summaryrefslogtreecommitdiffstats
path: root/models/users.js
diff options
context:
space:
mode:
authorLauri Ojansivu <x@xet7.org>2017-11-19 01:45:58 +0200
committerLauri Ojansivu <x@xet7.org>2017-11-19 01:45:58 +0200
commit0ea96fca3f9c4ca876b1f11969958b6fb0417420 (patch)
treea58f4dcd84018b907ead1246ef8eccd805bba231 /models/users.js
parent13d8e75c05cf8ed90c4b5d8ee5aadad0f9444b8f (diff)
parent75c5eeb0460889fb79ba2b963e18ea240d7253ca (diff)
downloadwekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.tar.gz
wekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.tar.bz2
wekan-0ea96fca3f9c4ca876b1f11969958b6fb0417420.zip
Merge branch 'thuanpq-devel' into devel
User Admin to Admin Panel: List users. Change: is user admin, name, fullname, email address, is user active. Not changing password yet. Thanks to thuanpq and xet7 ! Related #802
Diffstat (limited to 'models/users.js')
-rw-r--r--models/users.js116
1 files changed, 65 insertions, 51 deletions
diff --git a/models/users.js b/models/users.js
index abc0f82d..9a0a61a4 100644
--- a/models/users.js
+++ b/models/users.js
@@ -118,6 +118,13 @@ Users.attachSchema(new SimpleSchema({
},
}));
+Users.allow({
+ update(userId) {
+ const user = Users.findOne(userId);
+ return user && Meteor.user().isAdmin;
+ },
+});
+
// Search a user in the complete server database by its name or username. This
// is used for instance to add a new user to a board.
const searchInFields = ['username', 'profile.fullname'];
@@ -152,36 +159,36 @@ if (Meteor.isClient) {
Users.helpers({
boards() {
- return Boards.find({ userId: this._id });
+ return Boards.find({userId: this._id});
},
starredBoards() {
- const { starredBoards = [] } = this.profile;
- return Boards.find({ archived: false, _id: { $in: starredBoards } });
+ const {starredBoards = []} = this.profile;
+ return Boards.find({archived: false, _id: {$in: starredBoards}});
},
hasStarred(boardId) {
- const { starredBoards = [] } = this.profile;
+ const {starredBoards = []} = this.profile;
return _.contains(starredBoards, boardId);
},
invitedBoards() {
- const { invitedBoards = [] } = this.profile;
- return Boards.find({ archived: false, _id: { $in: invitedBoards } });
+ const {invitedBoards = []} = this.profile;
+ return Boards.find({archived: false, _id: {$in: invitedBoards}});
},
isInvitedTo(boardId) {
- const { invitedBoards = [] } = this.profile;
+ const {invitedBoards = []} = this.profile;
return _.contains(invitedBoards, boardId);
},
hasTag(tag) {
- const { tags = [] } = this.profile;
+ const {tags = []} = this.profile;
return _.contains(tags, tag);
},
hasNotification(activityId) {
- const { notifications = [] } = this.profile;
+ const {notifications = []} = this.profile;
return _.contains(notifications, activityId);
},
@@ -191,7 +198,7 @@ Users.helpers({
},
getEmailBuffer() {
- const { emailBuffer = [] } = this.profile;
+ const {emailBuffer = []} = this.profile;
return emailBuffer;
},
@@ -316,22 +323,22 @@ Users.mutations({
},
setAvatarUrl(avatarUrl) {
- return { $set: { 'profile.avatarUrl': avatarUrl } };
+ return {$set: {'profile.avatarUrl': avatarUrl}};
},
setShowCardsCountAt(limit) {
- return { $set: { 'profile.showCardsCountAt': limit } };
+ return {$set: {'profile.showCardsCountAt': limit}};
},
});
Meteor.methods({
- setUsername(username) {
+ setUsername(username, userId) {
check(username, String);
- const nUsersWithUsername = Users.find({ username }).count();
+ const nUsersWithUsername = Users.find({username}).count();
if (nUsersWithUsername > 0) {
throw new Meteor.Error('username-already-taken');
} else {
- Users.update(this.userId, { $set: { username } });
+ Users.update(userId, {$set: {username}});
}
},
toggleSystemMessages() {
@@ -342,13 +349,13 @@ Meteor.methods({
check(limit, Number);
Meteor.user().setShowCardsCountAt(limit);
},
- setEmail(email) {
+ setEmail(email, userId) {
check(email, String);
- const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } });
+ const existingUser = Users.findOne({'emails.address': email}, {fields: {_id: 1}});
if (existingUser) {
throw new Meteor.Error('email-already-taken');
} else {
- Users.update(this.userId, {
+ Users.update(userId, {
$set: {
emails: [{
address: email,
@@ -358,11 +365,12 @@ Meteor.methods({
});
}
},
- setUsernameAndEmail(username, email) {
+ setUsernameAndEmail(username, email, userId) {
check(username, String);
check(email, String);
- Meteor.call('setUsername', username);
- Meteor.call('setEmail', email);
+ check(userId, String);
+ Meteor.call('setUsername', username, userId);
+ Meteor.call('setEmail', email, userId);
},
});
@@ -379,8 +387,8 @@ if (Meteor.isServer) {
board &&
board.members &&
_.contains(_.pluck(board.members, 'userId'), inviter._id) &&
- _.where(board.members, { userId: inviter._id })[0].isActive &&
- _.where(board.members, { userId: inviter._id })[0].isAdmin;
+ _.where(board.members, {userId: inviter._id})[0].isActive &&
+ _.where(board.members, {userId: inviter._id})[0].isAdmin;
if (!allowInvite) throw new Meteor.Error('error-board-notAMember');
this.unblock();
@@ -388,9 +396,9 @@ if (Meteor.isServer) {
const posAt = username.indexOf('@');
let user = null;
if (posAt >= 0) {
- user = Users.findOne({ emails: { $elemMatch: { address: username } } });
+ user = Users.findOne({emails: {$elemMatch: {address: username}}});
} else {
- user = Users.findOne(username) || Users.findOne({ username });
+ user = Users.findOne(username) || Users.findOne({username});
}
if (user) {
if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf');
@@ -400,7 +408,7 @@ if (Meteor.isServer) {
// Set in lowercase email before creating account
const email = username.toLowerCase();
username = email.substring(0, posAt);
- const newUserId = Accounts.createUser({ username, email });
+ const newUserId = Accounts.createUser({username, email});
if (!newUserId) throw new Meteor.Error('error-user-notCreated');
// assume new user speak same language with inviter
if (inviter.profile && inviter.profile.language) {
@@ -434,7 +442,7 @@ if (Meteor.isServer) {
} catch (e) {
throw new Meteor.Error('email-fail', e.message);
}
- return { username: user.username, email: user.emails[0].address };
+ return {username: user.username, email: user.emails[0].address};
},
});
Accounts.onCreateUser((options, user) => {
@@ -457,11 +465,15 @@ if (Meteor.isServer) {
if (!options || !options.profile) {
throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required');
}
- const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true });
+ const invitationCode = InvitationCodes.findOne({
+ code: options.profile.invitationcode,
+ email: options.email,
+ valid: true,
+ });
if (!invitationCode) {
throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist');
} else {
- user.profile = { icode: options.profile.invitationcode };
+ user.profile = {icode: options.profile.invitationcode};
}
return user;
@@ -473,7 +485,7 @@ if (Meteor.isServer) {
Meteor.startup(() => {
Users._collection._ensureIndex({
username: 1,
- }, { unique: true });
+ }, {unique: true});
});
// Each board document contains the de-normalized number of users that have
@@ -492,6 +504,7 @@ if (Meteor.isServer) {
function getStarredBoardsIds(doc) {
return doc.profile && doc.profile.starredBoards;
}
+
const oldIds = getStarredBoardsIds(this.previous);
const newIds = getStarredBoardsIds(user);
@@ -500,9 +513,10 @@ if (Meteor.isServer) {
// direction and then in the other.
function incrementBoards(boardsIds, inc) {
boardsIds.forEach((boardId) => {
- Boards.update(boardId, { $inc: { stars: inc } });
+ Boards.update(boardId, {$inc: {stars: inc}});
});
}
+
incrementBoards(_.difference(oldIds, newIds), -1);
incrementBoards(_.difference(newIds, oldIds), +1);
});
@@ -529,7 +543,7 @@ if (Meteor.isServer) {
}, fakeUser, (err, boardId) => {
['welcome-list1', 'welcome-list2'].forEach((title) => {
- Lists.insert({ title: TAPi18n.__(title), boardId }, fakeUser);
+ Lists.insert({title: TAPi18n.__(title), boardId}, fakeUser);
});
});
});
@@ -545,14 +559,14 @@ if (Meteor.isServer) {
// the disableRegistration check.
// Issue : https://github.com/wekan/wekan/issues/1232
// PR : https://github.com/wekan/wekan/pull/1251
- Users.update(doc._id, { $set: { createdThroughApi: '' } });
+ Users.update(doc._id, {$set: {createdThroughApi: ''}});
return;
}
//invite user to corresponding boards
const disableRegistration = Settings.findOne().disableRegistration;
if (disableRegistration) {
- const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true });
+ const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true});
if (!invitationCode) {
throw new Meteor.Error('error-invitation-code-not-exist');
} else {
@@ -564,8 +578,8 @@ if (Meteor.isServer) {
doc.profile = {};
}
doc.profile.invitedBoards = invitationCode.boardsToBeInvited;
- Users.update(doc._id, { $set: { profile: doc.profile } });
- InvitationCodes.update(invitationCode._id, { $set: { valid: false } });
+ Users.update(doc._id, {$set: {profile: doc.profile}});
+ InvitationCodes.update(invitationCode._id, {$set: {valid: false}});
}
}
});
@@ -574,9 +588,9 @@ if (Meteor.isServer) {
// USERS REST API
if (Meteor.isServer) {
- JsonRoutes.add('GET', '/api/user', function(req, res, next) {
+ JsonRoutes.add('GET', '/api/user', function (req, res, next) {
Authentication.checkLoggedIn(req.userId);
- const data = Meteor.users.findOne({ _id: req.userId});
+ const data = Meteor.users.findOne({_id: req.userId});
delete data.services;
JsonRoutes.sendResult(res, {
code: 200,
@@ -585,33 +599,33 @@ if (Meteor.isServer) {
});
JsonRoutes.add('GET', '/api/users', function (req, res, next) {
- Authentication.checkUserId( req.userId);
+ Authentication.checkUserId(req.userId);
JsonRoutes.sendResult(res, {
code: 200,
data: Meteor.users.find({}).map(function (doc) {
- return { _id: doc._id, username: doc.username };
+ return {_id: doc._id, username: doc.username};
}),
});
});
JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId( req.userId);
+ Authentication.checkUserId(req.userId);
const id = req.params.id;
JsonRoutes.sendResult(res, {
code: 200,
- data: Meteor.users.findOne({ _id: id }),
+ data: Meteor.users.findOne({_id: id}),
});
});
JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId( req.userId);
+ Authentication.checkUserId(req.userId);
const id = req.params.id;
const action = req.body.action;
- let data = Meteor.users.findOne({ _id: id });
+ let data = Meteor.users.findOne({_id: id});
if (data !== undefined) {
if (action === 'takeOwnership') {
data = Boards.find({
'members.userId': id,
'members.isAdmin': true,
- }).map(function(board) {
+ }).map(function (board) {
if (board.hasMember(req.userId)) {
board.removeMember(req.userId);
}
@@ -623,11 +637,11 @@ if (Meteor.isServer) {
});
} else {
if ((action === 'disableLogin') && (id !== req.userId)) {
- Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
+ Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}});
} else if (action === 'enableLogin') {
- Users.update({ _id: id }, { $set: { loginDisabled: '' } });
+ Users.update({_id: id}, {$set: {loginDisabled: ''}});
}
- data = Meteor.users.findOne({ _id: id });
+ data = Meteor.users.findOne({_id: id});
}
}
JsonRoutes.sendResult(res, {
@@ -636,7 +650,7 @@ if (Meteor.isServer) {
});
});
JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
- Authentication.checkUserId( req.userId);
+ Authentication.checkUserId(req.userId);
const id = Accounts.createUser({
username: req.body.username,
email: req.body.email,
@@ -653,9 +667,9 @@ if (Meteor.isServer) {
});
JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId( req.userId);
+ Authentication.checkUserId(req.userId);
const id = req.params.id;
- Meteor.users.remove({ _id: id });
+ Meteor.users.remove({_id: id});
JsonRoutes.sendResult(res, {
code: 200,
data: {