001/** 002 * 003 * Copyright 2014 Florian Schmaus. 004 * 005 * Licensed under the Apache License, Version 2.0 (the "License"); 006 * you may not use this file except in compliance with the License. 007 * You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.jivesoftware.smackx.jiveproperties; 018 019import java.util.Collection; 020import java.util.Collections; 021import java.util.Map; 022 023import org.jivesoftware.smack.packet.Stanza; 024 025import org.jivesoftware.smackx.jiveproperties.packet.JivePropertiesExtension; 026 027public class JivePropertiesManager { 028 029 private static boolean javaObjectEnabled = false; 030 031 /** 032 * Enables deserialization of Java objects embedded in the 'properties' stanza(/packet) extension. Since 033 * this is a security sensitive feature, it is disabled per default in Smack. Only enable it if 034 * you are sure that you understand the potential security implications it can cause. 035 * <p> 036 * See also: 037 * <ul> 038 * <li> <a href="http://stackoverflow.com/questions/19054460/">"What is the security impact of deserializing untrusted data in Java?" on Stackoverflow<a> 039 * <ul> 040 * @param enabled true to enable Java object deserialization 041 */ 042 public static void setJavaObjectEnabled(boolean enabled) { 043 JivePropertiesManager.javaObjectEnabled = enabled; 044 } 045 046 public static boolean isJavaObjectEnabled() { 047 return javaObjectEnabled; 048 } 049 050 /** 051 * Convenience method to add a property to a packet. 052 * 053 * @param packet the stanza(/packet) to add the property to. 054 * @param name the name of the property to add. 055 * @param value the value of the property to add. 056 */ 057 public static void addProperty(Stanza packet, String name, Object value) { 058 JivePropertiesExtension jpe = (JivePropertiesExtension) packet.getExtension(JivePropertiesExtension.NAMESPACE); 059 if (jpe == null) { 060 jpe = new JivePropertiesExtension(); 061 packet.addExtension(jpe); 062 } 063 jpe.setProperty(name, value); 064 } 065 066 /** 067 * Convenience method to get a property from a packet. Will return null if the stanza(/packet) contains 068 * not property with the given name. 069 * 070 * @param packet 071 * @param name 072 * @return the property or <tt>null</tt> if none found. 073 */ 074 public static Object getProperty(Stanza packet, String name) { 075 Object res = null; 076 JivePropertiesExtension jpe = (JivePropertiesExtension) packet.getExtension(JivePropertiesExtension.NAMESPACE); 077 if (jpe != null) { 078 res = jpe.getProperty(name); 079 } 080 return res; 081 } 082 083 /** 084 * Return a collection of the names of all properties of the given packet. If the packet 085 * contains no properties extension, then an empty collection will be returned. 086 * 087 * @param packet 088 * @return a collection of the names of all properties. 089 */ 090 public static Collection<String> getPropertiesNames(Stanza packet) { 091 JivePropertiesExtension jpe = (JivePropertiesExtension) packet.getExtension(JivePropertiesExtension.NAMESPACE); 092 if (jpe == null) { 093 return Collections.emptyList(); 094 } 095 return jpe.getPropertyNames(); 096 } 097 098 /** 099 * Return a map of all properties of the given packet. If the stanza(/packet) contains no properties 100 * extension, an empty map will be returned. 101 * 102 * @param packet 103 * @return a map of all properties of the given packet. 104 */ 105 public static Map<String, Object> getProperties(Stanza packet) { 106 JivePropertiesExtension jpe = (JivePropertiesExtension) packet.getExtension(JivePropertiesExtension.NAMESPACE); 107 if (jpe == null) { 108 return Collections.emptyMap(); 109 } 110 return jpe.getProperties(); 111 } 112}