diff options
Diffstat (limited to 'models')
-rw-r--r-- | models/boards.js | 30 | ||||
-rw-r--r-- | models/settings.js | 33 | ||||
-rw-r--r-- | models/users.js | 90 |
3 files changed, 147 insertions, 6 deletions
diff --git a/models/boards.js b/models/boards.js index 641ecdb9..52d0ca87 100644 --- a/models/boards.js +++ b/models/boards.js @@ -541,11 +541,10 @@ Boards.mutations({ }; }, - setMemberPermission(memberId, isAdmin, isNoComments, isCommentOnly) { + setMemberPermission(memberId, isAdmin, isNoComments, isCommentOnly, currentUserId = Meteor.userId()) { const memberIndex = this.memberIndex(memberId); - // do not allow change permission of self - if (memberId === Meteor.userId()) { + if (memberId === currentUserId) { isAdmin = this.members[memberIndex].isAdmin; } @@ -927,4 +926,29 @@ if (Meteor.isServer) { }); } }); + + JsonRoutes.add('POST', '/api/boards/:boardId/members/:memberId', function (req, res) { + try { + const boardId = req.params.boardId; + const memberId = req.params.memberId; + const {isAdmin, isNoComments, isCommentOnly} = req.body; + Authentication.checkBoardAccess(req.userId, boardId); + const board = Boards.findOne({ _id: boardId }); + function isTrue(data){ + return data.toLowerCase() === 'true'; + } + board.setMemberPermission(memberId, isTrue(isAdmin), isTrue(isNoComments), isTrue(isCommentOnly), req.userId); + + JsonRoutes.sendResult(res, { + code: 200, + data: query, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } + }); } diff --git a/models/settings.js b/models/settings.js index 3b9b4eae..f7c4c85d 100644 --- a/models/settings.js +++ b/models/settings.js @@ -128,6 +128,18 @@ if (Meteor.isServer) { } } + function isLdapEnabled() { + return process.env.LDAP_ENABLE === 'true'; + } + + function isOauth2Enabled() { + return process.env.OAUTH2_ENABLED === 'true'; + } + + function isCasEnabled() { + return process.env.CAS_ENABLED === 'true'; + } + Meteor.methods({ sendInvitation(emails, boards) { check(emails, [String]); @@ -197,5 +209,26 @@ if (Meteor.isServer) { withUserName: process.env.MATOMO_WITH_USERNAME || false, }; }, + + _isLdapEnabled() { + return isLdapEnabled(); + }, + + _isOauth2Enabled() { + return isOauth2Enabled(); + }, + + _isCasEnabled() { + return isCasEnabled(); + }, + + // Gets all connection methods to use it in the Template + getConnectionsEnabled() { + return { + ldap: isLdapEnabled(), + oauth2: isOauth2Enabled(), + cas: isCasEnabled(), + }; + }, }); } diff --git a/models/users.js b/models/users.js index 01673e4f..27d3e9fa 100644 --- a/models/users.js +++ b/models/users.js @@ -127,6 +127,11 @@ Users.attachSchema(new SimpleSchema({ type: Boolean, optional: true, }, + // TODO : write a migration and check if using a ldap parameter is better than a connection_type parameter + ldap: { + type: Boolean, + optional: true, + }, })); Users.allow({ @@ -490,7 +495,6 @@ if (Meteor.isServer) { if (user.services.oidc) { const email = user.services.oidc.email.toLowerCase(); - user.username = user.services.oidc.username; user.emails = [{ address: email, verified: true }]; const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase(); @@ -518,7 +522,10 @@ if (Meteor.isServer) { } const disableRegistration = Settings.findOne().disableRegistration; - if (!disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (options.ldap || !disableRegistration) { + user.ldap = true; return user; } @@ -636,7 +643,9 @@ if (Meteor.isServer) { //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; - if (disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (!doc.ldap && disableRegistration) { const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); @@ -766,6 +775,81 @@ if (Meteor.isServer) { } }); + JsonRoutes.add('POST', '/api/boards/:boardId/members/:userId/add', function (req, res) { + try { + Authentication.checkUserId(req.userId); + const userId = req.params.userId; + const boardId = req.params.boardId; + const action = req.body.action; + const {isAdmin, isNoComments, isCommentOnly} = req.body; + let data = Meteor.users.findOne({ _id: userId }); + if (data !== undefined) { + if (action === 'add') { + data = Boards.find({ + _id: boardId, + }).map(function(board) { + if (!board.hasMember(userId)) { + board.addMember(userId); + function isTrue(data){ + return data.toLowerCase() === 'true'; + } + board.setMemberPermission(userId, isTrue(isAdmin), isTrue(isNoComments), isTrue(isCommentOnly), userId); + } + return { + _id: board._id, + title: board.title, + }; + }); + } + } + JsonRoutes.sendResult(res, { + code: 200, + data: query, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } + }); + + JsonRoutes.add('POST', '/api/boards/:boardId/members/:userId/remove', function (req, res) { + try { + Authentication.checkUserId(req.userId); + const userId = req.params.userId; + const boardId = req.params.boardId; + const action = req.body.action; + let data = Meteor.users.findOne({ _id: userId }); + if (data !== undefined) { + if (action === 'remove') { + data = Boards.find({ + _id: boardId, + }).map(function(board) { + if (board.hasMember(userId)) { + board.removeMember(userId); + } + return { + _id: board._id, + title: board.title, + }; + }); + } + } + JsonRoutes.sendResult(res, { + code: 200, + data: query, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } + }); + JsonRoutes.add('POST', '/api/users/', function (req, res) { try { Authentication.checkUserId(req.userId); |