diff options
author | Maxime Quandalle <maxime@quandalle.com> | 2015-09-08 20:19:42 +0200 |
---|---|---|
committer | Maxime Quandalle <maxime@quandalle.com> | 2015-09-08 20:19:42 +0200 |
commit | 45b662a1ddb46a0f17fab7b2383c82aa1e1620ef (patch) | |
tree | cc7be215c7e7ebffd2597df70cf271b3dd435e1a /models/activities.js | |
parent | c04341f1ea5efe082bf7318cf9eb0e99b9b8374a (diff) | |
download | wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.gz wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.bz2 wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.zip |
Centralize all mutations at the model level
This commit uses a new package that I need to document. It tries to
solve the long-standing debate in the Meteor community about
allow/deny rules versus methods (RPC).
This approach gives us both the centralized security rules of
allow/deny and the white-list of allowed mutations similarly to Meteor
methods. The idea to have static mutation descriptions is also
inspired by Facebook's Relay/GraphQL.
This will allow the development of a REST API using the high-level
methods instead of the MongoDB queries to do the mapping between the
HTTP requests and our collections.
Diffstat (limited to 'models/activities.js')
-rw-r--r-- | models/activities.js | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/models/activities.js b/models/activities.js new file mode 100644 index 00000000..5de07ee5 --- /dev/null +++ b/models/activities.js @@ -0,0 +1,51 @@ +// Activities don't need a schema because they are always set from the a trusted +// environment - the server - and there is no risk that a user change the logic +// we use with this collection. Moreover using a schema for this collection +// would be difficult (different activities have different fields) and wouldn't +// bring any direct advantage. +// +// XXX The activities API is not so nice and need some functionalities. For +// instance if a user archive a card, and un-archive it a few seconds later we +// should remove both activities assuming it was an error the user decided to +// revert. +Activities = new Mongo.Collection('activities'); + +Activities.helpers({ + board() { + return Boards.findOne(this.boardId); + }, + user() { + return Users.findOne(this.userId); + }, + member() { + return Users.findOne(this.memberId); + }, + list() { + return Lists.findOne(this.listId); + }, + oldList() { + return Lists.findOne(this.oldListId); + }, + card() { + return Cards.findOne(this.cardId); + }, + comment() { + return CardComments.findOne(this.commentId); + }, + attachment() { + return Attachments.findOne(this.attachmentId); + }, +}); + +Activities.before.insert((userId, doc) => { + doc.createdAt = new Date(); +}); + +// For efficiency create an index on the date of creation. +if (Meteor.isServer) { + Meteor.startup(() => { + Activities._collection._ensureIndex({ + createdAt: -1, + }); + }); +} |