add ability to disable guest access

app/controllers/landing_controller.rb

@@ -18,19 +18,24 @@ class LandingController < ApplicationController
   include BbbApi
 
   def index
+    redirect_to user_login_path if Rails.configuration.disable_guest_access
   end
 
   def resource
-    if params[:id].size > meeting_name_limit
+    if Rails.configuration.disable_guest_access && params[:resource] == 'meetings'
-      redirect_to root_url, flash: {danger: t('meeting_name_long')}
+      redirect_to user_login_path 
-    elsif ['&', '$', ','].any? { |c| params[:id].include?(c) } # temporary fix for misbehaving characters
-      redirect_to root_url, flash: {danger: t('disallowed_characters_msg')}
-    elsif params[:resource] == 'meetings' && !params[:room_id]
-      render_meeting
-    elsif params[:resource] == 'rooms'
-      render_room
     else
-      redirect_to root_url, flash: {danger: t('error')}
+      if params[:id].size > meeting_name_limit
+        redirect_to root_url, flash: {danger: t('meeting_name_long')}
+      elsif ['&', '$', ','].any? { |c| params[:id].include?(c) } # temporary fix for misbehaving characters
+        redirect_to root_url, flash: {danger: t('disallowed_characters_msg')}
+      elsif params[:resource] == 'meetings' && !params[:room_id]
+        render_meeting
+      elsif params[:resource] == 'rooms'
+        render_room
+      else
+        redirect_to root_url, flash: {danger: t('error')}
+      end
     end
   end
 

config/application.rb

@@ -42,6 +42,7 @@ module Greenlight
 
     config.use_webhooks = ENV['GREENLIGHT_USE_WEBHOOKS'] == "true"
     config.mail_notifications = ENV['GREENLIGHT_MAIL_NOTIFICATIONS'] == "true"
+    config.disable_guest_access = ENV['DISABLE_GUEST_ACCESS'] == "true"
 
     # SMTP and action mailer
     if config.mail_notifications

env

@@ -100,3 +100,7 @@ SMTP_PASSWORD=yourpassword
 #   default is '/b' (recommended)
 #
 #RELATIVE_URL_ROOT=/b
+
+# Uncomment and set to 'true' to only allow users to create meetings when authenticated.
+# Unauthenticated users are still able to join meetings through invites.
+#DISABLE_GUEST_ACCESS=false

test/controllers/landing_controller_test.rb

@@ -18,6 +18,15 @@ require 'test_helper'
 
 class LandingControllerTest < ActionController::TestCase
 
+  # Should redirect to login url if guest access is disabled.
+  def assert_login_or_success
+    if Rails.configuration.disable_guest_access
+      assert_redirected_to user_login_path
+    else
+      assert_response :success
+    end
+  end
+
   setup do
     @meeting_id = 'test_id'
     @user = users :user1
@@ -25,12 +34,12 @@ class LandingControllerTest < ActionController::TestCase
 
   test "should get index" do
     get :index, params: {resource: 'meetings'}
-    assert_response :success
+    assert_login_or_success
   end
 
   test "should get meeting" do
     get :resource, params: { id: @meeting_id, resource: 'meetings' }
-    assert_response :success
+    assert_login_or_success
   end
 
   test "should get room" do
@@ -61,9 +70,12 @@ class LandingControllerTest < ActionController::TestCase
   test "should fallback to en-US locale if locale is en" do
     request.headers["Accept-Language"] = 'en'
     get :index, params: {resource: 'meetings'}
-    assert_response :success
+    if Rails.configuration.disable_guest_access
-
+      assert_redirected_to user_login_path
-    assert css_select('html').attribute('lang').value, 'en'
+    else
+      assert_response :success
+      assert css_select('html').attribute('lang').value, 'en'
+    end
   end
 
 end