Merge pull request #7471 from bigbluebutton/revert-7384-mandatory-api-passwords

Revert "Create API returns now returns error when no passwords provided for meeting"
This commit is contained in:
Fred Dixon 2019-05-20 16:41:14 -04:00 committed by GitHub
commit 7ac14c9221
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 35 deletions

View File

@ -163,16 +163,6 @@ public class ParamsProcessorUtil {
} else {
errors.missingParamError(ApiParams.MEETING_ID);
}
// Check if moderator password was provided
if (StringUtils.isEmpty(params.get(ApiParams.MODERATOR_PW))) {
errors.missingParamError(ApiParams.MODERATOR_PW);
}
// Check if attendee password was provided
if (StringUtils.isEmpty(params.get(ApiParams.ATTENDEE_PW))) {
errors.missingParamError(ApiParams.ATTENDEE_PW);
}
}
public Map<String, Object> processUpdateCreateParams(Map<String, String> params) {
@ -328,8 +318,8 @@ public class ParamsProcessorUtil {
String externalMeetingId = params.get(ApiParams.MEETING_ID);
String viewerPass = params.get(ApiParams.ATTENDEE_PW);
String modPass = params.get(ApiParams.MODERATOR_PW);
String viewerPass = processPassword(params.get(ApiParams.ATTENDEE_PW));
String modPass = processPassword(params.get(ApiParams.MODERATOR_PW));
// Get the digits for voice conference for users joining through the
// phone.
@ -620,6 +610,10 @@ public class ParamsProcessorUtil {
return DigestUtils.sha1Hex(extMeetingId);
}
public String processPassword(String pass) {
return StringUtils.isEmpty(pass) ? RandomStringUtils.randomAlphanumeric(8) : pass;
}
public boolean hasChecksumAndQueryString(String checksum, String queryString) {
return (! StringUtils.isEmpty(checksum) && StringUtils.isEmpty(queryString));
}

View File

@ -109,28 +109,6 @@ class ApiController {
return
}
if (!StringUtils.isEmpty(params.moderatorPW)) {
params.moderatorPW = StringUtils.strip(params.moderatorPW);
if (StringUtils.isEmpty(params.moderatorPW)) {
invalid("missingParamModeratorPW", "You must specify a moderator password for the meeting.");
return
}
} else {
invalid("missingParamModeratorPW", "You must specify a moderator password for the meeting.");
return
}
if (!StringUtils.isEmpty(params.attendeePW)) {
params.attendeePW = StringUtils.strip(params.attendeePW);
if (StringUtils.isEmpty(params.attendeePW)) {
invalid("missingParamAttendeePW", "You must specify an attendee password for the meeting.");
return
}
} else {
invalid("missingParamAttendeePW", "You must specify an attendee password for the meeting.");
return
}
if (!paramsProcessorUtil.isChecksumSame(API_CALL, params.checksum, request.getQueryString())) {
invalid("checksumError", "You did not pass the checksum security check")
return
@ -165,7 +143,7 @@ class ApiController {
if (existing != null) {
log.debug "Existing conference found"
Map<String, Object> updateParams = paramsProcessorUtil.processUpdateCreateParams(params);
if (existing.getViewerPassword().equals(params.get(ApiParams.ATTENDEE_PW)) && existing.getModeratorPassword().equals(params.get(ApiParams.MODERATOR_PW))) {
if (existing.getViewerPassword().equals(params.get("attendeePW")) && existing.getModeratorPassword().equals(params.get("moderatorPW"))) {
//paramsProcessorUtil.updateMeeting(updateParams, existing);
// trying to create a conference a second time, return success, but give extra info
// Ignore pre-uploaded presentations. We only allow uploading of presentation once.