Merge branch 'issue-4812' of github.com:oswaldoacauan/bigbluebutton into html5-on-2.1-take-2
This commit is contained in:
Anton Georgiev
commit
cf921edd8b
@ -69,9 +69,7 @@ export default function handleValidateAuthToken({ body }, meetingId) {
|
||||
addWelcomeChatMessage(meetingId, userId);
|
||||
}
|
||||
|
||||
return Logger.info(`Validated auth token as ${valid
|
||||
}${+' user='}${userId} meeting=${meetingId}`,
|
||||
);
|
||||
return Logger.info(`Validated auth token as ${valid} user=${userId} meeting=${meetingId}`);
|
||||
}
|
||||
|
||||
return Logger.info('No auth to validate');
|
||||
|
||||
@ -27,10 +27,8 @@ export default function createDummyUser(meetingId, userId, authToken) {
|
||||
return;
|
||||
}
|
||||
if (numChanged) {
|
||||
Logger.info(`Created dummy user 2x id=${userId} token=${authToken} meeting=${meetingId}`);
|
||||
Logger.info(`Created dummy user id=${userId} token=${authToken} meeting=${meetingId}`);
|
||||
}
|
||||
|
||||
Logger.info(`Created dummy user id=${userId} token=${authToken} meeting=${meetingId}`);
|
||||
};
|
||||
|
||||
return Users.insert(doc, cb);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
import React, { Component } from 'react';
|
||||
import { createContainer } from 'meteor/react-meteor-data';
|
||||
import { withRouter } from 'react-router';
|
||||
import PropTypes from 'prop-types';
|
||||
import Auth from '/imports/ui/services/auth';
|
||||
import AppContainer from '/imports/ui/components/app/container';
|
||||
@ -86,22 +87,29 @@ const SUBSCRIPTIONS_NAME = [
|
||||
'slides', 'captions', 'breakouts', 'voiceUsers', 'whiteboard-multi-user',
|
||||
];
|
||||
|
||||
const BaseContainer = createContainer(({ params }) => {
|
||||
const BaseContainer = withRouter(createContainer(({ params, router }) => {
|
||||
if (params.errorCode) return params;
|
||||
|
||||
if (!Auth.loggedIn) {
|
||||
return {
|
||||
errorCode: 401,
|
||||
error: 'You are unauthorized to access this meeting',
|
||||
};
|
||||
return router.push('/logout');
|
||||
}
|
||||
|
||||
const credentials = Auth.credentials;
|
||||
const subscriptionsHandlers = SUBSCRIPTIONS_NAME.map(name => Meteor.subscribe(name, credentials));
|
||||
const { credentials } = Auth;
|
||||
|
||||
const subscriptionErrorHandler = {
|
||||
onError: (error) => {
|
||||
console.error(error);
|
||||
return router.push('/logout');
|
||||
},
|
||||
};
|
||||
|
||||
const subscriptionsHandlers = SUBSCRIPTIONS_NAME.map(name =>
|
||||
Meteor.subscribe(name, credentials, subscriptionErrorHandler));
|
||||
|
||||
return {
|
||||
locale: Settings.application.locale,
|
||||
subscriptionsReady: subscriptionsHandlers.every(handler => handler.ready()),
|
||||
};
|
||||
}, Base);
|
||||
}, Base));
|
||||
|
||||
export default BaseContainer;
|
||||
|
||||
@ -1,13 +1,14 @@
|
||||
import Acl from '/imports/startup/acl';
|
||||
import { Meteor } from 'meteor/meteor';
|
||||
import Logger from '/imports/startup/server/logger';
|
||||
|
||||
const injectAclActionCheck = (name, handler) => (
|
||||
(...args) => {
|
||||
const credentials = args[0];
|
||||
if (!Acl.can(name, credentials)) {
|
||||
throw new Meteor.Error('acl-not-allowed',
|
||||
`The user can't perform the action "${name}".`);
|
||||
throw new Meteor.Error(
|
||||
'acl-not-allowed',
|
||||
`The user can't perform the action "${name}".`,
|
||||
);
|
||||
}
|
||||
|
||||
return handler(...args);
|
||||
@ -18,8 +19,10 @@ const injectAclSubscribeCheck = (name, handler) => (
|
||||
(...args) => {
|
||||
const credentials = args[args.length - 1];
|
||||
if (!Acl.can(name, ...credentials)) {
|
||||
Logger.error(`acl-not-allowed, the user can't perform the subscription "${name}".`);
|
||||
return [];
|
||||
throw new Meteor.Error(
|
||||
'acl-not-allowed',
|
||||
`The user can't perform the subscription "${name}".`,
|
||||
);
|
||||
}
|
||||
|
||||
return handler(...credentials);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
|
||||
/* eslint prefer-promise-reject-errors: 0 */
|
||||
import { Tracker } from 'meteor/tracker';
|
||||
|
||||
import Storage from '/imports/ui/services/storage/session';
|
||||
@ -134,78 +134,46 @@ class Auth {
|
||||
authenticate(force) {
|
||||
if (this.loggedIn && !force) return Promise.resolve();
|
||||
|
||||
return this._subscribeToCurrentUser()
|
||||
.then(this._addObserverToValidatedField.bind(this));
|
||||
}
|
||||
|
||||
_subscribeToCurrentUser() {
|
||||
const credentials = this.credentials;
|
||||
|
||||
return new Promise((resolve, reject) => {
|
||||
Tracker.autorun((c) => {
|
||||
if (!(credentials.meetingId && credentials.requesterToken && credentials.requesterUserId)) {
|
||||
reject({
|
||||
error: 500,
|
||||
description: 'Authentication subscription failed due to missing credentials.',
|
||||
});
|
||||
}
|
||||
|
||||
setTimeout(() => {
|
||||
c.stop();
|
||||
reject({
|
||||
error: 500,
|
||||
description: 'Authentication subscription timeout.',
|
||||
});
|
||||
}, 5000);
|
||||
|
||||
const subscription = Meteor.subscribe('current-user', credentials);
|
||||
if (!subscription.ready()) return;
|
||||
|
||||
resolve(c);
|
||||
if (!(this.meetingID && this.userID && this.token)) {
|
||||
return Promise.reject({
|
||||
error: 401,
|
||||
description: 'Authentication failed due to missing credentials.',
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
return this.validateAuthToken();
|
||||
}
|
||||
|
||||
_addObserverToValidatedField(prevComp) {
|
||||
validateAuthToken() {
|
||||
return new Promise((resolve, reject) => {
|
||||
let computation = null;
|
||||
|
||||
const validationTimeout = setTimeout(() => {
|
||||
clearTimeout(validationTimeout);
|
||||
prevComp.stop();
|
||||
this.clearCredentials();
|
||||
computation.stop();
|
||||
reject({
|
||||
error: 500,
|
||||
error: 401,
|
||||
description: 'Authentication timeout.',
|
||||
});
|
||||
}, CONNECTION_TIMEOUT);
|
||||
|
||||
const didValidate = () => {
|
||||
this.loggedIn = true;
|
||||
clearTimeout(validationTimeout);
|
||||
prevComp.stop();
|
||||
resolve();
|
||||
};
|
||||
|
||||
Tracker.autorun((c) => {
|
||||
computation = c;
|
||||
const subscription = Meteor.subscribe('current-user', this.credentials);
|
||||
|
||||
if (!subscription.ready()) return;
|
||||
|
||||
const selector = { meetingId: this.meetingID, userId: this.userID };
|
||||
const query = Users.find(selector);
|
||||
const User = Users.findOne(selector);
|
||||
|
||||
query.observeChanges({
|
||||
changed: (id, fields) => {
|
||||
if (fields.validated === true) {
|
||||
c.stop();
|
||||
didValidate();
|
||||
}
|
||||
// Skip in case the user is not in the collection yet or is a dummy user
|
||||
if (!User || !('intId' in User)) return;
|
||||
|
||||
if (fields.validated === false) {
|
||||
c.stop();
|
||||
this.clearCredentials();
|
||||
reject({
|
||||
error: 401,
|
||||
description: 'Authentication failed.',
|
||||
});
|
||||
}
|
||||
},
|
||||
});
|
||||
if (User.validated === true) {
|
||||
computation.stop();
|
||||
clearTimeout(validationTimeout);
|
||||
this.loggedIn = true;
|
||||
resolve();
|
||||
}
|
||||
});
|
||||
|
||||
makeCall('validateAuthToken');
|
||||
|
||||
Loading…
Reference in New Issue
Block a user