Use the user image for BBB avatar #2 (Limit image size) (#2860)

* Update bbb_server.rb * Update bbb_server.rb * showing user avatar To make sure something unexpected happens * revert if current_user due to the undefined error * Update bbb_server.rb 'if current_user' should not have problem, but rubocop complains... * Update bbb_server.rb * add an option to avatar image * Add an option to avatar image * add an option avatar_image * Update rooms_controller.rb * Update joiner.rb * Update bbb_server.rb * Update joiner.rb * Update joiner.rb * Update rooms_controller.rb * Update joiner.rb * Update sample.env * Update application_helper.rb * Update rooms_controller.rb * Update joiner.rb * Update bbb_server.rb * Update application_helper.rb Add a check if the URL is valid. * double the limit * move the judgement to controller * Update joiner.rb * Update rooms_controller.rb * Update application_helper.rb * Update rooms_controller.rb * Update application.rb * Update joiner.rb * Update rooms_controller.rb * Update joiner.rb * Update rooms_controller.rb * Update application_helper.rb * Update application.rb * in case parameter not set * change to MAX_AVATAR_SIZE * Notification default value Co-authored-by: Jesus Federico <jesus@123it.ca> Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
2021-09-19 07:56:39 +09:00 · 2021-09-19 07:56:39 +09:00 · beb414aec7
parent 1f2ef10da6
commit beb414aec7
5 changed files with 19 additions and 0 deletions
--- a/app/controllers/concerns/bbb_server.rb
+++ b/app/controllers/concerns/bbb_server.rb
@ -54,6 +54,7 @@ module BbbServer
    join_opts = {}
    join_opts[:userID] = uid if uid
    join_opts[:join_via_html5] = true
+    join_opts[:avatarURL] = options[:avatarURL] if options[:avatarURL].present?
    join_opts[:createTime] = room.last_session.to_datetime.strftime("%Q") if room.last_session

    bbb_server.join_meeting_url(room.bbb_id, name, password, join_opts)
--- a/app/controllers/concerns/joiner.rb
+++ b/app/controllers/concerns/joiner.rb
@ -47,6 +47,15 @@ module Joiner
    end
  end

+  def valid_avatar?(url)
+    return false if URI.regexp.match(url).nil?
+    uri = URI(url)
+    http = Net::HTTP.new(uri.host, uri.port)
+    http.use_ssl = true if uri.scheme == 'https'
+    response = http.request_head(uri)
+    return response['content-length'].to_i < Rails.configuration.max_avatar_size
+  end
+
  def join_room(opts)
    @room_settings = JSON.parse(@room[:room_settings])

@ -60,6 +69,7 @@ module Joiner
      opts[:mute_on_start] = room_setting_with_config("muteOnStart")

      if current_user
+        opts[:avatarURL] = current_user.image if current_user.image.present? && valid_avatar?(current_user.image)
        redirect_to join_path(@room, current_user.name, opts, current_user.uid)
      else
        join_name = params[:join_name] || params[@room.invite_path][:join_name]
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@ -180,6 +180,7 @@ class RoomsController < ApplicationController
    opts[:mute_on_start] = room_setting_with_config("muteOnStart")
    opts[:require_moderator_approval] = room_setting_with_config("requireModeratorApproval")
    opts[:record] = record_meeting
+    opts[:avatarURL] = current_user.image if current_user.image.present? && valid_avatar?(current_user.image)

    begin
      redirect_to join_path(@room, current_user.name, opts, current_user.uid)
--- a/config/application.rb
+++ b/config/application.rb
@ -183,5 +183,8 @@ module Greenlight

    # Default admin password
    config.admin_password_default = ENV['ADMIN_PASSWORD'] || 'administrator'
+
+    # Max avatar image size
+    config.max_avatar_size = ENV['MAX_AVATAR_SIZE'].to_i.zero? ? 100000 : ENV['MAX_AVATAR_SIZE'].to_i
  end
 end
--- a/sample.env
+++ b/sample.env
@ -356,3 +356,7 @@ DEFAULT_REGISTRATION=open
 # For details, see: https://github.com/puma/puma#clustered-mode
 # Default: 1
 #WEB_CONCURRENCY=1
+
+# Max avatar image size (bytes)
+# Default: 100000
+MAX_AVATAR_SIZE=100000