Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/OpenViduController.php
<?php | <?php | ||||
namespace App\Http\Controllers\API\V4; | namespace App\Http\Controllers\API\V4; | ||||
use App\Http\Controllers\Controller; | use App\Http\Controllers\Controller; | ||||
use App\OpenVidu\Connection; | use App\OpenVidu\Connection; | ||||
use App\OpenVidu\Room; | use App\OpenVidu\Room; | ||||
use Illuminate\Http\Request; | use Illuminate\Http\Request; | ||||
use Illuminate\Support\Facades\Auth; | use Illuminate\Support\Facades\Auth; | ||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
class OpenViduController extends Controller | class OpenViduController extends Controller | ||||
{ | { | ||||
public const AUTH_HEADER = 'X-Meet-Auth-Token'; | |||||
/** | /** | ||||
* Accepting the room join request. | * Accept the room join request. | ||||
* | * | ||||
* @param string $id Room identifier (name) | * @param string $id Room identifier (name) | ||||
* @param string $reqid Request identifier | * @param string $reqid Request identifier | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function acceptJoinRequest($id, $reqid) | public function acceptJoinRequest($id, $reqid) | ||||
{ | { | ||||
$room = Room::where('name', $id)->first(); | $room = Room::where('name', $id)->first(); | ||||
// This isn't a room, bye bye | // This isn't a room, bye bye | ||||
if (!$room) { | if (!$room) { | ||||
return $this->errorResponse(404, \trans('meet.room-not-found')); | return $this->errorResponse(404, \trans('meet.room-not-found')); | ||||
} | } | ||||
$user = Auth::guard()->user(); | // Only the moderator can do it | ||||
if (!$this->isModerator($room)) { | |||||
// Only the room owner can do it | |||||
if (!$user || $user->id != $room->user_id) { | |||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
if (!$room->requestAccept($reqid)) { | if (!$room->requestAccept($reqid)) { | ||||
return $this->errorResponse(500, \trans('meet.session-request-accept-error')); | return $this->errorResponse(500, \trans('meet.session-request-accept-error')); | ||||
} | } | ||||
return response()->json(['status' => 'success']); | return response()->json(['status' => 'success']); | ||||
} | } | ||||
/** | /** | ||||
* Denying the room join request. | * Deny the room join request. | ||||
* | * | ||||
* @param string $id Room identifier (name) | * @param string $id Room identifier (name) | ||||
* @param string $reqid Request identifier | * @param string $reqid Request identifier | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function denyJoinRequest($id, $reqid) | public function denyJoinRequest($id, $reqid) | ||||
{ | { | ||||
$room = Room::where('name', $id)->first(); | $room = Room::where('name', $id)->first(); | ||||
// This isn't a room, bye bye | // This isn't a room, bye bye | ||||
if (!$room) { | if (!$room) { | ||||
return $this->errorResponse(404, \trans('meet.room-not-found')); | return $this->errorResponse(404, \trans('meet.room-not-found')); | ||||
} | } | ||||
$user = Auth::guard()->user(); | // Only the moderator can do it | ||||
if (!$this->isModerator($room)) { | |||||
// Only the room owner can do it | |||||
if (!$user || $user->id != $room->user_id) { | |||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
if (!$room->requestDeny($reqid)) { | if (!$room->requestDeny($reqid)) { | ||||
return $this->errorResponse(500, \trans('meet.session-request-deny-error')); | return $this->errorResponse(500, \trans('meet.session-request-deny-error')); | ||||
} | } | ||||
return response()->json(['status' => 'success']); | return response()->json(['status' => 'success']); | ||||
Show All 28 Lines | public function closeRoom($id) | ||||
return response()->json([ | return response()->json([ | ||||
'status' => 'success', | 'status' => 'success', | ||||
'message' => __('meet.session-close-success'), | 'message' => __('meet.session-close-success'), | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Accepting the room join request. | * Create a connection for screen sharing. | ||||
* | |||||
* @param string $id Room identifier (name) | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function createConnection($id) | |||||
{ | |||||
$room = Room::where('name', $id)->first(); | |||||
// This isn't a room, bye bye | |||||
if (!$room) { | |||||
return $this->errorResponse(404, \trans('meet.room-not-found')); | |||||
} | |||||
$connection = $this->getConnectionFromRequest(); | |||||
if ( | |||||
!$connection | |||||
|| $connection->session_id != $room->session_id | |||||
|| ($connection->role & Room::ROLE_PUBLISHER) == 0 | |||||
) { | |||||
return $this->errorResponse(403); | |||||
} | |||||
$response = $room->getSessionToken(Room::ROLE_SCREEN); | |||||
return response()->json(['status' => 'success', 'token' => $response['token']]); | |||||
} | |||||
/** | |||||
* Dismiss the participant/connection from the session. | |||||
* | * | ||||
* @param string $id Room identifier (name) | * @param string $id Room identifier (name) | ||||
* @param string $conn Connection identifier | * @param string $conn Connection identifier | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function dismissConnection($id, $conn) | public function dismissConnection($id, $conn) | ||||
{ | { | ||||
$connection = Connection::where('id', $conn)->first(); | $connection = Connection::where('id', $conn)->first(); | ||||
// There's no such connection, bye bye | // There's no such connection, bye bye | ||||
if (!$connection || $connection->room->name != $id) { | if (!$connection || $connection->room->name != $id) { | ||||
return $this->errorResponse(404, \trans('meet.connection-not-found')); | return $this->errorResponse(404, \trans('meet.connection-not-found')); | ||||
} | } | ||||
$user = Auth::guard()->user(); | // Only the moderator can do it | ||||
if (!$this->isModerator($connection->room)) { | |||||
// Only the room owner can do it (for now) | |||||
if (!$user || $user->id != $connection->room->user_id) { | |||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
if (!$connection->dismiss()) { | if (!$connection->dismiss()) { | ||||
return $this->errorResponse(500, \trans('meet.connection-dismiss-error')); | return $this->errorResponse(500, \trans('meet.connection-dismiss-error')); | ||||
} | } | ||||
return response()->json(['status' => 'success']); | return response()->json(['status' => 'success']); | ||||
} | } | ||||
/** | /** | ||||
* Listing of rooms that belong to the current user. | * Listing of rooms that belong to the authenticated user. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function index() | public function index() | ||||
{ | { | ||||
$user = Auth::guard()->user(); | $user = Auth::guard()->user(); | ||||
$rooms = Room::where('user_id', $user->id)->orderBy('name')->get(); | $rooms = Room::where('user_id', $user->id)->orderBy('name')->get(); | ||||
▲ Show 20 Lines • Show All 140 Lines • ▼ Show 20 Lines | public function joinRoom($id) | ||||
// Create session token for the current user/connection | // Create session token for the current user/connection | ||||
$response = $room->getSessionToken($role); | $response = $room->getSessionToken($role); | ||||
if (empty($response)) { | if (empty($response)) { | ||||
return $this->errorResponse(500, \trans('meet.session-join-error')); | return $this->errorResponse(500, \trans('meet.session-join-error')); | ||||
} | } | ||||
// Create session token for screen sharing connection | // Get up-to-date connections metadata | ||||
if (($role & Room::ROLE_PUBLISHER) && !empty(request()->input('screenShare'))) { | $response['connections'] = $room->getSessionConnections(); | ||||
$add_token = $room->getSessionToken(Room::ROLE_SCREEN); | |||||
$response['shareToken'] = $add_token['token']; | |||||
} | |||||
$response_code = 200; | $response_code = 200; | ||||
$response['role'] = $role; | $response['role'] = $role; | ||||
$response['config'] = $config; | $response['config'] = $config; | ||||
} else { | } else { | ||||
$response_code = 422; | $response_code = 422; | ||||
$response['code'] = 322; | $response['code'] = 322; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 56 Lines • ▼ Show 20 Lines | public function setRoomConfig($id) | ||||
return response()->json([ | return response()->json([ | ||||
'status' => 'success', | 'status' => 'success', | ||||
'message' => \trans('meet.room-setconfig-success'), | 'message' => \trans('meet.room-setconfig-success'), | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Update the participant/connection parameters (e.g. role). | |||||
* | |||||
* @param string $id Room identifier (name) | |||||
* @param string $conn Connection identifier | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function updateConnection($id, $conn) | |||||
{ | |||||
$connection = Connection::where('id', $conn)->first(); | |||||
// There's no such connection, bye bye | |||||
if (!$connection || $connection->room->name != $id) { | |||||
return $this->errorResponse(404, \trans('meet.connection-not-found')); | |||||
} | |||||
// Only the moderator can do it | |||||
if (!$this->isModerator($connection->room)) { | |||||
return $this->errorResponse(403); | |||||
} | |||||
foreach (request()->input() as $key => $value) { | |||||
switch ($key) { | |||||
case 'role': | |||||
// The 'owner' role is not assignable | |||||
if ( | |||||
($value & Room::ROLE_OWNER && !($connection->role & Room::ROLE_OWNER)) | |||||
|| (!($value & Room::ROLE_OWNER) && ($connection->role & Room::ROLE_OWNER)) | |||||
) { | |||||
return $this->errorResponse(403); | |||||
} | |||||
// The room owner has always a 'moderator' role | |||||
if (!($value & Room::ROLE_MODERATOR) && $connection->role & Room::ROLE_OWNER) { | |||||
$value |= Room::ROLE_MODERATOR; | |||||
} | |||||
$connection->{$key} = $value; | |||||
break; | |||||
} | |||||
} | |||||
// The connection observer will send a signal to everyone when needed | |||||
$connection->save(); | |||||
return response()->json(['status' => 'success']); | |||||
} | |||||
/** | |||||
* Webhook as triggered from OpenVidu server | * Webhook as triggered from OpenVidu server | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* | * | ||||
* @return \Illuminate\Http\Response The response | * @return \Illuminate\Http\Response The response | ||||
*/ | */ | ||||
public function webhook(Request $request) | public function webhook(Request $request) | ||||
{ | { | ||||
Show All 17 Lines | public function webhook(Request $request) | ||||
// So, it is better to remove them all in a single INSERT. | // So, it is better to remove them all in a single INSERT. | ||||
Connection::where('session_id', $sessionId)->delete(); | Connection::where('session_id', $sessionId)->delete(); | ||||
break; | break; | ||||
} | } | ||||
return response('Success', 200); | return response('Success', 200); | ||||
} | } | ||||
/** | |||||
* Check if current user is a moderator for the specified room. | |||||
* | |||||
* @param \App\OpenVidu\Room $room The room | |||||
* | |||||
* @return bool True if the current user is the room moderator | |||||
*/ | |||||
protected function isModerator(Room $room): bool | |||||
{ | |||||
$user = Auth::guard()->user(); | |||||
// The room owner is a moderator | |||||
if ($user && $user->id == $room->user_id) { | |||||
return true; | |||||
} | |||||
// Moderator's authentication via the extra request header | |||||
if ( | |||||
($connection = $this->getConnectionFromRequest()) | |||||
&& $connection->session_id === $room->session_id | |||||
&& $connection->role & Room::ROLE_MODERATOR | |||||
) { | |||||
return true; | |||||
} | |||||
return false; | |||||
} | |||||
/** | |||||
* Get the connection object for the token in current request headers. | |||||
* It will also validate the token. | |||||
* | |||||
* @return \App\OpenVidu\Connection|null Connection (if exists and the token is valid) | |||||
*/ | |||||
protected function getConnectionFromRequest() | |||||
{ | |||||
// Authenticate the user via the extra request header | |||||
if ($token = request()->header(self::AUTH_HEADER)) { | |||||
list($connId, ) = explode(':', base64_decode($token), 2); | |||||
if ( | |||||
($connection = Connection::find($connId)) | |||||
&& $connection->metadata['authToken'] === $token | |||||
) { | |||||
return $connection; | |||||
} | |||||
} | |||||
return null; | |||||
} | |||||
} | } |