diff options
Diffstat (limited to 'models/users.js')
-rw-r--r-- | models/users.js | 174 |
1 files changed, 149 insertions, 25 deletions
diff --git a/models/users.js b/models/users.js index 58513231..29504aa8 100644 --- a/models/users.js +++ b/models/users.js @@ -1,7 +1,7 @@ // Sandstorm context is detected using the METEOR_SETTINGS environment variable // in the package definition. const isSandstorm = Meteor.settings && Meteor.settings.public && - Meteor.settings.public.sandstorm; + Meteor.settings.public.sandstorm; Users = Meteor.users; Users.attachSchema(new SimpleSchema({ @@ -91,6 +91,10 @@ Users.attachSchema(new SimpleSchema({ type: [String], optional: true, }, + 'profile.icode': { + type: String, + optional: true, + }, services: { type: Object, optional: true, @@ -100,6 +104,10 @@ Users.attachSchema(new SimpleSchema({ type: Date, optional: true, }, + isAdmin: { + type: Boolean, + optional: true, + }, })); // Search a user in the complete server database by its name or username. This @@ -117,6 +125,16 @@ if (Meteor.isClient) { return board && board.hasMember(this._id); }, + isNotCommentOnly() { + const board = Boards.findOne(Session.get('currentBoard')); + return board && board.hasMember(this._id) && !board.hasCommentOnly(this._id); + }, + + isCommentOnly() { + const board = Boards.findOne(Session.get('currentBoard')); + return board && board.hasCommentOnly(this._id); + }, + isBoardAdmin() { const board = Boards.findOne(Session.get('currentBoard')); return board && board.hasAdmin(this._id); @@ -130,32 +148,32 @@ Users.helpers({ }, starredBoards() { - const {starredBoards = []} = this.profile; - return Boards.find({archived: false, _id: {$in: starredBoards}}); + const { starredBoards = [] } = this.profile; + return Boards.find({ archived: false, _id: { $in: starredBoards } }); }, hasStarred(boardId) { - const {starredBoards = []} = this.profile; + const { starredBoards = [] } = this.profile; return _.contains(starredBoards, boardId); }, invitedBoards() { - const {invitedBoards = []} = this.profile; - return Boards.find({archived: false, _id: {$in: invitedBoards}}); + const { invitedBoards = [] } = this.profile; + return Boards.find({ archived: false, _id: { $in: invitedBoards } }); }, isInvitedTo(boardId) { - const {invitedBoards = []} = this.profile; + const { invitedBoards = [] } = this.profile; return _.contains(invitedBoards, boardId); }, hasTag(tag) { - const {tags = []} = this.profile; + const { tags = [] } = this.profile; return _.contains(tags, tag); }, hasNotification(activityId) { - const {notifications = []} = this.profile; + const { notifications = [] } = this.profile; return _.contains(notifications, activityId); }, @@ -165,7 +183,7 @@ Users.helpers({ }, getEmailBuffer() { - const {emailBuffer = []} = this.profile; + const { emailBuffer = [] } = this.profile; return emailBuffer; }, @@ -290,7 +308,7 @@ Users.mutations({ }, setAvatarUrl(avatarUrl) { - return { $set: { 'profile.avatarUrl': avatarUrl }}; + return { $set: { 'profile.avatarUrl': avatarUrl } }; }, setShowCardsCountAt(limit) { @@ -305,7 +323,7 @@ Meteor.methods({ if (nUsersWithUsername > 0) { throw new Meteor.Error('username-already-taken'); } else { - Users.update(this.userId, {$set: { username }}); + Users.update(this.userId, { $set: { username } }); } }, toggleSystemMessages() { @@ -328,19 +346,19 @@ if (Meteor.isServer) { const inviter = Meteor.user(); const board = Boards.findOne(boardId); const allowInvite = inviter && - board && - board.members && - _.contains(_.pluck(board.members, 'userId'), inviter._id) && - _.where(board.members, {userId: inviter._id})[0].isActive && - _.where(board.members, {userId: inviter._id})[0].isAdmin; + board && + board.members && + _.contains(_.pluck(board.members, 'userId'), inviter._id) && + _.where(board.members, { userId: inviter._id })[0].isActive && + _.where(board.members, { userId: inviter._id })[0].isAdmin; if (!allowInvite) throw new Meteor.Error('error-board-notAMember'); this.unblock(); const posAt = username.indexOf('@'); let user = null; - if (posAt>=0) { - user = Users.findOne({emails: {$elemMatch: {address: username}}}); + if (posAt >= 0) { + user = Users.findOne({ emails: { $elemMatch: { address: username } } }); } else { user = Users.findOne(username) || Users.findOne({ username }); } @@ -348,8 +366,9 @@ if (Meteor.isServer) { if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf'); } else { if (posAt <= 0) throw new Meteor.Error('error-user-doesNotExist'); - - const email = username; + if (Settings.findOne().disableRegistration) throw new Meteor.Error('error-user-notCreated'); + // Set in lowercase email before creating account + const email = username.toLowerCase(); username = email.substring(0, posAt); const newUserId = Accounts.createUser({ username, email }); if (!newUserId) throw new Meteor.Error('error-user-notCreated'); @@ -377,7 +396,7 @@ if (Meteor.isServer) { }; const lang = user.getLanguage(); Email.send({ - to: user.emails[0].address, + to: user.emails[0].address.toLowerCase(), from: Accounts.emailTemplates.from, subject: TAPi18n.__('email-invite-subject', params, lang), text: TAPi18n.__('email-invite-text', params, lang), @@ -385,10 +404,32 @@ if (Meteor.isServer) { } catch (e) { throw new Meteor.Error('email-fail', e.message); } - return { username: user.username, email: user.emails[0].address }; }, }); + Accounts.onCreateUser((options, user) => { + const userCount = Users.find().count(); + if (!isSandstorm && userCount === 0) { + user.isAdmin = true; + return user; + } + const disableRegistration = Settings.findOne().disableRegistration; + if (!disableRegistration) { + return user; + } + + if (!options || !options.profile) { + throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required'); + } + const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true }); + if (!invitationCode) { + throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist'); + } else { + user.profile = { icode: options.profile.invitationcode }; + } + + return user; + }); } if (Meteor.isServer) { @@ -404,7 +445,7 @@ if (Meteor.isServer) { // counter. // We need to run this code on the server only, otherwise the incrementation // will be done twice. - Users.after.update(function(userId, user, fieldNames) { + Users.after.update(function (userId, user, fieldNames) { // The `starredBoards` list is hosted on the `profile` field. If this // field hasn't been modificated we don't need to run this hook. if (!_.contains(fieldNames, 'profile')) @@ -423,7 +464,7 @@ if (Meteor.isServer) { // direction and then in the other. function incrementBoards(boardsIds, inc) { boardsIds.forEach((boardId) => { - Boards.update(boardId, {$inc: {stars: inc}}); + Boards.update(boardId, { $inc: { stars: inc } }); }); } incrementBoards(_.difference(oldIds, newIds), -1); @@ -458,4 +499,87 @@ if (Meteor.isServer) { }); }); } + + Users.after.insert((userId, doc) => { + + //invite user to corresponding boards + const disableRegistration = Settings.findOne().disableRegistration; + if (disableRegistration) { + const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true }); + if (!invitationCode) { + throw new Meteor.Error('error-invitation-code-not-exist'); + } else { + invitationCode.boardsToBeInvited.forEach((boardId) => { + const board = Boards.findOne(boardId); + board.addMember(doc._id); + }); + if (!doc.profile) { + doc.profile = {}; + } + doc.profile.invitedBoards = invitationCode.boardsToBeInvited; + Users.update(doc._id, { $set: { profile: doc.profile } }); + InvitationCodes.update(invitationCode._id, { $set: { valid: false } }); + } + } + }); } + + +// USERS REST API +if (Meteor.isServer) { + JsonRoutes.add('GET', '/api/user', function(req, res, next) { + Authentication.checkLoggedIn(req.userId); + const data = Meteor.users.findOne({ _id: req.userId}); + delete data.services; + JsonRoutes.sendResult(res, { + code: 200, + data, + }); + }); + + JsonRoutes.add('GET', '/api/users', function (req, res, next) { + Authentication.checkUserId( req.userId); + JsonRoutes.sendResult(res, { + code: 200, + data: Meteor.users.find({}).map(function (doc) { + return { _id: doc._id, username: doc.username }; + }), + }); + }); + JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) { + Authentication.checkUserId( req.userId); + const id = req.params.id; + JsonRoutes.sendResult(res, { + code: 200, + data: Meteor.users.findOne({ _id: id }), + }); + }); + JsonRoutes.add('POST', '/api/users/', function (req, res, next) { + Authentication.checkUserId( req.userId); + const id = Accounts.createUser({ + username: req.body.username, + email: req.body.email, + password: 'default', + }); + + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + }); + + JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) { + Authentication.checkUserId( req.userId); + const id = req.params.id; + Meteor.users.remove({ _id: id }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + }); +} + |