Merge branch 'v2.2.1-alpha' into master

config/application.rb

@@ -26,6 +26,9 @@ Bundler.require(*Rails.groups)
 
 module Greenlight
   class Application < Rails::Application
+    # Initialize configuration defaults for originally generated Rails version.
+    config.load_defaults 5.2
+
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.

config/boot.rb

@@ -3,3 +3,4 @@
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
 
 require 'bundler/setup' # Set up gems listed in the Gemfile.
+require 'bootsnap/setup' # Speed up boot time by caching expensive operations.

config/environments/development.rb

@@ -15,12 +15,13 @@ Rails.application.configure do
   config.consider_all_requests_local = false
 
   # Enable/disable caching. By default caching is disabled.
-  if Rails.root.join('tmp/caching-dev.txt').exist?
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join('tmp', 'caching-dev.txt').exist?
     config.action_controller.perform_caching = true
 
     config.cache_store = :memory_store
     config.public_file_server.headers = {
-      'Cache-Control' => 'public, max-age=172800',
+      'Cache-Control' => "public, max-age=#{2.days.to_i}"
     }
   else
     config.action_controller.perform_caching = false
@@ -28,6 +29,9 @@ Rails.application.configure do
     config.cache_store = :null_store
   end
 
+  # Store uploaded files on the local file system (see config/storage.yml for options)
+  config.active_storage.service = :local
+
   # Don't wrap form components in field_with_error divs
   ActionView::Base.field_error_proc = proc do |html_tag|
     html_tag.html_safe
@@ -57,6 +61,9 @@ Rails.application.configure do
   # Raise an error on page load if there are pending migrations.
   config.active_record.migration_error = :page_load
 
+  # Highlight code that triggered database queries in logs.
+  config.active_record.verbose_query_logs = true
+
   # Debug mode disables concatenation and preprocessing of assets.
   # This option may cause significant delays in view rendering with a large
   # number of complex assets.

config/environments/production.rb

@@ -16,6 +16,10 @@ Rails.application.configure do
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
+  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+  # config.require_master_key = true
+
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
   config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].blank?
@@ -36,6 +40,9 @@ Rails.application.configure do
   # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
 
+  # Store uploaded files on the local file system (see config/storage.yml for options)
+  config.active_storage.service = :local
+
   # Mount Action Cable outside main process or domain
   # config.action_cable.mount_path = nil
   # config.action_cable.url = 'wss://example.com/cable'

config/environments/test.rb

@@ -17,7 +17,7 @@ Rails.application.configure do
   # Configure public file server for tests with Cache-Control for performance.
   config.public_file_server.enabled = true
   config.public_file_server.headers = {
-    'Cache-Control' => 'public, max-age=3600',
+    'Cache-Control' => "public, max-age=#{1.hour.to_i}"
   }
 
   # Show full error reports and disable caching.
@@ -29,6 +29,10 @@ Rails.application.configure do
 
   # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
+
+  # Store uploaded files on the local file system in a temporary directory
+  config.active_storage.service = :test
+
   config.action_mailer.perform_caching = false
 
   # Tell Action Mailer not to deliver emails to the real world.

config/initializers/assets.rb

@@ -5,9 +5,12 @@
 # Version of your assets, change this if you want to expire all your assets.
 Rails.application.config.assets.version = '1.0'
 
-# Add additional assets to the asset load path
+# Add additional assets to the asset load path.
 # Rails.application.config.assets.paths << Emoji.images_path
+# Add Yarn node_modules folder to the asset load path.
+Rails.application.config.assets.paths << Rails.root.join('node_modules')
 
 # Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-# Rails.application.config.assets.precompile += %w()
+# application.js, application.css, and all non-JS/CSS in the app/assets
+# folder are already added.
+# Rails.application.config.assets.precompile += %w( admin.js admin.css )

config/initializers/content_security_policy.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Be sure to restart your server when you modify this file.
+
+# Define an application-wide content security policy
+# For further information see the following documentation
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
+
+# Rails.application.config.content_security_policy do |policy|
+#   policy.default_src :self, :https
+#   policy.font_src    :self, :https, :data
+#   policy.img_src     :self, :https, :data
+#   policy.object_src  :none
+#   policy.script_src  :self, :https
+#   policy.style_src   :self, :https
+
+#   # Specify URI for violation reports
+#   # policy.report_uri "/csp-violation-report-endpoint"
+# end
+
+# If you are using UJS then enable automatic nonce generation
+# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }
+
+# Report CSP violations to a specified URI
+# For further information see the following documentation:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
+# Rails.application.config.content_security_policy_report_only = true

config/initializers/health_check.rb

@@ -23,17 +23,11 @@ HealthCheck.setup do |config|
 
   config.http_status_for_error_object = 500
 
-  # bucket names to test connectivity - required only if s3 check used, access permissions can be mixed
-  config.buckets = { 'bucket_name' => [:R, :W, :D] }
-
   # You can customize which checks happen on a standard health check, eg to set an explicit list use:
-  config.standard_checks = %w(database migrations custom)
-
-  # Or to exclude one check:
-  config.standard_checks -= %w(emailconf)
+  config.standard_checks = %w(database migrations emailconf)
 
   # You can set what tests are run with the 'full' or 'all' parameter
-  config.full_checks = %w(database migrations custom email cache redis resque-redis sidekiq-redis s3)
+  config.full_checks = %w(database migrations email cache)
 
   # max-age of response in seconds
   # cache-control is public when max_age > 1 and basic_auth_username is not set
@@ -43,7 +37,4 @@ HealthCheck.setup do |config|
 
   # http status code used when the ip is not allowed for the request
   config.http_status_for_ip_whitelist_error = 403
-
-  # When redis url is non-standard
-  config.redis_url = 'redis_url'
 end

config/initializers/new_framework_defaults.rb

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-#
-# This file contains migration options to ease your Rails 5.0 upgrade.
-#
-# Read the Guide for Upgrading Ruby on Rails for more info on each option.
-
-Rails.application.config.action_controller.raise_on_unfiltered_parameters = true
-
-# Enable per-form CSRF tokens. Previous versions had false.
-Rails.application.config.action_controller.per_form_csrf_tokens = true
-
-# Enable origin-checking CSRF mitigation. Previous versions had false.
-Rails.application.config.action_controller.forgery_protection_origin_check = true
-
-# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
-# Previous versions had false.
-ActiveSupport.to_time_preserves_timezone = true
-
-# Require `belongs_to` associations by default. Previous versions had false.
-Rails.application.config.active_record.belongs_to_required_by_default = true
-
-# Do not halt callback chains when a callback returns false. Previous versions had true.
-ActiveSupport.halt_callback_chains_on_return_false = false
-
-# Configure SSL options to enable HSTS with subdomains. Previous versions had false.
-Rails.application.config.ssl_options = { hsts: { subdomains: true } }

config/initializers/session_store.rb

@@ -2,4 +2,9 @@
 
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store, key: '_greenlight-2_0_session'
+if Rails.configuration.loadbalanced_configuration
+    Rails.application.config.session_store :cookie_store, key: '_greenlight-2_0_session',
+        domain: ENV['GREENLIGHT_PARENT_DOMAIN'] || 'blindside-dev.com'
+else
+    Rails.application.config.session_store :cookie_store, key: '_greenlight-2_0_session'
+end

config/locales/en.yml

@@ -48,6 +48,12 @@ en:
         regular: Regular
         lighten: Lighten
         darken: Darken
+      recording_visibility:
+        public: Public
+        private: Private
+        info: Set the default recording visbility for new recordings
+        title: Recording Default Visibility
+        warning: This setting will only be applied to rooms that aren't running
       registration:
         info: Change the way that users register to the website
         title: Registration Method
@@ -73,6 +79,9 @@ en:
       registration_method_updated: Registration method successfully updated
       settings: Site Settings successfully changed
       unauthorized: You are not authorized to perform actions on this user
+    recordings:
+      title: Server Recordings
+      no_recordings: This server has no recordings.
     title: Organization Settings
     users:
       invite: Invite User
@@ -256,6 +265,8 @@ en:
   max_concurrent: The maximum number of concurrent sessions allowed has been reached!
   modal:
     create_room:
+      access_code: Access Code
+      access_code_placeholder: Generate an optional room access code
       auto_join: Automatically join me into the room
       create: Create Room
       free_delete: You will be free to delete this room at any time.
@@ -288,6 +299,7 @@ en:
       update: Update Room
       client: Select client type
       mute: Mute users when they join
+      start: Allow any user to start this meeting
       default: Default
       html: HTML5
       flash: Flash
@@ -359,19 +371,22 @@ en:
     confirm: New Password Confirmation
     update: Update Password
   roles:
-    administrator: Administrator
+    administrator: Admin
     banned: Banned
     pending: Pending
     super_admin: Super Admin
     user: User
   room:
+    access_code_required: Please enter a valid access code to join the room
     create_room: Create a Room
     create_room_error: There was an error creating the room
     create_room_success: Room created successfully
+    enter_the_access_code: Enter the room's access code
     invited: You have been invited to join
     invite_participants: Invite Participants
     join: Join
     last_session: Last session on %{session}
+    login: Login
     owner: Owner
     no_sessions: This room has no sessions, yet!
     recordings: Room Recordings

config/puma.rb

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
 # Puma can serve each request in a thread from an internal thread pool.
-# The `threads` method setting takes two numbers a minimum and maximum.
+# The `threads` method setting takes two numbers: a minimum and maximum.
 # Any libraries that use thread pools should be configured to match
 # the maximum value specified for Puma. Default is set to 5 threads for minimum
-# and maximum, this matches the default thread size of Active Record.
+# and maximum; this matches the default thread size of Active Record.
 #
-threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }.to_i
+threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
 threads threads_count, threads_count
 
-# Specifies the `port` that Puma will listen on to receive requests, default is 3000.
+# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
 #
 port        ENV.fetch("PORT") { 80 }
 
@@ -28,22 +28,9 @@ environment ENV.fetch("RAILS_ENV") { "development" }
 # Use the `preload_app!` method when specifying a `workers` number.
 # This directive tells Puma to first boot the application and load code
 # before forking the application. This takes advantage of Copy On Write
-# process behavior so workers use less memory. If you use this option
-# you need to make sure to reconnect any threads in the `on_worker_boot`
-# block.
+# process behavior so workers use less memory.
 #
 # preload_app!
 
-# The code in the `on_worker_boot` will be called if you are using
-# clustered mode by specifying a number of `workers`. After each worker
-# process is booted this block will be run, if you are using `preload_app!`
-# option you will want to use this block to reconnect to any threads
-# or connections that may have been created at application boot, Ruby
-# cannot share connections between processes.
-#
-# on_worker_boot do
-#   ActiveRecord::Base.establish_connection if defined?(ActiveRecord)
-# end
-
 # Allow puma to be restarted by `rails restart` command.
 plugin :tmp_restart

config/routes.rb

@@ -37,6 +37,8 @@ Rails.application.routes.draw do
   resources :admins, only: [:index]
 
   scope '/admins' do
+    get '/site_settings', to: 'admins#site_settings', as: :admin_site_settings
+    get '/recordings', to: 'admins#server_recordings', as: :admin_recordings
     post '/branding', to: 'admins#branding', as: :admin_branding
     post '/coloring', to: 'admins#coloring', as: :admin_coloring
     post '/room_authentication', to: 'admins#room_authentication', as: :admin_room_authentication
@@ -52,6 +54,7 @@ Rails.application.routes.draw do
     post '/registration_method/:method', to: 'admins#registration_method', as: :admin_change_registration
     post '/approve/:user_uid', to: 'admins#approve', as: :admin_approve
     post '/room_limit', to: 'admins#room_limit', as: :admin_room_limit
+    post '/default_recording_visibility', to: 'admins#default_recording_visibility', as: :admin_recording_visibility
   end
 
   scope '/themes' do
@@ -100,6 +103,7 @@ Rails.application.routes.draw do
     post '/update_settings', to: 'rooms#update_settings'
     post '/start', to: 'rooms#start', as: :start_room
     get '/logout', to: 'rooms#logout', as: :logout_room
+    post '/login', to: 'rooms#login', as: :login_room
   end
 
   # Recording operations routes

config/spring.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-%w(
+%w[
   .ruby-version
   .rbenv-vars
   tmp/restart.txt
   tmp/caching-dev.txt
-).each { |path| Spring.watch(path) }
+].each { |path| Spring.watch(path) }

config/storage.yml

@@ -0,0 +1,34 @@
+test:
+  service: Disk
+  root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+  service: Disk
+  root: <%= Rails.root.join("storage") %>
+
+# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+#   service: S3
+#   access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+#   secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+#   region: us-east-1
+#   bucket: your_own_bucket
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+#   service: GCS
+#   project: your_project
+#   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+#   bucket: your_own_bucket
+
+# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+#   service: AzureStorage
+#   storage_account_name: your_account_name
+#   storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+#   container: your_container_name
+
+# mirror:
+#   service: Mirror
+#   primary: local
+#   mirrors: [ amazon, google, microsoft ]