summaryrefslogtreecommitdiffstats
path: root/models/users.js
diff options
context:
space:
mode:
authorLauri Ojansivu <x@xet7.org>2019-08-20 19:25:37 +0300
committerLauri Ojansivu <x@xet7.org>2019-08-20 19:25:37 +0300
commitf96c1eda707aecbaccbe248aa97498a0899fab4d (patch)
tree37da48950d4788ad9d76fa139129103674fa971c /models/users.js
parente9bbbb6a040acf518e6d9a3374270c094b6a2287 (diff)
downloadwekan-f96c1eda707aecbaccbe248aa97498a0899fab4d.tar.gz
wekan-f96c1eda707aecbaccbe248aa97498a0899fab4d.tar.bz2
wekan-f96c1eda707aecbaccbe248aa97498a0899fab4d.zip
v3.22v3.22
Diffstat (limited to 'models/users.js')
-rw-r--r--models/users.js39
1 files changed, 28 insertions, 11 deletions
diff --git a/models/users.js b/models/users.js
index dc286128..0d1f2271 100644
--- a/models/users.js
+++ b/models/users.js
@@ -259,21 +259,38 @@ Users.attachSchema(
Users.before.update(function(userId, fieldNames) {
const user = Users.findOne({ _id: userId });
- if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) { return true; }
- if (!user) { return false; }
- if (_.contains(fieldNames, 'services')) { return false; }
- if (_.contains(fieldNames, 'heartBeat')) { return false; }
- if (_.contains(fieldNames, 'isAdmin')) { return false; }
- if (_.contains(fieldNames, 'loginDisabled')) { return false; }
- if (_.contains(fieldNames, 'authenticationMethod')) { return false; }
+ if ((user && user.isAdmin) || (Meteor.user() && Meteor.user().isAdmin)) {
+ return true;
+ }
+ if (!user) {
+ return false;
+ }
+ if (_.contains(fieldNames, 'services')) {
+ return false;
+ }
+ if (_.contains(fieldNames, 'heartBeat')) {
+ return false;
+ }
+ if (_.contains(fieldNames, 'isAdmin')) {
+ return false;
+ }
+ if (_.contains(fieldNames, 'loginDisabled')) {
+ return false;
+ }
+ if (_.contains(fieldNames, 'authenticationMethod')) {
+ return false;
+ }
});
Users.allow({
update(userId, doc) {
- const user = Users.findOne({ _id: userId });
- if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) return true;
- if (!user) { return false; }
- return doc._id === userId;
+ const user = Users.findOne({ _id: userId });
+ if ((user && user.isAdmin) || (Meteor.user() && Meteor.user().isAdmin))
+ return true;
+ if (!user) {
+ return false;
+ }
+ return doc._id === userId;
},
remove(userId, doc) {
const adminsNumber = Users.find({ isAdmin: true }).count();