Copied starter Meteor App files.

Cut and paste of the BasicMeteorApp.

imports/api/Roles.js

@@ -0,0 +1,17 @@
+
+if(Meteor.isServer) {
+	Meteor.publish('roles', function() {
+		if(Roles.userIsInRole(this.userId, ['manage'])) {
+			return Meteor.roles.find({}, {fields: {name: 1}});
+		}
+		else throw new Meteor.Error(403, "Not authorized to view roles.");
+	});
+}
+
+let ROLE_MANAGE = "manage";
+let ROLE_UPDATE = "update";
+
+Meteor.UserRoles = {ROLE_MANAGE, ROLE_UPDATE};
+
+
+export default Meteor.roles;

imports/api/User.js

@@ -0,0 +1,69 @@
+import {Random} from 'meteor/random';
+
+if(Meteor.isServer) {
+	Meteor.publish('users', function() {
+		if(Roles.userIsInRole(this.userId, ['manage'])) {
+			return Meteor.users.find({}, {fields: {username: 1, emails: 1, roles: 1}});
+		}
+		else throw new Meteor.Error(403, "Not authorized to view users.");
+	});
+	
+	Meteor.methods({
+		"insertUser": function(user) {
+			check(user, {
+				username: String,
+				email: String,
+				roles: [String]
+			});
+			
+			//Verify the currently logged in user has authority to manage users.
+			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
+				//Verify the user name isn't already used.
+				if(Meteor.collections.Users.findOne({username: user.username}) === undefined) {
+					let pwd = Random.secret(20);
+					let id = Accounts.createUser({password: pwd, username: user.username, email: user.email});
+					
+					//Requires the alanning:roles package.
+					Roles.addUsersToRoles(id, user.roles);
+				}
+				else {
+					throw new Meteor.Error(400, "User already exists.");
+				}
+			}
+			else throw new Meteor.Error(403, "Not authorized to add users.");
+		},
+		"updateUser": function(user) {
+			check(user, {
+				_id: String,
+				username: String,
+				emails: [{
+					address: String,
+					verified: Boolean
+				}],
+				roles: [String]
+			});
+			
+			//Verify the currently logged in user has authority to manage users.
+			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
+				//Verify the user name isn't already used with a different ID.
+				if(Meteor.collections.Users.findOne({username: user.username, _id: {$ne: user._id}}) == undefined) {
+					//Update the user.  Note: I am using direct mongo modification, versus attempting to go through the Accounts and Roles objects.  This could cause problems in the future if these packages change their data structures.
+					Meteor.collections.Users.update(user._id, {$set: {username: user.username, emails: user.emails, roles: user.roles}});
+				}
+				else {
+					throw new Meteor.Error(400, "User name already exists.");
+				}
+			}
+			else throw new Meteor.Error(403, "Not authorized to update users.");
+		},
+		"deleteUser": function(id) {
+			check(id, String);
+			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
+				Meteor.collections.Users.remove(id);
+			}
+			else throw new Meteor.Error(403, "Not authorized to remove users.");
+		}
+	});
+}
+
+export default Meteor.users;

imports/api/index.js

@@ -0,0 +1,23 @@
+
+import Users from "./User.js";
+import UserRoles from "./Roles.js";
+
+//Save the collections in the Meteor.collections property for easy access without name conflicts.
+Meteor.collections = {Users, UserRoles};
+
+//If this is the server then setup the default admin user if none exist.
+if(Meteor.isServer) {
+	//Change this to find admin users, create a default admin user if none exists.
+	if(Users.find({}).count() == 0) {
+		try {
+			console.log("Creating a default admin user: admin/admin");
+			
+			let id = Accounts.createUser({password: 'admin', username: 'admin'});
+			//Requires the alanning:roles package.
+			Roles.addUsersToRoles(id, [Meteor.UserRoles.ROLE_MANAGE, Meteor.UserRoles.ROLE_UPDATE]);
+		}
+		catch(err) {
+			console.log(err);
+		}
+	}
+}