Commit Graph

744 Commits

Author SHA1 Message Date
Daniel Petri Rocha
234e36f462
Merge branch 'v2.6.x-release' into breakout-upload-ui 2022-10-03 11:05:23 +02:00
Daniel Petri Rocha
26a93f6853
Merge branch 'v2.6.x-release' into capture-shared-notes 2022-10-03 11:03:24 +02:00
Gustavo Trott
9a18f5fe61
Merge pull request #15467 from zhem0004/spring2726 2022-09-30 17:29:56 -03:00
Bohdan Zhemelinskyi
adcd139ec0 remove SetPollsXML 2022-09-30 14:24:09 +00:00
prlanzarin
0a796ef39d feat(bbb-web): make HTTP session timeout configurable
Java/Grails' HTTP session inactivity timeout is hardcoded to 4 hours.
This gives less flexibility for long-lived sessions - ie in rare
scenarios where users stay connected for >= that amount of time without
any re-connections or intermediate calls to checkAuthorization.

This commit makes the HTTP session timeout configurable, system-wide, via
bigbluebutton.properties. Default timeout is preserved.

Ideally, we should look into a more permanent solution to avoid
invalidating perfectly healthy user sessions. This commit fixes
nothing in that regard.
2022-09-27 19:16:36 +00:00
Ramón Souza
2b0971e2c8 Merge tag 'v2.5.6' into merge-256-26 2022-09-26 09:17:59 -03:00
Gustavo Trott
052fc41c41
Merge pull request #15610 from paultrudel/meeting-api-fixes-25 2022-09-21 09:26:24 -03:00
Daniel Petri Rocha
e23d00004f 'Capture Shared Notes' button in front-end 2022-09-20 17:43:13 +02:00
Daniel Petri Rocha
c84c2e2892 Merge branch 'v2.6.x-release' into breakout-upload-ui 2022-09-19 19:30:18 +02:00
Bohdan Zhemelinskyi
7f42e28ec7 place spring version in one place and cleanup 2022-09-08 18:40:19 +00:00
zhem0004
0a0d768627 Merge branch 'spring2726' of https://github.com/zhem0004/bigbluebutton into spring2726 2022-09-08 11:24:50 -04:00
Bohdan Zhemelinskyi
f51742a819 Merge branch 'v2.6.x-release' of https://github.com/bigbluebutton/bigbluebutton into spring27 2022-09-08 14:32:35 +00:00
Brent Baccala
00b635e763 bigbluebutton-web: when matching user-supplied meeting IDs in API
calls, use ServiceUtils.findMeetingFromMeetingID instead of
meetingService.getMeeting, in order to handle either external or
internal meeting IDs
2022-09-05 23:16:39 -04:00
Daniel Petri Rocha
f1690247fd Include capture checkbox in bbb-html5 2022-09-05 19:27:38 +02:00
Daniel Petri Rocha
16b3d43f19 Initial back-end wiring for breakout slides capture 2022-09-04 22:34:04 +02:00
Gustavo Trott
3b890e5509
Merge pull request #15608 from paultrudel/meeting-api-fixes 2022-08-31 15:21:48 -03:00
Paul Trudel
14aec9f7da Added maxParticpants calculation changes from 2.6 2022-08-29 15:25:14 +00:00
Ramón Souza
609d43157a Merge tag 'v2.5.5' into merge-2526-aug25 2022-08-25 14:33:44 -03:00
GuiLeme
c0567c9c93 [issue15565] - remove allow property 2022-08-19 16:49:06 -03:00
GuiLeme
8ee93432b9 [issue15565] - Fixed current attribute not being respected 2022-08-19 15:59:26 -03:00
Paul Trudel
f84698cd5c changes to max pariticpants calculation and guest policy 2022-08-16 15:15:45 +00:00
Bohdan Zhemelinskyi
7582b8891a upgrade spring to 2.7.x 2022-07-30 14:50:03 +00:00
Bohdan Zhemelinskyi
fd31c78ec4 temp changes 2022-07-29 19:03:25 +00:00
Daniel Schreiber
e0e1d9e5b3 Fix: use grails configuration for CORS settings
Grails can handle CORS on its own. It just has to be configured in
`/etc/bigbluebutton/bbb-web.properties`:

~~~
grails.cors.enabled=true
grails.cors.allowedOrigins=https://bbb-proxy.example.org
grails.cors.allowCredentials=true
~~~

This is a breaking change of the nginx config if (and only if) you run a
cluster setup as described in
https://docs.bigbluebutton.org/admin/clusterproxy.html

**If** you run such a setup, you **need** to change
`/etc/bigbluebutton/bbb-web.properties`. Otherwise users won't be able
to join meetings, upload slides etc.

The change in `PresentationController.groovy` fixes the handling of
`OPTIONS` requests in the `/bigbluebutton/presentation/checkPresentation`
handler.
2022-07-27 23:30:36 +02:00
Bohdan Zhemelinskyi
e016e6985b error detecting 2022-07-21 18:30:48 +00:00
Gustavo Trott
807f0286c9
Merge pull request #14786 from paultrudel/recording-api-changes 2022-06-30 15:57:23 -03:00
Paul Trudel
ff8a68e20b Merge branch 'develop' of github.com:bigbluebutton/bigbluebutton into recording-api-changes 2022-06-29 13:24:45 +00:00
prlanzarin
6225042148 feat: add user name to checkAuthorization response
Audio's callerId depends on the user name and there isn't
an "on-demand" way of fetching that field internally, making callerId
assembly with trusted attributes (server-side generated) impossible in
bbb-webrtc-sfu.

The new extra header (User-Name, mapped to user_name in the proxied
connection) allows fetching the user name field in a cheap way and
consequently provides a cheap+safe way of assembling the callerId.

Alternatives I've considered but discarded:
  - a new akka-apps req-resp pair for fetching the user name (+overhead)
  - a new akka-apps req-resp pair for generating the callerId (+overhead)
  - piggybacking on GetMicrophonePermissionReq/Resp to generate the
    callerId (same overhead, but mixing responsabilities)
2022-06-28 20:33:36 +00:00
GuiLeme
2afe4526a8 [issue-14828] - Logic change of processing current parameter. 2022-05-11 16:25:44 -03:00
GuiLeme
23aaeedef2 [issue-14828] - Changed order of inserting the default.pdf document 2022-05-11 10:40:56 -03:00
Guilherme Leme
b95cba3ded [issue-14819] - When sending a batch with no current with default.pdf, that will be the current. 2022-05-05 17:45:36 -03:00
Guilherme Leme
5fc66ccf12 [issue-14828] - preUploadedPresentationOverrideDefault can now be sent in url (it will override the config) 2022-05-04 14:13:00 -03:00
Guilherme Leme
df30e30a1e [issue-14828] - Implemented feature to upload presentations in create API and still have default.pdf 2022-05-04 11:06:48 -03:00
Paul Trudel
1d434e65b7 Merge branch 'develop' of github.com:bigbluebutton/bigbluebutton into recording-api-changes 2022-04-11 13:36:11 +00:00
Ramon Souza
1c873bd8d6 Merge remote-tracking branch 'upstream/v2.4.x-release' into merge-2425-apr08 2022-04-08 17:30:21 -03:00
Paul Trudel
aa956919c2 Updated recording changes for 2.6 2022-04-08 18:46:54 +00:00
Anton Georgiev
4ad4e8e7fa
Merge pull request #14668 from GuiLeme/issue-14335
[issue-14335]- Deprecate password on the endpoints.
2022-03-30 11:47:55 -04:00
Guilherme Leme
247794ff45 [issue-14335] - Changes in review, the random password has been added if a null one is sent while creating the meeting to avoid crashes in old integrations. 2022-03-30 10:07:46 -03:00
Guilherme Leme
b4bf27c199 [issue-14335]- Refactored endpoints to not need the password anymore. It is in deprecated state now. 2022-03-24 15:35:17 -03:00
Gustavo Trott
6562cbc6e7
Merge branch 'v2.5.x-release' into disabledFeatures-breakoutRooms 2022-03-16 14:57:46 -03:00
Daniel Petri Rocha
3d74878f51 Adds 'current' as optional parameter in the upload endpoint 2022-03-15 18:21:19 +01:00
Gustavo Trott
c6bfb4b7ec fix error 2022-03-14 15:35:00 -03:00
Guilherme Leme
9104a0308e [issue-14321] - Changes to make it possible to send 2 presentations with the same name 2022-03-14 12:10:27 -03:00
Anton Georgiev
212578b7c8
Merge branch 'v2.5.x-release' into disabledFeatures-learningDashboard 2022-03-02 08:46:31 -05:00
Gustavo Trott
9d6eaead02 Move api param learningDashboardEnabled to disabledFeatures 2022-03-01 17:27:54 -03:00
Anton Georgiev
cfb7c354ce
Merge pull request #14494 from GuiLeme/issue-14431
Change in current attribute for InsertDocument endpoint
2022-03-01 12:59:03 -05:00
Guilherme Leme
b8bba75b62 [issue-14431] - Implemented the back-end not to accept the current attribute comming from insert endpoint. 2022-03-01 14:27:09 -03:00
Ramón Souza
138f4d64e4 Merge remote-tracking branch 'upstream/v2.4.x-release' into v2.5.x-release 2022-02-24 14:49:56 +00:00
Tainan Felipe
d609a1fd8d Fix lint errors 2022-02-16 15:55:11 -03:00
Tainan Felipe
b730ef7aa2 Add a message for when the guest isn't valid 2022-02-10 16:31:35 -03:00
Guilherme Leme
f9d97ca562 [issue-14014] / [issue-14313] / [issue-14312] - Fixed and refactored back-end to fit the logic of passing parameters, not only by document with url, but by base64 encoded document too. And refactored front-end. 2022-02-10 15:27:44 -03:00
Guilherme Leme
c10dd9121e [issue-14014] - Made some changes in back-end logic to put the first presentation as current, if none is marked as current. 2022-02-09 10:40:42 -03:00
Guilherme Leme
ea09c7001c [issue-14014] - WIP adding current tag on presentation payload 2022-02-04 14:52:53 -03:00
Guilherme Leme
7650967b2f Resolved merging conflicts. 2022-02-04 08:48:58 -03:00
Guilherme Leme
75f3eab3f8 Resolve merging conflicts 2022-02-03 12:03:26 -03:00
Guilherme Leme
655c81c8f4 [Issue-14014]-Implemented the logic in the controller and refactored the function uploadDocuments to fit the new scenario. I also created the insert model to be validated. 2022-02-03 09:33:29 -03:00
Anton Georgiev
8404048cfd
Merge pull request #14134 from hiroshisuga/fixpreupload
fix(bbb-web) broken Asian filename for pre-uploaded presentation (fix on bbb-web)
2022-01-31 10:43:37 -05:00
hiroshisuga
2c3b180ee0
add error-catch 2022-01-26 07:46:20 +09:00
Ramón Souza
16cd3c4ebb Merge remote-tracking branch 'upstream/v2.4.x-release' into dev-24-0125 2022-01-25 16:56:52 +00:00
Anton Georgiev
5f4c5cdedb
Merge branch 'develop' into r-r-e-acea 2022-01-24 16:05:57 -05:00
Anton Georgiev
a761f0177a
Merge pull request #14143 from frankemax/fix-userdata-injection
fix(userdata): consistent breakout room userdata
2022-01-24 15:10:38 -05:00
Pedro Beschorner Marin
c9043655f1
Merge branch 'develop' into position-in-waiting-queue 2022-01-24 14:31:03 -03:00
Pedro Beschorner Marin
810deb907b refactor(etherpad): access control et al.
Move all Etherpad's access control from Meteor to a separated [Node application](https://github.com/bigbluebutton/bbb-pads).
This new app uses [Etherpad's API](https://etherpad.org/doc/v1.8.4/#index_overview)
to create groups and manage session tokens for users to access them. Each group
represents one distinct pad at the html5 client.

- Removed locked users' access to pads: replaced readOnly pad's access with a new pad's content sharing routine
- Pad's access is now controlled by [Etherpad's API](https://etherpad.org/doc/v1.8.4/#index_overview)
- Closed captions edited content now reflects at it's live feedback
- Improved closed caption's dictation mode live feedback
- Moved all Etherpad's API control from Meteor to a separated [app](https://github.com/bigbluebutton/bbb-pads)
- Included access control both in akka-apps and bbb-pads
2022-01-21 16:56:01 -03:00
Guilherme Leme
740de857cf [Issue-13238]-Implemented the logic related to receiving and sending the new removable attribute onwards. 2022-01-21 11:52:10 -03:00
Pedro Beschorner Marin
4a0882f9f2 fix(userdata): merge breakout room userdata
Avoid using MongoDB to copy breakout room user's userdata. All userdata is
now merged at bbb-web's join API call.
2022-01-19 10:58:13 -03:00
hiroshisuga
e9fee8f330
for preuploaded asian filename 2022-01-19 09:53:21 +09:00
Pedro Beschorner Marin
2bc370ce0b feat(api): allowRequestsWithoutSession as a meeting create param
Add a create meeting parameter to enable or disable the user's cookie
session requests.
2022-01-17 09:51:01 -03:00
Aleksandar Vasilev
6935b8293c
Merge branch 'bigbluebutton:develop' into position-in-waiting-queue 2022-01-16 02:59:40 +01:00
Aleksandar Vasilev
6103ae960d
Merge branch 'bigbluebutton:develop' into develop-private-guest-lobby-messages 2022-01-16 02:58:43 +01:00
SashoVihVas
1862f60e05 Add private guest lobby messages 2022-01-12 14:10:30 +00:00
SashoVihVas
2d7c82e73d Add position in waiting queue for guest users 2022-01-12 03:08:43 +00:00
prlanzarin
31df1b0efe chore: add legacy checkAuthorization endpoint
For the sake of backwards compatibility
2021-12-16 23:43:55 -03:00
paultrudel
65688af8b0 Added logging for passwords 2021-12-15 14:28:37 -05:00
prlanzarin
434b2200b1 chore: add user infos in custom headers to checkAuthorization OK response 2021-12-03 19:48:30 +00:00
Anton Georgiev
a2d8b59e4d
Merge pull request #13814 from prlanzarin/u24-sahel-terroir
fix(core): look for session/jsession cookie in checkAuthorization endpoint
2021-12-02 16:01:52 -05:00
prlanzarin
5dfc2f10cb fix(core): look for session/jsession cookie in checkAuthorization endpoint 2021-12-02 15:53:39 +00:00
Gustavo Trott
df60295d22 Implements join param excludeFromDashboard 2021-11-26 14:07:03 -03:00
Anton Georgiev
123705bd37
Merge pull request #13609 from jfsiebel/bbb-version-api-response
Add bbb version in api response
2021-11-02 16:35:38 -04:00
Anton Georgiev
ca5815ebbc
Merge pull request #13589 from jfsiebel/add-role-join-param
Add role parameter in join url
2021-11-02 16:35:11 -04:00
Anton Georgiev
4731d767c7
Merge pull request #13616 from paultrudel/remove-additional-logging
Removed additional session info logging from api controller
2021-11-01 13:47:19 -04:00
paultrudel
a7edb2536c Removed additional session info logging from api controller 2021-11-01 13:04:18 -04:00
Joao Siebel
cb4c21a7ac Add bbb version in api response 2021-10-29 17:20:19 -03:00
paultrudel
fc39ddf93b duplicate voice bridge now returns the proper error 2021-10-29 14:39:10 -04:00
paultrudel
33956cf6b2 Reverted sessionToken value in enter reject response 2021-10-27 17:07:05 -04:00
paultrudel
1fe0f93ab2 Added an import that was accidentally removed 2021-10-27 15:00:43 -04:00
paultrudel
aa5b105e6e Added more logging to ApiController 2021-10-27 14:58:05 -04:00
paultrudel
cd92f4a4f4 modified sessionToken value name in enter response 2021-10-27 14:31:29 -04:00
Joao Siebel
7ea48706ef Add role parameter on join 2021-10-27 15:28:11 -03:00
paultrudel
960ed35810 added more logging to API controller 2021-10-27 13:31:32 -04:00
paultrudel
5fe8577098 Added additional logging to bbb-web api controller 2021-10-27 12:43:21 -04:00
Gustavo Trott
ae88e8d325 Add Api/learningDashboard properly validation 2021-10-18 18:15:46 -03:00
Gustavo Trott
efee460fe4 Update Api/LearningDashboard validation in favor of #13371 2021-10-18 17:08:47 -03:00
Anton Georgiev
a1e3bbebd3
Merge pull request #13488 from gustavotrott/learning-dashboard-individual-token
refactor: Makes LearningDashboard data be provided by bbb-web (avoid demoted user to receive updates)
2021-10-18 13:37:03 -04:00
Gustavo Trott
0102104fbe Makes bbb-web provide LearningDashboard data while meeting is alive 2021-10-14 14:00:25 -03:00
paultrudel
6f40fa115d Merge branch 'v2.4.x-release' of https://github.com/bigbluebutton/bigbluebutton into change-message-key-value 2021-10-06 16:02:48 -04:00
Anton Georgiev
59fc722529 Merge branch 'v2.3.x-release' of github.com:bigbluebutton/bigbluebutton into merge-23-24 2021-10-05 17:14:46 +00:00
paultrudel
5e3f33131c Reverted the messageKey values in validation error messages back to their old values 2021-10-01 15:31:30 -04:00
Pedro Beschorner Marin
c43ca7a22d fix(guests): max participants
Waiting users shouldn't count as valid participants at the meeting's
`maxParticipants` constraint.

Avoid calling `enter` at the waiting page.

Reference https://github.com/bigbluebutton/bigbluebutton/pull/10542
2021-09-28 08:31:18 -03:00
paultrudel
39aaa52b25 Move max participant check back to Api
Controller
2021-09-01 15:50:45 -04:00
paultrudel
2af81a3a9e fixed issue with guests not joining meeting after being approved 2021-07-30 15:57:30 -04:00