GRN2-118: Create a setting to require authentication to join a room (#541)

* Create a setting to require authentication to join a room

* Apply comments

app/controllers/admins_controller.rb

@@ -22,7 +22,7 @@ class AdminsController < ApplicationController
   include Emailer
 
   manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve]
-  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method]
+  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method, :room_authentication]
 
   authorize_resource class: false
   before_action :find_user, only: manage_users
@@ -130,6 +130,12 @@ class AdminsController < ApplicationController
     redirect_to admins_path
   end
 
+  # POST /admins/meetingAuthentication
+  def room_authentication
+    @settings.update_value("Room Authentication", params[:authenticationRequired])
+    redirect_to admins_path
+  end
+
   # POST /admins/registration_method/:method
   def registration_method
     new_method = Rails.configuration.registration_methods[params[:method].to_sym]

app/controllers/rooms_controller.rb

@@ -98,6 +98,9 @@ class RoomsController < ApplicationController
 
   # POST /:room_uid
   def join
+    # If this setting is turned on only authenticated users are allowed to join rooms
+    room_authentication_required
+
     opts = default_meeting_options
     unless @room.owned_by?(current_user)
       # Assign join name if passed.
@@ -271,4 +274,12 @@ class RoomsController < ApplicationController
   def verify_user_not_admin
     redirect_to admins_path if current_user && current_user&.has_role?(:super_admin)
   end
+
+  def room_authentication_required
+    if Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true" &&
+       current_user.nil?
+      flash[:alert] = I18n.t("administrator.site_settings.authentication.user-info")
+      redirect_to signin_path
+    end
+  end
 end