<fmt:message key="user.roster.add.title"/>

<%@ page contentType="text/html; charset=UTF-8" %> <%-- - - Copyright (C) 2005-2008 Jive Software, 2017-2025 Ignite Realtime Foundation. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page import="org.jivesoftware.util.*, java.net.URLEncoder" errorPage="error.jsp" %> <%@ page import="java.util.Map"%> <%@ page import="java.util.HashMap"%> <%@ page import="org.xmpp.packet.JID"%> <%@ page import="org.jivesoftware.openfire.roster.Roster" %> <%@ page import="java.util.List" %> <%@ page import="java.util.ArrayList" %> <%@ page import="org.jivesoftware.openfire.user.UserAlreadyExistsException" %> <%@ page import="org.jivesoftware.openfire.SharedGroupException" %> <%@ page import="org.slf4j.LoggerFactory" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %> <%@ taglib prefix="admin" uri="admin" %> <% webManager.init(request, response, session, application, out ); %> <% // Get parameters // boolean another = request.getParameter("another") != null; boolean add = another || request.getParameter("add") != null; boolean cancel = request.getParameter("cancel") != null; String username = ParamUtils.getParameter(request, "username"); String jid = ParamUtils.getParameter(request, "jid"); String nickname = ParamUtils.getParameter(request, "nickname"); String groups = ParamUtils.getParameter(request, "groups"); Map errors = new HashMap<>(); // Handle a cancel if (cancel) { response.sendRedirect("user-roster.jsp?username=" + URLEncoder.encode(username, StandardCharsets.UTF_8)); return; } Cookie csrfCookie = CookieUtils.getCookie(request, "csrf"); String csrfParam = ParamUtils.getParameter(request, "csrf"); if (add) { if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) { add = false; errors.put("csrf", "CSRF Failure!"); } } csrfParam = StringUtils.randomString(15); CookieUtils.setCookie(request, response, "csrf", csrfParam, -1); pageContext.setAttribute("csrf", csrfParam); // Handle a request to create a user: if (add) { // do an add if there were no errors if (errors.isEmpty()) { try { // Load the user's roster object Roster roster = webManager.getRosterManager().getRoster(username); List groupList = new ArrayList<>(); if (groups != null) { for (String group : groups.split(",")) { groupList.add(group.trim()); } } // Load the roster item from the user's roster. roster.createRosterItem(new JID(jid), nickname, groupList, true, true); // Log the event webManager.logEvent("added roster item for "+username, "roster item:\njid = "+jid+"\nnickname = "+nickname+"\ngroupList = "+groupList); // Successful, so redirect if (another) { response.sendRedirect("user-roster-add.jsp?success=true&username=" + URLEncoder.encode(username, StandardCharsets.UTF_8)); } else { response.sendRedirect("user-roster.jsp?username=" + URLEncoder.encode(username, StandardCharsets.UTF_8) + "&addsuccess=true"); } return; } catch (UserAlreadyExistsException e) { errors.put("usernameAlreadyExists",""); } catch (SharedGroupException e) { errors.put("uneditableGroup",""); } catch (IllegalArgumentException e) { errors.put("illegalJID",""); } catch (Exception e) { errors.put("general",""); LoggerFactory.getLogger("user-roster-add.jsp").error("Unexpected error while adding JID '{}' to roster of user '{}' in admin console.", jid, username, e); } } } pageContext.setAttribute("errors", errors); pageContext.setAttribute("success", request.getParameter("success") != null); %> <fmt:message key="user.roster.add.title"/>

<%----%> <%----%> : ()