diff options
author | Lauri Ojansivu <x@xet7.org> | 2017-11-19 01:45:58 +0200 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2017-11-19 01:45:58 +0200 |
commit | 0ea96fca3f9c4ca876b1f11969958b6fb0417420 (patch) | |
tree | a58f4dcd84018b907ead1246ef8eccd805bba231 /models/users.js | |
parent | 13d8e75c05cf8ed90c4b5d8ee5aadad0f9444b8f (diff) | |
parent | 75c5eeb0460889fb79ba2b963e18ea240d7253ca (diff) | |
download | wekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.tar.gz wekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.tar.bz2 wekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.zip |
Merge branch 'thuanpq-devel' into devel
User Admin to Admin Panel: List users.
Change: is user admin, name, fullname, email address, is user active.
Not changing password yet. Thanks to thuanpq and xet7 ! Related #802
Diffstat (limited to 'models/users.js')
-rw-r--r-- | models/users.js | 116 |
1 files changed, 65 insertions, 51 deletions
diff --git a/models/users.js b/models/users.js index abc0f82d..9a0a61a4 100644 --- a/models/users.js +++ b/models/users.js @@ -118,6 +118,13 @@ Users.attachSchema(new SimpleSchema({ }, })); +Users.allow({ + update(userId) { + const user = Users.findOne(userId); + return user && Meteor.user().isAdmin; + }, +}); + // Search a user in the complete server database by its name or username. This // is used for instance to add a new user to a board. const searchInFields = ['username', 'profile.fullname']; @@ -152,36 +159,36 @@ if (Meteor.isClient) { Users.helpers({ boards() { - return Boards.find({ userId: this._id }); + return Boards.find({userId: this._id}); }, starredBoards() { - const { starredBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: starredBoards } }); + const {starredBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: starredBoards}}); }, hasStarred(boardId) { - const { starredBoards = [] } = this.profile; + const {starredBoards = []} = this.profile; return _.contains(starredBoards, boardId); }, invitedBoards() { - const { invitedBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: invitedBoards } }); + const {invitedBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: invitedBoards}}); }, isInvitedTo(boardId) { - const { invitedBoards = [] } = this.profile; + const {invitedBoards = []} = this.profile; return _.contains(invitedBoards, boardId); }, hasTag(tag) { - const { tags = [] } = this.profile; + const {tags = []} = this.profile; return _.contains(tags, tag); }, hasNotification(activityId) { - const { notifications = [] } = this.profile; + const {notifications = []} = this.profile; return _.contains(notifications, activityId); }, @@ -191,7 +198,7 @@ Users.helpers({ }, getEmailBuffer() { - const { emailBuffer = [] } = this.profile; + const {emailBuffer = []} = this.profile; return emailBuffer; }, @@ -316,22 +323,22 @@ Users.mutations({ }, setAvatarUrl(avatarUrl) { - return { $set: { 'profile.avatarUrl': avatarUrl } }; + return {$set: {'profile.avatarUrl': avatarUrl}}; }, setShowCardsCountAt(limit) { - return { $set: { 'profile.showCardsCountAt': limit } }; + return {$set: {'profile.showCardsCountAt': limit}}; }, }); Meteor.methods({ - setUsername(username) { + setUsername(username, userId) { check(username, String); - const nUsersWithUsername = Users.find({ username }).count(); + const nUsersWithUsername = Users.find({username}).count(); if (nUsersWithUsername > 0) { throw new Meteor.Error('username-already-taken'); } else { - Users.update(this.userId, { $set: { username } }); + Users.update(userId, {$set: {username}}); } }, toggleSystemMessages() { @@ -342,13 +349,13 @@ Meteor.methods({ check(limit, Number); Meteor.user().setShowCardsCountAt(limit); }, - setEmail(email) { + setEmail(email, userId) { check(email, String); - const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } }); + const existingUser = Users.findOne({'emails.address': email}, {fields: {_id: 1}}); if (existingUser) { throw new Meteor.Error('email-already-taken'); } else { - Users.update(this.userId, { + Users.update(userId, { $set: { emails: [{ address: email, @@ -358,11 +365,12 @@ Meteor.methods({ }); } }, - setUsernameAndEmail(username, email) { + setUsernameAndEmail(username, email, userId) { check(username, String); check(email, String); - Meteor.call('setUsername', username); - Meteor.call('setEmail', email); + check(userId, String); + Meteor.call('setUsername', username, userId); + Meteor.call('setEmail', email, userId); }, }); @@ -379,8 +387,8 @@ if (Meteor.isServer) { board && board.members && _.contains(_.pluck(board.members, 'userId'), inviter._id) && - _.where(board.members, { userId: inviter._id })[0].isActive && - _.where(board.members, { userId: inviter._id })[0].isAdmin; + _.where(board.members, {userId: inviter._id})[0].isActive && + _.where(board.members, {userId: inviter._id})[0].isAdmin; if (!allowInvite) throw new Meteor.Error('error-board-notAMember'); this.unblock(); @@ -388,9 +396,9 @@ if (Meteor.isServer) { const posAt = username.indexOf('@'); let user = null; if (posAt >= 0) { - user = Users.findOne({ emails: { $elemMatch: { address: username } } }); + user = Users.findOne({emails: {$elemMatch: {address: username}}}); } else { - user = Users.findOne(username) || Users.findOne({ username }); + user = Users.findOne(username) || Users.findOne({username}); } if (user) { if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf'); @@ -400,7 +408,7 @@ if (Meteor.isServer) { // Set in lowercase email before creating account const email = username.toLowerCase(); username = email.substring(0, posAt); - const newUserId = Accounts.createUser({ username, email }); + const newUserId = Accounts.createUser({username, email}); if (!newUserId) throw new Meteor.Error('error-user-notCreated'); // assume new user speak same language with inviter if (inviter.profile && inviter.profile.language) { @@ -434,7 +442,7 @@ if (Meteor.isServer) { } catch (e) { throw new Meteor.Error('email-fail', e.message); } - return { username: user.username, email: user.emails[0].address }; + return {username: user.username, email: user.emails[0].address}; }, }); Accounts.onCreateUser((options, user) => { @@ -457,11 +465,15 @@ if (Meteor.isServer) { if (!options || !options.profile) { throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required'); } - const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true }); + const invitationCode = InvitationCodes.findOne({ + code: options.profile.invitationcode, + email: options.email, + valid: true, + }); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist'); } else { - user.profile = { icode: options.profile.invitationcode }; + user.profile = {icode: options.profile.invitationcode}; } return user; @@ -473,7 +485,7 @@ if (Meteor.isServer) { Meteor.startup(() => { Users._collection._ensureIndex({ username: 1, - }, { unique: true }); + }, {unique: true}); }); // Each board document contains the de-normalized number of users that have @@ -492,6 +504,7 @@ if (Meteor.isServer) { function getStarredBoardsIds(doc) { return doc.profile && doc.profile.starredBoards; } + const oldIds = getStarredBoardsIds(this.previous); const newIds = getStarredBoardsIds(user); @@ -500,9 +513,10 @@ if (Meteor.isServer) { // direction and then in the other. function incrementBoards(boardsIds, inc) { boardsIds.forEach((boardId) => { - Boards.update(boardId, { $inc: { stars: inc } }); + Boards.update(boardId, {$inc: {stars: inc}}); }); } + incrementBoards(_.difference(oldIds, newIds), -1); incrementBoards(_.difference(newIds, oldIds), +1); }); @@ -529,7 +543,7 @@ if (Meteor.isServer) { }, fakeUser, (err, boardId) => { ['welcome-list1', 'welcome-list2'].forEach((title) => { - Lists.insert({ title: TAPi18n.__(title), boardId }, fakeUser); + Lists.insert({title: TAPi18n.__(title), boardId}, fakeUser); }); }); }); @@ -545,14 +559,14 @@ if (Meteor.isServer) { // the disableRegistration check. // Issue : https://github.com/wekan/wekan/issues/1232 // PR : https://github.com/wekan/wekan/pull/1251 - Users.update(doc._id, { $set: { createdThroughApi: '' } }); + Users.update(doc._id, {$set: {createdThroughApi: ''}}); return; } //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; if (disableRegistration) { - const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true }); + const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); } else { @@ -564,8 +578,8 @@ if (Meteor.isServer) { doc.profile = {}; } doc.profile.invitedBoards = invitationCode.boardsToBeInvited; - Users.update(doc._id, { $set: { profile: doc.profile } }); - InvitationCodes.update(invitationCode._id, { $set: { valid: false } }); + Users.update(doc._id, {$set: {profile: doc.profile}}); + InvitationCodes.update(invitationCode._id, {$set: {valid: false}}); } } }); @@ -574,9 +588,9 @@ if (Meteor.isServer) { // USERS REST API if (Meteor.isServer) { - JsonRoutes.add('GET', '/api/user', function(req, res, next) { + JsonRoutes.add('GET', '/api/user', function (req, res, next) { Authentication.checkLoggedIn(req.userId); - const data = Meteor.users.findOne({ _id: req.userId}); + const data = Meteor.users.findOne({_id: req.userId}); delete data.services; JsonRoutes.sendResult(res, { code: 200, @@ -585,33 +599,33 @@ if (Meteor.isServer) { }); JsonRoutes.add('GET', '/api/users', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); JsonRoutes.sendResult(res, { code: 200, data: Meteor.users.find({}).map(function (doc) { - return { _id: doc._id, username: doc.username }; + return {_id: doc._id, username: doc.username}; }), }); }); JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; JsonRoutes.sendResult(res, { code: 200, - data: Meteor.users.findOne({ _id: id }), + data: Meteor.users.findOne({_id: id}), }); }); JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; const action = req.body.action; - let data = Meteor.users.findOne({ _id: id }); + let data = Meteor.users.findOne({_id: id}); if (data !== undefined) { if (action === 'takeOwnership') { data = Boards.find({ 'members.userId': id, 'members.isAdmin': true, - }).map(function(board) { + }).map(function (board) { if (board.hasMember(req.userId)) { board.removeMember(req.userId); } @@ -623,11 +637,11 @@ if (Meteor.isServer) { }); } else { if ((action === 'disableLogin') && (id !== req.userId)) { - Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } }); + Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}}); } else if (action === 'enableLogin') { - Users.update({ _id: id }, { $set: { loginDisabled: '' } }); + Users.update({_id: id}, {$set: {loginDisabled: ''}}); } - data = Meteor.users.findOne({ _id: id }); + data = Meteor.users.findOne({_id: id}); } } JsonRoutes.sendResult(res, { @@ -636,7 +650,7 @@ if (Meteor.isServer) { }); }); JsonRoutes.add('POST', '/api/users/', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = Accounts.createUser({ username: req.body.username, email: req.body.email, @@ -653,9 +667,9 @@ if (Meteor.isServer) { }); JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; - Meteor.users.remove({ _id: id }); + Meteor.users.remove({_id: id}); JsonRoutes.sendResult(res, { code: 200, data: { |