summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--History.md3
-rw-r--r--client/components/users/userAvatar.jade9
-rw-r--r--collections/boards.js2
-rw-r--r--sandstorm.js146
4 files changed, 89 insertions, 71 deletions
diff --git a/History.md b/History.md
index 8e60fb07..b4126425 100644
--- a/History.md
+++ b/History.md
@@ -9,7 +9,8 @@ security. It also features the following improvements:
password, to change the password, or to enable email confirmation (all of
which were previously impossible);
* Avatar customization, including the possibility to upload images and to choose
- one from Gravatar or the user initials;
+ one from Gravatar or the user initials (on Sandstrom we use the avatar exposed
+ by Sandstorm);
* Cards multi-selection to facilitate batch actions such as moving all the cards
of selection, or attaching a label or a member to them;
* Keyboard navigation, press `?` to read the list of available shortcuts;
diff --git a/client/components/users/userAvatar.jade b/client/components/users/userAvatar.jade
index 5a3398cd..e08666e5 100644
--- a/client/components/users/userAvatar.jade
+++ b/client/components/users/userAvatar.jade
@@ -9,10 +9,11 @@ template(name="userAvatar")
span.member-presence-status(class=presenceStatusClassName)
span.member-type(class=memberType)
- if showEdit
- if $eq currentUser._id userData._id
- a.edit-avatar.js-change-avatar
- i.fa.fa-pencil
+ unless isSandstorm
+ if showEdit
+ if $eq currentUser._id userData._id
+ a.edit-avatar.js-change-avatar
+ i.fa.fa-pencil
template(name="userAvatarInitials")
svg.avatar.avatar-initials(viewBox="0 0 {{viewPortWidth}} 15")
diff --git a/collections/boards.js b/collections/boards.js
index ddfa5016..fcd04153 100644
--- a/collections/boards.js
+++ b/collections/boards.js
@@ -156,7 +156,7 @@ Boards.before.insert((userId, doc) => {
doc.slug = doc.slug || getSlug(doc.title) || 'board';
doc.createdAt = new Date();
doc.archived = false;
- doc.members = [{
+ doc.members = doc.members || [{
userId,
isAdmin: true,
isActive: true,
diff --git a/sandstorm.js b/sandstorm.js
index 8ff5bad3..c430c3a8 100644
--- a/sandstorm.js
+++ b/sandstorm.js
@@ -3,49 +3,90 @@
const isSandstorm = Meteor.settings && Meteor.settings.public &&
Meteor.settings.public.sandstorm;
-// In sandstorm we only have one board per sandstorm instance. Since we want to
-// keep most of our code unchanged, we simply hard-code a board `_id` and
-// redirect the user to this particular board.
-const sandstormBoard = {
- _id: 'sandstorm',
-
- // XXX Should be shared with the grain instance name.
- title: 'Wekan',
- slug: 'libreboard',
-
- // Board access security is handled by sandstorm, so in our point of view we
- // can alway assume that the board is public (unauthorized users won’t be able
- // to access it anyway).
- permission: 'public',
-};
-
-// The list of permissions a user have is provided by sandstorm accounts
-// package.
-function userHasPermission(user, permission) {
- const userPermissions = user.services.sandstorm.permissions;
- return userPermissions.indexOf(permission) > -1;
-}
-
if (isSandstorm && Meteor.isServer) {
- // Redirect the user to the hard-coded board. On the first launch the user
- // will be redirected to the board before its creation. But that’s not a
- // problem thanks to the reactive board publication. We used to do this
- // redirection on the client side but that was sometimes visible on loading,
- // and the home page was accessible by pressing the back button of the
- // browser, a server-side redirection solves both of these issues.
- //
- // XXX Maybe sandstorm manifest could provide some kind of "home url"?
- Picker.route('/', (params, request, response) => {
- const base = request.headers['x-sandstorm-base-path'];
- // XXX If this routing scheme changes, this will break. We should generation
- // the location url using the router, but at the time of writting, the
- // router is only accessible on the client.
+ // In sandstorm we only have one board per sandstorm instance. Since we want
+ // to keep most of our code unchanged, we simply hard-code a board `_id` and
+ // redirect the user to this particular board.
+ const sandstormBoard = {
+ _id: 'sandstorm',
+
+ // XXX Should be shared with the grain instance name.
+ title: 'Wekan',
+ slug: 'libreboard',
+ members: [],
+
+ // Board access security is handled by sandstorm, so in our point of view we
+ // can alway assume that the board is public (unauthorized users won't be
+ // able to access it anyway).
+ permission: 'public',
+ };
+
+ // This function should probably be handled by `accounts-sandstorm` but
+ // apparently meteor-core misses an API to handle that cleanly, cf.
+ // https://github.com/meteor/meteor/blob/ff783e9a12ffa04af6fd163843a563c9f4bbe8c1/packages/accounts-base/accounts_server.js#L1143
+ function updateUserAvatar(userId, avatarUrl) {
+ Users.update(userId, {
+ $set: {
+ 'profile.avatarUrl': avatarUrl,
+ },
+ });
+ }
+
+ function updateUserPermissions(userId, permissions) {
+ const isActive = permissions.indexOf('participate') > -1;
+ const isAdmin = permissions.indexOf('configure') > -1;
+ const permissionDoc = { userId, isActive, isAdmin };
+
+ const boardMembers = Boards.findOne(sandstormBoard._id).members;
+ const memberIndex = _.indexOf(_.pluck(boardMembers, 'userId'), userId);
+
+ let modifier;
+ if (memberIndex > -1)
+ modifier = { $set: { [`members.${memberIndex}`]: permissionDoc }};
+ else if (!isActive)
+ modifier = {};
+ else
+ modifier = { $push: { members: permissionDoc }};
+
+ Boards.update(sandstormBoard._id, modifier);
+ }
+
+ Picker.route('/', (params, req, res) => {
+ // Redirect the user to the hard-coded board. On the first launch the user
+ // will be redirected to the board before its creation. But that's not a
+ // problem thanks to the reactive board publication. We used to do this
+ // redirection on the client side but that was sometimes visible on loading,
+ // and the home page was accessible by pressing the back button of the
+ // browser, a server-side redirection solves both of these issues.
+ //
+ // XXX Maybe sandstorm manifest could provide some kind of "home URL"?
+ const base = req.headers['x-sandstorm-base-path'];
+ // XXX If this routing scheme changes, this will break. We should generate
+ // the location URL using the router, but at the time of writing, the
+ // it is only accessible on the client.
const path = `/boards/${sandstormBoard._id}/${sandstormBoard.slug}`;
- response.writeHead(301, {
+ res.writeHead(301, {
Location: base + path,
});
- response.end();
+ res.end();
+
+ // `accounts-sandstorm` populate the Users collection when new users
+ // accesses the document, but in case a already known user come back, we
+ // need to update his associated document to match the request HTTP headers
+ // informations.
+ const user = Users.findOne({
+ 'services.sandstorm.id': req.headers['x-sandstorm-user-id'],
+ });
+ if (user) {
+ const userId = user._id;
+ const avatarUrl = req.headers['x-sandstorm-user-picture'];
+ const permissions = req.headers['x-sandstorm-permissions'].split(',') || [];
+
+ // XXX The user may also change his name, we should handle it.
+ updateUserAvatar(userId, avatarUrl);
+ updateUserPermissions(userId, permissions);
+ }
});
// On the first launch of the instance a user is automatically created thanks
@@ -56,38 +97,13 @@ if (isSandstorm && Meteor.isServer) {
Users.after.insert((userId, doc) => {
if (!Boards.findOne(sandstormBoard._id)) {
Boards.insert(sandstormBoard, {validate: false});
- Boards.update(sandstormBoard._id, {
- $set: {
- // The first member (the grain creator) has all rights
- 'members.0': {
- userId: doc._id,
- isActive: true,
- isAdmin: true,
- },
- },
- });
Activities.update(
{ activityTypeId: sandstormBoard._id },
{ $set: { userId: doc._id }}
);
}
- // If the hard-coded board already exists and we are inserting a new user,
- // we need to update our user collection.
- else if (userHasPermission(doc, 'participate')) {
- Boards.update({
- _id: sandstormBoard._id,
- permission: 'public',
- }, {
- $push: {
- members: {
- userId: doc._id,
- isActive: true,
- isAdmin: userHasPermission(doc, 'configure'),
- },
- },
- });
- }
+ updateUserPermissions(doc._id, doc.services.sandstorm.permissions);
});
}
@@ -108,4 +124,4 @@ if (isSandstorm && Meteor.isClient) {
// We use this blaze helper in the UI to hide some templates that does not make
// sense in the context of sandstorm, like board staring, board archiving, user
// name edition, etc.
-Blaze.registerHelper('isSandstorm', () => isSandstorm);
+Blaze.registerHelper('isSandstorm', isSandstorm);