diff options
author | Maxime Quandalle <maxime@quandalle.com> | 2015-09-08 20:19:42 +0200 |
---|---|---|
committer | Maxime Quandalle <maxime@quandalle.com> | 2015-09-08 20:19:42 +0200 |
commit | 45b662a1ddb46a0f17fab7b2383c82aa1e1620ef (patch) | |
tree | cc7be215c7e7ebffd2597df70cf271b3dd435e1a /client/components/users | |
parent | c04341f1ea5efe082bf7318cf9eb0e99b9b8374a (diff) | |
download | wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.gz wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.bz2 wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.zip |
Centralize all mutations at the model level
This commit uses a new package that I need to document. It tries to
solve the long-standing debate in the Meteor community about
allow/deny rules versus methods (RPC).
This approach gives us both the centralized security rules of
allow/deny and the white-list of allowed mutations similarly to Meteor
methods. The idea to have static mutation descriptions is also
inspired by Facebook's Relay/GraphQL.
This will allow the development of a REST API using the high-level
methods instead of the MongoDB queries to do the mapping between the
HTTP requests and our collections.
Diffstat (limited to 'client/components/users')
-rw-r--r-- | client/components/users/userAvatar.js | 22 |
1 files changed, 4 insertions, 18 deletions
diff --git a/client/components/users/userAvatar.js b/client/components/users/userAvatar.js index 04add0a6..1f1da251 100644 --- a/client/components/users/userAvatar.js +++ b/client/components/users/userAvatar.js @@ -82,11 +82,7 @@ BlazeComponent.extendComponent({ }, setAvatar(avatarUrl) { - Meteor.users.update(Meteor.userId(), { - $set: { - 'profile.avatarUrl': avatarUrl, - }, - }); + Meteor.user().setAvatarUrl(avatarUrl); }, setError(error) { @@ -151,19 +147,9 @@ Template.cardMembersPopup.helpers({ Template.cardMembersPopup.events({ 'click .js-select-member'(evt) { - const cardId = Template.parentData(2).data._id; + const card = Cards.findOne(Session.get('currentCard')); const memberId = this.userId; - let operation; - if (Cards.find({ _id: cardId, members: memberId}).count() === 0) - operation = '$addToSet'; - else - operation = '$pull'; - - Cards.update(cardId, { - [operation]: { - members: memberId, - }, - }); + card.toggleMember(memberId); evt.preventDefault(); }, }); @@ -176,7 +162,7 @@ Template.cardMemberPopup.helpers({ Template.cardMemberPopup.events({ 'click .js-remove-member'() { - Cards.update(this.cardId, {$pull: {members: this.userId}}); + Cards.findOne(this.cardId).unassignMember(this.userId); Popup.close(); }, 'click .js-edit-profile': Popup.open('editProfile'), |