GRN2-128: Fixed issue with manage rooms permissions (#929)

* Fixed issue with manage rooms permissions * Improved server rooms efficiency
2020-01-23 14:24:41 -05:00 · 2020-01-23 14:24:41 -05:00 · 397b4b742f
parent 967130e57c
commit 397b4b742f
6 changed files with 51 additions and 42 deletions
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@ -41,7 +41,7 @@ class AdminsController < ApplicationController
    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
    @tab = params[:tab] || "active"

-    @pagy, @users = pagy(user_list)
+    @pagy, @users = pagy(manage_users_list)
  end

  # GET /admins/site_settings
@ -64,11 +64,11 @@ class AdminsController < ApplicationController
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

-    server_rooms = server_rooms_list
+    @running_room_bbb_ids = all_running_meetings[:meetings].pluck(:meetingID)

    @user_list = shared_user_list if shared_access_allowed

-    @pagy, @rooms = pagy_array(server_rooms)
+    @pagy, @rooms = pagy_array(server_rooms_list)
  end

  # MANAGE USERS
@ -254,37 +254,6 @@ class AdminsController < ApplicationController
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
  end

-  # Gets the list of users based on your configuration
-  def user_list
-    current_role = @role
-
-    initial_user = case @tab
-      when "active"
-        User.without_role(:pending).without_role(:denied)
-      when "deleted"
-        User.deleted
-      else
-        User
-    end
-
-    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
-
-    initial_list = if current_user.has_role? :super_admin
-      initial_user.where.not(id: current_user.id)
-    else
-      initial_user.without_role(:super_admin).where.not(id: current_user.id)
-    end
-
-    if Rails.configuration.loadbalanced_configuration
-      initial_list.where(provider: @user_domain)
-                  .admins_search(@search, current_role)
-                  .admins_order(@order_column, @order_direction)
-    else
-      initial_list.admins_search(@search, current_role)
-                  .admins_order(@order_column, @order_direction)
-    end
-  end
-
  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
  def create_or_update_invite(email)
    invite = Invitation.find_by(email: email, provider: @user_domain)
@ -300,10 +269,4 @@ class AdminsController < ApplicationController

    invite
  end
-
-  # Get the room status to display in the Server Rooms table
-  def room_is_running(id)
-    room_running?(id)
-  end
-  helper_method :room_is_running
 end
--- a/app/controllers/concerns/bbb_server.rb
+++ b/app/controllers/concerns/bbb_server.rb
@ -29,6 +29,11 @@ module BbbServer
    bbb_server.is_meeting_running?(bbb_id)
  end

+  # Returns a list of all running meetings
+  def all_running_meetings
+    bbb_server.get_meetings
+  end
+
  def get_recordings(meeting_id)
    bbb_server.get_recordings(meetingID: meeting_id)
  end
--- a/app/controllers/concerns/populator.rb
+++ b/app/controllers/concerns/populator.rb
@ -19,6 +19,37 @@
 module Populator
  extend ActiveSupport::Concern

+  # Returns a list of users that are in the same context of the current user
+  def manage_users_list
+    current_role = @role
+
+    initial_user = case @tab
+      when "active"
+        User.without_role(:pending).without_role(:denied)
+      when "deleted"
+        User.deleted
+      else
+        User
+    end
+
+    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
+
+    initial_list = if current_user.has_role? :super_admin
+      initial_user.where.not(id: current_user.id)
+    else
+      initial_user.without_role(:super_admin).where.not(id: current_user.id)
+    end
+
+    if Rails.configuration.loadbalanced_configuration
+      initial_list.where(provider: @user_domain)
+                  .admins_search(@search, current_role)
+                  .admins_order(@order_column, @order_direction)
+    else
+      initial_list.admins_search(@search, current_role)
+                  .admins_order(@order_column, @order_direction)
+    end
+  end
+
  # Returns a list of rooms that are in the same context of the current user
  def server_rooms_list
    if Rails.configuration.loadbalanced_configuration
--- a/app/helpers/admins_helper.rb
+++ b/app/helpers/admins_helper.rb
@ -71,4 +71,9 @@ module AdminsHelper
  def edit_disabled
    @edit_disabled ||= @selected_role.priority <= current_user.highest_priority_role.priority
  end
+
+  # Get the room status to display in the Server Rooms table
+  def room_is_running(id)
+    @running_room_bbb_ids.include?(id)
+  end
 end
--- a/app/models/role.rb
+++ b/app/models/role.rb
@ -35,14 +35,15 @@ class Role < ApplicationRecord
        .update_all_role_permissions(can_create_rooms: true)
    Role.create(name: "admin", provider: provider, priority: 0, colour: "#f1c40f")
        .update_all_role_permissions(can_create_rooms: true, send_promoted_email: true,
-      send_demoted_email: true, can_edit_site_settings: true,
+      send_demoted_email: true, can_edit_site_settings: true, can_manage_rooms_recordings: true,
      can_edit_roles: true, can_manage_users: true)
    Role.create(name: "pending", provider: provider, priority: -1, colour: "#17a2b8").update_all_role_permissions
    Role.create(name: "denied", provider: provider, priority: -1, colour: "#343a40").update_all_role_permissions
    Role.create(name: "super_admin", provider: provider, priority: -2, colour: "#cd201f")
        .update_all_role_permissions(can_create_rooms: true,
      send_promoted_email: true, send_demoted_email: true, can_edit_site_settings: true,
-      can_edit_roles: true, can_manage_users: true, can_appear_in_share_list: true)
+      can_edit_roles: true, can_manage_users: true, can_manage_rooms_recordings: true,
+      can_appear_in_share_list: true)
  end

  def self.create_new_role(role_name, provider)
@ -74,6 +75,9 @@ class Role < ApplicationRecord

  # Updates the value of the permission and enables it
  def update_permission(name, value)
+    # Dont update if it is not explicitly set to a value
+    return unless value.present?
+
    permission = role_permissions.find_or_create_by!(name: name)

    permission.update_attributes(value: value, enabled: true)
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -95,6 +95,7 @@ en:
      title: Server Recordings
      no_recordings: This server has no recordings.
    roles:
+      appear_in_share_list: Include users with this role in the dropdown for sharing rooms
      can_create_rooms: Can create rooms
      delete: Delete the role
      invalid_create: There was a problem creating a new role. Please check the role values and try again