New option for handling permissions in rooms. Set allowWhenRoleMissing to permit actions before a peer with that permission joins. Ref #303
Håvar Aambø Fosstveit
parent
220d4dd99d
commit
a49258e840
|
|
@ -2847,8 +2847,8 @@ export default class RoomClient
|
|||
roles,
|
||||
peers,
|
||||
tracker,
|
||||
permissionsFromRoles,
|
||||
userRoles,
|
||||
roomPermissions,
|
||||
allowWhenRoleMissing,
|
||||
chatHistory,
|
||||
fileHistory,
|
||||
lastNHistory,
|
||||
|
|
@ -2874,8 +2874,10 @@ export default class RoomClient
|
|||
|
||||
store.dispatch(meActions.loggedIn(authenticated));
|
||||
|
||||
store.dispatch(roomActions.setUserRoles(userRoles));
|
||||
store.dispatch(roomActions.setPermissionsFromRoles(permissionsFromRoles));
|
||||
store.dispatch(roomActions.setRoomPermissions(roomPermissions));
|
||||
|
||||
if (allowWhenRoleMissing)
|
||||
store.dispatch(roomActions.setAllowWhenRoleMissing(allowWhenRoleMissing));
|
||||
|
||||
const myRoles = store.getState().me.roles;
|
||||
|
||||
|
|
|
|||
|
|
@ -177,14 +177,14 @@ export const setClearFileSharingInProgress = (flag) =>
|
|||
payload : { flag }
|
||||
});
|
||||
|
||||
export const setUserRoles = (userRoles) =>
|
||||
export const setRoomPermissions = (roomPermissions) =>
|
||||
({
|
||||
type : 'SET_USER_ROLES',
|
||||
payload : { userRoles }
|
||||
type : 'SET_ROOM_PERMISSIONS',
|
||||
payload : { roomPermissions }
|
||||
});
|
||||
|
||||
export const setPermissionsFromRoles = (permissionsFromRoles) =>
|
||||
export const setAllowWhenRoleMissing = (allowWhenRoleMissing) =>
|
||||
({
|
||||
type : 'SET_PERMISSIONS_FROM_ROLES',
|
||||
payload : { permissionsFromRoles }
|
||||
type : 'SET_ALLOW_WHEN_ROLE_MISSING',
|
||||
payload : { allowWhenRoleMissing }
|
||||
});
|
||||
|
|
|
|||
|
|
@ -5,6 +5,8 @@ import PropTypes from 'prop-types';
|
|||
import classnames from 'classnames';
|
||||
import { withRoomContext } from '../../../RoomContext';
|
||||
import { useIntl } from 'react-intl';
|
||||
import { permissions } from '../../../permissions';
|
||||
import { makePermissionSelector } from '../../Selectors';
|
||||
import ListItem from '@material-ui/core/ListItem';
|
||||
import ListItemText from '@material-ui/core/ListItemText';
|
||||
import IconButton from '@material-ui/core/IconButton';
|
||||
|
|
@ -85,28 +87,32 @@ ListLobbyPeer.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state, { id }) =>
|
||||
const makeMapStateToProps = (initialState, { id }) =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.PROMOTE_PEER);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
{
|
||||
return {
|
||||
peer : state.lobbyPeers[id],
|
||||
promotionInProgress : state.room.lobbyPeersPromotionInProgress,
|
||||
canPromote :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.PROMOTE_PEER.includes(role))
|
||||
canPromote : hasPermission(state)
|
||||
};
|
||||
};
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
areStatesEqual : (next, prev) =>
|
||||
{
|
||||
return (
|
||||
prev.room.permissionsFromRoles === next.room.permissionsFromRoles &&
|
||||
prev.room.lobbyPeersPromotionInProgress ===
|
||||
next.room.lobbyPeersPromotionInProgress &&
|
||||
prev.room === next.room &&
|
||||
prev.peers === next.peers && // For checking permissions
|
||||
prev.me.roles === next.me.roles &&
|
||||
prev.lobbyPeers === next.lobbyPeers
|
||||
);
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
import React from 'react';
|
||||
import { connect } from 'react-redux';
|
||||
import {
|
||||
lobbyPeersKeySelector
|
||||
lobbyPeersKeySelector,
|
||||
makePermissionSelector
|
||||
} from '../../Selectors';
|
||||
import { permissions } from '../../../permissions';
|
||||
import * as appPropTypes from '../../appPropTypes';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { withRoomContext } from '../../../RoomContext';
|
||||
|
|
@ -140,15 +142,20 @@ LockDialog.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.PROMOTE_PEER);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
{
|
||||
return {
|
||||
room : state.room,
|
||||
lobbyPeers : lobbyPeersKeySelector(state),
|
||||
canPromote :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.PROMOTE_PEER.includes(role))
|
||||
canPromote : hasPermission(state)
|
||||
};
|
||||
};
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
const mapDispatchToProps = {
|
||||
|
|
@ -157,7 +164,7 @@ const mapDispatchToProps = {
|
|||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
mapDispatchToProps,
|
||||
null,
|
||||
{
|
||||
|
|
@ -166,6 +173,7 @@ export default withRoomContext(connect(
|
|||
return (
|
||||
prev.room === next.room &&
|
||||
prev.me.roles === next.me.roles &&
|
||||
prev.peers === next.peers &&
|
||||
prev.lobbyPeers === next.lobbyPeers
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,10 @@
|
|||
import React, { useState } from 'react';
|
||||
import { connect } from 'react-redux';
|
||||
import { meProducersSelector } from '../Selectors';
|
||||
import {
|
||||
meProducersSelector,
|
||||
makePermissionSelector
|
||||
} from '../Selectors';
|
||||
import { permissions } from '../../permissions';
|
||||
import { withRoomContext } from '../../RoomContext';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
import PropTypes from 'prop-types';
|
||||
|
|
@ -807,32 +811,37 @@ Me.propTypes =
|
|||
theme : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.SHARE_SCREEN);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
{
|
||||
return {
|
||||
me : state.me,
|
||||
...meProducersSelector(state),
|
||||
settings : state.settings,
|
||||
activeSpeaker : state.me.id === state.room.activeSpeakerId,
|
||||
canShareScreen :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.SHARE_SCREEN.includes(role))
|
||||
canShareScreen : hasPermission(state)
|
||||
};
|
||||
};
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
areStatesEqual : (next, prev) =>
|
||||
{
|
||||
return (
|
||||
prev.room.permissionsFromRoles === next.room.permissionsFromRoles &&
|
||||
prev.room === next.room &&
|
||||
prev.me === next.me &&
|
||||
prev.peers === next.peers &&
|
||||
prev.producers === next.producers &&
|
||||
prev.settings === next.settings &&
|
||||
prev.room.activeSpeakerId === next.room.activeSpeakerId
|
||||
prev.settings === next.settings
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,8 +4,10 @@ import PropTypes from 'prop-types';
|
|||
import {
|
||||
lobbyPeersKeySelector,
|
||||
peersLengthSelector,
|
||||
raisedHandsSelector
|
||||
raisedHandsSelector,
|
||||
makePermissionSelector
|
||||
} from '../Selectors';
|
||||
import { permissions } from '../../permissions';
|
||||
import * as appPropTypes from '../appPropTypes';
|
||||
import { withRoomContext } from '../../RoomContext';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
|
|
@ -751,7 +753,18 @@ TopBar.propTypes =
|
|||
theme : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasExtraVideoPermission =
|
||||
makePermissionSelector(permissions.EXTRA_VIDEO);
|
||||
|
||||
const hasLockPermission =
|
||||
makePermissionSelector(permissions.CHANGE_ROOM_LOCK);
|
||||
|
||||
const hasPromotionPermission =
|
||||
makePermissionSelector(permissions.PROMOTE_PEER);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
({
|
||||
room : state.room,
|
||||
peersLength : peersLengthSelector(state),
|
||||
|
|
@ -762,17 +775,14 @@ const mapStateToProps = (state) =>
|
|||
myPicture : state.me.picture,
|
||||
unread : state.toolarea.unreadMessages +
|
||||
state.toolarea.unreadFiles + raisedHandsSelector(state),
|
||||
canProduceExtraVideo :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.EXTRA_VIDEO.includes(role)),
|
||||
canLock :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.CHANGE_ROOM_LOCK.includes(role)),
|
||||
canPromote :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.PROMOTE_PEER.includes(role))
|
||||
canProduceExtraVideo : hasExtraVideoPermission(state),
|
||||
canLock : hasLockPermission(state),
|
||||
canPromote : hasPromotionPermission(state)
|
||||
});
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
const mapDispatchToProps = (dispatch) =>
|
||||
({
|
||||
setToolbarsVisible : (visible) =>
|
||||
|
|
@ -811,7 +821,7 @@ const mapDispatchToProps = (dispatch) =>
|
|||
});
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
mapDispatchToProps,
|
||||
null,
|
||||
{
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import PropTypes from 'prop-types';
|
|||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { withRoomContext } from '../../../RoomContext';
|
||||
import { useIntl } from 'react-intl';
|
||||
import { permissions } from '../../../permissions';
|
||||
import { makePermissionSelector } from '../../Selectors';
|
||||
import Paper from '@material-ui/core/Paper';
|
||||
import InputBase from '@material-ui/core/InputBase';
|
||||
import IconButton from '@material-ui/core/IconButton';
|
||||
|
|
@ -119,26 +121,32 @@ ChatInput.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.SEND_CHAT);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
({
|
||||
displayName : state.settings.displayName,
|
||||
picture : state.me.picture,
|
||||
canChat :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.SEND_CHAT.includes(role))
|
||||
canChat : hasPermission(state)
|
||||
});
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(
|
||||
connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
areStatesEqual : (next, prev) =>
|
||||
{
|
||||
return (
|
||||
prev.room.permissionsFromRoles === next.room.permissionsFromRoles &&
|
||||
prev.room === next.room &&
|
||||
prev.me.roles === next.me.roles &&
|
||||
prev.peers === next.peers &&
|
||||
prev.settings.displayName === next.settings.displayName &&
|
||||
prev.me.picture === next.me.picture
|
||||
);
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import PropTypes from 'prop-types';
|
|||
import { withRoomContext } from '../../../RoomContext';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { useIntl, FormattedMessage } from 'react-intl';
|
||||
import { permissions } from '../../../permissions';
|
||||
import { makePermissionSelector } from '../../Selectors';
|
||||
import Button from '@material-ui/core/Button';
|
||||
|
||||
const styles = (theme) =>
|
||||
|
|
@ -76,16 +78,21 @@ ChatModerator.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.MODERATE_CHAT);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
({
|
||||
isChatModerator :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.MODERATE_CHAT.includes(role)),
|
||||
isChatModerator : hasPermission(state),
|
||||
room : state.room
|
||||
});
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
|
|
@ -93,7 +100,8 @@ export default withRoomContext(connect(
|
|||
{
|
||||
return (
|
||||
prev.room === next.room &&
|
||||
prev.me === next.me
|
||||
prev.me === next.me &&
|
||||
prev.peers === next.peers
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import { connect } from 'react-redux';
|
|||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { withRoomContext } from '../../../RoomContext';
|
||||
import { useIntl } from 'react-intl';
|
||||
import { permissions } from '../../../permissions';
|
||||
import { makePermissionSelector } from '../../Selectors';
|
||||
import FileList from './FileList';
|
||||
import FileSharingModerator from './FileSharingModerator';
|
||||
import Paper from '@material-ui/core/Paper';
|
||||
|
|
@ -131,30 +133,36 @@ FileSharing.propTypes = {
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.SHARE_FILE);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
{
|
||||
return {
|
||||
canShareFiles : state.me.canShareFiles,
|
||||
browser : state.me.browser,
|
||||
tabOpen : state.toolarea.currentToolTab === 'files',
|
||||
canShare :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.SHARE_FILE.includes(role))
|
||||
canShare : hasPermission(state)
|
||||
};
|
||||
};
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
areStatesEqual : (next, prev) =>
|
||||
{
|
||||
return (
|
||||
prev.room.permissionsFromRoles === next.room.permissionsFromRoles &&
|
||||
prev.room === next.room &&
|
||||
prev.me.browser === next.me.browser &&
|
||||
prev.me.roles === next.me.roles &&
|
||||
prev.me.canShareFiles === next.me.canShareFiles &&
|
||||
prev.peers === next.peers &&
|
||||
prev.toolarea.currentToolTab === next.toolarea.currentToolTab
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import PropTypes from 'prop-types';
|
|||
import { withRoomContext } from '../../../RoomContext';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { useIntl, FormattedMessage } from 'react-intl';
|
||||
import { permissions } from '../../../permissions';
|
||||
import { makePermissionSelector } from '../../Selectors';
|
||||
import Button from '@material-ui/core/Button';
|
||||
|
||||
const styles = (theme) =>
|
||||
|
|
@ -76,16 +78,21 @@ FileSharingModerator.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.MODERATE_FILES);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
({
|
||||
isFileSharingModerator :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.MODERATE_FILES.includes(role)),
|
||||
isFileSharingModerator : hasPermission(state),
|
||||
room : state.room
|
||||
});
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
export default withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
|
|
@ -93,7 +100,8 @@ export default withRoomContext(connect(
|
|||
{
|
||||
return (
|
||||
prev.room === next.room &&
|
||||
prev.me === next.me
|
||||
prev.me === next.me &&
|
||||
prev.peers === next.peers
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
import React from 'react';
|
||||
import { connect } from 'react-redux';
|
||||
import {
|
||||
participantListSelector
|
||||
participantListSelector,
|
||||
makePermissionSelector
|
||||
} from '../../Selectors';
|
||||
import { permissions } from '../../../permissions';
|
||||
import classnames from 'classnames';
|
||||
import { withStyles } from '@material-ui/core/styles';
|
||||
import { withRoomContext } from '../../../RoomContext';
|
||||
|
|
@ -160,31 +162,34 @@ ParticipantList.propTypes =
|
|||
classes : PropTypes.object.isRequired
|
||||
};
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
const makeMapStateToProps = () =>
|
||||
{
|
||||
const hasPermission = makePermissionSelector(permissions.MODERATE_ROOM);
|
||||
|
||||
const mapStateToProps = (state) =>
|
||||
{
|
||||
return {
|
||||
isModerator :
|
||||
state.me.roles.some((role) =>
|
||||
state.room.permissionsFromRoles.MODERATE_ROOM.includes(role)),
|
||||
isModerator : hasPermission(state),
|
||||
participants : participantListSelector(state),
|
||||
spotlights : state.room.spotlights,
|
||||
selectedPeerId : state.room.selectedPeerId
|
||||
};
|
||||
};
|
||||
|
||||
return mapStateToProps;
|
||||
};
|
||||
|
||||
const ParticipantListContainer = withRoomContext(connect(
|
||||
mapStateToProps,
|
||||
makeMapStateToProps,
|
||||
null,
|
||||
null,
|
||||
{
|
||||
areStatesEqual : (next, prev) =>
|
||||
{
|
||||
return (
|
||||
prev.room.permissionsFromRoles === next.room.permissionsFromRoles &&
|
||||
prev.room === next.room &&
|
||||
prev.me.roles === next.me.roles &&
|
||||
prev.peers === next.peers &&
|
||||
prev.room.spotlights === next.room.spotlights &&
|
||||
prev.room.selectedPeerId === next.room.selectedPeerId
|
||||
prev.peers === next.peers
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,8 @@
|
|||
import { createSelector } from 'reselect';
|
||||
|
||||
const meRolesSelect = (state) => state.me.roles;
|
||||
const roomPermissionsSelect = (state) => state.room.roomPermissions;
|
||||
const roomAllowWhenRoleMissing = (state) => state.room.allowWhenRoleMissing;
|
||||
const producersSelect = (state) => state.producers;
|
||||
const consumersSelect = (state) => state.consumers;
|
||||
const spotlightsSelector = (state) => state.room.spotlights;
|
||||
|
|
@ -217,3 +220,53 @@ export const makePeerConsumerSelector = () =>
|
|||
}
|
||||
);
|
||||
};
|
||||
|
||||
// Very important that the Components that use this
|
||||
// selector need to check at least these state changes:
|
||||
//
|
||||
// areStatesEqual : (next, prev) =>
|
||||
// {
|
||||
// return (
|
||||
// prev.room.roomPermissions === next.room.roomPermissions &&
|
||||
// prev.room.allowWhenRoleMissing === next.room.allowWhenRoleMissing &&
|
||||
// prev.peers === next.peers &&
|
||||
// prev.me.roles === next.me.roles
|
||||
// );
|
||||
// }
|
||||
export const makePermissionSelector = (permission) =>
|
||||
{
|
||||
return createSelector(
|
||||
meRolesSelect,
|
||||
roomPermissionsSelect,
|
||||
roomAllowWhenRoleMissing,
|
||||
peersValueSelector,
|
||||
(roles, roomPermissions, allowWhenRoleMissing, peers) =>
|
||||
{
|
||||
if (!roomPermissions)
|
||||
return false;
|
||||
|
||||
const permitted = roles.some((role) =>
|
||||
roomPermissions[permission].includes(role)
|
||||
);
|
||||
|
||||
if (permitted)
|
||||
return true;
|
||||
|
||||
if (!allowWhenRoleMissing)
|
||||
return false;
|
||||
|
||||
// Allow if config is set, and no one is present
|
||||
if (allowWhenRoleMissing.includes(permission) &&
|
||||
peers.filter(
|
||||
(peer) =>
|
||||
peer.roles.some(
|
||||
(role) => roomPermissions[permission].includes(role)
|
||||
)
|
||||
).length === 0
|
||||
)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
);
|
||||
};
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
export const permissions = {
|
||||
// The role(s) have permission to lock/unlock a room
|
||||
CHANGE_ROOM_LOCK : 'CHANGE_ROOM_LOCK',
|
||||
// The role(s) have permission to promote a peer from the lobby
|
||||
PROMOTE_PEER : 'PROMOTE_PEER',
|
||||
// The role(s) have permission to send chat messages
|
||||
SEND_CHAT : 'SEND_CHAT',
|
||||
// The role(s) have permission to moderate chat
|
||||
MODERATE_CHAT : 'MODERATE_CHAT',
|
||||
// The role(s) have permission to share screen
|
||||
SHARE_SCREEN : 'SHARE_SCREEN',
|
||||
// The role(s) have permission to produce extra video
|
||||
EXTRA_VIDEO : 'EXTRA_VIDEO',
|
||||
// The role(s) have permission to share files
|
||||
SHARE_FILE : 'SHARE_FILE',
|
||||
// The role(s) have permission to moderate files
|
||||
MODERATE_FILES : 'MODERATE_FILES',
|
||||
// The role(s) have permission to moderate room (e.g. kick user)
|
||||
MODERATE_ROOM : 'MODERATE_ROOM'
|
||||
};
|
||||
|
|
@ -33,18 +33,8 @@ const initialState =
|
|||
closeMeetingInProgress : false,
|
||||
clearChatInProgress : false,
|
||||
clearFileSharingInProgress : false,
|
||||
userRoles : { NORMAL: 'normal' }, // Default role
|
||||
permissionsFromRoles : {
|
||||
CHANGE_ROOM_LOCK : [],
|
||||
PROMOTE_PEER : [],
|
||||
SEND_CHAT : [],
|
||||
MODERATE_CHAT : [],
|
||||
SHARE_SCREEN : [],
|
||||
EXTRA_VIDEO : [],
|
||||
SHARE_FILE : [],
|
||||
MODERATE_FILES : [],
|
||||
MODERATE_ROOM : []
|
||||
}
|
||||
roomPermissions : null,
|
||||
allowWhenRoleMissing : null
|
||||
};
|
||||
|
||||
const room = (state = initialState, action) =>
|
||||
|
|
@ -240,18 +230,18 @@ const room = (state = initialState, action) =>
|
|||
case 'CLEAR_FILE_SHARING_IN_PROGRESS':
|
||||
return { ...state, clearFileSharingInProgress: action.payload.flag };
|
||||
|
||||
case 'SET_USER_ROLES':
|
||||
case 'SET_ROOM_PERMISSIONS':
|
||||
{
|
||||
const { userRoles } = action.payload;
|
||||
const { roomPermissions } = action.payload;
|
||||
|
||||
return { ...state, userRoles };
|
||||
return { ...state, roomPermissions };
|
||||
}
|
||||
|
||||
case 'SET_PERMISSIONS_FROM_ROLES':
|
||||
case 'SET_ALLOW_WHEN_ROLE_MISSING':
|
||||
{
|
||||
const { permissionsFromRoles } = action.payload;
|
||||
const { allowWhenRoleMissing } = action.payload;
|
||||
|
||||
return { ...state, permissionsFromRoles };
|
||||
return { ...state, allowWhenRoleMissing };
|
||||
}
|
||||
|
||||
default:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
module.exports = {
|
||||
// The role(s) will gain access to the room
|
||||
// even if it is locked (!)
|
||||
BYPASS_ROOM_LOCK : 'BYPASS_ROOM_LOCK',
|
||||
// The role(s) will gain access to the room without
|
||||
// going into the lobby. If you want to restrict access to your
|
||||
// server to only directly allow authenticated users, you could
|
||||
// add the userRoles.AUTHENTICATED to the user in the userMapping
|
||||
// function, and change to BYPASS_LOBBY : [ userRoles.AUTHENTICATED ]
|
||||
BYPASS_LOBBY : 'BYPASS_LOBBY'
|
||||
};
|
||||
|
|
@ -1,5 +1,23 @@
|
|||
const os = require('os');
|
||||
const userRoles = require('../userRoles');
|
||||
|
||||
const {
|
||||
BYPASS_ROOM_LOCK,
|
||||
BYPASS_LOBBY
|
||||
} = require('../access');
|
||||
|
||||
const {
|
||||
CHANGE_ROOM_LOCK,
|
||||
PROMOTE_PEER,
|
||||
SEND_CHAT,
|
||||
MODERATE_CHAT,
|
||||
SHARE_SCREEN,
|
||||
EXTRA_VIDEO,
|
||||
SHARE_FILE,
|
||||
MODERATE_FILES,
|
||||
MODERATE_ROOM
|
||||
} = require('../permissions');
|
||||
|
||||
// const AwaitQueue = require('awaitqueue');
|
||||
// const axios = require('axios');
|
||||
|
||||
|
|
@ -216,34 +234,40 @@ module.exports =
|
|||
accessFromRoles : {
|
||||
// The role(s) will gain access to the room
|
||||
// even if it is locked (!)
|
||||
BYPASS_ROOM_LOCK : [ userRoles.ADMIN ],
|
||||
[BYPASS_ROOM_LOCK] : [ userRoles.ADMIN ],
|
||||
// The role(s) will gain access to the room without
|
||||
// going into the lobby. If you want to restrict access to your
|
||||
// server to only directly allow authenticated users, you could
|
||||
// add the userRoles.AUTHENTICATED to the user in the userMapping
|
||||
// function, and change to BYPASS_LOBBY : [ userRoles.AUTHENTICATED ]
|
||||
BYPASS_LOBBY : [ userRoles.NORMAL ]
|
||||
[BYPASS_LOBBY] : [ userRoles.NORMAL ]
|
||||
},
|
||||
permissionsFromRoles : {
|
||||
// The role(s) have permission to lock/unlock a room
|
||||
CHANGE_ROOM_LOCK : [ userRoles.NORMAL ],
|
||||
[CHANGE_ROOM_LOCK] : [ userRoles.MODERATOR ],
|
||||
// The role(s) have permission to promote a peer from the lobby
|
||||
PROMOTE_PEER : [ userRoles.NORMAL ],
|
||||
[PROMOTE_PEER] : [ userRoles.NORMAL ],
|
||||
// The role(s) have permission to send chat messages
|
||||
SEND_CHAT : [ userRoles.NORMAL ],
|
||||
[SEND_CHAT] : [ userRoles.NORMAL ],
|
||||
// The role(s) have permission to moderate chat
|
||||
MODERATE_CHAT : [ userRoles.MODERATOR ],
|
||||
[MODERATE_CHAT] : [ userRoles.MODERATOR ],
|
||||
// The role(s) have permission to share screen
|
||||
SHARE_SCREEN : [ userRoles.NORMAL ],
|
||||
[SHARE_SCREEN] : [ userRoles.NORMAL ],
|
||||
// The role(s) have permission to produce extra video
|
||||
EXTRA_VIDEO : [ userRoles.NORMAL ],
|
||||
[EXTRA_VIDEO] : [ userRoles.NORMAL ],
|
||||
// The role(s) have permission to share files
|
||||
SHARE_FILE : [ userRoles.NORMAL ],
|
||||
[SHARE_FILE] : [ userRoles.NORMAL ],
|
||||
// The role(s) have permission to moderate files
|
||||
MODERATE_FILES : [ userRoles.MODERATOR ],
|
||||
[MODERATE_FILES] : [ userRoles.MODERATOR ],
|
||||
// The role(s) have permission to moderate room (e.g. kick user)
|
||||
MODERATE_ROOM : [ userRoles.MODERATOR ]
|
||||
[MODERATE_ROOM] : [ userRoles.MODERATOR ]
|
||||
},
|
||||
// Array of permissions. If no peer with the permission in question
|
||||
// is in the room, all peers are permitted to do the action. The peers
|
||||
// that are allowed because of this rule will not be able to do this
|
||||
// action as soon as a peer with the permission joins. In this example
|
||||
// everyone will be able to lock/unlock room until a MODERATOR joins.
|
||||
allowWhenRoleMissing : [ CHANGE_ROOM_LOCK ],
|
||||
// When truthy, the room will be open to all users when as long as there
|
||||
// are allready users in the room
|
||||
activateOnHostJoin : true,
|
||||
|
|
|
|||
|
|
@ -5,29 +5,47 @@ const Lobby = require('./Lobby');
|
|||
const { v4: uuidv4 } = require('uuid');
|
||||
const jwt = require('jsonwebtoken');
|
||||
const userRoles = require('../userRoles');
|
||||
|
||||
const {
|
||||
BYPASS_ROOM_LOCK,
|
||||
BYPASS_LOBBY
|
||||
} = require('../access');
|
||||
|
||||
const permissions = require('../permissions'), {
|
||||
CHANGE_ROOM_LOCK,
|
||||
PROMOTE_PEER,
|
||||
SEND_CHAT,
|
||||
MODERATE_CHAT,
|
||||
SHARE_SCREEN,
|
||||
EXTRA_VIDEO,
|
||||
SHARE_FILE,
|
||||
MODERATE_FILES,
|
||||
MODERATE_ROOM
|
||||
} = permissions;
|
||||
|
||||
const config = require('../config/config');
|
||||
|
||||
const logger = new Logger('Room');
|
||||
|
||||
// In case they are not configured properly
|
||||
const accessFromRoles =
|
||||
const roomAccess =
|
||||
{
|
||||
BYPASS_ROOM_LOCK : [ userRoles.ADMIN ],
|
||||
BYPASS_LOBBY : [ userRoles.NORMAL ],
|
||||
[BYPASS_ROOM_LOCK] : [ userRoles.ADMIN ],
|
||||
[BYPASS_LOBBY] : [ userRoles.NORMAL ],
|
||||
...config.accessFromRoles
|
||||
};
|
||||
|
||||
const permissionsFromRoles =
|
||||
const roomPermissions =
|
||||
{
|
||||
CHANGE_ROOM_LOCK : [ userRoles.NORMAL ],
|
||||
PROMOTE_PEER : [ userRoles.NORMAL ],
|
||||
SEND_CHAT : [ userRoles.NORMAL ],
|
||||
MODERATE_CHAT : [ userRoles.MODERATOR ],
|
||||
SHARE_SCREEN : [ userRoles.NORMAL ],
|
||||
EXTRA_VIDEO : [ userRoles.NORMAL ],
|
||||
SHARE_FILE : [ userRoles.NORMAL ],
|
||||
MODERATE_FILES : [ userRoles.MODERATOR ],
|
||||
MODERATE_ROOM : [ userRoles.MODERATOR ],
|
||||
[CHANGE_ROOM_LOCK] : [ userRoles.NORMAL ],
|
||||
[PROMOTE_PEER] : [ userRoles.NORMAL ],
|
||||
[SEND_CHAT] : [ userRoles.NORMAL ],
|
||||
[MODERATE_CHAT] : [ userRoles.MODERATOR ],
|
||||
[SHARE_SCREEN] : [ userRoles.NORMAL ],
|
||||
[EXTRA_VIDEO] : [ userRoles.NORMAL ],
|
||||
[SHARE_FILE] : [ userRoles.NORMAL ],
|
||||
[MODERATE_FILES] : [ userRoles.MODERATOR ],
|
||||
[MODERATE_ROOM] : [ userRoles.MODERATOR ],
|
||||
...config.permissionsFromRoles
|
||||
};
|
||||
|
||||
|
|
@ -221,9 +239,8 @@ class Room extends EventEmitter
|
|||
// Returning user
|
||||
if (returning)
|
||||
this._peerJoining(peer, true);
|
||||
else if ( // Has a role that is allowed to bypass room lock
|
||||
peer.roles.some((role) => accessFromRoles.BYPASS_ROOM_LOCK.includes(role))
|
||||
)
|
||||
// Has a role that is allowed to bypass room lock
|
||||
else if (this._hasAccess(peer, BYPASS_ROOM_LOCK))
|
||||
this._peerJoining(peer);
|
||||
else if (
|
||||
'maxUsersPerRoom' in config &&
|
||||
|
|
@ -239,7 +256,7 @@ class Room extends EventEmitter
|
|||
else
|
||||
{
|
||||
// Has a role that is allowed to bypass lobby
|
||||
peer.roles.some((role) => accessFromRoles.BYPASS_LOBBY.includes(role)) ?
|
||||
this._hasAccess(peer, BYPASS_LOBBY) ?
|
||||
this._peerJoining(peer) :
|
||||
this._handleGuest(peer);
|
||||
}
|
||||
|
|
@ -271,11 +288,7 @@ class Room extends EventEmitter
|
|||
|
||||
this._peerJoining(promotedPeer);
|
||||
|
||||
for (
|
||||
const peer of this._getPeersWithPermission({
|
||||
permission : permissionsFromRoles.PROMOTE_PEER
|
||||
})
|
||||
)
|
||||
for (const peer of this._getPeersWithPermission(PROMOTE_PEER))
|
||||
{
|
||||
this._notification(peer.socket, 'lobby:promotedPeer', { peerId: id });
|
||||
}
|
||||
|
|
@ -283,9 +296,8 @@ class Room extends EventEmitter
|
|||
|
||||
this._lobby.on('peerRolesChanged', (peer) =>
|
||||
{
|
||||
if ( // Has a role that is allowed to bypass room lock
|
||||
peer.roles.some((role) => accessFromRoles.BYPASS_ROOM_LOCK.includes(role))
|
||||
)
|
||||
// Has a role that is allowed to bypass room lock
|
||||
if (this._hasAccess(peer, BYPASS_ROOM_LOCK))
|
||||
{
|
||||
this._lobby.promotePeer(peer.id);
|
||||
|
||||
|
|
@ -294,7 +306,7 @@ class Room extends EventEmitter
|
|||
|
||||
if ( // Has a role that is allowed to bypass lobby
|
||||
!this._locked &&
|
||||
peer.roles.some((role) => accessFromRoles.BYPASS_LOBBY.includes(role))
|
||||
this._hasAccess(peer, BYPASS_LOBBY)
|
||||
)
|
||||
{
|
||||
this._lobby.promotePeer(peer.id);
|
||||
|
|
@ -307,11 +319,7 @@ class Room extends EventEmitter
|
|||
{
|
||||
const { id, displayName } = changedPeer;
|
||||
|
||||
for (
|
||||
const peer of this._getPeersWithPermission({
|
||||
permission : permissionsFromRoles.PROMOTE_PEER
|
||||
})
|
||||
)
|
||||
for (const peer of this._getPeersWithPermission(PROMOTE_PEER))
|
||||
{
|
||||
this._notification(peer.socket, 'lobby:changeDisplayName', { peerId: id, displayName });
|
||||
}
|
||||
|
|
@ -321,11 +329,7 @@ class Room extends EventEmitter
|
|||
{
|
||||
const { id, picture } = changedPeer;
|
||||
|
||||
for (
|
||||
const peer of this._getPeersWithPermission({
|
||||
permission : permissionsFromRoles.PROMOTE_PEER
|
||||
})
|
||||
)
|
||||
for (const peer of this._getPeersWithPermission(PROMOTE_PEER))
|
||||
{
|
||||
this._notification(peer.socket, 'lobby:changePicture', { peerId: id, picture });
|
||||
}
|
||||
|
|
@ -337,11 +341,7 @@ class Room extends EventEmitter
|
|||
|
||||
const { id } = closedPeer;
|
||||
|
||||
for (
|
||||
const peer of this._getPeersWithPermission({
|
||||
permission : permissionsFromRoles.PROMOTE_PEER
|
||||
})
|
||||
)
|
||||
for (const peer of this._getPeersWithPermission(PROMOTE_PEER))
|
||||
{
|
||||
this._notification(peer.socket, 'lobby:peerClosed', { peerId: id });
|
||||
}
|
||||
|
|
@ -401,7 +401,7 @@ class Room extends EventEmitter
|
|||
);
|
||||
}
|
||||
|
||||
async dump()
|
||||
dump()
|
||||
{
|
||||
return {
|
||||
roomId : this._roomId,
|
||||
|
|
@ -447,11 +447,7 @@ class Room extends EventEmitter
|
|||
{
|
||||
this._lobby.parkPeer(parkPeer);
|
||||
|
||||
for (
|
||||
const peer of this._getPeersWithPermission({
|
||||
permission : permissionsFromRoles.PROMOTE_PEER
|
||||
})
|
||||
)
|
||||
for (const peer of this._getPeersWithPermission(PROMOTE_PEER))
|
||||
{
|
||||
this._notification(peer.socket, 'parkedPeer', { peerId: parkPeer.id });
|
||||
}
|
||||
|
|
@ -602,7 +598,7 @@ class Room extends EventEmitter
|
|||
|
||||
// Got permission to promote peers, notify peer of
|
||||
// peers in lobby
|
||||
if (permissionsFromRoles.PROMOTE_PEER.includes(newRole))
|
||||
if (roomPermissions.PROMOTE_PEER.includes(newRole))
|
||||
{
|
||||
const lobbyPeers = this._lobby.peerList();
|
||||
|
||||
|
|
@ -671,11 +667,8 @@ class Room extends EventEmitter
|
|||
|
||||
let lobbyPeers = [];
|
||||
|
||||
if ( // Allowed to promote peers, notify about lobbypeers
|
||||
peer.roles.some((role) =>
|
||||
permissionsFromRoles.PROMOTE_PEER.includes(role)
|
||||
)
|
||||
)
|
||||
// Allowed to promote peers, notify about lobbypeers
|
||||
if (this._hasPermission(peer, PROMOTE_PEER))
|
||||
lobbyPeers = this._lobby.peerList();
|
||||
|
||||
cb(null, {
|
||||
|
|
@ -683,8 +676,9 @@ class Room extends EventEmitter
|
|||
peers : peerInfos,
|
||||
tracker : config.fileTracker,
|
||||
authenticated : peer.authenticated,
|
||||
permissionsFromRoles : permissionsFromRoles,
|
||||
roomPermissions : roomPermissions,
|
||||
userRoles : userRoles,
|
||||
allowWhenRoleMissing : config.allowWhenRoleMissing,
|
||||
chatHistory : this._chatHistory,
|
||||
fileHistory : this._fileHistory,
|
||||
lastNHistory : this._lastN,
|
||||
|
|
@ -711,7 +705,7 @@ class Room extends EventEmitter
|
|||
}
|
||||
|
||||
// Notify the new Peer to all other Peers.
|
||||
for (const otherPeer of this._getJoinedPeers({ excludePeer: peer }))
|
||||
for (const otherPeer of this._getJoinedPeers(peer))
|
||||
{
|
||||
this._notification(
|
||||
otherPeer.socket,
|
||||
|
|
@ -821,15 +815,13 @@ class Room extends EventEmitter
|
|||
|
||||
if (
|
||||
appData.source === 'screen' &&
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.SHARE_SCREEN.includes(role))
|
||||
!this._hasPermission(peer, SHARE_SCREEN)
|
||||
)
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
if (
|
||||
appData.source === 'extravideo' &&
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.EXTRA_VIDEO.includes(role))
|
||||
!this._hasPermission(peer, EXTRA_VIDEO)
|
||||
)
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
|
|
@ -882,7 +874,7 @@ class Room extends EventEmitter
|
|||
cb(null, { id: producer.id });
|
||||
|
||||
// Optimization: Create a server-side Consumer for each Peer.
|
||||
for (const otherPeer of this._getJoinedPeers({ excludePeer: peer }))
|
||||
for (const otherPeer of this._getJoinedPeers(peer))
|
||||
{
|
||||
this._createConsumer(
|
||||
{
|
||||
|
|
@ -1144,9 +1136,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'chatMessage':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some((role) => permissionsFromRoles.SEND_CHAT.includes(role))
|
||||
)
|
||||
if (!this._hasPermission(peer, SEND_CHAT))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { chatMessage } = request.data;
|
||||
|
|
@ -1167,11 +1157,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:clearChat':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_CHAT.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_CHAT))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._chatHistory = [];
|
||||
|
|
@ -1187,11 +1173,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'lockRoom':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.CHANGE_ROOM_LOCK.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, CHANGE_ROOM_LOCK))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._locked = true;
|
||||
|
|
@ -1209,11 +1191,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'unlockRoom':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.CHANGE_ROOM_LOCK.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, CHANGE_ROOM_LOCK))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._locked = false;
|
||||
|
|
@ -1271,11 +1249,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'promotePeer':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.PROMOTE_PEER.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, PROMOTE_PEER))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { peerId } = request.data;
|
||||
|
|
@ -1290,11 +1264,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'promoteAllPeers':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.PROMOTE_PEER.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, PROMOTE_PEER))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._lobby.promoteAllPeers();
|
||||
|
|
@ -1307,11 +1277,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'sendFile':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.SHARE_FILE.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, SHARE_FILE))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { magnetUri } = request.data;
|
||||
|
|
@ -1332,11 +1298,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:clearFileSharing':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_FILES.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_FILES))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._fileHistory = [];
|
||||
|
|
@ -1371,11 +1333,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:mute':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { peerId } = request.data;
|
||||
|
|
@ -1394,11 +1352,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:muteAll':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
// Spread to others
|
||||
|
|
@ -1411,11 +1365,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:stopVideo':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { peerId } = request.data;
|
||||
|
|
@ -1434,11 +1384,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:stopAllVideo':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
// Spread to others
|
||||
|
|
@ -1451,11 +1397,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:closeMeeting':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
this._notification(peer.socket, 'moderator:kick', null, true);
|
||||
|
|
@ -1470,11 +1412,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:kickPeer':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { peerId } = request.data;
|
||||
|
|
@ -1495,11 +1433,7 @@ class Room extends EventEmitter
|
|||
|
||||
case 'moderator:lowerHand':
|
||||
{
|
||||
if (
|
||||
!peer.roles.some(
|
||||
(role) => permissionsFromRoles.MODERATE_ROOM.includes(role)
|
||||
)
|
||||
)
|
||||
if (!this._hasPermission(peer, MODERATE_ROOM))
|
||||
throw new Error('peer not authorized');
|
||||
|
||||
const { peerId } = request.data;
|
||||
|
|
@ -1677,16 +1611,41 @@ class Room extends EventEmitter
|
|||
}
|
||||
}
|
||||
|
||||
_hasPermission(peer, permission)
|
||||
{
|
||||
const hasPermission = peer.roles.some((role) =>
|
||||
roomPermissions[permission].includes(role)
|
||||
);
|
||||
|
||||
if (hasPermission)
|
||||
return true;
|
||||
|
||||
// Allow if config is set, and no one is present
|
||||
if (
|
||||
'allowWhenRoleMissing' in config &&
|
||||
config.allowWhenRoleMissing.includes(permission) &&
|
||||
this._getPeersWithPermission(permission).length === 0
|
||||
)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
_hasAccess(peer, access)
|
||||
{
|
||||
return peer.roles.some((role) => roomAccess[access].includes(role));
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper to get the list of joined peers.
|
||||
*/
|
||||
_getJoinedPeers({ excludePeer = undefined } = {})
|
||||
_getJoinedPeers(excludePeer = undefined)
|
||||
{
|
||||
return Object.values(this._peers)
|
||||
.filter((peer) => peer.joined && peer !== excludePeer);
|
||||
}
|
||||
|
||||
_getPeersWithPermission({ permission = null, excludePeer = undefined, joined = true })
|
||||
_getPeersWithPermission(permission = null, excludePeer = undefined, joined = true)
|
||||
{
|
||||
return Object.values(this._peers)
|
||||
.filter(
|
||||
|
|
@ -1694,7 +1653,7 @@ class Room extends EventEmitter
|
|||
peer.joined === joined &&
|
||||
peer !== excludePeer &&
|
||||
peer.roles.some(
|
||||
(role) => permission.includes(role)
|
||||
(role) => roomPermissions[permission].includes(role)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,20 @@
|
|||
module.exports = {
|
||||
// The role(s) have permission to lock/unlock a room
|
||||
CHANGE_ROOM_LOCK : 'CHANGE_ROOM_LOCK',
|
||||
// The role(s) have permission to promote a peer from the lobby
|
||||
PROMOTE_PEER : 'PROMOTE_PEER',
|
||||
// The role(s) have permission to send chat messages
|
||||
SEND_CHAT : 'SEND_CHAT',
|
||||
// The role(s) have permission to moderate chat
|
||||
MODERATE_CHAT : 'MODERATE_CHAT',
|
||||
// The role(s) have permission to share screen
|
||||
SHARE_SCREEN : 'SHARE_SCREEN',
|
||||
// The role(s) have permission to produce extra video
|
||||
EXTRA_VIDEO : 'EXTRA_VIDEO',
|
||||
// The role(s) have permission to share files
|
||||
SHARE_FILE : 'SHARE_FILE',
|
||||
// The role(s) have permission to moderate files
|
||||
MODERATE_FILES : 'MODERATE_FILES',
|
||||
// The role(s) have permission to moderate room (e.g. kick user)
|
||||
MODERATE_ROOM : 'MODERATE_ROOM'
|
||||
};
|
||||
Loading…
Reference in New Issue