<fmt:message key="groupchat.admins.title"/>

<%@ page contentType="text/html; charset=UTF-8" %> <%-- - - Copyright (C) 2004-2008 Jive Software, 2017-2025 Ignite Realtime Foundation. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page import="org.jivesoftware.util.*, org.jivesoftware.openfire.group.Group, org.jivesoftware.openfire.group.GroupJID, java.util.*, org.xmpp.packet.*, org.jivesoftware.openfire.muc.MultiUserChatService" errorPage="error.jsp" %> <%@ page import="java.net.URLEncoder" %> <%@ page import="java.net.URLDecoder" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%> <%@ taglib prefix="admin" uri="admin" %> <% webManager.init(request, response, session, application, out ); %> <% // Get parameters String userJID = ParamUtils.getParameter(request,"userJID"); String[] groupNames = ParamUtils.getParameters(request, "groupNames"); boolean add = request.getParameter("add") != null; boolean passwordPolicy = request.getParameter("passwordPolicy") != null; boolean delete = ParamUtils.getBooleanParameter(request,"delete"); boolean requirePassword = ParamUtils.getBooleanParameter(request,"requirePassword"); String mucname = ParamUtils.getParameter(request,"mucname"); if (!webManager.getMultiUserChatManager().isServiceRegistered(mucname)) { // The requested service name does not exist so return to the list of the existing rooms response.sendRedirect("muc-service-summary.jsp"); return; } // Get muc server MultiUserChatService mucService = webManager.getMultiUserChatManager().getMultiUserChatService(mucname); // Handle a save Map errors = new HashMap<>(); Cookie csrfCookie = CookieUtils.getCookie(request, "csrf"); String csrfParam = ParamUtils.getParameter(request, "csrf"); if (add || delete || passwordPolicy) { if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) { add = false; delete = false; passwordPolicy = false; errors.put("csrf", "CSRF Failure!"); } } csrfParam = StringUtils.randomString(15); CookieUtils.setCookie(request, response, "csrf", csrfParam, -1); pageContext.setAttribute("csrf", csrfParam); List allowedJIDs = new ArrayList<>(); try { if (userJID != null && !userJID.trim().isEmpty()) { String allowedJID; // do validation; could be a group jid if (userJID.indexOf('@') == -1) { String username = JID.escapeNode(userJID); String domain = webManager.getXMPPServer().getServerInfo().getXMPPDomain(); allowedJID = username + '@' + domain; } else { String username = JID.escapeNode(userJID.substring(0, userJID.indexOf('@'))); String rest = userJID.substring(userJID.indexOf('@'), userJID.length()); allowedJID = username + rest.trim(); } allowedJIDs.add(GroupJID.fromString(allowedJID.trim()).asBareJID()); } if (groupNames != null) { // create a group JID for each group for (String groupName : groupNames) { GroupJID groupJID = new GroupJID(URLDecoder.decode(groupName, StandardCharsets.UTF_8)); allowedJIDs.add(groupJID); } } } catch (java.lang.IllegalArgumentException ex) { errors.put("userJID","userJID"); } if (errors.isEmpty()) { if (add) { mucService.addSysadmins(allowedJIDs); // Log the event webManager.logEvent("added muc sysadmin permissions for service "+mucname, null); response.sendRedirect("muc-sysadmins.jsp?addsuccess=true&mucname="+URLEncoder.encode(mucname, StandardCharsets.UTF_8)); return; } if (delete) { // Remove the user from the list of system administrators mucService.removeSysadmin(GroupJID.fromString(userJID)); // Log the event webManager.logEvent("removed muc sysadmin "+userJID+" for service "+mucname, null); // done, return response.sendRedirect("muc-sysadmins.jsp?deletesuccess=true&mucname="+URLEncoder.encode(mucname, StandardCharsets.UTF_8)); return; } if (passwordPolicy) { mucService.setPasswordRequiredForSysadminsToJoinRoom(requirePassword); // Log the event webManager.logEvent("muc sysadmins for service "+mucname + "now " + (requirePassword ? "cannot" : "can") + " join a password-protected room, without supplying the password.", null); // done, return response.sendRedirect("muc-sysadmins.jsp?success=true&mucname="+URLEncoder.encode(mucname, StandardCharsets.UTF_8)); return; } } %> <fmt:message key="groupchat.admins.title"/>

<%= StringUtils.escapeHTMLTags(mucname) %>

<% if (ParamUtils.getBooleanParameter(request, "deletesuccess")) { %> <% } else if (ParamUtils.getBooleanParameter(request, "addsuccess")) { %> <% } else if (ParamUtils.getBooleanParameter(request, "success")) { %> <% } else if (!errors.isEmpty()) { if (delete) { userJID = null; // mask group jid on error } %> <% } %>

<% if (mucService.getSysadmins().isEmpty()) { %> <% } %> <% for (JID jid : mucService.getSysadmins()) { boolean isGroup = GroupJID.isGroup(jid); String jidDisplay = isGroup ? ((GroupJID)jid).getGroupName() : jid.toString(); %> <% } %>



<% if (isGroup) { %> " alt=""/> <% } else { %> " alt=""/> <% } %> <%= StringUtils.escapeForXML(jidDisplay)%>	" onclick="return confirm('');" >