diff options
Diffstat (limited to 'models/users.js')
-rw-r--r-- | models/users.js | 86 |
1 files changed, 50 insertions, 36 deletions
diff --git a/models/users.js b/models/users.js index 5ba0131f..11a53ce6 100644 --- a/models/users.js +++ b/models/users.js @@ -118,6 +118,13 @@ Users.attachSchema(new SimpleSchema({ }, })); +Users.allow({ + update(userId) { + const user = Users.findOne(userId); + return user && Meteor.user().isAdmin; + }, +}); + // Search a user in the complete server database by its name or username. This // is used for instance to add a new user to a board. const searchInFields = ['username', 'profile.fullname']; @@ -152,36 +159,36 @@ if (Meteor.isClient) { Users.helpers({ boards() { - return Boards.find({ userId: this._id }); + return Boards.find({ 'members.userId': this._id }); }, starredBoards() { - const { starredBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: starredBoards } }); + const {starredBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: starredBoards}}); }, hasStarred(boardId) { - const { starredBoards = [] } = this.profile; + const {starredBoards = []} = this.profile; return _.contains(starredBoards, boardId); }, invitedBoards() { - const { invitedBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: invitedBoards } }); + const {invitedBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: invitedBoards}}); }, isInvitedTo(boardId) { - const { invitedBoards = [] } = this.profile; + const {invitedBoards = []} = this.profile; return _.contains(invitedBoards, boardId); }, hasTag(tag) { - const { tags = [] } = this.profile; + const {tags = []} = this.profile; return _.contains(tags, tag); }, hasNotification(activityId) { - const { notifications = [] } = this.profile; + const {notifications = []} = this.profile; return _.contains(notifications, activityId); }, @@ -191,7 +198,7 @@ Users.helpers({ }, getEmailBuffer() { - const { emailBuffer = [] } = this.profile; + const {emailBuffer = []} = this.profile; return emailBuffer; }, @@ -316,22 +323,22 @@ Users.mutations({ }, setAvatarUrl(avatarUrl) { - return { $set: { 'profile.avatarUrl': avatarUrl } }; + return {$set: {'profile.avatarUrl': avatarUrl}}; }, setShowCardsCountAt(limit) { - return { $set: { 'profile.showCardsCountAt': limit } }; + return {$set: {'profile.showCardsCountAt': limit}}; }, }); Meteor.methods({ - setUsername(username) { + setUsername(username, userId) { check(username, String); - const nUsersWithUsername = Users.find({ username }).count(); + const nUsersWithUsername = Users.find({username}).count(); if (nUsersWithUsername > 0) { throw new Meteor.Error('username-already-taken'); } else { - Users.update(this.userId, { $set: { username } }); + Users.update(userId, {$set: {username}}); } }, toggleSystemMessages() { @@ -342,13 +349,13 @@ Meteor.methods({ check(limit, Number); Meteor.user().setShowCardsCountAt(limit); }, - setEmail(email) { + setEmail(email, userId) { check(email, String); - const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } }); + const existingUser = Users.findOne({'emails.address': email}, {fields: {_id: 1}}); if (existingUser) { throw new Meteor.Error('email-already-taken'); } else { - Users.update(this.userId, { + Users.update(userId, { $set: { emails: [{ address: email, @@ -358,11 +365,12 @@ Meteor.methods({ }); } }, - setUsernameAndEmail(username, email) { + setUsernameAndEmail(username, email, userId) { check(username, String); check(email, String); - Meteor.call('setUsername', username); - Meteor.call('setEmail', email); + check(userId, String); + Meteor.call('setUsername', username, userId); + Meteor.call('setEmail', email, userId); }, }); @@ -379,8 +387,8 @@ if (Meteor.isServer) { board && board.members && _.contains(_.pluck(board.members, 'userId'), inviter._id) && - _.where(board.members, { userId: inviter._id })[0].isActive && - _.where(board.members, { userId: inviter._id })[0].isAdmin; + _.where(board.members, {userId: inviter._id})[0].isActive && + _.where(board.members, {userId: inviter._id})[0].isAdmin; if (!allowInvite) throw new Meteor.Error('error-board-notAMember'); this.unblock(); @@ -388,9 +396,9 @@ if (Meteor.isServer) { const posAt = username.indexOf('@'); let user = null; if (posAt >= 0) { - user = Users.findOne({ emails: { $elemMatch: { address: username } } }); + user = Users.findOne({emails: {$elemMatch: {address: username}}}); } else { - user = Users.findOne(username) || Users.findOne({ username }); + user = Users.findOne(username) || Users.findOne({username}); } if (user) { if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf'); @@ -400,7 +408,7 @@ if (Meteor.isServer) { // Set in lowercase email before creating account const email = username.toLowerCase(); username = email.substring(0, posAt); - const newUserId = Accounts.createUser({ username, email }); + const newUserId = Accounts.createUser({username, email}); if (!newUserId) throw new Meteor.Error('error-user-notCreated'); // assume new user speak same language with inviter if (inviter.profile && inviter.profile.language) { @@ -434,7 +442,7 @@ if (Meteor.isServer) { } catch (e) { throw new Meteor.Error('email-fail', e.message); } - return { username: user.username, email: user.emails[0].address }; + return {username: user.username, email: user.emails[0].address}; }, }); Accounts.onCreateUser((options, user) => { @@ -457,11 +465,15 @@ if (Meteor.isServer) { if (!options || !options.profile) { throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required'); } - const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true }); + const invitationCode = InvitationCodes.findOne({ + code: options.profile.invitationcode, + email: options.email, + valid: true, + }); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist'); } else { - user.profile = { icode: options.profile.invitationcode }; + user.profile = {icode: options.profile.invitationcode}; } return user; @@ -473,7 +485,7 @@ if (Meteor.isServer) { Meteor.startup(() => { Users._collection._ensureIndex({ username: 1, - }, { unique: true }); + }, {unique: true}); }); // Each board document contains the de-normalized number of users that have @@ -492,6 +504,7 @@ if (Meteor.isServer) { function getStarredBoardsIds(doc) { return doc.profile && doc.profile.starredBoards; } + const oldIds = getStarredBoardsIds(this.previous); const newIds = getStarredBoardsIds(user); @@ -500,9 +513,10 @@ if (Meteor.isServer) { // direction and then in the other. function incrementBoards(boardsIds, inc) { boardsIds.forEach((boardId) => { - Boards.update(boardId, { $inc: { stars: inc } }); + Boards.update(boardId, {$inc: {stars: inc}}); }); } + incrementBoards(_.difference(oldIds, newIds), -1); incrementBoards(_.difference(newIds, oldIds), +1); }); @@ -529,7 +543,7 @@ if (Meteor.isServer) { }, fakeUser, (err, boardId) => { ['welcome-list1', 'welcome-list2'].forEach((title) => { - Lists.insert({ title: TAPi18n.__(title), boardId }, fakeUser); + Lists.insert({title: TAPi18n.__(title), boardId}, fakeUser); }); }); }); @@ -545,14 +559,14 @@ if (Meteor.isServer) { // the disableRegistration check. // Issue : https://github.com/wekan/wekan/issues/1232 // PR : https://github.com/wekan/wekan/pull/1251 - Users.update(doc._id, { $set: { createdThroughApi: '' } }); + Users.update(doc._id, {$set: {createdThroughApi: ''}}); return; } //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; if (disableRegistration) { - const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true }); + const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); } else { @@ -564,8 +578,8 @@ if (Meteor.isServer) { doc.profile = {}; } doc.profile.invitedBoards = invitationCode.boardsToBeInvited; - Users.update(doc._id, { $set: { profile: doc.profile } }); - InvitationCodes.update(invitationCode._id, { $set: { valid: false } }); + Users.update(doc._id, {$set: {profile: doc.profile}}); + InvitationCodes.update(invitationCode._id, {$set: {valid: false}}); } } }); |