Re: new privacy regulations on the 25th May 2018

2018-04-11 Thread Maxim Solodovnik 
Will write it as a requirement, will see what can be done here
Thanks a lot for the quick answers!

On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn  wrote:

> ip-address is now a private date... it have to be at least anonymised
> after 7 (maybe 14 days)... ipv4 addresses delete last 8 recommended 16 bit
> (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or better 16
> Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done automated
> after 7 Days?
>
> Greetings Peter
>
> Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik:
>
> According "Hash algorithm" I planned to use random UUID
> so All fields will look like this: "Purged_54cd4426-1c0a-
> 4ab8-bb35-eb6d26da99cf"
>
> Are you sure IP should be cleaned-up? There will be no chance to "restore"
> who was this user .
>
> On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn  wrote:
>
>> Hi Maxim,
>>
>> I think this list is complete and you are right, this is a lot of stuff.
>>
>> The option that you suggest sound much more feasible. From my point of
>> few this should be enough.
>>
>> Hash algorithm need to be state of the art. IP-address in ConferenceLog
>> need to be cleaned.
>>
>> I think this is a good way.
>>
>> Btw... is there is a way/setting to anonymize IP-adresses while logging?
>> Otherwise I need to write a script to do so. Maybe I need to do it anyway
>> to kick out usernames. Logfiles need to be delete after 7 (maybe 14) days
>> or they need to be without any userdata.
>>
>> Greetings Peter
>>
>>
>> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik:
>>
>> Hello Peter,
>>
>> Here is the high level list of what need to done to "hard delete" user
>> from the system:
>>
>>
>>1. delete user
>>2. delete all user contacts (also users, so we might have recursion
>>here)
>>3. delete user from all groups
>>4. delete user from room moderators
>>5. delete all appointments with owner == user
>>6. delete all calendars with owner == user
>>7. delete all meeting members in appointments where owner != user
>>8. delete all Private Messages where user is in to/from fields
>>9. delete all UserContact + Requests
>>10. delete all invitation sent by this user
>>11. delete all private rooms owned by this user
>>12. delete all user private files/recordings
>>13. delete all chat messages send/received by this user
>>14. clean email messages
>>15. clean all Polls/answers
>>
>>
>> This list scares me a lot :(((
>>
>> So let's discuss the option: "Mark user deleted and clean-up sensitive
>> information"
>>
>> What I would propose:
>>
>> In Admin->User area
>>
>>1. display all users (deleted should be "read-only" with restore and
>>purge options only)
>>2. add additional "Purge" button
>>3. In case Purge will be selected:
>>1. User will be marked deleted
>>   2. AsteriskSipUser and Address will be replaced with empty objects
>>   3. User fields "age, externaluserid, firstname, lastname, login,
>>   pictureuri" will be replaced with "Purged_some_hash"
>>   4. User profile picture will be deleted
>>   5. ChatMessage: fromName will be replaced with "Purged User"
>>   6. MailMessage: should be purged (some search by email will be
>>   required)
>>
>> ConferenceLog right now contains userId+UserIp right now, so it is 2
>> numbers should it be cleaned up?
>>
>> SOAPLogin contains clientURL and doesn't contains userId, so it is
>> impossible to associate SoapLogin object with particular user
>>
>>
>> Would it be enough?
>>
>>
>> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn  wrote:
>>
>>> Hi Maxim,
>>>
>>> hard delete as only option would be the easiest way (for the admin). One
>>> doesn't need to remind "hard delete" at a given time... I think it need to
>>> be implemented anyway. I thought just the ones that doesn't need to take
>>> care about these regulation could keep things as they are now...
>>>
>>> Greetings Peter
>>>
>>>
>>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik:
>>>
 I'm afraid there will be no option to "final delete one record"
 It will be: perform total clean-up and hard delete all soft deleted
 records

 Or better to perform: hard delete as the only option?

 On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn  wrote:

> Hi Maxim,
>
> "soft" and "final delete" should be enough I think...
>
> It just need to be "findable" and described for new admins that
> provide the
> service in the EU...
>
> jira in a second...
>
> Greetings Peter
>
>
> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik:
>
>> Hello Peter,
>>
>> This sounds like lots of new testing :(
>> Will try to find time and include it in 4.0.3/4.0.4
>>
>> (have very limited time right now :( )
>> Will appreciated any help with testing
>>
>> Would it be OK to perform "final delete" in clean-up widget? i.e.
>>

Re: new privacy regulations on the 25th May 2018

2018-04-11 Thread Maxim Solodovnik 
According to logs: you can set up history size in this
https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/main/webapp/WEB-INF/classes/logback-config.xml#L36
file 

On Wed, Apr 11, 2018 at 2:31 PM, Maxim Solodovnik 
wrote:

> According "Hash algorithm" I planned to use random UUID
> so All fields will look like this: "Purged_54cd4426-1c0a-
> 4ab8-bb35-eb6d26da99cf"
>
> Are you sure IP should be cleaned-up? There will be no chance to "restore"
> who was this user .
>
> On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn  wrote:
>
>> Hi Maxim,
>>
>> I think this list is complete and you are right, this is a lot of stuff.
>>
>> The option that you suggest sound much more feasible. From my point of
>> few this should be enough.
>>
>> Hash algorithm need to be state of the art. IP-address in ConferenceLog
>> need to be cleaned.
>>
>> I think this is a good way.
>>
>> Btw... is there is a way/setting to anonymize IP-adresses while logging?
>> Otherwise I need to write a script to do so. Maybe I need to do it anyway
>> to kick out usernames. Logfiles need to be delete after 7 (maybe 14) days
>> or they need to be without any userdata.
>>
>> Greetings Peter
>>
>>
>> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik:
>>
>> Hello Peter,
>>
>> Here is the high level list of what need to done to "hard delete" user
>> from the system:
>>
>>
>>1. delete user
>>2. delete all user contacts (also users, so we might have recursion
>>here)
>>3. delete user from all groups
>>4. delete user from room moderators
>>5. delete all appointments with owner == user
>>6. delete all calendars with owner == user
>>7. delete all meeting members in appointments where owner != user
>>8. delete all Private Messages where user is in to/from fields
>>9. delete all UserContact + Requests
>>10. delete all invitation sent by this user
>>11. delete all private rooms owned by this user
>>12. delete all user private files/recordings
>>13. delete all chat messages send/received by this user
>>14. clean email messages
>>15. clean all Polls/answers
>>
>>
>> This list scares me a lot :(((
>>
>> So let's discuss the option: "Mark user deleted and clean-up sensitive
>> information"
>>
>> What I would propose:
>>
>> In Admin->User area
>>
>>1. display all users (deleted should be "read-only" with restore and
>>purge options only)
>>2. add additional "Purge" button
>>3. In case Purge will be selected:
>>1. User will be marked deleted
>>   2. AsteriskSipUser and Address will be replaced with empty objects
>>   3. User fields "age, externaluserid, firstname, lastname, login,
>>   pictureuri" will be replaced with "Purged_some_hash"
>>   4. User profile picture will be deleted
>>   5. ChatMessage: fromName will be replaced with "Purged User"
>>   6. MailMessage: should be purged (some search by email will be
>>   required)
>>
>> ConferenceLog right now contains userId+UserIp right now, so it is 2
>> numbers should it be cleaned up?
>>
>> SOAPLogin contains clientURL and doesn't contains userId, so it is
>> impossible to associate SoapLogin object with particular user
>>
>>
>> Would it be enough?
>>
>>
>> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn  wrote:
>>
>>> Hi Maxim,
>>>
>>> hard delete as only option would be the easiest way (for the admin). One
>>> doesn't need to remind "hard delete" at a given time... I think it need to
>>> be implemented anyway. I thought just the ones that doesn't need to take
>>> care about these regulation could keep things as they are now...
>>>
>>> Greetings Peter
>>>
>>>
>>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik:
>>>
 I'm afraid there will be no option to "final delete one record"
 It will be: perform total clean-up and hard delete all soft deleted
 records

 Or better to perform: hard delete as the only option?

 On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn  wrote:

> Hi Maxim,
>
> "soft" and "final delete" should be enough I think...
>
> It just need to be "findable" and described for new admins that
> provide the
> service in the EU...
>
> jira in a second...
>
> Greetings Peter
>
>
> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik:
>
>> Hello Peter,
>>
>> This sounds like lots of new testing :(
>> Will try to find time and include it in 4.0.3/4.0.4
>>
>> (have very limited time right now :( )
>> Will appreciated any help with testing
>>
>> Would it be OK to perform "final delete" in clean-up widget? i.e.
>> delete will be "soft delete", then in if will push "Clean-up" all soft
>> deleted data will be hard deleted ...
>> Or it doesn't worth to have both? only hard delete will be enough?
>>
>> On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn  wrote:
>>
>>> Hey

Re: new privacy regulations on the 25th May 2018

2018-04-11 Thread Peter Dähn 

I try... ;-)

Am 11.04.2018 um 13:11 schrieb Maxim Solodovnik:

Will write it as a requirement, will see what can be done here
Thanks a lot for the quick answers!

On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn > wrote:


ip-address is now a private date... it have to be at least
anonymised  after 7 (maybe 14 days)... ipv4 addresses delete last
8 recommended 16 bit (192.168.123.0 or 192.168.0.0) and ipv6
preserve first 48 -8 or better 16 Bit (2a00:1234:56:: or
2a00:1234::) Maybe this could be done automated after 7 Days?

Greetings Peter

Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik:

According "Hash algorithm" I planned to use random UUID
so All fields will look like this:
"Purged_54cd4426-1c0a-4ab8-bb35-eb6d26da99cf"

Are you sure IP should be cleaned-up? There will be no chance to
"restore" who was this user .

On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn > wrote:

Hi Maxim,

I think this list is complete and you are right, this is a
lot of stuff.

The option that you suggest sound much more feasible. From my
point of few this should be enough.

Hash algorithm need to be state of the art. IP-address in
ConferenceLog need to be cleaned.

I think this is a good way.

Btw... is there is a way/setting to anonymize IP-adresses
while logging? Otherwise I need to write a script to do so.
Maybe I need to do it anyway to kick out usernames. Logfiles
need to be delete after 7 (maybe 14) days or they need to be
without any userdata.

Greetings Peter


Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik:

Hello Peter,

Here is the high level list of what need to done to "hard
delete" user from the system:

 1. delete user
 2. delete all user contacts (also users, so we might have
recursion here)
 3. delete user from all groups
 4. delete user from room moderators
 5. delete all appointments withowner == user
 6. delete all calendars withowner == user
 7. delete all meeting members in appointments where owner
!= user
 8. delete all Private Messages whereuseris in to/from fields
 9. delete all UserContact + Requests
10. delete all invitation sent by this user
11. delete all private rooms owned by this user
12. delete all user private files/recordings
13. delete all chat messages send/received by this user
14. clean email messages
15. clean all Polls/answers


This list scares me a lot :(((

So let's discuss the option: "Mark user deleted and clean-up
sensitive information"

What I would propose:

In Admin->User area

 1. display all users (deleted should be "read-only" with
restore and purge options only)
 2. add additional "Purge" button
 3. In case Purge will be selected:
 1. User will be marked deleted
 2. AsteriskSipUser and Address will be replaced with
empty objects
 3. User fields "age, externaluserid, firstname,
lastname, login, pictureuri" will be replaced with
"Purged_some_hash"
 4. User profile picture will be deleted
 5. ChatMessage: fromName will be replaced with "Purged
User"
 6. MailMessage: should be purged (some search by email
will be required)

ConferenceLog right now contains userId+UserIp right now, so
it is 2 numbers should it be cleaned up?

SOAPLogin contains clientURL and doesn't contains userId, so
it is impossible to associate SoapLogin object with
particular user


Would it be enough?


On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn > wrote:

Hi Maxim,

hard delete as only option would be the easiest way (for
the admin). One doesn't need to remind "hard delete" at
a given time... I think it need to be implemented
anyway. I thought just the ones that doesn't need to
take care about these regulation could keep things as
they are now...

Greetings Peter


Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik:

I'm afraid there will be no option to "final delete
one record"
It will be: perform total clean-up and hard delete
all soft deleted records

Or better to perform: hard delete as the only option?

On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn
> wrote:

Hi Maxim,

"soft" and

Re: new privacy regulations on the 25th May 2018

2018-04-11 Thread Peter Dähn 
ip-address is now a private date... it have to be at least anonymised  
after 7 (maybe 14 days)... ipv4 addresses delete last 8 recommended 16 
bit (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or 
better 16 Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done 
automated after 7 Days?


Greetings Peter

Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik:

According "Hash algorithm" I planned to use random UUID
so All fields will look like this: 
"Purged_54cd4426-1c0a-4ab8-bb35-eb6d26da99cf"


Are you sure IP should be cleaned-up? There will be no chance to 
"restore" who was this user .


On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn > wrote:


Hi Maxim,

I think this list is complete and you are right, this is a lot of
stuff.

The option that you suggest sound much more feasible. From my
point of few this should be enough.

Hash algorithm need to be state of the art. IP-address in
ConferenceLog need to be cleaned.

I think this is a good way.

Btw... is there is a way/setting to anonymize IP-adresses while
logging? Otherwise I need to write a script to do so. Maybe I need
to do it anyway to kick out usernames. Logfiles need to be delete
after 7 (maybe 14) days or they need to be without any userdata.

Greetings Peter


Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik:

Hello Peter,

Here is the high level list of what need to done to "hard delete"
user from the system:

 1. delete user
 2. delete all user contacts (also users, so we might have
recursion here)
 3. delete user from all groups
 4. delete user from room moderators
 5. delete all appointments withowner == user
 6. delete all calendars withowner == user
 7. delete all meeting members in appointments where owner != user
 8. delete all Private Messages whereuseris in to/from fields
 9. delete all UserContact + Requests
10. delete all invitation sent by this user
11. delete all private rooms owned by this user
12. delete all user private files/recordings
13. delete all chat messages send/received by this user
14. clean email messages
15. clean all Polls/answers


This list scares me a lot :(((

So let's discuss the option: "Mark user deleted and clean-up
sensitive information"

What I would propose:

In Admin->User area

 1. display all users (deleted should be "read-only" with restore
and purge options only)
 2. add additional "Purge" button
 3. In case Purge will be selected:
 1. User will be marked deleted
 2. AsteriskSipUser and Address will be replaced with empty
objects
 3. User fields "age, externaluserid, firstname, lastname,
login, pictureuri" will be replaced with "Purged_some_hash"
 4. User profile picture will be deleted
 5. ChatMessage: fromName will be replaced with "Purged User"
 6. MailMessage: should be purged (some search by email will
be required)

ConferenceLog right now contains userId+UserIp right now, so it
is 2 numbers should it be cleaned up?

SOAPLogin contains clientURL and doesn't contains userId, so it
is impossible to associate SoapLogin object with particular user


Would it be enough?


On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn > wrote:

Hi Maxim,

hard delete as only option would be the easiest way (for the
admin). One doesn't need to remind "hard delete" at a given
time... I think it need to be implemented anyway. I thought
just the ones that doesn't need to take care about these
regulation could keep things as they are now...

Greetings Peter


Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik:

I'm afraid there will be no option to "final delete one
record"
It will be: perform total clean-up and hard delete all
soft deleted records

Or better to perform: hard delete as the only option?

On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn > wrote:

Hi Maxim,

"soft" and "final delete" should be enough I think...

It just need to be "findable" and described for new
admins that provide the
service in the EU...

jira in a second...

Greetings Peter


Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik:

Hello Peter,

This sounds like lots of new testing :(
Will try to find time and include it in 4.0.3/4.0.4

(have very limited time right now :( )
Will appreciated any help with testing

Would it be OK to perform "final delete"

Re: new privacy regulations on the 25th May 2018

2018-04-11 Thread Peter Dähn 

Hi Maxim,

I think this list is complete and you are right, this is a lot of stuff.

The option that you suggest sound much more feasible. From my point of 
few this should be enough.


Hash algorithm need to be state of the art. IP-address in ConferenceLog 
need to be cleaned.


I think this is a good way.

Btw... is there is a way/setting to anonymize IP-adresses while logging? 
Otherwise I need to write a script to do so. Maybe I need to do it 
anyway to kick out usernames. Logfiles need to be delete after 7 (maybe 
14) days or they need to be without any userdata.


Greetings Peter

Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik:

Hello Peter,

Here is the high level list of what need to done to "hard delete" user 
from the system:


 1. delete user
 2. delete all user contacts (also users, so we might have recursion here)
 3. delete user from all groups
 4. delete user from room moderators
 5. delete all appointments withowner == user
 6. delete all calendars withowner == user
 7. delete all meeting members in appointments where owner != user
 8. delete all Private Messages whereuseris in to/from fields
 9. delete all UserContact + Requests
10. delete all invitation sent by this user
11. delete all private rooms owned by this user
12. delete all user private files/recordings
13. delete all chat messages send/received by this user
14. clean email messages
15. clean all Polls/answers


This list scares me a lot :(((

So let's discuss the option: "Mark user deleted and clean-up sensitive 
information"


What I would propose:

In Admin->User area

 1. display all users (deleted should be "read-only" with restore and
purge options only)
 2. add additional "Purge" button
 3. In case Purge will be selected:
 1. User will be marked deleted
 2. AsteriskSipUser and Address will be replaced with empty objects
 3. User fields "age, externaluserid, firstname, lastname, login,
pictureuri" will be replaced with "Purged_some_hash"
 4. User profile picture will be deleted
 5. ChatMessage: fromName will be replaced with "Purged User"
 6. MailMessage: should be purged (some search by email will be
required)

ConferenceLog right now contains userId+UserIp right now, so it is 2 
numbers should it be cleaned up?


SOAPLogin contains clientURL and doesn't contains userId, so it is 
impossible to associate SoapLogin object with particular user



Would it be enough?


On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn > wrote:


Hi Maxim,

hard delete as only option would be the easiest way (for the
admin). One doesn't need to remind "hard delete" at a given
time... I think it need to be implemented anyway. I thought just
the ones that doesn't need to take care about these regulation
could keep things as they are now...

Greetings Peter


Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik:

I'm afraid there will be no option to "final delete one record"
It will be: perform total clean-up and hard delete all soft
deleted records

Or better to perform: hard delete as the only option?

On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn > wrote:

Hi Maxim,

"soft" and "final delete" should be enough I think...

It just need to be "findable" and described for new admins
that provide the
service in the EU...

jira in a second...

Greetings Peter


Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik:

Hello Peter,

This sounds like lots of new testing :(
Will try to find time and include it in 4.0.3/4.0.4

(have very limited time right now :( )
Will appreciated any help with testing

Would it be OK to perform "final delete" in clean-up
widget? i.e.
delete will be "soft delete", then in if will push
"Clean-up" all soft
deleted data will be hard deleted ...
Or it doesn't worth to have both? only hard delete
will be enough?

On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn
> wrote:

Hey there,

new privacy regulations will take place on the
25th May 2018 in Europe.
You
could find informations about it by searching for
General Data Protection
Regulation (EU) 2016/679.

To use openmeetings after the 25th of May (in
Europe) there need to be a
few
changes. We use openmeetings integrated. So I will
mainly be focused on
the
room.

Re: Problems opening rooms using webservices

2018-04-11 Thread Maxim Solodovnik 
"Access denied. You are not authorized to perform this action" is caused by
the fact you are trying to use same browser (different tab)
You should see "Logout" button, so you can logout as your SOAP user, who
has no admin rights ...

According to your REST calls sequence
1) why are you calling 'login' method twice?
2) to het secure hash you need to pass sid as query parameter: i.e. url:
http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/hash
?sid=
9e078944-7c43-439e-8ed0-d36ff316d885
hash seems to also be called twice, seems to be some issue with you REST
calls dump

Can you also check your logs?
Are there any errors?

On Wed, Apr 11, 2018 at 8:44 PM, Ramón Zárate Moedano 
wrote:

> Hello everyone.
> I have being "fighting" with this and i dont know what is wrong.
>
> Name: OpenMeetings
> Version: 4.0.1
> Revision 3795f14
>
> And i am using PHP API. (https://github.com/openmeetings/openmeetings-api-
> plugin)
>
> I can create, edit and delete rooms. But when i try to enter one room
> front end never ends loading.
>
>
>
>
> User is created and as far as i can see user it's loged in. After trying
> to get ir the room if i try to enter OM dashboard as admin i get this error
> message.
> Access denied. You are not authorized to perform this action So this is
> the whole trace i am using (based on php api)
>
> getOmConfig: {"protocol":"http","host":"XXX.XXX.XXX.XXX","port":"5080"
> ,"context":"openmeetings","user":"usersoap","pass":"pass"
> ,"module":"external"}
> -
> OmGateway function login()
> response: {"message":"bd1229fd-1809-4146-8c9d-ebef572d8764","type"
> :"SUCCESS"}
> -
> Function call variables
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
> Method: GET
> sid:
> Params: {"user":"usersoap","pass":"pass"}
> headers:
> wraperName: serviceResult
> -
> Rest call
> decoded: {"serviceResult":{"message":"bd1229fd-1809-4146-8c9d-
> ebef572d8764","type":"SUCCESS"}}
> wraperName: serviceResult
> decoded[wraperName]: {"message":"bd1229fd-1809-
> 4146-8c9d-ebef572d8764","type":"SUCCESS"}
> -
> OmGateway function login()
> response: {"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type"
> :"SUCCESS"}
> -
> Function call variables
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
> Method: GET
> sid:
> Params: {"user":"usersoap","pass":"pass"}
> headers:
> wraperName: serviceResult
> -
> Rest call
> decoded: {"serviceResult":{"message":"9e078944-7c43-439e-8ed0-
> d36ff316d885","type":"SUCCESS"}}
> wraperName: serviceResult
> decoded[wraperName]: {"message":"9e078944-7c43-
> 439e-8ed0-d36ff316d885","type":"SUCCESS"}
> -
> gateway->login: 1
> -
> get User: {"login":"rzarate","firstname":"Super
> User","lastname":"lastname","email":"ad...@localhost.com","
> externalId":"425","externalType":"external"}
> options: {"roomId":"22","moderator":true,"showAudioVideoTest":true}
> gateway->getSecureHash: 779bad90-fbc2-4ee6-9348-3afd9d2c49d3
> -
> get Secure Hash
> -
> Function call variables
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/hash
> Method: POST
> sid: 9e078944-7c43-439e-8ed0-d36ff316d885
> Params: "user=%7B%22login%22%3A%22rzarate%22%2C%22firstname%
> 22%3A%22Super+User%22%2C%22lastname%22%3A%22lastname%
> 22%2C%22email%22%3A%22admin%40piensocial.com%22%2C%
> 22externalId%22%3A%22425%22%2C%22externalType%22%3A%
> 22joomla%22%7D=%7B%22roomId%22%3A%%22%2C%
> 22moderator%22%3Atrue%2C%22showAudioVideoTest%22%3Atrue%7D"
> headers:
> wraperName: serviceResult
> -
> Rest call
> decoded: {"serviceResult":{"message":"779bad90-fbc2-4ee6-9348-
> 3afd9d2c49d3","type":"SUCCESS"}}
> wraperName: serviceResult
> decoded[wraperName]: {"message":"779bad90-fbc2-
> 4ee6-9348-3afd9d2c49d3","type":"SUCCESS"}
> -
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=
> 779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
> -
> Front end url
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=
> 779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
> -
>
> I compared with moodle plugin and i just cant see what i am doing wrong.
>
>
> Thanks in advance.
> Ramón
>



-- 
WBR
Maxim aka solomax

Problems opening rooms using webservices

2018-04-11 Thread Ramón Zárate Moedano 
Hello everyone.
I have being "fighting" with this and i dont know what is wrong.

Name: OpenMeetings
Version: 4.0.1
Revision 3795f14

And i am using PHP API. (
https://github.com/openmeetings/openmeetings-api-plugin)

I can create, edit and delete rooms. But when i try to enter one room front
end never ends loading.




User is created and as far as i can see user it's loged in. After trying to
get ir the room if i try to enter OM dashboard as admin i get this error
message.
Access denied. You are not authorized to perform this action So this is the
whole trace i am using (based on php api)

getOmConfig:
{"protocol":"http","host":"XXX.XXX.XXX.XXX","port":"5080","context":"openmeetings","user":"usersoap","pass":"pass","module":"external"}
-
OmGateway function login()
response:
{"message":"bd1229fd-1809-4146-8c9d-ebef572d8764","type":"SUCCESS"}
-
Function call variables
url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
Method: GET
sid:
Params: {"user":"usersoap","pass":"pass"}
headers:
wraperName: serviceResult
-
Rest call
decoded:
{"serviceResult":{"message":"bd1229fd-1809-4146-8c9d-ebef572d8764","type":"SUCCESS"}}
wraperName: serviceResult
decoded[wraperName]:
{"message":"bd1229fd-1809-4146-8c9d-ebef572d8764","type":"SUCCESS"}
-
OmGateway function login()
response:
{"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type":"SUCCESS"}
-
Function call variables
url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
Method: GET
sid:
Params: {"user":"usersoap","pass":"pass"}
headers:
wraperName: serviceResult
-
Rest call
decoded:
{"serviceResult":{"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type":"SUCCESS"}}
wraperName: serviceResult
decoded[wraperName]:
{"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type":"SUCCESS"}
-
gateway->login: 1
-
get User: {"login":"rzarate","firstname":"Super
User","lastname":"lastname","email":"ad...@localhost.com
","externalId":"425","externalType":"external"}
options: {"roomId":"22","moderator":true,"showAudioVideoTest":true}
gateway->getSecureHash: 779bad90-fbc2-4ee6-9348-3afd9d2c49d3
-
get Secure Hash
-
Function call variables
url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/hash
Method: POST
sid: 9e078944-7c43-439e-8ed0-d36ff316d885
Params:
"user=%7B%22login%22%3A%22rzarate%22%2C%22firstname%22%3A%22Super+User%22%2C%22lastname%22%3A%22lastname%22%2C%22email%22%3A%22admin%
40piensocial.com
%22%2C%22externalId%22%3A%22425%22%2C%22externalType%22%3A%22joomla%22%7D=%7B%22roomId%22%3A%%22%2C%22moderator%22%3Atrue%2C%22showAudioVideoTest%22%3Atrue%7D"
headers:
wraperName: serviceResult
-
Rest call
decoded:
{"serviceResult":{"message":"779bad90-fbc2-4ee6-9348-3afd9d2c49d3","type":"SUCCESS"}}
wraperName: serviceResult
decoded[wraperName]:
{"message":"779bad90-fbc2-4ee6-9348-3afd9d2c49d3","type":"SUCCESS"}
-
url:
http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
-
Front end url
url:
http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
-

I compared with moodle plugin and i just cant see what i am doing wrong.


Thanks in advance.
Ramón

Re: Problems opening rooms using webservices

2018-04-11 Thread Ramón Zárate Moedano 
About calling login twice it was my mistake trying to log out i print all
the steps and variables i am using. And thats why. Now is corrected.

About hash. I am doing it.

This is the process.

getOmConfig:
{"protocol":"http","host":"XXX.XXX.XXX.XXX","port":"5080","context":"openmeetings","user":"usersoap","pass":"pass","module":"external"}
-
OmGateway function login()
url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
Method: GET
sid:
Params: {"user":"usersoap","pass":"pass"}
headers:
wraperName: serviceResult
response:
{"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type":"SUCCESS"}
-

-
get User: {"login":"rzarate","firstname":"Super
User","lastname":"lastname","email":"ad...@localhost.com
","externalId":"425","externalType":"external"}
options: {"roomId":"22","moderator":true,"showAudioVideoTest":true}
url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/hash
Method: POST
sid: 9e078944-7c43-439e-8ed0-d36ff316d885
Params:
"user=%7B%22login%22%3A%22rzarate%22%2C%22firstname%22%3A%22Super+User%22%2C%22lastname%22%3A%22lastname%22%2C%22email%22%3A%22admin%
40piensocial.com
%22%2C%22externalId%22%3A%22425%22%2C%22externalType%22%3A%22joomla%22%7D=%7B%22roomId%22%3A%%22%2C%22moderator%22%3Atrue%2C%22showAudioVideoTest%22%3Atrue%7D"
headers:
wraperName: serviceResult

gateway->getSecureHash: 779bad90-fbc2-4ee6-9348-3afd9d2c49d3
-

Front end url
url:
http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
-

Im sending sid using call function (OmRestService.php)

And never loads

Re: New Users Having Trouble with Webcam and Mic Settings

2018-04-11 Thread Daniel Ascher 
Hi Maxim. Yes, I think the additional link you mention would work. Note
that those links should all be set to open a new browser tab (if possible).

Also, could there be link to this from "Check Setup" (see screenshot)?
Thanks! Dan




On Tue, Apr 10, 2018 at 11:32 PM, Maxim Solodovnik 
wrote:

> Hello Daniel,
>
> should it be widget? Or additional link near to "Network testing"?
>
> On Wed, Apr 11, 2018 at 1:47 AM, Daniel Ascher <
> aplusad...@aplustutoring.com> wrote:
>
>> I like that idea Peter. That will work well. Thanks for sharing! I'd like
>> to add this as a "Widget" on the dashboard as well. Would that be difficult
>> to do?
>>
>> Thanks again. Dan
>>
>> On Mon, Apr 9, 2018 at 3:19 AM, Peter Dähn  wrote:
>>
>>> Hi there,
>>>
>>> You could also provide a separate link for the settings. It will be
>>> saved and used next time entering OM. We provide this Information under
>>> "Test your Equipment before using VC"... something like that
>>>
>>> https://yourhost:5080/openmeetings/hash?swf=settings
>>>
>>> Greetings Peter
>>>
>>>
>>> Am 07.04.2018 um 03:37 schrieb Maxim Solodovnik:
>>>
>>> I can try to simplify the dialog, if you can suggest better logic for
>>> cam/mic dialog ...
>>>
>>> WBR, Maxim
>>> (from mobile, sorry for the typos)
>>>
>>> On Sat, Apr 7, 2018, 03:44 David Jentz  wrote:
>>>
 We had a similar complaint from our user base. I actually had a bug
 assigned to me ( in our separate CM tree) to streamline the user
 experience.

 I ended up writing a wrapper script to automate the chromium settings
 and flash settings per user. It also sets up the icedtea so with
 certificate and etc so that the desktop sharing tool works without
 excessive button clicks.

 Since all of this essentially autoconfigures a variety of 3rd party
 apps ( in my case, pepperflash, chromium, and icedtea ) it was pretty apart
 from the openmeetings side.

 Anyhow - thats how I coped with the issue at least.

 -Dave

 On Fri, Apr 6, 2018 at 12:20 PM, Daniel Ascher <
 aplusad...@aplustutoring.com> wrote:

> Hi everyone. I have had several experiences recently when trying to
> use OM with new users (who haven't used the system before). We are using
> the latest version of OM.
>
> Users are having trouble figuring out how to turn on their webcam and
> microphone. They get frustrated and decide just have the meeting without
> the webcam and mic (using the phone). I'm not sure why it is so difficult
> for them. Here are some thoughts:
>
> One issue is that the dropdown for selecting webcam and mic is not
> opening up as soon as they enter the room (like it did in previous
> versions). Once they do open it by using the gear icon they are confused.
> They don't understand they have to allow Flash, or they can find the place
> to allow Flash.
>
> And once they are done with and leave the dropdown they have to click
> on the webcam and mic icons (next to the gear icon). It's a lot of steps
> and I am finding that it's very hard for non-tech savvy people to get
> through it. Am I doing something wrong? How are others handling this
> problem?
>
> Thanks for your help with this.
>
> Dan
>
> --
> Daniel Ascher, M.Ed.
> President
> A+ Test Prep and Tutoring
> "Creating Bright Futures"
>
> 505 York Road, Suite 6
> 
> Jenkintown, PA 19046
> 
> Office:
> 
> 215
> 
> .886.9188
> Click here to schedule a phone call with me.
> 
> Sign Up for A+ News and Test Prep Tips!
> 
>
> 
>


>>
>>
>> --
>> Daniel Ascher, M.Ed.
>> President
>> A+ Test Prep and Tutoring
>> "Creating Bright Futures"
>>
>> 505 York Road, Suite 6
>>

Re: Problems opening rooms using webservices

2018-04-11 Thread Maxim Solodovnik 
Are you also using
https://github.com/openmeetings/openmeetings-api-plugin/blob/master/src/main/scripts/OmGateway.php
?
Do you have any errors in openmeeting.log?

On Thu, Apr 12, 2018 at 12:10 AM, Ramón Zárate Moedano 
wrote:

> About calling login twice it was my mistake trying to log out i print all
> the steps and variables i am using. And thats why. Now is corrected.
>
> About hash. I am doing it.
>
> This is the process.
>
> getOmConfig: {"protocol":"http","host":"XXX.XXX.XXX.XXX","port":"5080"
> ,"context":"openmeetings","user":"usersoap","pass":"pass"
> ,"module":"external"}
> -
> OmGateway function login()
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/login
> Method: GET
> sid:
> Params: {"user":"usersoap","pass":"pass"}
> headers:
> wraperName: serviceResult
> response: {"message":"9e078944-7c43-439e-8ed0-d36ff316d885","type"
> :"SUCCESS"}
> -
>
> -
> get User: {"login":"rzarate","firstname":"Super
> User","lastname":"lastname","email":"ad...@localhost.com","
> externalId":"425","externalType":"external"}
> options: {"roomId":"22","moderator":true,"showAudioVideoTest":true}
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/services/user/hash
> Method: POST
> sid: 9e078944-7c43-439e-8ed0-d36ff316d885
> Params: "user=%7B%22login%22%3A%22rzarate%22%2C%22firstname%
> 22%3A%22Super+User%22%2C%22lastname%22%3A%22lastname%
> 22%2C%22email%22%3A%22admin%40piensocial.com%22%2C%
> 22externalId%22%3A%22425%22%2C%22externalType%22%3A%
> 22joomla%22%7D=%7B%22roomId%22%3A%%22%2C%
> 22moderator%22%3Atrue%2C%22showAudioVideoTest%22%3Atrue%7D"
> headers:
> wraperName: serviceResult
>
> gateway->getSecureHash: 779bad90-fbc2-4ee6-9348-3afd9d2c49d3
> -
>
> Front end url
> url: http://XXX.XXX.XXX.XXX:5080/openmeetings/hash?=
> 779bad90-fbc2-4ee6-9348-3afd9d2c49d3=1
> -
>
> Im sending sid using call function (OmRestService.php)
>
> And never loads 
>



-- 
WBR
Maxim aka solomax

Re: New Users Having Trouble with Webcam and Mic Settings

2018-04-11 Thread Maxim Solodovnik 
Could you please file JIRA?

On Thu, Apr 12, 2018 at 12:31 AM, Daniel Ascher <
aplusad...@aplustutoring.com> wrote:

> Hi Maxim. Yes, I think the additional link you mention would work. Note
> that those links should all be set to open a new browser tab (if possible).
>
> Also, could there be link to this from "Check Setup" (see screenshot)?
> Thanks! Dan
>
>
>
>
> On Tue, Apr 10, 2018 at 11:32 PM, Maxim Solodovnik 
> wrote:
>
>> Hello Daniel,
>>
>> should it be widget? Or additional link near to "Network testing"?
>>
>> On Wed, Apr 11, 2018 at 1:47 AM, Daniel Ascher <
>> aplusad...@aplustutoring.com> wrote:
>>
>>> I like that idea Peter. That will work well. Thanks for sharing! I'd
>>> like to add this as a "Widget" on the dashboard as well. Would that be
>>> difficult to do?
>>>
>>> Thanks again. Dan
>>>
>>> On Mon, Apr 9, 2018 at 3:19 AM, Peter Dähn  wrote:
>>>
 Hi there,

 You could also provide a separate link for the settings. It will be
 saved and used next time entering OM. We provide this Information under
 "Test your Equipment before using VC"... something like that

 https://yourhost:5080/openmeetings/hash?swf=settings

 Greetings Peter


 Am 07.04.2018 um 03:37 schrieb Maxim Solodovnik:

 I can try to simplify the dialog, if you can suggest better logic for
 cam/mic dialog ...

 WBR, Maxim
 (from mobile, sorry for the typos)

 On Sat, Apr 7, 2018, 03:44 David Jentz  wrote:

> We had a similar complaint from our user base. I actually had a bug
> assigned to me ( in our separate CM tree) to streamline the user
> experience.
>
> I ended up writing a wrapper script to automate the chromium settings
> and flash settings per user. It also sets up the icedtea so with
> certificate and etc so that the desktop sharing tool works without
> excessive button clicks.
>
> Since all of this essentially autoconfigures a variety of 3rd party
> apps ( in my case, pepperflash, chromium, and icedtea ) it was pretty 
> apart
> from the openmeetings side.
>
> Anyhow - thats how I coped with the issue at least.
>
> -Dave
>
> On Fri, Apr 6, 2018 at 12:20 PM, Daniel Ascher <
> aplusad...@aplustutoring.com> wrote:
>
>> Hi everyone. I have had several experiences recently when trying to
>> use OM with new users (who haven't used the system before). We are using
>> the latest version of OM.
>>
>> Users are having trouble figuring out how to turn on their webcam and
>> microphone. They get frustrated and decide just have the meeting without
>> the webcam and mic (using the phone). I'm not sure why it is so difficult
>> for them. Here are some thoughts:
>>
>> One issue is that the dropdown for selecting webcam and mic is not
>> opening up as soon as they enter the room (like it did in previous
>> versions). Once they do open it by using the gear icon they are confused.
>> They don't understand they have to allow Flash, or they can find the 
>> place
>> to allow Flash.
>>
>> And once they are done with and leave the dropdown they have to click
>> on the webcam and mic icons (next to the gear icon). It's a lot of steps
>> and I am finding that it's very hard for non-tech savvy people to get
>> through it. Am I doing something wrong? How are others handling this
>> problem?
>>
>> Thanks for your help with this.
>>
>> Dan
>>
>> --
>> Daniel Ascher, M.Ed.
>> President
>> A+ Test Prep and Tutoring
>> "Creating Bright Futures"
>>
>> 505 York Road, Suite 6
>> 
>> Jenkintown, PA 19046
>> 
>> Office:
>> 
>> 215
>> 
>> .886.9188
>> Click here to schedule a phone call with me.
>> 
>> Sign Up for A+ News and Test Prep Tips!
>> 
>>
>>