lino.jorzick/greenlight
1
0
Fork 0
forked from External/greenlight
Code Issues Pull Requests Projects Releases Wiki Activity

Merge v2.6-alpha (#1672)

Browse Source 
* GRN2-xx: Switch the relation between users and roles to make queries cleaner and faster (#1299)

* First steps

* Fixes in account creation flow

* Fixed most testcases

* more test fixes

* Fixed more test cases

* Passing tests and rubocop

* Added rake task to remove rooms

* Adding translation (#1510)

* Update _account.html.erb

* Update en.yml

* Fix "for" attribute for label elements (#1488)

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

* Fix some issues reported by LGTM (#1478)

* Declare local JavaScript variables (reported by LGTM)

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* Remove unused local JavaScript variable (reported by LGTM)

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* Puma Worker Configuration (#1332)

We noticed that the current default settings perform very poorly under
load. We managed to literally take down Greenlight during a larger event
when people where accessing the landing page for rooms and when doing
some tests, I was more or less able to DoS Greenlight on my own.

This patch adds a default worker configuration which significantly
improves the situation. The small, 4 core machine I was testing on could
handle about thrice the amount of requests.

While the new default configuration should be reasonably well suited for
most deployments, this patch further allows users to easily configure
the worker pool on their own in the environment file.

* Made name and email readonly for no greenlight accounts (#1534)

* Fixed hardcoded string (#1532)

* fixed spelling error that was bugging me :) - sep a rat e (#1535)

Co-authored-by: Dave Lane <dave@oerfoundation.org>

* Improve Server Rooms View (#1524)

* Order rooms by status

* Cleaned up order function

* Now displays Started/Created/Ended

* Added participant count to rooms list

* Fix rake task user:create so that users can be created when terms are present (#1565)

* Changed user create task to always accept terms

* clean up

* More secure room ID (#1451)

* Legal and privpolicy link (#1421)

* add customizable Links to Imprint and Privacy Policy

* fix copy&paste error in spec

* replace "imprint" with "legal" since that is the correct term

* remove german translation of new strings, transifex will take care of them later

* GRN2-295:Refactored update profile and update password (#1591)

* Refactored update profile and update password

* Relowered rubocop settings

* Fixed email sending when not supposed to (#1592)

* Design changes for small screens  (#1580)

* now rap for pagination

* Update _subtitle.html.erb

* Update _rooms.html.erb

* Update _recordings.html.erb

* Update _rooms.html.erb

* Update _users.html.erb

* Update cant_create_rooms.html.erb

* Update room.js

* Update edit.html.erb

* Update new.html.erb

* Update cant_create_rooms.html.erb

* Update _sessions.html.erb

* Update _account.html.erb

* Make Greenlight work with Ruby 2.7 (#1560)

Greenlight's failure to start up with Ruby 2.7 seems to be caused by [an
issue in bootsnap](https://github.com/Shopify/bootsnap/issues/258).
Updating that library makes Greenlight work again.

However, there are still a lot of deprecation warnings. But that's
something to deal with separately.

This fixes #1558

* use email input for sign in (#1199)

* use email input for sign in

* use email input for registration

* use email input for invitation

* use email input for account settings

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

* Fix Gemfile (#1593)

* Fixed invalid token for password reset (#1632)

* HELP_URL env variable now works as expected (#1636)

* #1372 Fix for long Text in Table + Remove invalid HTML Tag (#1403)

* removed invalid HTML Tag

* removed invalid HTML Tag

* Update _public_recording_row.html.erb

* Update _recording_row.html.erb

* Update _server_recording_row.html.erb

form-inline replaced by own css

* Update _server_room_row.html.erb

* Update _public_recording_row.html.erb

* Update _recording_row.html.erb

* Update _public_recording_row.html.erb

* Update _recordings.html.erb

* Update _rooms.html.erb

* Update main.scss

fix for long text

* Update main.scss

* Update _public_recording_row.html.erb

* Added more validation on profile image (#1644)

* Users who can't create rooms but have shared rooms now have a different view (#1649)

* Revert "Puma Worker Configuration (#1332)" (#1667)

This reverts commit 78ed8d7460.

* Removed html safe from all flash messages (#1668)

* Remove hardcoded guest=true if require mod approval is set (#1669)

* Change random generation for room uid (#1670)

* GRN2-290: Update gems and update to Rails 5.2.4.3 (#1671)

* Update gems and update to Rails 5.2.4.3

* remove gemfile error

Co-authored-by: MrKeksi <mrkeksi@users.noreply.github.com>
Co-authored-by: Florian Weber <fnwbr@users.noreply.github.com>
Co-authored-by: Stefan Weil <sw@weilnetz.de>
Co-authored-by: Lars Kiesow <lkiesow@uos.de>
Co-authored-by: Dave Lane <dave@lane.net.nz>
Co-authored-by: Dave Lane <dave@oerfoundation.org>
Co-authored-by: Henning <hng@users.noreply.github.com>
Co-authored-by: Marcel Waldvogel <marcel@waldvogel.family>
Co-authored-by: Christian Marg <marg@rz.tu-clausthal.de>
Co-authored-by: Klaus <klaus@jsxc.org>
This commit is contained in:
Ahmad Farhat
2020-05-26 17:37:23 -04:00
committed by GitHub
parent 7411eba8e0
commit 51824ad84b
76 changed files with 903 additions and 735 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/ability.rb
View File

@ -25,7 +25,7 @@ class Ability
elsif user.has_role? :super_admin
can :manage, :all
else
highest_role = user.highest_priority_role
highest_role = user.role
if highest_role.get_permission("can_edit_site_settings")
can [:site_settings, :room_configuration, :update_settings,
:update_room_configuration, :coloring, :registration_method], :admin

2
app/models/concerns/auth_values.rb
View File

@ -63,7 +63,7 @@ module AuthValues
role_provider = auth['provider'] == "bn_launcher" ? auth['info']['customer'] : "greenlight"
roles.each do |role_name|
role = Role.find_by(provider: role_provider, name: role_name)
user.roles << role if !role.nil? && !user.has_role?(role_name)
user.role = role if !role.nil? && !user.has_role?(role_name)
end
end
end

6
app/models/role.rb
View File

@ -17,10 +17,12 @@
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
class Role < ApplicationRecord
has_and_belongs_to_many :users, join_table: :users_roles
has_and_belongs_to_many :users, join_table: :users_roles # Obsolete -- not used anymore
has_many :role_permissions
default_scope { includes(:role_permissions).order(:priority) }
has_many :users
default_scope { includes(:role_permissions).distinct.order(:priority) }
scope :by_priority, -> { order(:priority) }
scope :editable_roles, ->(provider) { where(provider: provider).where.not(name: %w[super_admin denied pending]) }

35
app/models/room.rb
View File

@ -45,10 +45,13 @@ class Room < ApplicationRecord
where(search_query, search: search_param)
end
def self.admins_order(column, direction)
def self.admins_order(column, direction, running_ids)
# Include the owner of the table
table = joins(:owner)
# Rely on manual ordering if trying to sort by status
return order_by_status(table, running_ids) if column == "status"
return table.order(Arel.sql("rooms.#{column} #{direction}")) if table.column_names.include?(column)
return table.order(Arel.sql("#{column} #{direction}")) if column == "users.name"
@ -80,6 +83,21 @@ class Room < ApplicationRecord
ActionCable.server.broadcast("#{uid}_waiting_channel", action: "started")
end
# Return table with the running rooms first
def self.order_by_status(table, ids)
return table if ids.blank?
order_string = "CASE bbb_id "
ids.each_with_index do |id, index|
order_string += "WHEN '#{id}' THEN #{index} "
end
order_string += "ELSE #{ids.length} END"
table.order(Arel.sql(order_string))
end
private
# Generates a uid for the room and BigBlueButton.
@ -90,21 +108,18 @@ class Room < ApplicationRecord
self.attendee_pw = RandomPassword.generate(length: 12)
end
# Generates a three character uid chunk.
def uid_chunk
charset = ("a".."z").to_a - %w(b i l o s) + ("2".."9").to_a - %w(5 8)
(0...3).map { charset.to_a[rand(charset.size)] }.join
end
# Generates a random room uid that uses the users name.
# Generates a fully random room uid.
def random_room_uid
[owner.name_chunk, uid_chunk, uid_chunk].join('-').downcase
# 6 character long random string of chars from a..z and 0..9
full_chunk = SecureRandom.alphanumeric(6).downcase
[owner.name_chunk, full_chunk[0..2], full_chunk[3..5]].join("-")
end
# Generates a unique bbb_id based on uuid.
def unique_bbb_id
loop do
bbb_id = SecureRandom.hex(20)
bbb_id = SecureRandom.alphanumeric(40).downcase
break bbb_id unless Room.exists?(bbb_id: bbb_id)
end
end

4
app/models/setting.rb
View File

@ -48,6 +48,10 @@ class Setting < ApplicationRecord
case name
when "Branding Image"
Rails.configuration.branding_image_default
when "Legal URL"
nil
when "Privacy Policy URL"
nil
when "Primary Color"
Rails.configuration.primary_color_default
when "Registration Method"

87
app/models/user.rb
View File

@ -31,7 +31,9 @@ class User < ApplicationRecord
has_many :shared_access
belongs_to :main_room, class_name: 'Room', foreign_key: :room_id, required: false
has_and_belongs_to_many :roles, join_table: :users_roles
has_and_belongs_to_many :roles, join_table: :users_roles # obsolete
belongs_to :role, required: false
validates :name, length: { maximum: 256 }, presence: true
validates :provider, presence: true
@ -92,14 +94,12 @@ class User < ApplicationRecord
end
search_param = "%#{string}%"
joins("LEFT OUTER JOIN users_roles ON users_roles.user_id = users.id LEFT OUTER JOIN roles " \
"ON roles.id = users_roles.role_id").distinct
.where(search_query, search: search_param, roles_search: role_search_param)
where(search_query, search: search_param, roles_search: role_search_param)
end
def self.admins_order(column, direction)
# Arel.sql to avoid sql injection
order(Arel.sql("#{column} #{direction}"))
order(Arel.sql("users.#{column} #{direction}"))
end
# Returns a list of rooms ordered by last session (with nil rooms last)
@ -109,6 +109,7 @@ class User < ApplicationRecord
# Activates an account and initialize a users main room
def activate
set_role :user if role_id.nil?
update_attributes(email_verified: true, activated_at: Time.zone.now, activation_digest: nil)
end
@ -162,7 +163,7 @@ class User < ApplicationRecord
end
def admin_of?(user, permission)
has_correct_permission = highest_priority_role.get_permission(permission) && id != user.id
has_correct_permission = role.get_permission(permission) && id != user.id
return has_correct_permission unless Rails.configuration.loadbalanced_configuration
return id != user.id if has_role? :super_admin
@ -170,70 +171,31 @@ class User < ApplicationRecord
end
# role functions
def highest_priority_role
roles.min_by(&:priority)
end
def set_role(role) # rubocop:disable Naming/AccessorMethodName
return if has_role?(role)
def add_role(role)
unless has_role?(role)
role_provider = Rails.configuration.loadbalanced_configuration ? provider : "greenlight"
new_role = Role.find_by(name: role, provider: role_provider)
new_role = Role.find_by(name: role, provider: role_provider)
return if new_role.nil?
if new_role.nil?
return if Role.duplicate_name(role, role_provider) || role.strip.empty?
create_home_room if main_room.nil? && new_role.get_permission("can_create_rooms")
new_role = Role.create_new_role(role, role_provider)
end
update_attribute(:role, new_role)
roles << new_role
save!
end
end
def remove_role(role)
if has_role?(role)
role_provider = Rails.configuration.loadbalanced_configuration ? provider : "greenlight"
roles.delete(Role.find_by(name: role, provider: role_provider))
save!
end
new_role
end
# This rule is disabled as the function name must be has_role?
# rubocop:disable Naming/PredicateName
def has_role?(role)
# rubocop:enable Naming/PredicateName
roles.each do |single_role|
return true if single_role.name.eql? role.to_s
end
false
def has_role?(role_name) # rubocop:disable Naming/PredicateName
role&.name == role_name.to_s
end
def self.with_role(role)
User.all_users_with_roles.where(roles: { name: role })
User.includes(:role).where(roles: { name: role })
end
def self.without_role(role)
User.where.not(id: with_role(role).pluck(:id))
end
def self.with_highest_priority_role(role)
User.all_users_highest_priority_role.where(roles: { name: role })
end
def self.all_users_with_roles
User.joins("INNER JOIN users_roles ON users_roles.user_id = users.id INNER JOIN roles " \
"ON roles.id = users_roles.role_id INNER JOIN role_permissions ON roles.id = role_permissions.role_id").distinct
end
def self.all_users_highest_priority_role
User.joins("INNER JOIN (SELECT user_id, min(roles.priority) as role_priority FROM users_roles " \
"INNER JOIN roles ON users_roles.role_id = roles.id GROUP BY user_id) as a ON " \
"a.user_id = users.id INNER JOIN roles ON roles.priority = a.role_priority " \
" INNER JOIN role_permissions ON roles.id = role_permissions.role_id").distinct
User.includes(:role).where.not(roles: { name: role })
end
private
@ -246,15 +208,13 @@ class User < ApplicationRecord
def setup_user
# Initializes a room for the user and assign a BigBlueButton user id.
id = "gl-#{(0...12).map { rand(65..90).chr }.join.downcase}"
room = Room.create!(owner: self, name: I18n.t("home_room"))
update_attributes(uid: id, main_room: room)
update_attributes(uid: id)
# Initialize the user to use the default user role
role_provider = Rails.configuration.loadbalanced_configuration ? provider : "greenlight"
Role.create_default_roles(role_provider) if Role.where(provider: role_provider).count.zero?
add_role(:user) if roles.blank?
end
def check_if_email_can_be_blank
@ -266,4 +226,13 @@ class User < ApplicationRecord
end
end
end
def create_home_room
room = Room.create!(owner: self, name: I18n.t("home_room"))
update_attributes(main_room: room)
end
def role_provider
Rails.configuration.loadbalanced_configuration ? provider : "greenlight"
end
end