Registration validation based on Zoom account permissions

[paulandm]

Registration validation based on Zoom account permissions

[jrchamp]

Hi @paulandm

Thank you for opening this pull request. It looks like this code is checking if the current user has the Owner role in Zoom. That may not be the most universal way to check if registration is possible in a user's Zoom meetings. Is this restriction implementation specific to your organization's needs? Or is there a more universal way that this could be implemented?

[paulandm]

Hi @jrchamp , thanks for taking a look at this.
It seems like Zoom users who do not have the 'Owner' role don't have the capability of creating meetings/webinars with the registration option (on the Zoom web page itself, not from Moodle).
We had a look through the Zoom permissions, but couldn't find one specifically related to creating meetings/webinars with a registration option, so we ended up using the 'Owner' role as a workaround.
So my feeling is this should actually be a global validation, but since there's no specific permission (unless I'm mistaken) available, it makes it a little tricky.

[jrchamp]

Hi @paulandm

I've been researching how registration works and I agree that there does not appear to be specific information in the API or the Zoom settings for who can and cannot register. The best resource that I have found is https://support.zoom.us/hc/en-us/articles/211579443-Scheduling-and-customizing-a-meeting-with-registration

Prerequisites for scheduling meetings with registration

• Licensed host
• The meeting ID must be generated automatically instead of using your PMI
• The meeting cannot be a No Fixed Time recurring meeting

So the user's type must be 2 (Licensed), the meeting's use_pmi must be false, and the meeting's type cannot be 3 (A recurring meeting with no fixed time).

[paulandm]

Hi @jrchamp
Thanks for the info above.
Since we don't specify the 'use_pmi' setting when creating the Zoom meeting, ours is already created with a default value of false. The current validation also hides the registration component when the 'No Fixed Time recurring meeting' recurring type is selected.
So I think the only thing to do here is to check for the user type and make sure it's '2' (Licensed). I've changed our local code like this.

[jrchamp]

That makes sense to me. So instead of the current code, we need to make sure that the host is Licensed if we are planning to show the registration option. And for safety, we should set use_pmi to false in the database_to_api() function when registration is requested:

moodle-mod_zoom/classes/webservice.php

Lines 630 to 632 in 6673a2d

	if (isset($zoom->registration)) {
	$data['settings']['approval_type'] = $zoom->registration;
	}

So this will go between line 631 and 632

            if ($zoom->registration != ZOOM_REGISTRATION_OFF) {
                $data['settings']['use_pmi'] = false;
            }

[paulandm]

Yes @jrchamp , thank you. That sounds good to me.

[paulandm]

This PR can be closed.

The above-mentioned changes have been implemented in a new PR:
#622