Users who can't create rooms but have shared rooms now have a differe…

…nt view (#1649)
bigbluebutton · May 21, 2020 · 030cdd0 · 030cdd0
1 parent 66a3f19
commit 030cdd0
Show file tree

Hide file tree

Showing 8 changed files with 83 additions and 54 deletions.
diff --git a/app/controllers/concerns/authenticator.rb b/app/controllers/concerns/authenticator.rb
@@ -46,8 +46,10 @@ def check_email_verified(user)
                           internal_error_url, not_found_url]
       url = if cookies[:return_to] && !dont_redirect_to.include?(cookies[:return_to])
         cookies[:return_to]
-      else
+      elsif user.role.get_permission("can_create_rooms")
         user.main_room
+      else
+        cant_create_rooms_path
       end
 
       # Delete the cookie if it exists

diff --git a/app/controllers/concerns/populator.rb b/app/controllers/concerns/populator.rb
@@ -67,9 +67,7 @@ def rooms_list_for_recordings
   def shared_user_list
     roles_can_appear = []
     Role.where(provider: @user_domain).each do |role|
-      if role.get_permission("can_appear_in_share_list") && role.get_permission("can_create_rooms") && role.priority >= 0
-        roles_can_appear << role.name
-      end
+      roles_can_appear << role.name if role.get_permission("can_appear_in_share_list") && role.priority >= 0
     end
 
     initial_list = User.where.not(uid: current_user.uid).with_role(roles_can_appear)

diff --git a/app/controllers/rooms_controller.rb b/app/controllers/rooms_controller.rb
@@ -25,7 +25,7 @@ class RoomsController < ApplicationController
   before_action :validate_accepted_terms, unless: -> { !Rails.configuration.terms }
   before_action :validate_verified_email, except: [:show, :join],
                 unless: -> { !Rails.configuration.enable_email_verification }
-  before_action :find_room, except: [:create, :join_specific_room]
+  before_action :find_room, except: [:create, :join_specific_room, :cant_create_rooms]
   before_action :verify_room_ownership_or_admin_or_shared, only: [:start, :shared_access]
   before_action :verify_room_ownership_or_admin, only: [:update_settings, :destroy]
   before_action :verify_room_ownership_or_shared, only: [:remove_shared_access]
@@ -69,26 +69,33 @@ def show
 
     # If its the current user's room
     if current_user && (@room.owned_by?(current_user) || @shared_room)
-      if current_user.role.get_permission("can_create_rooms")
-        # User is allowed to have rooms
-        @search, @order_column, @order_direction, recs =
-          recordings(@room.bbb_id, params.permit(:search, :column, :direction), true)
-
-        @user_list = shared_user_list if shared_access_allowed
-
-        @pagy, @recordings = pagy_array(recs)
-      else
-        # Render view for users that cant create rooms
-        @recent_rooms = Room.where(id: cookies.encrypted["#{current_user.uid}_recently_joined_rooms"])
-        render :cant_create_rooms
-      end
+      # User is allowed to have rooms
+      @search, @order_column, @order_direction, recs =
+        recordings(@room.bbb_id, params.permit(:search, :column, :direction), true)
+
+      @user_list = shared_user_list if shared_access_allowed
+
+      @pagy, @recordings = pagy_array(recs)
     else
       return redirect_to root_path, flash: { alert: I18n.t("room.invalid_provider") } if incorrect_user_domain
 
       show_user_join
     end
   end
 
+  # GET /rooms
+  def cant_create_rooms
+    shared_rooms = current_user.shared_rooms
+
+    if current_user.shared_rooms.empty?
+      # Render view for users that cant create rooms
+      @recent_rooms = Room.where(id: cookies.encrypted["#{current_user.uid}_recently_joined_rooms"])
+      render :cant_create_rooms
+    else
+      redirect_to shared_rooms[0]
+    end
+  end
+
   # POST /:room_uid
   def join
     return redirect_to root_path,

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
@@ -58,7 +58,16 @@ def fallback_translations
   # Returns the page that the logo redirects to when clicked on
   def home_page
     return admins_path if current_user.has_role? :super_admin
-    current_user.main_room
+    return current_user.main_room if current_user.role.get_permission("can_create_rooms")
+    cant_create_rooms_path
+  end
+
+  # Returns 'active' if the current page is the users home page (used to style header)
+  def active_home
+    home_actions = %w[show cant_create_rooms]
+    return "active" if params[:controller] == "admins" && params[:action] == "index" && current_user.has_role?(:super_admin)
+    return "active" if params[:controller] == "rooms" && home_actions.include?(params[:action])
+    ""
   end
 
   # Returns the action method of the current page

diff --git a/app/views/rooms/show.html.erb b/app/views/rooms/show.html.erb
@@ -77,12 +77,14 @@
     </div>
 
     <div id="room_block_container" class="row pt-7 pb-5">
-      <% current_user.ordered_rooms.each do |room| %>
-        <div class="col-lg-4 col-md-6 col-sm-12">
-          <%= link_to room do %>
-            <%= render "rooms/components/room_block", room: room %>
-          <% end %>
-        </div>
+      <% if current_user.role.get_permission("can_create_rooms") %>
+        <% current_user.ordered_rooms.each do |room| %>
+          <div class="col-lg-4 col-md-6 col-sm-12">
+            <%= link_to room do %>
+              <%= render "rooms/components/room_block", room: room %>
+            <% end %>
+          </div>
+        <% end %>
       <% end %>
 
       <% if shared_access_allowed %>
@@ -95,7 +97,7 @@
         <% end %>
       <% end %>
 
-      <% unless room_limit_exceeded %>
+      <% if current_user.role.get_permission("can_create_rooms") && !room_limit_exceeded %>
         <%= render "rooms/components/create_room_block"%>
       <% end %>
     </div>

diff --git a/app/views/shared/_header.html.erb b/app/views/shared/_header.html.erb
@@ -27,22 +27,14 @@
       <div class="d-flex ml-auto">
         <% if current_user %>
 
-          <% if current_user.has_role? :super_admin %>
-            <% admins_page = params[:controller] == "admins" && params[:action] == "index" ? "active" : "" %>
-            <%= link_to admins_path, class: "px-3 mx-1 mt-1 header-nav #{admins_page}" do %>
-              <i class="fas fa-home pr-1 "></i><span class="d-none d-sm-inline-block"><%= t("header.dropdown.home") %></span>
-            <% end %>
-          <% else %>
-            <% rooms_page = params[:controller] == "rooms" && params[:action] == "show" ? "active" : "" %>
-            <%= link_to current_user.main_room, class: "px-3 mx-1 mt-1 header-nav #{rooms_page}" do %>
-              <i class="fas fa-home pr-1 "></i><span class="d-none d-sm-inline-block"><%= t("header.dropdown.home") %></span>
-            <% end %>
+          <%= link_to home_page, class: "px-3 mx-1 mt-1 header-nav #{active_home}" do %>
+            <i class="fas fa-home pr-1 "></i><span class="d-none d-sm-inline-block"><%= t("header.dropdown.home") %></span>
+          <% end %>
 
-            <% if current_user.role.get_permission("can_create_rooms") %>
-              <% all_rec_page = params[:controller] == "users" && params[:action] == "recordings" ? "active" : "" %>
-              <%= link_to get_user_recordings_path(current_user), class: "px-3 mx-1 mt-1 header-nav #{all_rec_page}" do %>
-                <i class="fas fa-video pr-1"></i><span class="d-none d-sm-inline-block"><%= t("header.all_recordings") %></span>
-              <% end %>
+          <% if current_user.role.get_permission("can_create_rooms") && !current_user.has_role?(:super_admin) %>
+            <% all_rec_page = params[:controller] == "users" && params[:action] == "recordings" ? "active" : "" %>
+            <%= link_to get_user_recordings_path(current_user), class: "px-3 mx-1 mt-1 header-nav #{all_rec_page}" do %>
+              <i class="fas fa-video pr-1"></i><span class="d-none d-sm-inline-block"><%= t("header.all_recordings") %></span>
             <% end %>
           <% end %>
 

diff --git a/config/routes.rb b/config/routes.rb
@@ -107,6 +107,9 @@
   get '/auth/failure', to: 'sessions#omniauth_fail'
   post '/auth/ldap', to: 'sessions#ldap', as: :ldap_callback
 
+  # Users who can't create rooms
+  get '/rooms', to: 'rooms#cant_create_rooms', as: :cant_create_rooms
+
   # Room resources.
   resources :rooms, only: [:create, :show, :destroy], param: :room_uid, path: '/'
 

diff --git a/spec/controllers/rooms_controller_spec.rb b/spec/controllers/rooms_controller_spec.rb
@@ -63,19 +63,6 @@ def random_valid_room_params
       expect(response).to render_template(:join)
     end
 
-    it "should render cant_create_rooms if user doesn't have permission to create rooms" do
-      user_role = @user.role
-
-      user_role.update_permission("can_create_rooms", "false")
-      user_role.save!
-
-      @request.session[:user_id] = @user.id
-
-      get :show, params: { room_uid: @user.main_room }
-
-      expect(response).to render_template(:cant_create_rooms)
-    end
-
     it "should be able to search public recordings if user is not owner" do
       @request.session[:user_id] = @user.id
 
@@ -157,6 +144,35 @@ def random_valid_room_params
     end
   end
 
+  describe "GET #cant_create_rooms" do
+    before do
+      @user = create(:user)
+      @owner = create(:user)
+    end
+
+    it "renders cant_create_rooms if user doesn't have permission to create rooms and has no shared rooms" do
+      @user.role.update_permission("can_create_rooms", "false")
+
+      @request.session[:user_id] = @user.id
+
+      get :cant_create_rooms
+
+      expect(response).to render_template(:cant_create_rooms)
+    end
+
+    it "displays the room if the user can't create rooms but has a shared room" do
+      @user.role.update_permission("can_create_rooms", "false")
+
+      SharedAccess.create(room_id: @owner.main_room.id, user_id: @user.id)
+
+      @request.session[:user_id] = @user.id
+
+      get :cant_create_rooms
+
+      expect(response).to redirect_to(@owner.main_room)
+    end
+  end
+
   describe "POST #create" do
     before do
       @owner = create(:user)