diff --git a/app/assets/javascripts/admins.js b/app/assets/javascripts/admins.js
index 88521567..a7a4245e 100644
--- a/app/assets/javascripts/admins.js
+++ b/app/assets/javascripts/admins.js
@@ -79,7 +79,7 @@ $(document).on('turbolinks:load', function(){
// Change the branding image to the image provided
function changeBrandingImage(path) {
var url = $("#branding-url").val()
- $.post(path, {url: url})
+ $.post(path, {value: url})
}
// Filters by role
@@ -157,19 +157,19 @@ function loadColourSelectors() {
});
pickrRegular.on("save", (color, instance) => {
- $.post($("#coloring-path-regular").val(), {color: color.toHEXA().toString()}).done(function() {
+ $.post($("#coloring-path-regular").val(), {value: color.toHEXA().toString()}).done(function() {
location.reload()
});
})
pickrLighten.on("save", (color, instance) => {
- $.post($("#coloring-path-lighten").val(), {color: color.toHEXA().toString()}).done(function() {
+ $.post($("#coloring-path-lighten").val(), {value: color.toHEXA().toString()}).done(function() {
location.reload()
});
})
pickrDarken.on("save", (color, instance) => {
- $.post($("#coloring-path-darken").val(), {color: color.toHEXA().toString()}).done(function() {
+ $.post($("#coloring-path-darken").val(), {value: color.toHEXA().toString()}).done(function() {
location.reload()
});
})
diff --git a/app/controllers/account_activations_controller.rb b/app/controllers/account_activations_controller.rb
index fd7450c3..cc859f09 100644
--- a/app/controllers/account_activations_controller.rb
+++ b/app/controllers/account_activations_controller.rb
@@ -24,46 +24,45 @@ class AccountActivationsController < ApplicationController
# GET /account_activations
def show
- render :verify
end
# GET /account_activations/edit
def edit
+ # If the user exists and is not verified and provided the correct token
if @user && !@user.activated? && @user.authenticated?(:activation, params[:token])
+ # Verify user
@user.activate
# Redirect user to root with account pending flash if account is still pending
return redirect_to root_path,
flash: { success: I18n.t("registration.approval.signup") } if @user.has_role?(:pending)
- flash[:success] = I18n.t("verify.activated") + " " + I18n.t("verify.signin")
- redirect_to signin_path
+ # Redirect user to sign in path with success flash
+ redirect_to signin_path, flash: { success: I18n.t("verify.activated") + " " + I18n.t("verify.signin") }
else
- flash[:alert] = I18n.t("verify.invalid")
- redirect_to root_path
+ redirect_to root_path, flash: { alert: I18n.t("verify.invalid") }
end
end
# GET /account_activations/resend
def resend
if @user.activated?
+ # User is already verified
flash[:alert] = I18n.t("verify.already_verified")
else
- begin
- send_activation_email(@user)
- rescue => e
- logger.error "Support: Error in email delivery: #{e}"
- flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
- else
- flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
- end
+ # Resend
+ send_activation_email(@user)
end
- redirect_to(root_path)
+ redirect_to root_path
end
private
+ def find_user
+ @user = User.find_by!(email: params[:email], provider: @user_domain)
+ end
+
def ensure_unauthenticated
redirect_to current_user.main_room if current_user
end
@@ -71,8 +70,4 @@ class AccountActivationsController < ApplicationController
def email_params
params.require(:email).permit(:email, :token)
end
-
- def find_user
- @user = User.find_by!(email: params[:email], provider: @user_domain)
- end
end
diff --git a/app/controllers/admins_controller.rb b/app/controllers/admins_controller.rb
index b1c9d48b..1b52e585 100644
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@@ -21,18 +21,17 @@ class AdminsController < ApplicationController
include Themer
include Emailer
include Recorder
+ include Rolify
manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
- site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken,
- :registration_method, :room_authentication, :room_limit, :default_recording_visibility]
authorize_resource class: false
before_action :find_user, only: manage_users
before_action :verify_admin_of_user, only: manage_users
- before_action :find_setting, only: site_settings
# GET /admins
def index
+ # Initializa the data manipulation variables
@search = params[:search] || ""
@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
@@ -49,13 +48,14 @@ class AdminsController < ApplicationController
# GET /admins/server_recordings
def server_recordings
server_rooms = if Rails.configuration.loadbalanced_configuration
- Room.includes(:owner).where(users: { provider: user_settings_provider }).pluck(:bbb_id)
+ Room.includes(:owner).where(users: { provider: @user_domain }).pluck(:bbb_id)
else
Room.pluck(:bbb_id)
end
@search, @order_column, @order_direction, recs =
- all_recordings(server_rooms, @user_domain, params.permit(:search, :column, :direction), true, true)
+ all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)
+
@pagy, @recordings = pagy_array(recs)
end
@@ -92,17 +92,10 @@ class AdminsController < ApplicationController
def invite
emails = params[:invite_user][:email].split(",")
- begin
- emails.each do |email|
- invitation = create_or_update_invite(email)
+ emails.each do |email|
+ invitation = create_or_update_invite(email)
- send_invitation_email(current_user.name, email, invitation.invite_token)
- end
- rescue => e
- logger.error "Support: Error in email delivery: #{e}"
- flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
- else
- flash[:success] = I18n.t("administrator.flash.invite", email: emails.join(', '))
+ send_invitation_email(current_user.name, email, invitation.invite_token)
end
redirect_to admins_path
@@ -118,39 +111,30 @@ class AdminsController < ApplicationController
end
# SITE SETTINGS
- # POST /admins/branding
- def branding
- @settings.update_value("Branding Image", params[:url])
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
+ # POST /admins/update_settings
+ def update_settings
+ @settings.update_value(params[:setting], params[:value])
+
+ flash_message = I18n.t("administrator.flash.settings")
+
+ if params[:value] == "Default Recording Visibility"
+ flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
+ end
+
+ redirect_to admin_site_settings_path, flash: { success: flash_message }
end
# POST /admins/color
def coloring
- @settings.update_value("Primary Color", params[:color])
- @settings.update_value("Primary Color Lighten", color_lighten(params[:color]))
- @settings.update_value("Primary Color Darken", color_darken(params[:color]))
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
- end
-
- def coloring_lighten
- @settings.update_value("Primary Color Lighten", params[:color])
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
- end
-
- def coloring_darken
- @settings.update_value("Primary Color Darken", params[:color])
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
- end
-
- # POST /admins/room_authentication
- def room_authentication
- @settings.update_value("Room Authentication", params[:value])
+ @settings.update_value("Primary Color", params[:value])
+ @settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
+ @settings.update_value("Primary Color Darken", color_darken(params[:value]))
redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
end
# POST /admins/registration_method/:method
def registration_method
- new_method = Rails.configuration.registration_methods[params[:method].to_sym]
+ new_method = Rails.configuration.registration_methods[params[:value].to_sym]
# Only allow change to Join by Invitation if user has emails enabled
if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
@@ -163,67 +147,19 @@ class AdminsController < ApplicationController
end
end
- # POST /admins/room_limit
- def room_limit
- @settings.update_value("Room Limit", params[:limit])
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
- end
-
- # POST /admins/default_recording_visibility
- def default_recording_visibility
- @settings.update_value("Default Recording Visibility", params[:visibility])
- redirect_to admin_site_settings_path, flash: {
- success: I18n.t("administrator.flash.settings") + ". " +
- I18n.t("administrator.site_settings.recording_visibility.warning")
- }
- end
-
- # POST /admins/clear_cache
- def clear_cache
- Rails.cache.delete("#{@user_domain}/getUser")
- Rails.cache.delete("#{@user_domain}/getUserGreenlightCredentials")
-
- redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
- end
-
# ROLES
# GET /admins/roles
def roles
- @roles = Role.editable_roles(@user_domain)
-
- if @roles.count.zero?
- Role.create_default_roles(@user_domain)
- @roles = Role.editable_roles(@user_domain)
- end
-
- @selected_role = if params[:selected_role].nil?
- @roles.find_by(name: 'user')
- else
- @roles.find(params[:selected_role])
- end
+ @roles = all_roles(params[:selected_role])
end
- # POST /admin/role
- # This method creates a new role scope to the users provider
+ # POST /admins/role
+ # This method creates a new role scoped to the users provider
def new_role
- new_role_name = params[:role][:name]
+ new_role = create_role(params[:role][:name])
- # Make sure that the role name isn't a duplicate or a reserved name like super_admin
- if Role.duplicate_name(new_role_name, @user_domain)
- flash[:alert] = I18n.t("administrator.roles.duplicate_name")
-
- return redirect_to admin_roles_path
- end
-
- # Make sure the role name isn't empty
- if new_role_name.strip.empty?
- flash[:alert] = I18n.t("administrator.roles.empty_name")
-
- return redirect_to admin_roles_path
- end
-
- new_role = Role.create_new_role(new_role_name, @user_domain)
+ return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?
redirect_to admin_roles_path(selected_role: new_role.id)
end
@@ -232,82 +168,16 @@ class AdminsController < ApplicationController
# This updates the priority of a site's roles
# Note: A lower priority role will always get used before a higher priority one
def change_role_order
- user_role = Role.find_by(name: "user", provider: @user_domain)
- admin_role = Role.find_by(name: "admin", provider: @user_domain)
-
- current_user_role = current_user.highest_priority_role
-
- # Users aren't allowed to update the priority of the admin or user roles
- if params[:role].include?(user_role.id.to_s) || params[:role].include?(admin_role.id.to_s)
- flash[:alert] = I18n.t("administrator.roles.invalid_order")
-
- return redirect_to admin_roles_path
+ unless update_priority(params[:role])
+ redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
end
-
- # Restrict users to only updating the priority for roles in their domain with a higher
- # priority
- params[:role].each do |id|
- role = Role.find(id)
- if role.priority <= current_user_role.priority || role.provider != @user_domain
- flash[:alert] = I18n.t("administrator.roles.invalid_update")
- return redirect_to admin_roles_path
- end
- end
-
- # Update the roles priority including the user role
- top_priority = 0
-
- params[:role].each_with_index do |id, index|
- new_priority = index + [current_user_role.priority, 0].max + 1
- top_priority = new_priority
- Role.where(id: id).update_all(priority: new_priority)
- end
-
- user_role.priority = top_priority + 1
- user_role.save!
end
# POST /admin/role/:role_id
# This method updates the permissions assigned to a role
def update_role
role = Role.find(params[:role_id])
- current_user_role = current_user.highest_priority_role
-
- # Checks that it is valid for the provider to update the role
- if role.priority <= current_user_role.priority || role.provider != @user_domain
- flash[:alert] = I18n.t("administrator.roles.invalid_update")
- return redirect_to admin_roles_path(selected_role: role.id)
- end
-
- role_params = params.require(:role).permit(:name)
- permission_params = params.require(:role)
- .permit(
- :can_create_rooms,
- :send_promoted_email,
- :send_demoted_email,
- :can_edit_site_settings,
- :can_edit_roles,
- :can_manage_users,
- :colour
- )
-
- # Role is a default role so users can't change the name
- role_params[:name] = role.name if Role::RESERVED_ROLE_NAMES.include?(role.name)
-
- # Make sure if the user is updating the role name that the role name is valid
- if role.name != role_params[:name] && !Role.duplicate_name(role_params[:name], @user_domain) &&
- !role_params[:name].strip.empty?
- role.name = role_params[:name]
- elsif role.name != role_params[:name]
- flash[:alert] = I18n.t("administrator.roles.duplicate_name")
-
- return redirect_to admin_roles_path(selected_role: role.id)
- end
-
- role.update(permission_params)
-
- role.save!
-
+ flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
redirect_to admin_roles_path(selected_role: role.id)
end
@@ -337,10 +207,7 @@ class AdminsController < ApplicationController
@user = User.where(uid: params[:user_uid]).includes(:roles).first
end
- def find_setting
- @settings = Setting.find_or_create_by!(provider: user_settings_provider)
- end
-
+ # Verifies that admin is an administrator of the user in the action
def verify_admin_of_user
redirect_to admins_path,
flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
@@ -355,7 +222,7 @@ class AdminsController < ApplicationController
end
if Rails.configuration.loadbalanced_configuration
- initial_list.where(provider: user_settings_provider)
+ initial_list.where(provider: @user_domain)
.admins_search(@search, @role)
.admins_order(@order_column, @order_direction)
else
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1c2f857b..2b46e004 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -16,35 +16,65 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
-require 'bigbluebutton_api'
-
class ApplicationController < ActionController::Base
- include ApplicationHelper
- include SessionsHelper
+ include BbbServer
include ThemingHelper
- # Force SSL for loadbalancer configurations.
before_action :redirect_to_https
-
before_action :set_user_domain
+ before_action :set_user_settings
before_action :maintenance_mode?
before_action :migration_error?
- before_action :set_locale
+ before_action :user_locale
before_action :check_admin_password
before_action :check_user_role
# Manually handle BigBlueButton errors
rescue_from BigBlueButton::BigBlueButtonException, with: :handle_bigbluebutton_error
- protect_from_forgery with: :exception
+ protect_from_forgery with: :exceptions
- MEETING_NAME_LIMIT = 90
- USER_NAME_LIMIT = 32
+ # Retrieves the current user.
+ def current_user
+ @current_user ||= User.where(id: session[:user_id]).includes(:roles).first
- # Include user domain in lograge logs
- def append_info_to_payload(payload)
- super
- payload[:host] = @user_domain
+ if Rails.configuration.loadbalanced_configuration
+ if @current_user && !@current_user.has_role?(:super_admin) &&
+ @current_user.provider != @user_domain
+ @current_user = nil
+ session.clear
+ end
+ end
+
+ @current_user
+ end
+ helper_method :current_user
+
+ def bbb_server
+ @bbb_server ||= Rails.configuration.loadbalanced_configuration ? bbb(@user_domain) : bbb("greenlight")
+ end
+
+ # Force SSL
+ def redirect_to_https
+ if Rails.configuration.loadbalanced_configuration && request.headers["X-Forwarded-Proto"] == "http"
+ redirect_to protocol: "https://"
+ end
+ end
+
+ # Sets the user domain variable
+ def set_user_domain
+ if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
+ @user_domain = "greenlight"
+ else
+ @user_domain = parse_user_domain(request.host)
+
+ check_provider_exists
+ end
+ end
+
+ # Sets the settinfs variable
+ def set_user_settings
+ @settings = Setting.find_or_create_by(provider: @user_domain)
end
# Show an information page when migration fails and there is a version error.
@@ -52,8 +82,40 @@ class ApplicationController < ActionController::Base
render :migration_error, status: 500 unless ENV["DB_MIGRATE_FAILED"].blank?
end
+ # Sets the appropriate locale.
+ def user_locale(user = current_user)
+ locale = if user && user.language != 'default'
+ user.language
+ else
+ http_accept_language.language_region_compatible_from(I18n.available_locales)
+ end
+ I18n.locale = locale.tr('-', '_') unless locale.nil?
+ end
+
+ # Checks to make sure that the admin has changed his password from the default
+ def check_admin_password
+ if current_user&.has_role?(:admin) && current_user.email == "admin@example.com" &&
+ current_user&.greenlight_account? && current_user&.authenticate(Rails.configuration.admin_password_default)
+
+ flash.now[:alert] = I18n.t("default_admin",
+ edit_link: edit_user_path(user_uid: current_user.uid) + "?setting=password").html_safe
+ end
+ end
+
+ # Checks if the user is banned and logs him out if he is
+ def check_user_role
+ if current_user&.has_role? :denied
+ session.delete(:user_id)
+ redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") }
+ elsif current_user&.has_role? :pending
+ session.delete(:user_id)
+ redirect_to root_path, flash: { alert: I18n.t("registration.approval.fail") }
+ end
+ end
+
+ # Redirects the user to a Maintenance page if turned on
def maintenance_mode?
- if Rails.configuration.maintenance_mode
+ if ENV["MAINTENANCE_MODE"] == "true"
render "errors/greenlight_error", status: 503, formats: :html,
locals: {
status_code: 503,
@@ -68,30 +130,6 @@ class ApplicationController < ActionController::Base
end
end
- # Sets the appropriate locale.
- def set_locale
- update_locale(current_user)
- end
-
- def update_locale(user)
- locale = if user && user.language != 'default'
- user.language
- else
- http_accept_language.language_region_compatible_from(I18n.available_locales)
- end
- I18n.locale = locale.tr('-', '_') unless locale.nil?
- end
-
- def meeting_name_limit
- MEETING_NAME_LIMIT
- end
- helper_method :meeting_name_limit
-
- def user_name_limit
- USER_NAME_LIMIT
- end
- helper_method :user_name_limit
-
# Relative root helper (when deploying to subdirectory).
def relative_root
Rails.configuration.relative_url_root || ""
@@ -105,34 +143,53 @@ class ApplicationController < ActionController::Base
end
helper_method :bigbluebutton_endpoint_default?
- def recording_thumbnails?
- Rails.configuration.recording_thumbnails
+ def allow_greenlight_accounts?
+ return Rails.configuration.allow_user_signup unless Rails.configuration.loadbalanced_configuration
+ return false unless @user_domain && !@user_domain.empty? && Rails.configuration.allow_user_signup
+ return false if @user_domain == "greenlight"
+ # Proceed with retrieving the provider info
+ begin
+ provider_info = retrieve_provider_info(@user_domain, 'api2', 'getUserGreenlightCredentials')
+ provider_info['provider'] == 'greenlight'
+ rescue => e
+ logger.error "Error in checking if greenlight accounts are allowed: #{e}"
+ false
+ end
end
- helper_method :recording_thumbnails?
+ helper_method :allow_greenlight_accounts?
- def allow_greenlight_users?
- allow_greenlight_accounts?
+ # Determine if Greenlight is configured to allow user signups.
+ def allow_user_signup?
+ Rails.configuration.allow_user_signup
end
- helper_method :allow_greenlight_users?
+ helper_method :allow_user_signup?
- # Determines if a form field needs the is-invalid class.
- def form_is_invalid?(obj, key)
- 'is-invalid' unless obj.errors.messages[key].empty?
+ # Gets all configured omniauth providers.
+ def configured_providers
+ Rails.configuration.providers.select do |provider|
+ Rails.configuration.send("omniauth_#{provider}")
+ end
end
- helper_method :form_is_invalid?
+ helper_method :configured_providers
- # Default, unconfigured meeting options.
- def default_meeting_options
- invite_msg = I18n.t("invite_message")
- {
- user_is_moderator: false,
- meeting_logout_url: request.base_url + logout_room_path(@room),
- meeting_recorded: true,
- moderator_message: "#{invite_msg}\n\n#{request.base_url + room_path(@room)}",
- host: request.host,
- recording_default_visibility: Setting.find_or_create_by!(provider: user_settings_provider)
- .get_value("Default Recording Visibility") == "public"
- }
+ # Parses the url for the user domain
+ def parse_user_domain(hostname)
+ return hostname.split('.').first if Rails.configuration.url_host.empty?
+ Rails.configuration.url_host.split(',').each do |url_host|
+ return hostname.chomp(url_host).chomp('.') if hostname.include?(url_host)
+ end
+ ''
+ end
+
+ # Include user domain in lograge logs
+ def append_info_to_payload(payload)
+ super
+ payload[:host] = @user_domain
+ end
+
+ # Manually Handle BigBlueButton errors
+ def handle_bigbluebutton_error
+ render "errors/bigbluebutton_error"
end
# Manually deal with 401 errors
@@ -140,50 +197,6 @@ class ApplicationController < ActionController::Base
render "errors/greenlight_error"
end
- # Checks to make sure that the admin has changed his password from the default
- def check_admin_password
- if current_user&.has_role?(:admin) && current_user.email == "admin@example.com" &&
- current_user&.greenlight_account? && current_user&.authenticate(Rails.configuration.admin_password_default)
-
- flash.now[:alert] = I18n.t("default_admin",
- edit_link: edit_user_path(user_uid: current_user.uid) + "?setting=password").html_safe
- end
- end
-
- def redirect_to_https
- if Rails.configuration.loadbalanced_configuration && request.headers["X-Forwarded-Proto"] == "http"
- redirect_to protocol: "https://"
- end
- end
-
- def set_user_domain
- if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
- @user_domain = "greenlight"
- else
- @user_domain = parse_user_domain(request.host)
-
- check_provider_exists
- end
- end
- helper_method :set_user_domain
-
- # Checks if the user is banned and logs him out if he is
- def check_user_role
- if current_user&.has_role? :denied
- session.delete(:user_id)
- redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") }
- elsif current_user&.has_role? :pending
- session.delete(:user_id)
- redirect_to root_path, flash: { alert: I18n.t("registration.approval.fail") }
- end
- end
- helper_method :check_user_role
-
- # Manually Handle BigBlueButton errors
- def handle_bigbluebutton_error
- render "errors/bigbluebutton_error"
- end
-
private
def check_provider_exists
@@ -198,6 +211,7 @@ class ApplicationController < ActionController::Base
# Add a session variable if the provider exists
session[:provider_exists] = @user_domain
rescue => e
+ logger.error "Error in retrieve provider info: #{e}"
# Use the default site settings
@user_domain = "greenlight"
diff --git a/app/helpers/sessions_helper.rb b/app/controllers/concerns/authenticator.rb
similarity index 54%
rename from app/helpers/sessions_helper.rb
rename to app/controllers/concerns/authenticator.rb
index e0183be6..e4ba2c04 100644
--- a/app/helpers/sessions_helper.rb
+++ b/app/controllers/concerns/authenticator.rb
@@ -16,15 +16,15 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
-module SessionsHelper
+module Authenticator
+ extend ActiveSupport::Concern
+
# Logs a user into GreenLight.
def login(user)
migrate_twitter_user(user)
session[:user_id] = user.id
- logger.info("Support: #{user.email} has successfully logged in.")
-
# If there are not terms, or the user has accepted them, check for email verification
if !Rails.configuration.terms || user.accepted_terms
check_email_verified(user)
@@ -61,69 +61,9 @@ module SessionsHelper
session.delete(:user_id) if current_user
end
- # Retrieves the current user.
- def current_user
- @current_user ||= User.where(id: session[:user_id]).includes(:roles).first
-
- if Rails.configuration.loadbalanced_configuration
- if @current_user && !@current_user.has_role?(:super_admin) &&
- @current_user.provider != @user_domain
- @current_user = nil
- session.clear
- end
- end
-
- @current_user
- end
-
- def generate_checksum(user_domain, redirect_url, secret)
- string = user_domain + redirect_url + secret
- OpenSSL::Digest.digest('sha1', string).unpack1("H*")
- end
-
- def parse_user_domain(hostname)
- return hostname.split('.').first if Rails.configuration.url_host.empty?
- Rails.configuration.url_host.split(',').each do |url_host|
- return hostname.chomp(url_host).chomp('.') if hostname.include?(url_host)
- end
- ''
- end
-
- def omniauth_options(env)
- if env['omniauth.strategy'].options[:name] == "bn_launcher"
- protocol = Rails.env.production? ? "https" : env["rack.url_scheme"]
-
- customer_redirect_url = protocol + "://" + env["SERVER_NAME"] + ":" +
- env["SERVER_PORT"]
- user_domain = parse_user_domain(env["SERVER_NAME"])
- env['omniauth.strategy'].options[:customer] = user_domain
- env['omniauth.strategy'].options[:customer_redirect_url] = customer_redirect_url
- env['omniauth.strategy'].options[:default_callback_url] = Rails.configuration.gl_callback_url
-
- # This is only used in the old launcher and should eventually be removed
- env['omniauth.strategy'].options[:checksum] = generate_checksum(user_domain, customer_redirect_url,
- Rails.configuration.launcher_secret)
- elsif env['omniauth.strategy'].options[:name] == "google"
- set_hd(env, ENV['GOOGLE_OAUTH2_HD'])
- elsif env['omniauth.strategy'].options[:name] == "office365"
- set_hd(env, ENV['OFFICE365_HD'])
- end
- end
-
- def set_hd(env, hd)
- if hd
- hd_opts = hd.split(',')
- env['omniauth.strategy'].options[:hd] =
- if hd_opts.empty?
- nil
- elsif hd_opts.length == 1
- hd_opts[0]
- else
- hd_opts
- end
- end
- end
+ private
+ # Migrates all of the twitter users rooms to the new account
def migrate_twitter_user(user)
if !session["old_twitter_user_id"].nil? && user.provider != "twitter"
old_user = User.find(session["old_twitter_user_id"])
diff --git a/app/controllers/concerns/bbb_server.rb b/app/controllers/concerns/bbb_server.rb
new file mode 100644
index 00000000..02b3fde7
--- /dev/null
+++ b/app/controllers/concerns/bbb_server.rb
@@ -0,0 +1,109 @@
+# frozen_string_literal: true
+
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see .
+
+require 'bigbluebutton_api'
+
+module BbbServer
+ extend ActiveSupport::Concern
+ include BbbApi
+
+ META_LISTED = "gl-listed"
+
+ # Checks if a room is running on the BigBlueButton server.
+ def room_running?(bbb_id)
+ bbb_server.is_meeting_running?(bbb_id)
+ end
+
+ def get_recordings(meeting_id)
+ bbb_server.get_recordings(meetingID: meeting_id)
+ end
+
+ def get_multiple_recordings(meeting_ids)
+ bbb_server.get_recordings(meetingID: meeting_ids)
+ end
+
+ # Returns a URL to join a user into a meeting.
+ def join_path(room, name, options = {}, uid = nil)
+ # Create the meeting, even if it's running
+ start_session(room, options)
+
+ # Determine the password to use when joining.
+ password = options[:user_is_moderator] ? room.moderator_pw : room.attendee_pw
+
+ # Generate the join URL.
+ join_opts = {}
+ join_opts[:userID] = uid if uid
+ join_opts[:join_via_html5] = true
+ join_opts[:guest] = true if options[:require_moderator_approval] && !options[:user_is_moderator]
+
+ bbb_server.join_meeting_url(room.bbb_id, name, password, join_opts)
+ end
+
+ # Creates a meeting on the BigBlueButton server.
+ def start_session(room, options = {})
+ create_options = {
+ record: options[:meeting_recorded].to_s,
+ logoutURL: options[:meeting_logout_url] || '',
+ moderatorPW: room.moderator_pw,
+ attendeePW: room.attendee_pw,
+ moderatorOnlyMessage: options[:moderator_message],
+ muteOnStart: options[:mute_on_start] || false,
+ "meta_#{META_LISTED}": options[:recording_default_visibility] || false,
+ "meta_bbb-origin-version": Greenlight::Application::VERSION,
+ "meta_bbb-origin": "Greenlight",
+ "meta_bbb-origin-server-name": options[:host]
+ }
+
+ create_options[:guestPolicy] = "ASK_MODERATOR" if options[:require_moderator_approval]
+
+ # Send the create request.
+ begin
+ meeting = bbb_server.create_meeting(room.name, room.bbb_id, create_options)
+ # Update session info.
+ unless meeting[:messageKey] == 'duplicateWarning'
+ room.update_attributes(sessions: room.sessions + 1,
+ last_session: DateTime.now)
+ end
+ rescue BigBlueButton::BigBlueButtonException => e
+ puts "BigBlueButton failed on create: #{e.key}: #{e.message}"
+ raise e
+ end
+ end
+
+ # Gets the number of recordings for this room
+ def recording_count(bbb_id)
+ bbb_server.get_recordings(meetingID: bbb_id)[:recordings].length
+ end
+
+ # Update a recording from a room
+ def update_recording(record_id, meta)
+ meta[:recordID] = record_id
+ bbb_server.send_api_request("updateRecordings", meta)
+ end
+
+ # Deletes a recording from a room.
+ def delete_recording(record_id)
+ bbb_server.delete_recordings(record_id)
+ end
+
+ # Deletes all recordings associated with the room.
+ def delete_all_recordings(bbb_id)
+ record_ids = bbb_server.get_recordings(meetingID: bbb_id)[:recordings].pluck(:recordID)
+ bbb_server.delete_recordings(record_ids) unless record_ids.empty?
+ end
+end
diff --git a/app/controllers/concerns/emailer.rb b/app/controllers/concerns/emailer.rb
index 9146bb00..378ad62e 100644
--- a/app/controllers/concerns/emailer.rb
+++ b/app/controllers/concerns/emailer.rb
@@ -21,69 +21,110 @@ module Emailer
# Sends account activation email.
def send_activation_email(user)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- @user = user
- UserMailer.verify_email(@user, user_verification_link, logo_image, user_color).deliver
+ UserMailer.verify_email(user, user_verification_link(user), @settings).deliver
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ else
+ flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
+ end
end
# Sends password reset email.
def send_password_reset_email(user)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- @user = user
- UserMailer.password_reset(@user, reset_link, logo_image, user_color).deliver_now
+ UserMailer.password_reset(user, reset_link(user), @settings).deliver_now
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ else
+ flash[:success] = I18n.t("email_sent", email_type: t("reset_password.subtitle"))
+ end
end
def send_user_promoted_email(user, role)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- UserMailer.user_promoted(user, role, root_url, logo_image, user_color).deliver_now
+ UserMailer.user_promoted(user, role, root_url, @settings).deliver_now
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ end
end
def send_user_demoted_email(user, role)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- UserMailer.user_demoted(user, role, root_url, logo_image, user_color).deliver_now
+ UserMailer.user_demoted(user, role, root_url, @settings).deliver_now
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ end
end
# Sends inivitation to join
def send_invitation_email(name, email, token)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- @token = token
- UserMailer.invite_email(name, email, invitation_link, logo_image, user_color).deliver_now
+ UserMailer.invite_email(name, email, invitation_link(token), @settings).deliver_now
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ else
+ flash[:success] = I18n.t("administrator.flash.invite", email: email)
+ end
end
def send_user_approved_email(user)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- UserMailer.approve_user(user, root_url, logo_image, user_color).deliver_now
+ UserMailer.approve_user(user, root_url, @settings).deliver_now
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ else
+ flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
+ end
end
def send_approval_user_signup_email(user)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- admin_emails = admin_emails()
- unless admin_emails.empty?
- UserMailer.approval_user_signup(user, admins_url, logo_image, user_color, admin_emails).deliver_now
+ admin_emails = admin_emails()
+ UserMailer.approval_user_signup(user, admins_url, admin_emails, @settings).deliver_now unless admin_emails.empty?
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
end
end
def send_invite_user_signup_email(user)
- return unless Rails.configuration.enable_email_verification
+ begin
+ return unless Rails.configuration.enable_email_verification
- admin_emails = admin_emails()
- unless admin_emails.empty?
- UserMailer.invite_user_signup(user, admins_url, logo_image, user_color, admin_emails).deliver_now
+ admin_emails = admin_emails()
+ UserMailer.invite_user_signup(user, admins_url, admin_emails, @settings).deliver_now unless admin_emails.empty?
+ rescue => e
+ logger.error "Support: Error in email delivery: #{e}"
+ flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
end
end
private
# Returns the link the user needs to click to verify their account
- def user_verification_link
- edit_account_activation_url(token: @user.activation_token, email: @user.email)
+ def user_verification_link(user)
+ edit_account_activation_url(token: user.activation_token, email: user.email)
end
def admin_emails
@@ -91,21 +132,21 @@ module Emailer
if Rails.configuration.loadbalanced_configuration
admins = admins.without_role(:super_admin)
- .where(provider: user_settings_provider)
+ .where(provider: @user_domain)
end
admins.collect(&:email).join(",")
end
- def reset_link
- edit_password_reset_url(@user.reset_token, email: @user.email)
+ def reset_link(user)
+ edit_password_reset_url(user.reset_token, email: user.email)
end
- def invitation_link
- if allow_greenlight_users?
- signup_url(invite_token: @token)
+ def invitation_link(token)
+ if allow_greenlight_accounts?
+ signup_url(invite_token: token)
else
- root_url(invite_token: @token)
+ root_url(invite_token: token)
end
end
end
diff --git a/app/controllers/concerns/recorder.rb b/app/controllers/concerns/recorder.rb
index 53e777e4..30a2dff2 100644
--- a/app/controllers/concerns/recorder.rb
+++ b/app/controllers/concerns/recorder.rb
@@ -18,29 +18,29 @@
module Recorder
extend ActiveSupport::Concern
- include ::BbbApi
+ include RecordingsHelper
# Fetches all recordings for a room.
- def recordings(room_bbb_id, provider, search_params = {}, ret_search_params = false)
- res = bbb(provider).get_recordings(meetingID: room_bbb_id)
+ def recordings(room_bbb_id, search_params = {}, ret_search_params = false)
+ res = get_recordings(room_bbb_id)
format_recordings(res, search_params, ret_search_params)
end
# Fetches a rooms public recordings.
- def public_recordings(room_bbb_id, provider, search_params = {}, ret_search_params = false)
- search, order_col, order_dir, recs = recordings(room_bbb_id, provider, search_params, ret_search_params)
+ def public_recordings(room_bbb_id, search_params = {}, ret_search_params = false)
+ search, order_col, order_dir, recs = recordings(room_bbb_id, search_params, ret_search_params)
[search, order_col, order_dir, recs.select { |r| r[:metadata][:"gl-listed"] == "true" }]
end
# Makes paginated API calls to get recordings
- def all_recordings(room_bbb_ids, provider, search_params = {}, ret_search_params = false, search_name = false)
+ def all_recordings(room_bbb_ids, search_params = {}, ret_search_params = false, search_name = false)
res = { recordings: [] }
until room_bbb_ids.empty?
# bbb.get_recordings returns an object
# take only the array portion of the object that is returned
- full_res = bbb(provider).get_recordings(meetingID: room_bbb_ids.pop(Rails.configuration.pagination_number))
+ full_res = get_multiple_recordings(room_bbb_ids.pop(Rails.configuration.pagination_number))
res[:recordings].push(*full_res[:recordings])
end
diff --git a/app/controllers/concerns/registrar.rb b/app/controllers/concerns/registrar.rb
index 79c0a622..34a77286 100644
--- a/app/controllers/concerns/registrar.rb
+++ b/app/controllers/concerns/registrar.rb
@@ -19,20 +19,12 @@
module Registrar
extend ActiveSupport::Concern
- def registration_method
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Registration Method")
- end
-
- def open_registration
- registration_method == Rails.configuration.registration_methods[:open]
- end
-
def approval_registration
- registration_method == Rails.configuration.registration_methods[:approval]
+ @settings.get_value("Registration Method") == Rails.configuration.registration_methods[:approval]
end
def invite_registration
- registration_method == Rails.configuration.registration_methods[:invite]
+ @settings.get_value("Registration Method") == Rails.configuration.registration_methods[:invite]
end
# Returns a hash containing whether the user has been invited and if they
diff --git a/app/controllers/concerns/rolify.rb b/app/controllers/concerns/rolify.rb
new file mode 100644
index 00000000..589a6d49
--- /dev/null
+++ b/app/controllers/concerns/rolify.rb
@@ -0,0 +1,161 @@
+# frozen_string_literal: true
+
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see .
+
+module Rolify
+ extend ActiveSupport::Concern
+
+ # Gets all roles
+ def all_roles(selected_role)
+ @roles = Role.editable_roles(@user_domain)
+
+ if @roles.count.zero?
+ Role.create_default_roles(@user_domain)
+ @roles = Role.editable_roles(@user_domain)
+ end
+
+ @selected_role = if selected_role.nil?
+ @roles.find_by(name: 'user')
+ else
+ @roles.find(selected_role)
+ end
+
+ @roles
+ end
+
+ # Creates a new role
+ def create_role(new_role_name)
+ # Make sure that the role name isn't a duplicate or a reserved name like super_admin or empty
+ return nil if Role.duplicate_name(new_role_name, @user_domain) || new_role_name.strip.empty?
+
+ Role.create_new_role(new_role_name, @user_domain)
+ end
+
+ # Updates a user's roles
+ def update_roles(roles)
+ # Check that the user can manage users
+ return true unless current_user.highest_priority_role.can_manage_users
+
+ new_roles = roles.split(' ').map(&:to_i)
+ old_roles = @user.roles.pluck(:id)
+
+ added_role_ids = new_roles - old_roles
+ removed_role_ids = old_roles - new_roles
+
+ added_roles = []
+ removed_roles = []
+ current_user_role = current_user.highest_priority_role
+
+ # Check that the user has the permissions to add all the new roles
+ added_role_ids.each do |id|
+ role = Role.find(id)
+
+ # Admins are able to add the admin role to other users. All other roles may only
+ # add roles with a higher priority
+ if (role.priority > current_user_role.priority || current_user_role.name == "admin") &&
+ role.provider == @user_domain
+ added_roles << role
+ else
+ return false
+ end
+ end
+
+ # Check that the user has the permissions to remove all the deleted roles
+ removed_role_ids.each do |id|
+ role = Role.find(id)
+
+ # Admins are able to remove the admin role from other users. All other roles may only
+ # remove roles with a higher priority
+ if (role.priority > current_user_role.priority || current_user_role.name == "admin") &&
+ role.provider == @user_domain
+ removed_roles << role
+ else
+ return false
+ end
+ end
+
+ # Send promoted/demoted emails
+ added_roles.each { |role| send_user_promoted_email(@user, role) if role.send_promoted_email }
+ removed_roles.each { |role| send_user_demoted_email(@user, role) if role.send_demoted_email }
+
+ # Update the roles
+ @user.roles.delete(removed_roles)
+ @user.roles << added_roles
+
+ # Make sure each user always has at least the user role
+ @user.roles = [Role.find_by(name: "user", provider: @user_domain)] if @user.roles.count.zero?
+
+ @user.save!
+ end
+
+ # Updates a roles priority
+ def update_priority(role_to_update)
+ user_role = Role.find_by(name: "user", provider: @user_domain)
+ admin_role = Role.find_by(name: "admin", provider: @user_domain)
+
+ current_user_role = current_user.highest_priority_role
+
+ # Users aren't allowed to update the priority of the admin or user roles
+ return false if role_to_update.include?(user_role.id.to_s) || role_to_update.include?(admin_role.id.to_s)
+
+ # Restrict users to only updating the priority for roles in their domain with a higher
+ # priority
+ role_to_update.each do |id|
+ role = Role.find(id)
+ return false if role.priority <= current_user_role.priority || role.provider != @user_domain
+ end
+
+ # Update the roles priority including the user role
+ top_priority = 0
+
+ role_to_update.each_with_index do |id, index|
+ new_priority = index + [current_user_role.priority, 0].max + 1
+ top_priority = new_priority
+ Role.where(id: id).update_all(priority: new_priority)
+ end
+
+ user_role.priority = top_priority + 1
+ user_role.save!
+ end
+
+ # Update Permissions
+ def update_permissions(role)
+ current_user_role = current_user.highest_priority_role
+
+ # Checks that it is valid for the provider to update the role
+ return false if role.priority <= current_user_role.priority || role.provider != @user_domain
+
+ role_params = params.require(:role).permit(:name)
+ permission_params = params.require(:role).permit(:can_create_rooms, :send_promoted_email,
+ :send_demoted_email, :can_edit_site_settings, :can_edit_roles, :can_manage_users, :colour)
+
+ # Role is a default role so users can't change the name
+ role_params[:name] = role.name if Role::RESERVED_ROLE_NAMES.include?(role.name)
+
+ # Make sure if the user is updating the role name that the role name is valid
+ if role.name != role_params[:name] && !Role.duplicate_name(role_params[:name], @user_domain) &&
+ !role_params[:name].strip.empty?
+ role.name = role_params[:name]
+ elsif role.name != role_params[:name]
+ return false
+ end
+
+ role.update(permission_params)
+
+ role.save!
+ end
+end
diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb
index 84ccb389..9c77194b 100644
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -20,45 +20,47 @@ class PasswordResetsController < ApplicationController
include Emailer
before_action :disable_password_reset, unless: -> { Rails.configuration.enable_email_verification }
- before_action :find_user, only: [:edit, :update]
+ before_action :find_user, only: [:edit, :update]
before_action :valid_user, only: [:edit, :update]
before_action :check_expiration, only: [:edit, :update]
- def index
+ # POST /password_resets/new
+ def new
end
+ # POST /password_resets
def create
- @user = User.find_by(email: params[:password_reset][:email].downcase)
- if @user
+ begin
+ # Check if user exists and throw an error if he doesn't
+ @user = User.find_by!(email: params[:password_reset][:email].downcase)
+
@user.create_reset_digest
send_password_reset_email(@user)
- flash[:success] = I18n.t("email_sent", email_type: t("reset_password.subtitle"))
redirect_to root_path
- else
- flash[:alert] = I18n.t("no_user_email_exists")
- redirect_to new_password_reset_path
+ rescue
+ # User doesn't exist
+ redirect_to new_password_reset_path, flash: { alert: I18n.t("no_user_email_exists") }
end
- rescue => e
- logger.error "Support: Error in email delivery: #{e}"
- redirect_to root_path, alert: I18n.t(params[:message], default: I18n.t("delivery_error"))
end
+ # GET /password_resets/:id/edit
def edit
end
+ # PATCH /password_resets/:id
def update
+ # Check if password is valid
if params[:user][:password].empty?
flash.now[:alert] = I18n.t("password_empty_notice")
- render 'edit'
elsif params[:user][:password] != params[:user][:password_confirmation]
+ # Password does not match password confirmation
flash.now[:alert] = I18n.t("password_different_notice")
- render 'edit'
elsif @user.update_attributes(user_params)
- flash[:success] = I18n.t("password_reset_success")
- redirect_to root_path
- else
- render 'edit'
+ # Successfully reset password
+ return redirect_to root_path, flash: { success: I18n.t("password_reset_success") }
end
+
+ render 'edit'
end
private
@@ -84,6 +86,7 @@ class PasswordResetsController < ApplicationController
end
end
+ # Redirects to 404 if emails are not enabled
def disable_password_reset
redirect_to '/404'
end
diff --git a/app/controllers/recordings_controller.rb b/app/controllers/recordings_controller.rb
index ad1c2806..d9e7f9e8 100644
--- a/app/controllers/recordings_controller.rb
+++ b/app/controllers/recordings_controller.rb
@@ -23,23 +23,23 @@ class RecordingsController < ApplicationController
META_LISTED = "gl-listed"
# POST /:meetingID/:record_id
- def update_recording
+ def update
meta = {
"meta_#{META_LISTED}" => (params[:state] == "public"),
}
- res = @room.update_recording(params[:record_id], meta)
+ res = update_recording(params[:record_id], meta)
# Redirects to the page that made the initial request
- redirect_to request.referrer if res[:updated]
+ redirect_back fallback_location: root_path if res[:updated]
end
# DELETE /:meetingID/:record_id
- def delete_recording
- @room.delete_recording(params[:record_id])
+ def delete
+ delete_recording(params[:record_id])
# Redirects to the page that made the initial request
- redirect_to request.referrer
+ redirect_back fallback_location: root_path
end
private
diff --git a/app/controllers/rooms_controller.rb b/app/controllers/rooms_controller.rb
index 4771d7de..1aee8f00 100644
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@@ -17,7 +17,6 @@
# with BigBlueButton; if not, see .
class RoomsController < ApplicationController
- include RecordingsHelper
include Pagy::Backend
include Recorder
@@ -32,42 +31,47 @@ class RoomsController < ApplicationController
# POST /
def create
- redirect_to(root_path) && return unless current_user
+ # Return to root if user is not signed in
+ return redirect_to root_path unless current_user
+ # Check if the user has not exceeded the room limit
return redirect_to current_user.main_room, flash: { alert: I18n.t("room.room_limit") } if room_limit_exceeded
+ # Create room
@room = Room.new(name: room_params[:name], access_code: room_params[:access_code])
@room.owner = current_user
- @room.room_settings = create_room_settings_string(room_params[:mute_on_join],
- room_params[:require_moderator_approval], room_params[:anyone_can_start], room_params[:all_join_moderator])
+ @room.room_settings = create_room_settings_string(room_params)
+ # Save the room
if @room.save
- logger.info("Support: #{current_user.email} has created a new room #{@room.uid}.")
+ logger.info "Support: #{current_user.email} has created a new room #{@room.uid}."
+ # Start the room if auto join was turned on
if room_params[:auto_join] == "1"
start
else
- flash[:success] = I18n.t("room.create_room_success")
- redirect_to @room
+ redirect_to @room, flash: { success: I18n.t("room.create_room_success") }
end
else
- flash[:alert] = I18n.t("room.create_room_error")
- redirect_to current_user.main_room
+ redirect_to current_user.main_room, flash: { alert: I18n.t("room.create_room_error") }
end
end
# GET /:room_uid
def show
- @is_running = @room.running?
@anyone_can_start = JSON.parse(@room[:room_settings])["anyoneCanStart"]
+ @room_running = room_running?(@room.bbb_id)
+ # If its the current user's room
if current_user && @room.owned_by?(current_user)
if current_user.highest_priority_role.can_create_rooms
+ # User is allowed to have rooms
@search, @order_column, @order_direction, recs =
- recordings(@room.bbb_id, @user_domain, params.permit(:search, :column, :direction), true)
+ recordings(@room.bbb_id, params.permit(:search, :column, :direction), true)
@pagy, @recordings = pagy_array(recs)
else
+ # Render view for users that cant create rooms
@recent_rooms = Room.where(id: cookies.encrypted["#{current_user.uid}_recently_joined_rooms"])
render :cant_create_rooms
end
@@ -84,7 +88,7 @@ class RoomsController < ApplicationController
end
@search, @order_column, @order_direction, pub_recs =
- public_recordings(@room.bbb_id, @user_domain, params.permit(:search, :column, :direction), true)
+ public_recordings(@room.bbb_id, params.permit(:search, :column, :direction), true)
@pagy, @public_recordings = pagy_array(pub_recs)
@@ -94,20 +98,13 @@ class RoomsController < ApplicationController
# PATCH /:room_uid
def update
- if params[:setting] == "rename_block"
- @room = Room.find_by!(uid: params[:room_block_uid])
- update_room_attributes("name")
- elsif params[:setting] == "rename_header"
+ if params[:setting] == "rename_header"
update_room_attributes("name")
elsif params[:setting] == "rename_recording"
- @room.update_recording(params[:record_id], "meta_name" => params[:record_name])
+ update_recording(params[:record_id], "meta_name" => params[:record_name])
end
- if request.referrer
- redirect_to request.referrer
- else
- redirect_to room_path
- end
+ redirect_back fallback_location: room_path
end
# POST /:room_uid
@@ -115,10 +112,8 @@ class RoomsController < ApplicationController
return redirect_to root_path,
flash: { alert: I18n.t("administrator.site_settings.authentication.user-info") } if auth_required
- opts = default_meeting_options
unless @room.owned_by?(current_user)
- # Don't allow users to join unless they have a valid access code or the room doesn't
- # have an access code
+ # Don't allow users to join unless they have a valid access code or the room doesn't have an access code
if @room.access_code && !@room.access_code.empty? && @room.access_code != session[:access_code]
return redirect_to room_path(room_uid: params[:room_uid]), flash: { alert: I18n.t("room.access_code_required") }
end
@@ -138,41 +133,41 @@ class RoomsController < ApplicationController
if current_user
# create or update cookie to track the three most recent rooms a user joined
recently_joined_rooms = cookies.encrypted["#{current_user.uid}_recently_joined_rooms"].to_a
- cookies.encrypted["#{current_user.uid}_recently_joined_rooms"] = recently_joined_rooms.prepend(@room.id)
- .uniq[0..2]
+ cookies.encrypted["#{current_user.uid}_recently_joined_rooms"] =
+ recently_joined_rooms.prepend(@room.id).uniq[0..2]
end
- logger.info("Support: #{current_user.present? ? current_user.email : @join_name} is joining room #{@room.uid}")
-
- join_room(opts)
+ logger.info "Support: #{current_user.present? ? current_user.email : @join_name} is joining room #{@room.uid}"
+ join_room(default_meeting_options)
end
# DELETE /:room_uid
def destroy
# Don't delete the users home room.
- @room.destroy if @room.owned_by?(current_user) && @room != current_user.main_room
+ if @room.owned_by?(current_user) && @room != current_user.main_room
+ @room.destroy
+ delete_all_recordings(@room.bbb_id)
+ end
redirect_to current_user.main_room
end
- # POST room/join
+ # POST /room/join
def join_specific_room
room_uid = params[:join_room][:url].split('/').last
begin
- @room = Room.find_by(uid: room_uid)
+ @room = Room.find_by!(uid: room_uid)
rescue ActiveRecord::RecordNotFound
return redirect_to current_user.main_room, alert: I18n.t("room.no_room.invalid_room_uid")
end
- return redirect_to current_user.main_room, alert: I18n.t("room.no_room.invalid_room_uid") if @room.nil?
-
redirect_to room_path(@room)
end
# POST /:room_uid/start
def start
- logger.info("Support: #{current_user.email} is starting room #{@room.uid}")
+ logger.info "Support: #{current_user.email} is starting room #{@room.uid}"
# Join the user in and start the meeting.
opts = default_meeting_options
@@ -184,7 +179,7 @@ class RoomsController < ApplicationController
opts[:require_moderator_approval] = room_settings["requireModeratorApproval"]
begin
- redirect_to @room.join_path(current_user.name, opts, current_user.uid)
+ redirect_to join_path(@room, current_user.name, opts, current_user.uid)
rescue BigBlueButton::BigBlueButtonException => e
logger.error("Support: #{@room.uid} start failed: #{e}")
@@ -208,7 +203,8 @@ class RoomsController < ApplicationController
update_room_attributes("name") if @room.name != room_params[:name]
# Update the room's access code if it has changed
update_room_attributes("access_code") if @room.access_code != room_params[:access_code]
- rescue StandardError
+ rescue => e
+ logger.error "Error in updating room settings: #{e}"
flash[:alert] = I18n.t("room.update_settings_error")
else
flash[:success] = I18n.t("room.update_settings_success")
@@ -218,7 +214,7 @@ class RoomsController < ApplicationController
# GET /:room_uid/logout
def logout
- logger.info("Support: #{current_user.present? ? current_user.email : 'Guest'} has left room #{@room.uid}")
+ logger.info "Support: #{current_user.present? ? current_user.email : 'Guest'} has left room #{@room.uid}"
# Redirect the correct page.
redirect_to @room
@@ -240,8 +236,7 @@ class RoomsController < ApplicationController
if update_type.eql? "name"
@room.update_attributes(name: params[:room_name] || room_params[:name])
elsif update_type.eql? "settings"
- room_settings_string = create_room_settings_string(room_params[:mute_on_join],
- room_params[:require_moderator_approval], room_params[:anyone_can_start], room_params[:all_join_moderator])
+ room_settings_string = create_room_settings_string(room_params)
@room.update_attributes(room_settings: room_settings_string)
elsif update_type.eql? "access_code"
@room.update_attributes(access_code: room_params[:access_code])
@@ -249,15 +244,15 @@ class RoomsController < ApplicationController
end
end
- def create_room_settings_string(mute_res, require_approval_res, start_res, join_mod)
+ def create_room_settings_string(options)
room_settings = {}
- room_settings["muteOnStart"] = mute_res == "1"
+ room_settings["muteOnStart"] = options[:mute_on_join] == "1"
- room_settings["requireModeratorApproval"] = require_approval_res == "1"
+ room_settings["requireModeratorApproval"] = options[:require_moderator_approval] == "1"
- room_settings["anyoneCanStart"] = start_res == "1"
+ room_settings["anyoneCanStart"] = options[:anyone_can_start] == "1"
- room_settings["joinModerator"] = join_mod == "1"
+ room_settings["joinModerator"] = options[:all_join_moderator] == "1"
room_settings.to_json
end
@@ -289,15 +284,11 @@ class RoomsController < ApplicationController
end
def validate_accepted_terms
- if current_user
- redirect_to terms_path unless current_user.accepted_terms
- end
+ redirect_to terms_path if current_user && !current_user&.accepted_terms
end
def validate_verified_email
- if current_user
- redirect_to account_activation_path(current_user) unless current_user.activated?
- end
+ redirect_to account_activation_path(current_user) if current_user && !current_user&.activated?
end
def verify_room_owner_verified
@@ -313,28 +304,28 @@ class RoomsController < ApplicationController
end
def verify_user_not_admin
- redirect_to admins_path if current_user && current_user&.has_role?(:super_admin)
+ redirect_to admins_path if current_user&.has_role?(:super_admin)
end
def auth_required
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true" &&
- current_user.nil?
+ @settings.get_value("Room Authentication") == "true" && current_user.nil?
end
def room_limit_exceeded
- limit = Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Limit").to_i
+ limit = @settings.get_value("Room Limit").to_i
- # Does not apply to admin
+ # Does not apply to admin or users that aren't signed in
# 15+ option is used as unlimited
return false if current_user&.has_role?(:admin) || limit == 15
- current_user.rooms.count >= limit
+ current_user.rooms.length >= limit
end
+ helper_method :room_limit_exceeded
def join_room(opts)
room_settings = JSON.parse(@room[:room_settings])
- if @room.running? || @room.owned_by?(current_user) || room_settings["anyoneCanStart"]
+ if room_running?(@room.bbb_id) || @room.owned_by?(current_user) || room_settings["anyoneCanStart"]
# Determine if the user needs to join as a moderator.
opts[:user_is_moderator] = @room.owned_by?(current_user) || room_settings["joinModerator"]
@@ -342,15 +333,15 @@ class RoomsController < ApplicationController
opts[:require_moderator_approval] = room_settings["requireModeratorApproval"]
if current_user
- redirect_to @room.join_path(current_user.name, opts, current_user.uid)
+ redirect_to join_path(@room, current_user.name, opts, current_user.uid)
else
join_name = params[:join_name] || params[@room.invite_path][:join_name]
- redirect_to @room.join_path(join_name, opts)
+ redirect_to join_path(@room, join_name, opts)
end
else
search_params = params[@room.invite_path] || params
@search, @order_column, @order_direction, pub_recs =
- public_recordings(@room.bbb_id, @user_domain, search_params.permit(:search, :column, :direction), true)
+ public_recordings(@room.bbb_id, search_params.permit(:search, :column, :direction), true)
@pagy, @public_recordings = pagy_array(pub_recs)
@@ -362,4 +353,17 @@ class RoomsController < ApplicationController
def incorrect_user_domain
Rails.configuration.loadbalanced_configuration && @room.owner.provider != @user_domain
end
+
+ # Default, unconfigured meeting options.
+ def default_meeting_options
+ invite_msg = I18n.t("invite_message")
+ {
+ user_is_moderator: false,
+ meeting_logout_url: request.base_url + logout_room_path(@room),
+ meeting_recorded: true,
+ moderator_message: "#{invite_msg}\n\n#{request.base_url + room_path(@room)}",
+ host: request.host,
+ recording_default_visibility: @settings.get_value("Default Recording Visibility") == "public"
+ }
+ end
end
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index cde24e24..22c7f396 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -17,21 +17,16 @@
# with BigBlueButton; if not, see .
class SessionsController < ApplicationController
+ include Authenticator
include Registrar
include Emailer
include LdapAuthenticator
skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
- # GET /users/logout
- def destroy
- logout
- redirect_to root_path
- end
-
# POST /users/login
def create
- logger.info("Support: #{session_params[:email]} is attempting to login.")
+ logger.info "Support: #{session_params[:email]} is attempting to login."
admin = User.find_by(email: session_params[:email])
if admin&.has_role? :super_admin
@@ -48,11 +43,22 @@ class SessionsController < ApplicationController
login(user)
end
+ # GET /users/logout
+ def destroy
+ logout
+ redirect_to root_path
+ end
+
# GET/POST /auth/:provider/callback
def omniauth
@auth = request.env['omniauth.auth']
- process_signin
+ begin
+ process_signin
+ rescue => e
+ logger.error "Error authenticating via omniauth: #{e}"
+ omniauth_fail
+ end
end
# POST /auth/failure
@@ -81,15 +87,16 @@ class SessionsController < ApplicationController
result = send_ldap_request(params[:session], ldap_config)
- if result
- result = result.first
- else
- return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials"))
+ return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials")) unless result
+
+ @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD'])
+
+ begin
+ process_signin
+ rescue => e
+ logger.error "Support: Error authenticating via omniauth: #{e}"
+ omniauth_fail
end
-
- @auth = parse_auth(result, ENV['LDAP_ROLE_FIELD'])
-
- process_signin
end
private
@@ -112,47 +119,39 @@ class SessionsController < ApplicationController
end
def process_signin
- begin
- @user_exists = check_user_exists
+ @user_exists = check_user_exists
- if !@user_exists && @auth['provider'] == "twitter"
- return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
+ if !@user_exists && @auth['provider'] == "twitter"
+ return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
+ end
+
+ # If using invitation registration method, make sure user is invited
+ return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
+
+ user = User.from_omniauth(@auth)
+
+ logger.info "Support: Auth user #{user.email} is attempting to login."
+
+ # Add pending role if approval method and is a new user
+ if approval_registration && !@user_exists
+ user.add_role :pending
+
+ # Inform admins that a user signed up if emails are turned on
+ send_approval_user_signup_email(user)
+
+ return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
+ end
+
+ send_invite_user_signup_email(user) if invite_registration && !@user_exists
+
+ login(user)
+
+ if @auth['provider'] == "twitter"
+ flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
+ I18n.t("registration.deprecated.twitter_signin", link: signup_path(old_twitter_user_id: user.id))
+ else
+ I18n.t("registration.deprecated.twitter_signin", link: signin_path(old_twitter_user_id: user.id))
end
-
- # If using invitation registration method, make sure user is invited
- return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
-
- user = User.from_omniauth(@auth)
-
- logger.info("Support: Auth user #{user.email} is attempting to login.")
-
- # Add pending role if approval method and is a new user
- if approval_registration && !@user_exists
- user.add_role :pending
-
- # Inform admins that a user signed up if emails are turned on
- send_approval_user_signup_email(user) if Rails.configuration.enable_email_verification
-
- return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
- end
-
- send_invite_user_signup_email(user) if Rails.configuration.enable_email_verification &&
- invite_registration && !@user_exists
-
- login(user)
-
- if @auth['provider'] == "twitter"
- flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
- I18n.t("registration.deprecated.twitter_signin",
- link: signup_path(old_twitter_user_id: user.id))
- else
- I18n.t("registration.deprecated.twitter_signin",
- link: signin_path(old_twitter_user_id: user.id))
- end
- end
- rescue => e
- logger.error "Support: Error authenticating via omniauth: #{e}"
- omniauth_fail
end
end
end
diff --git a/app/controllers/themes_controller.rb b/app/controllers/themes_controller.rb
index d10521ca..bfbfeb56 100644
--- a/app/controllers/themes_controller.rb
+++ b/app/controllers/themes_controller.rb
@@ -18,7 +18,6 @@
class ThemesController < ApplicationController
skip_before_action :maintenance_mode?
- before_action :provider_settings
# GET /primary
def index
@@ -39,10 +38,4 @@ class ThemesController < ApplicationController
format.css { render body: @compiled }
end
end
-
- private
-
- def provider_settings
- @settings = Setting.find_or_create_by(provider: user_settings_provider)
- end
end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 527c381a..a38f85fb 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -17,14 +17,16 @@
# with BigBlueButton; if not, see .
class UsersController < ApplicationController
- include RecordingsHelper
include Pagy::Backend
+ include Authenticator
include Emailer
include Registrar
include Recorder
+ include Rolify
- before_action :find_user, only: [:edit, :update, :destroy]
+ before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :destroy]
before_action :ensure_unauthenticated, only: [:new, :create, :signin]
+ before_action :check_admin_of, only: [:edit, :change_password, :delete_account]
# POST /u
def create
@@ -43,7 +45,7 @@ class UsersController < ApplicationController
# User has passed all validations required
@user.save
- logger.info("Support: #{@user.email} user has been created.")
+ logger.info "Support: #{@user.email} user has been created."
# Set user to pending and redirect if Approval Registration is set
if approval_registration
@@ -53,12 +55,12 @@ class UsersController < ApplicationController
flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
end
- send_registration_email if Rails.configuration.enable_email_verification
+ send_registration_email
# Sign in automatically if email verification is disabled or if user is already verified.
login(@user) && return if !Rails.configuration.enable_email_verification || @user.email_verified
- send_verification
+ send_activation_email(@user)
redirect_to root_path
end
@@ -109,11 +111,15 @@ class UsersController < ApplicationController
# GET /u/:user_uid/edit
def edit
- if current_user
- redirect_to current_user.main_room if @user != current_user && !current_user.admin_of?(@user)
- else
- redirect_to root_path
- end
+ redirect_to root_path unless current_user
+ end
+
+ # GET /u/:user_uid/change_password
+ def change_password
+ end
+
+ # GET /u/:user_uid/delete_account
+ def delete_account
end
# PATCH /u/:user_uid/edit
@@ -139,31 +145,32 @@ class UsersController < ApplicationController
if errors.empty? && @user.save
# Notify the user that their account has been updated.
- flash[:success] = I18n.t("info_update_success")
- redirect_to redirect_path
+ redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
else
# Append custom errors.
errors.each { |k, v| @user.errors.add(k, v) }
render :edit, params: { settings: params[:settings] }
end
- elsif user_params[:email] != @user.email && @user.update_attributes(user_params) && update_roles
- @user.update_attributes(email_verified: false)
-
- flash[:success] = I18n.t("info_update_success")
- redirect_to redirect_path
- elsif @user.update_attributes(user_params) && update_roles
- update_locale(@user)
-
- flash[:success] = I18n.t("info_update_success")
- redirect_to redirect_path
else
+ if @user.update_attributes(user_params)
+ @user.update_attributes(email_verified: false) if user_params[:email] != @user.email
+
+ user_locale(@user)
+
+ if update_roles(params[:user][:role_ids])
+ return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
+ else
+ flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
+ end
+ end
+
render :edit, params: { settings: params[:settings] }
end
end
# DELETE /u/:user_uid
def destroy
- logger.info("Support: #{current_user.email} is deleting #{@user.email}.")
+ logger.info "Support: #{current_user.email} is deleting #{@user.email}."
if current_user && current_user == @user
@user.destroy
@@ -186,8 +193,7 @@ class UsersController < ApplicationController
def recordings
if current_user && current_user.uid == params[:user_uid]
@search, @order_column, @order_direction, recs =
- all_recordings(current_user.rooms.pluck(:bbb_id), current_user.provider,
- params.permit(:search, :column, :direction), true)
+ all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true)
@pagy, @recordings = pagy_array(recs)
else
redirect_to root_path
@@ -219,28 +225,11 @@ class UsersController < ApplicationController
:new_password, :provider, :accepted_terms, :language)
end
- def send_verification
- # Start email verification and redirect to root.
- begin
- send_activation_email(@user)
- rescue => e
- logger.error "Support: Error in email delivery: #{e}"
- flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
- else
- flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
- end
- end
-
def send_registration_email
- begin
- if invite_registration
- send_invite_user_signup_email(@user)
- elsif approval_registration
- send_approval_user_signup_email(@user)
- end
- rescue => e
- logger.error "Support: Error in email delivery: #{e}"
- flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+ if invite_registration
+ send_invite_user_signup_email(@user)
+ elsif approval_registration
+ send_approval_user_signup_email(@user)
end
end
@@ -264,64 +253,8 @@ class UsersController < ApplicationController
invitation[:present]
end
- # Updates as user's roles
- def update_roles
- # Check that the user can manage users
- if current_user.highest_priority_role.can_manage_users
- new_roles = params[:user][:role_ids].split(' ').map(&:to_i)
- old_roles = @user.roles.pluck(:id)
-
- added_role_ids = new_roles - old_roles
- removed_role_ids = old_roles - new_roles
-
- added_roles = []
- removed_roles = []
- current_user_role = current_user.highest_priority_role
-
- # Check that the user has the permissions to add all the new roles
- added_role_ids.each do |id|
- role = Role.find(id)
-
- # Admins are able to add the admin role to other users. All other roles may only
- # add roles with a higher priority
- if (role.priority > current_user_role.priority || current_user_role.name == "admin") &&
- role.provider == @user_domain
- added_roles << role
- else
- flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
- return false
- end
- end
-
- # Check that the user has the permissions to remove all the deleted roles
- removed_role_ids.each do |id|
- role = Role.find(id)
-
- # Admins are able to remove the admin role from other users. All other roles may only
- # remove roles with a higher priority
- if (role.priority > current_user_role.priority || current_user_role.name == "admin") &&
- role.provider == @user_domain
- removed_roles << role
- else
- flash[:alert] = I18n.t("administrator.roles.invalid_removal")
- return false
- end
- end
-
- # Send promoted/demoted emails
- added_roles.each { |role| send_user_promoted_email(@user, role) if role.send_promoted_email }
- removed_roles.each { |role| send_user_demoted_email(@user, role) if role.send_demoted_email }
-
- # Update the roles
- @user.roles.delete(removed_roles)
- @user.roles << added_roles
-
- # Make sure each user always has at least the user role
- @user.roles = [Role.find_by(name: "user", provider: @user_domain)] if @user.roles.count.zero?
-
- @user.save!
- else
- true
- end
+ # Checks that the user is allowed to edit this user
+ def check_admin_of
+ redirect_to current_user.main_room if current_user && @user != current_user && !current_user.admin_of?(@user)
end
end
diff --git a/app/helpers/account_activations_helper.rb b/app/helpers/account_activations_helper.rb
deleted file mode 100644
index 4cddbd77..00000000
--- a/app/helpers/account_activations_helper.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-module AccountActivationsHelper
-end
diff --git a/app/helpers/admins_helper.rb b/app/helpers/admins_helper.rb
index c517c9f6..7dd762e6 100644
--- a/app/helpers/admins_helper.rb
+++ b/app/helpers/admins_helper.rb
@@ -19,36 +19,17 @@
module AdminsHelper
include Pagy::Frontend
- # Returns the action method of the current page
- def active_page
- route = Rails.application.routes.recognize_path(request.env['PATH_INFO'])
-
- route[:action]
- end
-
# Gets the email of the room owner to which the recording belongs to
def recording_owner_email(room_id)
Room.find_by(bbb_id: room_id).owner.email
end
- def display_invite
- current_page?(admins_path) && invite_registration
- end
-
- def registration_method
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Registration Method")
- end
-
def invite_registration
- registration_method == Rails.configuration.registration_methods[:invite]
- end
-
- def approval_registration
- registration_method == Rails.configuration.registration_methods[:approval]
+ @settings.get_value("Registration Method") == Rails.configuration.registration_methods[:invite]
end
def room_authentication_string
- if Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true"
+ if @settings.get_value("Room Authentication") == "true"
I18n.t("administrator.site_settings.authentication.enabled")
else
I18n.t("administrator.site_settings.authentication.disabled")
@@ -56,8 +37,7 @@ module AdminsHelper
end
def recording_default_visibility_string
- if Setting.find_or_create_by!(provider: user_settings_provider)
- .get_value("Default Recording Visibility") == "public"
+ if @settings.get_value("Default Recording Visibility") == "public"
I18n.t("recording.visibility.public")
else
I18n.t("recording.visibility.unlisted")
@@ -65,7 +45,7 @@ module AdminsHelper
end
def registration_method_string
- case registration_method
+ case @settings.get_value("Registration Method")
when Rails.configuration.registration_methods[:open]
I18n.t("administrator.site_settings.registration.methods.open")
when Rails.configuration.registration_methods[:invite]
@@ -76,7 +56,7 @@ module AdminsHelper
end
def room_limit_number
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Limit").to_i
+ @settings.get_value("Room Limit").to_i
end
def edit_disabled
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 7ae53282..155335cf 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -18,20 +18,8 @@
require 'bbb_api'
require 'uri'
-require 'i18n/language/mapping'
module ApplicationHelper
- include MeetingsHelper
- include BbbApi
- include I18n::Language::Mapping
-
- # Gets all configured omniauth providers.
- def configured_providers
- Rails.configuration.providers.select do |provider|
- Rails.configuration.send("omniauth_#{provider}")
- end
- end
-
# Determines which providers can show a login button in the login modal.
def iconset_providers
providers = configured_providers & [:google, :twitter, :office365, :ldap]
@@ -50,53 +38,9 @@ module ApplicationHelper
end
end
- # Determine if Greenlight is configured to allow user signups.
- def allow_user_signup?
- Rails.configuration.allow_user_signup
- end
-
- # Determines if the BigBlueButton endpoint is the default.
- def bigbluebutton_endpoint_default?
- Rails.configuration.bigbluebutton_endpoint_default == Rails.configuration.bigbluebutton_endpoint
- end
-
- # Returns language selection options
- def language_options
- locales = I18n.available_locales
- language_opts = [['<<<< ' + t("language_default") + ' >>>>', "default"]]
- locales.each do |locale|
- language_mapping = I18n::Language::Mapping.language_mapping_list[locale.to_s.gsub("_", "-")]
- language_opts.push([language_mapping["nativeName"], locale.to_s])
- end
- language_opts.sort
- end
-
- # Parses markdown for rendering.
- def markdown(text)
- markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML,
- no_intra_emphasis: true,
- fenced_code_blocks: true,
- disable_indented_code_blocks: true,
- autolink: true,
- tables: true,
- underline: true,
- highlight: true)
-
- markdown.render(text).html_safe
- end
-
- def allow_greenlight_accounts?
- return Rails.configuration.allow_user_signup unless Rails.configuration.loadbalanced_configuration
- return false unless @user_domain && !@user_domain.empty? && Rails.configuration.allow_user_signup
- return false if @user_domain == "greenlight"
- # Proceed with retrieving the provider info
- begin
- provider_info = retrieve_provider_info(@user_domain, 'api2', 'getUserGreenlightCredentials')
- provider_info['provider'] == 'greenlight'
- rescue => e
- logger.info e
- false
- end
+ # Determines if a form field needs the is-invalid class.
+ def form_is_invalid?(obj, key)
+ 'is-invalid' unless obj.errors.messages[key].empty?
end
# Return all the translations available in the client side through javascript
@@ -118,6 +62,13 @@ module ApplicationHelper
current_user.main_room
end
+ # Returns the action method of the current page
+ def active_page
+ route = Rails.application.routes.recognize_path(request.env['PATH_INFO'])
+
+ route[:action]
+ end
+
def role_colour(role)
role.colour || Rails.configuration.primary_color_default
end
diff --git a/app/helpers/errors_helper.rb b/app/helpers/errors_helper.rb
deleted file mode 100644
index 955cbf7a..00000000
--- a/app/helpers/errors_helper.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-module ErrorsHelper
-end
diff --git a/app/helpers/main_helper.rb b/app/helpers/main_helper.rb
deleted file mode 100644
index 2ae4ce75..00000000
--- a/app/helpers/main_helper.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-module MainHelper
-end
diff --git a/app/helpers/meetings_helper.rb b/app/helpers/meetings_helper.rb
deleted file mode 100644
index ca691815..00000000
--- a/app/helpers/meetings_helper.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-module MeetingsHelper
-end
diff --git a/app/helpers/password_resets_helper.rb b/app/helpers/password_resets_helper.rb
deleted file mode 100644
index bfc3d834..00000000
--- a/app/helpers/password_resets_helper.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-module PasswordResetsHelper
-end
diff --git a/app/helpers/recordings_helper.rb b/app/helpers/recordings_helper.rb
index 0ab14306..06296457 100644
--- a/app/helpers/recordings_helper.rb
+++ b/app/helpers/recordings_helper.rb
@@ -17,8 +17,6 @@
# with BigBlueButton; if not, see .
module RecordingsHelper
- include Pagy::Frontend
-
# Helper for converting BigBlueButton dates into the desired format.
def recording_date(date)
I18n.l date, format: "%B %d, %Y"
@@ -48,4 +46,9 @@ module RecordingsHelper
def room_uid_from_bbb(bbb_id)
Room.find_by(bbb_id: bbb_id)[:uid]
end
+
+ # returns whether recording thumbnails are enabled on the server
+ def recording_thumbnails?
+ Rails.configuration.recording_thumbnails
+ end
end
diff --git a/app/helpers/rooms_helper.rb b/app/helpers/rooms_helper.rb
index 009fd77d..d98f772f 100644
--- a/app/helpers/rooms_helper.rb
+++ b/app/helpers/rooms_helper.rb
@@ -24,27 +24,13 @@ module RoomsHelper
end
def room_authentication_required
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true" &&
+ @settings.get_value("Room Authentication") == "true" &&
current_user.nil?
end
- def number_of_rooms_allowed
- Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Limit").to_i
- end
-
- def room_limit_exceeded
- limit = Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Limit").to_i
-
- # Does not apply to admin or users that aren't signed in
- # 15+ option is used as unlimited
- return false if current_user&.has_role?(:admin) || limit == 15
-
- current_user.rooms.length >= limit
- end
-
def current_room_exceeds_limit(room)
# Get how many rooms need to be deleted to reach allowed room number
- limit = Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Limit").to_i
+ limit = @settings.get_value("Room Limit").to_i
return false if current_user&.has_role?(:admin) || limit == 15
diff --git a/app/helpers/theming_helper.rb b/app/helpers/theming_helper.rb
index e3f073fb..bb725f12 100644
--- a/app/helpers/theming_helper.rb
+++ b/app/helpers/theming_helper.rb
@@ -19,24 +19,11 @@
module ThemingHelper
# Returns the logo based on user's provider
def logo_image
- Setting.find_or_create_by(provider: user_settings_provider)
- .get_value("Branding Image") || Rails.configuration.branding_image_default
+ @settings.get_value("Branding Image") || Rails.configuration.branding_image_default
end
# Returns the primary color based on user's provider
def user_color
- Setting.find_or_create_by(provider: user_settings_provider)
- .get_value("Primary Color") || Rails.configuration.primary_color_default
- end
-
- # Returns the user's provider in the settings context
- def user_settings_provider
- if Rails.configuration.loadbalanced_configuration && current_user && !current_user&.has_role?(:super_admin)
- current_user.provider
- elsif Rails.configuration.loadbalanced_configuration
- @user_domain
- else
- "greenlight"
- end
+ @settings.get_value("Primary Color") || Rails.configuration.primary_color_default
end
end
diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index c62f3d7e..c92ce09b 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -16,7 +16,11 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
+require 'i18n/language/mapping'
+
module UsersHelper
+ include I18n::Language::Mapping
+
def recaptcha_enabled?
Rails.configuration.recaptcha_enabled
end
@@ -36,4 +40,29 @@ module UsersHelper
user.roles.by_priority.pluck(:id) | disallowed_roles
end
+
+ # Returns language selection options for user edit
+ def language_options
+ locales = I18n.available_locales
+ language_opts = [['<<<< ' + t("language_default") + ' >>>>', "default"]]
+ locales.each do |locale|
+ language_mapping = I18n::Language::Mapping.language_mapping_list[locale.to_s.gsub("_", "-")]
+ language_opts.push([language_mapping["nativeName"], locale.to_s])
+ end
+ language_opts.sort
+ end
+
+ # Parses markdown for rendering.
+ def markdown(text)
+ markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML,
+ no_intra_emphasis: true,
+ fenced_code_blocks: true,
+ disable_indented_code_blocks: true,
+ autolink: true,
+ tables: true,
+ underline: true,
+ highlight: true)
+
+ markdown.render(text).html_safe
+ end
end
diff --git a/app/mailers/application_mailer.rb b/app/mailers/application_mailer.rb
index 3e0743e9..0fe7b991 100644
--- a/app/mailers/application_mailer.rb
+++ b/app/mailers/application_mailer.rb
@@ -17,7 +17,6 @@
# with BigBlueButton; if not, see .
class ApplicationMailer < ActionMailer::Base
- add_template_helper(ThemingHelper)
default from: 'from@example.com'
layout 'mailer'
end
diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb
index d05734cf..a28ef222 100644
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@@ -18,74 +18,83 @@
class UserMailer < ApplicationMailer
include ApplicationHelper
+ include ThemingHelper
default from: Rails.configuration.smtp_sender
- def verify_email(user, url, image, color)
+ def verify_email(user, url, settings)
+ @settings = settings
@user = user
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail(to: @user.email, subject: t('landing.welcome'))
end
- def password_reset(user, url, image, color)
+ def password_reset(user, url, settings)
+ @settings = settings
@user = user
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail to: user.email, subject: t('reset_password.subtitle')
end
- def user_promoted(user, role, url, image, color)
+ def user_promoted(user, role, url, settings)
+ @settings = settings
@url = url
@admin_url = url + "admins"
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
@role = translated_role_name(role)
mail to: user.email, subject: t('mailer.user.promoted.subtitle', role: translated_role_name(role))
end
- def user_demoted(user, role, url, image, color)
+ def user_demoted(user, role, url, settings)
+ @settings = settings
@url = url
@root_url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
@role = translated_role_name(role)
mail to: user.email, subject: t('mailer.user.demoted.subtitle', role: translated_role_name(role))
end
- def invite_email(name, email, url, image, color)
+ def invite_email(name, email, url, settings)
+ @settings = settings
@name = name
@email = email
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail to: email, subject: t('mailer.user.invite.subject')
end
- def approve_user(user, url, image, color)
+ def approve_user(user, url, settings)
+ @settings = settings
@user = user
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail to: user.email, subject: t('mailer.user.approve.subject')
end
- def approval_user_signup(user, url, image, color, admin_emails)
+ def approval_user_signup(user, url, admin_emails, settings)
+ @settings = settings
@user = user
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail to: admin_emails, subject: t('mailer.user.approve.signup.subject')
end
- def invite_user_signup(user, url, image, color, admin_emails)
+ def invite_user_signup(user, url, admin_emails, settings)
+ @settings = settings
@user = user
@url = url
- @image = image
- @color = color
+ @image = logo_image
+ @color = user_color
mail to: admin_emails, subject: t('mailer.user.invite.signup.subject')
end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index eb9732e2..2c9fb9a2 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -27,8 +27,7 @@ class Ability
else
highest_role = user.highest_priority_role
if highest_role.can_edit_site_settings
- can [:index, :site_settings, :server_recordings, :branding, :coloring, :coloring_lighten, :coloring_darken,
- :room_authentication, :registration_method, :room_limit, :default_recording_visibility], :admin
+ can [:index, :site_settings, :server_recordings, :update_settings, :coloring, :registration_method], :admin
end
if highest_role.can_edit_roles
diff --git a/app/models/room.rb b/app/models/room.rb
index 2de7bc1c..23570167 100644
--- a/app/models/room.rb
+++ b/app/models/room.rb
@@ -19,128 +19,28 @@
require 'bbb_api'
class Room < ApplicationRecord
- include ::BbbApi
-
before_create :setup
- before_destroy :delete_all_recordings
-
validates :name, presence: true
belongs_to :owner, class_name: 'User', foreign_key: :user_id
- META_LISTED = "gl-listed"
-
# Determines if a user owns a room.
def owned_by?(user)
return false if user.nil?
user.rooms.include?(self)
end
- # Checks if a room is running on the BigBlueButton server.
- def running?
- bbb(owner.provider).is_meeting_running?(bbb_id)
- end
-
# Determines the invite path for the room.
def invite_path
"#{Rails.configuration.relative_url_root}/#{CGI.escape(uid)}"
end
- # Creates a meeting on the BigBlueButton server.
- def start_session(options = {})
- create_options = {
- record: options[:meeting_recorded].to_s,
- logoutURL: options[:meeting_logout_url] || '',
- moderatorPW: moderator_pw,
- attendeePW: attendee_pw,
- moderatorOnlyMessage: options[:moderator_message],
- muteOnStart: options[:mute_on_start] || false,
- "meta_#{META_LISTED}": options[:recording_default_visibility] || false,
- "meta_bbb-origin-version": Greenlight::Application::VERSION,
- "meta_bbb-origin": "Greenlight",
- "meta_bbb-origin-server-name": options[:host]
- }
-
- create_options[:guestPolicy] = "ASK_MODERATOR" if options[:require_moderator_approval]
-
- # Send the create request.
- begin
- meeting = bbb(owner.provider).create_meeting(name, bbb_id, create_options)
- # Update session info.
- unless meeting[:messageKey] == 'duplicateWarning'
- update_attributes(sessions: sessions + 1,
- last_session: DateTime.now)
- end
- rescue BigBlueButton::BigBlueButtonException => e
- puts "BigBlueButton failed on create: #{e.key}: #{e.message}"
- raise e
- end
- end
-
- # Returns a URL to join a user into a meeting.
- def join_path(name, options = {}, uid = nil)
- # Create the meeting, even if it's running
- start_session(options)
-
- # Set meeting options.
- options[:meeting_logout_url] ||= nil
- options[:moderator_message] ||= ''
- options[:user_is_moderator] ||= false
- options[:meeting_recorded] ||= false
-
- return call_invalid_res unless bbb(owner.provider)
-
- # Get the meeting info.
- meeting_info = bbb(owner.provider).get_meeting_info(bbb_id, nil)
-
- # Determine the password to use when joining.
- password = if options[:user_is_moderator]
- meeting_info[:moderatorPW]
- else
- meeting_info[:attendeePW]
- end
-
- # Generate the join URL.
- join_opts = {}
- join_opts[:userID] = uid if uid
- join_opts[:join_via_html5] = true
-
- join_opts[:guest] = true if options[:require_moderator_approval] && !options[:user_is_moderator]
-
- bbb(owner.provider).join_meeting_url(bbb_id, name, password, join_opts)
- end
-
# Notify waiting users that a meeting has started.
def notify_waiting
ActionCable.server.broadcast("#{uid}_waiting_channel", action: "started")
end
- # Retrieves all the users in a room.
- def participants
- res = bbb(owner.provider).get_meeting_info(bbb_id, nil)
- res[:attendees].map do |att|
- User.find_by(uid: att[:userID], name: att[:fullName])
- end
- rescue BigBlueButton::BigBlueButtonException
- # The meeting is most likely not running.
- []
- end
-
- def recording_count
- bbb(owner.provider).get_recordings(meetingID: bbb_id)[:recordings].length
- end
-
- def update_recording(record_id, meta)
- meta[:recordID] = record_id
- bbb(owner.provider).send_api_request("updateRecordings", meta)
- end
-
- # Deletes a recording from a room.
- def delete_recording(record_id)
- bbb(owner.provider).delete_recordings(record_id)
- end
-
private
# Generates a uid for the room and BigBlueButton.
@@ -151,12 +51,6 @@ class Room < ApplicationRecord
self.attendee_pw = RandomPassword.generate(length: 12)
end
- # Deletes all recordings associated with the room.
- def delete_all_recordings
- record_ids = bbb(owner.provider).get_recordings(meetingID: bbb_id)[:recordings].pluck(:recordID)
- delete_recording(record_ids) unless record_ids.empty?
- end
-
# Generates a three character uid chunk.
def uid_chunk
charset = ("a".."z").to_a - %w(b i l o s) + ("2".."9").to_a - %w(5 8)
diff --git a/app/models/user.rb b/app/models/user.rb
index 92ed8c74..90c1f9b2 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -19,8 +19,6 @@
require 'bbb_api'
class User < ApplicationRecord
- include ::BbbApi
-
attr_accessor :reset_token
after_create :assign_default_role
after_create :initialize_main_room
@@ -203,12 +201,7 @@ class User < ApplicationRecord
end
def greenlight_account?
- return true unless provider # For testing cases when provider is set to null
- return true if provider == "greenlight"
- return false unless Rails.configuration.loadbalanced_configuration
- # Proceed with fetching the provider info
- provider_info = retrieve_provider_info(provider, 'api2', 'getUserGreenlightCredentials')
- provider_info['provider'] == 'greenlight'
+ social_uid.nil?
end
def activation_token
diff --git a/app/views/account_activations/verify.html.erb b/app/views/account_activations/show.html.erb
similarity index 83%
rename from app/views/account_activations/verify.html.erb
rename to app/views/account_activations/show.html.erb
index 3fc03ff2..1098255f 100644
--- a/app/views/account_activations/verify.html.erb
+++ b/app/views/account_activations/show.html.erb
@@ -21,7 +21,9 @@
diff --git a/app/views/rooms/wait.html.erb b/app/views/rooms/wait.html.erb
index e93f153c..39171fbf 100644
--- a/app/views/rooms/wait.html.erb
+++ b/app/views/rooms/wait.html.erb
@@ -13,7 +13,7 @@
# with BigBlueButton; if not, see .
%>
-<%= render 'shared/room_event', render_recordings: true do %>
+<%= render 'rooms/components/room_event', render_recordings: true do %>
<%= t("room.wait.message") %>
diff --git a/app/views/shared/components/_resend_button.html.erb b/app/views/shared/components/_resend_button.html.erb
deleted file mode 100644
index 368b347f..00000000
--- a/app/views/shared/components/_resend_button.html.erb
+++ /dev/null
@@ -1,18 +0,0 @@
-<%
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-%>
-
-
diff --git a/app/views/shared/components/_terms_button.html.erb b/app/views/shared/components/_terms_button.html.erb
deleted file mode 100644
index de46d390..00000000
--- a/app/views/shared/components/_terms_button.html.erb
+++ /dev/null
@@ -1,18 +0,0 @@
-<%
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-%>
-
-
\ No newline at end of file
diff --git a/app/views/shared/modals/_delete_room_modal.html.erb b/app/views/shared/modals/_delete_room_modal.html.erb
index 3b7a1d8d..1bc42949 100644
--- a/app/views/shared/modals/_delete_room_modal.html.erb
+++ b/app/views/shared/modals/_delete_room_modal.html.erb
@@ -34,8 +34,8 @@
diff --git a/app/views/shared/components/_confirm_button.html.erb b/app/views/users/change_password.html.erb
similarity index 67%
rename from app/views/shared/components/_confirm_button.html.erb
rename to app/views/users/change_password.html.erb
index 8fdba35b..a06f02b7 100644
--- a/app/views/shared/components/_confirm_button.html.erb
+++ b/app/views/users/change_password.html.erb
@@ -12,7 +12,15 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
%>
+
diff --git a/app/views/shared/settings/_account.html.erb b/app/views/users/components/_account.html.erb
similarity index 100%
rename from app/views/shared/settings/_account.html.erb
rename to app/views/users/components/_account.html.erb
diff --git a/app/views/shared/settings/_delete.html.erb b/app/views/users/components/_delete.html.erb
similarity index 100%
rename from app/views/shared/settings/_delete.html.erb
rename to app/views/users/components/_delete.html.erb
diff --git a/app/views/users/components/_menu_buttons.html.erb b/app/views/users/components/_menu_buttons.html.erb
new file mode 100644
index 00000000..860aa86d
--- /dev/null
+++ b/app/views/users/components/_menu_buttons.html.erb
@@ -0,0 +1,26 @@
+<%
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see .
+%>
+
+
+ <%= link_to edit_user_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "edit"}" do %>
+ <%= t("settings.account.title") %>
+ <% end %>
+ <%= link_to change_password_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "change_password"}" do %>
+ <%= t("settings.password.title") %>
+ <% end %>
+ <%= link_to delete_account_path, class: "list-group-item list-group-item-action dropdown-item #{"active" if active_page == "delete_account"}" do %>
+ <%= t("settings.delete.title") %>
+ <% end %>
+
\ No newline at end of file
diff --git a/app/views/shared/settings/_password.html.erb b/app/views/users/components/_password.html.erb
similarity index 100%
rename from app/views/shared/settings/_password.html.erb
rename to app/views/users/components/_password.html.erb
diff --git a/app/views/shared/settings/_setting_view.html.erb b/app/views/users/components/_setting_view.html.erb
similarity index 92%
rename from app/views/shared/settings/_setting_view.html.erb
rename to app/views/users/components/_setting_view.html.erb
index 4c8b8bd2..915cdb06 100644
--- a/app/views/shared/settings/_setting_view.html.erb
+++ b/app/views/users/components/_setting_view.html.erb
@@ -17,10 +17,10 @@
<% end %>
diff --git a/app/views/shared/settings/_design.html.erb b/app/views/users/delete_account.html.erb
similarity index 70%
rename from app/views/shared/settings/_design.html.erb
rename to app/views/users/delete_account.html.erb
index e4f794c4..c05727cf 100644
--- a/app/views/shared/settings/_design.html.erb
+++ b/app/views/users/delete_account.html.erb
@@ -12,11 +12,15 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
%>
+
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
index 8ee6186d..0c7eefdb 100644
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -12,48 +12,15 @@
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see .
%>
-
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
index d6f059f0..2f4b4f6b 100644
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -1,6 +1,9 @@
# frozen_string_literal: true
require 'office365'
+require 'omniauth_options'
+
+include OmniauthOptions
# List of supported Omniauth providers.
Rails.application.config.providers = []
@@ -16,7 +19,7 @@ Rails.application.config.omniauth_office365 = ENV['OFFICE365_KEY'].present? &&
ENV['OFFICE365_SECRET'].present?
SETUP_PROC = lambda do |env|
- SessionsController.helpers.omniauth_options env
+ OmniauthOptions.omniauth_options env
end
OmniAuth.config.logger = Rails.logger
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 9966b463..0c5c68f2 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -88,10 +88,9 @@ en:
roles:
can_create_rooms: Can create rooms
delete: Delete the role
- duplicate_name: The role name you provided was a duplicate. All role names must be unique
- empty_name: All roles must have a non empty name
- invalid_order: The user role must be the lowest priority role and the admin role must be the highest priority role
- invalid_update: You can't update a role with a higher priority than your own role
+ invalid_create: There was a problem creating a new role. Please check the role values and try again
+ invalid_order: There was a problem updating the priority of the role. Please check the values and try again
+ invalid_update: There was a problem updating the permissions of the role. Please check the values and try again
name: Role Name
new_role: Create a new role
role_has_users: This role is assigned to %{user_count} accounts. Please remove all accounts from this role before deleting it.
@@ -101,8 +100,7 @@ en:
edit_site_settings: Allow users with this role to edit site settings
edit_roles: Allow users with this role to edit other roles
manage_users: Allow users with this role to manage users
- invalid_assignment: You can't assign a role with a higher priority than your own to a user
- invalid_removal: You can't remove a role with a higher priority than your own
+ invalid_assignment: There was a problem assigning the roles to the user. Please check the values and try again
colour:
title: Role Colour
info: Set the colour that will be associated with the role
diff --git a/config/routes.rb b/config/routes.rb
index 49b80ce3..850c5266 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -37,25 +37,23 @@ Rails.application.routes.draw do
resources :admins, only: [:index]
scope '/admins' do
- get '/site_settings', to: 'admins#site_settings', as: :admin_site_settings
+ # Panel Tabs
get '/recordings', to: 'admins#server_recordings', as: :admin_recordings
- post '/branding', to: 'admins#branding', as: :admin_branding
- post '/coloring', to: 'admins#coloring', as: :admin_coloring
- post '/room_authentication', to: 'admins#room_authentication', as: :admin_room_authentication
- post '/coloring_lighten', to: 'admins#coloring_lighten', as: :admin_coloring_lighten
- post '/coloring_darken', to: 'admins#coloring_darken', as: :admin_coloring_darken
- post '/signup', to: 'admins#signup', as: :admin_signup
+ get '/site_settings', to: 'admins#site_settings', as: :admin_site_settings
+ get '/roles', to: 'admins#roles', as: :admin_roles
+ # Manage Users
get '/edit/:user_uid', to: 'admins#edit_user', as: :admin_edit_user
post '/ban/:user_uid', to: 'admins#ban_user', as: :admin_ban
post '/unban/:user_uid', to: 'admins#unban_user', as: :admin_unban
post '/invite', to: 'admins#invite', as: :invite_user
- post '/registration_method/:method', to: 'admins#registration_method', as: :admin_change_registration
post '/approve/:user_uid', to: 'admins#approve', as: :admin_approve
get '/reset', to: 'admins#reset', as: :admin_reset
- post '/room_limit', to: 'admins#room_limit', as: :admin_room_limit
- post '/default_recording_visibility', to: 'admins#default_recording_visibility', as: :admin_recording_visibility
+ # Site Settings
+ post '/update_settings', to: 'admins#update_settings', as: :admin_update_settings
+ post '/registration_method', to: 'admins#registration_method', as: :admin_change_registration
+ post '/coloring', to: 'admins#coloring', as: :admin_coloring
post '/clear_cache', to: 'admins#clear_cache', as: :admin_clear_cache
- get '/roles', to: 'admins#roles', as: :admin_roles
+ # Roles
post '/role', to: 'admins#new_role', as: :admin_new_role
patch 'roles/order', to: 'admins#change_role_order', as: :admin_roles_order
post '/role/:role_id', to: 'admins#update_role', as: :admin_update_role
@@ -86,6 +84,8 @@ Rails.application.routes.draw do
# Account management.
get '/:user_uid/edit', to: 'users#edit', as: :edit_user
+ get '/:user_uid/change_password', to: 'users#change_password', as: :change_password
+ get '/:user_uid/delete_account', to: 'users#delete_account', as: :delete_account
patch '/:user_uid/edit', to: 'users#update', as: :update_user
delete '/:user_uid', to: 'users#destroy', as: :delete_user
@@ -118,8 +118,8 @@ Rails.application.routes.draw do
scope '/:meetingID' do
# Manage recordings
scope '/:record_id' do
- post '/', to: 'recordings#update_recording', as: :update_recording
- delete '/', to: 'recordings#delete_recording', as: :delete_recording
+ post '/', to: 'recordings#update', as: :update_recording
+ delete '/', to: 'recordings#delete', as: :delete_recording
end
end
diff --git a/lib/omniauth_options.rb b/lib/omniauth_options.rb
new file mode 100644
index 00000000..0440f527
--- /dev/null
+++ b/lib/omniauth_options.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see .
+
+module OmniauthOptions
+ module_function
+
+ def omniauth_options(env)
+ if env['omniauth.strategy'].options[:name] == "bn_launcher"
+ protocol = Rails.env.production? ? "https" : env["rack.url_scheme"]
+
+ customer_redirect_url = protocol + "://" + env["SERVER_NAME"] + ":" +
+ env["SERVER_PORT"]
+ user_domain = parse_user_domain(env["SERVER_NAME"])
+ env['omniauth.strategy'].options[:customer] = user_domain
+ env['omniauth.strategy'].options[:customer_redirect_url] = customer_redirect_url
+ env['omniauth.strategy'].options[:default_callback_url] = Rails.configuration.gl_callback_url
+
+ # This is only used in the old launcher and should eventually be removed
+ env['omniauth.strategy'].options[:checksum] = generate_checksum(user_domain, customer_redirect_url,
+ Rails.configuration.launcher_secret)
+ elsif env['omniauth.strategy'].options[:name] == "google"
+ set_hd(env, ENV['GOOGLE_OAUTH2_HD'])
+ elsif env['omniauth.strategy'].options[:name] == "office365"
+ set_hd(env, ENV['OFFICE365_HD'])
+ end
+ end
+
+ # Limits the domain that can be used with the provider
+ def set_hd(env, hd)
+ if hd
+ hd_opts = hd.split(',')
+ env['omniauth.strategy'].options[:hd] = if hd_opts.empty?
+ nil
+ elsif hd_opts.length == 1
+ hd_opts[0]
+ else
+ hd_opts
+ end
+ end
+ end
+
+ # Parses the url for the user domain
+ def parse_user_domain(hostname)
+ return hostname.split('.').first if Rails.configuration.url_host.empty?
+ Rails.configuration.url_host.split(',').each do |url_host|
+ return hostname.chomp(url_host).chomp('.') if hostname.include?(url_host)
+ end
+ ''
+ end
+
+ # Generates a checksum to use alongside the omniauth request
+ def generate_checksum(user_domain, redirect_url, secret)
+ string = user_domain + redirect_url + secret
+ OpenSSL::Digest.digest('sha1', string).unpack1("H*")
+ end
+end
diff --git a/spec/concerns/bbb_server_spec.rb b/spec/concerns/bbb_server_spec.rb
new file mode 100644
index 00000000..350bcee0
--- /dev/null
+++ b/spec/concerns/bbb_server_spec.rb
@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see .
+
+require "rails_helper"
+require 'bigbluebutton_api'
+
+describe BbbServer do
+ include BbbServer
+
+ let(:bbb_server) { BigBlueButton::BigBlueButtonApi.new("http://bbb.example.com/bigbluebutton/api", "secret", "0.8") }
+
+ before do
+ @user = create(:user)
+ @room = @user.main_room
+ end
+
+ context "#running?" do
+ it "should return false when not running" do
+ expect(room_running?(@room.bbb_id)).to be false
+ end
+
+ it "should return true when running" do
+ allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:is_meeting_running?).and_return(true)
+ expect(room_running?(@room.bbb_id)).to be true
+ end
+ end
+
+ context "#start_session" do
+ it "should update latest session info" do
+ allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:create_meeting).and_return(
+ messageKey: ""
+ )
+
+ expect do
+ start_session(@room)
+ end.to change { @room.sessions }.by(1)
+
+ expect(@room.last_session).not_to be nil
+ end
+ end
+
+ context "#join_path" do
+ it "should return correct join URL for user" do
+ allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:get_meeting_info).and_return(
+ attendeePW: @room.attendee_pw
+ )
+
+ endpoint = Rails.configuration.bigbluebutton_endpoint
+ secret = Rails.configuration.bigbluebutton_secret
+ fullname = "fullName=Example"
+ join_via_html5 = "&join_via_html5=true"
+ meeting_id = "&meetingID=#{@room.bbb_id}"
+ password = "&password=#{@room.attendee_pw}"
+
+ query = fullname + join_via_html5 + meeting_id + password
+ checksum_string = "join#{query + secret}"
+
+ checksum = OpenSSL::Digest.digest('sha1', checksum_string).unpack1("H*")
+ expect(join_path(@room, "Example")).to eql("#{endpoint}join?#{query}&checksum=#{checksum}")
+ end
+ end
+
+ context "#recordings" do
+ it "deletes the recording" do
+ allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:delete_recordings).and_return(
+ returncode: true, deleted: true
+ )
+
+ expect(delete_recording(Faker::IDNumber.valid))
+ .to contain_exactly([:returncode, true], [:deleted, true])
+ end
+ end
+end
diff --git a/spec/concerns/recorder_spec.rb b/spec/concerns/recorder_spec.rb
index 7e082e1f..1a740a24 100644
--- a/spec/concerns/recorder_spec.rb
+++ b/spec/concerns/recorder_spec.rb
@@ -19,13 +19,15 @@
require "rails_helper"
require 'bigbluebutton_api'
-shared_examples_for "recorder" do
- let(:controller) { described_class } # the class that includes the concern
+describe Recorder do
+ include Recorder
+ include BbbServer
+
+ let(:bbb_server) { BigBlueButton::BigBlueButtonApi.new("http://bbb.example.com/bigbluebutton/api", "secret", "0.8") }
before do
@user = create(:user)
@room = @user.main_room
-
allow_any_instance_of(Room).to receive(:owner).and_return(@user)
end
@@ -44,7 +46,7 @@ shared_examples_for "recorder" do
]
)
- expect(recordings(@room.bbb_id, @room.owner.provider)).to contain_exactly(
+ expect(recordings(@room.bbb_id)).to contain_exactly(
name: "Example",
playbacks:
[
@@ -118,7 +120,7 @@ shared_examples_for "recorder" do
]
)
- expect(all_recordings(@user.rooms.pluck(:bbb_id), @user.provider, search: "Exam", column: "name",
+ expect(all_recordings(@user.rooms.pluck(:bbb_id), search: "Exam", column: "name",
direction: "desc")).to eq(
[
{
@@ -219,7 +221,7 @@ shared_examples_for "recorder" do
end
it "should filter recordings on name" do
- expect(recordings(@room.bbb_id, @room.owner.provider, search: "Exam")).to contain_exactly(
+ expect(recordings(@room.bbb_id, search: "Exam")).to contain_exactly(
{
meetingID: @room.bbb_id,
name: "aExamaaa",
@@ -250,7 +252,7 @@ shared_examples_for "recorder" do
end
it "should filter recordings on participants" do
- expect(recordings(@room.bbb_id, @room.owner.provider, search: "5")).to contain_exactly(
+ expect(recordings(@room.bbb_id, search: "5")).to contain_exactly(
meetingID: @room.bbb_id,
name: "aExamaaa",
participants: "5",
@@ -267,7 +269,7 @@ shared_examples_for "recorder" do
end
it "should filter recordings on format" do
- expect(recordings(@room.bbb_id, @room.owner.provider, search: "presentation")).to contain_exactly(
+ expect(recordings(@room.bbb_id, search: "presentation")).to contain_exactly(
{
meetingID: @room.bbb_id,
name: "test",
@@ -298,7 +300,7 @@ shared_examples_for "recorder" do
end
it "should filter recordings on visibility" do
- expect(recordings(@room.bbb_id, @room.owner.provider, search: "public")).to contain_exactly(
+ expect(recordings(@room.bbb_id, search: "public")).to contain_exactly(
{
meetingID: @room.bbb_id,
name: "test",
@@ -329,7 +331,7 @@ shared_examples_for "recorder" do
end
it "should filter recordings on metadata name by default" do
- expect(recordings(@room.bbb_id, @room.owner.provider, search: "metadata")).to contain_exactly(
+ expect(recordings(@room.bbb_id, search: "metadata")).to contain_exactly(
meetingID: @room.bbb_id,
name: "Exam",
participants: "1",
@@ -385,7 +387,7 @@ shared_examples_for "recorder" do
end
it "should sort recordings on name" do
- expect(recordings(@room.bbb_id, @room.owner.provider, column: "name", direction: "asc")).to eq(
+ expect(recordings(@room.bbb_id, column: "name", direction: "asc")).to eq(
[
{
meetingID: @room.bbb_id,
@@ -421,7 +423,7 @@ shared_examples_for "recorder" do
end
it "should sort recordings on participants" do
- expect(recordings(@room.bbb_id, @room.owner.provider, column: "users", direction: "desc")).to eq(
+ expect(recordings(@room.bbb_id, column: "users", direction: "desc")).to eq(
[
{
meetingID: @room.bbb_id,
@@ -457,7 +459,7 @@ shared_examples_for "recorder" do
end
it "should sort recordings on visibility" do
- expect(recordings(@room.bbb_id, @room.owner.provider, column: "visibility", direction: "desc")).to eq(
+ expect(recordings(@room.bbb_id, column: "visibility", direction: "desc")).to eq(
[
{
meetingID: @room.bbb_id,
@@ -493,7 +495,7 @@ shared_examples_for "recorder" do
end
it "should sort recordings on length" do
- expect(recordings(@room.bbb_id, @room.owner.provider, column: "length", direction: "asc")).to eq(
+ expect(recordings(@room.bbb_id, column: "length", direction: "asc")).to eq(
[
{
meetingID: @room.bbb_id,
@@ -529,7 +531,7 @@ shared_examples_for "recorder" do
end
it "should sort recordings on format" do
- expect(recordings(@room.bbb_id, @room.owner.provider, column: "formats", direction: "desc")).to eq(
+ expect(recordings(@room.bbb_id, column: "formats", direction: "desc")).to eq(
[
{
meetingID: @room.bbb_id,
diff --git a/spec/controllers/account_activations_controller_spec.rb b/spec/controllers/account_activations_controller_spec.rb
index 9c5c5632..7fb4fcbd 100644
--- a/spec/controllers/account_activations_controller_spec.rb
+++ b/spec/controllers/account_activations_controller_spec.rb
@@ -37,7 +37,7 @@ describe AccountActivationsController, type: :controller do
get :show, params: { email: user.email }
- expect(response).to render_template(:verify)
+ expect(response).to render_template(:show)
end
end
diff --git a/spec/controllers/admins_controller_spec.rb b/spec/controllers/admins_controller_spec.rb
index 8a9d73f9..8f440df0 100644
--- a/spec/controllers/admins_controller_spec.rb
+++ b/spec/controllers/admins_controller_spec.rb
@@ -91,7 +91,7 @@ describe AdminsController, type: :controller do
context "POST #invite" do
before do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
- allow_any_instance_of(ApplicationController).to receive(:allow_greenlight_users?).and_return(true)
+ allow_any_instance_of(ApplicationController).to receive(:allow_greenlight_accounts?).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
end
@@ -177,7 +177,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
fake_image_url = "example.com"
- post :branding, params: { url: fake_image_url }
+ post :update_settings, params: { setting: "Branding Image", value: fake_image_url }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Branding Image")
@@ -194,7 +194,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
- post :coloring, params: { color: primary_color }
+ post :coloring, params: { value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color")
@@ -209,7 +209,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
- post :coloring_lighten, params: { color: primary_color }
+ post :update_settings, params: { setting: "Primary Color Lighten", value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color Lighten")
@@ -224,7 +224,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
- post :coloring_darken, params: { color: primary_color }
+ post :update_settings, params: { setting: "Primary Color Darken", value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color Darken")
@@ -243,7 +243,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
- post :registration_method, params: { method: "invite" }
+ post :registration_method, params: { value: "invite" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Registration Method")
@@ -259,7 +259,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
- post :registration_method, params: { method: "invite" }
+ post :registration_method, params: { value: "invite" }
expect(flash[:alert]).to be_present
expect(response).to redirect_to(admin_site_settings_path)
@@ -273,7 +273,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
- post :room_authentication, params: { value: "true" }
+ post :update_settings, params: { setting: "Room Authentication", value: "true" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Room Authentication")
@@ -289,7 +289,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
- post :room_limit, params: { limit: 5 }
+ post :update_settings, params: { setting: "Room Limit", value: 5 }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Room Limit")
@@ -305,7 +305,7 @@ describe AdminsController, type: :controller do
@request.session[:user_id] = @admin.id
- post :default_recording_visibility, params: { visibility: "public" }
+ post :update_settings, params: { setting: "Default Recording Visibility", value: "public" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Default Recording Visibility")
@@ -353,7 +353,7 @@ describe AdminsController, type: :controller do
post :new_role, params: { role: { name: "admin" } }
expect(response).to redirect_to admin_roles_path
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.duplicate_name"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_create"))
end
it "should fail with empty role name" do
@@ -362,7 +362,7 @@ describe AdminsController, type: :controller do
post :new_role, params: { role: { name: " " } }
expect(response).to redirect_to admin_roles_path
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.empty_name"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_create"))
end
it "should create new role and increase user role priority" do
@@ -412,7 +412,7 @@ describe AdminsController, type: :controller do
patch :change_role_order, params: { role: [new_role3.id, new_role2.id] }
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_update"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_order"))
expect(response).to redirect_to admin_roles_path
end
@@ -432,7 +432,7 @@ describe AdminsController, type: :controller do
patch :change_role_order, params: { role: [new_role3.id, new_role2.id] }
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_update"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_order"))
expect(response).to redirect_to admin_roles_path
end
@@ -489,7 +489,7 @@ describe AdminsController, type: :controller do
patch :update_role, params: { role_id: new_role.id, role: { name: "admin" } }
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.duplicate_name"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_update"))
expect(response).to redirect_to admin_roles_path(selected_role: new_role.id)
end
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 0085a6e7..ff05ea6d 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -63,6 +63,64 @@ describe ApplicationController do
end
end
+ context "getters" do
+ it "returns whether user signup is allowed" do
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+
+ expect(controller.allow_user_signup?).to eql(true)
+ end
+
+ it "returns whether the default bbb endpoint is being used" do
+ allow(Rails.configuration).to receive(:bigbluebutton_endpoint)
+ .and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
+ allow(Rails.configuration).to receive(:bigbluebutton_endpoint_default)
+ .and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
+
+ expect(controller.bigbluebutton_endpoint_default?).to eql(true)
+ end
+ end
+
+ context "allow_greenlight_accounts" do
+ it "allows if user sign up is turned on" do
+ allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+
+ expect(controller.allow_greenlight_accounts?).to eql(true)
+ end
+
+ it "doesn't allow if user sign up is turned off" do
+ allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(false)
+
+ expect(controller.allow_greenlight_accounts?).to eql(false)
+ end
+
+ it "doesn't allow if user_domain is blank" do
+ allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+
+ expect(controller.allow_greenlight_accounts?).to eql(false)
+ end
+
+ it "allows if user provider is set to greenlight" do
+ allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+ allow(controller).to receive(:retrieve_provider_info).and_return("provider" => "greenlight")
+ controller.instance_variable_set(:@user_domain, "provider1")
+
+ expect(controller.allow_greenlight_accounts?).to eql(true)
+ end
+
+ it "doesnt allow if user provider is not set to greenlight" do
+ allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+ allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+ allow(controller).to receive(:retrieve_provider_info).and_return("provider" => "google")
+ controller.instance_variable_set(:@user_domain, "provider1")
+
+ expect(controller.allow_greenlight_accounts?).to eql(false)
+ end
+ end
+
context "errors" do
it "renders a BigBlueButton error if a BigBlueButtonException occurrs" do
routes.draw { get "error" => "anonymous#error" }
@@ -74,7 +132,7 @@ describe ApplicationController do
it "renders a 404 error if user is not found" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.env).to receive(:test?).and_return(false)
- allow_any_instance_of(SessionsHelper).to receive(:parse_user_domain).and_return("fake_provider")
+ allow_any_instance_of(ApplicationController).to receive(:parse_user_domain).and_return("fake_provider")
allow_any_instance_of(BbbApi).to receive(:retrieve_provider_info).and_raise("No user with that id exists")
routes.draw { get "user_not_found" => "anonymous#user_not_found" }
@@ -86,7 +144,7 @@ describe ApplicationController do
it "renders a 404 error if user is not given" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.env).to receive(:test?).and_return(false)
- allow_any_instance_of(SessionsHelper).to receive(:parse_user_domain).and_return("")
+ allow_any_instance_of(ApplicationController).to receive(:parse_user_domain).and_return("")
allow_any_instance_of(BbbApi).to receive(:retrieve_provider_info).and_raise("Provider not included.")
routes.draw { get "user_not_found" => "anonymous#user_not_found" }
@@ -98,7 +156,7 @@ describe ApplicationController do
it "renders a 500 error if any other error related to bbb api" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow(Rails.env).to receive(:test?).and_return(false)
- allow_any_instance_of(SessionsHelper).to receive(:parse_user_domain).and_return("")
+ allow_any_instance_of(ApplicationController).to receive(:parse_user_domain).and_return("")
allow_any_instance_of(BbbApi).to receive(:retrieve_provider_info).and_raise("Other error")
routes.draw { get "user_not_found" => "anonymous#user_not_found" }
diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb
index 5fedb819..82ae4475 100644
--- a/spec/controllers/password_resets_controller_spec.rb
+++ b/spec/controllers/password_resets_controller_spec.rb
@@ -73,7 +73,9 @@ describe PasswordResetsController, type: :controller do
end
describe "PATCH #update" do
- before { allow(Rails.configuration).to receive(:enable_email_verification).and_return(true) }
+ before do
+ allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+ end
context "valid user" do
it "reloads page with notice if password is empty" do
@@ -120,7 +122,7 @@ describe PasswordResetsController, type: :controller do
allow(controller).to receive(:valid_user).and_return(nil)
allow(controller).to receive(:check_expiration).and_return(nil)
- allow(controller).to receive(:current_user).and_return(user)
+ controller.instance_variable_set(:@user, user)
params = {
id: token,
diff --git a/spec/controllers/recordings_controller_spec.rb b/spec/controllers/recordings_controller_spec.rb
index c66764e6..f7f23b14 100644
--- a/spec/controllers/recordings_controller_spec.rb
+++ b/spec/controllers/recordings_controller_spec.rb
@@ -27,10 +27,10 @@ describe RecordingsController, type: :controller do
context "POST #update_recording" do
it "updates the recordings details" do
- allow_any_instance_of(Room).to receive(:update_recording).and_return(updated: true)
+ allow_any_instance_of(BbbServer).to receive(:update_recording).and_return(updated: true)
@request.session[:user_id] = @user.uid
- post :update_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
+ post :update, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
expect(response).to have_http_status(302)
end
@@ -38,7 +38,7 @@ describe RecordingsController, type: :controller do
it "redirects to root if not the room owner" do
@request.session[:user_id] = @secondary_user.uid
- post :update_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
+ post :update, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
expect(response).to redirect_to(root_path)
end
@@ -46,10 +46,10 @@ describe RecordingsController, type: :controller do
context "DELETE #delete_recording" do
it "deletes the recording" do
- allow_any_instance_of(Room).to receive(:delete_recording).and_return(true)
+ allow_any_instance_of(BbbServer).to receive(:delete_recording).and_return(true)
@request.session[:user_id] = @user.uid
- post :delete_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
+ post :delete, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
expect(response).to have_http_status(302)
end
@@ -57,7 +57,7 @@ describe RecordingsController, type: :controller do
it "redirects to root if not the room owner" do
@request.session[:user_id] = @secondary_user.uid
- post :delete_recording, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
+ post :delete, params: { meetingID: @room.bbb_id, record_id: Faker::IDNumber.valid, state: "public" }
expect(response).to redirect_to(root_path)
end
diff --git a/spec/controllers/rooms_controller_spec.rb b/spec/controllers/rooms_controller_spec.rb
index 1424ab66..e3062ed9 100644
--- a/spec/controllers/rooms_controller_spec.rb
+++ b/spec/controllers/rooms_controller_spec.rb
@@ -28,8 +28,11 @@ def random_valid_room_params
end
describe RoomsController, type: :controller do
- it_behaves_like "recorder"
include Recorder
+ include BbbServer
+
+ let(:bbb_server) { BigBlueButton::BigBlueButtonApi.new("http://bbb.example.com/bigbluebutton/api", "secret", "0.8") }
+
describe "GET #show" do
before do
@user = create(:user)
@@ -41,8 +44,7 @@ describe RoomsController, type: :controller do
get :show, params: { room_uid: @owner.main_room }
- expect(assigns(:recordings)).to eql(recordings(@owner.main_room.bbb_id, @owner.provider))
- expect(assigns(:is_running)).to eql(@owner.main_room.running?)
+ expect(assigns(:recordings)).to eql(recordings(@owner.main_room.bbb_id))
end
it "should be able to search recordings if user is owner" do
@@ -199,11 +201,6 @@ describe RoomsController, type: :controller do
@user = create(:user)
@owner = create(:user)
@room = @owner.main_room
-
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:get_meeting_info).and_return(
- moderatorPW: "modpass",
- attendeePW: "attpass",
- )
end
it "should use account name if user is logged in and meeting running" do
@@ -212,7 +209,7 @@ describe RoomsController, type: :controller do
@request.session[:user_id] = @user.id
post :join, params: { room_uid: @room, join_name: @user.name }
- expect(response).to redirect_to(@owner.main_room.join_path(@user.name, {}, @user.uid))
+ expect(response).to redirect_to(join_path(@owner.main_room, @user.name, {}, @user.uid))
end
it "should use join name if user is not logged in and meeting running" do
@@ -220,7 +217,7 @@ describe RoomsController, type: :controller do
post :join, params: { room_uid: @room, join_name: "Join Name" }
- expect(response).to redirect_to(@owner.main_room.join_path("Join Name", {}))
+ expect(response).to redirect_to(join_path(@owner.main_room, "Join Name", {}))
end
it "should render wait if meeting isn't running" do
@@ -243,7 +240,7 @@ describe RoomsController, type: :controller do
@request.session[:user_id] = @user.id
post :join, params: { room_uid: room, join_name: @user.name }
- expect(response).to redirect_to(room.join_path(@user.name, { user_is_moderator: false }, @user.uid))
+ expect(response).to redirect_to(join_path(room, @user.name, { user_is_moderator: false }, @user.uid))
end
it "should join the room as moderator if room has the all_join_moderator setting" do
@@ -257,7 +254,7 @@ describe RoomsController, type: :controller do
@request.session[:user_id] = @user.id
post :join, params: { room_uid: room, join_name: @user.name }
- expect(response).to redirect_to(room.join_path(@user.name, { user_is_moderator: true }, @user.uid))
+ expect(response).to redirect_to(join_path(room, @user.name, { user_is_moderator: true }, @user.uid))
end
it "should render wait if the correct access code is supplied" do
@@ -292,7 +289,7 @@ describe RoomsController, type: :controller do
@request.session[:user_id] = @owner.id
post :join, params: { room_uid: @room, join_name: @owner.name }
- expect(response).to redirect_to(@owner.main_room.join_path(@owner.name, { user_is_moderator: true }, @owner.uid))
+ expect(response).to redirect_to(join_path(@owner.main_room, @owner.name, { user_is_moderator: true }, @owner.uid))
end
it "redirects to root if owner of room is not verified" do
@@ -362,7 +359,7 @@ describe RoomsController, type: :controller do
@request.session[:user_id] = @user.id
post :start, params: { room_uid: @user.main_room }
- expect(response).to redirect_to(@user.main_room.join_path(@user.name, { user_is_moderator: true }, @user.uid))
+ expect(response).to redirect_to(join_path(@user.main_room, @user.name, { user_is_moderator: true }, @user.uid))
end
it "should bring to room if not owner" do
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 97c71ce5..1a603aac 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -373,7 +373,7 @@ describe UsersController, type: :controller do
user.reload
- expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_removal"))
+ expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_assignment"))
expect(response).to render_template(:edit)
end
@@ -439,7 +439,6 @@ describe UsersController, type: :controller do
it "allows admins to delete users" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
- allow_any_instance_of(Room).to receive(:delete_all_recordings).and_return('')
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
controller.instance_variable_set(:@user_domain, "provider1")
diff --git a/spec/helpers/admins_helper_spec.rb b/spec/helpers/admins_helper_spec.rb
deleted file mode 100644
index e690bd35..00000000
--- a/spec/helpers/admins_helper_spec.rb
+++ /dev/null
@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-require "rails_helper"
-
-describe AdminsHelper do
- describe "edit_disabled" do
- it "should disable inputs for roles with a higher priority" do
- user = create(:user)
- admin_role = Role.find_by(name: "admin", provider: "greenlight")
- helper.instance_variable_set(:@selected_role, admin_role)
-
- allow_any_instance_of(SessionsHelper).to receive(:current_user).and_return(user)
-
- expect(helper.edit_disabled).to eq(true)
- end
-
- it "should enable inputs for roles with a lower priority" do
- user = create(:user)
- user.roles << Role.find_by(name: "admin", provider: "greenlight")
- user_role = Role.find_by(name: "user", provider: "greenlight")
- helper.instance_variable_set(:@selected_role, user_role)
-
- allow_any_instance_of(SessionsHelper).to receive(:current_user).and_return(user)
-
- expect(helper.edit_disabled).to eq(false)
- end
- end
-end
diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb
index d3514529..fe473c6d 100644
--- a/spec/helpers/application_helper_spec.rb
+++ b/spec/helpers/application_helper_spec.rb
@@ -20,21 +20,6 @@ require "rails_helper"
describe ApplicationHelper do
describe "#getter functions" do
- it "returns whether user signup is allowed" do
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
-
- expect(helper.allow_user_signup?).to eql(true)
- end
-
- it "returns whether the default bbb endpoint is being used" do
- allow(Rails.configuration).to receive(:bigbluebutton_endpoint)
- .and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
- allow(Rails.configuration).to receive(:bigbluebutton_endpoint_default)
- .and_return("http://test-install.blindsidenetworks.com/bigbluebutton/api/")
-
- expect(helper.bigbluebutton_endpoint_default?).to eql(true)
- end
-
it "returns the correct omniauth login url" do
allow(Rails.configuration).to receive(:relative_url_root).and_return("/b")
provider = Faker::Company.name
@@ -43,51 +28,8 @@ describe ApplicationHelper do
end
end
- describe "#allow_greenlight_accounts" do
- it "allows if user sign up is turned on" do
- allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
-
- expect(helper.allow_greenlight_accounts?).to eql(true)
- end
-
- it "doesn't allow if user sign up is turned off" do
- allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(false)
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(false)
-
- expect(helper.allow_greenlight_accounts?).to eql(false)
- end
-
- it "doesn't allow if user_domain is blank" do
- allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
-
- expect(helper.allow_greenlight_accounts?).to eql(false)
- end
-
- it "allows if user provider is set to greenlight" do
- allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
- allow(helper).to receive(:retrieve_provider_info).and_return("provider" => "greenlight")
-
- @user_domain = "provider1"
-
- expect(helper.allow_greenlight_accounts?).to eql(true)
- end
-
- it "doesnt allow if user provider is not set to greenlight" do
- allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
- allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
- allow(helper).to receive(:retrieve_provider_info).and_return("provider" => "google")
-
- @user_domain = "provider1"
-
- expect(helper.allow_greenlight_accounts?).to eql(false)
- end
- end
-
- describe "role_clour" do
- it "should use default if the user doens't have a role" do
+ describe "role_colur" do
+ it "should use default if the user doesn't have a role" do
expect(helper.role_colour(Role.create(name: "test"))).to eq(Rails.configuration.primary_color_default)
end
diff --git a/spec/helpers/users_helper_spec.rb b/spec/helpers/users_helper_spec.rb
deleted file mode 100644
index eabe2661..00000000
--- a/spec/helpers/users_helper_spec.rb
+++ /dev/null
@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
-#
-# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
-#
-# This program is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 3.0 of the License, or (at your option) any later
-# version.
-#
-# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with BigBlueButton; if not, see .
-
-require "rails_helper"
-
-describe UsersHelper do
- describe "disabled roles" do
- it "should return roles with a less than or equal to priority for non admins" do
- user = create(:user)
- allow_any_instance_of(SessionsHelper).to receive(:current_user).and_return(user)
-
- disabled_roles = helper.disabled_roles(user)
-
- expect(disabled_roles.count).to eq(1)
- end
-
- it "should return roles with a lesser priority for admins" do
- admin = create(:user)
- admin.add_role :admin
- user = create(:user)
-
- allow_any_instance_of(SessionsHelper).to receive(:current_user).and_return(admin)
-
- disabled_roles = helper.disabled_roles(user)
-
- expect(disabled_roles.count).to eq(1)
- end
- end
-end
diff --git a/spec/models/room_spec.rb b/spec/models/room_spec.rb
index ab02bb5e..af49df8e 100644
--- a/spec/models/room_spec.rb
+++ b/spec/models/room_spec.rb
@@ -62,52 +62,6 @@ describe Room, type: :model do
end
end
- context "#running?" do
- it "should return false when not running" do
- expect(@room.running?).to be false
- end
-
- it "should return true when running" do
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:is_meeting_running?).and_return(true)
- expect(@room.running?).to be true
- end
- end
-
- context "#start_session" do
- it "should update latest session info" do
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:create_meeting).and_return(
- messageKey: ""
- )
-
- expect do
- @room.start_session
- end.to change { @room.sessions }.by(1)
-
- expect(@room.last_session).not_to be nil
- end
- end
-
- context "#join_path" do
- it "should return correct join URL for user" do
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:get_meeting_info).and_return(
- attendeePW: "testpass"
- )
-
- endpoint = Rails.configuration.bigbluebutton_endpoint
- secret = Rails.configuration.bigbluebutton_secret
- fullname = "fullName=Example"
- join_via_html5 = "&join_via_html5=true"
- meeting_id = "&meetingID=#{@room.bbb_id}"
- password = "&password=testpass"
-
- query = fullname + join_via_html5 + meeting_id + password
- checksum_string = "join#{query + secret}"
-
- checksum = OpenSSL::Digest.digest('sha1', checksum_string).unpack1("H*")
- expect(@room.join_path("Example")).to eql("#{endpoint}join?#{query}&checksum=#{checksum}")
- end
- end
-
context "#notify_waiting" do
it "should broadcast to waiting channel with started action" do
expect do
@@ -115,32 +69,4 @@ describe Room, type: :model do
end.to have_broadcasted_to("#{@room.uid}_waiting_channel").with(a_hash_including(action: "started"))
end
end
-
- context "#participants" do
- it "should link participants to accounts" do
- user1 = create(:user)
- user2 = create(:user)
-
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:get_meeting_info).and_return(
- attendees: [
- { userID: user1.uid, fullName: user1.name },
- { userID: "non-matching-uid", fullName: "Guest User" },
- { userID: user2.uid, fullName: user2.name },
- ],
- )
-
- expect(@room.participants).to contain_exactly(user1, nil, user2)
- end
- end
-
- context "#recordings" do
- it "deletes the recording" do
- allow_any_instance_of(BigBlueButton::BigBlueButtonApi).to receive(:delete_recordings).and_return(
- returncode: true, deleted: true
- )
-
- expect(@room.delete_recording(Faker::IDNumber.valid))
- .to contain_exactly([:returncode, true], [:deleted, true])
- end
- end
end