summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.meteor/packages1
-rw-r--r--.meteor/versions1
-rw-r--r--client/components/boards/boardHeader.jade1
-rw-r--r--client/components/boards/boardHeader.js20
-rw-r--r--i18n/en.i18n.json1
-rw-r--r--models/boards.js27
-rw-r--r--models/export.js59
7 files changed, 110 insertions, 0 deletions
diff --git a/.meteor/packages b/.meteor/packages
index 98c06cc9..7de4e063 100644
--- a/.meteor/packages
+++ b/.meteor/packages
@@ -73,3 +73,4 @@ perak:markdown
seriousm:emoji-continued
templates:tabs
verron:autosize
+pfafman:filesaver
diff --git a/.meteor/versions b/.meteor/versions
index 9d7fe1b3..36029fcf 100644
--- a/.meteor/versions
+++ b/.meteor/versions
@@ -110,6 +110,7 @@ peerlibrary:blaze-components@0.15.1
peerlibrary:computed-field@0.3.1
peerlibrary:reactive-field@0.1.0
perak:markdown@1.0.5
+pfafman:filesaver@0.2.2
promise@0.5.1
raix:eventemitter@0.1.3
raix:handlebar-helpers@0.2.5
diff --git a/client/components/boards/boardHeader.jade b/client/components/boards/boardHeader.jade
index fc1abc88..eb7ca984 100644
--- a/client/components/boards/boardHeader.jade
+++ b/client/components/boards/boardHeader.jade
@@ -56,6 +56,7 @@ template(name="boardMenuPopup")
if currentUser.isBoardAdmin
hr
ul.pop-over-list
+ li: a.js-export-board {{_ 'export-board'}}
li: a.js-archive-board {{_ 'archive-board'}}
template(name="boardVisibilityList")
diff --git a/client/components/boards/boardHeader.js b/client/components/boards/boardHeader.js
index 9423ecee..b5a31754 100644
--- a/client/components/boards/boardHeader.js
+++ b/client/components/boards/boardHeader.js
@@ -13,6 +13,26 @@ Template.boardMenuPopup.events({
// confirm that the board was successfully archived.
FlowRouter.go('home');
}),
+ 'click .js-export-board'() {
+ const boardId = Session.get('currentBoard');
+ Meteor.call('exportBoard', boardId, (error, response) => {
+ if(error) {
+ // the only error we can anticipate is accessing a non-authorized board
+ // and this should have been caugh by UI before.
+ // So no treatment here for the time being.
+ } else {
+ const dataToSave = new Blob([JSON.stringify(response)], {type: 'application/json;charset=utf-8'});
+ const filename = `wekan-export-board-${boardId}.json`;
+ saveAs(dataToSave, filename);
+ }
+ });
+ }
+});
+
+Template.boardMenuPopup.helpers({
+ urlExport() {
+ return Meteor.absoluteUrl(`api/b/${Session.get('currentBoard')}`);
+ },
});
Template.boardChangeTitlePopup.events({
diff --git a/i18n/en.i18n.json b/i18n/en.i18n.json
index 74c27843..6cc43f03 100644
--- a/i18n/en.i18n.json
+++ b/i18n/en.i18n.json
@@ -147,6 +147,7 @@
"error-user-doesNotExist": "This user does not exist",
"error-user-notAllowSelf": "This action on self is not allowed",
"error-user-notCreated": "This user is not created",
+ "export-board": "Export board",
"filter": "Filter",
"filter-cards": "Filter Cards",
"filter-clear": "Clear filter",
diff --git a/models/boards.js b/models/boards.js
index 9c792674..cdf83ce0 100644
--- a/models/boards.js
+++ b/models/boards.js
@@ -79,6 +79,33 @@ Boards.attachSchema(new SimpleSchema({
Boards.helpers({
+ /**
+ * Is current logged-in user authorized to view this board?
+ */
+ isVisibleByUser() {
+ if(this.isPublic()) {
+ // public boards are visible to everyone
+ return true;
+ } else {
+ // otherwise you have to be logged-in and active member
+ return this.isActiveMember(Meteor.userId());
+ }
+ },
+
+ /**
+ * Is the user one of the active members of the board?
+ *
+ * @param userId
+ * @returns {boolean} the member that matches, or undefined/false
+ */
+ isActiveMember(userId) {
+ if(userId) {
+ return this.members.find((member) => (member.userId === userId && member.isActive));
+ } else {
+ return false;
+ }
+ },
+
isPublic() {
return this.permission === 'public';
},
diff --git a/models/export.js b/models/export.js
new file mode 100644
index 00000000..20b1186a
--- /dev/null
+++ b/models/export.js
@@ -0,0 +1,59 @@
+
+
+Meteor.methods({
+ exportBoard(boardId) {
+ check(boardId, String);
+ const board = Boards.findOne(boardId);
+ if(board.isVisibleByUser()) {
+ const exporter = new Exporter(boardId);
+ return exporter.build();
+ } else {
+ throw new Meteor.Error('error-board-notAMember');
+ }
+ }
+});
+
+class Exporter {
+ constructor(boardId) {
+ this._boardId = boardId;
+ }
+
+ build() {
+ const byBoard = {boardId: this._boardId};
+ const fields = {fields: {boardId: 0}};
+ const result = Boards.findOne(this._boardId);
+ result.lists = Lists.find(byBoard, fields).fetch();
+ result.cards = Cards.find(byBoard, fields).fetch();
+ result.comments = CardComments.find(byBoard, fields).fetch();
+ result.activities = Activities.find(byBoard, fields).fetch();
+
+ // we also have to export some user data - as the other elements only include id
+ // but we have to be careful:
+ // 1- only exports users that are linked somehow to that board
+ // 2- do not export any sensitive information
+ const users = {};
+ result.members.forEach((member) => {users[member.userId] = true;});
+ result.lists.forEach((list) => {users[list.userId] = true;});
+ result.cards.forEach((card) => {
+ users[card.userId] = true;
+ if (card.members) {
+ card.members.forEach((memberId) => {users[memberId] = true;});
+ }
+ });
+ result.comments.forEach((comment) => {users[comment.userId] = true;});
+ result.activities.forEach((activity) => {users[activity.userId] = true;});
+ const byUserIds = {_id: {$in: Object.getOwnPropertyNames(users)}};
+ // we use whitelist to be sure we do not expose inadvertently
+ // some secret fields that gets added to User later.
+ const userFields = {fields: {
+ _id: 1,
+ username: 1,
+ 'profile.fullname': 1,
+ 'profile.initials': 1,
+ 'profile.avatarUrl': 1,
+ }};
+ result.users = Users.find(byUserIds, userFields).fetch();
+ //return JSON.stringify(result);
+ return result;
+ }
+}