diff options
author | Lauri Ojansivu <x@xet7.org> | 2017-10-20 14:29:32 +0300 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2017-10-20 14:29:32 +0300 |
commit | b92cde23aa74e516ae3c26c1bff1b4090e090c37 (patch) | |
tree | 028f0e832c12e7c4cc9abe8e494bad1365508ed9 | |
parent | 93d8a3f88a01fe4f51f36b5d0a5b7365a3d7d294 (diff) | |
parent | 21f76bcacc5d2a420783ab6320d7c9c6cc630489 (diff) | |
download | wekan-b92cde23aa74e516ae3c26c1bff1b4090e090c37.tar.gz wekan-b92cde23aa74e516ae3c26c1bff1b4090e090c37.tar.bz2 wekan-b92cde23aa74e516ae3c26c1bff1b4090e090c37.zip |
Merge branch 'soohwa-1285-feature-disable-user' into devel
REST API:
- Disable and enable user login.
- Take ownership boards of a user.
- List boards of user.
Thanks to soohwa ! Closes #1285, closes #1220, closes #1118
-rw-r--r-- | CHANGELOG.md | 8 | ||||
-rw-r--r-- | models/boards.js | 11 | ||||
-rw-r--r-- | models/users.js | 38 | ||||
-rw-r--r-- | server/authentication.js | 5 |
4 files changed, 61 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 91b014e1..9c626835 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +# Upcoming Wekan release + +This release adds the following new features: + +* [REST API: Disable and enable user login. Take ownership boards of a user. List boards of user.](https://github.com/wekan/wekan/pull/1296) + +Thanks to GitHub user soohwa for contributions. + # v0.50 2017-10-10 Wekan release This release fixes the following bugs: diff --git a/models/boards.js b/models/boards.js index 8a7844e2..cd633f56 100644 --- a/models/boards.js +++ b/models/boards.js @@ -298,6 +298,15 @@ Boards.mutations({ return { $pull: { labels: { _id: labelId } } }; }, + changeOwnership(fromId, toId) { + const memberIndex = this.memberIndex(fromId); + return { + $set: { + [`members.${memberIndex}.userId`]: toId, + }, + }; + }, + addMember(memberId) { const memberIndex = this.memberIndex(memberId); if (memberIndex >= 0) { @@ -565,7 +574,7 @@ if (Meteor.isServer) { const data = Boards.find({ archived: false, - 'members.userId': req.userId, + 'members.userId': paramUserId, }, { sort: ['title'], }).map(function(board) { diff --git a/models/users.js b/models/users.js index 3d4ff935..abc0f82d 100644 --- a/models/users.js +++ b/models/users.js @@ -112,6 +112,10 @@ Users.attachSchema(new SimpleSchema({ type: Boolean, optional: true, }, + loginDisabled: { + type: Boolean, + optional: true, + }, })); // Search a user in the complete server database by its name or username. This @@ -597,6 +601,40 @@ if (Meteor.isServer) { data: Meteor.users.findOne({ _id: id }), }); }); + JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) { + Authentication.checkUserId( req.userId); + const id = req.params.id; + const action = req.body.action; + let data = Meteor.users.findOne({ _id: id }); + if (data !== undefined) { + if (action === 'takeOwnership') { + data = Boards.find({ + 'members.userId': id, + 'members.isAdmin': true, + }).map(function(board) { + if (board.hasMember(req.userId)) { + board.removeMember(req.userId); + } + board.changeOwnership(id, req.userId); + return { + _id: board._id, + title: board.title, + }; + }); + } else { + if ((action === 'disableLogin') && (id !== req.userId)) { + Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } }); + } else if (action === 'enableLogin') { + Users.update({ _id: id }, { $set: { loginDisabled: '' } }); + } + data = Meteor.users.findOne({ _id: id }); + } + } + JsonRoutes.sendResult(res, { + code: 200, + data, + }); + }); JsonRoutes.add('POST', '/api/users/', function (req, res, next) { Authentication.checkUserId( req.userId); const id = Accounts.createUser({ diff --git a/server/authentication.js b/server/authentication.js index 23ed8f56..3dd1f478 100644 --- a/server/authentication.js +++ b/server/authentication.js @@ -1,4 +1,9 @@ Meteor.startup(() => { + + Accounts.validateLoginAttempt(function (options) { + return !options.user.loginDisabled; + }); + Authentication = {}; Authentication.checkUserId = function (userId) { |