Allow JIDs from all MUC light domains in HTTP room API

Arkadiusz Gil · arkgil · commit 19fb5c61a57a · 2018-05-08T12:47:14.000+02:00
diff --git a/big_tests/tests/rest_client_SUITE.erl b/big_tests/tests/rest_client_SUITE.erl
@@ -64,7 +64,12 @@ muc_test_cases() ->
       room_is_not_created_with_jid_not_matching_hostname,
       room_can_be_fetched_by_jid,
       messages_can_be_sent_and_fetched_by_room_jid,
-      user_can_be_added_and_removed_by_room_jid
+      user_can_be_added_and_removed_by_room_jid,
+      room_cant_be_created_given_jid_in_a_non_muc_light_domain,
+      user_cant_be_invited_given_room_jid_in_a_non_muc_light_domain,
+      user_cant_be_removed_given_room_jid_in_a_non_muc_light_domain,
+      message_cant_be_sent_given_room_jid_in_a_non_muc_light_domain,
+      messages_cant_be_read_given_room_jid_in_a_non_muc_light_domain
      ].
 
 roster_test_cases() ->
@@ -83,7 +88,9 @@ init_per_suite(C) ->
     dynamic_modules:start(Host, mod_muc_light,
                           [{host, binary_to_list(MUCLightHost)},
                            {rooms_in_rosters, true}]),
-    [{muc_light_host, MUCLightHost} | escalus:init_per_suite(C1)].
+    NonMUCLightHost = <<"nonmuclight.", Host/binary>>, % register!
+    [{muc_light_host, MUCLightHost},
+     {non_muc_light_host, NonMUCLightHost} | escalus:init_per_suite(C1)].
 
 end_per_suite(Config) ->
     escalus_fresh:clean(),
@@ -387,6 +394,63 @@ user_can_be_added_and_removed_by_room_jid(Config) ->
         ?assertEqual(<<"204">>, Status)
     end).
 
+room_cant_be_created_given_jid_in_a_non_muc_light_domain(Config) ->
+    escalus:fresh_story(Config, [{alice, 1}], fun(Alice) ->
+        RoomID = <<"some_id">>,
+        RoomJID = <<RoomID/binary, "@", (?config(non_muc_light_host, Config))/binary>>,
+        Creds = credentials({alice, Alice}),
+
+        {{Status, _}, _} = create_room_with_id_request(Creds,
+                                                       <<"some_name">>,
+                                                       <<"some subject">>,
+                                                       RoomJID),
+        ?assertEqual(<<"400">>, Status)
+    end).
+
+user_cant_be_invited_given_room_jid_in_a_non_muc_light_domain(Config) ->
+    escalus:fresh_story(Config, [{alice, 1}], fun(Alice) ->
+        RoomID = given_new_room({alice, Alice}),
+        RoomJID = <<RoomID/binary, "@", (?config(non_muc_light_host, Config))/binary>>,
+        Creds = credentials({alice, Alice}),
+
+        {{Status, _}, _} =  invite_to_room({alice, Alice}, RoomJID, <<"auser@domain.com">>),
+
+        ?assertEqual(<<"400">>, Status)
+    end).
+
+user_cant_be_removed_given_room_jid_in_a_non_muc_light_domain(Config) ->
+    escalus:fresh_story(Config, [{alice, 1}, {bob, 1}], fun(Alice, Bob) ->
+        RoomID = given_new_room({alice, Alice}),
+        RoomJID = <<RoomID/binary, "@", (?config(non_muc_light_host, Config))/binary>>,
+        Creds = credentials({alice, Alice}),
+
+        {{Status, _}, _} =  remove_user_from_a_room({alice, Alice}, RoomJID, Bob),
+
+        ?assertEqual(<<"400">>, Status)
+    end).
+
+message_cant_be_sent_given_room_jid_in_a_non_muc_light_domain(Config) ->
+    escalus:fresh_story(Config, [{alice, 1}, {bob, 1}], fun(Alice, Bob) ->
+        RoomID = given_new_room({alice, Alice}),
+        RoomJID = <<RoomID/binary, "@", (?config(non_muc_light_host, Config))/binary>>,
+        Creds = credentials({alice, Alice}),
+
+        {{Status, _}, _} =  send_message_to_room({alice, Alice}, RoomJID),
+
+        ?assertEqual(<<"400">>, Status)
+    end).
+
+messages_cant_be_read_given_room_jid_in_a_non_muc_light_domain(Config) ->
+    escalus:fresh_story(Config, [{alice, 1}, {bob, 1}], fun(Alice, Bob) ->
+        RoomID = given_new_room({alice, Alice}),
+        RoomJID = <<RoomID/binary, "@", (?config(non_muc_light_host, Config))/binary>>,
+        Creds = credentials({alice, Alice}),
+
+        {{Status, _}, _} =  get_room_messages({alice, Alice}, RoomJID),
+
+        ?assertEqual(<<"400">>, Status)
+    end).
+
 assert_room_messages(RecvMsg, {_ID, _GenFrom, GenMsg}) ->
     escalus:assert(is_chat_message, [maps:get(body, RecvMsg)], GenMsg),
     ok.
@@ -413,15 +477,12 @@ wait_for_room_msg(Msg, User) ->
     Stanza = escalus:wait_for_stanza(User),
     escalus:assert(is_groupchat_message, [maps:get(body, Msg)], Stanza).
 
-given_message_sent_to_room(RoomID, Sender) ->
-    {UserJID, _} = Creds = credentials(Sender),
-    Path = <<"/rooms/", RoomID/binary, "/messages">>,
-    Body = #{body => <<"Hi all!">>},
-    {{<<"200">>, <<"OK">>}, {Result}} = rest_helper:post(client, Path, Body, Creds),
+given_message_sent_to_room(RoomID, {_, ClientOrSpec} = Sender) ->
+    Body = <<"Hi all!">>,
+    {{<<"200">>, <<"OK">>}, {Result}} = send_message_to_room(Sender, RoomID, Body),
     MsgId = proplists:get_value(<<"id">>, Result),
     true = is_binary(MsgId),
-
-    Body#{id => MsgId, from => UserJID}.
+    #{body => Body, id => MsgId, from => user_jid(ClientOrSpec)}.
 
 given_new_room_with_users(Owner, Users) ->
     RoomID = given_new_room(Owner),
@@ -501,6 +562,14 @@ get_messages(MeCreds, Other, Before, Count) ->
                              "&limit=", integer_to_list(Count)]),
     get_messages(GetPath, MeCreds).
 
+send_message_to_room(Client, RoomID) ->
+    send_message_to_room(Client, RoomID, <<"Hi all!">>).
+
+send_message_to_room(Client, RoomID, Body) ->
+    {UserJID, _} = Creds = credentials(Client),
+    Path = <<"/rooms/", RoomID/binary, "/messages">>,
+    Payload = #{body => Body},
+    rest_helper:post(client, Path, Payload, Creds).
 
 get_room_messages(Client, RoomID, Count) ->
     get_room_messages(Client, RoomID, Count, undefined).
diff --git a/doc/rest-api/Client-frontend_swagger.yml b/doc/rest-api/Client-frontend_swagger.yml
@@ -10,7 +10,7 @@ info:
      This is to ensure integration between the **REST API** users and regular **XMPP** users.
     * All requests requiring a room ID (i.e. most of the requests fired at `/room` endpoint) accept either
      a bare room ID (e.g. `656c6f656c6f`) or a room JID (e.g. `656c6f656c6f@muclight.somedomain.com`).
-     The host part of the room JID must be the host name of a MUC light service running in user's domain.
+     The host part of the room JID must be the host name of a registered MUC light service.
     * All requests require authentication.
     This is to make sure the server can identify who sent the request and if it comes from an authorized user.
     Currently the only supported method is **Basic Auth**.
diff --git a/src/ejabberd_router.erl b/src/ejabberd_router.erl
@@ -41,6 +41,7 @@
          dirty_get_all_domains/0,
          dirty_get_all_routes/1,
          dirty_get_all_domains/1,
+         dirty_get_route_handler_module/1,
          register_components/2,
          register_components/3,
          register_components/4,
@@ -374,6 +375,15 @@ all_routes(only_public) ->
     ++
     mnesia:dirty_select(external_component_global, [MatchNonHidden]).
 
+-spec dirty_get_route_handler_module(Domain :: binary()) -> {ok, module()} | error.
+dirty_get_route_handler_module(Domain) ->
+    Routes = mnesia:dirty_match_object(#route{domain = Domain, handler = '_'}),
+    case Routes of
+        [#route{handler = {packet_handler, Module, _}}] ->
+            {ok, Module};
+        _ ->
+            error
+    end.
 
 %%====================================================================
 %% gen_server callbacks
diff --git a/src/mongoose_client_api_rooms.erl b/src/mongoose_client_api_rooms.erl
@@ -41,7 +41,6 @@ allowed_methods(Req, State) ->
 
 resource_exists(Req, #{jid := #jid{lserver = Server}} = State) ->
     {RoomIDOrJID, Req2} = cowboy_req:binding(id, Req),
-    MUCLightDomain = muc_light_domain(Server),
     case RoomIDOrJID of
         undefined ->
             {Method, Req3} = cowboy_req:method(Req2),
@@ -53,8 +52,8 @@ resource_exists(Req, #{jid := #jid{lserver = Server}} = State) ->
             end;
         _ ->
             case validate_room_id(RoomIDOrJID, Server) of
-                {ok, RoomID} ->
-                    does_room_exist(RoomID, MUCLightDomain, Req2, State);
+                {ok, RoomID, RoomHost} ->
+                    does_room_exist(RoomID, RoomHost, Req2, State);
                 _ ->
                     bad_request(Req2, State)
             end
@@ -150,15 +149,29 @@ determine_role(US, Users) ->
             Role
     end.
 
--spec validate_room_id(RoomIDOrJID :: binary(), Server :: binary()) ->
-    {ok, RoomID :: binary()} | error.
-validate_room_id(RoomIDOrJID, Server) ->
-    MUCLightDomain = muc_light_domain(Server),
+-spec validate_room_id(RoomIDOrJID :: binary() | term(), Server :: binary()) ->
+    {ok, RoomID :: binary(), RoomHost :: binary()} | error.
+validate_room_id(RoomIDOrJID, Server) when is_binary(RoomIDOrJID) ->
     case jid:from_binary(RoomIDOrJID) of
         #jid{luser = <<>>, lserver = RoomID, lresource = <<>>} ->
-            {ok, RoomID};
-        #jid{luser = RoomID, lserver = MUCLightDomain, lresource = <<>>} ->
-            {ok, RoomID};
+            DefaultMucLightDomain = muc_light_domain(Server),
+            {ok, RoomID, DefaultMucLightDomain};
+        #jid{luser = RoomID, lserver = RoomHost, lresource = <<>>} ->
+            case validate_room_host(RoomHost) of
+              ok ->
+                {ok, RoomID, RoomHost};
+              error ->
+                error
+            end;
+        _ ->
+            error
+    end.
+
+-spec validate_room_host(binary()) -> ok | error.
+validate_room_host(RoomHost) ->
+    case ejabberd_router:dirty_get_route_handler_module(RoomHost) of
+        {ok, mod_muc_light} ->
+            ok;
         _ ->
             error
     end.
