From e3b7f85cc35b650e72259909608237ea0347a7fb Mon Sep 17 00:00:00 2001 From: Thuan Pham Quoc Date: Wed, 8 Nov 2017 11:34:05 +0700 Subject: Updated users methods to get user id from client on updating user data, is aimed to support admin update other user profile --- models/users.js | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'models/users.js') diff --git a/models/users.js b/models/users.js index abc0f82d..a4106023 100644 --- a/models/users.js +++ b/models/users.js @@ -325,13 +325,13 @@ Users.mutations({ }); Meteor.methods({ - setUsername(username) { + setUsername(username, userId) { check(username, String); const nUsersWithUsername = Users.find({ username }).count(); if (nUsersWithUsername > 0) { throw new Meteor.Error('username-already-taken'); } else { - Users.update(this.userId, { $set: { username } }); + Users.update(userId, {$set: {username}}); } }, toggleSystemMessages() { @@ -342,13 +342,13 @@ Meteor.methods({ check(limit, Number); Meteor.user().setShowCardsCountAt(limit); }, - setEmail(email) { + setEmail(email, userId) { check(email, String); const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } }); if (existingUser) { throw new Meteor.Error('email-already-taken'); } else { - Users.update(this.userId, { + Users.update(userId, { $set: { emails: [{ address: email, @@ -358,11 +358,12 @@ Meteor.methods({ }); } }, - setUsernameAndEmail(username, email) { + setUsernameAndEmail(username, email, userId) { check(username, String); check(email, String); - Meteor.call('setUsername', username); - Meteor.call('setEmail', email); + check(userId, String); + Meteor.call('setUsername', username, userId); + Meteor.call('setEmail', email, userId); }, }); -- cgit v1.2.3-1-g7c22 From fa1d8cd5ef0834f882e6d34d356d5fea55eb6ea1 Mon Sep 17 00:00:00 2001 From: Thuan Pham Quoc Date: Wed, 8 Nov 2017 11:34:37 +0700 Subject: Added update all user profile from admin panel --- models/users.js | 101 ++++++++++++++++++++++++++++++++------------------------ 1 file changed, 57 insertions(+), 44 deletions(-) (limited to 'models/users.js') diff --git a/models/users.js b/models/users.js index a4106023..ae35401c 100644 --- a/models/users.js +++ b/models/users.js @@ -118,6 +118,13 @@ Users.attachSchema(new SimpleSchema({ }, })); +Users.allow({ + update(userId) { + const user = Users.findOne(userId); + return user && Meteor.user().isAdmin; + }, +}); + // Search a user in the complete server database by its name or username. This // is used for instance to add a new user to a board. const searchInFields = ['username', 'profile.fullname']; @@ -152,36 +159,36 @@ if (Meteor.isClient) { Users.helpers({ boards() { - return Boards.find({ userId: this._id }); + return Boards.find({userId: this._id}); }, starredBoards() { - const { starredBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: starredBoards } }); + const {starredBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: starredBoards}}); }, hasStarred(boardId) { - const { starredBoards = [] } = this.profile; + const {starredBoards = []} = this.profile; return _.contains(starredBoards, boardId); }, invitedBoards() { - const { invitedBoards = [] } = this.profile; - return Boards.find({ archived: false, _id: { $in: invitedBoards } }); + const {invitedBoards = []} = this.profile; + return Boards.find({archived: false, _id: {$in: invitedBoards}}); }, isInvitedTo(boardId) { - const { invitedBoards = [] } = this.profile; + const {invitedBoards = []} = this.profile; return _.contains(invitedBoards, boardId); }, hasTag(tag) { - const { tags = [] } = this.profile; + const {tags = []} = this.profile; return _.contains(tags, tag); }, hasNotification(activityId) { - const { notifications = [] } = this.profile; + const {notifications = []} = this.profile; return _.contains(notifications, activityId); }, @@ -191,7 +198,7 @@ Users.helpers({ }, getEmailBuffer() { - const { emailBuffer = [] } = this.profile; + const {emailBuffer = []} = this.profile; return emailBuffer; }, @@ -316,18 +323,18 @@ Users.mutations({ }, setAvatarUrl(avatarUrl) { - return { $set: { 'profile.avatarUrl': avatarUrl } }; + return {$set: {'profile.avatarUrl': avatarUrl}}; }, setShowCardsCountAt(limit) { - return { $set: { 'profile.showCardsCountAt': limit } }; + return {$set: {'profile.showCardsCountAt': limit}}; }, }); Meteor.methods({ setUsername(username, userId) { check(username, String); - const nUsersWithUsername = Users.find({ username }).count(); + const nUsersWithUsername = Users.find({username}).count(); if (nUsersWithUsername > 0) { throw new Meteor.Error('username-already-taken'); } else { @@ -344,7 +351,7 @@ Meteor.methods({ }, setEmail(email, userId) { check(email, String); - const existingUser = Users.findOne({ 'emails.address': email }, { fields: { _id: 1 } }); + const existingUser = Users.findOne({'emails.address': email}, {fields: {_id: 1}}); if (existingUser) { throw new Meteor.Error('email-already-taken'); } else { @@ -380,8 +387,8 @@ if (Meteor.isServer) { board && board.members && _.contains(_.pluck(board.members, 'userId'), inviter._id) && - _.where(board.members, { userId: inviter._id })[0].isActive && - _.where(board.members, { userId: inviter._id })[0].isAdmin; + _.where(board.members, {userId: inviter._id})[0].isActive && + _.where(board.members, {userId: inviter._id})[0].isAdmin; if (!allowInvite) throw new Meteor.Error('error-board-notAMember'); this.unblock(); @@ -389,9 +396,9 @@ if (Meteor.isServer) { const posAt = username.indexOf('@'); let user = null; if (posAt >= 0) { - user = Users.findOne({ emails: { $elemMatch: { address: username } } }); + user = Users.findOne({emails: {$elemMatch: {address: username}}}); } else { - user = Users.findOne(username) || Users.findOne({ username }); + user = Users.findOne(username) || Users.findOne({username}); } if (user) { if (user._id === inviter._id) throw new Meteor.Error('error-user-notAllowSelf'); @@ -401,7 +408,7 @@ if (Meteor.isServer) { // Set in lowercase email before creating account const email = username.toLowerCase(); username = email.substring(0, posAt); - const newUserId = Accounts.createUser({ username, email }); + const newUserId = Accounts.createUser({username, email}); if (!newUserId) throw new Meteor.Error('error-user-notCreated'); // assume new user speak same language with inviter if (inviter.profile && inviter.profile.language) { @@ -435,7 +442,7 @@ if (Meteor.isServer) { } catch (e) { throw new Meteor.Error('email-fail', e.message); } - return { username: user.username, email: user.emails[0].address }; + return {username: user.username, email: user.emails[0].address}; }, }); Accounts.onCreateUser((options, user) => { @@ -458,11 +465,15 @@ if (Meteor.isServer) { if (!options || !options.profile) { throw new Meteor.Error('error-invitation-code-blank', 'The invitation code is required'); } - const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, valid: true }); + const invitationCode = InvitationCodes.findOne({ + code: options.profile.invitationcode, + email: options.email, + valid: true + }); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist'); } else { - user.profile = { icode: options.profile.invitationcode }; + user.profile = {icode: options.profile.invitationcode}; } return user; @@ -474,7 +485,7 @@ if (Meteor.isServer) { Meteor.startup(() => { Users._collection._ensureIndex({ username: 1, - }, { unique: true }); + }, {unique: true}); }); // Each board document contains the de-normalized number of users that have @@ -493,6 +504,7 @@ if (Meteor.isServer) { function getStarredBoardsIds(doc) { return doc.profile && doc.profile.starredBoards; } + const oldIds = getStarredBoardsIds(this.previous); const newIds = getStarredBoardsIds(user); @@ -501,9 +513,10 @@ if (Meteor.isServer) { // direction and then in the other. function incrementBoards(boardsIds, inc) { boardsIds.forEach((boardId) => { - Boards.update(boardId, { $inc: { stars: inc } }); + Boards.update(boardId, {$inc: {stars: inc}}); }); } + incrementBoards(_.difference(oldIds, newIds), -1); incrementBoards(_.difference(newIds, oldIds), +1); }); @@ -530,7 +543,7 @@ if (Meteor.isServer) { }, fakeUser, (err, boardId) => { ['welcome-list1', 'welcome-list2'].forEach((title) => { - Lists.insert({ title: TAPi18n.__(title), boardId }, fakeUser); + Lists.insert({title: TAPi18n.__(title), boardId}, fakeUser); }); }); }); @@ -546,14 +559,14 @@ if (Meteor.isServer) { // the disableRegistration check. // Issue : https://github.com/wekan/wekan/issues/1232 // PR : https://github.com/wekan/wekan/pull/1251 - Users.update(doc._id, { $set: { createdThroughApi: '' } }); + Users.update(doc._id, {$set: {createdThroughApi: ''}}); return; } //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; if (disableRegistration) { - const invitationCode = InvitationCodes.findOne({ code: doc.profile.icode, valid: true }); + const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); } else { @@ -565,8 +578,8 @@ if (Meteor.isServer) { doc.profile = {}; } doc.profile.invitedBoards = invitationCode.boardsToBeInvited; - Users.update(doc._id, { $set: { profile: doc.profile } }); - InvitationCodes.update(invitationCode._id, { $set: { valid: false } }); + Users.update(doc._id, {$set: {profile: doc.profile}}); + InvitationCodes.update(invitationCode._id, {$set: {valid: false}}); } } }); @@ -575,9 +588,9 @@ if (Meteor.isServer) { // USERS REST API if (Meteor.isServer) { - JsonRoutes.add('GET', '/api/user', function(req, res, next) { + JsonRoutes.add('GET', '/api/user', function (req, res, next) { Authentication.checkLoggedIn(req.userId); - const data = Meteor.users.findOne({ _id: req.userId}); + const data = Meteor.users.findOne({_id: req.userId}); delete data.services; JsonRoutes.sendResult(res, { code: 200, @@ -586,33 +599,33 @@ if (Meteor.isServer) { }); JsonRoutes.add('GET', '/api/users', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); JsonRoutes.sendResult(res, { code: 200, data: Meteor.users.find({}).map(function (doc) { - return { _id: doc._id, username: doc.username }; + return {_id: doc._id, username: doc.username}; }), }); }); JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; JsonRoutes.sendResult(res, { code: 200, - data: Meteor.users.findOne({ _id: id }), + data: Meteor.users.findOne({_id: id}), }); }); JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; const action = req.body.action; - let data = Meteor.users.findOne({ _id: id }); + let data = Meteor.users.findOne({_id: id}); if (data !== undefined) { if (action === 'takeOwnership') { data = Boards.find({ 'members.userId': id, 'members.isAdmin': true, - }).map(function(board) { + }).map(function (board) { if (board.hasMember(req.userId)) { board.removeMember(req.userId); } @@ -624,11 +637,11 @@ if (Meteor.isServer) { }); } else { if ((action === 'disableLogin') && (id !== req.userId)) { - Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } }); + Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}}); } else if (action === 'enableLogin') { - Users.update({ _id: id }, { $set: { loginDisabled: '' } }); + Users.update({_id: id}, {$set: {loginDisabled: ''}}); } - data = Meteor.users.findOne({ _id: id }); + data = Meteor.users.findOne({_id: id}); } } JsonRoutes.sendResult(res, { @@ -637,7 +650,7 @@ if (Meteor.isServer) { }); }); JsonRoutes.add('POST', '/api/users/', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = Accounts.createUser({ username: req.body.username, email: req.body.email, @@ -654,9 +667,9 @@ if (Meteor.isServer) { }); JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); + Authentication.checkUserId(req.userId); const id = req.params.id; - Meteor.users.remove({ _id: id }); + Meteor.users.remove({_id: id}); JsonRoutes.sendResult(res, { code: 200, data: { -- cgit v1.2.3-1-g7c22 From b4c3e02b75c2fc9eca3af668fdd8b27b9afaa279 Mon Sep 17 00:00:00 2001 From: Thuan Pham Quoc Date: Thu, 16 Nov 2017 14:14:03 +0700 Subject: Fix Missing trailing comma in users.js --- models/users.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'models/users.js') diff --git a/models/users.js b/models/users.js index ae35401c..9a0a61a4 100644 --- a/models/users.js +++ b/models/users.js @@ -468,7 +468,7 @@ if (Meteor.isServer) { const invitationCode = InvitationCodes.findOne({ code: options.profile.invitationcode, email: options.email, - valid: true + valid: true, }); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist', 'The invitation code doesn\'t exist'); -- cgit v1.2.3-1-g7c22