Added update all user profile from admin panel

1 files changed, 57 insertions, 44 deletions

diff --git a/models/users.js b/models/users.js
index a4106023..ae35401c 100644
--- a/models/users.js
+++ b/models/users.js
@@ -118,6 +118,13 @@ Users.attachSchema(new SimpleSchema({
   },
 }));
 
+Users.allow({
+  update(userId) {
+    const user = Users.findOne(userId);
+    return user && Meteor.user().isAdmin;
+  },
+});
+
 // Search a user in the complete server database by its name or username. This
 // is used for instance to add a new user to a board.
 const searchInFields = ['username', 'profile.fullname'];
@@ -152,36 +159,36 @@ if (Meteor.isClient) {
 
 Users.helpers({
   boards() {
-    return Boards.find({ userId: this._id });
+    return Boards.find({userId: this._id});
   },
 
   starredBoards() {
-    const { starredBoards = [] } = this.profile;
-    return Boards.find({ archived: false, _id: { $in: starredBoards } });
+    const {starredBoards = []} = this.profile;
+    return Boards.find({archived: false, _id: {$in: starredBoards}});
   },
 
   hasStarred(boardId) {
-    const { starredBoards = [] } = this.profile;
+    const {starredBoards = []} = this.profile;
     return _.contains(starredBoards, boardId);
   },
 
   invitedBoards() {
-    const { invitedBoards = [] } = this.profile;
-    return Boards.find({ archived: false, _id: { $in: invitedBoards } });
+    const {invitedBoards = []} = this.profile;
+    return Boards.find({archived: false, _id: {$in: invitedBoards}});
   },
 
   isInvitedTo(boardId) {
-    const { invitedBoards = [] } = this.profile;
+    const {invitedBoards = []} = this.profile;
     return _.contains(invitedBoards, boardId);
   },
 
   hasTag(tag) {
-    const { tags = [] } = this.profile;
+    const {tags = []} = this.profile;
     return _.contains(tags, tag);
   },
 
   hasNotification(activityId) {
-    const { notifications = [] } = this.profile;
+    const {notifications = []} = this.profile;
     return _.contains(notifications, activityId);
   },
 
@@ -191,7 +198,7 @@ Users.helpers({
   },
 
   getEmailBuffer() {
-    const { emailBuffer = [] } = this.profile;
+    const {emailBuffer = []} = this.profile;
     return emailBuffer;
   },
 
@@ -316,18 +323,18 @@ Users.mutations({
   },
 
   setAvatarUrl(avatarUrl) {
-    return { $set: { 'profile.avatarUrl': avatarUrl } };
+    return {$set: {'profile.avatarUrl': avatarUrl}};
   },
 
   setShowCardsCountAt(limit) {
-    return { $set: { 'profile.showCardsCountAt': limit } };
+    return {$set: {'profile.showCardsCountAt': limit}};
   },
 });
 
 Meteor.methods({
   setUsername(username, userId) {
     check(username, String);
-    const nUsersWithUsername = Users.find({ username }).count();
+    const nUsersWithUsername = Users.find({username}).count();
     if (nUsersWithUsername > 0) {
       throw new Meteor.Error('username-already-taken');
     } else {
@@ -344,7 +351,7 @@ Meteor.methods({
   },
   setEmail(email, userId) {
     check(email, String);
-    const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } });
+    const existingUser = Users.findOne({'emails.address': email}, {fields: {_id: 1}});
     if (existingUser) {
       throw new Meteor.Error('email-already-taken');
     } else {
@@ -380,8 +387,8 @@ if (Meteor.isServer) {
         board &&
         board.members &&
         _.contains(_.pluck(board.members, 'userId'), inviter._id) &&
-        _.where(board.members, { userId: inviter._id })[0].isActive &&
-        _.where(board.members, { userId: inviter._id })[0].isAdmin;
+        _.where(board.members, {userId: inviter._id})[0].isActive &&
+        _.where(board.members, {userId: inviter._id})[0].isAdmin;
       if (!allowInvite) throw new Meteor.Error('error-board-notAMember');
 
       this.unblock();
@@ -389,9 +396,9 @@ if (Meteor.isServer) {
       const posAt = username.indexOf('@');
       let user = null;
       if (posAt >= 0) {
-        user = Users.findOne({ emails: { $elemMatch: { address: username } } });
+        user = Users.findOne({emails: {$elemMatch: {address: username}}});
       } else {
-        user = Users.findOne(username) || Users.findOne({ username });
+        user = Users.findOne(username) || Users.findOne({username});
       }
       if (user) {
         if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf');
@@ -401,7 +408,7 @@ if (Meteor.isServer) {
         // Set in lowercase email before creating account
         const email = username.toLowerCase();
         username = email.substring(0, posAt);
-        const newUserId = Accounts.createUser({ username, email });
+        const newUserId = Accounts.createUser({username, email});
         if (!newUserId) throw new Meteor.Error('error-user-notCreated');
         // assume new user speak same language with inviter
         if (inviter.profile && inviter.profile.language) {
@@ -435,7 +442,7 @@ if (Meteor.isServer) {
       } catch (e) {
         throw new Meteor.Error('email-fail', e.message);
       }
-      return { username: user.username, email: user.emails[0].address };
+      return {username: user.username, email: user.emails[0].address};
     },
   });
   Accounts.onCreateUser((options, user) => {
@@ -458,11 +465,15 @@ if (Meteor.isServer) {
     if (!options || !options.profile) {
       throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required');
     }
-    const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true });
+    const invitationCode = InvitationCodes.findOne({
+      code: options.profile.invitationcode,
+      email: options.email,
+      valid: true
+    });
     if (!invitationCode) {
       throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist');
     } else {
-      user.profile = { icode: options.profile.invitationcode };
+      user.profile = {icode: options.profile.invitationcode};
     }
 
     return user;
@@ -474,7 +485,7 @@ if (Meteor.isServer) {
   Meteor.startup(() => {
     Users._collection._ensureIndex({
       username: 1,
-    }, { unique: true });
+    }, {unique: true});
   });
 
   // Each board document contains the de-normalized number of users that have
@@ -493,6 +504,7 @@ if (Meteor.isServer) {
     function getStarredBoardsIds(doc) {
       return doc.profile && doc.profile.starredBoards;
     }
+
     const oldIds = getStarredBoardsIds(this.previous);
     const newIds = getStarredBoardsIds(user);
 
@@ -501,9 +513,10 @@ if (Meteor.isServer) {
     // direction and then in the other.
     function incrementBoards(boardsIds, inc) {
       boardsIds.forEach((boardId) => {
-        Boards.update(boardId, { $inc: { stars: inc } });
+        Boards.update(boardId, {$inc: {stars: inc}});
       });
     }
+
     incrementBoards(_.difference(oldIds, newIds), -1);
     incrementBoards(_.difference(newIds, oldIds), +1);
   });
@@ -530,7 +543,7 @@ if (Meteor.isServer) {
         }, fakeUser, (err, boardId) => {
 
           ['welcome-list1', 'welcome-list2'].forEach((title) => {
-            Lists.insert({ title: TAPi18n.__(title), boardId }, fakeUser);
+            Lists.insert({title: TAPi18n.__(title), boardId}, fakeUser);
           });
         });
       });
@@ -546,14 +559,14 @@ if (Meteor.isServer) {
       // the disableRegistration check.
       // Issue : https://github.com/wekan/wekan/issues/1232
       // PR    : https://github.com/wekan/wekan/pull/1251
-      Users.update(doc._id, { $set: { createdThroughApi: '' } });
+      Users.update(doc._id, {$set: {createdThroughApi: ''}});
       return;
     }
 
     //invite user to corresponding boards
     const disableRegistration = Settings.findOne().disableRegistration;
     if (disableRegistration) {
-      const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true });
+      const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true});
       if (!invitationCode) {
         throw new Meteor.Error('error-invitation-code-not-exist');
       } else {
@@ -565,8 +578,8 @@ if (Meteor.isServer) {
           doc.profile = {};
         }
         doc.profile.invitedBoards = invitationCode.boardsToBeInvited;
-        Users.update(doc._id, { $set: { profile: doc.profile } });
-        InvitationCodes.update(invitationCode._id, { $set: { valid: false } });
+        Users.update(doc._id, {$set: {profile: doc.profile}});
+        InvitationCodes.update(invitationCode._id, {$set: {valid: false}});
       }
     }
   });
@@ -575,9 +588,9 @@ if (Meteor.isServer) {
 
 // USERS REST API
 if (Meteor.isServer) {
-  JsonRoutes.add('GET', '/api/user', function(req, res, next) {
+  JsonRoutes.add('GET', '/api/user', function (req, res, next) {
     Authentication.checkLoggedIn(req.userId);
-    const data = Meteor.users.findOne({ _id: req.userId});
+    const data = Meteor.users.findOne({_id: req.userId});
     delete data.services;
     JsonRoutes.sendResult(res, {
       code: 200,
@@ -586,33 +599,33 @@ if (Meteor.isServer) {
   });
 
   JsonRoutes.add('GET', '/api/users', function (req, res, next) {
-    Authentication.checkUserId( req.userId);
+    Authentication.checkUserId(req.userId);
     JsonRoutes.sendResult(res, {
       code: 200,
       data: Meteor.users.find({}).map(function (doc) {
-        return { _id: doc._id, username: doc.username };
+        return {_id: doc._id, username: doc.username};
       }),
     });
   });
   JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) {
-    Authentication.checkUserId( req.userId);
+    Authentication.checkUserId(req.userId);
     const id = req.params.id;
     JsonRoutes.sendResult(res, {
       code: 200,
-      data: Meteor.users.findOne({ _id: id }),
+      data: Meteor.users.findOne({_id: id}),
     });
   });
   JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
-    Authentication.checkUserId( req.userId);
+    Authentication.checkUserId(req.userId);
     const id = req.params.id;
     const action = req.body.action;
-    let data = Meteor.users.findOne({ _id: id });
+    let data = Meteor.users.findOne({_id: id});
     if (data !== undefined) {
       if (action === 'takeOwnership') {
         data = Boards.find({
           'members.userId': id,
           'members.isAdmin': true,
-        }).map(function(board) {
+        }).map(function (board) {
           if (board.hasMember(req.userId)) {
             board.removeMember(req.userId);
           }
@@ -624,11 +637,11 @@ if (Meteor.isServer) {
         });
       } else {
         if ((action === 'disableLogin') && (id !== req.userId)) {
-          Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
+          Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}});
         } else if (action === 'enableLogin') {
-          Users.update({ _id: id }, { $set: { loginDisabled: '' } });
+          Users.update({_id: id}, {$set: {loginDisabled: ''}});
         }
-        data = Meteor.users.findOne({ _id: id });
+        data = Meteor.users.findOne({_id: id});
       }
     }
     JsonRoutes.sendResult(res, {
@@ -637,7 +650,7 @@ if (Meteor.isServer) {
     });
   });
   JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
-    Authentication.checkUserId( req.userId);
+    Authentication.checkUserId(req.userId);
     const id = Accounts.createUser({
       username: req.body.username,
       email: req.body.email,
@@ -654,9 +667,9 @@ if (Meteor.isServer) {
   });
 
   JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) {
-    Authentication.checkUserId( req.userId);
+    Authentication.checkUserId(req.userId);
     const id = req.params.id;
-    Meteor.users.remove({ _id: id });
+    Meteor.users.remove({_id: id});
     JsonRoutes.sendResult(res, {
       code: 200,
       data: {