PetitTetonMeteor/imports/api/User.js

import {Random} from 'meteor/random';

if(Meteor.isServer) {
	Meteor.publish('users', function() {
		if(Roles.userIsInRole(this.userId, ['manage'])) {
			return Meteor.users.find({}, {fields: {username: 1, emails: 1, roles: 1}});
		}
		else throw new Meteor.Error(403, "Not authorized to view users.");
	});
	
	Meteor.methods({
		"insertUser": function(user, roles) {
			check(user, {
				username: String,
				emails: [{address: String, verified: Match.Maybe(Boolean)}],
				//roles: [String]
			});
			check(roles, [String])
			
			//Verify the currently logged in user has authority to manage users.
			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
				//Verify the user name isn't already used.
				if(Meteor.collections.Users.findOne({username: user.username}) === undefined) {
					let pwd = Random.secret(20);
					console.log("Email: " + user.emails[0]);
					let id = Accounts.createUser({password: pwd, username: user.username, email: user.emails[0].address});
					
					//Requires the alanning:roles package.
					Roles.addUsersToRoles(id, user.roles);
				}
				else {
					throw new Meteor.Error(400, "User already exists.");
				}
			}
			else throw new Meteor.Error(403, "Not authorized to add users.");
		},
		"updateUser": async function(user, roles) {
			check(user, {
				_id: String,
				username: String,
				emails: [{
					address: String,
					verified: Boolean
				}],
				//roles: [String]
			});
			check(roles, [String])
			
			//Verify the currently logged in user has authority to manage users.
			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
				//Verify the user name isn't already used with a different ID.
				if(Meteor.collections.Users.findOne({username: user.username, _id: {$ne: user._id}}) == undefined) {
					//Update the user.  Note: I am using direct mongo modification, versus attempting to go through the Accounts and Roles objects.  This could cause problems in the future if these packages change their data structures.
					await Meteor.collections.Users.updateAsync(user._id, {$set: {username: user.username, emails: user.emails/*, roles: user.roles*/}});
					
					let currentRoles = await Roles.getRolesForUserAsync(user._id)
					
					//console.log(currentRoles)
					//console.log(roles)
					
					//TODO: Figure out which roles to add, and which roles to remove.
					
					// Add roles not in the database already.
					//console.log("Adding the user " + user._id + " to the following roles: ")
					//for(let next of roles) console.log(next)
					
					let rolesToAdd = roles.filter(x => !currentRoles.includes(x))
					let rolesToRemove = currentRoles.filter(x => !roles.includes(x))

					console.log('Roles to remove: ' + rolesToRemove)
					console.log('Roles to add: ' + rolesToAdd)
					
					if(rolesToAdd.length) Roles.addUsersToRoles([user._id], rolesToAdd)
					if(rolesToRemove.length) Roles.removeUsersFromRoles([user._id], rolesToRemove)
				}
				else {
					throw new Meteor.Error(400, "User name already exists.");
				}
			}
			else throw new Meteor.Error(403, "Not authorized to update users.");
		},
		"deleteUser": async function(id) {
			check(id, String);
			if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
				await Meteor.collections.Users.removeAsync(id);
			}
			else throw new Meteor.Error(403, "Not authorized to remove users.");
		}
	});
}

export default Meteor.users;