diff options
-rw-r--r-- | .meteor/packages | 1 | ||||
-rw-r--r-- | .meteor/versions | 1 | ||||
-rw-r--r-- | client/components/boards/boardHeader.jade | 1 | ||||
-rw-r--r-- | client/components/boards/boardHeader.js | 20 | ||||
-rw-r--r-- | i18n/en.i18n.json | 1 | ||||
-rw-r--r-- | models/boards.js | 27 | ||||
-rw-r--r-- | models/export.js | 59 |
7 files changed, 110 insertions, 0 deletions
diff --git a/.meteor/packages b/.meteor/packages index 98c06cc9..7de4e063 100644 --- a/.meteor/packages +++ b/.meteor/packages @@ -73,3 +73,4 @@ perak:markdown seriousm:emoji-continued templates:tabs verron:autosize +pfafman:filesaver diff --git a/.meteor/versions b/.meteor/versions index 9d7fe1b3..36029fcf 100644 --- a/.meteor/versions +++ b/.meteor/versions @@ -110,6 +110,7 @@ peerlibrary:blaze-components@0.15.1 peerlibrary:computed-field@0.3.1 peerlibrary:reactive-field@0.1.0 perak:markdown@1.0.5 +pfafman:filesaver@0.2.2 promise@0.5.1 raix:eventemitter@0.1.3 raix:handlebar-helpers@0.2.5 diff --git a/client/components/boards/boardHeader.jade b/client/components/boards/boardHeader.jade index fc1abc88..eb7ca984 100644 --- a/client/components/boards/boardHeader.jade +++ b/client/components/boards/boardHeader.jade @@ -56,6 +56,7 @@ template(name="boardMenuPopup") if currentUser.isBoardAdmin hr ul.pop-over-list + li: a.js-export-board {{_ 'export-board'}} li: a.js-archive-board {{_ 'archive-board'}} template(name="boardVisibilityList") diff --git a/client/components/boards/boardHeader.js b/client/components/boards/boardHeader.js index 9423ecee..b5a31754 100644 --- a/client/components/boards/boardHeader.js +++ b/client/components/boards/boardHeader.js @@ -13,6 +13,26 @@ Template.boardMenuPopup.events({ // confirm that the board was successfully archived. FlowRouter.go('home'); }), + 'click .js-export-board'() { + const boardId = Session.get('currentBoard'); + Meteor.call('exportBoard', boardId, (error, response) => { + if(error) { + // the only error we can anticipate is accessing a non-authorized board + // and this should have been caugh by UI before. + // So no treatment here for the time being. + } else { + const dataToSave = new Blob([JSON.stringify(response)], {type: 'application/json;charset=utf-8'}); + const filename = `wekan-export-board-${boardId}.json`; + saveAs(dataToSave, filename); + } + }); + } +}); + +Template.boardMenuPopup.helpers({ + urlExport() { + return Meteor.absoluteUrl(`api/b/${Session.get('currentBoard')}`); + }, }); Template.boardChangeTitlePopup.events({ diff --git a/i18n/en.i18n.json b/i18n/en.i18n.json index 74c27843..6cc43f03 100644 --- a/i18n/en.i18n.json +++ b/i18n/en.i18n.json @@ -147,6 +147,7 @@ "error-user-doesNotExist": "This user does not exist", "error-user-notAllowSelf": "This action on self is not allowed", "error-user-notCreated": "This user is not created", + "export-board": "Export board", "filter": "Filter", "filter-cards": "Filter Cards", "filter-clear": "Clear filter", diff --git a/models/boards.js b/models/boards.js index 9c792674..cdf83ce0 100644 --- a/models/boards.js +++ b/models/boards.js @@ -79,6 +79,33 @@ Boards.attachSchema(new SimpleSchema({ Boards.helpers({ + /** + * Is current logged-in user authorized to view this board? + */ + isVisibleByUser() { + if(this.isPublic()) { + // public boards are visible to everyone + return true; + } else { + // otherwise you have to be logged-in and active member + return this.isActiveMember(Meteor.userId()); + } + }, + + /** + * Is the user one of the active members of the board? + * + * @param userId + * @returns {boolean} the member that matches, or undefined/false + */ + isActiveMember(userId) { + if(userId) { + return this.members.find((member) => (member.userId === userId && member.isActive)); + } else { + return false; + } + }, + isPublic() { return this.permission === 'public'; }, diff --git a/models/export.js b/models/export.js new file mode 100644 index 00000000..20b1186a --- /dev/null +++ b/models/export.js @@ -0,0 +1,59 @@ + + +Meteor.methods({ + exportBoard(boardId) { + check(boardId, String); + const board = Boards.findOne(boardId); + if(board.isVisibleByUser()) { + const exporter = new Exporter(boardId); + return exporter.build(); + } else { + throw new Meteor.Error('error-board-notAMember'); + } + } +}); + +class Exporter { + constructor(boardId) { + this._boardId = boardId; + } + + build() { + const byBoard = {boardId: this._boardId}; + const fields = {fields: {boardId: 0}}; + const result = Boards.findOne(this._boardId); + result.lists = Lists.find(byBoard, fields).fetch(); + result.cards = Cards.find(byBoard, fields).fetch(); + result.comments = CardComments.find(byBoard, fields).fetch(); + result.activities = Activities.find(byBoard, fields).fetch(); + + // we also have to export some user data - as the other elements only include id + // but we have to be careful: + // 1- only exports users that are linked somehow to that board + // 2- do not export any sensitive information + const users = {}; + result.members.forEach((member) => {users[member.userId] = true;}); + result.lists.forEach((list) => {users[list.userId] = true;}); + result.cards.forEach((card) => { + users[card.userId] = true; + if (card.members) { + card.members.forEach((memberId) => {users[memberId] = true;}); + } + }); + result.comments.forEach((comment) => {users[comment.userId] = true;}); + result.activities.forEach((activity) => {users[activity.userId] = true;}); + const byUserIds = {_id: {$in: Object.getOwnPropertyNames(users)}}; + // we use whitelist to be sure we do not expose inadvertently + // some secret fields that gets added to User later. + const userFields = {fields: { + _id: 1, + username: 1, + 'profile.fullname': 1, + 'profile.initials': 1, + 'profile.avatarUrl': 1, + }}; + result.users = Users.find(byUserIds, userFields).fetch(); + //return JSON.stringify(result); + return result; + } +} |