merenber
/
greenlight
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Admin panel (#496) 

* Added the administrator role and functionality that comes with it  (#403)

* GRN-20: Added roles to the user model

* GRN-75: Added a view for admins to see their users

* GRN-77: Added Edit/Delete/Promote ability for admins

* GRN-71: Added admin account by default

* Changed the way locales are shown

* Updated the rest of the locales

* Changed the way available_locales are defined

* Updated locales in Russian

* Updated locaales for German

* Update user.rb

* Update admins.js

* GRN-15: Added the ability to change color and image from admin interface (#425)

* GRN-20: Added roles to the user model

* GRN-75: Added a view for admins to see their users

* GRN-77: Added Edit/Delete/Promote ability for admins

* GRN-71: Added admin account by default

* Changed the way locales are shown

* Updated the rest of the locales

* Changed the way available_locales are defined

* Updated locales in Russian

* Updated locaales for German

* GRN-15: Added the ability for admins to customize color and image

* Update user.rb

* Update user.rb

* Update routes.rb

* Update admins_controller.rb

* GRN-87:Added a super admin role and made changes to how to the design works (#430)

* GRN-20: Added roles to the user model

* GRN-75: Added a view for admins to see their users

* GRN-77: Added Edit/Delete/Promote ability for admins

* GRN-71: Added admin account by default

* Changed the way locales are shown

* Updated the rest of the locales

* Changed the way available_locales are defined

* Updated locales in Russian

* Updated locaales for German

* GRN-15: Added the ability for admins to customize color and image

* Added the super admin and completed the design tab

* Update user.rb

* Update themes_controller_spec.rb

* Update routes.rb

* Update admins_controller.rb

* Removed duplicated code that broke the build after last merge

* GRN-78: Restructured some of the views to make the UI more consistent and responsive (#435)

* GRN-20: Added roles to the user model

* GRN-75: Added a view for admins to see their users

* GRN-77: Added Edit/Delete/Promote ability for admins

* GRN-71: Added admin account by default

* GRN-15: Added the ability for admins to customize color and image

* Added the super admin and completed the design tab

* GRN-78: Cleaned up buttons and moved signin to its own page

* GRN-78: Moved the Rooms and Recordings link to nav bar

* Merge fix

* Views restructure fix (#458)

* Added cache to gitlab-ci.yml

* Restructured seed

* GRN2-99 -> GRN2-106: UI cleanup and refactoring (#478)

* GRN2-98: Change Fullname to Full name

* GRN2-105: Changed View Users to Manage Users

* GRN2-101/103: Updated email to match branding

* GRN2-100: Updated Email Sent flash to be more descriptive

* GRN2-104: Redirect user to sign in page w/ flash after clicking activation link

* GRN2-102: Changed the wording in the verification email

* GRN2-99: Added email form validation

* GRN2-106: Cleaned up Users list front end

* Fixes to rake and admin password validator for passing rubocop

* GRN2-113: Fixed issues with admin panel (#479)

* GRN2-116: Code clean up after restructure of views (#482)

* Removed unused references

* Rubocop

* Added pagination to admin view (#483)

* GRN2-114: Added the ability for admins to ban/unban users (#487)

* Added the ability for admins to ban and unban users

* Update sessions_helper.rb

*  Merge branch 'master' into admin-panel  (#492)

* Updated rubocop gem

* Updated rubocop and fixed issues (#490)

* Rubocop fixes

* GRN2-122: Updated sign in flow for admins and switch design tab to site settings (#489)

* Switched design tab to site settings

* Update _header with spaces instead of tabs

* Added more test cases to increase coverage (#494)
This commit is contained in:
Jesus Federico 2019-05-03 13:05:12 -04:00 committed by GitHub
parent b9efff586a
commit 9f74b0e2c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
85 changed files with 2286 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Gemfile
View File

@ -57,6 +57,7 @@ gem 'bigbluebutton-api-ruby'
# Front-end.
gem 'bootstrap', '~> 4.3.1'
gem 'tabler-rubygem'
gem 'pagy'
# For detecting the users preferred language.
gem 'http_accept_language'
@ -70,6 +71,11 @@ gem 'redcarpet'
# For health check endpoint
gem "health_check"
# For providing user roles
gem "rolify"
# For limiting access based on user roles
gem 'cancancan', '~> 2.0'
group :production do
# Use a postgres database in production.
gem 'pg', '~> 0.18'

6
Gemfile.lock
View File

@ -56,6 +56,7 @@ GEM
sassc-rails (>= 2.0.0)
builder (3.2.3)
byebug (10.0.2)
cancancan (2.3.0)
coffee-rails (4.2.2)
coffee-script (>= 2.2.0)
railties (>= 4.0.0)
@ -174,6 +175,7 @@ GEM
omniauth-twitter (1.4.0)
omniauth-oauth (~> 1.1)
rack
pagy (2.1.5)
parallel (1.17.0)
parser (2.6.3.0)
ast (~> 2.4.0)
@ -226,6 +228,7 @@ GEM
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rolify (5.2.0)
rspec-core (3.7.1)
rspec-support (~> 3.7.0)
rspec-expectations (3.7.0)
@ -336,6 +339,7 @@ DEPENDENCIES
bigbluebutton-api-ruby
bootstrap (~> 4.3.1)
byebug
cancancan (~> 2.0)
coffee-rails (~> 4.2)
coveralls
dotenv-rails
@ -353,6 +357,7 @@ DEPENDENCIES
omniauth-ldap
omniauth-microsoft-office365 (~> 0.0.7)
omniauth-twitter
pagy
pg (~> 0.18)
puma (~> 3.0)
rails (~> 5.0.7)
@ -361,6 +366,7 @@ DEPENDENCIES
redcarpet
redis (~> 3.0)
remote_syslog_logger
rolify
rspec-rails (~> 3.7)
rubocop
sass-rails (~> 5.0)

97
app/assets/javascripts/admins.js Normal file
View File

@ -0,0 +1,97 @@
// BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
//
// Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
//
// This program is free software; you can redistribute it and/or modify it under the
// terms of the GNU Lesser General Public License as published by the Free Software
// Foundation; either version 3.0 of the License, or (at your option) any later
// version.
//
// BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
// PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License along
// with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
$(document).on('turbolinks:load', function(){
var controller = $("body").data('controller');
var action = $("body").data('action');
// Only run on the admins page.
if (controller == "admins" && action == "index") {
// show the modal with the correct form action url
$(".delete-user").click(function(data){
var uid = $(data.target).closest("tr").data("user-uid")
$("#delete-confirm").parent().attr("action", "/u/" + uid)
})
// Change the color of the color inputs when the color is changed
$(".colorinput-input").change(function(data) {
// Get the color from the input
var color = $(data.target).val()
// Update the color in the database and reload the page
$.post($("#coloring-path").val(), {color: color}).done(function(data) {
location.reload()
});
});
// Submit search if the user hits enter
$("#search-input").keypress(function(key) {
var keyPressed = key.which
if (keyPressed == 13) {
searchPage()
}
})
// Add listeners for sort
$("th[data-order]").click(function(data){
var header_elem = $(data.target)
if(header_elem.data('order') === 'asc'){ // asc
header_elem.data('order', 'desc');
}
else if(header_elem.data('order') === 'desc'){ // desc
header_elem.data('order', 'none');
}
else{ // none
header_elem.data('order', 'asc');
}
var search = $("#search-input").val()
window.location.replace(window.location.pathname + "?page=1&search=" + search + "&column=" + header_elem.data("header") + "&direction="+ header_elem.data('order'))
})
}
// Only run on the admins edit user page.
if (controller == "admins" && action == "edit_user") {
$("#users").click(function(data){
var url = $("body").data("relative-root")
if (!url.endsWith("/")) {
url += "/"
}
url += "admins"
window.location.href = url
})
}
});
// Change the branding image to the image provided
function changeBrandingImage(path) {
var url = $("#branding-url").val()
$.post(path, {url: url})
}
// Searches the user table for the given string
function searchPage() {
var search = $("#search-input").val()
window.location.replace(window.location.pathname + "?page=1&search=" + search)
}
// Clears the search bar
function clearSearch() {
window.location.replace(window.location.pathname + "?page=1")
}

2
app/assets/javascripts/room.js
View File

@ -57,7 +57,7 @@ $(document).on('turbolinks:load', function(){
}
// Display and update all fields related to creating a room in the createRoomModal
$("#create-room").click(function(){
$("#create-room-block").click(function(){
$("#create-room-name").val("")
$("#createRoomModal form").attr("action", $("body").data('relative-root'))
updateDropdown($(".dropdown-item[value='default']"))

2
app/assets/javascripts/settings.js
View File

@ -20,7 +20,7 @@ $(document).on('turbolinks:load', function(){
var action = $("body").data('action');
// Only run on the settings page.
if ((controller == "users" && action == "edit") || (controller == "users" && action == "update")){
if ((controller == "users" && action == "edit") || (controller == "users" && action == "update") || (controller == "admins" && action == "index")){
var settingsButtons = $('.setting-btn');
var settingsViews = $('.setting-view');

6
app/assets/javascripts/sort.js
View File

@ -15,8 +15,10 @@
// with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
$(document).on('turbolinks:load', function(){
// Check if there is a table on this page
if ($("table").length) {
var controller = $("body").data('controller');
var action = $("body").data('action');
if(controller == "rooms" && action == "show" || controller == "rooms" && action == "update" || controller == "users" && action == "recordings"){
// Choose active header
// (Name, Length or Users)

4
app/assets/stylesheets/_tabler-custom.scss
View File

@ -31,7 +31,7 @@
@import "tabler/nav";
@import "tabler/button";
//@import "tabler/alert";
@import "tabler/alert";
//@import "tabler/close";
//@import "tabler/badge";
@import "tabler/tables";
@ -68,7 +68,7 @@
//@import "tabler/forms/custom-selectgroup";
@import "tabler/forms/custom-switch";
//@import "tabler/forms/custom-imagecheck";
//@import "tabler/forms/custom-colorinput";
@import "tabler/forms/custom-colorinput";
//@import "tabler/timeline";

32
app/assets/stylesheets/admins.scss Normal file
View File

@ -0,0 +1,32 @@
// BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
//
// Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
//
// This program is free software; you can redistribute it and/or modify it under the
// terms of the GNU Lesser General Public License as published by the Free Software
// Foundation; either version 3.0 of the License, or (at your option) any later
// version.
//
// BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
// PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License along
// with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
#users-table {
.user-role:hover {
cursor: default;
}
}
#clear-search {
z-index: 9;
position: absolute;
right: 55px;
top: 8px;
&:hover {
cursor: pointer;
}
}

40
app/assets/stylesheets/application.scss
View File

@ -35,12 +35,17 @@
@import "tabler-custom";
@import "utilities/variables";
@import "admins";
@import "main";
@import "rooms";
@import "sessions";
@import url(https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,500,500i,600,600i,700,700i&amp;subset=latin-ext);
* {
outline: none !important;
}
html, body {
position: relative;
width: 100%;
@ -77,10 +82,6 @@ a {
width: 100%;
}
.table-responsive {
overflow: visible;
}
.background {
background-color: $background-color;
}
@ -135,3 +136,34 @@ a {
background-color: green !important;
}
}
input:focus {
border-color: $primary !important;
}
.list-group-item-action.active {
color: $primary;
}
.header .header-nav {
color: $text-muted !important;
&:hover {
padding-bottom: 21px;
border-bottom: 1px solid $primary;
}
&.active {
color: $primary !important;
padding-bottom: 21px;
border-bottom: 1px solid $primary;
}
}
table {
thead {
th[data-order]:hover {
cursor: pointer;
}
}
}

4
app/assets/stylesheets/main.scss
View File

@ -144,3 +144,7 @@
padding:10px 10px 10px 10px;
}
}
.signin-button {
font-size: 16px;
}

9
app/assets/stylesheets/rooms.scss
View File

@ -56,3 +56,12 @@
vertical-align: middle;
padding-top: 12px;
}
#create-room-block {
border: 1px dashed lightgray;
&:hover {
cursor: pointer;
background-color: rgba(0, 0, 0, 0.04);
}
}

125
app/assets/stylesheets/utilities/_primary_themes.scss Normal file
View File

@ -0,0 +1,125 @@
.btn-primary,
.btn-primary:visited,
.btn-primary i {
background-color: $primary-color !important;
border-color: $primary-color !important;
color: white !important;
}
.btn-primary:active,
.btn-primary:active:focus,
.btn-primary:active:hover,
.btn-primary:focus,
.btn-primary:hover,
.btn-primary:hover i {
background-color: $primary-color-darken !important;
border-color: $primary-color-darken !important;
color: white !important;
}
a {
color: $primary-color !important;
}
.oauth-signin {
color: white !important;
&:hover * {
color: white !important;
}
}
.btn-outline-primary {
border-color: $primary-color !important;
color: $primary-color !important;
&:hover {
background: $primary-color !important;
color: white !important;
}
&:focus {
box-shadow: 0 0 0 2px $primary-color-lighten;
}
}
.header {
& .avatar {
background-color: $primary-color !important;
color: white !important;
}
& a:hover:not(.btn) {
color: $primary-color !important;
}
& .header-nav {
border-color: $primary-color !important;
}
& .header-nav.active {
color: $primary-color !important;
}
}
.dropdown-item {
color: #6e7687 !important;
&:hover {
color: $primary-color !important;
}
&:active {
background-color: $primary-color-lighten !important;
}
}
input:focus, select:focus {
box-shadow: 0 0 5px $primary-color !important;
border-color: $primary-color !important;
}
.list-group-item.active {
background-color: $primary-color-lighten !important;
&, .list-group-item.active * {
color: $primary-color !important;
}
}
.text-primary {
color: $primary-color !important;
}
.bg-primary {
background-color: $primary-color !important;
}
.btn-danger {
color: white !important;
}
#clear-search {
&:hover {
color: $primary-color-darken !important;
}
}
.pagination {
.page-item {
&.active a {
color:white !important;
background-color: $primary-color !important;
}
& a {
border-color: $primary-color !important;
}
& a:hover {
background-color: $primary-color-lighten !important;
}
& a:focus {
box-shadow: 0 0 3px $primary-color !important;
}
}
}

6
app/controllers/account_activations_controller.rb
View File

@ -33,11 +33,11 @@ class AccountActivationsController < ApplicationController
@user.activate
flash[:success] = I18n.t("verify.activated") + " " + I18n.t("verify.signin")
redirect_to signin_path
else
flash[:alert] = I18n.t("verify.invalid")
redirect_to root_path
end
redirect_to root_url
end
# GET /account_activations/resend
@ -51,7 +51,7 @@ class AccountActivationsController < ApplicationController
logger.error "Error in email delivery: #{e}"
flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
else
flash[:success] = I18n.t("email_sent")
flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
end
end

101
app/controllers/admins_controller.rb Normal file
View File

@ -0,0 +1,101 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class AdminsController < ApplicationController
include Pagy::Backend
authorize_resource class: false
before_action :find_user, only: [:edit_user, :promote, :demote, :ban_user, :unban_user]
before_action :verify_admin_of_user, only: [:edit_user, :promote, :demote, :ban_user, :unban_user]
before_action :find_setting, only: [:branding, :coloring]
# GET /admins
def index
@search = params[:search] || ""
@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
puts @order_direction.to_s
if Rails.configuration.loadbalanced_configuration
@pagy, @users = pagy(User.without_role(:super_admin)
.where(provider: user_settings_provider)
.where.not(id: current_user.id)
.admins_search(@search)
.admins_order(@order_column, @order_direction))
else
@pagy, @users = pagy(User.where.not(id: current_user.id)
.admins_search(@search)
.admins_order(@order_column, @order_direction))
end
end
# GET /admins/edit/:user_uid
def edit_user
render "admins/index", locals: { setting_id: "account" }
end
# POST /admins/promote/:user_uid
def promote
@user.add_role :admin
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.promoted") }
end
# POST /admins/demote/:user_uid
def demote
@user.remove_role :admin
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.demoted") }
end
# POST /admins/branding
def branding
@settings.update_value("Branding Image", params[:url])
redirect_to admins_path
end
# POST /admins/color
def coloring
@settings.update_value("Primary Color", params[:color])
redirect_to admins_path(setting: "site_settings")
end
# POST /admins/ban/:user_uid
def ban_user
@user.add_role :denied
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
end
# POST /admins/unban/:user_uid
def unban_user
@user.remove_role :denied
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
end
private
def find_user
@user = User.find_by!(uid: params[:user_uid])
end
def find_setting
@settings = Setting.find_or_create_by!(provider: user_settings_provider)
end
def verify_admin_of_user
redirect_to admins_path,
flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
end
end

27
app/controllers/application_controller.rb
View File

@ -20,10 +20,13 @@ require 'bigbluebutton_api'
class ApplicationController < ActionController::Base
include SessionsHelper
include ThemingHelper
before_action :migration_error?
before_action :set_locale
before_action :check_admin_password
before_action :set_user_domain
before_action :check_if_unbanned
# Force SSL for loadbalancer configurations.
before_action :redirect_to_https
@ -102,6 +105,21 @@ class ApplicationController < ActionController::Base
}
end
# Manually deal with 401 errors
rescue_from CanCan::AccessDenied do |_exception|
render "errors/not_found"
end
# Checks to make sure that the admin has changed his password from the default
def check_admin_password
if current_user&.has_role?(:admin) && current_user&.greenlight_account? &&
current_user&.authenticate(Rails.configuration.admin_password_default)
flash.now[:alert] = I18n.t("default_admin",
edit_link: edit_user_path(user_uid: current_user.uid) + "?setting=password").html_safe
end
end
def redirect_to_https
if Rails.configuration.loadbalanced_configuration && request.headers["X-Forwarded-Proto"] == "http"
redirect_to protocol: "https://"
@ -116,4 +134,13 @@ class ApplicationController < ActionController::Base
end
end
helper_method :set_user_domain
# Checks if the user is banned and logs him out if he is
def check_if_unbanned
if current_user&.has_role?(:denied)
session.delete(:user_id)
redirect_to unauthorized_path
end
end
helper_method :check_if_unbanned
end

4
app/controllers/errors_controller.rb
View File

@ -28,4 +28,8 @@ class ErrorsController < ApplicationController
def internal_error
render status: 500, formats: :html
end
def unauthorized
render status: 401, formats: :html
end
end

9
app/controllers/main_controller.rb
View File

@ -17,16 +17,7 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class MainController < ApplicationController
# before_action :redirect_to_room
# GET /
def index
end
private
def redirect_to_room
# If the user is logged in already, move them along to their room.
redirect_to room_path(current_user.room) if current_user
end
end

2
app/controllers/password_resets_controller.rb
View File

@ -30,7 +30,7 @@ class PasswordResetsController < ApplicationController
if @user
@user.create_reset_digest
@user.send_password_reset_email(reset_link)
flash[:success] = I18n.t("email_sent")
flash[:success] = I18n.t("email_sent", email_type: t("reset_password.subtitle"))
redirect_to root_path
else
flash[:alert] = I18n.t("no_user_email_exists")

14
app/controllers/sessions_controller.rb
View File

@ -27,12 +27,18 @@ class SessionsController < ApplicationController
# POST /users/login
def create
user = User.find_by(email: session_params[:email], provider: @user_domain)
redirect_to(root_path, alert: I18n.t("invalid_user")) && return unless user
redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
admin = User.find_by(email: session_params[:email])
if admin&.has_role? :super_admin
user = admin
else
user = User.find_by(email: session_params[:email], provider: @user_domain)
redirect_to(root_path, alert: I18n.t("invalid_user")) && return unless user
redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
end
redirect_to(root_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
session_params[:password])
redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
login(user)
end

44
app/controllers/themes_controller.rb Normal file
View File

@ -0,0 +1,44 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class ThemesController < ApplicationController
before_action :provider_settings
# GET /primary
def index
color = @settings.get_value("Primary Color") || Rails.configuration.primary_color_default
file_name = Rails.root.join('app', 'assets', 'stylesheets', 'utilities', '_primary_themes.scss')
@file_contents = File.read(file_name)
# Include the variables and covert scss file to css
@compiled = Sass::Engine.new("$primary-color:#{color};" \
"$primary-color-lighten:lighten(#{color}, 40%);" \
"$primary-color-darken:darken(#{color}, 10%);" +
@file_contents, syntax: :scss).render
respond_to do |format|
format.css { render body: @compiled }
end
end
private
def provider_settings
@settings = Setting.find_or_create_by(provider: user_settings_provider)
end
end

18
app/controllers/users_controller.rb
View File

@ -44,11 +44,15 @@ class UsersController < ApplicationController
logger.error "Error in email delivery: #{e}"
flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
else
flash[:success] = I18n.t("email_sent")
flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
end
redirect_to(root_path)
end
# GET /signin
def signin
end
# GET /signup
def new
if Rails.configuration.allow_user_signup
@ -61,7 +65,7 @@ class UsersController < ApplicationController
# GET /u/:user_uid/edit
def edit
if current_user
redirect_to current_user.room unless @user == current_user
redirect_to current_user.main_room if @user != current_user && !current_user.admin_of?(@user)
else
redirect_to root_path
end
@ -113,6 +117,16 @@ class UsersController < ApplicationController
if current_user && current_user == @user
@user.destroy
session.delete(:user_id)
elsif current_user.admin_of?(@user)
begin
@user.destroy
rescue => e
logger.error "Error in user deletion: #{e}"
flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
else
flash[:success] = I18n.t("administrator.flash.delete")
end
redirect_to(admins_path) && return
end
redirect_to root_path
end

21
app/helpers/admins_helper.rb Normal file
View File

@ -0,0 +1,21 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
module AdminsHelper
include Pagy::Frontend
end

7
app/helpers/application_helper.rb
View File

@ -95,4 +95,11 @@ module ApplicationHelper
@translations ||= I18n.backend.send(:translations)
@translations[I18n.locale].with_indifferent_access[:javascript] || {}
end
# Returns the page that the logo redirects to when clicked on
def home_page
return root_path unless current_user
return admins_path if current_user.has_role? :super_admin
current_user.main_room
end
end

10
app/helpers/sessions_helper.rb
View File

@ -31,9 +31,13 @@ module SessionsHelper
# If email verification is disabled, or the user has verified, go to their room
def check_email_verified(user)
if user.activated?
# Get the url to redirect the user to
url = if cookies[:return_to] && ![root_url, signup_url].include?(cookies[:return_to])
# Admin users should be redirected to the admin page
if user.has_role? :super_admin
redirect_to admins_path
elsif user.activated?
# Dont redirect to any of these urls
dont_redirect_to = [root_url, signup_url, unauthorized_url, internal_error_url, not_found_url]
url = if cookies[:return_to] && !dont_redirect_to.include?(cookies[:return_to])
cookies[:return_to]
else
user.main_room

42
app/helpers/theming_helper.rb Normal file
View File

@ -0,0 +1,42 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
module ThemingHelper
# Returns the logo based on user's provider
def logo_image
Setting.find_or_create_by(provider: user_settings_provider)
.get_value("Branding Image") || Rails.configuration.branding_image_default
end
# Returns the primary color based on user's provider
def user_color
Setting.find_or_create_by(provider: user_settings_provider)
.get_value("Primary Color") || Rails.configuration.primary_color_default
end
# Returns the user's provider in the settings context
def user_settings_provider
if Rails.configuration.loadbalanced_configuration && !current_user&.has_role?(:super_admin)
current_user.provider
elsif Rails.configuration.loadbalanced_configuration
@user_domain
else
"greenlight"
end
end
end

1
app/mailers/application_mailer.rb
View File

@ -17,6 +17,7 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class ApplicationMailer < ActionMailer::Base
add_template_helper(ThemingHelper)
default from: 'from@example.com'
layout 'mailer'
end

33
app/models/ability.rb Normal file
View File

@ -0,0 +1,33 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class Ability
include CanCan::Ability
def initialize(user)
if !user
cannot :manage, AdminsController
elsif user.has_role? :super_admin
can :manage, :all
elsif user.has_role? :admin
can :manage, :all
elsif user.has_role? :user
cannot :manage, AdminsController
end
end
end

21
app/models/feature.rb Normal file
View File

@ -0,0 +1,21 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class Feature < ApplicationRecord
belongs_to :setting
end

31
app/models/role.rb Normal file
View File

@ -0,0 +1,31 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class Role < ApplicationRecord
has_and_belongs_to_many :users, join_table: :users_roles
belongs_to :resource,
polymorphic: true,
optional: true
validates :resource_type,
inclusion: { in: Rolify.resource_types },
allow_nil: true
scopify
end

43
app/models/setting.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class Setting < ApplicationRecord
has_many :features
# Updates the value of the feature and enables it
def update_value(name, value)
feature = features.find_or_create_by!(name: name)
feature.update_attributes(value: value, enabled: true)
end
# Returns the value if enabled or the default if not enabled
def get_value(name)
feature = features.find_or_create_by!(name: name)
if feature[:enabled]
feature[:value]
else
case name
when "Branding Image"
Rails.configuration.branding_image_default
when "Primary Color"
Rails.configuration.primary_color_default
end
end
end
end

42
app/models/user.rb
View File

@ -19,11 +19,14 @@
require 'bbb_api'
class User < ApplicationRecord
rolify
include ::APIConcern
include ::BbbApi
attr_accessor :reset_token
after_create :assign_default_role
after_create :initialize_main_room
before_save { email.try(:downcase!) }
before_destroy :destroy_rooms
@ -33,6 +36,7 @@ class User < ApplicationRecord
validates :name, length: { maximum: 256 }, presence: true
validates :provider, presence: true
validate :check_if_email_can_be_blank
validates :email, length: { maximum: 256 }, allow_blank: true,
uniqueness: { case_sensitive: false, scope: :provider },
format: { with: /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i }
@ -98,6 +102,17 @@ class User < ApplicationRecord
end
end
def self.admins_search(string)
search_query = "name LIKE :search OR email LIKE :search OR username LIKE :search" \
" OR created_at LIKE :search OR provider LIKE :search"
search_param = "%#{string}%"
where(search_query, search: search_param)
end
def self.admins_order(column, direction)
order("#{column} #{direction}")
end
def all_recordings
pag_num = Rails.configuration.pagination_number
@ -199,6 +214,18 @@ class User < ApplicationRecord
create_reset_activation_digest(User.new_token)
end
def admin_of?(user)
if Rails.configuration.loadbalanced_configuration
if has_role? :super_admin
id != user.id
else
(has_role? :admin) && (id != user.id) && (provider == user.provider) && (!user.has_role? :super_admin)
end
else
((has_role? :admin) || (has_role? :super_admin)) && (id != user.id)
end
end
def self.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
@ -229,4 +256,19 @@ class User < ApplicationRecord
self.main_room = Room.create!(owner: self, name: I18n.t("home_room"))
save
end
# Initialize the user to use the default user role
def assign_default_role
add_role(:user) if roles.blank?
end
def check_if_email_can_be_blank
if email.blank?
if Rails.configuration.loadbalanced_configuration && greenlight_account?
errors.add(:email, I18n.t("errors.messages.blank"))
elsif provider == "greenlight"
errors.add(:email, I18n.t("errors.messages.blank"))
end
end
end
end

42
app/views/admins/index.html.erb Normal file
View File

@ -0,0 +1,42 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="container pt-6">
<%= render "shared/components/subtitle", subtitle: t("administrator.title"), search: false %>
<div class="row">
<div class="col-lg-3 mb-4">
<div class="list-group list-group-transparent mb-0">
<button id="users" class="list-group-item list-group-item-action setting-btn <%= "active" if !params[:setting] || params[:setting] == "users"%>">
<span class="icon mr-3"><i class="fas fa-users"></i></span><%= t("administrator.users.title") %>
</button>
<button id="site_settings" class="list-group-item list-group-item-action setting-btn <%= "active" if params[:setting] == "site_settings"%>">
<span class="icon mr-4"><i class="fas fa-cogs"></i></span><%= t("administrator.site_settings.title") %>
</button>
</div>
</div>
<div class="col-lg-9">
<% if defined?(setting_id) && setting_id == "account" %>
<%= render "shared/settings/setting_view", setting_id: "account", setting_title: t("administrator.users.edit.title") %>
<% else %>
<%= render "shared/settings/setting_view", admin_view: true, setting_id: "users", setting_title: t("administrator.users.title") %>
<%= render "shared/settings/setting_view", admin_view: true, setting_id: "site_settings", setting_title: t("administrator.site_settings.subtitle") %>
<% end %>
<%= render "shared/modals/delete_account_modal", delete_location: "/" %>
</div>
</div>
</div>

20
app/views/errors/unauthorized.html.erb Normal file
View File

@ -0,0 +1,20 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="container text-center pt-9">
<div class="display-1 text-muted mb-5">401</div>
<h1 class="h2 mb-3"><%= t("errors.unauthorized.message") %></h1>
<p class="h4 text-muted font-weight-normal mb-7"><%= t("errors.unauthorized.help") %></p>
</div>

13
app/views/layouts/application.html.erb
View File

@ -32,7 +32,10 @@
<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
<%= javascript_include_tag 'application', 'data-turbolinks-track': 'reload' %>
<!-- Primary color styling -->
<%= stylesheet_link_tag themes_primary_path %>
<script type="text/javascript">
// Rail-ish function to translate a string, according to the Rails locales
window.t = function t(key) {
@ -42,7 +45,7 @@
var keys = key.split('.');
var value = <%= current_translations.to_json.html_safe %>; // Add I18n variables
keys.forEach(key => {
if (value) {
value = value[key];
@ -77,11 +80,9 @@
</div>
<% end %>
<%= yield %>
<%= render 'shared/flash_messages' unless flash.empty? %>
<% if current_user %>
<%= render "shared/modals/create_room_modal" %>
<% end %>
<%= yield %>
</div>
<%= render "shared/footer" %>

2
app/views/main/index.html.erb
View File

@ -13,8 +13,6 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<%= render 'shared/flash_messages' unless flash.empty? %>
<div class="background">
<div class="container pt-9 pb-8">
<div class="row">

2
app/views/password_resets/edit.html.erb
View File

@ -13,8 +13,6 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<%= render 'shared/flash_messages' unless flash.empty? %>
<div class="container">
<div class="row pt-7">
<div class="col col-4 offset-4">

2
app/views/password_resets/new.html.erb
View File

@ -13,8 +13,6 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<%= render 'shared/flash_messages' unless flash.empty? %>
<div class="container">
<div class="row pt-7">
<div class="col col-4 offset-4">

11
app/views/rooms/show.html.erb
View File

@ -13,11 +13,9 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<%= render 'shared/flash_messages' unless flash.empty? %>
<div class="background pb-1">
<div class="container">
<div class="row pt-9">
<div class="row pt-7">
<div class="col-lg-9 col-sm-12">
<div id="room-title" class="display-3 form-inline <%= 'edit_hover_class' if current_user.main_room != @room %>">
<h1 contenteditable=false id="user-text" class="display-3 text-left mb-3 font-weight-400"><%= @room.name %></h1>
@ -51,7 +49,7 @@
</div>
</div>
<div id="room_block_container" class="row pt-7 pb-2">
<div id="room_block_container" class="row pt-7 pb-5">
<% if current_user.rooms.length > 1 %>
<div class="col-lg-4 col-md-6 col-sm-12">
<%= link_to current_user.main_room do %>
@ -67,8 +65,11 @@
<%= render "shared/modals/delete_room_modal", room: room %>
<% end %>
<% end %>
<%= render "shared/components/create_room_block"%>
</div>
</div>
</div>
<%= render "shared/sessions", recordings: @recordings, only_public: false, user_recordings: false %>
<%= render "shared/sessions", recordings: @recordings, only_public: false, user_recordings: false, title: t("room.recordings")%>
<%= render "shared/modals/create_room_modal" %>

15
app/views/shared/_flash_messages.html.erb
View File

@ -15,16 +15,19 @@
<% flash.each do |key,value| %>
<% if key.eql? "success" %>
<div class="alert alert-icon alert-success text-center mb-0">
<%= content_tag :div, value, class: "flash #{key} d-inline" %>
<div class="alert alert-success alert-dismissible text-center mb-0">
<button type="button" class="close" data-dismiss="alert">&times</button>
<%= value %>
</div>
<% elsif key.eql? "alert" %>
<div class="alert alert-icon alert-danger text-center mb-0">
<%= content_tag :div, value, class: "flash #{key} d-inline" %>
<div class="alert alert-danger alert-dismissible text-center mb-0">
<button type="button" class="close" data-dismiss="alert">&times</button>
<%= value %>
</div>
<% elsif key.eql? "info" %>
<div class="alert alert-icon alert-info text-center mb-0">
<%= content_tag :div, value, class: "flash #{key} d-inline" %>
<div class="alert alert-info alert-dismissible text-center mb-0">
<button type="button" class="close" data-dismiss="alert">&times</button>
<%= value %>
</div>
<% end %>
<% end %>

106
app/views/shared/_header.html.erb
View File

@ -14,65 +14,77 @@
%>
<div class="header py-4">
<div class="container">
<div class="d-flex">
<%= link_to (current_user ? current_user.main_room : root_path), class: "header-brand" do %>
<%= image_tag(Rails.configuration.branding_image,class: "header-brand-img") %>
<% end %>
<div class="container">
<div class="d-flex">
<%= link_to (current_user ? home_page : root_path), class: "header-brand" do %>
<%= image_tag(logo_image, class: "header-brand-img", alt:"") %>
<% end %>
<div class="d-flex ml-auto">
<% if current_user %>
<a id="create-room" class="px-5 ml-2 mt-1" href="" data-toggle="modal" data-target="#createRoomModal">
<i class="fas fa-plus"></i>&nbsp; <%= t("header.create_room") %>
</a>
<div class="dropdown">
<a href="#" class="nav-link pr-0" data-toggle="dropdown">
<% if current_user.image.blank? %>
<span class="avatar"><%= current_user.name.first %></span>
<% else %>
<span id="user-avatar" class="avatar d-none"><%= current_user.name.first %></span>
<%= image_tag(current_user.image, id: "user-image", class: "avatar") %>
<% end %>
<span class="ml-2 d-none d-lg-block">
<span class="text-default username"><%= current_user.name %></span>
</span>
</a>
<div class="dropdown-menu dropdown-menu-right dropdown-menu-arrow" x-placement="bottom-end">
<%= link_to current_user.main_room, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-home"></i> <%= t("header.dropdown.home") %>
<% end %>
<%= link_to get_user_recordings_path(current_user), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-video"></i> <%= t("room.recordings") %>
<% end %>
<%= link_to edit_user_path(current_user), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-cog"></i> <%= t("header.dropdown.settings") %>
<% end %>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="http://docs.bigbluebutton.org/install/greenlight-v2.html" target="_blank">
<i class="dropdown-icon far fa-question-circle"></i> <%= t("header.dropdown.help") %>
</a>
<%= link_to logout_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-sign-out-alt"></i> <%= t("header.dropdown.signout") %>
<% end %>
</div>
</div>
<div class="d-flex ml-auto">
<% if current_user %>
<% if current_user.has_role? :super_admin %>
<% admins_page = params[:controller] == "admins" && params[:action] == "index" ? "active" : "" %>
<%= link_to admins_path, class: "px-3 mx-1 mt-1 header-nav #{admins_page}" do %>
<i class="fas fa-home pr-1 "></i> <%= t("header.dropdown.home") %>
<% end %>
<% else %>
<% rooms_page = params[:controller] == "rooms" && params[:action] == "show" ? "active" : "" %>
<%= link_to current_user.main_room, class: "px-3 mx-1 mt-1 header-nav #{rooms_page}" do %>
<i class="fas fa-home pr-1 "></i> <%= t("header.dropdown.home") %>
<% end %>
<% all_rec_page = params[:controller] == "users" && params[:action] == "recordings" ? "active" : "" %>
<%= link_to get_user_recordings_path(current_user), class: "px-3 mx-1 mt-1 header-nav #{all_rec_page}" do %>
<i class="fas fa-video pr-1"></i> <%= t("header.all_recordings") %>
<% end %>
<% end %>
<div class="dropdown">
<a href="#" class="nav-link pr-0" data-toggle="dropdown">
<% if current_user.image.blank? %>
<span class="avatar"><%= current_user.name.first %></span>
<% else %>
<span id="user-avatar" class="avatar d-none"><%= current_user.name.first %></span>
<%= image_tag(current_user.image, id: "user-image", class: "avatar") %>
<% end %>
<span class="ml-2 d-none d-lg-block">
<span class="text-default username"><%= current_user.name %></span>
</span>
</a>
<div class="dropdown-menu dropdown-menu-right dropdown-menu-arrow" x-placement="bottom-end">
<%= link_to edit_user_path(current_user), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-id-card mr-3"></i><%= t("header.dropdown.settings") %>
<% end %>
<% if current_user.has_role? :admin %>
<%= link_to admins_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-user-tie mr-3"></i><%= t("header.dropdown.account_settings") %>
<% end %>
<% end %>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="http://docs.bigbluebutton.org/install/greenlight-v2.html" target="_blank">
<i class="dropdown-icon far fa-question-circle"></i> <%= t("header.dropdown.help") %>
</a>
<%= link_to logout_path, class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-sign-out-alt"></i> <%= t("header.dropdown.signout") %>
<% end %>
</div>
</div>
<% else %>
<% allow_greenlight_accounts = allow_greenlight_accounts? %>
<% if Rails.configuration.omniauth_ldap %>
<%= link_to t("login"), omniauth_login_url(:ldap), :class => "btn btn-pill btn-outline-primary mx-2 sign-in-button" %>
<%= link_to t("login"), omniauth_login_url(:ldap), :class => "btn btn-outline-primary mx-2 sign-in-button" %>
<% elsif allow_greenlight_accounts %>
<%= link_to t("login"), "#loginModal", :class => "btn btn-pill btn-outline-primary mx-2 sign-in-button", "data-toggle": "modal" %>
<%= link_to t("login"), signin_path, :class => "btn btn-outline-primary mx-2 sign-in-button" %>
<% elsif Rails.configuration.loadbalanced_configuration %>
<%= link_to t("login"), omniauth_login_url(:bn_launcher), :class => "btn btn-pill btn-outline-primary mx-2 sign-in-button" %>
<% else %>
<%= link_to t("login"), "#loginModal", :class => "btn btn-pill btn-outline-primary mx-2 sign-in-button", "data-toggle": "modal" %>
<%= link_to t("login"), signin_path, :class => "btn btn-outline-primary mx-2 sign-in-button" %>
<% end %>
<% if allow_user_signup? && allow_greenlight_accounts %>
<%= link_to t("signup.title"), signup_path, :class => "btn btn-pill btn-outline-primary mx-2 sign-in-button" %>
<%= link_to t("signup.title"), signup_path, :class => "btn btn-outline-primary mx-2 sign-in-button" %>
<% end %>
<%= render "shared/modals/login_modal" %>
<% end %>
</div>
</div>

2
app/views/shared/_room_event.html.erb
View File

@ -40,4 +40,4 @@
</div>
</div>
<%= render "shared/sessions", recordings: @room.public_recordings, only_public: true, user_recordings: false %>
<%= render "shared/sessions", recordings: @room.public_recordings, only_public: true, user_recordings: false, title: t("room.recordings") %>

2
app/views/shared/_sessions.html.erb
View File

@ -16,7 +16,7 @@
<div class="sessions pb-5">
<div class="container pt-6">
<%= render "shared/components/subtitle", subtitle: (only_public ? t("recording.visibility.public") + " " : "") + t("room.recordings"), search: true %>
<%= render "shared/components/subtitle", subtitle: (only_public ? t("recording.visibility.public") + " " : "") + title, search: true %>
<div class="row">
<div class="col-12">
<div class="card">

47
app/views/shared/admin_settings/_site_settings.html.erb Normal file
View File

@ -0,0 +1,47 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="form-group">
<div class="row">
<div class="col-12">
<div class="mb-7 form-group">
<label class="form-label"><%= t("administrator.site_settings.branding.title") %></label>
<label class="form-label text-muted"><%= t("administrator.site_settings.branding.info") %></label>
<div class="input-group">
<input id="branding-url" type="text" class="form-control" value="<%= logo_image %>">
<span class="input-group-append">
<button onclick="changeBrandingImage('<%= admin_branding_path %>')" class="btn btn-primary" type="button"><%= t("administrator.site_settings.branding.change") %></button>
</span>
</div>
</div>
<div class="form-group">
<label class="form-label"><%= t("administrator.site_settings.color.title") %></label>
<label class="form-label text-muted"><%= t("administrator.site_settings.color.info") %></label>
<div class="row gutters-xs">
<div class="col-auto">
<input id="coloring-path" value="<%= admin_coloring_path %>" hidden>
<label class="colorinput">
<input name="color" type="color" value="<%= user_color %>" class="colorinput-input" />
<span class="colorinput-color" style="background: <%= user_color %>;">
<i class="p-1 fas fa-paint-brush"></i>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div>

143
app/views/shared/admin_settings/_users.html.erb Normal file
View File

@ -0,0 +1,143 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="form-group">
<div class="row">
<div class="col-12">
<div class="table-responsive">
<table class="table table-hover table-outline table-vcenter text-nowrap card-table">
<thead>
<tr>
<th data-header="name" data-order="<%= @order_column == "name" ? @order_direction : "none" %>">
<%= t("administrator.users.table.name") %>
<% if @order_column == "name" && @order_direction == "desc" %>
<% elsif @order_column == "name" && @order_direction == "asc" %>
<% end %>
</th>
<th data-header="email" data-order="<%= @order_column == "email" ? @order_direction : "none" %>">
<%= t("administrator.users.table.username") %>
<% if @order_column == "email" && @order_direction == "desc" %>
<% elsif @order_column == "email" && @order_direction == "asc" %>
<% end %>
</th>
<th class="text-left" data-header="provider" data-order="<%= @order_column == "provider" ? @order_direction : "none" %>">
<%= t("administrator.users.table.authenticator") %>
<% if @order_column == "provider" && @order_direction == "desc" %>
<% elsif @order_column == "provider" && @order_direction == "asc" %>
<% end %>
</th>
<th class="text-center">
<%= t("administrator.users.table.role") %>
</th>
<th class="text-center">
</th>
</tr>
</thead>
<tbody id="users-table">
<tr id="no_users_found" style="display: none;">
<td colspan="7" class="text-center h4 p-6 font-weight-normal" >
<%= t("administrator.users.table.not_found") %>
</td>
</tr>
<% if @users %>
<% @users.each do |user| %>
<% if user != current_user %>
<tr data-user-uid="<%= user.uid %>">
<td>
<div><%= user.name %></div>
<div class="small text-muted"><%= [t("administrator.users.table.created"), ": ", user.created_at].join %></div>
</td>
<td><%= user.email && user.email != "" ? user.email : user.username%></td>
<td><%= user.provider %></td>
<td class="text-center">
<% if user.has_role? :denied %>
<div class="user-role btn btn-sm btn-gray-dark">
<%= t("roles.banned") %>
</div>
<% elsif user.has_role? :super_admin %>
<div class="user-role btn btn-sm btn-red">
<%= t("roles.super_admin") %>
</div>
<% elsif user.has_role? :admin %>
<div class="user-role btn btn-sm btn-yellow">
<%= t("roles.administrator") %>
</div>
<% else %>
<div class="user-role btn btn-sm btn-gray">
<%= t("roles.user") %>
</div>
<% end %>
</td>
<td>
<% unless user.has_role? :super_admin %>
<div class="item-action dropdown">
<a href="javascript:void(0)" data-toggle="dropdown" class="icon">
<i class="fas fa-ellipsis-v px-4"></i>
</a>
<div class="dropdown-menu dropdown-menu">
<% if user.has_role? :denied %>
<%= button_to admin_unban_path(user_uid: user.uid), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-lock-open"></i> <%= t("administrator.users.settings.unban") %>
<% end %>
<% else %>
<%= link_to admin_edit_user_path(user_uid: user.uid), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-user-edit"></i> <%= t("administrator.users.settings.edit") %>
<% end %>
<button class= "delete-user dropdown-item" data-toggle="modal" data-target="#deleteAccountModal">
<i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
</button>
<% if user.has_role? :admin %>
<%= button_to admin_demote_path(user_uid: user.uid), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-level-down-alt"></i> <%= t("administrator.users.settings.demote") %>
<% end %>
<% elsif user.has_role? :user %>
<%= button_to admin_promote_path(user_uid: user.uid), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-level-up-alt"></i> <%= t("administrator.users.settings.promote") %>
<% end %>
<% end %>
<%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %>
<i class="dropdown-icon fas fa-lock"></i> <%= t("administrator.users.settings.ban") %>
<% end %>
<% end %>
</div>
</div>
<% end %>
</td>
</tr>
<% end %>
<% end %>
<% else %>
<tr>
<td colspan="7" class="text-center h4 p-6 font-weight-normal" >
<%= t("administrator.users.table.no_users") %>
</td>
</tr>
<% end %>
</tbody>
</table>
<div class="float-right mt-4">
<%== pagy_bootstrap_nav(@pagy) %>
</div>
</div>
</div>
</div>
</div>

29
app/views/shared/components/_create_room_block.html.erb Normal file
View File

@ -0,0 +1,29 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="col-lg-4 col-md-6 col-sm-12">
<div id="create-room-block" class="card-body p-1 mb-5 background" data-toggle="modal" data-target="#createRoomModal">
<div class="row p-3">
<div class="col-4">
<span class="stamp stamp-md bg-primary">
<i class="fas fa-plus"></i>
</span>
</div>
<div class="col-8">
<h4 class="my-2"><%= t("room.create_room") %></h4>
</div>
</div>
</div>
</div>

2
app/views/shared/components/_room_block.html.erb
View File

@ -18,7 +18,7 @@
<table class="table table-hover table-vcenter text-wrap table-no-border">
<tbody class="no-border-top">
<td>
<span class="stamp stamp-md bg-cyan">
<span class="stamp stamp-md bg-primary">
<% if room == current_user.main_room %>
<i class="fas fa-home"></i>
<% else %>

4
app/views/shared/components/_subtitle.html.erb
View File

@ -14,11 +14,11 @@
%>
<div class="row mt-2">
<div class="col-9">
<div class="col-8">
<p class="subtitle"><%= subtitle %></p>
</div>
<% if search %>
<div id="search_bar" class="col-3">
<div id="search_bar" class="col-4">
<div class="input-icon">
<input type="text" class="form-control btn-pill" placeholder="Search...">
<span class="input-icon-addon">

4
app/views/shared/modals/_create_room_modal.html.erb
View File

@ -63,8 +63,8 @@
<span class="custom-switch-indicator float-right"></span>
</label>
<div class="mt-4">
<%= f.submit t("header.create_room"), id: "create-room-submit", class: "create-only btn btn-outline-primary btn-block btn-pill" %>
<%= f.submit t("modal.room_settings.update"), id: "create-room-submit", class: "update-only btn btn-outline-primary btn-block btn-pill" %>
<%= f.submit t("modal.create_room.create"), id: "create-room-submit", class: "create-only btn btn-primary btn-block" %>
<%= f.submit t("modal.room_settings.update"), id: "create-room-submit", class: "update-only btn btn-primary btn-block" %>
</div>
<% end %>
</div>

4
app/views/shared/modals/_delete_account_modal.html.erb
View File

@ -22,11 +22,11 @@
<h3><%= t("modal.delete_account.confirm") %></h3>
</div>
<button type="button" class="btn btn-pill btn-info my-1 btn-del-room" data-dismiss="modal">
<button type="button" class="btn btn-info my-1 btn-del-room" data-dismiss="modal">
<%= t("modal.delete_account.keep") %>
</button>
<%= button_to delete_user_path, method: :delete, id: "delete-confirm", class: "btn btn-pill btn-danger my-1 btn-del-room" do %>
<%= button_to delete_location, method: :delete, id: "delete-confirm", class: "btn btn-danger my-1 btn-del-room" do %>
<%= t("modal.delete_account.delete") %>
<% end %>

4
app/views/shared/modals/_delete_room_modal.html.erb
View File

@ -22,11 +22,11 @@
<h3><%= t("modal.delete_room.confirm", room: room.name) %></h3>
</div>
<button type="button" class="btn btn-pill btn-info my-1 btn-del-room" data-dismiss="modal">
<button type="button" class="btn btn-info my-1 btn-del-room" data-dismiss="modal">
<%= t("modal.delete_room.keep") %>
</button>
<%= button_to room, method: :delete, id: "delete-confirm", class: "btn btn-pill btn-danger my-1 btn-del-room" do %>
<%= button_to room, method: :delete, id: "delete-confirm", class: "btn btn-danger my-1 btn-del-room" do %>
<%= t("modal.delete_room.delete") %>
<% end %>

2
app/views/shared/settings/_delete.html.erb
View File

@ -27,4 +27,4 @@
</div>
</div>
<%= render "shared/modals/delete_account_modal" %>
<%= render "shared/modals/delete_account_modal", delete_location: delete_user_path %>

38
app/views/shared/settings/_setting_view.html.erb
View File

@ -16,10 +16,44 @@
<%= content_tag(:div, id: setting_id, class: "setting-view card") do %>
<div class="card-body p-6">
<div class="card-title text-primary">
<h4><%= setting_title %></h4>
<div class="form-group">
<div class="row">
<% if setting_id == "users" %>
<div class="col-7 mt-2">
<h4><%= setting_title %></h4>
</div>
<div class="col-5 float-right">
<div id="search-bar">
<div class="input-group">
<input id="search-input" type="text" class="form-control" placeholder="<%= t("settings.search") %>..." value="<%= @search %>">
<% unless @search.blank? %>
<span id="clear-search" class="text-primary" onclick="clearSearch()">
<i class="fas fa-times"></i>
</span>
<% end %>
<span class="input-group-append">
<button class="btn btn-primary" type="button" onclick="searchPage()">
<i class="fas fa-search"></i>
</button>
</span>
</div>
</div>
</div>
<% else %>
<div class="col-12 mt-2">
<h4 class="text-primary"><%= setting_title %></h4>
</div>
<% end %>
</div>
</div>
</div>
<hr>
<%= render "shared/settings/#{setting_id}" %>
<% unless (defined?(admin_view)).nil? %>
<%= render "shared/admin_settings/#{setting_id}" %>
<% else %>
<%= render "shared/settings/#{setting_id}" %>
<% end %>
</div>
<% end %>

4
app/views/user_mailer/password_reset.html.erb
View File

@ -17,7 +17,7 @@
%>
<div style="text-align:center; font-family:'Source Sans Pro', -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Helvetica Neue', Arial, sans-serif">
<div style="display:inline-block; background-color:#F5F7FB; border:1px solid #d3d3d3; padding: 25px 70px">
<%= image_tag(Rails.configuration.branding_image) %>
<%= image_tag(logo_image, height: '70')%>
<h1 style="margin-bottom:30px">
<%= t('mailer.user.password_reset.title') %>
@ -32,7 +32,7 @@
</p>
<a
style="background: #467fcf;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;"
style="background: <%= user_color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;"
href="<%= @url %>">
<%= t('mailer.user.password_reset.reset_link') %>
</a>

12
app/views/user_mailer/verify_email.html.erb
View File

@ -18,21 +18,25 @@
<div style="text-align:center; font-family:'Source Sans Pro', -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Helvetica Neue', Arial, sans-serif">
<div style="display:inline-block; background-color:#F5F7FB; border:1px solid #d3d3d3; padding: 25px 70px">
<%= image_tag(Rails.configuration.branding_image) %>
<%= image_tag(logo_image, height: '70') %>
<h1 style="margin-bottom:30px">
<%= t('mailer.user.verify_email.welcome', bigbluebutton: t('bigbluebutton'), name: @user[:name]) %>
<%= t('mailer.user.verify_email.welcome', name: @user[:name]) %>
</h1>
<p>
<%= t('mailer.user.verify_email.success', bigbluebutton: t('bigbluebutton'), email: @user[:email]) %>
<%= t('mailer.user.verify_email.success', bigbluebutton: t('bigbluebutton')) %>
</p>
<p>
<%= t('mailer.user.verify_email.username', email: @user[:email]) %>
</p>
<p style="margin-bottom:45px;">
<%= t('mailer.user.verify_email.verify') %>
</p>
<a style="background: #467fcf;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @url %>">
<a style="background: <%= user_color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @url %>">
<%= t('mailer.user.verify_email.verify_link') %>
</a>

6
app/views/user_mailer/verify_email.text.erb
View File

@ -16,9 +16,11 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<%= t('mailer.user.verify_email.welcome', bigbluebutton: t('bigbluebutton'), name: @user[:name]) %>
<%= t('mailer.user.verify_email.welcome', name: @user[:name]) %>
<%= t('mailer.user.verify_email.success', bigbluebutton: t('bigbluebutton'), email: @user[:email]) %>
<%= t('mailer.user.verify_email.success', bigbluebutton: t('bigbluebutton')) %>
<%= t('mailer.user.verify_email.username', email: @user[:email]) %>
<%= t('mailer.user.verify_email.verify_text', url: @url) %>

16
app/views/users/edit.html.erb
View File

@ -13,7 +13,7 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="container pt-8">
<div class="container pt-6">
<%= render "shared/components/subtitle", subtitle: t("settings.title"), search: false %>
<div class="row">
@ -30,12 +30,6 @@
</button>
<% end %>
<% if Rails.configuration.allow_custom_branding %>
<button id="design" class="list-group-item list-group-item-action setting-btn <%= "active" if params[:setting] == "design"%>">
<span class="icon mr-3"><i class="fas fa-edit"></i></span><%= t("settings.design.title") %>
</button>
<% end %>
<button id="delete" class="list-group-item list-group-item-action setting-btn <%= "active" if params[:setting] == "delete"%>">
<span class="icon mr-3"><i class="fas fa-trash-alt"></i></span><%= t("settings.delete.title") %>
</button>
@ -49,10 +43,6 @@
<% end %>
</ul>
<% end %>
<div class="mt-8">
<%= render 'shared/flash_messages' unless flash.empty? %>
</div>
</div>
@ -63,10 +53,6 @@
<%= render "shared/settings/setting_view", setting_id: "password", setting_title: t("settings.password.subtitle") %>
<% end %>
<% if Rails.configuration.allow_custom_branding %>
<%= render "shared/settings/setting_view", setting_id: "design", setting_title: t("settings.design.subtitle") %>
<% end %>
<%= render "shared/settings/setting_view", setting_id: "delete", setting_title: t("settings.delete.subtitle") %>
</div>
</div>

10
app/views/users/new.html.erb
View File

@ -15,7 +15,7 @@
<div class="container">
<div class="row pt-7">
<div class="col col-4 offset-4">
<div class="col col-lg-6 offset-lg-3">
<div class="card">
<div class="card-header background">
<h4 class="mt-2"><%= t("signup.subtitle") %></h4>
@ -23,7 +23,7 @@
<div class="card-body background">
<% unless iconset_providers.length.zero? %>
<% iconset_providers.each do |provider| %>
<%= link_to omniauth_login_url(provider), class: "customBtn-#{provider}" do %>
<%= link_to omniauth_login_url(provider), class: "customBtn-#{provider} oauth-signin" do %>
<span class="customBtn-icon">
<img class="customBtn-image"></img>
</span>
@ -69,9 +69,9 @@
<div class="invalid-feedback d-block"><%= @user.errors.full_messages_for(:accepted_terms).first %></div>
</div>
<% end %>
<div class="card-footer">
<%= f.submit t("signup.title"), class: "btn btn-primary float-right ml-2" %>
<%= link_to t("cancel"), root_path, class: "btn btn-secondary float-right ml-2" %>
<div class="card-footer px-0 pb-0">
<%= f.submit t("signup.title"), class: "btn btn-primary btn-block signin-button" %>
<%= link_to t("cancel"), root_path, class: "btn btn-secondary btn-block signin-button" %>
</div>
<% end %>
</div>

2
app/views/users/recordings.html.erb
View File

@ -18,4 +18,4 @@
# without losing all css
%>
<%= render "shared/sessions", recordings: @recordings, only_public: false, user_recordings: true %>
<%= render "shared/sessions", recordings: @recordings, only_public: false, user_recordings: true, title: t("recording.all_recordings") %>

26
app/views/shared/modals/_login_modal.html.erb → app/views/users/signin.html.erb
View File

@ -13,18 +13,18 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="modal fade" id="loginModal" tabindex="-1" role="dialog">
<div class="modal-dialog modal-dialog-centered" role="document">
<div class="modal-content text-center">
<div class="modal-body">
<div class="card-body p-6">
<div class="card-title">
<h3><%= t("login") %></h3>
</div>
<div class="container">
<div class="row pt-7">
<div class="col col-lg-6 offset-lg-3">
<div class="card">
<div class="card-header background">
<h4 class="mt-2"><%= t("login_title") %></h4>
</div>
<div class="card-body background">
<% unless iconset_providers.length.zero? %>
<% iconset_providers.each do |provider| %>
<%= link_to omniauth_login_url(provider), class: "customBtn-#{provider}" do %>
<span class="customBtn-icon">
<%= link_to omniauth_login_url(provider), class: "customBtn-#{provider} oauth-signin" do %>
<span class="customBtn-icon ">
<img class="customBtn-image"></img>
</span>
<span class="customBtn-text"><%= t("modal.login.with", provider: t("provider.#{provider}")) %></span>
@ -32,7 +32,7 @@
<% end %>
<div class="or-line my-6">
<div>
<span class="text-uppercase">
<span class="text-uppercase" style="background-color: #F5F7FB;">
<%= t("modal.login.or") %>
</span>
</div>
@ -62,8 +62,8 @@
</div>
</div>
<% end %>
<div class="form-footer">
<%= f.submit t("login"), class: "btn btn-outline-primary btn-block btn-pill" %>
<div class="card-footer px-0">
<%= f.submit t("login"), class: "btn btn-primary btn-block signin-button" %>
</div>
<% end %>
</div>

18
config/application.rb
View File

@ -88,12 +88,6 @@ module Greenlight
# Configure custom banner message.
config.banner_message = ENV['BANNER_MESSAGE']
# Configure custom branding image.
config.branding_image = ENV['BRANDING_IMAGE'] || "https://raw.githubusercontent.com/bigbluebutton/greenlight/master/app/assets/images/logo_with_text.png"
# Show/Hide cutomization tab in user settings
config.allow_custom_branding = (ENV['ALLOW_CUSTOM_BRANDING'] == "true")
# Enable/disable recording thumbnails.
config.recording_thumbnails = (ENV['RECORDING_THUMBNAILS'] != "false")
@ -102,5 +96,17 @@ module Greenlight
# The maximum number of rooms included in one bbbapi call
config.pagination_number = ENV['PAGINATION_NUMBER'].to_i.zero? ? 25 : ENV['PAGINATION_NUMBER'].to_i
# Default branding image if the user does not specify one
config.branding_image_default = "https://raw.githubusercontent.com/bigbluebutton/greenlight/master/app/assets/images/logo_with_text.png"
# Default primary color if the user does not specify one
config.primary_color_default = "#467fcf"
# Default admin password
config.admin_password_default = ENV['ADMIN_PASSWORD'] || 'administrator'
# Number of rows to display per page
config.pagination_rows = ENV['NUMBER_OF_ROWS'].to_i.zero? ? 10 : ENV['NUMBER_OF_ROWS'].to_i
end
end

146
config/initializers/pagy.rb Normal file
View File

@ -0,0 +1,146 @@
# frozen_string_literal: true
# frozen_string_literal: true
# Pagy initializer file (2.1.5)
# Customize only what you really need and notice that Pagy works also without any of the following lines.
# Should you just cherry pick part of this file, please maintain the require-order of the extras
# Extras
# See https://ddnexus.github.io/pagy/extras
# Backend Extras
# Array extra: Paginate arrays efficiently, avoiding expensive array-wrapping and without overriding
# See https://ddnexus.github.io/pagy/extras/array
# require 'pagy/extras/array'
# Countless extra: Paginate without any count, saving one query per rendering
# See https://ddnexus.github.io/pagy/extras/countless
# require 'pagy/extras/countless'
# Pagy::VARS[:cycle] = false # default
# Elasticsearch Rails extra: Paginate `ElasticsearchRails::Results` objects
# See https://ddnexus.github.io/pagy/extras/elasticsearch_rails
# require 'pagy/extras/elasticsearch_rails'
# Searchkick extra: Paginate `Searchkick::Results` objects
# See https://ddnexus.github.io/pagy/extras/searchkick
# require 'pagy/extras/searchkick'
# Frontend Extras
# Bootstrap extra: Add nav, responsive and compact helpers and templates for Bootstrap pagination
# See https://ddnexus.github.io/pagy/extras/bootstrap
require 'pagy/extras/bootstrap'
# Bulma extra: Add nav, responsive and compact helpers and templates for Bulma pagination
# See https://ddnexus.github.io/pagy/extras/bulma
# require 'pagy/extras/bulma'
# Foundation extra: Add nav, responsive and compact helpers and templates for Foundation pagination
# See https://ddnexus.github.io/pagy/extras/foundation
# require 'pagy/extras/foundation'
# Materialize extra: Nav, responsive and compact helpers for Materialize pagination
# See https://ddnexus.github.io/pagy/extras/materialize
# require 'pagy/extras/materialize'
# Plain extra: Add responsive and compact nav plain helpers
# Notice: the other frontend extras add their own framework-styled versions,
# so require this extra only if you need the plain unstyled version
# See https://ddnexus.github.io/pagy/extras/plain
# require 'pagy/extras/plain'
# Semantic extra: Nav, responsive and compact helpers for Semantic UI pagination
# See https://ddnexus.github.io/pagy/extras/semantic
# require 'pagy/extras/semantic'
# Breakpoints var used by the responsive nav helpers
# See https://ddnexus.github.io/pagy/extras/plain#breakpoints
# Pagy::VARS[:breakpoints] = { 0 => [2,3,3,2], 540 => [3,5,5,3], 720 => [5,7,7,5] }
# Feature Extras
# Headers extra: http response headers (and other helpers) useful for API pagination
# See http://ddnexus.github.io/pagy/extras/headers
# require 'pagy/extras/headers'
# Pagy::VARS[:headers] = { page: 'Current-Page', items: 'Page-Items',
# count: 'Total-Count', pages: 'Total-Pages' } # default
# Support extra: Extra support for features like: incremental, infinite, auto-scroll pagination
# See https://ddnexus.github.io/pagy/extras/support
# require 'pagy/extras/support'
# Items extra: Allow the client to request a custom number of items per page with an optional selector UI
# See https://ddnexus.github.io/pagy/extras/items
# require 'pagy/extras/items'
# Pagy::VARS[:items_param] = :items # default
# Pagy::VARS[:max_items] = 100 # default
# Overflow extra: Allow for easy handling of overflowing pages
# See https://ddnexus.github.io/pagy/extras/overflow
# require 'pagy/extras/overflow'
# Pagy::VARS[:overflow] = :empty_page # default (other options: :last_page and :exception)
# Trim extra: Remove the page=1 param from links
# See https://ddnexus.github.io/pagy/extras/trim
# require 'pagy/extras/trim'
# Pagy Variables
# See https://ddnexus.github.io/pagy/api/pagy#variables
# All the Pagy::VARS are set for all the Pagy instances but can be overridden
# per instance by just passing them to Pagy.new or the #pagy controller method
# Instance variables
# See https://ddnexus.github.io/pagy/api/pagy#instance-variables
Pagy::VARS[:items] = Rails.configuration.pagination_rows # default
# Other Variables
# See https://ddnexus.github.io/pagy/api/pagy#other-variables
# Pagy::VARS[:size] = [1,4,4,1] # default
# Pagy::VARS[:page_param] = :page # default
# Pagy::VARS[:params] = {} # default
# Pagy::VARS[:anchor] = '#anchor' # example
# Pagy::VARS[:link_extra] = 'data-remote="true"' # example
# Pagy::VARS[:item_path] = 'activerecord.models.product' # example
# Rails
# Rails: extras assets path required by the compact and responsive navs, and the items extra
# See https://ddnexus.github.io/pagy/extras#javascript
# Rails.application.config.assets.paths << Pagy.root.join('javascripts')
# I18n
# Pagy internal I18n: ~18x faster using ~10x less memory than the i18n gem
# See https://ddnexus.github.io/pagy/api/frontend#i18n
# Notice: No need to configure anything in this section if your app uses only "en"
# or if you use the i18n extra below
#
# Examples:
# load the "de" built-in locale:
# Pagy::I18n.load(locale: 'de')
#
# load the "de" locale defined in the custom file at :filepath:
# Pagy::I18n.load(locale: 'de', filepath: 'path/to/pagy-de.yml')
#
# load the "de", "en" and "es" built-in locales:
# (the first passed :locale will be used also as the default_locale)
# Pagy::I18n.load({locale: 'de'},
# {locale: 'en'},
# {locale: 'es'})
#
# load the "en" built-in locale, a custom "es" locale,
# and a totally custom locale complete with a custom :pluralize proc:
# (the first passed :locale will be used also as the default_locale)
# Pagy::I18n.load({locale: 'en'},
# {locale: 'es', filepath: 'path/to/pagy-es.yml'},
# {locale: 'xyz', # not built-in
# filepath: 'path/to/pagy-xyz.yml',
# pluralize: lambda{|count| ... } )
# I18n extra: uses the standard i18n gem which is ~18x slower using ~10x more memory
# than the default pagy internal i18n (see above)
# See https://ddnexus.github.io/pagy/extras/i18n
# require 'pagy/extras/i18n'

12
config/initializers/rolify.rb Normal file
View File

@ -0,0 +1,12 @@
# frozen_string_literal: true
Rolify.configure do |config|
# By default ORM adapter is ActiveRecord. uncomment to use mongoid
# config.use_mongoid
# Dynamic shortcuts for User class (user.is_admin? like methods). Default is: false
# config.use_dynamic_shortcuts
# Configuration to remove roles from database once the last resource is removed. Default is: true
# config.remove_role_if_empty = false
end

86
config/locales/en.yml
View File

@ -21,6 +21,47 @@ en:
attributes:
user:
accepted_terms: "Terms and Conditions"
administrator:
site_settings:
branding:
change: Change Image
info: Change the branding image that appears in the top left corner
placeholder: Image Url...
title: Branding Image
color:
info: Change the primary color used across the website
title: Primary Color
subtitle: Customize Greenlight
title: Site Settings
flash:
banned: User has been successfully banned.
unbanned: User has been successfully unbanned.
delete: User deleted successfully
delete_fail: Failed to delete user
demoted: User has been successfully demoted
promoted: User has been successfully promoted
unauthorized: You are not authorized to perform actions on this user
title: Organization Settings
users:
edit:
title: Edit User Details
settings:
ban: Ban User
delete: Delete
demote: Demote to User
edit: Edit
promote: Promote to Admin
unban: Unban User
table:
authenticator: Authenticator
created: Created
name: Name
not_found: No users match your search
no_users: No users found
role: Role
uid: User ID
username: Username
title: Manage Users
bigbluebutton: BigBlueButton
bigbluebutton_exception: Oops, there was an error when starting the meeting!
cancel: Cancel
@ -28,11 +69,12 @@ en:
cookie_info: Cookies help us deliver our services. By using our services, you agree to our use of cookies.
cookie_button: I Agree
copy: Copy
default_admin: You are still using the default password for this account. Please click <a href="%{edit_link}">here</a> to change it
delete: Delete
delivery_error: An error occured during email delivery. Please contact an administrator!
docs: Documentation
email: Email
email_sent: Email Sent! (Please check your Spam folder if you haven't received it)
email_sent: Your %{email_type} email has been sent! (Please check your Spam folder if you haven't received it)
enter_your_name: Enter your name!
errors:
internal:
@ -46,10 +88,15 @@ en:
This may be because you haven't updated to Greenlight 2.0.
upgrade: Show me how to upgrade to 2.0!
version: We've released a new version of Greenlight, but your database isn't compatible.
messages:
blank: can't be blank
not_found:
message: Whoops! Looks like we can't find that.
help: Is it possible its been removed?
title: Errors
unauthorized:
message: You do not have access to this application
help: If you believe this is a mistake, please contact your system administrator.
unprocessable:
message: Oops! Request is unprocessable.
help: Unfortunately this isn't a valid request.
@ -69,11 +116,12 @@ en:
go_back: Go back
greenlight: Greenlight
header:
create_room: Create Room
all_recordings: All Recordings
dropdown:
account_settings: Organization
help: Need help?
home: Home Room
settings: Settings
home: Home
settings: Profile
signout: Sign out
home_room: Home Room
info_update_success: Information successfully updated.
@ -98,6 +146,7 @@ en:
language_default: Default (browser language)
ldap_error: Unable to connect to the LDAP server. Please check your LDAP configuration in the env file and ensure your server is running.
login: Sign in
login_title: Sign in to your account
mailer:
user:
password_reset:
@ -108,8 +157,9 @@ en:
expire: This link will expire in two hours.
ignore: You can safely ignore this email if you did not request a password reset.
verify_email:
welcome: Welcome to %{bigbluebutton}, %{name}!
success: You have successfully registered your %{bigbluebutton} account. Your username is %{email}.
welcome: Welcome to your personal space, %{name}!
success: Leveraging %{bigbluebutton}, you can create your own rooms to host sessions and collaborate with others.
username: Your username is %{email}.
verify: To verify your account, just click the button below.
verify_text: 'To verify your account, just follow this link: %{url}'
verify_link: Verify Account
@ -118,13 +168,14 @@ en:
modal:
create_room:
auto_join: Automatically join me into the room.
create: Create Room
free_delete: You will be free to delete this room at any time.
name_placeholder: Enter a room name...
not_blank: Room name cannot be blank.
title: Create New Room
delete_account:
confirm: Are you sure you want to delete your account?
delete: I'm sure, delete my account.
confirm: Are you sure you want to delete this account?
delete: I'm sure, delete this account.
keep: Actually, I'll keep it.
warning: This decision is final. You will <b>not</b> be able to recover associated data.
delete_room:
@ -160,6 +211,7 @@ en:
microsoft_office365: Office 365
twitter: Twitter
recording:
all_recordings: All Recordings
email: Email Recording
no_recordings: This room has no %{inject}recordings.
no_user_recordings: You currently have no recordings.
@ -183,7 +235,13 @@ en:
password: New Password
confirm: New Password Confirmation
update: Update Password
roles:
administrator: Administrator
banned: Banned
super_admin: Super Admin
user: User
room:
create_room: Create a Room
create_room_error: There was an error creating the room
create_room_success: Room created successfully
invited: You have been invited to join
@ -192,7 +250,7 @@ en:
last_session: Last session on %{session}
owner: Owner
no_sessions: This room has no sessions, yet!
recordings: Recordings
recordings: Room Recordings
sessions: Sessions
settings: Room Settings
start: Start
@ -204,7 +262,7 @@ en:
auto: You will automatically join when the meeting starts.
settings:
account:
fullname: Fullname
fullname: Full name
language: Language
provider: Provider
image: Image
@ -216,17 +274,14 @@ en:
disclaimer: If you choose to delete your account, it will <b>NOT</b> be recoverable. All information regarding your account, including settings, rooms, and recording will be removed.
subtitle: Permanently Delete your Account
title: Delete Account
design:
not_supported: Customization not currently supported.
subtitle: Customize Greenlight
title: Design
password:
confirmation: New Password Confirmation
new: New Password
old: Old Password
subtitle: Change your Password
title: Password
title: Settings
title: Profile
search: Search
signup:
password_confirm: Password Confirmation
subtitle: Create an Account
@ -249,3 +304,4 @@ en:
resend: Resend verification email
signin: Please sign in to access your account.
title: Verify your email
verification: Verification

26
config/routes.rb
View File

@ -20,17 +20,37 @@ Rails.application.routes.draw do
get 'health_check', to: 'health_check/health_check#index'
# Error routes.
match '/404', to: 'errors#not_found', via: :all
match '/401', to: 'errors#unauthorized', via: :all, as: :unauthorized
match '/404', to: 'errors#not_found', via: :all, as: :not_found
match '/422', to: 'errors#unprocessable', via: :all
match '/500', to: 'errors#internal_error', via: :all
match '/500', to: 'errors#internal_error', via: :all, as: :internal_error
# Signup routes.
# Signin/Signup routes.
get '/signin', to: 'users#signin', as: :signin
get '/signup', to: 'users#new', as: :signup
post '/signup', to: 'users#create', as: :create_user
# Redirect to terms page
match '/terms', to: 'users#terms', via: [:get, :post]
# Admin resouces
resources :admins, only: [:index]
scope '/admins' do
post '/branding', to: 'admins#branding', as: :admin_branding
post '/coloring', to: 'admins#coloring', as: :admin_coloring
post '/signup', to: 'admins#signup', as: :admin_signup
get '/edit/:user_uid', to: 'admins#edit_user', as: :admin_edit_user
post '/promote/:user_uid', to: 'admins#promote', as: :admin_promote
post '/demote/:user_uid', to: 'admins#demote', as: :admin_demote
post '/ban/:user_uid', to: 'admins#ban_user', as: :admin_ban
post '/unban/:user_uid', to: 'admins#unban_user', as: :admin_unban
end
scope '/themes' do
get '/primary', to: 'themes#index', as: :themes_primary
end
# Password reset resources.
resources :password_resets, only: [:new, :create, :edit, :update]

25
db/migrate/20190314152108_rolify_create_roles.rb Normal file
View File

@ -0,0 +1,25 @@
# frozen_string_literal: true
class RolifyCreateRoles < ActiveRecord::Migration[5.0]
def change
create_table(:roles) do |t|
t.string :name
t.references :resource, polymorphic: true
t.timestamps
end
create_table(:users_roles, id: false) do |t|
t.references :user
t.references :role
end
add_index(:roles, :name)
add_index(:roles, [:name, :resource_type, :resource_id])
add_index(:users_roles, [:user_id, :role_id])
User.all.each do |user|
user.add_role(:user) if user.roles.blank?
end
end
end

18
db/migrate/20190326144939_create_settings.rb Normal file
View File

@ -0,0 +1,18 @@
# frozen_string_literal: true
class CreateSettings < ActiveRecord::Migration[5.0]
def change
create_table :settings do |t|
t.string "provider", null: false
t.timestamps
end
create_table :features do |t|
t.belongs_to :setting
t.string "name", null: false
t.string "value"
t.boolean "enabled", default: false
t.timestamps
end
end
end

49
db/schema.rb
View File

@ -10,18 +10,39 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20190312003555) do
ActiveRecord::Schema.define(version: 20190326144939) do
create_table "features", force: :cascade do |t|
t.integer "setting_id"
t.string "name", null: false
t.string "value"
t.boolean "enabled", default: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["setting_id"], name: "index_features_on_setting_id"
end
create_table "roles", force: :cascade do |t|
t.string "name"
t.string "resource_type"
t.integer "resource_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index ["name", "resource_type", "resource_id"], name: "index_roles_on_name_and_resource_type_and_resource_id"
t.index ["name"], name: "index_roles_on_name"
t.index ["resource_type", "resource_id"], name: "index_roles_on_resource_type_and_resource_id"
end
create_table "rooms", force: :cascade do |t|
t.integer "user_id"
t.string "name"
t.string "uid"
t.string "bbb_id"
t.integer "sessions", default: 0
t.integer "sessions", default: 0
t.datetime "last_session"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "room_settings", default: "{ }"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "room_settings", default: "{ }"
t.string "moderator_pw"
t.string "attendee_pw"
t.index ["bbb_id"], name: "index_rooms_on_bbb_id"
@ -32,6 +53,12 @@ ActiveRecord::Schema.define(version: 20190312003555) do
t.index ["user_id"], name: "index_rooms_on_user_id"
end
create_table "settings", force: :cascade do |t|
t.string "provider", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
end
create_table "users", force: :cascade do |t|
t.integer "room_id"
t.string "provider"
@ -43,8 +70,8 @@ ActiveRecord::Schema.define(version: 20190312003555) do
t.string "image"
t.string "password_digest"
t.boolean "accepted_terms", default: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.boolean "email_verified", default: false
t.string "language", default: "default"
t.string "reset_digest"
@ -55,4 +82,12 @@ ActiveRecord::Schema.define(version: 20190312003555) do
t.index ["room_id"], name: "index_users_on_room_id"
end
create_table "users_roles", id: false, force: :cascade do |t|
t.integer "user_id"
t.integer "role_id"
t.index ["role_id"], name: "index_users_roles_on_role_id"
t.index ["user_id", "role_id"], name: "index_users_roles_on_user_id_and_role_id"
t.index ["user_id"], name: "index_users_roles_on_user_id"
end
end

2
db/seeds.rb
View File

@ -7,3 +7,5 @@
#
# movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }])
# Character.create(name: 'Luke', movie: movies.first)
Rake::Task['admin:create'].invoke

34
lib/tasks/administrator.rake Normal file
View File

@ -0,0 +1,34 @@
# frozen_string_literal: true
require 'bigbluebutton_api'
namespace :admin do
desc "Creates an administrator account"
task :create, [:name, :email, :password, :role] => :environment do |_task, args|
u = {
name: args[:name] || 'Administrator',
password: args[:password] || Rails.configuration.admin_password_default,
email: args[:email] || 'admin@example.com',
}
u[:email].prepend "superadmin-" if args[:role] == "super_admin"
admin = User.find_by(email: u[:email])
# Create administrator account if it doesn't exist
unless admin
admin = User.create(name: u[:name], email: u[:email], password: u[:password],
password_confirmation: u[:password], provider: 'greenlight', email_verified: true)
if args[:role] == "super_admin"
admin.remove_role(:user)
admin.add_role(:super_admin)
else
admin.add_role(:admin)
end
end
puts "Administrator account succesfully created."
puts "Email: #{u[:email]}"
puts "Password: #{u[:password]}"
puts "PLEASE CHANGE YOUR PASSWORD IMMEDIATELY" if u[:password] == Rails.configuration.admin_password_default
end
end

12
sample.env
View File

@ -114,14 +114,6 @@ SMTP_SENDER=
#
RELATIVE_URL_ROOT=/b
# A URL to the image you want to appear in the top right corner of Greenlight.
# By default, this is the BigBlueButton logo.
BRANDING_IMAGE=
# Shows/Hides a tab in User Settings which allows the user to customize their own instance of GreenLight
# Customization is currently unimplemented, so this will default to false
ALLOW_CUSTOM_BRANDING=false
# Specify which settings you would like the users to configure on room creation
# or edit after the room has been created
# By default, all settings are turned OFF.
@ -135,6 +127,10 @@ ROOM_FEATURES=default-client,mute-on-join
# Default is set to 25 records
PAGINATION_NUMBER=25
# Specify the maximum number of rows that should be displayed per page for a paginated table
# Default is set to 10 rows
NUMBER_OF_ROWS=10
# Comment this out to send logs to STDOUT in production instead of log/production.log .
#
# RAILS_LOG_TO_STDOUT=true

2
spec/controllers/account_activations_controller_spec.rb
View File

@ -50,7 +50,7 @@ describe AccountActivationsController, type: :controller do
expect(@user.email_verified).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(root_path)
expect(response).to redirect_to(signin_path)
end
it "does not activate a user if they have the correct activation token" do

149
spec/controllers/admins_controller_spec.rb Normal file
View File

@ -0,0 +1,149 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require "rails_helper"
describe AdminsController, type: :controller do
before do
@user = create(:user, provider: "provider1")
@admin = create(:user, provider: "provider1")
@admin.add_role :admin
end
describe "User Roles" do
context "GET #index" do
it "renders a 404 if a user tries to acccess it" do
@request.session[:user_id] = @user.id
get :index
expect(response).to render_template(:not_found)
end
it "renders the admin settings if an admin tries to acccess it" do
@request.session[:user_id] = @admin.id
get :index
expect(response).to render_template(:index)
end
end
context "GET #edit_user" do
it "renders the index page" do
@request.session[:user_id] = @admin.id
get :edit_user, params: { user_uid: @user.uid }
expect(response).to render_template(:index)
end
end
context "POST #promote" do
it "promotes a user to admin" do
@request.session[:user_id] = @admin.id
expect(@user.has_role?(:admin)).to eq(false)
post :promote, params: { user_uid: @user.uid }
expect(@user.has_role?(:admin)).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #demote" do
it "demotes an admin to user" do
@request.session[:user_id] = @admin.id
@user.add_role :admin
expect(@user.has_role?(:admin)).to eq(true)
post :demote, params: { user_uid: @user.uid }
expect(@user.has_role?(:admin)).to eq(false)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #ban" do
it "bans a user from the application" do
@request.session[:user_id] = @admin.id
expect(@user.has_role?(:denied)).to eq(false)
post :ban_user, params: { user_uid: @user.uid }
expect(@user.has_role?(:denied)).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #unban" do
it "unbans the user from the application" do
@request.session[:user_id] = @admin.id
@user.add_role :denied
expect(@user.has_role?(:denied)).to eq(true)
post :unban_user, params: { user_uid: @user.uid }
expect(@user.has_role?(:denied)).to eq(false)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
end
describe "User Design" do
context "POST #branding" do
it "changes the branding image on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
fake_image_url = "example.com"
post :branding, params: { url: fake_image_url }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Branding Image")
expect(feature[:value]).to eq(fake_image_url)
expect(response).to redirect_to(admins_path)
end
end
context "POST #coloring" do
it "changes the primary on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
primary_color = "#000000"
post :coloring, params: { color: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color")
expect(feature[:value]).to eq(primary_color)
expect(response).to redirect_to(admins_path(setting: "site_settings"))
end
end
end
end

45
spec/controllers/application_controller_spec.rb Normal file
View File

@ -0,0 +1,45 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require 'rails_helper'
RSpec.configure do |c|
c.infer_base_class_for_anonymous_controllers = false
end
describe ApplicationController do
controller do
before_action :check_if_unbanned
def index
head :ok
end
end
context "roles" do
it "redirects a banned user to a 401 and logs them out" do
@user = create(:user)
@user.add_role :denied
@request.session[:user_id] = @user.id
get :index
expect(@request.session[:user_id]).to be_nil
expect(response).to redirect_to(unauthorized_path)
end
end
end

7
spec/controllers/errors_controller_spec.rb
View File

@ -39,4 +39,11 @@ describe ErrorsController, type: :controller do
expect(response).to have_http_status(500)
end
end
describe "GET #unauthorized" do
it "returns unauthorized" do
get :unauthorized
expect(response).to have_http_status(401)
end
end
end

2
spec/controllers/recordings_controller_spec.rb
View File

@ -27,6 +27,7 @@ describe RecordingsController, type: :controller do
context "POST #update_recording" do
it "updates the recordings details" do
allow_any_instance_of(Room).to receive(:update_recording).and_return(updated: true)
@request.session[:user_id] = @user.uid
post :update_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
@ -45,6 +46,7 @@ describe RecordingsController, type: :controller do
context "DELETE #delete_recording" do
it "deletes the recording" do
allow_any_instance_of(Room).to receive(:delete_recording).and_return(true)
@request.session[:user_id] = @user.uid
post :delete_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }

41
spec/controllers/rooms_controller_spec.rb
View File

@ -82,6 +82,21 @@ describe RoomsController, type: :controller do
expect(flash[:alert]).to be_present
expect(response).to redirect_to(root_path)
end
it "sets the join name to cookie[:greenlight_name] if it exists" do
name = Faker::Pokemon.name
@request.cookies[:greenlight_name] = name
get :show, params: { room_uid: @owner.main_room }
expect(assigns(:name)).to eql(name)
end
it "sets the join name to blank if user isnt signed in" do
get :show, params: { room_uid: @owner.main_room }
expect(assigns(:name)).to eql("")
end
end
describe "POST #create" do
@ -113,6 +128,17 @@ describe RoomsController, type: :controller do
expect(response).to redirect_to(root_path)
end
it "it should redirect back to main room with error if it fails" do
@request.session[:user_id] = @owner.id
room_params = { name: "", "client": "html5", "mute_on_join": "1" }
post :create, params: { room: room_params }
expect(flash[:alert]).to be_present
expect(response).to redirect_to(@owner.main_room)
end
end
describe "POST #join" do
@ -300,4 +326,19 @@ describe RoomsController, type: :controller do
expect(response).to redirect_to(@secondary_room)
end
end
describe "GET #logout" do
before do
@user = create(:user)
@room = @user.main_room
end
it "redirects to the correct room" do
@request.session[:user_id] = @user.id
get :logout, params: { room_uid: @room }
expect(response).to redirect_to(@room)
end
end
end

16
spec/controllers/sessions_controller_spec.rb
View File

@ -140,6 +140,22 @@ describe SessionsController, type: :controller do
expect(@request.session[:user_id]).to eql(user.id)
expect(response).to redirect_to(user.main_room)
end
it "redirects to the admins page for admins" do
user = create(:user, provider: "greenlight",
password: "example", password_confirmation: 'example')
user.add_role :super_admin
post :create, params: {
session: {
email: user.email,
password: 'example',
},
}
expect(@request.session[:user_id]).to eql(user.id)
expect(response).to redirect_to(admins_path)
end
end
describe "GET/POST #omniauth" do

71
spec/controllers/themes_controller_spec.rb Normal file
View File

@ -0,0 +1,71 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require "rails_helper"
describe ThemesController, type: :controller do
context "GET #index" do
before do
@user = create(:user)
end
it "responds with css file" do
@request.session[:user_id] = @user.id
get :index, format: :css
expect(response.content_type).to eq("text/css")
end
end
context "CSS file creation" do
before do
@fake_color = Faker::Color.hex_color
allow(Rails.configuration).to receive(:primary_color_default).and_return(@fake_color)
end
it "returns the correct color based on provider" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
color1 = Faker::Color.hex_color
provider1 = Faker::Company.name
Setting.create(provider: provider1).features.create(name: "Primary Color", value: color1, enabled: true)
user1 = create(:user, provider: provider1)
@request.session[:user_id] = user1.id
get :index, format: :css
expect(response.content_type).to eq("text/css")
expect(response.body).to include(color1)
end
it "uses the default color option" do
provider1 = Faker::Company.name
user1 = create(:user, provider: provider1)
@request.session[:user_id] = user1.id
get :index, format: :css
expect(response.content_type).to eq("text/css")
expect(response.body).to include(@fake_color)
end
end
end

104
spec/controllers/users_controller_spec.rb
View File

@ -47,12 +47,64 @@ describe UsersController, type: :controller do
end
describe "GET #new" do
before { allow(Rails.configuration).to receive(:allow_user_signup).and_return(true) }
it "assigns a blank user to the view" do
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
get :new
expect(assigns(:user)).to be_a_new(User)
end
it "redirects to root if allow_user_signup is false" do
allow(Rails.configuration).to receive(:allow_user_signup).and_return(false)
get :new
expect(response).to redirect_to(root_path)
end
end
describe "GET #edit" do
it "renders the edit template" do
user = create(:user)
@request.session[:user_id] = user.id
get :edit, params: { user_uid: user.uid }
expect(response).to render_template(:edit)
end
it "does not allow you to edit other users if you're not an admin" do
user = create(:user)
user2 = create(:user)
@request.session[:user_id] = user.id
get :edit, params: { user_uid: user2.uid }
expect(response).to redirect_to(user.main_room)
end
it "allows admins to edit other users" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
user = create(:user, provider: "provider1")
user.add_role :admin
user2 = create(:user, provider: "provider1")
@request.session[:user_id] = user.id
get :edit, params: { user_uid: user2.uid }
expect(response).to render_template(:edit)
end
it "redirect to root if user isn't signed in" do
user = create(:user)
get :edit, params: { user_uid: user }
expect(response).to redirect_to(root_path)
end
end
describe "POST #create" do
@ -86,6 +138,21 @@ describe UsersController, type: :controller do
expect(response).to render_template(:new)
end
it "sends activation email if email verification is on" do
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
params = random_valid_user_params
expect { post :create, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
u = User.find_by(name: params[:user][:name], email: params[:user][:email])
expect(u).to_not be_nil
expect(u.name).to eql(params[:user][:name])
expect(flash[:success]).to be_present
expect(response).to redirect_to(root_path)
end
end
context "disallow greenlight accounts" do
@ -133,6 +200,8 @@ describe UsersController, type: :controller do
expect(user.name).to eql(params[:user][:name])
expect(user.email).to eql(params[:user][:email])
expect(flash[:success]).to be_present
expect(response).to redirect_to(edit_user_path(user))
end
it "renders #edit on unsuccessful save" do
@ -148,6 +217,37 @@ describe UsersController, type: :controller do
it "properly deletes user" do
user = create(:user)
@request.session[:user_id] = user.id
delete :destroy, params: { user_uid: user.uid }
expect(response).to redirect_to(root_path)
end
it "allows admins to delete users" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
allow_any_instance_of(Room).to receive(:delete_all_recordings).and_return('')
user = create(:user, provider: "provider1")
admin = create(:user, provider: "provider1")
admin.add_role :admin
@request.session[:user_id] = admin.id
delete :destroy, params: { user_uid: user.uid }
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "doesn't allow admins of other providers to delete users" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
user = create(:user, provider: "provider1")
admin = create(:user, provider: "provider2")
admin.add_role :admin
@request.session[:user_id] = admin.id
delete :destroy, params: { user_uid: user.uid }

11
spec/fixtures/roles.yml vendored Normal file
View File

@ -0,0 +1,11 @@
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
# This model initially had no columns defined. If you add columns to the
# model remove the '{}' from the fixture names and add the columns immediately
# below each fixture, per the syntax in the comments below
#
one: {}
# column: value
#
two: {}
# column: value

100
spec/helpers/application_helper_spec.rb Normal file
View File

@ -0,0 +1,100 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require "rails_helper"
describe ApplicationHelper do
describe "#getter functions" do
it "returns whether user signup is allowed" do
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
expect(helper.allow_user_signup?).to eql(true)
end
it "returns whether the default bbb endpoint is being used" do
allow(Rails.configuration).to receive(:bigbluebutton_endpoint)
.and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
allow(Rails.configuration).to receive(:bigbluebutton_endpoint_default)
.and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
expect(helper.bigbluebutton_endpoint_default?).to eql(true)
end
it "returns the correct omniauth login url" do
allow(Rails.configuration).to receive(:relative_url_root).and_return("/b")
provider = Faker::Company.name
expect(helper.omniauth_login_url(provider)).to eql("/b/auth/#{provider}")
end
end
describe "#allow_greenlight_accounts" do
it "allows if user sign up is turned on" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
expect(helper.allow_greenlight_accounts?).to eql(true)
end
it "doesn't allow if user sign up is turned off" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(false)
expect(helper.allow_greenlight_accounts?).to eql(false)
end
it "doesn't allow if user_domain is blank" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
expect(helper.allow_greenlight_accounts?).to eql(false)
end
it "allows if user_domain is white listed" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
allow(helper).to receive(:launcher_allow_user_signup_whitelisted?).and_return(true)
@user_domain = "provider1"
expect(helper.allow_greenlight_accounts?).to eql(true)
end
it "allows if user provider is set to greenlight" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
allow(helper).to receive(:launcher_allow_user_signup_whitelisted?).and_return(false)
allow(helper).to receive(:retrieve_provider_info).and_return("provider" => "greenlight")
@user_domain = "provider1"
expect(helper.allow_greenlight_accounts?).to eql(true)
end
it "doesnt allow if user provider is not set to greenlight" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
allow(helper).to receive(:launcher_allow_user_signup_whitelisted?).and_return(false)
allow(helper).to receive(:retrieve_provider_info).and_return("provider" => "google")
@user_domain = "provider1"
expect(helper.allow_greenlight_accounts?).to eql(false)
end
end
end

45
spec/helpers/recordings_helper_spec.rb Normal file
View File

@ -0,0 +1,45 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require "rails_helper"
describe RecordingsHelper do
describe "#recording_date" do
it "formats the date" do
date = DateTime.parse("2019-03-28 19:35:15 UTC")
expect(helper.recording_date(date)).to eql("March 28th, 2019.")
end
end
describe "#recording_length" do
it "returns the time if length > 60" do
playbacks = [{ type: "test", length: 85 }]
expect(helper.recording_length(playbacks)).to eql("1 hrs 25 mins")
end
it "returns the time if length == 0" do
playbacks = [{ type: "test", length: 0 }]
expect(helper.recording_length(playbacks)).to eql("< 1 min")
end
it "returns the time if length between 0 and 60" do
playbacks = [{ type: "test", length: 45 }]
expect(helper.recording_length(playbacks)).to eql("45 min")
end
end
end

46
spec/models/user_spec.rb
View File

@ -32,7 +32,6 @@ describe User, type: :model do
it { should validate_uniqueness_of(:email).scoped_to(:provider).case_insensitive }
it { should validate_length_of(:email).is_at_most(256) }
it { should allow_value("", nil).for(:email) }
it { should allow_value("valid@email.com").for(:email) }
it { should_not allow_value("invalid_email").for(:email) }
it { should allow_value(true).for(:accepted_terms) }
@ -129,4 +128,49 @@ describe User, type: :model do
expect(expired).to be_in([true, false])
end
end
context '#roles' do
it "defaults the user to a user role" do
expect(@user.has_role?(:user)).to be true
end
it "does not give the user an admin role" do
expect(@user.has_role?(:admin)).to be false
end
it "returns true if the user is an admin of another" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@admin = create(:user, provider: @user.provider)
@admin.add_role :admin
expect(@admin.admin_of?(@user)).to be true
@super_admin = create(:user, provider: "test")
@super_admin.add_role :super_admin
expect(@super_admin.admin_of?(@user)).to be true
end
it "returns false if the user is NOT an admin of another" do
@admin = create(:user)
expect(@admin.admin_of?(@user)).to be false
end
end
context 'blank email' do
it "allows a blank email if the provider is not greenlight" do
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(false)
user = create(:user, email: "", provider: "ldap")
expect(user.valid?).to be true
end
it "does not allow a blank email if the provider is greenlight" do
expect { create(:user, email: "", provider: "greenlight") }
.to raise_exception(ActiveRecord::RecordInvalid, "Validation failed: Email can't be blank")
end
end
end

7
spec/spec_helper.rb
View File

@ -15,9 +15,12 @@
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require 'simplecov'
require 'coveralls'
Coveralls.wear!
SimpleCov.formatter = Coveralls::SimpleCov::Formatter
SimpleCov.start do
add_filter 'lib/bbb_api.rb'
end
require 'faker'
require 'factory_bot_rails'

36
spec/support/cookies.rb Normal file
View File

@ -0,0 +1,36 @@
# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
# Allows Rspec to access excrypted, signed or permanent cookies
module ActionDispatch
class Cookies
class CookieJar
def encrypted
self
end
def signed
self
end
def permanent
self
end
end
end
end