cloud_bbb/lib/Controller/JoinController.php

157 lines
3.9 KiB
PHP
Raw Normal View History

2020-04-26 11:36:41 +02:00
<?php
namespace OCA\BigBlueButton\Controller;
2020-05-16 17:14:17 +02:00
use OCA\BigBlueButton\BigBlueButton\API;
use OCA\BigBlueButton\BigBlueButton\Presentation;
2020-06-04 10:25:51 +02:00
use OCA\BigBlueButton\Db\Room;
use OCA\BigBlueButton\NoPermissionException;
use OCA\BigBlueButton\NotFoundException;
use OCA\BigBlueButton\Permission;
2020-04-26 11:36:41 +02:00
use OCP\AppFramework\Http\RedirectResponse;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
2020-04-26 11:36:41 +02:00
use OCP\IUserSession;
use OCP\IConfig;
use OCA\BigBlueButton\Service\RoomService;
use OCP\AppFramework\Controller;
2020-04-26 11:36:41 +02:00
use OCP\AppFramework\Http\TemplateResponse;
class JoinController extends Controller
2020-04-26 11:36:41 +02:00
{
/** @var string */
protected $token;
2020-06-04 10:25:51 +02:00
/** @var Room */
protected $room;
2020-04-26 12:14:06 +02:00
/** @var RoomService */
private $service;
/** @var IURLGenerator */
private $urlGenerator;
2020-04-26 12:14:06 +02:00
/** @var IUserSession */
private $userSession;
/** @var IConfig */
private $config;
2020-05-16 17:14:17 +02:00
/** @var API */
private $api;
2020-04-26 12:14:06 +02:00
/** @var Permission */
private $permission;
2020-04-26 12:14:06 +02:00
public function __construct(
string $appName,
IRequest $request,
ISession $session,
RoomService $service,
IURLGenerator $urlGenerator,
2020-04-26 12:14:06 +02:00
IUserSession $userSession,
IConfig $config,
API $api,
Permission $permission
2020-04-26 12:14:06 +02:00
) {
parent::__construct($appName, $request, $session);
$this->service = $service;
$this->urlGenerator = $urlGenerator;
2020-04-26 12:14:06 +02:00
$this->userSession = $userSession;
$this->config = $config;
2020-05-16 17:14:17 +02:00
$this->api = $api;
$this->permission = $permission;
2020-04-26 12:14:06 +02:00
}
public function setToken(string $token)
2020-04-26 12:14:06 +02:00
{
$this->token = $token;
2020-06-04 10:25:51 +02:00
$this->room = null;
2020-04-26 12:14:06 +02:00
}
public function isValidToken(): bool
{
2020-06-04 10:25:51 +02:00
$room = $this->getRoom();
2020-04-26 12:14:06 +02:00
return $room !== null;
}
/**
* @PublicPage
* @NoCSRFRequired
*/
public function index($displayname, $u = '', $filename = '', $password = '')
2020-04-26 12:14:06 +02:00
{
2020-06-04 10:25:51 +02:00
$room = $this->getRoom();
2020-04-26 12:14:06 +02:00
if ($room === null) {
2020-05-16 17:14:17 +02:00
throw new NotFoundException();
2020-04-26 12:14:06 +02:00
}
2020-06-17 15:09:20 +02:00
$displayname = trim($displayname);
2020-05-16 17:14:17 +02:00
$userId = null;
$presentation = null;
2020-04-26 12:14:06 +02:00
if ($this->userSession->isLoggedIn()) {
$user = $this->userSession->getUser();
$displayname = $user->getDisplayName();
2020-05-16 17:14:17 +02:00
$userId = $user->getUID();
if ($room->access == Room::ACCESS_INTERNAL_RESTRICTED && !$this->permission->isUser($room, $userId)) {
throw new NoPermissionException();
}
2020-05-16 17:14:17 +02:00
if ($userId === $room->userId) {
$presentation = new Presentation($u, $filename);
}
} elseif ($room->access === Room::ACCESS_INTERNAL || $room->access == Room::ACCESS_INTERNAL_RESTRICTED) {
return new RedirectResponse(
$this->urlGenerator->linkToRoute('core.login.showLoginForm', [
'redirect_url' => $this->urlGenerator->linkToRoute(
'bbb.join.index',
['token' => $this->token]
),
])
);
} elseif (empty($displayname) || strlen($displayname) < 3 || ($room->access === Room::ACCESS_PASSWORD && $password !== $room->password)) {
$response = new TemplateResponse($this->appName, 'join', [
2020-04-28 14:34:30 +02:00
'room' => $room->name,
'wrongdisplayname' => !empty($displayname) && strlen($displayname) < 3,
'passwordRequired' => $room->access === Room::ACCESS_PASSWORD,
'wrongPassword' => $password !== $room->password && $password !== '',
2020-04-26 12:14:06 +02:00
], 'guest');
2020-05-16 17:14:17 +02:00
$this->addFormActionDomain($response);
2020-04-26 12:14:06 +02:00
return $response;
}
2020-05-16 17:14:17 +02:00
$creationDate = $this->api->createMeeting($room, $presentation);
$joinUrl = $this->api->createJoinUrl($room, $creationDate, $displayname, $userId);
return new RedirectResponse($joinUrl);
2020-04-26 12:14:06 +02:00
}
2020-05-16 17:14:17 +02:00
private function addFormActionDomain($response)
2020-04-26 12:14:06 +02:00
{
$apiUrl = $this->config->getAppValue($this->appName, 'api.url');
2020-05-16 17:14:17 +02:00
$parsedApiUrl = parse_url($apiUrl);
2020-04-26 12:14:06 +02:00
2020-05-16 17:14:17 +02:00
if ($parsedApiUrl === false) {
throw new \Exception('No valid api url provided');
2020-04-26 12:14:06 +02:00
}
2020-05-16 17:14:17 +02:00
$response->getContentSecurityPolicy()->addAllowedFormActionDomain(($parsedApiUrl['scheme'] ?: 'https') . '://' . $parsedApiUrl['host']);
2020-04-26 12:14:06 +02:00
}
2020-06-04 10:25:51 +02:00
private function getRoom(): ?Room
2020-06-04 10:25:51 +02:00
{
if ($this->room === null) {
$this->room = $this->service->findByUid($this->token);
}
return $this->room;
}
2020-04-26 11:36:41 +02:00
}