Move lock_room and unlock_room to the new API handler

lib/Vroom/Constants.pm

@@ -158,7 +158,9 @@ use constant API_ACTIONS => {
     list_rooms => 1
   },
   owner => {
-    invite_email => 1
+    invite_email => 1,
+    lock_room    => 1,
+    unlock_room  => 1
   },
   participant => {}
 };

public/js/vroom.js

@@ -1672,11 +1672,16 @@ function initVroom(room) {
 
   // Handle room lock/unlock
   $('#lockButton').change(function() {
-    var action = ($(this).is(":checked")) ? 'lock':'unlock';
+    var action = ($(this).is(":checked")) ? 'lock_room' : 'unlock_room';
     $.ajax({
+      url: rootUrl + 'api',
       data: {
-        action: action,
-        room: roomName
+        req: JSON.stringify({
+          action: action,
+          param: {
+            room: roomName
+          }
+        })
       },
       error: function(data) {
         $.notify(locale.ERROR_OCCURRED, 'error');
@@ -1684,11 +1689,10 @@ function initVroom(room) {
       success: function(data) {
         if (data.status == 'success'){
           $.notify(data.msg, 'info');
-          if (action === 'lock'){
+          if (action === 'lock_room'){
             $('#lockLabel').addClass('btn-danger active');
           }
           else{
-            on_off = 'off';
             $('#lockLabel').removeClass('btn-danger active');
           }
           webrtc.sendToAll('room_lock', {action: action});

vroom.pl

@@ -1190,6 +1190,7 @@ any '/api' => sub {
   my $json = Mojo::JSON->new;
   my $req = $json->decode($self->param('req'));
   my $err = $json->error;
+  my $room;
   if ($err || !$req->{action} || !$req->{param}){
     return $self->render(
       json => {
@@ -1224,7 +1225,8 @@ any '/api' => sub {
     action => $req->{action},
     param  => $req->{param}
   );
-  if (!$res){
+  $room = $self->get_room_by_name($req->{param}->{room});
+  if (!$res || (!$room && $req->{param}->{room})){
     return $self->render(
       json => {
         status => 'error',
@@ -1235,7 +1237,6 @@ any '/api' => sub {
   }
   # Ok, now, we don't have to bother with authorization anymore
   if ($req->{action} eq 'invite_email'){
-    my $room = $self->get_room_by_name($req->{param}->{room});
     if (!$req->{param}->{rcpt} || $req->{param}->{rcpt}!~ m/\S+@\S+\.\S+$/){
       return $self->render(
         json => {
@@ -1274,6 +1275,24 @@ any '/api' => sub {
       }
     );
   }
+  # Handle room lock/unlock
+  if ($req->{action} =~ m/(un)?lock_room/){
+    $room->{locked} = ($req->{action} eq 'lock_room') ? '1':'0';
+    if ($self->modify_room($room)){
+      return $self->render(
+        json => {
+          status => 'success',
+          msg => $self->l(($req->{action} eq 'lock_room') ? 'ROOM_LOCKED' : 'ROOM_UNLOCKED')
+        }
+      );
+    }
+    return $self->render(
+      json => {
+        msg    => $self->l('ERROR_OCCURRED'),
+        status => 'error'
+      }
+    );
+  }
 };
 
 # Catch all route: if nothing else match, it's the name of a room
@@ -1414,36 +1433,6 @@ post '/*jsapi' => { jsapi => [qw(jsapi admin/jsapi)] }  => sub {
     );
   }
 
-  # Handle room lock/unlock
-  if ($action =~ m/(un)?lock/){
-    my ($lock,$success);
-    my $msg = 'ERROR_OCCURRED';
-    my $status = 'error';
-    $data->{locked} = ($action eq 'lock') ? '1':'0';
-    # Only the owner can lock or unlock a room
-    if ($prefix ne 'admin' && $self->session($room)->{role} ne 'owner'){
-      return $self->render(
-        json => {
-          status => 'error',
-          msg    => $self->l('NOT_ALLOWED')
-        }
-      );
-    }
-    if (!$self->modify_room($data)){
-      return $self->render(
-        json => {
-          status => 'error',
-          msg => $self->l('ERROR_OCCURRED')
-        }
-      );
-    }
-    return $self->render(
-      json => {
-        msg    => $self->l(($action eq 'lock') ? 'ROOM_LOCKED' : 'ROOM_UNLOCKED'),
-        status => 'success'
-      }
-    );
-  }
   # Handle activity pings sent every minute by each participant
   elsif ($action eq 'ping'){
     my $status = 'error';