Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Protect group from license borrowing #630

Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

Protect group from license borrowing #630

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
c132cd0
Protect group from license borrowing
izendegi Apr 29, 2024
4c5b70f
Add isset control to $status to avoid warning
izendegi Dec 2, 2024
4bab6b6
Changes proposed by @jrchamp
izendegi Dec 20, 2024
eedac67
Remove unnecessary require
izendegi Dec 20, 2024
2e45bbe
Avoid calling get_groups twice
izendegi Dec 20, 2024
fa7ac15
Test fixes
izendegi Dec 20, 2024
057e209
Make protected group multilselect
izendegi Dec 20, 2024
01a3671
Fix the logic of the if
izendegi Dec 23, 2024
0cb762d
Enhance get_groups function
izendegi Dec 23, 2024
37679ad
Change zoomgrps to zoomgroups
izendegi Dec 23, 2024
896c8d3
Fix if logic
izendegi Dec 23, 2024
069bc7b
Blank lines before comments and between code blocks
izendegi Dec 23, 2024
256cd31
Fix try-catch
izendegi Dec 23, 2024
746a373
settings: get_groups returns array
jrchamp Dec 23, 2024
2c6ccb2
README: add optional group scopes
jrchamp Jan 9, 2025
f6eb922
Remove redundant check
izendegi Jan 15, 2025
710f8bc
Add check if there is no user to borrow license from
izendegi Jan 15, 2025
ffd67cf
Rollback errornousersfound and add control to get pro license
izendegi Jan 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,8 @@ Optional functionality can be enabled by granting additional scopes:
- cloud_recording:read:recording_settings:admin
- Tracking fields (zoom | defaulttrackingfields)
- Not yet supported by Zoom
- Recycle licenses (zoom | utmost), (zoom | recycleonjoin)
- Recycle licenses (zoom | utmost), (zoom | recycleonjoin), (zoom | protectedgroups)
- group:read:list_groups:admin
- user:read:list_users:admin
- user:update:user:admin
- Webinars (zoom | showwebinars), (zoom | webinardefault)
Expand All @@ -76,7 +77,8 @@ Optional functionality can be enabled by granting additional scopes:
- recording:read:admin
- Tracking fields (zoom | defaulttrackingfields)
- tracking_fields:read:admin
- Recycle licenses (zoom | utmost), (zoom | recycleonjoin)
- Recycle licenses (zoom | utmost), (zoom | recycleonjoin), (zoom | protectedgroups)
- group:read:admin
- user:write:admin
- Webinars (zoom | showwebinars), (zoom | webinardefault)
- webinar:read:admin
Expand Down
62 changes: 55 additions & 7 deletions classes/webservice.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,12 @@ class webservice {
*/
protected $instanceusers;

/**
* Zoom group to protect from licenses redefining
* @var array
*/
protected $protectedgroups;

/**
* Maximum limit of paid users
* @var int
Expand Down Expand Up @@ -151,6 +157,7 @@ public function __construct() {
if (!empty($config->utmost)) {
$this->recyclelicenses = $config->utmost;
$this->instanceusers = !empty($config->instanceusers);
$this->protectedgroups = !empty($config->protectedgroups) ? explode(',', $config->protectedgroups) : [];
}

if ($this->recyclelicenses) {
Expand Down Expand Up @@ -461,11 +468,24 @@ private function get_least_recently_active_paid_user_id() {
$userslist = $this->list_users();

foreach ($userslist as $user) {
if ($user->type != ZOOM_USER_TYPE_BASIC && isset($user->last_login_time)) {
// Count the user if we're including all users or if the user is on this instance.
if (!$this->instanceusers || core_user::get_user_by_email($user->email)) {
$usertimes[$user->id] = strtotime($user->last_login_time);
}
// Skip Basic user accounts.
if ($user->type == ZOOM_USER_TYPE_BASIC) {
continue;
}

// Skip the users of protected groups.
if (!empty(array_intersect($this->protectedgroups, $user->group_ids ?? []))) {
continue;
}

// We need the login time.
if (!isset($user->last_login_time)) {
continue;
}

// Count the user only if we're including all users or if the user is on this instance.
if (!$this->instanceusers || core_user::get_user_by_email($user->email)) {
$usertimes[$user->id] = strtotime($user->last_login_time);
}
}

Expand All @@ -476,6 +496,30 @@ private function get_least_recently_active_paid_user_id() {
return false;
}

/**
* Get a list of Zoom groups
*
* @return array Group information.
*/
public function get_groups() {
$groups = [];

// Classic: group:read:admin.
// Granular: group:read:list_groups:admin.
// Not essential scope, execute only if scope has been granted.
if ($this->has_scope(['group:read:list_groups:admin', 'group:read:admin'])) {
try {
$response = $this->make_call('/groups');
$groups = $response->groups ?? [];
} catch (moodle_exception $error) {
// Only available for Paid accounts, so ignore error.
$response = '';
}
}

return $groups;
}

/**
* Gets a user's settings.
*
Expand Down Expand Up @@ -766,13 +810,17 @@ public function provide_license($zoomuserid) {
if ($this->paid_user_limit_reached()) {
$leastrecentlyactivepaiduserid = $this->get_least_recently_active_paid_user_id();
// Changes least_recently_active_user to a basic user so we can use their license.
$this->make_call("users/$leastrecentlyactivepaiduserid", ['type' => ZOOM_USER_TYPE_BASIC], 'patch');
if ($leastrecentlyactivepaiduserid) {
$this->make_call("users/$leastrecentlyactivepaiduserid", ['type' => ZOOM_USER_TYPE_BASIC], 'patch');
}
}

// Changes current user to pro so they can make a meeting.
// Classic: user:write:admin.
// Granular: user:update:user:admin.
$this->make_call("users/$zoomuserid", ['type' => ZOOM_USER_TYPE_PRO], 'patch');
if (!$this->paid_user_limit_reached() || $leastrecentlyactivepaiduserid) {
$this->make_call("users/$zoomuserid", ['type' => ZOOM_USER_TYPE_PRO], 'patch');
}
}
}

Expand Down
2 changes: 2 additions & 0 deletions lang/en/zoom.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,8 @@
$string['privacy:metadata:zoom_meeting_participants:user_email'] = 'The email of the participant';
$string['privacy:metadata:zoom_meeting_view'] = 'The database table to track users that view the meeting recordings';
$string['privacy:metadata:zoom_meeting_view:userid'] = 'The id of the user that viewed the recording';
$string['protectedgroups'] = 'Protect groups';
$string['protectedgroups_desc'] = 'Select Zoom groups to protect member users from license redefining';
$string['recording'] = 'Recording';
$string['recordingadd'] = 'Add Recording';
$string['recordingdate'] = 'Recording Date';
Expand Down
18 changes: 18 additions & 0 deletions settings.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,24 @@
);
$settings->add($recycleonjoin);

// Only call to the web services and load the setting if the connection is OK.
if (isset($status) && $status === 'connectionok') {
$zoomgroups = [];
$groups = zoom_webservice()->get_groups();
foreach ($groups as $group) {
$zoomgroups[$group->id] = $group->name;
}

$protectedgroups = new admin_setting_configmultiselect(
'zoom/protectedgroups',
get_string('protectedgroups', 'mod_zoom'),
get_string('protectedgroups_desc', 'mod_zoom'),
[],
$zoomgroups
);
$settings->add($protectedgroups);
}

// Global settings.
$settings->add(new admin_setting_heading(
'zoom/globalsettings',
Expand Down