Example 31 with ClientSession
use of org.jivesoftware.openfire.session.ClientSession in project Openfire by igniterealtime.
the class IQPrivacyHandler method declineDefaultList.
/**
* User has specified that there is no default list that should be used for this user.
*
* @param packet IQ packet declining default list for all sessions.
* @param from sender of the IQ packet.
* @return acknowledge of success.
*/
private IQ declineDefaultList(IQ packet, JID from) {
IQ result = IQ.createResultIQ(packet);
Element childElement = packet.getChildElement().createCopy();
result.setChildElement(childElement);
if (sessionManager.getSessionCount(from.getNode()) > 1) {
// Current default list is being used by more than one session
result.setError(PacketError.Condition.conflict);
} else {
// Get the user session
ClientSession session = sessionManager.getSession(from);
// Check if a default list was already defined
if (session.getDefaultList() != null) {
// Set the existing default list as non-default
session.getDefaultList().setDefaultList(false);
// Update the database with the new list state
provider.updatePrivacyList(from.getNode(), session.getDefaultList());
session.setDefaultList(null);
}
}
return result;
}
Also used :
Element(org.dom4j.Element)
ClientSession(org.jivesoftware.openfire.session.ClientSession)
IQ(org.xmpp.packet.IQ)
Example 32 with ClientSession
use of org.jivesoftware.openfire.session.ClientSession in project Openfire by igniterealtime.
the class IQPrivacyHandler method updateOrCreateList.
/**
* Updates an existing privacy list or creates a new one with the specified items list. The
* new list will not become the active or default list by default. The user will have to
* send another packet to set the new list as active or default.<p>
*
* Once the list was updated or created a "privacy list push" will be sent to all
* connected resources of the user.
*
* @param packet IQ packet updating or creating a new privacy list.
* @param from sender of the IQ packet.
* @param listElement the element containing the list and its items.
* @return acknowledge of success.
*/
private IQ updateOrCreateList(IQ packet, JID from, Element listElement) {
IQ result = IQ.createResultIQ(packet);
Element childElement = packet.getChildElement().createCopy();
result.setChildElement(childElement);
String listName = listElement.attributeValue("name");
PrivacyList list = manager.getPrivacyList(from.getNode(), listName);
if (list == null) {
list = manager.createPrivacyList(from.getNode(), listName, listElement);
} else {
// Update existing list
list.updateList(listElement);
provider.updatePrivacyList(from.getNode(), list);
// avoided this issue since identity is ensured.
for (ClientSession session : sessionManager.getSessions(from.getNode())) {
if (list.equals(session.getDefaultList())) {
session.setDefaultList(list);
}
if (list.equals(session.getActiveList())) {
session.setActiveList(list);
}
}
}
// Send a "privacy list push" to all connected resources
IQ pushPacket = new IQ(IQ.Type.set);
Element child = pushPacket.setChildElement("query", "jabber:iq:privacy");
child.addElement("list").addAttribute("name", list.getName());
sessionManager.userBroadcast(from.getNode(), pushPacket);
return result;
}
Also used :
Element(org.dom4j.Element)
PrivacyList(org.jivesoftware.openfire.privacy.PrivacyList)
ClientSession(org.jivesoftware.openfire.session.ClientSession)
IQ(org.xmpp.packet.IQ)
Example 33 with ClientSession
use of org.jivesoftware.openfire.session.ClientSession in project Openfire by igniterealtime.
the class IQPrivacyHandler method setActiveList.
/**
* User has specified a new active list that should be used for the current session.
*
* @param packet IQ packet setting new active list for the current session.
* @param from sender of the IQ packet.
* @param listName name of the new active list for the current session.
* @return acknowledge of success.
*/
private IQ setActiveList(IQ packet, JID from, String listName) {
IQ result = IQ.createResultIQ(packet);
Element childElement = packet.getChildElement().createCopy();
result.setChildElement(childElement);
// Get the list
PrivacyList list = manager.getPrivacyList(from.getNode(), listName);
if (list != null) {
// Get the user session
ClientSession session = sessionManager.getSession(from);
if (session != null) {
// Set the new active list for this session
session.setActiveList(list);
}
} else {
// List not found
result.setError(PacketError.Condition.item_not_found);
}
return result;
}
Also used :
Element(org.dom4j.Element)
PrivacyList(org.jivesoftware.openfire.privacy.PrivacyList)
ClientSession(org.jivesoftware.openfire.session.ClientSession)
IQ(org.xmpp.packet.IQ)
Example 34 with ClientSession
use of org.jivesoftware.openfire.session.ClientSession in project Openfire by igniterealtime.
the class IQPrivacyHandler method setDefaultList.
/**
* User has specified a new default list that should be used for all session.
*
* @param packet IQ packet setting new default list for all sessions.
* @param from sender of the IQ packet.
* @param listName name of the new default list for all sessions.
* @return acknowledge of success.
*/
private IQ setDefaultList(IQ packet, JID from, String listName) {
IQ result = IQ.createResultIQ(packet);
Element childElement = packet.getChildElement().createCopy();
result.setChildElement(childElement);
if (sessionManager.getSessionCount(from.getNode()) > 1) {
// Current default list is being used by more than one session
result.setError(PacketError.Condition.conflict);
} else {
// Get the list
PrivacyList list = manager.getPrivacyList(from.getNode(), listName);
if (list != null) {
// Get the user session
ClientSession session = sessionManager.getSession(from);
PrivacyList oldDefaultList = session.getDefaultList();
manager.changeDefaultList(from.getNode(), list, oldDefaultList);
// Set the new default list for this session (the only existing session)
session.setDefaultList(list);
} else {
// List not found
result.setError(PacketError.Condition.item_not_found);
}
}
return result;
}
Also used :
Element(org.dom4j.Element)
PrivacyList(org.jivesoftware.openfire.privacy.PrivacyList)
ClientSession(org.jivesoftware.openfire.session.ClientSession)
IQ(org.xmpp.packet.IQ)
Example 35 with ClientSession
use of org.jivesoftware.openfire.session.ClientSession in project Openfire by igniterealtime.
the class IQRegisterHandler method handleIQ.
@Override
public IQ handleIQ(IQ packet) throws PacketException, UnauthorizedException {
ClientSession session = sessionManager.getSession(packet.getFrom());
IQ reply = null;
// If no session was found then answer an error (if possible)
if (session == null) {
Log.error("Error during registration. Session not found in " + sessionManager.getPreAuthenticatedKeys() + " for key " + packet.getFrom());
// This error packet will probably won't make it through
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.internal_server_error);
return reply;
}
if (IQ.Type.get.equals(packet.getType())) {
// If inband registration is not allowed, return an error.
if (!registrationEnabled) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.forbidden);
} else {
reply = IQ.createResultIQ(packet);
if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
try {
User user = userManager.getUser(session.getUsername());
Element currentRegistration = probeResult.createCopy();
currentRegistration.addElement("registered");
currentRegistration.element("username").setText(user.getUsername());
currentRegistration.element("password").setText("");
currentRegistration.element("email").setText(user.getEmail() == null ? "" : user.getEmail());
currentRegistration.element("name").setText(user.getName());
Element form = currentRegistration.element(QName.get("x", "jabber:x:data"));
Iterator fields = form.elementIterator("field");
Element field;
while (fields.hasNext()) {
field = (Element) fields.next();
if ("username".equals(field.attributeValue("var"))) {
field.addElement("value").addText(user.getUsername());
} else if ("name".equals(field.attributeValue("var"))) {
field.addElement("value").addText(user.getName());
} else if ("email".equals(field.attributeValue("var"))) {
field.addElement("value").addText(user.getEmail() == null ? "" : user.getEmail());
}
}
reply.setChildElement(currentRegistration);
} catch (UserNotFoundException e) {
reply.setChildElement(probeResult.createCopy());
}
} else {
// This is a workaround. Since we don't want to have an incorrect TO attribute
// value we need to clean up the TO attribute. The TO attribute will contain an
// incorrect value since we are setting a fake JID until the user actually
// authenticates with the server.
reply.setTo((JID) null);
reply.setChildElement(probeResult.createCopy());
}
}
} else if (IQ.Type.set.equals(packet.getType())) {
try {
Element iqElement = packet.getChildElement();
if (iqElement.element("remove") != null) {
// If inband registration is not allowed, return an error.
if (!registrationEnabled) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.forbidden);
} else {
if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
User user = userManager.getUser(session.getUsername());
// Delete the user
userManager.deleteUser(user);
// Delete the roster of the user
rosterManager.deleteRoster(session.getAddress());
// Delete the user from all the Groups
GroupManager.getInstance().deleteUser(user);
reply = IQ.createResultIQ(packet);
session.process(reply);
// Take a quick nap so that the client can process the result
Thread.sleep(10);
// Close the user's connection
final StreamError error = new StreamError(StreamError.Condition.not_authorized);
for (ClientSession sess : sessionManager.getSessions(user.getUsername())) {
sess.deliverRawText(error.toXML());
sess.close();
}
// The reply has been sent so clean up the variable
reply = null;
} else {
throw new UnauthorizedException();
}
}
} else {
String username;
String password = null;
String email = null;
String name = null;
User newUser;
DataForm registrationForm;
FormField field;
Element formElement = iqElement.element("x");
// Check if a form was used to provide the registration info
if (formElement != null) {
// Get the sent form
registrationForm = new DataForm(formElement);
// Get the username sent in the form
List<String> values = registrationForm.getField("username").getValues();
username = (!values.isEmpty() ? values.get(0) : " ");
// Get the password sent in the form
field = registrationForm.getField("password");
if (field != null) {
values = field.getValues();
password = (!values.isEmpty() ? values.get(0) : " ");
}
// Get the email sent in the form
field = registrationForm.getField("email");
if (field != null) {
values = field.getValues();
email = (!values.isEmpty() ? values.get(0) : " ");
}
// Get the name sent in the form
field = registrationForm.getField("name");
if (field != null) {
values = field.getValues();
name = (!values.isEmpty() ? values.get(0) : " ");
}
} else {
// Get the registration info from the query elements
username = iqElement.elementText("username");
password = iqElement.elementText("password");
email = iqElement.elementText("email");
name = iqElement.elementText("name");
}
if (email != null && email.matches("\\s*")) {
email = null;
}
if (name != null && name.matches("\\s*")) {
name = null;
}
// stringprep validity now.
if (username != null) {
Stringprep.nodeprep(username);
}
if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
// Flag that indicates if the user is *only* changing his password
boolean onlyPassword = false;
if (iqElement.elements().size() == 2 && iqElement.element("username") != null && iqElement.element("password") != null) {
onlyPassword = true;
}
// If users are not allowed to change their password, return an error.
if (password != null && !canChangePassword) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.forbidden);
return reply;
} else // If inband registration is not allowed, return an error.
if (!onlyPassword && !registrationEnabled) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.forbidden);
return reply;
} else {
User user = userManager.getUser(session.getUsername());
if (user.getUsername().equalsIgnoreCase(username)) {
if (password != null && password.trim().length() > 0) {
user.setPassword(password);
}
if (!onlyPassword) {
user.setEmail(email);
}
newUser = user;
} else if (password != null && password.trim().length() > 0) {
// An admin can create new accounts when logged in.
newUser = userManager.createUser(username, password, null, email);
} else {
// Deny registration of users with no password
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.not_acceptable);
return reply;
}
}
} else {
// If inband registration is not allowed, return an error.
if (!registrationEnabled) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.forbidden);
return reply;
} else // information was not provided
if (password == null || password.trim().length() == 0) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.not_acceptable);
return reply;
} else {
// Create the new account
newUser = userManager.createUser(username, password, name, email);
}
}
// Set and save the extra user info (e.g. full name, etc.)
if (newUser != null && name != null && !name.equals(newUser.getName())) {
newUser.setName(name);
}
reply = IQ.createResultIQ(packet);
}
} catch (UserAlreadyExistsException e) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.conflict);
} catch (UserNotFoundException e) {
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.bad_request);
} catch (StringprepException e) {
// The specified username is not correct according to the stringprep specs
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.jid_malformed);
} catch (IllegalArgumentException e) {
// At least one of the fields passed in is not valid
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.not_acceptable);
Log.warn(e.getMessage(), e);
} catch (UnsupportedOperationException e) {
// The User provider is read-only so this operation is not allowed
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.not_allowed);
} catch (Exception e) {
// Some unexpected error happened so return an internal_server_error
reply = IQ.createResultIQ(packet);
reply.setChildElement(packet.getChildElement().createCopy());
reply.setError(PacketError.Condition.internal_server_error);
Log.error(e.getMessage(), e);
}
}
if (reply != null) {
// why is this done here instead of letting the iq handler do it?
session.process(reply);
}
return null;
}
Also used :
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
User(org.jivesoftware.openfire.user.User)
Element(org.dom4j.Element)
IQ(org.xmpp.packet.IQ)
UserAlreadyExistsException(org.jivesoftware.openfire.user.UserAlreadyExistsException)
StringprepException(gnu.inet.encoding.StringprepException)
PacketException(org.jivesoftware.openfire.PacketException)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
UserAlreadyExistsException(org.jivesoftware.openfire.user.UserAlreadyExistsException)
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
StringprepException(gnu.inet.encoding.StringprepException)
StreamError(org.xmpp.packet.StreamError)
ClientSession(org.jivesoftware.openfire.session.ClientSession)
Iterator(java.util.Iterator)
UnauthorizedException(org.jivesoftware.openfire.auth.UnauthorizedException)
DataForm(org.xmpp.forms.DataForm)
List(java.util.List)
FormField(org.xmpp.forms.FormField)
Aggregations
ClientSession (org.jivesoftware.openfire.session.ClientSession)49
JID (org.xmpp.packet.JID)15
Element (org.dom4j.Element)14
LocalClientSession (org.jivesoftware.openfire.session.LocalClientSession)14
IQ (org.xmpp.packet.IQ)12
UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)8
UnauthorizedException (org.jivesoftware.openfire.auth.UnauthorizedException)7
PrivacyList (org.jivesoftware.openfire.privacy.PrivacyList)7
StreamError (org.xmpp.packet.StreamError)7
DataForm (org.xmpp.forms.DataForm)6
FormField (org.xmpp.forms.FormField)6
Message (org.xmpp.packet.Message)6
Presence (org.xmpp.packet.Presence)6
PacketRejectedException (org.jivesoftware.openfire.interceptor.PacketRejectedException)5
StringprepException (gnu.inet.encoding.StringprepException)3
ArrayList (java.util.ArrayList)3
HashSet (java.util.HashSet)3
GroupNotFoundException (org.jivesoftware.openfire.group.GroupNotFoundException)3
SessionEntities (org.jivesoftware.openfire.plugin.rest.entity.SessionEntities)3
SQLException (java.sql.SQLException)2
