Merge branch 'develop' into fix/ResultadosDigitais#222-invite-to-exte…

…rnal-url

.all-contributorsrc

@@ -91,6 +91,15 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "phiter",
+      "name": "Phiter Fernandes",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/12252332?v=4",
+      "profile": "https://github.com/phiter",
+      "contributions": [
+        "code"
+      ]
     }
   ],
   "contributorsPerLine": 7,

README.md

@@ -201,6 +201,10 @@ If you will run in production we strongly recommend you close your environment u
 
 		WHITELIST_DOMAINS=["domain1.com","domain2.com"]
 
+If you can't use a VPN or don't have a custom domain for your users, and you still want to restrict access to the **#matrix**, you can define a `WHITELIST_USERS` variable to create an array of trusted e-mails that can access your virtual office.
+
+		WHITELIST_USERS=["teste@domain.com","teste2@domain.com"]
+
 ## Versions
 
 | Version | Name | Description | Docs |
@@ -245,6 +249,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
   </tr>
   <tr>
     <td align="center"><a href="https://github.com/Jarzamendia"><img src="https://avatars2.githubusercontent.com/u/14064715?v=4" width="100px;" alt=""/><br /><sub><b>João Ernesto Arzamendia</b></sub></a><br /><a href="https://github.com/ResultadosDigitais/matrix/commits?author=Jarzamendia" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/phiter"><img src="https://avatars2.githubusercontent.com/u/12252332?v=4" width="100px;" alt=""/><br /><sub><b>Phiter Fernandes</b></sub></a><br /><a href="https://github.com/ResultadosDigitais/matrix/commits?author=phiter" title="Code">💻</a></td>
   </tr>
 </table>
 

backend/app/app.config.js

@@ -52,6 +52,13 @@ export function getAllowedDomains() {
   return allowedDomains;
 }
 
+export function getAllowedUsers() {
+  const allowedUsers =
+    environment.parseVariable(process.env.WHITELIST_USERS) || [];
+
+  return allowedUsers;
+}
+
 export function getServerConfig() {
   const host = "0.0.0.0"
   const port = process.env.PORT || 8080

backend/app/services/auth/authorization.js

@@ -15,3 +15,19 @@ export function domainAuthorization(allowedDomains) {
     return allowedDomainsSet.has(domain);
   };
 }
+
+export function userAuthorization(allowedUsers) {
+  const allowedUsersSet = new Set(allowedUsers);
+
+  return ({ email }) => {
+    if (allowedUsersSet.size === 0) {
+      return true;
+    }
+
+    if (email === undefined) {
+      return false
+    }
+
+    return allowedUsersSet.has(email);
+  };
+}

backend/app/services/auth/authorization.test.js

@@ -1,4 +1,4 @@
-import { domainAuthorization } from "./authorization";
+import { domainAuthorization, userAuthorization } from "./authorization";
 
 describe(".domainAuthorization()", () => {
   describe("when allowed list is empty", () => {
@@ -37,3 +37,45 @@ describe(".domainAuthorization()", () => {
     });
   });
 });
+describe(".userAuthorization()", () => {
+  describe("when user whitelist is empty or not set", () => {
+    const isAuthorized = userAuthorization([]);
+
+    it("should return true with any email", () => {
+      expect(isAuthorized({ email: "teste@teste.com" })).toBeTruthy();
+    });
+
+    it("should return true with an undefined email", () => {
+      expect(isAuthorized({ email: undefined })).toBeTruthy();
+    });
+
+    it("should return true with an empty email", () => {
+      expect(isAuthorized({ email: "" })).toBeTruthy();
+    });
+  });
+
+  describe("when user list has values", () => {
+    const isAuthorized = userAuthorization(["teste@gmail.com"]);
+
+    it("should return true when the correct email is listed", () => {
+      expect(isAuthorized({ email: "teste@gmail.com" })).toBeTruthy();
+    });
+
+    it("should return false when email isn't in the list", () => {
+      expect(isAuthorized({ email: "teste2@gmail.com" })).toBeFalsy();
+    });
+
+    it("should return false when email is an empty string", () => {
+      expect(isAuthorized({ email: "" })).toBeFalsy();
+    });
+
+    it("should return false when email is undefined", () => {
+      expect(isAuthorized({ email: undefined })).toBeFalsy();
+    });
+
+    it("should return false when email is poorly formatted", () => {
+      expect(isAuthorized({ email: " teste@gmail.com " })).toBeFalsy();
+    });
+
+  });
+});

backend/app/services/auth/index.js

@@ -1,12 +1,14 @@
 import passport from "passport";
 
-import { getAuthConfig, getAllowedDomains } from "../../app.config";
+import { getAuthConfig, getAllowedDomains, getAllowedUsers } from "../../app.config";
 
-import { domainAuthorization } from "./authorization";
+import { domainAuthorization, userAuthorization } from "./authorization";
 import { buildAuthStrategy } from "./strategy";
 
 const authConfig = getAuthConfig();
-const isAuthorized = domainAuthorization(getAllowedDomains());
+var isAuthorized = domainAuthorization(getAllowedDomains());
+
+isAuthorized = userAuthorization(getAllowedUsers());
 
 passport.use(buildAuthStrategy(authConfig, isAuthorized));
 passport.serializeUser((user, done) => done(null, user));

docs/CHANGELOG.md

@@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 ### Added
+- Plays matrix ringtone when user is being invited to join a meeting
+- Added a new form of user authorization: WHITELIST_USERS.
 
 ### Removed
 

frontend/src/constants/AudioFiles.js

@@ -0,0 +1,7 @@
+const soundRoot = "/mp3";
+
+const AudioFiles = {
+  inviteNotification: `${soundRoot}/invite_sound.mp3`,
+};
+
+export default AudioFiles;

frontend/src/morpheus/App.js

@@ -75,6 +75,7 @@ const MorpheusApp = ({
   const [userToInvite, setUserToInvite] = useState();
   const [isReceiveInviteOpen, setReceiveInviteOpen] = useState(false);
   const [invitation, setInvitation] = useState();
+  const [receiveInviteAudio, setReceiveInviteAudio] = useState();
   const { enqueueSnackbar, closeSnackbar } = useSnackbar();
 
   useSocket(
@@ -94,6 +95,7 @@ const MorpheusApp = ({
     enqueueSnackbar,
     closeSnackbar,
     setReceiveInviteOpen,
+    setReceiveInviteAudio,
     setInvitation,
     isLoggedIn,
     rooms,
@@ -150,9 +152,17 @@ const MorpheusApp = ({
         invitation={invitation}
         onClose={() => {
           setReceiveInviteOpen(false);
+          if (receiveInviteAudio) {
+            receiveInviteAudio.pause();
+            setReceiveInviteAudio(null);
+          }
         }}
         onConfirm={() => {
           emitEnterInRoom(invitation.room.id);
+          if (receiveInviteAudio) {
+            receiveInviteAudio.pause();
+            setReceiveInviteAudio(null);
+          }
           onSetCurrentRoom(invitation.room);
           enterRoom(invitation.room, history);
         }}

frontend/src/morpheus/hooks/useEvents.js

@@ -1,6 +1,7 @@
 import React, { useEffect } from "react";
 import debounce from "lodash.debounce";
 
+import AudioFiles from "../../constants/AudioFiles";
 import SnackbarActions from "../../components/SnackbarActions";
 import { showBrowserNotification } from "../../notification";
 import { initEvents, closeConnection } from "../socket";
@@ -14,6 +15,7 @@ const useEvents = (
   enqueueSnackbar,
   closeSnackbar,
   setReceiveInviteOpen,
+  setReceiveInviteAudio,
   setInvitation,
   isLoggedIn,
   rooms,
@@ -58,8 +60,13 @@ const useEvents = (
         onRemoveUser(userId);
       });
       events.onParticipantIsCalled((user, roomId) => {
+        const audio = new Audio(AudioFiles.inviteNotification);
+        audio.loop = true;
+        audio.play();
+
         const room = rooms.find(r => r.id === roomId);
         setReceiveInviteOpen(true);
+        setReceiveInviteAudio(audio);
         setInvitation({ user, room });
         if (!settings.notificationDisabled) {
           showBrowserNotification(
@@ -86,6 +93,7 @@ const useEvents = (
     rooms,
     setInvitation,
     setReceiveInviteOpen,
+    setReceiveInviteAudio,
     settings.notificationDisabled
   ]);
 };