room prior to processing of this stanza, if any.
*/
private void processSendingInvitationMessage(@Nonnull final Message packet, @Nonnull final MUCRoom room, @Nonnull final MUCRole preExistingRole) {
Log.trace("Processing an invitation message from occupant '{}' to room '{}'.", packet.getFrom(), room.getName());
try {
final Element userInfo = packet.getChildElement("x", "http://jabber.org/protocol/muc#user");
// Try to keep the list of extensions sent together with the message invitation. These extensions will be sent to the invitees.
final List<Element> extensions = new ArrayList<>(packet.getElement().elements());
extensions.remove(userInfo);
// Send invitations to invitees
final Iterator<Element> it = userInfo.elementIterator("invite");
while (it.hasNext()) {
Element info = it.next();
JID jid = new JID(info.attributeValue("to"));
// Add the user as a member of the room if the room is members only
if (room.isMembersOnly()) {
room.addMember(jid, null, preExistingRole);
}
// Send the invitation to the invitee
room.sendInvitation(jid, info.elementTextTrim("reason"), preExistingRole, extensions);
}
} catch (ForbiddenException e) {
Log.debug("Rejecting invitation message from occupant '{}' in room '{}': Invitations are not allowed, or occupant is not allowed to modify the member list.", packet.getFrom(), room.getName(), e);
sendErrorPacket(packet, PacketError.Condition.forbidden, "This room disallows invitations to be sent, or you're not allowed to modify the member list of this room.");
} catch (ConflictException e) {
Log.debug("Rejecting invitation message from occupant '{}' in room '{}'.", packet.getFrom(), room.getName(), e);
// TODO Is this code reachable?
sendErrorPacket(packet, PacketError.Condition.conflict, "An unexpected exception occurred.");
} catch (CannotBeInvitedException e) {
Log.debug("Rejecting invitation message from occupant '{}' in room '{}': The user being invited does not have access to the room.", packet.getFrom(), room.getName(), e);
sendErrorPacket(packet, PacketError.Condition.not_acceptable, "The user being invited does not have access to the room.");
}
}
Aggregations