summaryrefslogtreecommitdiffstats
path: root/client/components/sidebar/sidebar.js
diff options
context:
space:
mode:
authorMaxime Quandalle <maxime@quandalle.com>2015-09-08 20:19:42 +0200
committerMaxime Quandalle <maxime@quandalle.com>2015-09-08 20:19:42 +0200
commit45b662a1ddb46a0f17fab7b2383c82aa1e1620ef (patch)
treecc7be215c7e7ebffd2597df70cf271b3dd435e1a /client/components/sidebar/sidebar.js
parentc04341f1ea5efe082bf7318cf9eb0e99b9b8374a (diff)
downloadwekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.gz
wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.tar.bz2
wekan-45b662a1ddb46a0f17fab7b2383c82aa1e1620ef.zip
Centralize all mutations at the model level
This commit uses a new package that I need to document. It tries to solve the long-standing debate in the Meteor community about allow/deny rules versus methods (RPC). This approach gives us both the centralized security rules of allow/deny and the white-list of allowed mutations similarly to Meteor methods. The idea to have static mutation descriptions is also inspired by Facebook's Relay/GraphQL. This will allow the development of a REST API using the high-level methods instead of the MongoDB queries to do the mapping between the HTTP requests and our collections.
Diffstat (limited to 'client/components/sidebar/sidebar.js')
-rw-r--r--client/components/sidebar/sidebar.js47
1 files changed, 5 insertions, 42 deletions
diff --git a/client/components/sidebar/sidebar.js b/client/components/sidebar/sidebar.js
index eff0ef52..8c58c37e 100644
--- a/client/components/sidebar/sidebar.js
+++ b/client/components/sidebar/sidebar.js
@@ -109,14 +109,6 @@ EscapeActions.register('sidebarView',
() => { return Sidebar && Sidebar.getView() !== defaultView; }
);
-function getMemberIndex(board, searchId) {
- for (let i = 0; i < board.members.length; i++) {
- if (board.members[i].userId === searchId)
- return i;
- }
- throw new Meteor.Error('Member not found');
-}
-
Template.memberPopup.helpers({
user() {
return Users.findOne(this.userId);
@@ -135,13 +127,8 @@ Template.memberPopup.events({
'click .js-change-role': Popup.open('changePermissions'),
'click .js-remove-member': Popup.afterConfirm('removeMember', function() {
const currentBoard = Boards.findOne(Session.get('currentBoard'));
- const memberIndex = getMemberIndex(currentBoard, this.userId);
-
- Boards.update(currentBoard._id, {
- $set: {
- [`members.${memberIndex}.isActive`]: false,
- },
- });
+ const memberId = this.userId;
+ currentBoard.removeMember(memberId);
Popup.close();
}),
'click .js-leave-member'() {
@@ -209,26 +196,7 @@ Template.addMemberPopup.events({
'click .js-select-member'() {
const userId = this._id;
const currentBoard = Boards.findOne(Session.get('currentBoard'));
- const currentMembersIds = _.pluck(currentBoard.members, 'userId');
- if (currentMembersIds.indexOf(userId) === -1) {
- Boards.update(currentBoard._id, {
- $push: {
- members: {
- userId,
- isAdmin: false,
- isActive: true,
- },
- },
- });
- } else {
- const memberIndex = getMemberIndex(currentBoard, userId);
-
- Boards.update(currentBoard._id, {
- $set: {
- [`members.${memberIndex}.isActive`]: true,
- },
- });
- }
+ currentBoard.addMember(userId);
Popup.close();
},
});
@@ -240,14 +208,9 @@ Template.addMemberPopup.onRendered(function() {
Template.changePermissionsPopup.events({
'click .js-set-admin, click .js-set-normal'(event) {
const currentBoard = Boards.findOne(Session.get('currentBoard'));
- const memberIndex = getMemberIndex(currentBoard, this.userId);
+ const memberId = this.userId;
const isAdmin = $(event.currentTarget).hasClass('js-set-admin');
-
- Boards.update(currentBoard._id, {
- $set: {
- [`members.${memberIndex}.isAdmin`]: isAdmin,
- },
- });
+ currentBoard.setMemberPermission(memberId, isAdmin);
Popup.back(1);
},
});