bigbluebutton_rails 2.2.0 → 2.3.0

data/lib/bigbluebutton_rails/configuration.rb

@@ -11,12 +11,17 @@ module BigbluebuttonRails
     attr_accessor :user_attr_name
     attr_accessor :user_attr_id
     attr_accessor :use_local_voice_bridges
+    attr_accessor :api_secret
+    attr_accessor :playback_url_authentication
+    attr_accessor :playback_iframe
+    attr_accessor :downloadable_playback_types
 
     # methods
     attr_accessor :select_server
     attr_accessor :match_room_recording
     attr_accessor :get_invitation_url
-    attr_accessor :get_dynamic_metadata
+    attr_accessor :get_create_options
+    attr_accessor :get_join_options
 
     def initialize
       @controllers = {
@@ -40,6 +45,17 @@ module BigbluebuttonRails
       @use_local_voice_bridges = false
       @guest_support = false
 
+      # Flag to use authentication on playback url
+      @playback_url_authentication = false
+
+      # If true, show all non downloadable playbacks inside an iframe instead of
+      # redirecting to their URL
+      @playback_iframe = false
+
+      # Name of the playback formats that can be downloaded. They are treated differently
+      # from those that play in a web page, for example.
+      @downloadable_playback_types = ['presentation_video', 'presentation_export']
+
       # How to find the room of a recording using the `data` returned by
       # a `getRecordings`.
       @match_room_recording = Proc.new do |data, *args|
@@ -50,9 +66,13 @@ module BigbluebuttonRails
       # returns nil (disable the feature).
       @get_invitation_url = Proc.new{ |room| nil }
 
-      # Default method to get the dynamic metadata to use when creating a
-      # conference in a room.
-      @get_dynamic_metadata = Proc.new{ |room| nil }
+      # Define this method to return extra parameters to be passed to a `create` call.
+      # `user` is the user creating the meeting, if any.
+      @get_create_options = Proc.new{ |room, user| nil }
+
+      # Define this method to return extra parameters to be passed to a `join` call.
+      # `user` is the user joining the meeting, if any.
+      @get_join_options = Proc.new{ |room, user| nil }
 
       # Selects a server to be used by `room` whenever it needs to make API calls.
       # By default, if no servers are available an exception is raised.
@@ -68,6 +88,15 @@ module BigbluebuttonRails
       @select_server = Proc.new do |room, api_method=nil|
         room.select_server(api_method)
       end
+
+      # Secret used to authenticate API calls. API calls received are expected to set
+      # the HTTP header "Authorization" with a value "Bearer 123123123123", where
+      # "123123123123" is the secret set in `api_secret`.
+      # Notice that this header has the secret in clear text in the HTTP request, so
+      # only use it if your application is hosted with HTTPS.
+      # Set it to an empty string to disable authentication. Set it to nil to deny all
+      # requests (disable the API).
+      @api_secret = nil
     end
 
     def set_controllers(options)

data/lib/bigbluebutton_rails/controller_methods.rb

@@ -106,37 +106,6 @@ module BigbluebuttonRails
           role == :moderator
         end
 
-        # Method called right before a meeting is created to get options that should receive
-        # priority over the options saved in the database when sending the <tt>create</tt>
-        # API call.
-        # The parameter 'room' is the BigbluebuttonRoom where the meeting is about
-        # to be created.
-        #
-        # By default, all options sent in a 'create' API call are taken from the
-        # options saved in the database for the target room. This includes, for example,
-        # the meeting's name, dial number, welcome message, if it should be recorded or not.
-        # This method can return a hash of options to force some of these options to be
-        # different from what is stored in the database. For example, if a room should *not* be
-        # recorded in case unprivileged users create it, this method can return <tt>{ record: false }</tt>
-        # to force the <tt>record</tt> flag to be false.
-        # The keys used in this hash should correspond to the attributes sent in the <tt>CREATE</tt>
-        # API call, not the the attributes stored in the database! See the method
-        # <tt>create_meeting</tt> in the gem <tt>bigbluebutton-api-ruby</tt> for examples.
-        # (https://github.com/mconf/bigbluebutton-api-ruby/blob/master/lib/bigbluebutton_api.rb#L156)
-        #
-        # You may want to override this in your ApplicationController to implement your own
-        # own logic, if needed. For example:
-        #
-        #   def bigbluebutton_create_options(room)
-        #     can_record = room.record && bigbluebutton_user.can_record?
-        #     { record: can_record }
-        #     end
-        #   end
-        #
-        def bigbluebutton_create_options(room)
-          {}
-        end
-
       end
     end
 

data/lib/bigbluebutton_rails/exceptions.rb

@@ -7,4 +7,21 @@ module BigbluebuttonRails
   # room that does not have a server associated
   class ServerRequired < StandardError; end
 
+  # To help create responses for API errors
+  class APIError < StandardError
+    def initialize(msg, code=500, title=nil)
+      @title = title || msg
+      @code = code
+      super(msg)
+    end
+
+    def code
+      @code
+    end
+
+    def title
+      @title
+    end
+  end
+
 end

data/lib/bigbluebutton_rails/rails/routes.rb

@@ -79,6 +79,20 @@ module ActionDispatch::Routing
       send("bigbluebutton_routes_#{params[0].to_s}", options)
     end
 
+    def bigbluebutton_api_routes(api_scope='/api/conference')
+      scope api_scope do
+        resources :rooms, only: [] do
+          collection do
+            get :index, to: 'bigbluebutton/api/rooms#index'
+          end
+          member do
+            get :running, to: 'bigbluebutton/api/rooms#running'
+            post :join, to: 'bigbluebutton/api/rooms#join'
+          end
+        end
+      end
+    end
+
     protected
 
     def bigbluebutton_routes_default(*params) #:nodoc:

data/lib/bigbluebutton_rails/version.rb

@@ -1,3 +1,3 @@
 module BigbluebuttonRails
-  VERSION = "2.2.0".freeze
+  VERSION = "2.3.0".freeze
 end

data/lib/generators/bigbluebutton_rails/templates/migration.rb

@@ -56,11 +56,12 @@ class CreateBigbluebuttonRails < ActiveRecord::Migration
       t.string :meetingid
       t.string :name
       t.boolean :published, :default => false
-      t.datetime :start_time
-      t.datetime :end_time
+      t.decimal :start_time, precision: 14, scale: 0
+      t.decimal :end_time, precision: 14, scale: 0
       t.boolean :available, :default => true
       t.string :description
       t.integer :size, limit: 8, default: 0
+      t.text :recording_users
       t.timestamps
     end
     add_index :bigbluebutton_recordings, :room_id
@@ -86,6 +87,7 @@ class CreateBigbluebuttonRails < ActiveRecord::Migration
       t.string :identifier
       t.boolean :visible, :default => false
       t.boolean :default, :default => false
+      t.boolean :downloadable, :default => false
       t.timestamps
     end
 
@@ -95,13 +97,14 @@ class CreateBigbluebuttonRails < ActiveRecord::Migration
       t.integer :room_id
       t.string :meetingid
       t.string :name
-      t.datetime :start_time
       t.decimal :create_time, precision: 14, scale: 0
+      t.decimal :finish_time, precision: 14, scale: 0
       t.boolean :running, :default => false
       t.boolean :recorded, :default => false
       t.integer :creator_id
       t.string :creator_name
       t.boolean :ended, :default => false
+      t.string :got_stats
       t.timestamps
     end
     add_index :bigbluebutton_meetings, [:meetingid, :create_time], :unique => true
@@ -111,6 +114,17 @@ class CreateBigbluebuttonRails < ActiveRecord::Migration
       t.text :available_layouts
       t.timestamps
     end
+
+    create_table :bigbluebutton_attendees do |t|
+      t.string :user_id
+      t.string :external_user_id
+      t.string :user_name
+      t.decimal :join_time, precision: 14, scale: 0
+      t.decimal :left_time, precision: 14, scale: 0
+      t.integer :bigbluebutton_meeting_id
+      t.timestamps
+    end
+
   end
 
   def self.down

data/lib/generators/bigbluebutton_rails/templates/migration_2_2_0.rb

@@ -1,8 +1,8 @@
 class BigbluebuttonRailsTo220 < ActiveRecord::Migration
   def self.up
     remove_column :bigbluebutton_meetings, :server_id
-    remove_column :bigbluebutton_rooms, :server_id
     remove_index :bigbluebutton_rooms, :server_id
+    remove_column :bigbluebutton_rooms, :server_id
   end
 
   def self.down

data/lib/generators/bigbluebutton_rails/templates/migration_2_2_0_b.rb

@@ -0,0 +1,106 @@
+class BigbluebuttonRailsTo220B < ActiveRecord::Migration
+  def up
+    BigbluebuttonMeeting.where(create_time: nil).find_each do |meeting|
+      meeting.update_attribute(create_time, meeting.start_time.to_i)
+    end
+
+    remove_column :bigbluebutton_meetings, :start_time
+
+    add_column :bigbluebutton_recordings, :temp_start_time, :decimal, precision: 14, scale: 0
+    add_column :bigbluebutton_recordings, :temp_end_time, :decimal, precision: 14, scale: 0
+
+    BigbluebuttonRecording.find_each do |rec|
+      rec.update_attributes(
+        temp_start_time: rec.start_time.to_i,
+        temp_end_time: rec.end_time.to_i
+      )
+    end
+
+    remove_column :bigbluebutton_recordings, :start_time
+    remove_column :bigbluebutton_recordings, :end_time
+
+    rename_column :bigbluebutton_recordings, :temp_start_time, :start_time
+    rename_column :bigbluebutton_recordings, :temp_end_time, :end_time
+
+    BigbluebuttonRecording.find_each do |rec|
+      rec.update_attributes(
+        meeting_id: BigbluebuttonRecording.find_matching_meeting(rec).try(:id)
+      )
+    end
+
+    BigbluebuttonRecording.where(meeting_id: nil).find_each do |rec|
+      rec.update_attributes(
+        meeting_id: find_matching_meeting_closer_create_time(rec)
+      )
+    end
+
+    BigbluebuttonRecording.where(meeting_id: nil).where.not(room_id: nil).find_each do |rec|
+      meeting = BigbluebuttonMeeting.create do |m|
+        creator_data = find_creator_data(rec)
+        m.server_id = rec.server_id
+        m.room_id = rec.room_id
+        m.meetingid = rec.meetingid
+        m.name = rec.name
+        m.running = false
+        m.recorded = true
+        m.creator_id = creator_data[0]
+        m.creator_name = creator_data[1]
+        m.server_url = nil
+        m.server_secret = nil
+        m.create_time = rec.start_time
+        m.ended = true
+      end
+      rec.update_attributes(meeting_id: meeting.id)
+      puts "Created a meeting for the recording id-#{rec.id}: Meeting id-#{meeting.id}"
+    end
+
+    create_table :bigbluebutton_attendees do |t|
+      t.string :user_id
+      t.string :external_user_id
+      t.string :user_name
+      t.decimal :join_time, precision: 14, scale: 0
+      t.decimal :left_time, precision: 14, scale: 0
+      t.integer :bigbluebutton_meeting_id
+      t.timestamps
+    end
+
+    add_column :bigbluebutton_meetings, :finish_time, :decimal, precision: 14, scale: 0
+    add_column :bigbluebutton_meetings, :got_stats, :string
+  end
+
+  def find_matching_meeting_closer_create_time(recording)
+    meeting_id = recording.meeting_id
+    if meeting_id.nil?
+      meeting = BigbluebuttonMeeting.where("meetingid = ? AND created_at > ? AND created_at < ?",
+                recording.meetingid, Time.at(recording.start_time)-2.minutes, Time.at(recording.start_time)+2.minutes).first
+
+      unless meeting.nil?
+        unless BigbluebuttonRecording.find_by(meeting_id: meeting.id).present?
+          meeting_id = meeting.id
+        end
+      end
+
+      unless meeting_id.nil?
+        puts "Meeting found for recording id-#{recording.id}: Meeting id-#{meeting.id}"
+      end
+    end
+
+    meeting_id
+  end
+
+  def find_creator_data(recording)
+    creator_data = []
+    if recording.room.owner.is_a?(User)
+      creator_id = recording.room.try(:owner).try(:id)
+      creator_name = recording.room.try(:owner).try(:name)
+    elsif recording.room.owner.is_a?(Space)
+      creator_id = recording.room.try(:owner).try(:admins).try(:first).try(:id)
+      creator_name = recording.room.try(:owner).try(:admins).try(:first).try(:name)
+    end
+    creator_data = [creator_id, creator_name]
+  end
+
+  def down
+	  raise ActiveRecord::IrreversibleMigration, "Can't undo due to loss of values during migration"
+  end
+end

data/lib/generators/bigbluebutton_rails/templates/migration_2_3_0.rb

@@ -0,0 +1,22 @@
+class BigbluebuttonRailsTo230 < ActiveRecord::Migration
+  def self.up
+    rename_column :bigbluebutton_rooms, :param, :slug
+    rename_column :bigbluebutton_servers, :param, :slug
+    add_column :bigbluebutton_recordings, :recording_users, :text
+    add_column :bigbluebutton_playback_types, :downloadable, :boolean, default: false
+    remove_column :bigbluebutton_meetings, :got_stats
+
+    BigbluebuttonPlaybackType.find_each do |type|
+      downloadable = BigbluebuttonRails.configuration.downloadable_playback_types.include?(type.identifier)
+      type.update_attributes(downloadable: downloadable)
+    end
+  end
+
+  def self.down
+    remove_column :bigbluebutton_playback_types, :downloadable
+    remove_column :bigbluebutton_recordings, :recording_users
+    rename_column :bigbluebutton_servers, :slug, :param
+    rename_column :bigbluebutton_rooms, :slug, :param
+    add_column :bigbluebutton_meetings, :got_stats, :string
+  end
+end

data/lib/tasks/bigbluebutton_rails/meetings.rake

@@ -6,5 +6,5 @@ namespace :bigbluebutton_rails do
     task :finish => :environment do
       BigbluebuttonRails::BackgroundTasks.finish_meetings
     end
-  end
+ end
 end

data/spec/controllers/bigbluebutton/api/rooms_controller_spec.rb

@@ -0,0 +1,498 @@
+require 'spec_helper'
+require 'bigbluebutton_api'
+
+describe Bigbluebutton::Api::RoomsController do
+  render_views
+  let!(:room) { FactoryGirl.create(:bigbluebutton_room) }
+
+  before {
+    @previous = BigbluebuttonRails.configuration.api_secret
+    BigbluebuttonRails.configuration.api_secret = "" # all allowed
+  }
+  after {
+    BigbluebuttonRails.configuration.api_secret = @previous
+  }
+
+  shared_examples "an authenticated API call" do
+
+    context "when the server has a secret" do
+      before {
+        @previous = BigbluebuttonRails.configuration.api_secret
+        BigbluebuttonRails.configuration.api_secret = "123123"
+      }
+      after {
+        BigbluebuttonRails.configuration.api_secret = @previous
+      }
+
+      [nil, "WRONG", '', "bearer 123123"].each do |auth_header|
+        context "forbids the authorization header #{auth_header.inspect}" do
+          before(:each) {
+            request.headers['Authorization'] = auth_header
+            action
+          }
+          it { JSON.parse(response.body)['errors'][0]['status'].should eql('403') }
+          it {
+            title = JSON.parse(response.body)['errors'][0]['title']
+            title.should eql(I18n.t('bigbluebutton_rails.api.errors.forbidden.title'))
+          }
+          it {
+            detail = JSON.parse(response.body)['errors'][0]['detail']
+            detail.should eql(I18n.t('bigbluebutton_rails.api.errors.forbidden.msg'))
+          }
+        end
+      end
+
+      context "when the valid secret is informed" do
+        before(:each) {
+          request.headers['Authorization'] = "Bearer 123123"
+          action
+        }
+        it { JSON.parse(response.body)['errors'].should be_nil }
+        it { JSON.parse(response.body)['data'].should_not be_nil }
+      end
+    end
+
+    context "when the server has a nil secret" do
+      before {
+        @previous = BigbluebuttonRails.configuration.api_secret
+        BigbluebuttonRails.configuration.api_secret = nil
+      }
+      after {
+        BigbluebuttonRails.configuration.api_secret = @previous
+      }
+
+      [nil, "WRONG", '', "bearer 123123"].each do |auth_header|
+        context "forbids the authorization header #{auth_header.inspect}" do
+          before(:each) {
+            request.headers['Authorization'] = auth_header
+            action
+          }
+          it { JSON.parse(response.body)['errors'][0]['status'].should eql('403') }
+          it {
+            title = JSON.parse(response.body)['errors'][0]['title']
+            title.should eql(I18n.t('bigbluebutton_rails.api.errors.forbidden.title'))
+          }
+          it {
+            detail = JSON.parse(response.body)['errors'][0]['detail']
+            detail.should eql(I18n.t('bigbluebutton_rails.api.errors.forbidden.msg'))
+          }
+        end
+      end
+    end
+
+    context "when the server has an empty string as secret" do
+      before {
+        @previous = BigbluebuttonRails.configuration.api_secret
+        BigbluebuttonRails.configuration.api_secret = ''
+      }
+      after {
+        BigbluebuttonRails.configuration.api_secret = @previous
+      }
+
+      [nil, "WRONG", '', "bearer 123123"].each do |auth_header|
+        context "forbids the authorization header #{auth_header.inspect}" do
+          before(:each) {
+            request.headers['Authorization'] = auth_header
+            action
+          }
+          it { JSON.parse(response.body)['errors'].should be_nil }
+          it { JSON.parse(response.body)['data'].should_not be_nil }
+        end
+      end
+    end
+
+  end
+
+  describe "#index" do
+    context "authenticates" do
+      let(:action) { get :index, format: :json }
+      it_should_behave_like "an authenticated API call"
+    end
+
+    context "basic" do
+      before(:each) { get :index, format: :json }
+      it { should respond_with(:success) }
+      it { should respond_with_content_type('json') }
+      it { should assign_to(:rooms).with([room]) }
+      it { JSON.parse(response.body)['data'].should be_an_instance_of(Array) }
+      it { JSON.parse(response.body)['data'][0]['type'].should eql('room') }
+      it { JSON.parse(response.body)['data'][0]['id'].should eql(room.to_param) }
+    end
+
+    context "content" do
+      let(:owner) { FactoryGirl.create(:bigbluebutton_server) } # could be any model
+      before { room.update_attributes(owner: owner) }
+      before(:each) { get :index, format: :json }
+
+      it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room.name) }
+      it { JSON.parse(response.body)['data'][0]['attributes']['private'].should eql(room.private) }
+      it { JSON.parse(response.body)['data'][0]['links']['self'].should eql(room.short_path) }
+
+      context "includes the owner in the response" do
+        it { JSON.parse(response.body)['data'][0]['relationships']['owner']['data']['type'].should eql('server') }
+        it { JSON.parse(response.body)['data'][0]['relationships']['owner']['data']['id'].should eql(owner.to_param) }
+        it { JSON.parse(response.body)['data'][0]['relationships']['owner']['data']['attributes']['name'].should eql(owner.name) }
+      end
+    end
+
+    context "empty response" do
+      before { room.destroy }
+      before(:each) { get :index, format: :json }
+      it { JSON.parse(response.body)['data'].should be_empty }
+    end
+
+    context "filtering" do
+      before { room.update_attributes(name: "La Lo", param: "lalo-1") }
+      let!(:room2) { FactoryGirl.create(:bigbluebutton_room, name: "La Le", param: "lale-2") }
+      let!(:room3) { FactoryGirl.create(:bigbluebutton_room, name: "Li Lo", param: "lilo") }
+
+      context "filters by terms" do
+        before(:each) { get :index, filter: { terms: 'la' }, format: :json }
+        it { JSON.parse(response.body)['data'].length.should be(2) }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql("La Le") }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql("La Lo") }
+      end
+
+      context "orders by number of matches" do
+        before(:each) { get :index, filter: { terms: 'la,1' }, format: :json }
+        it { JSON.parse(response.body)['data'].length.should be(2) }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql("La Lo") }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql("La Le") }
+      end
+
+      context "strips the terms" do
+        before(:each) { get :index, filter: { terms: ' la  ' }, format: :json }
+        it { JSON.parse(response.body)['data'].length.should be(2) }
+      end
+    end
+
+    context "sorting" do
+      let!(:room2) { FactoryGirl.create(:bigbluebutton_room, name: room.name + "-2") }
+      let!(:room3) { FactoryGirl.create(:bigbluebutton_room, name: room.name + "-3") }
+
+      context "orders by name" do
+        before(:each) { get :index, sort: 'name', format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room2.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room3.name) }
+      end
+
+      context "orders by name DESC" do
+        before(:each) { get :index, sort: '-name', format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room3.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room2.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room.name) }
+      end
+
+      context "orders by name by default" do
+        before(:each) { get :index, format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room2.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room3.name) }
+      end
+
+      context "orders by activity" do
+        before {
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now - 2.hours, room: room)
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now, room: room2)
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now - 1.hour, room: room3)
+        }
+        before(:each) { get :index, sort: 'activity', format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room2.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room3.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room.name) }
+      end
+
+      context "orders by activity DESC" do
+        before {
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now - 2.hours, room: room)
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now, room: room2)
+          FactoryGirl.create(:bigbluebutton_meeting, create_time: Time.now - 1.hour, room: room3)
+        }
+        before(:each) { get :index, sort: '-activity', format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room3.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room2.name) }
+      end
+
+      context "doesn't order by anything else" do
+        before {
+          FactoryGirl.create(:bigbluebutton_room, attendee_key: "2")
+          FactoryGirl.create(:bigbluebutton_room, attendee_key: "1")
+          FactoryGirl.create(:bigbluebutton_room, attendee_key: "0")
+        }
+        before(:each) { get :index, sort: 'attendee_key', format: :json }
+        it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(room.name) }
+        it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(room2.name) }
+        it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(room3.name) }
+      end
+    end
+
+    context "pagination" do
+      context "limits to 10 by default" do
+        before {
+          15.times { FactoryGirl.create(:bigbluebutton_room) }
+        }
+        before(:each) { get :index, format: :json }
+        it { JSON.parse(response.body)['data'].length.should be(10) }
+      end
+
+      context "paginates" do
+        before {
+          9.times { FactoryGirl.create(:bigbluebutton_room) }
+          @rooms = BigbluebuttonRoom.order('name').all
+        }
+
+        context "returns the selected page" do
+          before(:each) { get :index, page: { size: 2, number: 3 }, format: :json }
+          it { JSON.parse(response.body)['data'].length.should be(2) }
+          it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(@rooms[4].name) }
+          it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(@rooms[5].name) }
+        end
+
+        context "returns the first page by default" do
+          before(:each) { get :index, page: { size: 3 }, format: :json }
+          it { JSON.parse(response.body)['data'].length.should be(3) }
+          it { JSON.parse(response.body)['data'][0]['attributes']['name'].should eql(@rooms[0].name) }
+          it { JSON.parse(response.body)['data'][1]['attributes']['name'].should eql(@rooms[1].name) }
+          it { JSON.parse(response.body)['data'][2]['attributes']['name'].should eql(@rooms[2].name) }
+        end
+
+        context "includes the pagination links in the response" do
+          before(:each) { get :index, page: { size: 2, number: 3 }, format: :json }
+          it { JSON.parse(response.body)['links']['self'].should eql(request.original_url) }
+          it {
+            uri = URI.parse(request.original_url)
+            query = Rack::Utils.parse_query(uri.query)
+            query["page[number]"] = 4
+            uri.query = Rack::Utils.build_query(query)
+            JSON.parse(response.body)['links']['next'].should eql(uri.to_s)
+          }
+          it {
+            uri = URI.parse(request.original_url)
+            query = Rack::Utils.parse_query(uri.query)
+            query["page[number]"] = 2
+            uri.query = Rack::Utils.build_query(query)
+            JSON.parse(response.body)['links']['prev'].should eql(uri.to_s)
+          }
+          it {
+            uri = URI.parse(request.original_url)
+            query = Rack::Utils.parse_query(uri.query)
+            query["page[number]"] = 1
+            uri.query = Rack::Utils.build_query(query)
+            JSON.parse(response.body)['links']['first'].should eql(uri.to_s)
+          }
+
+          context "doesn't include 'prev' when in the first page" do
+            before(:each) { get :index, page: { size: 2, number: 1 }, format: :json }
+            it { JSON.parse(response.body)['links']['prev'].should be_nil }
+          end
+        end
+      end
+    end
+  end
+
+  describe "#running" do
+    before {
+      mock_server_and_api
+      @api_mock.stub(:is_meeting_running?)
+    }
+
+    context "authenticates" do
+      let(:action) { get :running, id: room.to_param, format: :json }
+      it_should_behave_like "an authenticated API call"
+    end
+
+    context "basic" do
+      before(:each) { get :running, id: room.to_param, format: :json }
+      it { should respond_with(:success) }
+      it { should respond_with_content_type('json') }
+      it { should assign_to(:room).with(room) }
+      it { JSON.parse(response.body)['data']['type'].should eql('room') }
+      it { JSON.parse(response.body)['data']['id'].should eql(room.to_param) }
+      it { room.request_headers["x-forwarded-for"].should eql(request.remote_ip) }
+    end
+
+    context "room is running" do
+      before { @api_mock.stub(:is_meeting_running?).and_return(true) }
+      before(:each) { get :running, id: room.to_param, format: :json }
+      it { JSON.parse(response.body)['data']['attributes']['running'].should be(true) }
+    end
+
+    context "room is running" do
+      before { @api_mock.should_receive(:is_meeting_running?).and_return(false) }
+      before(:each) { get :running, id: room.to_param, format: :json }
+      it { JSON.parse(response.body)['data']['attributes']['running'].should be(false) }
+    end
+
+    context "when the room is not found" do
+      before { BigbluebuttonRoom.stub(:find_by).and_return(nil) }
+      before(:each) { post :running, id: room.to_param + '-2', format: :json }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('404') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_found.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_found.msg'))
+      }
+    end
+  end
+
+  describe "#join" do
+    let(:expected_url) { 'https://fake-url.no/join?anything=1' }
+    before {
+      mock_server_and_api
+      @api_mock.stub(:is_meeting_running?).and_return(true)
+      @api_mock.stub(:join_meeting_url).and_return(expected_url)
+    }
+
+    context "authenticates" do
+      let(:action) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+      it_should_behave_like "an authenticated API call"
+    end
+
+    context "basic" do
+      before { room.update_attributes(private: false) }
+      before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+      it { should respond_with(:success) }
+      it { should respond_with_content_type('json') }
+      it { should assign_to(:room).with(room) }
+      it { should assign_to(:url).with(expected_url) }
+      it { JSON.parse(response.body)['data']['type'].should eql('join-url') }
+      it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+      it { room.request_headers["x-forwarded-for"].should eql(request.remote_ip) }
+    end
+
+    context "generates the correct join url" do
+      let(:expected_url) { 'https://another-fake-url.no/join?anything=1' }
+
+      context "attendee in a public room" do
+        before {
+          room.should_receive(:parameterized_join_url).with('User 1', :attendee, nil, {}).and_return(expected_url)
+        }
+        before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+        it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+      end
+
+      context "attendee in a private room" do
+        before {
+          room.update_attributes(private: true)
+          room.should_receive(:parameterized_join_url).with('User 1', :attendee, nil, {}).and_return(expected_url)
+        }
+        before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1', key: room.attendee_key }
+        it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+      end
+
+      context "moderator in a private room" do
+        before {
+          room.update_attributes(private: true)
+          room.should_receive(:parameterized_join_url).with('User 1', :moderator, nil, {}).and_return(expected_url)
+        }
+        before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1', key: room.moderator_key }
+        it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+      end
+
+      context "with metadata" do
+        let(:expected_meta) {
+          { 'userdata-param-1' => 1, 'userdata-param_2' => 'string-2' }
+        }
+        before {
+          room.should_receive(:parameterized_join_url).with('User 1', :attendee, nil, expected_meta).and_return(expected_url)
+        }
+        before(:each) {
+          post :join, id: room.to_param, format: :json, name: 'User 1', key: room.moderator_key,
+               'meta-param-1': 1, meta_param_2: 'string-2'
+        }
+        it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+      end
+    end
+
+    context "when the room is not found" do
+      before { BigbluebuttonRoom.stub(:find_by).and_return(nil) }
+      before(:each) { post :join, id: room.to_param + '-2', format: :json, name: 'User 1' }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('404') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_found.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_found.msg'))
+      }
+    end
+
+    context "when the room is not running" do
+      before { @api_mock.stub(:is_meeting_running?).and_return(false) }
+      before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('400') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_running.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.room_not_running.msg'))
+      }
+    end
+
+    context "when a name is not informed" do
+      before(:each) { post :join, id: room.to_param, format: :json }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('400') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.missing_params.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.missing_params.msg'))
+      }
+    end
+
+    context "when a key is not informed and the room is private" do
+      before { room.update_attributes(private: true) }
+      before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('400') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.missing_params.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.missing_params.msg'))
+      }
+    end
+
+    context "attendee in a private room with wrong key" do
+      before { room.update_attributes(private: true) }
+      before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1', key: 'WRONG' }
+      it { JSON.parse(response.body)['errors'][0]['status'].should eql('403') }
+      it {
+        title = JSON.parse(response.body)['errors'][0]['title']
+        title.should eql(I18n.t('bigbluebutton_rails.api.errors.invalid_key.title'))
+      }
+      it {
+        detail = JSON.parse(response.body)['errors'][0]['detail']
+        detail.should eql(I18n.t('bigbluebutton_rails.api.errors.invalid_key.msg'))
+      }
+    end
+
+    context "when guest support is on" do
+      let(:expected_url) { 'https://another-fake-url.no/join?anything=1' }
+      before {
+        @guest_support = BigbluebuttonRails.configuration.guest_support
+        BigbluebuttonRails.configuration.guest_support = true
+      }
+      after {
+        BigbluebuttonRails.configuration.guest_support = @guest_support
+      }
+
+      before {
+        room.should_receive(:parameterized_join_url).with('User 1', :guest, nil, {}).and_return(expected_url)
+      }
+      before(:each) { post :join, id: room.to_param, format: :json, name: 'User 1' }
+      it { JSON.parse(response.body)['data']['id'].should eql(expected_url) }
+    end
+  end
+end