From fab573efe19aefb7b97621c89e527c9e872e7f00 Mon Sep 17 00:00:00 2001 From: delvh Date: Sat, 1 Aug 2020 14:57:08 +0200 Subject: [PATCH] Added logging and fixed some security concerns --- .../client/ui/settings/UserSettingsPane.java | 36 ++++++++++++++----- .../envoy/event/PasswordChangeRequest.java | 3 ++ .../src/main/java/envoy/server/Startup.java | 4 ++- .../main/java/envoy/server/data/Contact.java | 2 +- .../PasswordChangeRequestProcessor.java | 8 ++++- 5 files changed, 41 insertions(+), 12 deletions(-) diff --git a/client/src/main/java/envoy/client/ui/settings/UserSettingsPane.java b/client/src/main/java/envoy/client/ui/settings/UserSettingsPane.java index 1b5e2de..cb33fd4 100644 --- a/client/src/main/java/envoy/client/ui/settings/UserSettingsPane.java +++ b/client/src/main/java/envoy/client/ui/settings/UserSettingsPane.java @@ -4,6 +4,8 @@ import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; import java.nio.file.Files; +import java.util.Arrays; +import java.util.logging.Level; import javafx.event.EventHandler; import javafx.geometry.Pos; @@ -22,6 +24,7 @@ import envoy.client.ui.SceneContext; import envoy.data.User; import envoy.event.*; import envoy.util.Bounds; +import envoy.util.EnvoyLog; /** * Project: envoy-client
@@ -33,8 +36,8 @@ import envoy.util.Bounds; */ public class UserSettingsPane extends SettingsPane { - private boolean profilePicChanged, usernameChanged, passwordChanged, validPassword; - private byte[] currentImageBytes; + private boolean profilePicChanged, usernameChanged, validPassword; + private byte[] currentImageBytes, originalImageBytes; private String newUsername, newPassword = ""; /** @@ -52,12 +55,14 @@ public class UserSettingsPane extends SettingsPane { // TODO: display current profile pic final var profilePic = new ImageView(IconUtil.loadIcon("envoy_logo", 50)); profilePic.setCursor(Cursor.HAND); + profilePic.setFitWidth(50); + profilePic.setFitHeight(50); profilePic.setOnMouseClicked(e -> { final var pictureChooser = new FileChooser(); pictureChooser.setTitle("Select a new picture"); pictureChooser.setInitialDirectory(new File(System.getProperty("user.home"))); - pictureChooser.setSelectedExtensionFilter(new FileChooser.ExtensionFilter("Pictures", "*.png", "*.jpg", "*.bmp", "*.gif")); + pictureChooser.getExtensionFilters().add(new FileChooser.ExtensionFilter("Pictures", "*.png", "*.jpg", "*.bmp", "*.gif")); final var file = pictureChooser.showOpenDialog(sceneContext.getStage()); @@ -134,25 +139,38 @@ public class UserSettingsPane extends SettingsPane { * @since Envoy Client v0.2-beta */ private void save(long userID, String oldPassword) { - final var eventbus = EventBus.getInstance(); + final var eventBus = EventBus.getInstance(); + final var logger = EnvoyLog.getLogger(UserSettingsPane.class); // The profile pic was changed - if (profilePicChanged) eventbus.dispatch(new SendEvent(new ProfilePicChange(currentImageBytes, userID))); + if (profilePicChanged && !Arrays.equals(currentImageBytes, originalImageBytes)) { + final var profilePicChangeEvent = new ProfilePicChange(currentImageBytes, userID); + eventBus.dispatch(profilePicChangeEvent); + eventBus.dispatch(new SendEvent(profilePicChangeEvent)); + logger.log(Level.INFO, "The user just changed his profile pic."); + } // The username was changed final var validContactName = Bounds.isValidContactName(newUsername); - if (usernameChanged && validContactName) eventbus.dispatch(new SendEvent(new NameChange(userID, newUsername))); - else if (!validContactName) { + if (usernameChanged && validContactName) { + final var nameChangeEvent = new NameChange(userID, newUsername); + eventBus.dispatch(new SendEvent(nameChangeEvent)); + eventBus.dispatch(nameChangeEvent); + logger.log(Level.INFO, "The user just changed his name to " + newUsername + "."); + } else if (!validContactName) { final var alert = new Alert(AlertType.ERROR); alert.setTitle("Invalid username"); alert.setContentText("The entered username does not conform with the naming limitations: " + Bounds.CONTACT_NAME_PATTERN); alert.showAndWait(); + logger.log(Level.INFO, "An invalid username was requested."); return; } // The password was changed - if (passwordChanged && validPassword) eventbus.dispatch(new SendEvent(new PasswordChangeRequest(newPassword, oldPassword, userID))); - else if (!(validPassword || newPassword.isBlank())) { + if (validPassword) { + eventBus.dispatch(new SendEvent(new PasswordChangeRequest(newPassword, oldPassword, userID))); + logger.log(Level.INFO, "The user just tried to change his password!"); + } else if (!(validPassword || newPassword.isBlank())) { final var alert = new Alert(AlertType.ERROR); alert.setTitle("Unequal Password"); alert.setContentText("Repeated password is unequal to the chosen new password"); diff --git a/common/src/main/java/envoy/event/PasswordChangeRequest.java b/common/src/main/java/envoy/event/PasswordChangeRequest.java index 9b16a5d..3029df8 100644 --- a/common/src/main/java/envoy/event/PasswordChangeRequest.java +++ b/common/src/main/java/envoy/event/PasswordChangeRequest.java @@ -41,4 +41,7 @@ public class PasswordChangeRequest extends Event { * @since Envoy Common v0.2-beta */ public String getOldPassword() { return oldPassword; } + + @Override + public String toString() { return "PasswordChangeRequest[id=" + id + "]"; } } diff --git a/server/src/main/java/envoy/server/Startup.java b/server/src/main/java/envoy/server/Startup.java index bd00a66..c131fce 100755 --- a/server/src/main/java/envoy/server/Startup.java +++ b/server/src/main/java/envoy/server/Startup.java @@ -71,7 +71,9 @@ public class Startup { new UserSearchProcessor(), new ContactOperationProcessor(), new IsTypingProcessor(), - new NameChangeProcessor()))); + new NameChangeProcessor(), + new ProfilePicChangeProcessor(), + new PasswordChangeRequestProcessor()))); // Initialize the current message ID final PersistenceManager persistenceManager = PersistenceManager.getInstance(); diff --git a/server/src/main/java/envoy/server/data/Contact.java b/server/src/main/java/envoy/server/data/Contact.java index 43a9983..a1e626d 100644 --- a/server/src/main/java/envoy/server/data/Contact.java +++ b/server/src/main/java/envoy/server/data/Contact.java @@ -18,7 +18,7 @@ import javax.persistence.*; */ @Entity -@Table(name = "contacts") +@Table(name = "contacts", uniqueConstraints = { @UniqueConstraint(columnNames = { "name" }) }) @Inheritance(strategy = InheritanceType.SINGLE_TABLE) public abstract class Contact { diff --git a/server/src/main/java/envoy/server/processors/PasswordChangeRequestProcessor.java b/server/src/main/java/envoy/server/processors/PasswordChangeRequestProcessor.java index 7d41c7f..84ebc7a 100644 --- a/server/src/main/java/envoy/server/processors/PasswordChangeRequestProcessor.java +++ b/server/src/main/java/envoy/server/processors/PasswordChangeRequestProcessor.java @@ -1,12 +1,14 @@ package envoy.server.processors; import java.io.IOException; +import java.util.logging.Level; import envoy.event.PasswordChangeRequest; import envoy.event.PasswordChangeResult; import envoy.server.data.PersistenceManager; import envoy.server.net.ObjectWriteProxy; import envoy.server.util.PasswordUtil; +import envoy.util.EnvoyLog; /** * Project: envoy-server-standalone
@@ -22,8 +24,12 @@ public class PasswordChangeRequestProcessor implements ObjectProcessor