bigbluebutton-Github/bigbluebutton-html5/imports/api/chat/server/methods/sendChatMessagetoServer.js

import { publish } from '/imports/startup/server/helpers';
import { isAllowedTo } from '/imports/startup/server/userPermissions';
import { appendMessageHeader } from '/imports/startup/server/helpers';
import { translateHTML5ToFlash } from '/imports/startup/server/helpers';
import { logger } from '/imports/startup/server/logger';
import { redisConfig } from '/config';

import RegexWebUrl from '/imports/utils/regex-weburl';

const HTML_SAFE_MAP = {
  '<': '&lt;',
  '>': '&gt;',
  '"': '&quot;',
  "'": '&#39;',
};

const parseMessage = (message) => {
  message = message || '';

  message = message.trim();

  // Sanitize. See: http://shebang.brandonmintern.com/foolproof-html-escaping-in-javascript/
  console.log('antes', message);

  message = message.replace(/[<>'"]/g, (c) => HTML_SAFE_MAP[c]);

  console.log('depois', message);

  // Replace flash links to flash valid ones
  message = message.replace(RegexWebUrl, "<a href='event:$&'><u>$&</u></a>");

  return message;
};

Meteor.methods({
  // meetingId: the id of the meeting
  // chatObject: the object including info on the chat message, including the text
  // requesterUserId: the userId of the user sending chat
  // requesterToken: the authToken of the requester
  sendChatMessagetoServer(credentials, chatObject) {
    const { meetingId, requesterUserId, requesterToken } = credentials;

    let message;
    const chatType = chatObject.chat_type;
    const recipient = chatObject.to_userid;
    let eventName = null;
    const action = function () {
      if (chatType === 'PUBLIC_CHAT') {
        eventName = 'send_public_chat_message';
        return 'chatPublic';
      } else {
        eventName = 'send_private_chat_message';
        if (recipient === requesterUserId) {
          return 'chatSelf'; //not allowed
        } else {
          return 'chatPrivate';
        }
      }
    };

    if (isAllowedTo(action(), credentials) && chatObject.from_userid === requesterUserId) {
      chatObject.message = parseMessage(chatObject.message);
      let message = {
        payload: {
          message: chatObject,
          meeting_id: meetingId,
          requester_id: chatObject.from_userid,
        },
      };
      message = appendMessageHeader(eventName, message);
      logger.info('publishing chat to redis');
      publish(redisConfig.channels.toBBBApps.chat, message);
    }
  },
});
extract event handlers from redispubsub. rename to camelCase 2016-05-05 04:25:34 +08:00			`import { publish } from '/imports/startup/server/helpers';`
			`import { isAllowedTo } from '/imports/startup/server/userPermissions';`
move files to imports 2016-05-05 02:29:43 +08:00			`import { appendMessageHeader } from '/imports/startup/server/helpers';`
restructure modifiers and methods 2016-05-13 01:43:59 +08:00			`import { translateHTML5ToFlash } from '/imports/startup/server/helpers';`
move files to imports 2016-05-05 02:29:43 +08:00			`import { logger } from '/imports/startup/server/logger';`
move the redis configs outside the Meteor obj 2016-04-29 06:01:43 +08:00			`import { redisConfig } from '/config';`
working on modules/removing global vars 2016-04-28 05:04:15 +08:00
Add chat send message functionality 2016-06-03 02:40:27 +08:00			`import RegexWebUrl from '/imports/utils/regex-weburl';`

Sanitize chat messages client and server-side 2016-06-03 03:08:17 +08:00			`const HTML_SAFE_MAP = {`
			`'<': '<',`
			`'>': '>',`
			`'"': '"',`
			`"'": ''',`
			`};`

			`const parseMessage = (message) => {`
			`message = message \|\| '';`

			`message = message.trim();`

			`// Sanitize. See: http://shebang.brandonmintern.com/foolproof-html-escaping-in-javascript/`
			`console.log('antes', message);`

			`message = message.replace(/[<>'"]/g, (c) => HTML_SAFE_MAP[c]);`

			`console.log('depois', message);`

			`// Replace flash links to flash valid ones`
			`message = message.replace(RegexWebUrl, "<a href='event:$&'><u>$&</u></a>");`

			`return message;`
			`};`

extract out meteor methods 2016-04-20 01:43:31 +08:00			`Meteor.methods({`
linting 2016-05-05 05:49:01 +08:00			`// meetingId: the id of the meeting`
extract out meteor methods 2016-04-20 01:43:31 +08:00			`// chatObject: the object including info on the chat message, including the text`
			`// requesterUserId: the userId of the user sending chat`
			`// requesterToken: the authToken of the requester`
Changes credential passing to 1 object 2016-05-17 02:12:27 +08:00			`sendChatMessagetoServer(credentials, chatObject) {`
			`const { meetingId, requesterUserId, requesterToken } = credentials;`

Merge branch 'join-components-with-skeleton' of github.com:perroned/bigbluebutton into router-merging Conflicts: bigbluebutton-html5/imports/api/chat/server/methods/sendChatMessagetoServer.js bigbluebutton-html5/imports/api/meetings/server/modifiers/addMeetingToCollection.js bigbluebutton-html5/imports/api/polls/server/methods/publishVoteMessage.js bigbluebutton-html5/imports/api/slides/server/modifiers/clearSlidesCollection.js bigbluebutton-html5/imports/api/users/server/methods/muteUser.js bigbluebutton-html5/imports/api/users/server/methods/setUserPresenter.js bigbluebutton-html5/imports/api/users/server/methods/unmuteUser.js bigbluebutton-html5/imports/api/users/server/methods/userSetEmoji.js bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js bigbluebutton-html5/imports/startup/server/eventHandlers.js bigbluebutton-html5/imports/ui/components/app/AppService.js 2016-05-17 03:54:51 +08:00			`let message;`
lint mostly 2016-05-16 22:35:59 +08:00			`const chatType = chatObject.chat_type;`
			`const recipient = chatObject.to_userid;`
			`let eventName = null;`
			`const action = function () {`
extract out meteor methods 2016-04-20 01:43:31 +08:00			`if (chatType === 'PUBLIC_CHAT') {`
			`eventName = 'send_public_chat_message';`
			`return 'chatPublic';`
			`} else {`
			`eventName = 'send_private_chat_message';`
			`if (recipient === requesterUserId) {`
			`return 'chatSelf'; //not allowed`
			`} else {`
			`return 'chatPrivate';`
			`}`
			`}`
			`};`

Changes credential passing to 1 object 2016-05-17 02:12:27 +08:00			`if (isAllowedTo(action(), credentials) && chatObject.from_userid === requesterUserId) {`
Add chat send message functionality 2016-06-03 02:40:27 +08:00			`chatObject.message = parseMessage(chatObject.message);`
lint mostly 2016-05-16 22:35:59 +08:00			`let message = {`
extract out meteor methods 2016-04-20 01:43:31 +08:00			`payload: {`
			`message: chatObject,`
			`meeting_id: meetingId,`
			`requester_id: chatObject.from_userid,`
			`},`
			`};`
reuse header creation 2016-04-20 05:16:32 +08:00			`message = appendMessageHeader(eventName, message);`
move log out of Meteor 2016-04-29 05:37:15 +08:00			`logger.info('publishing chat to redis');`
move the redis configs outside the Meteor obj 2016-04-29 06:01:43 +08:00			`publish(redisConfig.channels.toBBBApps.chat, message);`
extract out meteor methods 2016-04-20 01:43:31 +08:00			`}`
linting 2016-05-05 05:49:01 +08:00			`},`
extract out meteor methods 2016-04-20 01:43:31 +08:00			`});`