wcrisman/PetitTetonMeteor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit. Modified the Meteor todos app to create the Petit Teton data tracking app. Has working data for sales. Requires a Mongo database.

Browse Source
This commit is contained in:
Wynne Crisman
2017-01-15 11:33:37 -08:00
commit b757595cd6
104 changed files with 26824 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
imports/api/User.js Normal file
View File

@@ -0,0 +1,69 @@
import {Random} from 'meteor/random';
if(Meteor.isServer) {
Meteor.publish('users', function() {
if(Roles.userIsInRole(this.userId, ['manage'])) {
return Meteor.users.find({}, {fields: {username: 1, emails: 1, roles: 1}});
}
else throw new Meteor.Error(403, "Not authorized to view users.");
});
Meteor.methods({
"insertUser": function(user, roles) {
check(user, {
username: String,
email: String
});
check(roles, [String]);
//Verify the currently logged in user has authority to manage users.
if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
//Verify the user name isn't already used.
if(Meteor.collections.Users.findOne({username: user.username}) == undefined) {
let pwd = Random.secret(20);
let id = Accounts.createUser({password: pwd, username: user.username, email: user.email});
//Requires the alanning:roles package.
Roles.addUsersToRoles(id, roles);
}
else {
throw new Meteor.Error(400, "User already exists.");
}
}
else throw new Meteor.Error(403, "Not authorized to add users.");
},
"updateUser": function(user) {
check(user, {
_id: String,
username: String,
emails: [{
address: String,
verified: Boolean
}],
roles: [String]
});
//Verify the currently logged in user has authority to manage users.
if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
//Verify the user name isn't already used with a different ID.
if(Meteor.collections.Users.findOne({username: user.username, _id: {$ne: user._id}}) == undefined) {
//Update the user. Note: I am using direct mongo modification, versus attempting to go through the Accounts and Roles objects. This could cause problems in the future if these packages change their data structures.
Meteor.collections.Users.update(user._id, {$set: {username: user.username, emails: user.emails, roles: user.roles}});
}
else {
throw new Meteor.Error(400, "User name already exists.");
}
}
else throw new Meteor.Error(403, "Not authorized to update users.");
},
"deleteUser": function(id) {
check(id, String);
if(Roles.userIsInRole(this.userId, [Meteor.UserRoles.ROLE_MANAGE])) {
Meteor.collections.Users.remove(id);
}
else throw new Meteor.Error(403, "Not authorized to remove users.");
}
});
}
export default Meteor.users;