Gustavo Trott
3d1575e635
Send pubSub FileTooLarge Error Msg from bbb-web when file is too large, (and makes Akka send meetingId with presentation token msg)
2021-04-08 14:18:15 -03:00
Pedro Beschorner Marin
beb694c74a
Improve guest lobby feedback
...
Included a message and a redirect for the cases where the guest is
not allowed to join or the meeting has expired/ended.
2021-03-29 22:17:59 -03:00
Pedro Beschorner Marin
0365018e92
Add guest lobby messages
...
Moderators are able to send a message to the meeting's guest lobby. This new
event reaches bbb-web and is sent to the guest user with her/his status response
while polling. All guest users that are waiting for acceptance will be able to
read this message.
enableGuestLobbyMessage is disabled by default.
2021-03-09 11:02:25 -03:00
Anton Georgiev
228bad03d5
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into march4-merge
2021-03-04 21:25:47 +00:00
Anton Georgiev
eba2d0ab58
Merge pull request #11535 from pedrobmarin/etherpad-patch
...
Rework padIds and turn bbb-web pad aware
2021-03-02 14:48:34 -05:00
Anton Georgiev
55e8de4357
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into feb18-merge
2021-02-18 20:33:19 +00:00
Anton Georgiev
f43560d535
Support for backend vs frontend nodejs instances bbb-html5
2021-02-16 03:19:31 +00:00
Pedro Beschorner Marin
09b39a8d63
Add extra pad validation
...
Associate pads with meetings so session validation is restricted to the
meeting's valid session tokens.
Meteor will dispatch new redis events on shared notes and closed captions
pads creation. This event will go through apps and reach web to populate
a new meeting's pad collection that contains all valid pad id's for that
session. Nginx will use this collection to check if the user's session token
belongs to the pad's authorized users.
Besides these modifications, an extra change will be needed at notes.nginx.
Location /pad/p/ needs to change it's auth_request:
from /bigbluebutton/connection/checkAuthorization;
to /bigbluebutton/connection/validatePad;
2021-02-10 13:37:04 -03:00
Ghazi Triki
5f683809cd
Make sure checksum validation is done first in join API and display an error without redirection in failure case.
2021-02-09 19:03:54 +01:00
Anton Georgiev
3135c6bb22
Handle guestWait url for multiple nodejs instanceIds
2021-01-05 15:38:21 +00:00
Anton Georgiev
55fe528e35
Change bigbluebutton.properties client url param
2020-12-16 15:49:20 +00:00
Anton Georgiev
8b65f9e15b
Set bbb-html5 loadbalancing to be round robin
2020-12-15 01:55:57 +00:00
Anton Georgiev
0be8773e4c
Loadbalance bbb-html5 in bbb-web based on CPU
2020-12-11 21:36:06 +00:00
Anton Georgiev
418fdb1a31
remove obsolete attendeesJoinViaHTML5Client moderatorsJoinViaHTML5Client
2020-12-09 19:11:50 +00:00
basisbit
34ad640ea7
Fix voice bridge compare
...
Cherry-picked https://github.com/bigbluebutton/bigbluebutton/pull/9855
Co-Authored-By: Pedro Beschorner Marin <pedrobmarin@gmail.com>
2020-12-09 14:55:47 +01:00
basisbit
7ba6bd9f7a
Fix voiceBridge collision
...
Cherry-picked the commits from https://github.com/bigbluebutton/bigbluebutton/pull/9251
The added code checks if a meetingID is unique and makes sure no two meetings use the same VoiceBridge. Also see Issue # 9024
2020-12-09 13:58:26 +01:00
Anton Georgiev
3faabd1821
Merge 2.2.29 and 2.2.30 into 2.3.x
2020-11-24 15:13:09 +00:00
Anton Georgiev
23f2df11d5
code changes to allow for meetings' redis events to be processed on different html5 nodejs pids
2020-11-18 20:34:02 +00:00
Anton Georgiev
ecbf575dcf
Merge pull request #10819 from bigbluebutton/join-api-sanitize
...
Sanitize parameters of API's. Fixes #10818
2020-11-13 10:55:38 -05:00
Tiago Daniel Jacobs
e59bcd0c33
Sanitize all received parameters
2020-11-13 06:54:32 +00:00
Tiago Daniel Jacobs
52e3eea552
Split error message from session token ( making it easier to translate - and more secure/ )
2020-11-13 06:13:48 +00:00
Tiago Daniel Jacobs
5c911ddeec
Sanitize fullName parameter of join API. Fixes #10818
2020-11-13 05:59:31 +00:00
Your Name
b4ecf53c80
Remove unwanted debug logging: This pushed the whole binary of every PDF uploaded into the logs.
2020-11-08 16:56:26 +01:00
Anton Georgiev
0c7ead1916
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into oct16-merge
2020-10-21 14:48:02 +00:00
Pedro Beschorner Marin
2fb26ff0cf
Patch of improvements for bbb-web
...
This patch includes two improvements made for bbb-web. It tries to better isolate
the sessionToken's handling and session's validation, including logs for each one of
these steps; and removes maxParticipats control from registered users (that are no
longer removed from bbb-web collections) binding it to joined users or users that
reached the enter API call. The following adds more details about this last one:
User's regular flow to join a meeting goes around an API join call -> redis register event ->
redirect to client page -> API enter call -> redis join event. When the guest policy is ASK_MODERATOR,
non-moderators are registered and redirected to a guest lobby that polls for her/his guest status and
only enters the meeting after a moderator approval.
Using registered users as control to check how many participants are in a meeting is problematic because
non-approved guests are counted as participants and bbb-web has to find out when to ditch registered users
records to make a seat in a meeting available again. In other words, a meeting with maxParicipants
of 5 can get it's joins locked with a moderator and 4 waiting guests or bbb-web can wrongly drop a registered
user record on a reconnection inducing weird 401 responses from the API.
This change proposes to control maxParticipants both at join and enter API calls monitoring the number
of redis joined users. This also includes an extra buffer to capture users that called the enter API but
still don't have an user joined event.
User left events are now handled different holding the user data before removing from the joined users collection
and only releasing after verifying that the user didn't reconnected.
Both user left timeout `usersTimeout` and entered user timeout `enteredUsersTimeout` can be configured at properties.
2020-09-28 09:59:52 -03:00
Tiago Jacobs
153c59307d
Improvements on bbb-libreoffice
2020-07-24 02:42:51 -03:00
Pedro Beschorner Marin
de40885768
Define API's voice bridge error
2020-06-16 17:01:57 -03:00
Anton Georgiev
56e16d79a3
Merge pull request #9251 from elor/fix-voicebridge-collision
...
Fix voiceBridge collision (Issue #9024 )
2020-05-28 16:17:59 -04:00
Anton Georgiev
c9e996de21
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop
2020-05-25 17:32:24 +00:00
Anton Georgiev
201fa2902e
Only provide modOnlyMessage to moderators. Promoted mod requires refresh to see it
2020-05-20 15:56:44 -04:00
Anton Georgiev
cc79c4b6ae
merge 2.2.10 into 2.3
2020-05-05 19:52:44 +00:00
Richard Alam
f876ce01c2
Rework presentation download and upload
...
- verify presentation and meeting id formats
- construct presentation file path making sure that they are valid
- add "downloadable" flag to check if presentation can be downloaded or not
- collect presentation upload errors so we can send to the client in the future
2020-05-01 14:16:42 -07:00
Ghazi Triki
84ba925014
Improve the file download in the browser.
2020-04-30 15:41:06 +01:00
Ghazi Triki
b21ca8355a
Return 404 error when the file download is not allowed.
2020-04-25 19:51:17 +03:00
Erik E. Lorenz
868374516e
Check for existing voicebridge in ApiController
2020-04-25 09:35:29 +02:00
Erik E. Lorenz
bccf3664db
Guarantee unique meeting TelVoice (API create)
2020-04-25 08:51:37 +02:00
Mitsutaka Sato
79361bd485
Set content-type for presentation download, to prevent vulnerable files from being executed
2020-04-16 11:39:49 +12:00
Ghazi Triki
78c649650e
Strip HTML tags from name and fullName API params.
2020-04-03 20:00:33 +03:00
Anton Georgiev
8129468300
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merging
2020-03-04 23:36:21 +00:00
Richard Alam
db4dc4aff0
- add urls on presentation page conversion message
2020-02-18 14:03:08 -08:00
Anton Georgiev
60e3e7986c
Merge pull request #8499 from pedrobmarin/waiting-guests-clean
...
Removes waiting guests that stop polling for their status
2020-01-29 17:40:19 -05:00
Pedro Beschorner Marin
397041efcc
Removes waiting guests that stop polling for their status
2020-01-15 12:03:52 -03:00
Pedro Beschorner Marin
ec7785ff22
Check for maxParticipants before registering an user
2019-12-18 16:12:30 -03:00
Pedro Beschorner Marin
517e252901
Fix on getting caption file content type
2019-07-17 18:47:31 +00:00
Richard Alam
67ca66c842
Merge pull request #7565 from pedrobmarin/401-guest-false
...
Avoid checking for authentication
2019-06-14 11:03:53 -04:00
Richard Alam
6e7ece7a9f
- minor cleanup
2019-06-06 15:16:43 -07:00
Richard Alam
5d9f72ae21
- add single use token to request for the text track
2019-06-06 14:54:31 -07:00
Richard Alam
7577bf5310
- check if lang param is valid
2019-06-06 07:21:54 -07:00
Richard Alam
c92bfbb591
- deploy recording scripts in proper location
...
- log upload captions params
2019-06-04 14:07:10 -04:00
Pedro Beschorner Marin
a32037baa3
Avoid checking for authentication
2019-06-03 18:06:11 -03:00
Richard Alam
8db3903942
- add checksum check on put recordings text track api
2019-06-03 12:59:37 -07:00
Richard Alam
08f0c2b4e7
- make changes to align closer to spec document
2019-06-03 11:59:20 -07:00
Richard Alam
9d416ee473
Merge branch 'text-tracks' of https://github.com/riadvice/bigbluebutton into riadvice-text-tracks
2019-05-30 12:30:07 -07:00
Ghazi Triki
ddb02f57e7
Validate recordID in putRecordingTextTrack.
2019-05-22 16:18:57 +03:00
Ghazi Triki
05cc75eabf
Validate kind in putRecordingTextTrack.
2019-05-21 17:58:31 +03:00
Ghazi Triki
6667360cfe
Validate locale in putRecordingTextTrack.
2019-05-21 17:41:09 +03:00
Richard Alam
2e3350cc5c
Revert "Create API returns now returns error when no passwords provided for meeting"
2019-05-20 16:39:45 -04:00
Ghazi Triki
7c5727750f
Merge remote-tracking branch 'bigbluebutton/master' into text-tracks
2019-05-13 14:46:20 +01:00
Ghazi Triki
dbd86eb096
Code improve.
2019-05-10 15:51:05 +01:00
Ghazi Triki
1974f903ea
Fix downloaded file encoding.
2019-05-09 17:35:10 +01:00
Ghazi Triki
b469f8c642
Update error format for Create API returns if none of the passwords parameters are provided.
2019-05-09 07:26:20 +01:00
Ghazi Triki
8892389234
Create API returns an error when no password parameter is provided.
2019-05-08 17:35:00 +01:00
Ghazi Triki
0c46ef2ae6
Revert "Change RecordingController.groovy EOL" and delete unused import.
2019-05-07 18:32:07 +01:00
Ghazi Triki
7f051b2845
Change RecordingController.groovy EOL
2019-05-07 18:30:18 +01:00
Ghazi Triki
f1a83c4022
Update RecordingController.groovy indentation to two spaces instead of four.
2019-05-07 18:28:47 +01:00
Pedro Beschorner Marin
a0590c12ea
Merge remote-tracking branch 'origin/master' into set-lock-settings-on-meeting-create
2019-05-02 11:05:34 -03:00
Ghazi Triki
b6e8dfee95
Update RecordingController to work in the current version of grails.
2019-05-01 18:43:30 +01:00
Pedro Beschorner Marin
324681d5b2
Renamed unmuteUsers to allowModsToUnmuteUsers
2019-04-23 12:30:55 -03:00
Ghazi Triki
cd3edb4491
Read generated caption files description using getRecordingTextTracks API.
2019-04-22 20:30:00 +01:00
Pedro Beschorner Marin
50afb24653
Changed from unmute only viewers to unmute anyone
2019-04-17 10:55:01 -03:00
Pedro Beschorner Marin
87435c515c
Merge remote-tracking branch 'master' into set-lock-settings-on-meeting-create
2019-04-12 13:58:58 -03:00
Pedro Beschorner Marin
5f011f2e2e
Included unmuteViewers param on create
2019-04-10 17:55:24 -03:00
Richard Alam
0f93ce4a38
- store the client url instead of joinviahtml5 info into user session. That
...
way we can preserve the client url form the join and don't have to recreate
in the guestWaitHandler
2019-03-28 13:46:53 -07:00
Richard Alam
86a10b6c77
- handle when forced to join html5 using bigbluebutton.properties and need to wait for approval
2019-03-28 11:41:32 -07:00
Richard Alam
cbd68df5ee
- flag the user to join using html5
2019-03-28 11:27:47 -07:00
Richard Alam
0d217447eb
- check if guest user waiting for mod approval is joining via html5
2019-03-28 11:24:02 -07:00
Richard Alam
3b4a10ebd5
- do not override settings from config.xml unless an override param is passed on create api call
2019-03-27 08:15:01 -07:00
Richard Alam
7d9adaee30
- return breakout rooms options on enter api
2019-03-26 12:15:10 -07:00
Richard Alam
361776a2fe
- signout api throwing exception when it cannot find the user session
2019-02-12 14:12:46 -08:00
Richard Alam
e85e48c64a
- fix json response format for stuns and enter api
2019-02-11 14:38:15 -08:00
Fred Dixon
e26df7cf06
Merge pull request #6754 from riadvice/fix-stun-turn
...
Fix API stuns call
2019-02-10 22:57:08 -08:00
Ghazi Triki
b2a4b1efbe
Fix API stuns call.
2019-02-11 07:56:13 +01:00
Richard Alam
7185eae79b
- make easy to collect data from logs
2019-02-09 19:09:32 -08:00
Pedro Beschorner Marin
b5427737d7
Includes a minimal authentication step before SFU connections
2019-02-06 09:37:05 -02:00
Ghazi Triki
d5091ef61b
Added unit test for join API.
2019-01-24 08:42:14 +01:00
Ghazi Triki
cbcf9315a0
Improved response handling in ApiControllerSpec and added unit test for join.
2019-01-22 11:50:33 +01:00
Ghazi Triki
a11ce7732e
Implemented unit tests for create API.
2019-01-21 21:58:16 +01:00
Ghazi Triki
8a985e8785
Implemented the first unit test for API version.
2019-01-17 18:29:44 +01:00
Ghazi Triki
68e6468c34
Fix guestWaitHandler in ApiController.groovy
2019-01-17 14:21:22 +01:00
Ghazi Triki
5fc13c3447
Load freemaker templates whether the application runs within a JAR file or outside of it.
2019-01-17 11:39:50 +01:00
Ghazi Triki
de17942501
Fix mapping for swf files.
2019-01-15 11:36:49 +01:00
Ghazi Triki
d38f55b30a
Improve groovy code formatting.
2019-01-15 11:03:07 +01:00
Ghazi Triki
dcb0544897
Update XML and JSON responses for ApiController.
2019-01-14 14:29:19 +01:00
Ghazi Triki
302a05528e
Fix API XML responses.
2019-01-10 21:18:15 +01:00
Ghazi Triki
4a4edd0ca6
Update bigbluebutton-web to gradle 5.1 (Work In Progress)
2019-01-09 21:06:09 +01:00
Anton Georgiev
47dffd5f3a
add parenthesis to improve readability
2019-01-08 21:47:08 +00:00
Anton Georgiev
79ecdf56e8
BBB-web: add allowRequestsWithoutSession=false to handle stripped JSESSIONID
2019-01-08 19:54:08 +00:00
Chad Pilkey
0fe8e3a38a
Lock enter and stuns to valid session+token
2018-11-22 14:39:25 -05:00
Ghazi Triki
a52e907593
Fix API calls.
2018-11-02 20:57:54 +01:00
Ghazi Triki
653fd74440
Merge remote-tracking branch 'bigbluebutton/v2.0.x-release' into merge-2.x-release-into-master
...
# Conflicts:
# akka-bbb-apps/src/main/scala/org/bigbluebutton/core/apps/users/UserLeaveReqMsgHdlr.scala
# akka-bbb-apps/src/main/scala/org/bigbluebutton/core/models/Users2x.scala
# akka-bbb-apps/src/main/scala/org/bigbluebutton/core/running/HandlerHelpers.scala
# akka-bbb-apps/src/main/scala/org/bigbluebutton/core/running/MeetingActor.scala
# akka-bbb-apps/src/main/scala/org/bigbluebutton/core2/testdata/FakeTestData.scala
# bbb-common-web/src/main/java/org/bigbluebutton/api/MeetingService.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/PresentationUrlDownloadService.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/ImageToSwfSlidesGenerationService.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/Office2PdfPageConverter.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/OfficeDocumentValidator.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/Pdf2SwfPageConverter.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/PdfToSwfSlidesGenerationService.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/SvgImageCreatorImp.java
# bbb-common-web/src/main/java/org/bigbluebutton/presentation/imp/TextFileCreatorImp.java
# bbb-common-web/src/main/scala/org/bigbluebutton/api2/bus/ReceivedJsonMsgHdlrActor.scala
# bbb-common-web/src/main/scala/org/bigbluebutton/api2/meeting/OldMeetingMsgHdlrActor.scala
# bigbluebutton-client/src/org/bigbluebutton/core/UsersUtil.as
# bigbluebutton-client/src/org/bigbluebutton/main/events/BBBEvent.as
# bigbluebutton-client/src/org/bigbluebutton/main/maps/ApplicationEventMap.mxml
# bigbluebutton-client/src/org/bigbluebutton/main/model/users/JoinService.as
# bigbluebutton-client/src/org/bigbluebutton/main/model/users/NetConnectionDelegate.as
# bigbluebutton-client/src/org/bigbluebutton/main/model/users/UserService.as
# bigbluebutton-client/src/org/bigbluebutton/main/views/LoggedOutWindow.mxml
# bigbluebutton-client/src/org/bigbluebutton/main/views/MainApplicationShell.mxml
# bigbluebutton-client/src/org/bigbluebutton/modules/layout/managers/LayoutManager.as
# bigbluebutton-client/src/org/bigbluebutton/modules/layout/views/LayoutsCombo.mxml
# bigbluebutton-client/src/org/bigbluebutton/modules/users/services/MessageReceiver.as
# bigbluebutton-client/src/org/red5/flash/bwcheck/app/BandwidthDetectionApp.as
# bigbluebutton-config/bigbluebutton-release
# bigbluebutton-html5/client/compatibility/kurento-extension.js
# bigbluebutton-html5/imports/api/users/server/modifiers/addUser.js
# bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy
2018-11-01 14:00:54 +01:00