BigBlueButton/bigbluebutton-Github
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Create API returns now returns error when no passwords provided for meeting"

Browse Source
This commit is contained in:
Richard Alam 2019-05-20 16:39:45 -04:00 committed by GitHub
parent e80f9b6b25
commit 2e3350cc5c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
bbb-common-web/src/main/java/org/bigbluebutton/api/ParamsProcessorUtil.java
View File

@ -163,16 +163,6 @@ public class ParamsProcessorUtil {
} else {
errors.missingParamError(ApiParams.MEETING_ID);
}
// Check if moderator password was provided
if (StringUtils.isEmpty(params.get(ApiParams.MODERATOR_PW))) {
errors.missingParamError(ApiParams.MODERATOR_PW);
}
// Check if attendee password was provided
if (StringUtils.isEmpty(params.get(ApiParams.ATTENDEE_PW))) {
errors.missingParamError(ApiParams.ATTENDEE_PW);
}
}
public Map<String, Object> processUpdateCreateParams(Map<String, String> params) {
@ -328,8 +318,8 @@ public class ParamsProcessorUtil {
String externalMeetingId = params.get(ApiParams.MEETING_ID);
String viewerPass = params.get(ApiParams.ATTENDEE_PW);
String modPass = params.get(ApiParams.MODERATOR_PW);
String viewerPass = processPassword(params.get(ApiParams.ATTENDEE_PW));
String modPass = processPassword(params.get(ApiParams.MODERATOR_PW));
// Get the digits for voice conference for users joining through the
// phone.
@ -620,6 +610,10 @@ public class ParamsProcessorUtil {
return DigestUtils.sha1Hex(extMeetingId);
}
public String processPassword(String pass) {
return StringUtils.isEmpty(pass) ? RandomStringUtils.randomAlphanumeric(8) : pass;
}
public boolean hasChecksumAndQueryString(String checksum, String queryString) {
return (! StringUtils.isEmpty(checksum) && StringUtils.isEmpty(queryString));
}

24
bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy
View File

@ -109,28 +109,6 @@ class ApiController {
return
}
if (!StringUtils.isEmpty(params.moderatorPW)) {
params.moderatorPW = StringUtils.strip(params.moderatorPW);
if (StringUtils.isEmpty(params.moderatorPW)) {
invalid("missingParamModeratorPW", "You must specify a moderator password for the meeting.");
return
}
} else {
invalid("missingParamModeratorPW", "You must specify a moderator password for the meeting.");
return
}
if (!StringUtils.isEmpty(params.attendeePW)) {
params.attendeePW = StringUtils.strip(params.attendeePW);
if (StringUtils.isEmpty(params.attendeePW)) {
invalid("missingParamAttendeePW", "You must specify an attendee password for the meeting.");
return
}
} else {
invalid("missingParamAttendeePW", "You must specify an attendee password for the meeting.");
return
}
if (!paramsProcessorUtil.isChecksumSame(API_CALL, params.checksum, request.getQueryString())) {
invalid("checksumError", "You did not pass the checksum security check")
return
@ -165,7 +143,7 @@ class ApiController {
if (existing != null) {
log.debug "Existing conference found"
Map<String, Object> updateParams = paramsProcessorUtil.processUpdateCreateParams(params);
if (existing.getViewerPassword().equals(params.get(ApiParams.ATTENDEE_PW)) && existing.getModeratorPassword().equals(params.get(ApiParams.MODERATOR_PW))) {
if (existing.getViewerPassword().equals(params.get("attendeePW")) && existing.getModeratorPassword().equals(params.get("moderatorPW"))) {
//paramsProcessorUtil.updateMeeting(updateParams, existing);
// trying to create a conference a second time, return success, but give extra info
// Ignore pre-uploaded presentations. We only allow uploading of presentation once.