add ability to disable guest access

2017-07-12 16:34:16 -04:00 · 2017-07-12 16:34:16 -04:00 · 3a882f85c6
parent 0cbb587fc0
commit 3a882f85c6
4 changed files with 36 additions and 14 deletions
--- a/app/controllers/landing_controller.rb
+++ b/app/controllers/landing_controller.rb
@ -18,19 +18,24 @@ class LandingController < ApplicationController
  include BbbApi

  def index
+    redirect_to user_login_path if Rails.configuration.disable_guest_access
  end

  def resource
-    if params[:id].size > meeting_name_limit
-      redirect_to root_url, flash: {danger: t('meeting_name_long')}
-    elsif ['&', '$', ','].any? { |c| params[:id].include?(c) } # temporary fix for misbehaving characters
-      redirect_to root_url, flash: {danger: t('disallowed_characters_msg')}
-    elsif params[:resource] == 'meetings' && !params[:room_id]
-      render_meeting
-    elsif params[:resource] == 'rooms'
-      render_room
+    if Rails.configuration.disable_guest_access && params[:resource] == 'meetings'
+      redirect_to user_login_path 
    else
-      redirect_to root_url, flash: {danger: t('error')}
+      if params[:id].size > meeting_name_limit
+        redirect_to root_url, flash: {danger: t('meeting_name_long')}
+      elsif ['&', '$', ','].any? { |c| params[:id].include?(c) } # temporary fix for misbehaving characters
+        redirect_to root_url, flash: {danger: t('disallowed_characters_msg')}
+      elsif params[:resource] == 'meetings' && !params[:room_id]
+        render_meeting
+      elsif params[:resource] == 'rooms'
+        render_room
+      else
+        redirect_to root_url, flash: {danger: t('error')}
+      end
    end
  end

--- a/config/application.rb
+++ b/config/application.rb
@ -42,6 +42,7 @@ module Greenlight

    config.use_webhooks = ENV['GREENLIGHT_USE_WEBHOOKS'] == "true"
    config.mail_notifications = ENV['GREENLIGHT_MAIL_NOTIFICATIONS'] == "true"
+    config.disable_guest_access = ENV['DISABLE_GUEST_ACCESS'] == "true"

    # SMTP and action mailer
    if config.mail_notifications
--- a/4
+++ b/4
@ -100,3 +100,7 @@ SMTP_PASSWORD=yourpassword
 #   default is '/b' (recommended)
 #
 #RELATIVE_URL_ROOT=/b
+
+# Uncomment and set to 'true' to only allow users to create meetings when authenticated.
+# Unauthenticated users are still able to join meetings through invites.
+#DISABLE_GUEST_ACCESS=false
--- a/test/controllers/landing_controller_test.rb
+++ b/test/controllers/landing_controller_test.rb
@ -18,6 +18,15 @@ require 'test_helper'

 class LandingControllerTest < ActionController::TestCase

+  # Should redirect to login url if guest access is disabled.
+  def assert_login_or_success
+    if Rails.configuration.disable_guest_access
+      assert_redirected_to user_login_path
+    else
+      assert_response :success
+    end
+  end
+
  setup do
    @meeting_id = 'test_id'
    @user = users :user1
@ -25,12 +34,12 @@ class LandingControllerTest < ActionController::TestCase

  test "should get index" do
    get :index, params: {resource: 'meetings'}
-    assert_response :success
+    assert_login_or_success
  end

  test "should get meeting" do
    get :resource, params: { id: @meeting_id, resource: 'meetings' }
-    assert_response :success
+    assert_login_or_success
  end

  test "should get room" do
@ -61,9 +70,12 @@ class LandingControllerTest < ActionController::TestCase
  test "should fallback to en-US locale if locale is en" do
    request.headers["Accept-Language"] = 'en'
    get :index, params: {resource: 'meetings'}
-    assert_response :success
-
-    assert css_select('html').attribute('lang').value, 'en'
+    if Rails.configuration.disable_guest_access
+      assert_redirected_to user_login_path
+    else
+      assert_response :success
+      assert css_select('html').attribute('lang').value, 'en'
+    end
  end

 end