Differential D2191 Diff 6163 src/app/Http/Controllers/API/V4/OpenViduController.php

Changeset View

Standalone View

src/app/Http/Controllers/API/V4/OpenViduController.php

<?php		<?php

namespace App\Http\Controllers\API\V4;		namespace App\Http\Controllers\API\V4;

use App\Http\Controllers\Controller;		use App\Http\Controllers\Controller;
use App\OpenVidu\Connection;		use App\OpenVidu\Connection;
use App\OpenVidu\Room;		use App\OpenVidu\Room;
use Illuminate\Http\Request;		use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;		use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Validator;		use Illuminate\Support\Facades\Validator;

class OpenViduController extends Controller		class OpenViduController extends Controller
{		{
		public const AUTH_HEADER = 'X-Meet-Auth-Token';

/**		/**
* Accept the room join request.		* Accept the room join request.
*		*
* @param string $id Room identifier (name)		* @param string $id Room identifier (name)
* @param string $reqid Request identifier		* @param string $reqid Request identifier
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
*/		*/
▲ Show 20 Lines • Show All 367 Lines • ▼ Show 20 Lines	public function updateConnection($id, $conn)
// Only the moderator can do it		// Only the moderator can do it
if (!$this->isModerator($connection->room)) {		if (!$this->isModerator($connection->room)) {
return $this->errorResponse(403);		return $this->errorResponse(403);
}		}

foreach (request()->input() as $key => $value) {		foreach (request()->input() as $key => $value) {
switch ($key) {		switch ($key) {
case 'role':		case 'role':
		// The 'owner' role is not assignable
		if ($value & Room::ROLE_OWNER && !($connection->role & Room::ROLE_OWNER)) {
		return $this->errorResponse(403);
		} elseif (!($value & Room::ROLE_OWNER) && ($connection->role & Room::ROLE_OWNER)) {
		return $this->errorResponse(403);
		}

		// The room owner has always a 'moderator' role
		if (!($value & Room::ROLE_MODERATOR) && $connection->role & Room::ROLE_OWNER) {
		$value \|= Room::ROLE_MODERATOR;
		}

$connection->{$key} = $value;		$connection->{$key} = $value;
break;		break;
}		}
}		}

// The connection observer will send a signal to everyone when needed		// The connection observer will send a signal to everyone when needed
$connection->save();		$connection->save();

▲ Show 20 Lines • Show All 46 Lines • ▼ Show 20 Lines	class OpenViduController extends Controller
{		{
$user = Auth::guard()->user();		$user = Auth::guard()->user();

// The room owner is a moderator		// The room owner is a moderator
if ($user && $user->id == $room->user_id) {		if ($user && $user->id == $room->user_id) {
return true;		return true;
}		}

// TODO: Moderators authentication		// Moderator's authentication via the extra request header
		if ($token = request()->header(self::AUTH_HEADER)) {
		list($connId, ) = explode(':', base64_decode($token), 2);

		if (
		($connection = Connection::find($connId))
		&& $connection->session_id === $room->session_id
		&& $connection->metadata['authToken'] === $token
		&& $connection->role & Room::ROLE_MODERATOR
		) {
		return true;
		}
		}

return false;		return false;
}		}
}		}