* Fix: allow CORS requests to graphql API
In cluster setups the Graphql API endpoints are fetched as a CORS
request. We need to allow that.
* Fix: Allow CORS requests to ping endpoint
In cluster setups the ping is sent directly to the BBB server. So it
needs to allow CORS requests for cluster setups.
* Fix: construct relative API path for cluster setups
* Fix: adjust docs for cluster setup
As bbb-html5 client is static, setup instructions for cluster setup have
to be changed accordingly.
* Fix docs: remove superfluous ```yaml
This must have been introduced by accident.
---------
Co-authored-by: Daniel Schreiber <daniel.schreiber@hrz.tu-chemnitz.de>
Grails can handle CORS on its own. It just has to be configured in
`/etc/bigbluebutton/bbb-web.properties`:
~~~
grails.cors.enabled=true
grails.cors.allowedOrigins=https://bbb-proxy.example.org
grails.cors.allowCredentials=true
~~~
This is a breaking change of the nginx config if (and only if) you run a
cluster setup as described in
https://docs.bigbluebutton.org/admin/clusterproxy.html
**If** you run such a setup, you **need** to change
`/etc/bigbluebutton/bbb-web.properties`. Otherwise users won't be able
to join meetings, upload slides etc.
The change in `PresentationController.groovy` fixes the handling of
`OPTIONS` requests in the `/bigbluebutton/presentation/checkPresentation`
handler.
To ease setup some changes required in the nginx config for load
balancer setup are prepared here. They do not harm non-loadbalancer setups.
The changes in the system startup scripts are mandatory
Associate pads with meetings so session validation is restricted to the
meeting's valid session tokens.
Meteor will dispatch new redis events on shared notes and closed captions
pads creation. This event will go through apps and reach web to populate
a new meeting's pad collection that contains all valid pad id's for that
session. Nginx will use this collection to check if the user's session token
belongs to the pad's authorized users.
Besides these modifications, an extra change will be needed at notes.nginx.
Location /pad/p/ needs to change it's auth_request:
from /bigbluebutton/connection/checkAuthorization;
to /bigbluebutton/connection/validatePad;
Subrequest goes to different endpoint on bbb-web to ensure
that the content length (passed in header) is taken under
consideration prior to uploading file
