Add access code for public recordings#6064
Open
sebclemens wants to merge 3 commits intobigbluebutton:masterfrom
Open
Add access code for public recordings#6064sebclemens wants to merge 3 commits intobigbluebutton:masterfrom
sebclemens wants to merge 3 commits intobigbluebutton:masterfrom
Conversation
sebclemens
force-pushed
the
add-access-code-for-public-recordings
branch
from
5a1acba to
d6dd1cc
Compare
sebclemens
force-pushed
the
add-access-code-for-public-recordings
branch
from
fafbe31 to
40c676d
Compare
|
Contributor
|
Related: #6136 |
|
farhatahmad
reviewed
Dec 5, 2025
Comment on lines
+61
to
+68
| if option.nil? && is_access_code | ||
| option = RoomMeetingOption.create!( | ||
| room_id: @room.id, | ||
| meeting_option_id: MeetingOption.find_by(name: name).id, | ||
| value: value | ||
| ) | ||
| return render_data status: :ok | ||
| end |
Collaborator
There was a problem hiding this comment.
Its better to do this in a data migration
Comment on lines
+144
to
+146
| recordings_access_code = RoomMeetingOption.joins(:meeting_option) | ||
| .where(room_id: @room.id, meeting_options: { name: 'glRecordingsAccessCode' }) | ||
| .first&.value |
Collaborator
There was a problem hiding this comment.
It's better to get the value using the RoomSettingsGetter (similar to this)
viewer_code = RoomSettingsGetter.new(
room_id: @room.id,
provider: @room.user.provider,
current_user: @current_user,
show_codes: true,
settings: 'glViewerAccessCode'
).call
|
|
||
| # If a recordings access code exists and the provided code doesn't match, require access code | ||
| if recordings_access_code.present? && params[:access_code] != recordings_access_code | ||
| return render_data data: [], meta: { requires_access_code: true }, status: :ok |
Collaborator
There was a problem hiding this comment.
I would rather we return something like this instead
return render_error status: :forbidden
| pagy, recordings = pagy(@room.public_recordings.order(sort_config, recorded_at: :desc).public_search(params[:search])) | ||
|
|
||
| render_data data: recordings, meta: pagy_metadata(pagy), serializer: PublicRecordingSerializer, status: :ok | ||
| render_data data: recordings, meta: pagy_metadata(pagy).merge(requires_access_code: false), serializer: PublicRecordingSerializer, status: :ok |
Collaborator
There was a problem hiding this comment.
Not quite sure what this is doing, but it shouldn't be doing it
| {publicRoom?.data.name} | ||
| </h1> | ||
| { (recordValue !== 'false') && recordings?.data?.length > 0 && ( | ||
| { (recordValue !== 'false') && (recordings?.data?.length > 0 || recordings?.meta?.requires_access_code === true) && ( |
Collaborator
There was a problem hiding this comment.
Oh - I would look at how the viewer access code works and implement something similar
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request adds support for protecting public recordings with a dedicated access code.
Here is my first request to this feature:
#6043
Feature Demo
Below is a short demonstration of the new functionality in action:
What this adds
This improves security and flexibility for sharing content with external audiences.