<fmt:message key="user.create.title"/>

<%@ page contentType="text/html; charset=UTF-8" %> <%-- - - Copyright (C) 2004-2008 Jive Software, 2017-2025 Ignite Realtime Foundation. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page import="org.jivesoftware.util.*, org.jivesoftware.openfire.user.*, java.net.URLEncoder, gnu.inet.encoding.Stringprep, gnu.inet.encoding.StringprepException, java.util.stream.Collectors" errorPage="error.jsp" %> <%@ page import="java.util.List"%> <%@ page import="java.util.Map"%> <%@ page import="java.util.HashMap"%> <%@ page import="org.xmpp.packet.JID"%> <%@ page import="org.jivesoftware.openfire.security.SecurityAuditManager" %> <%@ page import="org.jivesoftware.openfire.admin.AdminManager" %> <%@ page import="org.jivesoftware.openfire.group.GroupNotFoundException" %> <%@ page import="org.jivesoftware.openfire.group.Group" %> <%@ page import="org.slf4j.LoggerFactory" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %> <%@ taglib prefix="admin" uri="admin" %> <% webManager.init(request, response, session, application, out ); %> <% // Get parameters // boolean another = request.getParameter("another") != null; boolean create = another || request.getParameter("create") != null; boolean cancel = request.getParameter("cancel") != null; String username = ParamUtils.getParameter(request,"username"); String name = ParamUtils.getParameter(request,"name"); String email = ParamUtils.getParameter(request,"email"); String password = ParamUtils.getParameter(request,"password"); String passwordConfirm = ParamUtils.getParameter(request,"passwordConfirm"); boolean isAdmin = ParamUtils.getBooleanParameter(request,"isadmin"); String group = ParamUtils.getParameter(request,"group"); Cookie csrfCookie = CookieUtils.getCookie(request, "csrf"); String csrfParam = ParamUtils.getParameter(request, "csrf"); Map errors = new HashMap<>(); if (create) { if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) { create = false; errors.put("csrf", "CSRF Failure!"); } } csrfParam = StringUtils.randomString(15); CookieUtils.setCookie(request, response, "csrf", csrfParam, -1); pageContext.setAttribute("csrf", csrfParam); // Handle a cancel if (cancel) { response.sendRedirect("user-summary.jsp"); return; } List groupNames = webManager.getGroupManager().getGroups() .stream() .map(Group::getName) .collect(Collectors.toList()); // Handle a request to create a user: if (create) { // Validate if (username == null) { errors.put("username",""); } else { try { username = username.trim().toLowerCase(); username = JID.escapeNode(username); username = Stringprep.nodeprep(username); } catch (StringprepException se) { errors.put("username", ""); } } // Trim the password. This means we don't accept spaces as passwords. We don't // trim the passwordConfirm as well since not trimming will ensure the user doesn't // think space is an ok password character. if (password == null || password.trim().isEmpty()) { errors.put("password",""); } if (passwordConfirm == null) { errors.put("passwordConfirm",""); } if (password != null && passwordConfirm != null && !password.equals(passwordConfirm)) { errors.put("passwordMatch",""); } // If provider requires email, validate if (UserManager.getUserProvider().isEmailRequired()) { if (!StringUtils.isValidEmailAddress(email)) { errors.put("email",""); } } // If provider requires name, validate if (UserManager.getUserProvider().isNameRequired()) { if (name == null || name.isEmpty()) { errors.put("name",""); } } //If a group name is entered and there is no matching group, add an error if (group != null && !group.trim().isEmpty()){ if (!groupNames.contains(group)) { errors.put("groupNotFound",""); } } // do a create if there were no errors if (errors.isEmpty()) { try { User newUser = webManager.getUserManager().createUser(username, password, name, email); if (!AdminManager.getAdminProvider().isReadOnly()) { boolean isCurrentAdmin = AdminManager.getInstance().isUserAdmin(newUser.getUsername(), false); if (isCurrentAdmin && !isAdmin) { AdminManager.getInstance().removeAdminAccount(newUser.getUsername()); } else if (!isCurrentAdmin && isAdmin) { AdminManager.getInstance().addAdminAccount(newUser.getUsername()); } } if (!SecurityAuditManager.getSecurityAuditProvider().blockUserEvents()) { // Log the event webManager.logEvent("created new user "+username, "name = "+name+", email = "+email+", admin = "+isAdmin); } if (group != null && !group.trim().isEmpty()){ webManager.getGroupManager().getGroup(group).getMembers().add(webManager.getXMPPServer().createJID(username, null)); } if (!SecurityAuditManager.getSecurityAuditProvider().blockGroupEvents()) { // Log the event webManager.logEvent("added group member to " + group, "username = " + username); } // Successful, so redirect if (another) { response.sendRedirect("user-create.jsp?success=true"); } else { response.sendRedirect("user-properties.jsp?success=true&username=" + URLEncoder.encode(newUser.getUsername(), StandardCharsets.UTF_8)); } return; } catch (UserAlreadyExistsException e) { errors.put("usernameAlreadyExists",""); } catch (Exception e) { errors.put("general",""); LoggerFactory.getLogger("user-create.jsp").error("Unexpected error while creating user '{}' in admin console.", username, e); } } } pageContext.setAttribute("errors", errors); pageContext.setAttribute("groupNames", groupNames); pageContext.setAttribute("success", request.getParameter("success") != null); %> <fmt:message key="user.create.title"/> <% if (UserManager.getUserProvider().isReadOnly()) { %>

<% } %>

<%----%> <%----%> : ()

<% if (!AdminManager.getAdminProvider().isReadOnly()) { %> <% } %>

: *
: <%= UserManager.getUserProvider().isNameRequired() ? "*" : "" %>
: <%= UserManager.getUserProvider().isEmailRequired() ? "*" : "" %>
: *
: *
	()
:
"> "> ">

<% // Disable the form if a read-only user provider. if (UserManager.getUserProvider().isReadOnly()) { %> <% } %>