diff options
Diffstat (limited to 'models/users.js')
| -rw-r--r-- | models/users.js | 90 |
1 files changed, 87 insertions, 3 deletions
diff --git a/models/users.js b/models/users.js index 01673e4f..27d3e9fa 100644 --- a/models/users.js +++ b/models/users.js @@ -127,6 +127,11 @@ Users.attachSchema(new SimpleSchema({ type: Boolean, optional: true, }, + // TODO : write a migration and check if using a ldap parameter is better than a connection_type parameter + ldap: { + type: Boolean, + optional: true, + }, })); Users.allow({ @@ -490,7 +495,6 @@ if (Meteor.isServer) { if (user.services.oidc) { const email = user.services.oidc.email.toLowerCase(); - user.username = user.services.oidc.username; user.emails = [{ address: email, verified: true }]; const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase(); @@ -518,7 +522,10 @@ if (Meteor.isServer) { } const disableRegistration = Settings.findOne().disableRegistration; - if (!disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (options.ldap || !disableRegistration) { + user.ldap = true; return user; } @@ -636,7 +643,9 @@ if (Meteor.isServer) { //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; - if (disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (!doc.ldap && disableRegistration) { const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); @@ -766,6 +775,81 @@ if (Meteor.isServer) { } }); + JsonRoutes.add('POST', '/api/boards/:boardId/members/:userId/add', function (req, res) { + try { + Authentication.checkUserId(req.userId); + const userId = req.params.userId; + const boardId = req.params.boardId; + const action = req.body.action; + const {isAdmin, isNoComments, isCommentOnly} = req.body; + let data = Meteor.users.findOne({ _id: userId }); + if (data !== undefined) { + if (action === 'add') { + data = Boards.find({ + _id: boardId, + }).map(function(board) { + if (!board.hasMember(userId)) { + board.addMember(userId); + function isTrue(data){ + return data.toLowerCase() === 'true'; + } + board.setMemberPermission(userId, isTrue(isAdmin), isTrue(isNoComments), isTrue(isCommentOnly), userId); + } + return { + _id: board._id, + title: board.title, + }; + }); + } + } + JsonRoutes.sendResult(res, { + code: 200, + data: query, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } + }); + + JsonRoutes.add('POST', '/api/boards/:boardId/members/:userId/remove', function (req, res) { + try { + Authentication.checkUserId(req.userId); + const userId = req.params.userId; + const boardId = req.params.boardId; + const action = req.body.action; + let data = Meteor.users.findOne({ _id: userId }); + if (data !== undefined) { + if (action === 'remove') { + data = Boards.find({ + _id: boardId, + }).map(function(board) { + if (board.hasMember(userId)) { + board.removeMember(userId); + } + return { + _id: board._id, + title: board.title, + }; + }); + } + } + JsonRoutes.sendResult(res, { + code: 200, + data: query, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } + }); + JsonRoutes.add('POST', '/api/users/', function (req, res) { try { Authentication.checkUserId(req.userId); |