From 34b37116cf8c618a4ea12b13d969c24654f4248b Mon Sep 17 00:00:00 2001 From: Angelo Gallarello Date: Wed, 12 Sep 2018 00:52:29 +0200 Subject: Fixed rule allows --- models/actions.js | 45 ++++++--------------------------------------- models/rules.js | 31 +++++++++++++++++-------------- models/triggers.js | 15 ++++++--------- 3 files changed, 29 insertions(+), 62 deletions(-) (limited to 'models') diff --git a/models/actions.js b/models/actions.js index daa5cc96..da9b30fb 100644 --- a/models/actions.js +++ b/models/actions.js @@ -1,52 +1,19 @@ Actions = new Mongo.Collection('actions'); - -Actions.mutations({ - rename(description) { - return { $set: { description } }; - }, -}); - Actions.allow({ - update: function () { - // add custom authentication code here - return true; + insert(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, - insert: function () { - // add custom authentication code here - return true; + update(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, - remove: function () { - // add custom authentication code here - return true; + remove(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); } }); -Actions.helpers({ - fromList() { - return Lists.findOne(this.fromId); - }, - - toList() { - return Lists.findOne(this.toId); - }, - - findList(title) { - return Lists.findOne({title:title}); - }, - - labels() { - const boardLabels = this.board().labels; - const cardLabels = _.filter(boardLabels, (label) => { - return _.contains(this.labelIds, label._id); - }); - return cardLabels; - }}); - - - diff --git a/models/rules.js b/models/rules.js index 271e6b52..fe6b04cb 100644 --- a/models/rules.js +++ b/models/rules.js @@ -3,15 +3,19 @@ Rules = new Mongo.Collection('rules'); Rules.attachSchema(new SimpleSchema({ title: { type: String, - optional: true, + optional: false, }, triggerId: { type: String, - optional: true, + optional: false, }, actionId: { type: String, - optional: true, + optional: false, + }, + boardId: { + type: String, + optional: false, }, })); @@ -25,22 +29,21 @@ Rules.helpers({ getAction(){ return Actions.findOne({_id:this.actionId}); }, + getTrigger(){ + return Triggers.findOne({_id:this.triggerId}); + } }); Rules.allow({ - update: function () { - // add custom authentication code here - return true; + insert(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, - remove: function () { - // add custom authentication code here - return true; - }, - insert: function () { - // add custom authentication code here - return true; + update(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, + remove(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); + } }); - diff --git a/models/triggers.js b/models/triggers.js index 083c860e..a1437ea6 100644 --- a/models/triggers.js +++ b/models/triggers.js @@ -9,17 +9,14 @@ Triggers.mutations({ }); Triggers.allow({ - update: function () { - // add custom authentication code here - return true; + insert(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, - insert: function () { - // add custom authentication code here - return true; + update(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); }, - remove: function () { - // add custom authentication code here - return true; + remove(userId, doc) { + return allowIsBoardAdmin(userId, Boards.findOne(doc.boardId)); } }); -- cgit v1.2.3-1-g7c22