From c9d8730b4786c27b26ff28b15f115a0a532d96c6 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 16 Oct 2014 22:37:16 +0200 Subject: [PATCH] Replace set_join_pass and set_owner_pass with the generic modify_room --- vroom.pl | 69 +++++++++++----------------------------------------------------- 1 file changed, 11 insertions(+), 58 deletions(-) diff --git a/vroom.pl b/vroom.pl index d3d72da..a3b16c7 100755 --- a/vroom.pl +++ b/vroom.pl @@ -570,57 +570,6 @@ helper get_url => sub { return $url; }; -# Password protect a room -# Takes two args: room name and password -# If password is undef: remove the password -# Password is hashed and salted before being stored -helper set_join_pass => sub { - my $self = shift; - my ($room,$pass) = @_; - return undef unless ( $self->get_room_by_name($room) ); - my $sth = eval { - $self->db->prepare('UPDATE `rooms` - SET `join_password`=? - WHERE `name`=?'); - }; - $pass = ($pass) ? Crypt::SaltedHash->new(algorithm => 'SHA-256')->add($pass)->generate : undef; - $sth->execute($pass,$room); - if ($pass){ - $self->app->log->debug($self->session('name') . " has set a password on room $room"); - } - else{ - $self->app->log->debug($self->session('name') . " has removed password on room $room"); - } - return 1; -}; - -# Set owner password. Not needed to join a room -# but needed to prove you're the owner, and access the configuration menu -helper set_owner_pass => sub { - my $self = shift; - my ($room,$pass) = @_; - return undef unless ( $self->get_room_by_name($room) ); - if ($pass){ - my $sth = eval { - $self->db->prepare('UPDATE `rooms` - SET `owner_password`=? - WHERE `name`=?'); - } || return undef; - my $pass = Crypt::SaltedHash->new(algorithm => 'SHA-256')->add($pass)->generate; - $sth->execute($pass,$room) || return undef; - $self->app->log->debug($self->session('name') . " has set an owner password on room $room"); - } - else{ - my $sth = eval { - $self->db->prepare('UPDATE `rooms` - SET `owner_password`=? - WHERE `name`=?'); - } || return undef; - $sth->execute(undef,$room) || return undef; - $self->app->log->debug($self->session('name') . " has removed the owner password on room $room"); - } -}; - # Make the room persistent helper set_persistent => sub { my $self = shift; @@ -1179,7 +1128,7 @@ post '/*action' => [action => [qw/action admin\/action/]] => sub { my $self = shift; my $action = $self->param('action'); my $prefix = ($self->stash('action') eq 'admin/action') ? 'admin':'room'; - my $room = $self->param('room') || ""; + my $room = $self->param('room') || ''; if ($action eq 'langSwitch'){ my $new_lang = $self->param('lang') || 'en'; $self->app->log->debug("switching to lang $new_lang"); @@ -1345,25 +1294,29 @@ post '/*action' => [action => [qw/action admin\/action/]] => sub { my $pass = $self->param('password'); my $type = $self->param('type') || 'join'; # Empty password is equivalent to no password at all - $pass = undef if ($pass && $pass eq ''); - my $res = undef; + $pass = ($pass && $pass ne '') ? + Crypt::SaltedHash->new(algorithm => 'SHA-256')->add($pass)->generate : undef; my $msg = $self->l('ERROR_OCCURRED'); my $status = 'error'; # Once again, only the owner can do this if ($prefix eq 'admin' || $self->session($room)->{role} eq 'owner'){ if ($type eq 'owner'){ + $data->{owner_password} = $pass; # Forbid a few common room names to be reserved if (grep { $room eq $_ } (split /[,;]/, $config->{'rooms.common_names'})){ $msg = $self->l('ERROR_COMMON_ROOM_NAME'); } - elsif ($self->set_owner_pass($room,$pass)){ + elsif ($self->modify_room($data)){ $msg = ($pass) ? $self->l('ROOM_NOW_RESERVED') : $self->l('ROOM_NO_MORE_RESERVED'); $status = 'success'; } } - elsif ($type eq 'join' && $self->set_join_pass($room,$pass)){ - $msg = ($pass) ? $self->l('PASSWORD_PROTECT_SET') : $self->l('PASSWORD_PROTECT_UNSET'); - $status = 'success'; + elsif ($type eq 'join'){ + $data->{join_password} = $pass; + if ($self->modify_room($data)){ + $msg = ($pass) ? $self->l('PASSWORD_PROTECT_SET') : $self->l('PASSWORD_PROTECT_UNSET'); + $status = 'success'; + } } } # Simple participants will get an error