Skip to content

A
api
Commit 6752cdc3 by GD-A-150752
Options

MR-Changes

parent 5e8fcfdb
Showing with 100 additions and 61 deletions
server/config.ts
......@@ -8,14 +8,24 @@ export const PERMISSIONS = {
CAN_UPDATE_SETTINGS: 'CAN_UPDATE_SETTINGS',
CAN_ACCESS_SETTINGS: 'CAN_ACCESS_SETTINGS',
CAN_ACCESS_EMAIL_TEMPLATES: 'CAN_ACCESS_EMAIL_TEMPLATES',
CAN_UPDATE_ALL_USERS: 'CAN_UPDATE_ALL_USERS',
};
export enum ROLE_RANK {
ADMIN = 1,
USER,
BLOCKED,
}
export const CONFIG = {
SiteName: 'JIBC',
};
export const ERR = {
EMAIL_EXISTS: 'Email address already in use.',
EMAIL_NOT_EXISTS: 'Email address doesn\'t exist.',
ID_MISSING: 'UserId is missing',
EMAIL_MISSING: 'Email is missing',
DATA_MISSING: 'Required fields are missing',
FORBIDDEN: 'Not Enough Permissions',
};
export const E_CODE = {
UNPROCESSABLE_ENTITY: 422,
SERVER_ERROR: 500,
FORBIDDEN: 403,
};
server/methods/emails.method.ts
import { Meteor } from 'meteor/meteor';
import { EmailService } from '../services/email.service';
import { E_CODE, ERR } from '../config';
Meteor.methods({
sendForgotPasswordEmail(email: string): boolean {
......@@ -8,6 +9,6 @@ Meteor.methods({
EmailService.sendForgotPasswordEmail(user, email);
return true;
}
throw new Meteor.Error(422, 'Email address doesn\'t exist.');
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.EMAIL_NOT_EXISTS);
},
});
server/methods/roles.method.ts
import { Meteor } from 'meteor/meteor';
import { first } from 'rxjs/operators';
import { rolesCollection } from '../collections/role.collection';
import { PERMISSIONS, ROLE_RANK } from '../config';
import { E_CODE, PERMISSIONS } from '../config';
import { RoleModel } from '../models/role.model';
import { UtilsService } from '../services/utils.service';
......@@ -14,11 +14,7 @@ Meteor.methods({
.toPromise();
}
} catch (e) {
throw new Meteor.Error('Unable to add.', JSON.stringify(e));
throw new Meteor.Error(E_CODE.SERVER_ERROR, JSON.stringify(e));
}
},
getRoleSlug(id): ROLE_RANK {
return rolesCollection.findOne(id).Slug;
},
});
server/methods/settings.method.ts
import { Meteor } from 'meteor/meteor';
import { PERMISSIONS } from '../config';
import { E_CODE, ERR, PERMISSIONS } from '../config';
import { UtilsService } from '../services/utils.service';
import { settingsCollection } from '../collections/setting.collections';
......@@ -10,7 +10,7 @@ Meteor.methods({
Object.keys(setting)
.forEach(key => settingsCollection.update({ Key: key }, { $set: { Value: setting[key] } }));
} else {
throw new Meteor.Error(403, 'Not Enough Permissions');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
}
},
......@@ -25,7 +25,7 @@ Meteor.methods({
},
});
} else {
throw new Meteor.Error(403, 'Not Enough Permissions');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
}
},
});
server/methods/users.method.ts
import { Meteor } from 'meteor/meteor';
import { rolesCollection } from '../collections/role.collection';
import { PERMISSIONS } from '../config';
import { ERR, E_CODE, PERMISSIONS } from '../config';
import { UtilsService } from '../services/utils.service';
import { EmailService } from '../services/email.service';
......@@ -8,6 +8,7 @@ Meteor.methods({
registerUser(user: any): string {
const defaultRole = rolesCollection.findOne({ title: user.role });
if (!Accounts.findUserByEmail(user.email)) {
const userObj = {
email: user.email,
......@@ -24,7 +25,7 @@ Meteor.methods({
return userId;
}
throw new Meteor.Error(422, 'Email address already in use.');
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.EMAIL_EXISTS);
},
verifyEmailAddress(user: any): any {
......@@ -34,47 +35,61 @@ Meteor.methods({
return true;
}
throw new Meteor.Error(422, 'Email address already in use.');
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.EMAIL_EXISTS);
},
updateUser(user: any): any {
if (!UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)) {
throw new Meteor.Error(403, 'Forbidden.');
if (!user._id) {
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.ID_MISSING);
}
if (user._id) {
if (UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_ALL_USERS) ||
(
UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)
&& user._id === Meteor.user()._id
)) {
const updateObj = { $set: { profile: user.profile } };
return Meteor.users.update(user._id, updateObj);
}
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
},
addEmailAddress(user: any): any {
if (!UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)) {
throw new Meteor.Error(403, 'Forbidden.');
if (!user._id || !user.email) {
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.DATA_MISSING);
}
if (Accounts.findUserByEmail(user.email)) {
throw new Meteor.Error(422, 'Email address already in use.');
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.EMAIL_EXISTS);
}
if (user._id && user.email) {
if (UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_ALL_USERS) ||
(
UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)
&& user._id === Meteor.user()._id
)) {
Accounts.addEmail(user._id, user.email);
return true;
}
throw new Meteor.Error(500, 'Email Address is missing.');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
},
removeEmailAddress(user: any): any {
if (!UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)) {
throw new Meteor.Error(403, 'Forbidden.');
if (!user._id || !user.email) {
throw new Meteor.Error(E_CODE.UNPROCESSABLE_ENTITY, ERR.DATA_MISSING);
}
if (user._id && user.email) {
if (UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_ALL_USERS) ||
(
UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)
&& user._id === Meteor.user()._id
)) {
Accounts.removeEmail(user._id, user.email);
return true;
}
throw new Meteor.Error(500, 'Email Address is missing.');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
},
checkUserByEmail(email: string): any {
......
server/migrations.ts
import { settingsCollection } from './collections/setting.collections';
import { PERMISSIONS, ROLE_RANK } from './config';
import { PERMISSIONS } from './config';
import { rolesCollection } from './collections/role.collection';
import { Meteor } from 'meteor/meteor';
......@@ -15,19 +15,17 @@ Migrations.add({
title: 'Admin',
permissions: allPermissions,
description: '',
Slug: ROLE_RANK.ADMIN,
});
rolesCollection.insert({
title: 'User',
permissions: [PERMISSIONS.CAN_LOGIN, PERMISSIONS.CAN_UPDATE_OWN_USER],
permissions: [PERMISSIONS.CAN_LOGIN, PERMISSIONS.CAN_UPDATE_OWN_USER,
PERMISSIONS.CAN_ACCESS_DASHBOARD_PAGE],
description: '',
Slug: ROLE_RANK.USER,
});
rolesCollection.insert({
title: 'Blocked',
permissions: [],
description: '',
Slug: ROLE_RANK.BLOCKED,
});
} else {
rolesCollection.update({ title: 'Admin' }, { $set: { permissions: allPermissions } });
......
server/models/role.model.ts
import { ROLE_RANK } from '../config';
export interface RoleModel {
_id?: string;
title: string;
permissions: string[];
Slug: ROLE_RANK;
description: string;
}
server/publications/settings.publication.ts
import { settingsCollection } from '../collections/setting.collections';
import { UtilsService } from '../services/utils.service';
import { PERMISSIONS } from '../config';
import { E_CODE, ERR, PERMISSIONS } from '../config';
import { Meteor } from 'meteor/meteor';
Meteor.publish('settings', () => {
Meteor.publish('settings', (filter: any = {}) => {
if (UtilsService.hasPermission(PERMISSIONS.CAN_ACCESS_SETTINGS)) {
return settingsCollection.find({});
if (filter.IsEmail && !UtilsService.hasPermission(PERMISSIONS.CAN_ACCESS_EMAIL_TEMPLATES)) {
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
}
return settingsCollection.find(filter);
}
throw new Meteor.Error(403, 'Not Enough Permissions');
});
Meteor.publish('email-templates', () => {
if (UtilsService.hasPermission(PERMISSIONS.CAN_ACCESS_EMAIL_TEMPLATES)) {
return settingsCollection.find({ IsEmail: true });
}
throw new Meteor.Error(403, 'Not Enough Permissions');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
});
server/publications/users.publication.ts
......@@ -2,7 +2,7 @@ import { Meteor } from 'meteor/meteor';
// tslint:disable-next-line:ban-ts-ignore
// @ts-ignore
import { publishComposite } from 'meteor/reywood:publish-composite';
import { PERMISSIONS } from '../config';
import { E_CODE, ERR, PERMISSIONS } from '../config';
import { QueryModel } from '../models/query.model';
import { UtilsService } from '../services/utils.service';
import { rolesCollection } from '../collections/role.collection';
......@@ -12,7 +12,7 @@ publishComposite('usersList', (filters = {}) => {
const queryFilters = { ...new QueryModel(), ...filters };
if (!UtilsService.hasPermission([PERMISSIONS.CAN_SEE_ALL_USERS])) {
throw new Meteor.Error(403, 'Not enough permissions to get all users');
throw new Meteor.Error(E_CODE.FORBIDDEN, ERR.FORBIDDEN);
}
return {
......
server/services/email.service.ts
......@@ -5,48 +5,74 @@ import { rolesCollection } from '../collections/role.collection';
export class EmailService {
static sendVerificationEmail(user: any, userId: string, email = false): void {
Accounts.emailTemplates.siteName = CONFIG.SiteName;
const mail = email ? email : user.emails[0].address;
const defaultRole = rolesCollection.findOne(user.profile.role);
// Will uncomment it later with domain email
// Accounts.emailTemplates.from = CONFIG.DomainEmail;
Accounts.emailTemplates.verifyEmail = {
subject() {
const content: any = settingsCollection.findOne({ Key: 'REGISTER' });
return content ? content.Value.SUBJECT.replace('$platform', CONFIG.SiteName) : 'Welcome';
if (content) {
return EmailService.formattedContent(
content.Value.SUBJECT, user.profile.name, defaultRole.title, mail);
}
return 'Welcome';
},
html(usr, url) {
const token = url.substr(url.lastIndexOf('/') + 1);
const link = `${process.env.appUrl}#/auth/verify-email/${token}`;
const content: any = settingsCollection.findOne({ Key: 'REGISTER' });
return content.Value.CONTENT.replace(/\$name/g, user.profile.name)
.replace(/\$role/g, defaultRole.title)
.replace(/\$link/g, link);
return EmailService.formattedContent(
content.Value.CONTENT, user.profile.name, defaultRole.title, mail, link);
},
};
const mail = email ? email : user.emails[0].address;
Accounts.sendVerificationEmail(userId, mail);
}
static sendForgotPasswordEmail(user: Meteor.User, email: string): void {
Accounts.emailTemplates.siteName = CONFIG.SiteName;
const mail = email ? email : user.emails[0].address;
const defaultRole = rolesCollection.findOne(user.profile.role);
// Will uncomment it later with domain email
// Accounts.emailTemplates.from = CONFIG.DomainEmail;
Accounts.emailTemplates.resetPassword = {
subject() {
const content: any = settingsCollection.findOne({ Key: 'RESET' });
return content ? content.Value.SUBJECT.replace('$platform', CONFIG.SiteName) : 'Welcome';
if (content) {
return EmailService.formattedContent(
content.Value.SUBJECT, user.profile.name, defaultRole.title, mail);
}
return 'Reset Password';
},
html(usr, url) {
const token = url.substr(url.lastIndexOf('/') + 1);
const link = `${process.env.appUrl}#/auth/reset-password/${token}`;
const content: any = settingsCollection.findOne({ Key: 'RESET' });
return content.Value.CONTENT.replace(/\$name/g, user.profile.name)
.replace(/\$link/g, link);
return EmailService.formattedContent(
content.Value.CONTENT, user.profile.name, defaultRole.title, mail, link);
},
};
Accounts.sendResetPasswordEmail(user._id, email);
}
static formattedContent(content: string, name: string, role: string, email, link = null): string {
const str = content.replace(/\$name/g, name)
.replace(/\$role/g, role)
.replace(/\$platform/g, CONFIG.SiteName)
.replace(/\$email/g, email);
return link ? str.replace(/\$link/g, link) : str;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment