Commit Graph

596 Commits

Author SHA1 Message Date
Anton Georgiev
59fc722529 Merge branch 'v2.3.x-release' of github.com:bigbluebutton/bigbluebutton into merge-23-24 2021-10-05 17:14:46 +00:00
Pedro Beschorner Marin
c43ca7a22d fix(guests): max participants
Waiting users shouldn't count as valid participants at the meeting's
`maxParticipants` constraint.

Avoid calling `enter` at the waiting page.

Reference https://github.com/bigbluebutton/bigbluebutton/pull/10542
2021-09-28 08:31:18 -03:00
paultrudel
39aaa52b25 Move max participant check back to Api
Controller
2021-09-01 15:50:45 -04:00
paultrudel
2af81a3a9e fixed issue with guests not joining meeting after being approved 2021-07-30 15:57:30 -04:00
Anton Georgiev
1abedcc698
Merge pull request #12789 from jfsiebel/implement-default-layout-config
Allow default layout config in bbb-web
2021-07-21 16:11:08 -04:00
paultrudel
0d526845cb removed 'Validation Error' from client error message 2021-07-19 15:07:07 -04:00
Joao Siebel
8462465a5f Allow default layout config in bbb-web. close #12668 2021-07-19 11:02:58 -03:00
paultrudel
fe9d356230 changed validation error message 2021-07-14 14:16:32 -04:00
paultrudel
e5f13e7916 added postman test scripts to test to the functionality of the bbb-web api 2021-07-12 11:24:09 -04:00
paultrudel
078a369b68 Minor bug fixes to validation in some validators 2021-06-30 13:21:28 -04:00
paultrudel
f74ea387d7 updates to validation on all api endpoints 2021-06-30 10:17:08 -04:00
paultrudel
1191713b48 fixed merge conflicts 2021-06-24 10:03:02 -04:00
paultrudel
a2cd27c1f9 merge with update-api-create-join-validation 2021-06-24 09:32:23 -04:00
paultrudel
1cdfbbd08a updated validation for bbb-web api create/join 2021-06-23 11:17:35 -04:00
Joao Siebel
f16700a8c4 Allow tags in meeting and user name. close #10221 close #12370 2021-05-31 09:59:15 -03:00
Anton Georgiev
5c94eb846d refactor: Isolate recording apis into RecordingController 2021-05-27 16:02:17 +00:00
Anton Georgiev
ced0cc0b26 removed configXML from bbb-web 2021-05-22 16:13:29 +00:00
Gustavo Trott
5e0ccf47b2 Removes support of configToken param 2021-05-20 16:31:38 -03:00
Gustavo Trott
14301b27ea Makes bbb-web return code 403 when uploaded file exceeds limit 2021-04-13 16:54:17 -03:00
Gustavo Trott
28555ed33d Sends error code 413 to Upload request when file is too large 2021-04-09 15:41:19 -03:00
Gustavo Trott
3d1575e635 Send pubSub FileTooLarge Error Msg from bbb-web when file is too large, (and makes Akka send meetingId with presentation token msg) 2021-04-08 14:18:15 -03:00
Pedro Beschorner Marin
beb694c74a Improve guest lobby feedback
Included a message and a redirect for the cases where the guest is
not allowed to join or the meeting has expired/ended.
2021-03-29 22:17:59 -03:00
Pedro Beschorner Marin
0365018e92 Add guest lobby messages
Moderators are able to send a message to the meeting's guest lobby. This new
event reaches bbb-web and is sent to the guest user with her/his status response
while polling. All guest users that are waiting for acceptance will be able to
read this message.

enableGuestLobbyMessage is disabled by default.
2021-03-09 11:02:25 -03:00
Anton Georgiev
228bad03d5 Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into march4-merge 2021-03-04 21:25:47 +00:00
Anton Georgiev
eba2d0ab58
Merge pull request #11535 from pedrobmarin/etherpad-patch
Rework padIds and turn bbb-web pad aware
2021-03-02 14:48:34 -05:00
Anton Georgiev
55e8de4357 Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into feb18-merge 2021-02-18 20:33:19 +00:00
Anton Georgiev
f43560d535 Support for backend vs frontend nodejs instances bbb-html5 2021-02-16 03:19:31 +00:00
Pedro Beschorner Marin
09b39a8d63 Add extra pad validation
Associate pads with meetings so session validation is restricted to the
meeting's valid session tokens.

Meteor will dispatch new redis events on shared notes and closed captions
pads creation. This event will go through apps and reach web to populate
a new meeting's pad collection that contains all valid pad id's for that
session. Nginx will use this collection to check if the user's session token
belongs to the pad's authorized users.

Besides these modifications, an extra change will be needed at notes.nginx.
Location /pad/p/ needs to change it's auth_request:

from /bigbluebutton/connection/checkAuthorization;
to /bigbluebutton/connection/validatePad;
2021-02-10 13:37:04 -03:00
Ghazi Triki
5f683809cd Make sure checksum validation is done first in join API and display an error without redirection in failure case. 2021-02-09 19:03:54 +01:00
Anton Georgiev
3135c6bb22 Handle guestWait url for multiple nodejs instanceIds 2021-01-05 15:38:21 +00:00
Anton Georgiev
55fe528e35 Change bigbluebutton.properties client url param 2020-12-16 15:49:20 +00:00
Anton Georgiev
8b65f9e15b Set bbb-html5 loadbalancing to be round robin 2020-12-15 01:55:57 +00:00
Anton Georgiev
0be8773e4c Loadbalance bbb-html5 in bbb-web based on CPU 2020-12-11 21:36:06 +00:00
Anton Georgiev
418fdb1a31 remove obsolete attendeesJoinViaHTML5Client moderatorsJoinViaHTML5Client 2020-12-09 19:11:50 +00:00
basisbit
34ad640ea7 Fix voice bridge compare
Cherry-picked https://github.com/bigbluebutton/bigbluebutton/pull/9855

Co-Authored-By: Pedro Beschorner Marin <pedrobmarin@gmail.com>
2020-12-09 14:55:47 +01:00
basisbit
7ba6bd9f7a Fix voiceBridge collision
Cherry-picked the commits from https://github.com/bigbluebutton/bigbluebutton/pull/9251
The added code checks if a meetingID is unique and makes sure no two meetings use the same VoiceBridge. Also see Issue # 9024
2020-12-09 13:58:26 +01:00
Anton Georgiev
3faabd1821 Merge 2.2.29 and 2.2.30 into 2.3.x 2020-11-24 15:13:09 +00:00
Anton Georgiev
23f2df11d5 code changes to allow for meetings' redis events to be processed on different html5 nodejs pids 2020-11-18 20:34:02 +00:00
Anton Georgiev
ecbf575dcf
Merge pull request #10819 from bigbluebutton/join-api-sanitize
Sanitize parameters of API's. Fixes #10818
2020-11-13 10:55:38 -05:00
Tiago Daniel Jacobs
e59bcd0c33 Sanitize all received parameters 2020-11-13 06:54:32 +00:00
Tiago Daniel Jacobs
52e3eea552 Split error message from session token ( making it easier to translate - and more secure/ ) 2020-11-13 06:13:48 +00:00
Tiago Daniel Jacobs
5c911ddeec Sanitize fullName parameter of join API. Fixes #10818 2020-11-13 05:59:31 +00:00
Your Name
b4ecf53c80 Remove unwanted debug logging: This pushed the whole binary of every PDF uploaded into the logs. 2020-11-08 16:56:26 +01:00
Anton Georgiev
0c7ead1916 Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into oct16-merge 2020-10-21 14:48:02 +00:00
Pedro Beschorner Marin
2fb26ff0cf Patch of improvements for bbb-web
This patch includes two improvements made for bbb-web. It tries to better isolate
the sessionToken's handling and session's validation, including logs for each one of
these steps; and removes maxParticipats control from registered users (that are no
longer removed from bbb-web collections) binding it to joined users or users that
reached the enter API call. The following adds more details about this last one:

User's regular flow to join a meeting goes around an API join call -> redis register event ->
redirect to client page -> API enter call -> redis join event. When the guest policy is ASK_MODERATOR,
non-moderators are registered and redirected to a guest lobby that polls for her/his guest status and
only enters the meeting after a moderator approval.
Using registered users as control to check how many participants are in a meeting is problematic because
non-approved guests are counted as participants and bbb-web has to find out when to ditch registered users
records to make a seat in a meeting available again. In other words, a meeting with maxParicipants
of 5 can get it's joins locked with a moderator and 4 waiting guests or bbb-web can wrongly drop a registered
user record on a reconnection inducing weird 401 responses from the API.

This change proposes to control maxParticipants both at join and enter API calls monitoring the number
of redis joined users. This also includes an extra buffer to capture users that called the enter API but
still don't have an user joined event.
User left events are now handled different holding the user data before removing from the joined users collection
and only releasing after verifying that the user didn't reconnected.

Both user left timeout `usersTimeout` and entered user timeout `enteredUsersTimeout` can be configured at properties.
2020-09-28 09:59:52 -03:00
Tiago Jacobs
153c59307d Improvements on bbb-libreoffice 2020-07-24 02:42:51 -03:00
Pedro Beschorner Marin
de40885768 Define API's voice bridge error 2020-06-16 17:01:57 -03:00
Anton Georgiev
56e16d79a3
Merge pull request #9251 from elor/fix-voicebridge-collision
Fix voiceBridge collision (Issue #9024)
2020-05-28 16:17:59 -04:00
Anton Georgiev
c9e996de21 Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-25 17:32:24 +00:00
Anton Georgiev
201fa2902e Only provide modOnlyMessage to moderators. Promoted mod requires refresh to see it 2020-05-20 15:56:44 -04:00