greenlight/app/controllers/concerns/authenticator.rb

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

module Authenticator
  extend ActiveSupport::Concern

  # Logs a user into GreenLight.
  def login(user)
    migrate_twitter_user(user)

    session[:user_id] = user.id

    # If there are not terms, or the user has accepted them, check for email verification
    if !Rails.configuration.terms || user.accepted_terms
      check_email_verified(user)
    else
      redirect_to terms_path
    end
  end

  # If email verification is disabled, or the user has verified, go to their room
  def check_email_verified(user)
    # Admin users should be redirected to the admin page
    if user.has_role? :super_admin
      redirect_to admins_path
    elsif user.activated?
      # Dont redirect to any of these urls
      dont_redirect_to = [root_url, signin_url, signup_url, unauthorized_url, internal_error_url, not_found_url]
      url = if cookies[:return_to] && !dont_redirect_to.include?(cookies[:return_to])
        cookies[:return_to]
      else
        user.main_room
      end

      # Delete the cookie if it exists
      cookies.delete :return_to if cookies[:return_to]

      redirect_to url
    else
      redirect_to resend_path
    end
  end

  def ensure_unauthenticated_except_twitter
    redirect_to current_user.main_room if current_user && params[:old_twitter_user_id].nil?
  end

  # Logs current user out of GreenLight.
  def logout
    session.delete(:user_id) if current_user
  end

  private

  # Migrates all of the twitter users rooms to the new account
  def migrate_twitter_user(user)
    if !session["old_twitter_user_id"].nil? && user.provider != "twitter"
      old_user = User.find(session["old_twitter_user_id"])

      old_user.rooms.each do |room|
        room.owner = user

        room.name = "Old " + room.name if room.id == old_user.main_room.id

        room.save!
      end

      # Query for the old user again so the migrated rooms don't get deleted
      old_user.reload
      old_user.destroy!

      session["old_twitter_user_id"] = nil

      flash[:success] = I18n.t("registration.deprecated.merge_success")
    end
  end
end
adhere to rubocop guidelines 2018-06-26 10:29:46 -04:00			`# frozen_string_literal: true`

add LGPL 3.0 headers 2018-08-01 09:45:12 -04:00			`# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.`
			`#`
			`# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).`
			`#`
			`# This program is free software; you can redistribute it and/or modify it under the`
			`# terms of the GNU Lesser General Public License as published by the Free Software`
			`# Foundation; either version 3.0 of the License, or (at your option) any later`
			`# version.`
			`#`
			`# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY`
			`# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A`
			`# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Lesser General Public License along`
			`# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.`

GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`module Authenticator`
			`extend ActiveSupport::Concern`

initial commit 2018-05-07 16:06:01 -04:00			`# Logs a user into GreenLight.`
			`def login(user)`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00			`migrate_twitter_user(user)`

initial commit 2018-05-07 16:06:01 -04:00			`session[:user_id] = user.id`
add ability to configure terms and conditions 2018-06-21 16:17:18 -04:00
Fixed #267 Email verification feature (#268) * <Implemented basic welcome email upon signup> * <Added config option to enable> * <Added verification link routing> * <Added views for verify/resend and reconfigured routes> * <Finished Verification System minus Rspec changes> * <Fixed code style> * <Modified dome rspec tests> * <Switched sample env back to default> * <Added test cases to increase code coverage> * <Added test_helper> * <Minor code changes> * <Added requested changes> * <Added requested changes> * <see if this fixes migration> * <see if this fixes migration> * <fixed migrations> * Delete .rake_tasks~ * Update _confirm_button.html.erb * Update _resend_button.html.erb * Update verify_email.html.erb * Update verify_email.text.erb * <Fixed bugs> * <Added validation of verification link and fixed some code style> * <Disabled updating email for omniauth> 2018-10-09 14:22:02 -04:00			`# If there are not terms, or the user has accepted them, check for email verification`
adhere to rubocop guidelines 2018-06-26 10:29:46 -04:00			`if !Rails.configuration.terms \|\| user.accepted_terms`
Fixed #267 Email verification feature (#268) * <Implemented basic welcome email upon signup> * <Added config option to enable> * <Added verification link routing> * <Added views for verify/resend and reconfigured routes> * <Finished Verification System minus Rspec changes> * <Fixed code style> * <Modified dome rspec tests> * <Switched sample env back to default> * <Added test cases to increase code coverage> * <Added test_helper> * <Minor code changes> * <Added requested changes> * <Added requested changes> * <see if this fixes migration> * <see if this fixes migration> * <fixed migrations> * Delete .rake_tasks~ * Update _confirm_button.html.erb * Update _resend_button.html.erb * Update verify_email.html.erb * Update verify_email.text.erb * <Fixed bugs> * <Added validation of verification link and fixed some code style> * <Disabled updating email for omniauth> 2018-10-09 14:22:02 -04:00			`check_email_verified(user)`
add ability to configure terms and conditions 2018-06-21 16:17:18 -04:00			`else`
			`redirect_to terms_path`
			`end`
initial commit 2018-05-07 16:06:01 -04:00			`end`

Fixed #267 Email verification feature (#268) * <Implemented basic welcome email upon signup> * <Added config option to enable> * <Added verification link routing> * <Added views for verify/resend and reconfigured routes> * <Finished Verification System minus Rspec changes> * <Fixed code style> * <Modified dome rspec tests> * <Switched sample env back to default> * <Added test cases to increase code coverage> * <Added test_helper> * <Minor code changes> * <Added requested changes> * <Added requested changes> * <see if this fixes migration> * <see if this fixes migration> * <fixed migrations> * Delete .rake_tasks~ * Update _confirm_button.html.erb * Update _resend_button.html.erb * Update verify_email.html.erb * Update verify_email.text.erb * <Fixed bugs> * <Added validation of verification link and fixed some code style> * <Disabled updating email for omniauth> 2018-10-09 14:22:02 -04:00			`# If email verification is disabled, or the user has verified, go to their room`
			`def check_email_verified(user)`
Admin panel (#496) * Added the administrator role and functionality that comes with it (#403) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * Update user.rb * Update admins.js * GRN-15: Added the ability to change color and image from admin interface (#425) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Update user.rb * Update user.rb * Update routes.rb * Update admins_controller.rb * GRN-87:Added a super admin role and made changes to how to the design works (#430) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * Update user.rb * Update themes_controller_spec.rb * Update routes.rb * Update admins_controller.rb * Removed duplicated code that broke the build after last merge * GRN-78: Restructured some of the views to make the UI more consistent and responsive (#435) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * GRN-78: Cleaned up buttons and moved signin to its own page * GRN-78: Moved the Rooms and Recordings link to nav bar * Merge fix * Views restructure fix (#458) * Added cache to gitlab-ci.yml * Restructured seed * GRN2-99 -> GRN2-106: UI cleanup and refactoring (#478) * GRN2-98: Change Fullname to Full name * GRN2-105: Changed View Users to Manage Users * GRN2-101/103: Updated email to match branding * GRN2-100: Updated Email Sent flash to be more descriptive * GRN2-104: Redirect user to sign in page w/ flash after clicking activation link * GRN2-102: Changed the wording in the verification email * GRN2-99: Added email form validation * GRN2-106: Cleaned up Users list front end * Fixes to rake and admin password validator for passing rubocop * GRN2-113: Fixed issues with admin panel (#479) * GRN2-116: Code clean up after restructure of views (#482) * Removed unused references * Rubocop * Added pagination to admin view (#483) * GRN2-114: Added the ability for admins to ban/unban users (#487) * Added the ability for admins to ban and unban users * Update sessions_helper.rb * Merge branch 'master' into admin-panel (#492) * Updated rubocop gem * Updated rubocop and fixed issues (#490) * Rubocop fixes * GRN2-122: Updated sign in flow for admins and switch design tab to site settings (#489) * Switched design tab to site settings * Update _header with spaces instead of tabs * Added more test cases to increase coverage (#494) 2019-05-03 13:05:12 -04:00			`# Admin users should be redirected to the admin page`
			`if user.has_role? :super_admin`
			`redirect_to admins_path`
			`elsif user.activated?`
			`# Dont redirect to any of these urls`
GRN2-xx: Fixed minor issues related to deletes (#506) * Minor fixes to improve quality * Changed styling on login button 2019-05-07 14:53:29 -04:00			`dont_redirect_to = [root_url, signin_url, signup_url, unauthorized_url, internal_error_url, not_found_url]`
Admin panel (#496) * Added the administrator role and functionality that comes with it (#403) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * Update user.rb * Update admins.js * GRN-15: Added the ability to change color and image from admin interface (#425) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Update user.rb * Update user.rb * Update routes.rb * Update admins_controller.rb * GRN-87:Added a super admin role and made changes to how to the design works (#430) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * Update user.rb * Update themes_controller_spec.rb * Update routes.rb * Update admins_controller.rb * Removed duplicated code that broke the build after last merge * GRN-78: Restructured some of the views to make the UI more consistent and responsive (#435) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * GRN-78: Cleaned up buttons and moved signin to its own page * GRN-78: Moved the Rooms and Recordings link to nav bar * Merge fix * Views restructure fix (#458) * Added cache to gitlab-ci.yml * Restructured seed * GRN2-99 -> GRN2-106: UI cleanup and refactoring (#478) * GRN2-98: Change Fullname to Full name * GRN2-105: Changed View Users to Manage Users * GRN2-101/103: Updated email to match branding * GRN2-100: Updated Email Sent flash to be more descriptive * GRN2-104: Redirect user to sign in page w/ flash after clicking activation link * GRN2-102: Changed the wording in the verification email * GRN2-99: Added email form validation * GRN2-106: Cleaned up Users list front end * Fixes to rake and admin password validator for passing rubocop * GRN2-113: Fixed issues with admin panel (#479) * GRN2-116: Code clean up after restructure of views (#482) * Removed unused references * Rubocop * Added pagination to admin view (#483) * GRN2-114: Added the ability for admins to ban/unban users (#487) * Added the ability for admins to ban and unban users * Update sessions_helper.rb * Merge branch 'master' into admin-panel (#492) * Updated rubocop gem * Updated rubocop and fixed issues (#490) * Rubocop fixes * GRN2-122: Updated sign in flow for admins and switch design tab to site settings (#489) * Switched design tab to site settings * Update _header with spaces instead of tabs * Added more test cases to increase coverage (#494) 2019-05-03 13:05:12 -04:00			`url = if cookies[:return_to] && !dont_redirect_to.include?(cookies[:return_to])`
Users are redirected to the url they clicked login/signup from (#446) 2019-04-11 12:45:43 -04:00			`cookies[:return_to]`
			`else`
			`user.main_room`
			`end`

			`# Delete the cookie if it exists`
			`cookies.delete :return_to if cookies[:return_to]`

			`redirect_to url`
Fixed #267 Email verification feature (#268) * <Implemented basic welcome email upon signup> * <Added config option to enable> * <Added verification link routing> * <Added views for verify/resend and reconfigured routes> * <Finished Verification System minus Rspec changes> * <Fixed code style> * <Modified dome rspec tests> * <Switched sample env back to default> * <Added test cases to increase code coverage> * <Added test_helper> * <Minor code changes> * <Added requested changes> * <Added requested changes> * <see if this fixes migration> * <see if this fixes migration> * <fixed migrations> * Delete .rake_tasks~ * Update _confirm_button.html.erb * Update _resend_button.html.erb * Update verify_email.html.erb * Update verify_email.text.erb * <Fixed bugs> * <Added validation of verification link and fixed some code style> * <Disabled updating email for omniauth> 2018-10-09 14:22:02 -04:00			`else`
			`redirect_to resend_path`
			`end`
			`end`

GRN2-196: Fixed issues that scrutinizer is complaining about (#765) * Refactored code to improve scrutinizer score * Bug fixes 2019-08-27 11:08:58 -04:00			`def ensure_unauthenticated_except_twitter`
			`redirect_to current_user.main_room if current_user && params[:old_twitter_user_id].nil?`
			`end`

initial commit 2018-05-07 16:06:01 -04:00			`# Logs current user out of GreenLight.`
			`def logout`
			`session.delete(:user_id) if current_user`
			`end`

GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`private`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00
GRN2-180: First stages of refactoring code for v2.4 (#748) * Email rescues and authenticator concern * Application controller and helper clean up * Moved controller code out of helpers * More helper and email clean up * Cleaned up remaining helpers and create omniauth_options * Controller code clean up * restructured views structure * Restructured role code * Restructured profile and code clean up * Master merge * Added bbb server concern to deal with bbb calls * Bug fixes and changes after changes * rspec * More rubocop fixes 2019-08-19 11:28:48 -04:00			`# Migrates all of the twitter users rooms to the new account`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00			`def migrate_twitter_user(user)`
			`if !session["old_twitter_user_id"].nil? && user.provider != "twitter"`
			`old_user = User.find(session["old_twitter_user_id"])`

			`old_user.rooms.each do \|room\|`
			`room.owner = user`

			`room.name = "Old " + room.name if room.id == old_user.main_room.id`

			`room.save!`
			`end`

			`# Query for the old user again so the migrated rooms don't get deleted`
			`old_user.reload`
			`old_user.destroy!`

			`session["old_twitter_user_id"] = nil`
GRN2-195: Fixed issues with turbolinks caching (#626) * Fixed issues with turbolinks caching * Updated string for twitter flash 2019-07-11 08:54:52 -04:00
			`flash[:success] = I18n.t("registration.deprecated.merge_success")`
GRN2-155: Begin preparing for removal of Twitter accounts (#615) * Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name 2019-07-09 13:06:07 -04:00			`end`
			`end`
initial commit 2018-05-07 16:06:01 -04:00			`end`