cloud_bbb/lib/Controller/JoinController.php

<?php

namespace OCA\BigBlueButton\Controller;

use OCA\BigBlueButton\BigBlueButton\API;
use OCA\BigBlueButton\BigBlueButton\Presentation;
use OCA\BigBlueButton\Db\Room;
use OCA\BigBlueButton\NoPermissionException;
use OCA\BigBlueButton\NotFoundException;
use OCA\BigBlueButton\Permission;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUserSession;
use OCA\BigBlueButton\Service\RoomService;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\TemplateResponse;

class JoinController extends Controller {
	/** @var string */
	protected $token;

	/** @var Room|null */
	protected $room;

	/** @var RoomService */
	private $service;

	/** @var IURLGenerator */
	private $urlGenerator;

	/** @var IUserSession */
	private $userSession;

	/** @var API */
	private $api;

	/** @var Permission */
	private $permission;

	public function __construct(
		string $appName,
		IRequest $request,
		RoomService $service,
		IURLGenerator $urlGenerator,
		IUserSession $userSession,
		API $api,
		Permission $permission
	) {
		parent::__construct($appName, $request);

		$this->service = $service;
		$this->urlGenerator = $urlGenerator;
		$this->userSession = $userSession;
		$this->api = $api;
		$this->permission = $permission;
	}

	public function setToken(string $token) {
		$this->token = $token;
		$this->room = null;
	}

	public function isValidToken(): bool {
		$room = $this->getRoom();

		return $room !== null;
	}

	/**
	 * @PublicPage
	 * @NoCSRFRequired
	 */
	public function index($displayname, $u = '', $filename = '', $password = '') {
		$room = $this->getRoom();

		if ($room === null) {
			throw new NotFoundException();
		}

		$displayname = trim($displayname);
		$userId = null;
		$presentation = null;

		if ($this->userSession->isLoggedIn()) {
			$user = $this->userSession->getUser();
			$displayname = $user->getDisplayName();
			$userId = $user->getUID();

			if ($room->access == Room::ACCESS_INTERNAL_RESTRICTED && !$this->permission->isUser($room, $userId)) {
				throw new NoPermissionException();
			}

			if ($this->permission->isAdmin($room, $userId)) {
				$presentation = new Presentation($u, $filename);
			}
		} elseif ($room->access === Room::ACCESS_INTERNAL || $room->access == Room::ACCESS_INTERNAL_RESTRICTED) {
			return new RedirectResponse($this->getLoginUrl());
		} elseif (empty($displayname) || strlen($displayname) < 3 || ($room->access === Room::ACCESS_PASSWORD && $password !== $room->password)) {
			$response = new TemplateResponse($this->appName, 'join', [
				'room'             => $room->name,
				'wrongdisplayname' => !empty($displayname) && strlen($displayname) < 3,
				'passwordRequired' => $room->access === Room::ACCESS_PASSWORD,
				'wrongPassword'    => $password !== $room->password && $password !== '',
				'loginUrl'         => $this->getLoginUrl(),
			], 'guest');

			return $response;
		}

		if ($room->requireModerator && ($userId === null || !$this->permission->isModerator($room, $userId)) && !$this->api->isRunning($room)) {
			return new TemplateResponse($this->appName, 'waiting', [
				'room' => $room->name,
				'name' => $displayname,
			], 'guest');
		}

		$creationDate = $this->api->createMeeting($room, $presentation);
		$joinUrl = $this->api->createJoinUrl($room, $creationDate, $displayname, $userId);

		\OCP\Util::addHeader('meta', ['http-equiv' => 'refresh', 'content' => '3;url='.$joinUrl]);

		return new TemplateResponse($this->appName, 'forward', [
			'room' => $room->name,
			'url'  => $joinUrl,
		], 'guest');
	}

	private function getRoom(): ?Room {
		if ($this->room === null) {
			$this->room = $this->service->findByUid($this->token);
		}

		return $this->room;
	}

	private function getLoginUrl(): string {
		return $this->urlGenerator->linkToRoute('core.login.showLoginForm', [
			'redirect_url' => $this->urlGenerator->linkToRoute(
				'bbb.join.index',
				['token' => $this->token]
			),
		]);
	}
}
Initial commit 2020-04-26 11:36:41 +02:00			`<?php`
refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00
Initial commit 2020-04-26 11:36:41 +02:00			`namespace OCA\BigBlueButton\Controller;`

refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`use OCA\BigBlueButton\BigBlueButton\API;`
			`use OCA\BigBlueButton\BigBlueButton\Presentation;`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`use OCA\BigBlueButton\Db\Room;`
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`use OCA\BigBlueButton\NoPermissionException;`
fix: remove dependency on shares fix #20 2020-06-04 09:52:49 +02:00			`use OCA\BigBlueButton\NotFoundException;`
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`use OCA\BigBlueButton\Permission;`
Initial commit 2020-04-26 11:36:41 +02:00			`use OCP\AppFramework\Http\RedirectResponse;`
			`use OCP\IRequest;`
feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`use OCP\IURLGenerator;`
Initial commit 2020-04-26 11:36:41 +02:00			`use OCP\IUserSession;`
			`use OCA\BigBlueButton\Service\RoomService;`
fix: remove dependency on shares fix #20 2020-06-04 09:52:49 +02:00			`use OCP\AppFramework\Controller;`
Initial commit 2020-04-26 11:36:41 +02:00			`use OCP\AppFramework\Http\TemplateResponse;`

refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00			`class JoinController extends Controller {`
fix: remove dependency on shares fix #20 2020-06-04 09:52:49 +02:00			`/** @var string */`
			`protected $token;`

refactor: use phpstan for code analysis 2020-06-19 10:49:40 +02:00			`/** @var Room\|null */`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`protected $room;`

lint lib 2020-04-26 12:14:06 +02:00			`/** @var RoomService */`
			`private $service;`

feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`/** @var IURLGenerator */`
			`private $urlGenerator;`

lint lib 2020-04-26 12:14:06 +02:00			`/** @var IUserSession */`
			`private $userSession;`

refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`/** @var API */`
			`private $api;`
lint lib 2020-04-26 12:14:06 +02:00
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`/** @var Permission */`
			`private $permission;`

lint lib 2020-04-26 12:14:06 +02:00			`public function __construct(`
			`string $appName,`
			`IRequest $request,`
			`RoomService $service,`
feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`IURLGenerator $urlGenerator,`
lint lib 2020-04-26 12:14:06 +02:00			`IUserSession $userSession,`
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`API $api,`
			`Permission $permission`
lint lib 2020-04-26 12:14:06 +02:00			`) {`
refactor: use phpstan for code analysis 2020-06-19 10:49:40 +02:00			`parent::__construct($appName, $request);`
lint lib 2020-04-26 12:14:06 +02:00
			`$this->service = $service;`
feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`$this->urlGenerator = $urlGenerator;`
lint lib 2020-04-26 12:14:06 +02:00			`$this->userSession = $userSession;`
refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`$this->api = $api;`
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`$this->permission = $permission;`
lint lib 2020-04-26 12:14:06 +02:00			`}`

refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00			`public function setToken(string $token) {`
fix: remove dependency on shares fix #20 2020-06-04 09:52:49 +02:00			`$this->token = $token;`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`$this->room = null;`
lint lib 2020-04-26 12:14:06 +02:00			`}`

refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00			`public function isValidToken(): bool {`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`$room = $this->getRoom();`
lint lib 2020-04-26 12:14:06 +02:00
			`return $room !== null;`
			`}`

			`/**`
			`* @PublicPage`
			`* @NoCSRFRequired`
			`*/`
refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00			`public function index($displayname, $u = '', $filename = '', $password = '') {`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`$room = $this->getRoom();`
lint lib 2020-04-26 12:14:06 +02:00
			`if ($room === null) {`
refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`throw new NotFoundException();`
lint lib 2020-04-26 12:14:06 +02:00			`}`

fix: trim user supplied displayname 2020-06-17 15:09:20 +02:00			`$displayname = trim($displayname);`
refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`$userId = null;`
			`$presentation = null;`
lint lib 2020-04-26 12:14:06 +02:00
			`if ($this->userSession->isLoggedIn()) {`
			`$user = $this->userSession->getUser();`
			`$displayname = $user->getDisplayName();`
refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`$userId = $user->getUID();`

feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`if ($room->access == Room::ACCESS_INTERNAL_RESTRICTED && !$this->permission->isUser($room, $userId)) {`
			`throw new NoPermissionException();`
			`}`

fix: allow admin to start room with presentation 2020-06-19 09:41:40 +02:00			`if ($this->permission->isAdmin($room, $userId)) {`
refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`$presentation = new Presentation($u, $filename);`
			`}`
feat: restrict room access to user and groups fix #25 2020-06-16 16:54:50 +02:00			`} elseif ($room->access === Room::ACCESS_INTERNAL \|\| $room->access == Room::ACCESS_INTERNAL_RESTRICTED) {`
feat: show login option 2020-08-31 16:27:13 +02:00			`return new RedirectResponse($this->getLoginUrl());`
feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`} elseif (empty($displayname) \|\| strlen($displayname) < 3 \|\| ($room->access === Room::ACCESS_PASSWORD && $password !== $room->password)) {`
			`$response = new TemplateResponse($this->appName, 'join', [`
feat: show room name on join page 2020-04-28 14:34:30 +02:00			`'room' => $room->name,`
feat: add access policy public, require password for guests, moderator approval for guests, only Nextcloud users fix #10 fix #24 2020-06-04 18:56:55 +02:00			`'wrongdisplayname' => !empty($displayname) && strlen($displayname) < 3,`
			`'passwordRequired' => $room->access === Room::ACCESS_PASSWORD,`
			`'wrongPassword' => $password !== $room->password && $password !== '',`
feat: show login option 2020-08-31 16:27:13 +02:00			`'loginUrl' => $this->getLoginUrl(),`
lint lib 2020-04-26 12:14:06 +02:00			`], 'guest');`

			`return $response;`
			`}`

feat: add option to require moderator fix #23 2020-08-29 14:37:50 +02:00			`if ($room->requireModerator && ($userId === null \|\| !$this->permission->isModerator($room, $userId)) && !$this->api->isRunning($room)) {`
			`return new TemplateResponse($this->appName, 'waiting', [`
			`'room' => $room->name,`
			`'name' => $displayname,`
			`], 'guest');`
			`}`

refactor: use adapter for bbb 2020-05-16 17:14:17 +02:00			`$creationDate = $this->api->createMeeting($room, $presentation);`
			`$joinUrl = $this->api->createJoinUrl($room, $creationDate, $displayname, $userId);`

fix: bypass form action error fix #47 2020-08-25 13:17:35 +02:00			`\OCP\Util::addHeader('meta', ['http-equiv' => 'refresh', 'content' => '3;url='.$joinUrl]);`
lint lib 2020-04-26 12:14:06 +02:00
fix: bypass form action error fix #47 2020-08-25 13:17:35 +02:00			`return new TemplateResponse($this->appName, 'forward', [`
feat: invert access restriction 2020-08-28 11:36:15 +02:00			`'room' => $room->name,`
			`'url' => $joinUrl,`
fix: bypass form action error fix #47 2020-08-25 13:17:35 +02:00			`], 'guest');`
lint lib 2020-04-26 12:14:06 +02:00			`}`
perf: reduce db requests 2020-06-04 10:25:51 +02:00
refactor: use Nextcloud coding standard 2020-06-19 09:28:58 +02:00			`private function getRoom(): ?Room {`
perf: reduce db requests 2020-06-04 10:25:51 +02:00			`if ($this->room === null) {`
			`$this->room = $this->service->findByUid($this->token);`
			`}`

			`return $this->room;`
			`}`
feat: show login option 2020-08-31 16:27:13 +02:00
			`private function getLoginUrl(): string {`
			`return $this->urlGenerator->linkToRoute('core.login.showLoginForm', [`
			`'redirect_url' => $this->urlGenerator->linkToRoute(`
			`'bbb.join.index',`
			`['token' => $this->token]`
			`),`
			`]);`
			`}`
Initial commit 2020-04-26 11:36:41 +02:00			`}`