Allow rooms to have an optional access code (#646)

app/assets/javascripts/room.js.erb

@@ -44,6 +44,9 @@ $(document).on('turbolinks:load', function(){
   // Display and update all fields related to creating a room in the createRoomModal
   $("#create-room-block").click(function(){
     $("#create-room-name").val("")
+    $("#create-room-access-code").text("<%= I18n.t("modal.create_room.access_code_placeholder") %>")
+    $("#room_access_code").val(null)
+
     $("#createRoomModal form").attr("action", $("body").data('relative-root'))
     updateDropdown($(".dropdown-item[value='default']"))
     $("#room_mute_on_join").prop("checked", false)
@@ -80,6 +83,16 @@ $(document).on('turbolinks:load', function(){
     })
 
     updateCurrentSettings($(this).closest("#room-block").data("room-settings"))
+    
+    accessCode = $(this).closest("#room-block").data("room-access-code")
+
+    if(accessCode){
+      $("#create-room-access-code").text("<%= I18n.t("modal.create_room.access_code") %>: " + accessCode)
+      $("#room_access_code").val(accessCode)
+    } else{
+      $("#create-room-access-code").text("<%= I18n.t("modal.create_room.access_code_placeholder") %>")
+      $("#room_access_code").val(null)
+    }
   })
 
   //Update the createRoomModal to show the correct current settings
@@ -107,3 +120,21 @@ function updateDropdown(element) {
   $("#dropdown-trigger").text(element.text())
   $("#room_client").val(element.val())
 }
+
+function generateAccessCode(){
+  const accessCodeLength = 6
+  var validCharacters = "0123456789"
+  var accessCode = ""
+
+  for( var i = 0; i < accessCodeLength; i++){
+    accessCode += validCharacters.charAt(Math.floor(Math.random() * validCharacters.length));
+  }
+
+  $("#create-room-access-code").text("<%= I18n.t("modal.create_room.access_code") %>: " + accessCode)
+  $("#room_access_code").val(accessCode)
+}
+
+function ResetAccessCode(){
+  $("#create-room-access-code").text("<%= I18n.t("modal.create_room.access_code_placeholder") %>")
+  $("#room_access_code").val(null)
+}

app/assets/stylesheets/rooms.scss

@@ -65,3 +65,7 @@
     background-color: rgba(0, 0, 0, 0.04);
   }
 }
+
+.allow-icon-click{
+  pointer-events: auto;
+}

app/controllers/rooms_controller.rb

@@ -25,7 +25,7 @@ class RoomsController < ApplicationController
   before_action :validate_verified_email, except: [:show, :join],
                 unless: -> { !Rails.configuration.enable_email_verification }
   before_action :find_room, except: :create
-  before_action :verify_room_ownership, except: [:create, :show, :join, :logout]
+  before_action :verify_room_ownership, except: [:create, :show, :join, :logout, :login]
   before_action :verify_room_owner_verified, only: [:show, :join],
                 unless: -> { !Rails.configuration.enable_email_verification }
   before_action :verify_user_not_admin, only: [:show]
@@ -36,7 +36,7 @@ class RoomsController < ApplicationController
 
     return redirect_to current_user.main_room, flash: { alert: I18n.t("room.room_limit") } if room_limit_exceeded
 
-    @room = Room.new(name: room_params[:name])
+    @room = Room.new(name: room_params[:name], access_code: room_params[:access_code])
     @room.owner = current_user
     @room.room_settings = create_room_settings_string(room_params[:mute_on_join], room_params[:client])
 
@@ -106,6 +106,12 @@ class RoomsController < ApplicationController
 
     opts = default_meeting_options
     unless @room.owned_by?(current_user)
+      # Don't allow users to join unless they have a valid access code or the room doesn't
+      # have an access code
+      if @room.access_code && !@room.access_code.empty? && @room.access_code != session[:access_code]
+        return redirect_to room_path(room_uid: params[:room_uid]), flash: { alert: I18n.t("room.access_code_required") }
+      end
+
       # Assign join name if passed.
       if params[@room.invite_path]
         @join_name = params[@room.invite_path][:join_name]
@@ -118,31 +124,7 @@ class RoomsController < ApplicationController
     # create or update cookie with join name
     cookies.encrypted[:greenlight_name] = @join_name unless cookies.encrypted[:greenlight_name] == @join_name
 
-    if @room.running? || @room.owned_by?(current_user)
-      # Determine if the user needs to join as a moderator.
-      opts[:user_is_moderator] = @room.owned_by?(current_user)
-
-      # Check if the user has specified which client to use
-      room_settings = JSON.parse(@room[:room_settings])
-      opts[:join_via_html5] = room_settings["joinViaHtml5"] if room_settings["joinViaHtml5"]
-
-      if current_user
-        redirect_to @room.join_path(current_user.name, opts, current_user.uid)
-      else
-        join_name = params[:join_name] || params[@room.invite_path][:join_name]
-        redirect_to @room.join_path(join_name, opts)
-      end
-    else
-
-      search_params = params[@room.invite_path] || params
-      @search, @order_column, @order_direction, pub_recs =
-        public_recordings(@room.bbb_id, @user_domain, search_params.permit(:search, :column, :direction), true)
-
-      @pagy, @public_recordings = pagy_array(pub_recs)
-
-      # They need to wait until the meeting begins.
-      render :wait
-    end
+    join_room(opts)
   end
 
   # DELETE /:room_uid
@@ -185,6 +167,8 @@ class RoomsController < ApplicationController
       update_room_attributes("settings")
       # Update the rooms name if it has been changed
       update_room_attributes("name") if @room.name != room_params[:name]
+      # Update the room's access code if it has changed
+      update_room_attributes("access_code") if @room.access_code != room_params[:access_code]
     rescue StandardError
       flash[:alert] = I18n.t("room.update_settings_error")
     else
@@ -199,6 +183,15 @@ class RoomsController < ApplicationController
     redirect_to @room
   end
 
+  # POST /:room_uid/login
+  def login
+    session[:access_code] = room_params[:access_code]
+
+    flash[:alert] = I18n.t("room.access_code_required") if session[:access_code] != @room.access_code
+
+    redirect_to room_path(@room.uid)
+  end
+
   private
 
   def update_room_attributes(update_type)
@@ -208,6 +201,8 @@ class RoomsController < ApplicationController
       elsif update_type.eql? "settings"
         room_settings_string = create_room_settings_string(room_params[:mute_on_join], room_params[:client])
         @room.update_attributes(room_settings: room_settings_string)
+      elsif update_type.eql? "access_code"
+        @room.update_attributes(access_code: room_params[:access_code])
       end
     end
   end
@@ -226,7 +221,7 @@ class RoomsController < ApplicationController
   end
 
   def room_params
-    params.require(:room).permit(:name, :auto_join, :mute_on_join, :client)
+    params.require(:room).permit(:name, :auto_join, :mute_on_join, :client, :access_code)
   end
 
   # Find the room from the uid.
@@ -292,4 +287,31 @@ class RoomsController < ApplicationController
 
     current_user.rooms.count >= limit
   end
+
+  def join_room(opts)
+    if @room.running? || @room.owned_by?(current_user)
+      # Determine if the user needs to join as a moderator.
+      opts[:user_is_moderator] = @room.owned_by?(current_user)
+
+      # Check if the user has specified which client to use
+      room_settings = JSON.parse(@room[:room_settings])
+      opts[:join_via_html5] = room_settings["joinViaHtml5"] if room_settings["joinViaHtml5"]
+
+      if current_user
+        redirect_to @room.join_path(current_user.name, opts, current_user.uid)
+      else
+        join_name = params[:join_name] || params[@room.invite_path][:join_name]
+        redirect_to @room.join_path(join_name, opts)
+      end
+    else
+      search_params = params[@room.invite_path] || params
+      @search, @order_column, @order_direction, pub_recs =
+        public_recordings(@room.bbb_id, @user_domain, search_params.permit(:search, :column, :direction), true)
+
+      @pagy, @public_recordings = pagy_array(pub_recs)
+
+      # They need to wait until the meeting begins.
+      render :wait
+    end
+  end
 end

app/views/rooms/join.html.erb

@@ -13,9 +13,21 @@
 # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
 %>
 
-<%= render 'shared/room_event' do %>
+<% valid_access_code = @room.access_code.nil? || @room.access_code.empty? || @room.access_code == session[:access_code] %>
+<%= render 'shared/room_event', render_recordings: valid_access_code do %>
   <% if room_authentication_required %>
     <h2><%= t("administrator.site_settings.authentication.user-info") %></h2>
+  <% elsif !valid_access_code %>
+    <%= form_for :room, url: login_room_path(@room.uid) do |f| %>
+      <div class="input-group join-input">
+        <%= f.text_field :access_code,
+              required: true,
+              class: "form-control join-form",
+              placeholder: t("room.enter_the_access_code"),
+              value: "" %>
+        <%= f.submit t("room.login"), class: "btn btn-primary btn-sm col-sm-3 form-control join-form" %>
+      </div>
+    <% end %>
   <% else %>
     <%= form_for room_path(@room), method: :post do |f| %>
       <div class="input-group join-input">

app/views/rooms/wait.html.erb

@@ -13,7 +13,7 @@
 # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
 %>
 
-<%= render 'shared/room_event' do %>
+<%= render 'shared/room_event', render_recordings: true do %>
   <div class="row">
     <div class="col-9">
       <h3><%= t("room.wait.message") %></h3>

app/views/shared/_room_event.html.erb

@@ -40,4 +40,6 @@
   </div>
 </div>
 
-<%= render "shared/sessions", recordings: @public_recordings, pagy: @pagy, only_public: true, user_recordings: false, title: t("room.recordings") %>
+<% if render_recordings %>
+  <%= render "shared/sessions", recordings: @public_recordings, pagy: @pagy, only_public: true, user_recordings: false, title: t("room.recordings") %>
+<% end %>

app/views/shared/components/_room_block.html.erb

@@ -13,7 +13,7 @@
 # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
 %>
 
-<div id="<%= if room == current_user.main_room then 'home_room_block' else 'room-block' end %>" data-room-uid="<%= room.uid %>" data-room-settings=<%= room.room_settings %> class="card">
+<div id="<%= if room == current_user.main_room then 'home_room_block' else 'room-block' end %>" data-room-uid="<%= room.uid %>" data-room-settings=<%= room.room_settings %> data-room-access-code="<%= room.access_code %>" class="card">
   <div class="card-body p-1">
     <table class="table table-hover table-vcenter text-wrap table-no-border">
       <tbody class="no-border-top">

app/views/shared/modals/_create_room_modal.html.erb

@@ -28,10 +28,21 @@
               <span class="input-icon-addon">
                 <i class="fas fa-chalkboard-teacher"></i>
               </span>
-              <%= f.text_field :name, id: "create-room-name", class: "form-control", value: "", placeholder: t("modal.create_room.name_placeholder"), autocomplete: :off %>
+              <%= f.text_field :name, id: "create-room-name", class: "form-control text-center", value: "", placeholder: t("modal.create_room.name_placeholder"), autocomplete: :off %>
               <div class="invalid-feedback text-left"><%= t("modal.create_room.not_blank") %></div>
             </div>
 
+            <div class="input-icon mb-2">
+              <span onclick="generateAccessCode()" class="input-icon-addon allow-icon-click">
+                <i class="fas fa-dice"></i>
+              </span>
+              <%= f.label :access_code, t("modal.create_room.access_code_placeholder"), id: "create-room-access-code", class: "form-control" %>
+              <%= f.hidden_field :access_code %>
+              <span onclick="ResetAccessCode()" class="input-icon-addon allow-icon-click">
+                <i class="far fa-trash-alt"></i>
+              </span>
+            </div>
+
             <% if Rails.configuration.room_features.include? "default-client" %>
               <label class="mt-3 mb-3 w-100 text-left d-inline-block">
                 <input type="hidden" name="room[client]" id="room_client">