More fixes for local migrations (#5491)

* More fixes for local migrations

* fix tests

app/controllers/api/v1/migrations/external_controller.rb

@@ -105,6 +105,11 @@ module Api
 
           return render_error(status: :bad_request, errors: user&.errors&.to_a) unless user.save
 
+          if user_hash[:provider] != 'greenlight'
+            user.password_digest = nil
+            user.save(validations: false)
+          end
+
           render_data status: :created
         end
 
@@ -250,7 +255,7 @@ module Api
 
           raise ActiveSupport::MessageEncryptor::InvalidMessage unless encrypted_params.is_a? String
 
-          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31], cipher: 'aes-256-gcm', serializer: Marshal)
+          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secret_key_base[0..31], cipher: 'aes-256-gcm', serializer: Marshal)
           decrypted_params = crypt.decrypt_and_verify(encrypted_params) || {}
 
           raise ActiveSupport::MessageEncryptor::InvalidMessage unless decrypted_params.is_a? Hash

app/services/meeting_starter.rb

@@ -64,7 +64,7 @@ class MeetingStarter
       logoutURL: room_url,
       meta_endCallbackUrl: meeting_ended_url(host: @base_url),
       'meta_bbb-recording-ready-url': recording_ready_url(host: @base_url),
-      'meta_bbb-origin-version': 3,
+      'meta_bbb-origin-version': ENV.fetch('VERSION_TAG', 'v3'),
       'meta_bbb-origin': 'greenlight'
     }
   end

spec/controllers/admin/server_rooms_controller_spec.rb

@@ -154,7 +154,7 @@ RSpec.describe Api::V1::Admin::ServerRoomsController, type: :controller do
                                hasJoinedVoice: 'false',
                                hasVideo: 'false',
                                clientType: 'HTML5' } },
-      metadata: { 'bbb-origin-version': '3',
+      metadata: { 'bbb-origin-version': 'v3',
                   'bbb-recording-ready-url': 'http://localhost:3000/recording_ready',
                   'bbb-origin': 'greenlight',
                   endcallbackurl: 'http://localhost:3000/meeting_ended' },

spec/controllers/migrations/external_controller_spec.rb

@@ -133,7 +133,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
 
       describe 'because the ciphertext was not generated with the same configuration' do
         it 'returns :bad_request without creating a role' do
-          key = Rails.application.secrets.secret_key_base[1..32]
+          key = Rails.application.secret_key_base[1..32]
 
           encrypted_params = encrypt_params({ role: { name: 'CrazyRole', role_permissions: {} } }, key:, expires_in: 10.seconds)
           expect { post :create_role, params: { v2: { encrypted_params: } } }.not_to change(Role, :count)
@@ -188,6 +188,28 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
             expect(response).to have_http_status(:created)
             expect(user.password_digest).to be_present
           end
+
+          it 'creates the user without a password if provider is not greenlight' do
+            tenant = create(:tenant)
+            role = create(:role, name: valid_user_role.name, provider: tenant.name)
+            valid_user_params[:provider] = tenant.name
+
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+
+            expect_any_instance_of(described_class).to receive(:generate_secure_pwd).and_call_original
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.to change(User, :count).from(0).to(1)
+            expect(ActionMailer::MailDeliveryJob).not_to have_been_enqueued
+
+            user = User.take
+            expect(user.name).to eq(valid_user_params[:name])
+            expect(user.email).to eq(valid_user_params[:email])
+            expect(user.language).to eq(valid_user_params[:language])
+            expect(user.role).to eq(role)
+            expect(user.session_token).to be_present
+            expect(user.provider).to eq(tenant.name)
+            expect(response).to have_http_status(:created)
+            expect(user.password_digest).not_to be_present
+          end
         end
 
         context 'when the provider does not exists' do
@@ -429,7 +451,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
 
       describe 'because the ciphertext was not generated with the same configuration' do
         it 'returns :bad_request without creating a user' do
-          key = Rails.application.secrets.secret_key_base[1..32]
+          key = Rails.application.secret_key_base[1..32]
 
           encrypted_params = encrypt_params({ user: valid_user_params }, key:, expires_in: 10.seconds)
           expect_any_instance_of(described_class).not_to receive(:generate_secure_pwd)
@@ -547,7 +569,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
 
       describe 'because the ciphertext was not generated with the same configuration' do
         it 'returns :bad_request without creating a room' do
-          key = Rails.application.secrets.secret_key_base[1..32]
+          key = Rails.application.secret_key_base[1..32]
           encrypted_params = encrypt_params({ room: valid_room_params }, key:, expires_in: 10.seconds)
           expect { post :create_room, params: { v2: { encrypted_params: } } }.not_to change(Room, :count)
           expect(response).to have_http_status(:bad_request)
@@ -647,7 +669,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
   private
 
   def encrypt_params(params, key: nil, expires_at: nil, expires_in: nil, purpose: nil)
-    key = Rails.application.secrets.secret_key_base[0..31] if key.nil?
+    key = Rails.application.secret_key_base[0..31] if key.nil?
     crypt = ActiveSupport::MessageEncryptor.new(key, cipher: 'aes-256-gcm', serializer: Marshal)
     crypt.encrypt_and_sign(params, expires_at:, expires_in:, purpose:)
   end

spec/services/meeting_starter_spec.rb

@@ -41,7 +41,7 @@ describe MeetingStarter, type: :service do
       logoutURL: url,
       meta_endCallbackUrl: File.join(base_url, '/meeting_ended'),
       'meta_bbb-recording-ready-url': File.join(base_url, '/recording_ready'),
-      'meta_bbb-origin-version': 3,
+      'meta_bbb-origin-version': 'v3',
       'meta_bbb-origin': 'greenlight',
       setting: 'value'
     }