GRN2-128: Fixed issue with manage rooms permissions (bigbluebutton#929)

* Fixed issue with manage rooms permissions * Improved server rooms efficiency
skybox211 · Feb 12, 2020 · 397b4b7 · 397b4b7
1 parent 967130e
commit 397b4b7
Show file tree

Hide file tree

Showing 6 changed files with 51 additions and 42 deletions.
diff --git a/app/controllers/admins_controller.rb b/app/controllers/admins_controller.rb
@@ -41,7 +41,7 @@ def index
     @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
     @tab = params[:tab] || "active"
 
-    @pagy, @users = pagy(user_list)
+    @pagy, @users = pagy(manage_users_list)
   end
 
   # GET /admins/site_settings
@@ -64,11 +64,11 @@ def server_rooms
     @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
     @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
 
-    server_rooms = server_rooms_list
+    @running_room_bbb_ids = all_running_meetings[:meetings].pluck(:meetingID)
 
     @user_list = shared_user_list if shared_access_allowed
 
-    @pagy, @rooms = pagy_array(server_rooms)
+    @pagy, @rooms = pagy_array(server_rooms_list)
   end
 
   # MANAGE USERS
@@ -254,37 +254,6 @@ def verify_admin_of_user
       flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
   end
 
-  # Gets the list of users based on your configuration
-  def user_list
-    current_role = @role
-
-    initial_user = case @tab
-      when "active"
-        User.without_role(:pending).without_role(:denied)
-      when "deleted"
-        User.deleted
-      else
-        User
-    end
-
-    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
-
-    initial_list = if current_user.has_role? :super_admin
-      initial_user.where.not(id: current_user.id)
-    else
-      initial_user.without_role(:super_admin).where.not(id: current_user.id)
-    end
-
-    if Rails.configuration.loadbalanced_configuration
-      initial_list.where(provider: @user_domain)
-                  .admins_search(@search, current_role)
-                  .admins_order(@order_column, @order_direction)
-    else
-      initial_list.admins_search(@search, current_role)
-                  .admins_order(@order_column, @order_direction)
-    end
-  end
-
   # Creates the invite if it doesn't exist, or updates the updated_at time if it does
   def create_or_update_invite(email)
     invite = Invitation.find_by(email: email, provider: @user_domain)
@@ -300,10 +269,4 @@ def create_or_update_invite(email)
 
     invite
   end
-
-  # Get the room status to display in the Server Rooms table
-  def room_is_running(id)
-    room_running?(id)
-  end
-  helper_method :room_is_running
 end
diff --git a/app/controllers/concerns/bbb_server.rb b/app/controllers/concerns/bbb_server.rb
@@ -29,6 +29,11 @@ def room_running?(bbb_id)
     bbb_server.is_meeting_running?(bbb_id)
   end
 
+  # Returns a list of all running meetings
+  def all_running_meetings
+    bbb_server.get_meetings
+  end
+
   def get_recordings(meeting_id)
     bbb_server.get_recordings(meetingID: meeting_id)
   end

diff --git a/app/controllers/concerns/populator.rb b/app/controllers/concerns/populator.rb
@@ -19,6 +19,37 @@
 module Populator
   extend ActiveSupport::Concern
 
+  # Returns a list of users that are in the same context of the current user
+  def manage_users_list
+    current_role = @role
+
+    initial_user = case @tab
+      when "active"
+        User.without_role(:pending).without_role(:denied)
+      when "deleted"
+        User.deleted
+      else
+        User
+    end
+
+    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
+
+    initial_list = if current_user.has_role? :super_admin
+      initial_user.where.not(id: current_user.id)
+    else
+      initial_user.without_role(:super_admin).where.not(id: current_user.id)
+    end
+
+    if Rails.configuration.loadbalanced_configuration
+      initial_list.where(provider: @user_domain)
+                  .admins_search(@search, current_role)
+                  .admins_order(@order_column, @order_direction)
+    else
+      initial_list.admins_search(@search, current_role)
+                  .admins_order(@order_column, @order_direction)
+    end
+  end
+
   # Returns a list of rooms that are in the same context of the current user
   def server_rooms_list
     if Rails.configuration.loadbalanced_configuration

diff --git a/app/helpers/admins_helper.rb b/app/helpers/admins_helper.rb
@@ -71,4 +71,9 @@ def room_limit_number
   def edit_disabled
     @edit_disabled ||= @selected_role.priority <= current_user.highest_priority_role.priority
   end
+
+  # Get the room status to display in the Server Rooms table
+  def room_is_running(id)
+    @running_room_bbb_ids.include?(id)
+  end
 end
diff --git a/app/models/role.rb b/app/models/role.rb
@@ -35,14 +35,15 @@ def self.create_default_roles(provider)
         .update_all_role_permissions(can_create_rooms: true)
     Role.create(name: "admin", provider: provider, priority: 0, colour: "#f1c40f")
         .update_all_role_permissions(can_create_rooms: true, send_promoted_email: true,
-      send_demoted_email: true, can_edit_site_settings: true,
+      send_demoted_email: true, can_edit_site_settings: true, can_manage_rooms_recordings: true,
       can_edit_roles: true, can_manage_users: true)
     Role.create(name: "pending", provider: provider, priority: -1, colour: "#17a2b8").update_all_role_permissions
     Role.create(name: "denied", provider: provider, priority: -1, colour: "#343a40").update_all_role_permissions
     Role.create(name: "super_admin", provider: provider, priority: -2, colour: "#cd201f")
         .update_all_role_permissions(can_create_rooms: true,
       send_promoted_email: true, send_demoted_email: true, can_edit_site_settings: true,
-      can_edit_roles: true, can_manage_users: true, can_appear_in_share_list: true)
+      can_edit_roles: true, can_manage_users: true, can_manage_rooms_recordings: true,
+      can_appear_in_share_list: true)
   end
 
   def self.create_new_role(role_name, provider)
@@ -74,6 +75,9 @@ def update_all_role_permissions(permissions = {})
 
   # Updates the value of the permission and enables it
   def update_permission(name, value)
+    # Dont update if it is not explicitly set to a value
+    return unless value.present?
+
     permission = role_permissions.find_or_create_by!(name: name)
 
     permission.update_attributes(value: value, enabled: true)

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -95,6 +95,7 @@ en:
       title: Server Recordings
       no_recordings: This server has no recordings.
     roles:
+      appear_in_share_list: Include users with this role in the dropdown for sharing rooms
       can_create_rooms: Can create rooms
       delete: Delete the role
       invalid_create: There was a problem creating a new role. Please check the role values and try again