Restrict supported HTTP method types on endpoints

This commit is contained in:
Paul Trudel 2024-05-07 20:34:20 +00:00
parent 7d2dcb0434
commit abeb140874
2 changed files with 42 additions and 1 deletions

View File

@ -63,10 +63,26 @@ class UrlMappings {
action = [GET: 'downloadFile'] action = [GET: 'downloadFile']
} }
"/bigbluebutton/api/create"(controller: "api") {
action = [GET: 'create', POST: 'create']
}
"/bigbluebutton/api/join"(controller: "api") { "/bigbluebutton/api/join"(controller: "api") {
action = [GET: 'join'] action = [GET: 'join']
} }
"/bigbluebutton/api/isMeetingRunning"(controller: "api") {
action = [GET: 'isMeetingRunning', POST: 'isMeetingRunning']
}
"/bigbluebutton/api/end"(controller: "api") {
action = [GET: 'end', POST: 'end']
}
"/bigbluebutton/api/getMeetingInfo"(controller: "api") {
action = [GET: 'getMeetingInfo', POST: 'getMeetingInfo']
}
"/bigbluebutton/api/getMeetings"(controller: "api") { "/bigbluebutton/api/getMeetings"(controller: "api") {
action = [GET: 'getMeetingsHandler', POST: 'getMeetingsHandler'] action = [GET: 'getMeetingsHandler', POST: 'getMeetingsHandler']
} }
@ -75,6 +91,30 @@ class UrlMappings {
action = [GET: 'getSessionsHandler', POST: 'getSessionsHandler'] action = [GET: 'getSessionsHandler', POST: 'getSessionsHandler']
} }
"/bigbluebutton/api/enter"(controller: "api") {
action = [GET: 'enter', POST: 'enter']
}
"/bigbluebutton/api/stuns"(controller: "api") {
action = [GET: 'stuns', POST: 'stuns']
}
"/bigbluebutton/api/signOut"(controller: "api") {
action = [GET: 'signOut', POST: 'signOut']
}
"/bigbluebutton/api/insertDocument"(controller: "api") {
action = [GET: 'insertDocument', POST: 'insertDocument']
}
"/bigbluebutton/api/getJoinUrl"(controller: "api") {
action = [GET: 'getJoinUrl', POST: 'getJoinUrl']
}
"/bigbluebutton/api/learningDashboard"(controller: "api") {
action = [GET: 'learningDashboard', POST: 'learningDashboard']
}
"/bigbluebutton/api/getRecordings"(controller: "recording") { "/bigbluebutton/api/getRecordings"(controller: "recording") {
action = [GET: 'getRecordingsHandler', POST: 'getRecordingsHandler'] action = [GET: 'getRecordingsHandler', POST: 'getRecordingsHandler']
} }

View File

@ -643,7 +643,8 @@ class ApiController {
return return
} }
Meeting meeting = ServiceUtils.findMeetingFromMeetingID(params.meetingID); String meetingId = params.list("meetingID")[0]
Meeting meeting = ServiceUtils.findMeetingFromMeetingID(meetingId);
withFormat { withFormat {
xml { xml {