GRN2-118: Create a setting to require authentication to join a room (#541)

* Create a setting to require authentication to join a room * Apply comments
2019-05-22 13:44:40 -04:00 · 2019-05-22 13:44:40 -04:00 · 70acb9a7e1
parent 996518eea7
commit 70acb9a7e1
11 changed files with 89 additions and 14 deletions
--- a/app/assets/javascripts/admins.js
+++ b/app/assets/javascripts/admins.js
@ -106,6 +106,11 @@ function changeBrandingImage(path) {
  $.post(path, {url: url})
 }

+// Change whether or not user have to be signed in to join a room
+function changeRoomAuthentication(checked, path) {
+  $.post(path, {authenticationRequired: checked})
+}
+
 // Filters by role
 function filterRole(role) {
  search = new URL(location.href).searchParams.get('search')
--- a/app/controllers/admins_controller.rb
+++ b/app/controllers/admins_controller.rb
@ -22,7 +22,7 @@ class AdminsController < ApplicationController
  include Emailer

  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve]
-  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method]
+  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken, :registration_method, :room_authentication]

  authorize_resource class: false
  before_action :find_user, only: manage_users
@ -130,6 +130,12 @@ class AdminsController < ApplicationController
    redirect_to admins_path
  end

+  # POST /admins/meetingAuthentication
+  def room_authentication
+    @settings.update_value("Room Authentication", params[:authenticationRequired])
+    redirect_to admins_path
+  end
+
  # POST /admins/registration_method/:method
  def registration_method
    new_method = Rails.configuration.registration_methods[params[:method].to_sym]
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@ -98,6 +98,9 @@ class RoomsController < ApplicationController

  # POST /:room_uid
  def join
+    # If this setting is turned on only authenticated users are allowed to join rooms
+    room_authentication_required
+
    opts = default_meeting_options
    unless @room.owned_by?(current_user)
      # Assign join name if passed.
@ -271,4 +274,12 @@ class RoomsController < ApplicationController
  def verify_user_not_admin
    redirect_to admins_path if current_user && current_user&.has_role?(:super_admin)
  end
+
+  def room_authentication_required
+    if Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true" &&
+       current_user.nil?
+      flash[:alert] = I18n.t("administrator.site_settings.authentication.user-info")
+      redirect_to signin_path
+    end
+  end
 end
--- a/app/helpers/admins_helper.rb
+++ b/app/helpers/admins_helper.rb
@ -35,6 +35,10 @@ module AdminsHelper
    registration_method == Rails.configuration.registration_methods[:approval]
  end

+  def room_authentication_required
+    Setting.find_or_create_by!(provider: user_settings_provider).get_value("Room Authentication") == "true"
+  end
+
  def registration_method_string
    case registration_method
    when Rails.configuration.registration_methods[:open]
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@ -39,6 +39,8 @@ class Setting < ApplicationRecord
        Rails.configuration.primary_color_default
      when "Registration Method"
        Rails.configuration.registration_method_default
+      when "Room Authentication"
+        false
      end
    end
  end
--- a/app/views/rooms/join.html.erb
+++ b/app/views/rooms/join.html.erb
@ -14,6 +14,9 @@
 %>

 <%= render 'shared/room_event' do %>
+  <% if room_authentication_required && current_user.nil? %>
+    <h2><%= t("administrator.site_settings.authentication.user-info") %></h2>
+  <% else %>
    <%= form_for room_path(@room), method: :post do |f| %>
      <div class="input-group join-input">
        <%= f.hidden_field(:search, :value => params[:search])%>
@ -29,3 +32,4 @@
      </div>
    <% end %>
  <% end %>
+<% end %>
--- a/app/views/shared/admin_settings/_site_settings.html.erb
+++ b/app/views/shared/admin_settings/_site_settings.html.erb
@ -28,6 +28,19 @@
      </div>
    </div>
  </div>
+  <div class="row">
+    <div class="col-12">
+      <div class="mb-7 form-group">
+        <label class="form-label"><%= t("administrator.site_settings.authentication.title") %></label>
+        <div class="row gutters-xs">
+          <label class="custom-control custom-checkbox ml-1">
+            <%= check_box_tag "room_authentication", '', room_authentication_required, class: 'custom-control-input', onchange: "changeRoomAuthentication(this.checked, '#{admin_room_authentication_path}')"%>
+            <span class="custom-control-label text-muted pt-1"><%= t("administrator.site_settings.authentication.info") %></span>
+          </label>
+        </div>
+      </div>
+    </div>
+  </div>
  <div class="row">
    <div class="col-12">
      <div class="mb-7 form-group">
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -23,6 +23,10 @@ en:
        accepted_terms: "Terms and Conditions"
  administrator:
    site_settings:
+      authentication:
+        info: Only allow authenticated users to join a room
+        title: Require Authentication for Rooms
+        user-info: You must sign in to Greenlight to join this room
      branding:
        change: Change Image
        info: Change the branding image that appears in the top left corner
--- a/config/routes.rb
+++ b/config/routes.rb
@ -39,6 +39,7 @@ Rails.application.routes.draw do
  scope '/admins' do
    post '/branding', to: 'admins#branding', as: :admin_branding
    post '/coloring', to: 'admins#coloring', as: :admin_coloring
+    post '/room_authentication', to: 'admins#room_authentication', as: :admin_room_authentication
    post '/coloring_lighten', to: 'admins#coloring_lighten', as: :admin_coloring_lighten
    post '/coloring_darken', to: 'admins#coloring_darken', as: :admin_coloring_darken
    post '/signup', to: 'admins#signup', as: :admin_signup
--- a/spec/controllers/admins_controller_spec.rb
+++ b/spec/controllers/admins_controller_spec.rb
@ -278,5 +278,22 @@ describe AdminsController, type: :controller do
        expect(response).to redirect_to(admins_path)
      end
    end
+
+    context "POST #room_authentication" do
+      it "changes the room authentication required setting" do
+        allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+        allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
+
+        @request.session[:user_id] = @admin.id
+        checked = true
+
+        post :room_authentication, params: { authenticationRequired: checked }
+
+        feature = Setting.find_by(provider: "provider1").features.find_by(name: "Room Authentication")
+
+        expect(feature[:value]).to eq(checked.to_s)
+        expect(response).to redirect_to(admins_path)
+      end
+    end
  end
 end
--- a/spec/controllers/rooms_controller_spec.rb
+++ b/spec/controllers/rooms_controller_spec.rb
@ -206,6 +206,14 @@ describe RoomsController, type: :controller do
      expect(flash[:alert]).to be_present
      expect(response).to redirect_to(root_path)
    end
+
+    it "should not allow the user to join if the user isn't signed in and room authentication is required" do
+      allow_any_instance_of(Setting).to receive(:get_value).and_return("true")
+
+      post :join, params: { room_uid: @room }
+
+      expect(response).to redirect_to(signin_path)
+    end
  end

  describe "DELETE #destroy" do