GRN2-118: Create a setting to require authentication to join a room (#541)

* Create a setting to require authentication to join a room * Apply comments
2019-05-22 13:44:40 -04:00
parent 996518eea7
commit 70acb9a7e1
11 changed files with 89 additions and 14 deletions
--- a/app/assets/javascripts/admins.js
+++ b/app/assets/javascripts/admins.js
@ -106,6 +106,11 @@ function changeBrandingImage(path) {
  $.post(path, {url: url})
 }

+// Change whether or not user have to be signed in to join a room
+function changeRoomAuthentication(checked, path) {
+  $.post(path, {authenticationRequired: checked})
+}
+
 // Filters by role
 function filterRole(role) {
  search = new URL(location.href).searchParams.get('search')
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@ -22,7 +22,7 @@ class AdminsController < ApplicationController
  include Emailer

  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve]
-  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method]
+  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method, :room_authentication]

  authorize_resource class: false
  before_action :find_user, only: manage_users
@ -130,6 +130,12 @@ class AdminsController < ApplicationController
    redirect_to admins_path
  end

+  # POST /admins/meetingAuthentication
+  def room_authentication
+    @settings.update_value("Room Authentication", params[:authenticationRequired])
+    redirect_to admins_path
+  end
+
  # POST /admins/registration_method/:method
  def registration_method
    new_method = Rails.configuration.registration_methods[params[:method].to_sym]
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@ -98,6 +98,9 @@ class RoomsController < ApplicationController

  # POST /:room_uid
  def join
+    # If this setting is turned on only authenticated users are allowed to join rooms
+    room_authentication_required
+
    opts = default_meeting_options
    unless @room.owned_by?(current_user)
      # Assign join name if passed.
@ -271,4 +274,12 @@ class RoomsController < ApplicationController
  def verify_user_not_admin
    redirect_to admins_path if current_user && current_user&.has_role?(:super_admin)
  end
+
+  def room_authentication_required
+    if Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true" &&
+       current_user.nil?
+      flash[:alert] = I18n.t("administrator.site_settings.authentication.user-info")
+      redirect_to signin_path
+    end
+  end
 end
--- a/app/helpers/admins_helper.rb
+++ b/app/helpers/admins_helper.rb
@ -35,6 +35,10 @@ module AdminsHelper
    registration_method == Rails.configuration.registration_methods[:approval]
  end

+  def room_authentication_required
+    Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true"
+  end
+
  def registration_method_string
    case registration_method
    when Rails.configuration.registration_methods[:open]
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@ -39,6 +39,8 @@ class Setting < ApplicationRecord
        Rails.configuration.primary_color_default
      when "Registration Method"
        Rails.configuration.registration_method_default
+      when "Room Authentication"
+        false
      end
    end
  end
--- a/app/views/rooms/join.html.erb
+++ b/app/views/rooms/join.html.erb
@ -14,18 +14,22 @@
 %>

 <%= render 'shared/room_event' do %>
-  <%= form_for room_path(@room), method: :post do |f| %>
-    <div class="input-group join-input">
-      <%= f.hidden_field(:search, :value => params[:search])%>
-      <%= f.hidden_field(:column, :value => params[:column])%>
-      <%= f.hidden_field(:direction, :value => params[:direction])%>
-      <%= f.text_field :join_name,
-          required: true,
-          class: "form-control join-form",
-          placeholder: t("enter_your_name"),
-          value: "#{@name}",
-          readonly: !current_user.nil? %>
-      <%= f.submit t("room.join"), class: "btn btn-primary btn-sm col-sm-3 form-control join-form" %>
-    </div>
+  <% if room_authentication_required && current_user.nil? %>
+    <h2><%= t("administrator.site_settings.authentication.user-info") %></h2>
+  <% else %>
+    <%= form_for room_path(@room), method: :post do |f| %>
+      <div class="input-group join-input">
+        <%= f.hidden_field(:search, :value => params[:search])%>
+        <%= f.hidden_field(:column, :value => params[:column])%>
+        <%= f.hidden_field(:direction, :value => params[:direction])%>
+        <%= f.text_field :join_name,
+            required: true,
+            class: "form-control join-form",
+            placeholder: t("enter_your_name"),
+            value: "#{@name}",
+            readonly: !current_user.nil? %>
+        <%= f.submit t("room.join"), class: "btn btn-primary btn-sm col-sm-3 form-control join-form" %>
+      </div>
+    <% end %>
  <% end %>
 <% end %>
--- a/app/views/shared/admin_settings/_site_settings.html.erb
+++ b/app/views/shared/admin_settings/_site_settings.html.erb
@ -28,6 +28,19 @@
      </div>
    </div>
  </div>
+  <div class="row">
+    <div class="col-12">
+      <div class="mb-7 form-group">
+        <label class="form-label"><%= t("administrator.site_settings.authentication.title") %></label>
+        <div class="row gutters-xs">
+          <label class="custom-control custom-checkbox ml-1">
+            <%= check_box_tag "room_authentication", '', room_authentication_required, class: 'custom-control-input', onchange: "changeRoomAuthentication(this.checked, '#{admin_room_authentication_path}')"%>
+            <span class="custom-control-label text-muted pt-1"><%= t("administrator.site_settings.authentication.info") %></span>
+          </label>
+        </div>
+      </div>
+    </div>
+  </div>
  <div class="row">
    <div class="col-12">
      <div class="mb-7 form-group">