bigbluebutton-Github/bigbluebutton-html5/app/server/user_permissions.coffee

122 lines
4.0 KiB
CoffeeScript
Raw Normal View History

2015-05-07 00:46:32 +08:00
presenter =
switchSlide: true
#poll
subscribePoll: true
subscribeAnswers: true
2015-07-28 07:35:27 +08:00
# holds the values for whether the moderator user is allowed to perform an action (true)
# or false if not allowed. Some actions have dynamic values depending on the current lock settings
moderator =
# audio listen only
joinListenOnly: true
leaveListenOnly: true
2015-04-23 23:46:52 +08:00
# join audio with mic cannot be controlled on the server side as it is
# a client side only functionality
# raising/lowering hand
raiseOwnHand : true
lowerOwnHand : true
# muting
muteSelf : true
unmuteSelf : true
logoutSelf : true
#subscribing
subscribeUsers: true
subscribeChat: true
#chat
2015-04-02 23:22:08 +08:00
chatPublic: true
chatPrivate: true
#poll
subscribePoll: true
subscribeAnswers: false
2015-04-02 23:22:08 +08:00
# holds the values for whether the viewer user is allowed to perform an action (true)
# or false if not allowed. Some actions have dynamic values depending on the current lock settings
2015-03-31 06:48:25 +08:00
viewer = (meetingId, userId) ->
# listen only
joinListenOnly: true
leaveListenOnly: true
2015-04-23 23:46:52 +08:00
# join audio with mic cannot be controlled on the server side as it is
# a client side only functionality
# raising/lowering hand
raiseOwnHand : true
lowerOwnHand : true
# muting
muteSelf : true
unmuteSelf : !(Meteor.Meetings.findOne({meetingId:meetingId})?.roomLockSettings.disableMic) or
!(Meteor.Users.findOne({meetingId:meetingId, userId:userId})?.user.locked)
2014-11-19 06:03:13 +08:00
logoutSelf : true
2014-11-21 07:35:30 +08:00
#subscribing
subscribeUsers: true
subscribeChat: true
#chat
2015-03-31 06:48:25 +08:00
chatPublic: !(Meteor.Meetings.findOne({meetingId:meetingId})?.roomLockSettings.disablePubChat) or
!(Meteor.Users.findOne({meetingId:meetingId, userId:userId})?.user.locked) or
Meteor.Users.findOne({meetingId:meetingId, userId:userId})?.user.presenter
2015-03-31 06:48:25 +08:00
chatPrivate: !(Meteor.Meetings.findOne({meetingId:meetingId})?.roomLockSettings.disablePrivChat) or
!(Meteor.Users.findOne({meetingId:meetingId, userId:userId})?.user.locked) or
Meteor.Users.findOne({meetingId:meetingId, userId:userId})?.user.presenter
2015-08-17 06:19:43 +08:00
#poll
subscribePoll: true
subscribeAnswers: false
2015-04-02 23:22:08 +08:00
# carries out the decision making for actions affecting users. For the list of
# actions and the default value - see 'viewer' and 'moderator' in the beginning of the file
@isAllowedTo = (action, meetingId, userId, authToken) ->
2015-03-31 06:48:25 +08:00
validated = Meteor.Users.findOne({meetingId:meetingId, userId: userId})?.validated
Meteor.log.info "in isAllowedTo: action-#{action}, userId=#{userId}, authToken=#{authToken} validated:#{validated}"
user = Meteor.Users.findOne({meetingId:meetingId, userId: userId})
2015-05-07 00:46:32 +08:00
Meteor.log.info "user=" + JSON.stringify user
if user? and authToken is user.authToken # check if the user is who he claims to be
if user.validated and user.clientType is "HTML5"
2015-05-07 00:46:32 +08:00
# PRESENTER
# check presenter specific actions or fallback to regular viewer actions
if user.user?.presenter
Meteor.log.info "user permissions presenter case"
return presenter[action] or viewer(meetingId, userId)[action] or false
# VIEWER
else if user.user?.role is 'VIEWER'
Meteor.log.info "user permissions viewer case"
2015-04-01 01:25:05 +08:00
return viewer(meetingId, userId)[action] or false
2015-05-07 00:46:32 +08:00
# MODERATOR
else if user.user?.role is 'MODERATOR'
Meteor.log.info "user permissions moderator case"
return moderator[action] or false
else
Meteor.log.warn "UNSUCCESSFULL ATTEMPT FROM userid=#{userId} to perform:#{action}"
return false
else
# user was not validated
if action is "logoutSelf"
# on unsuccessful sign-in
Meteor.log.warn "a user was successfully removed from the meeting following an unsuccessful login"
return true
return false
else
Meteor.log.error "in meetingId=#{meetingId} userId=#{userId} tried to perform #{action} without permission" +
"\n..while the authToken was #{user?.authToken} and the user's object is #{JSON.stringify user}"
return false