Skip to content

A
api
Commit f6b48406 by GD-A-150752
Options

merge-changes

parent 17b4fd9a
Showing with 6 additions and 56 deletions
server/main.ts
import { Meteor } from 'meteor/meteor'; import { Meteor } from 'meteor/meteor';
import { seedDB } from './app.seeding'; import { seedDB } from './app.seeding';
import { PERMISSIONS } from './config'; import { PERMISSIONS } from './config';
import { User } from './models/user';
import { UtilsService } from './services/utils.service'; import { UtilsService } from './services/utils.service';
Meteor.startup(() => { Meteor.startup(() => {
...@@ -13,7 +12,7 @@ Meteor.startup(() => { ...@@ -13,7 +12,7 @@ Meteor.startup(() => {
// Validate Login Attempt // Validate Login Attempt
Accounts.validateLoginAttempt((data): boolean => { Accounts.validateLoginAttempt((data): boolean => {
const user: User = data.user; const user: Meteor.User = data.user;
return user && user.profile.Role return user && user.profile.Role
&& UtilsService.hasPermissionOfUser(user, PERMISSIONS.CAN_LOGIN); && UtilsService.hasPermissionOfUser(user, PERMISSIONS.CAN_LOGIN);
......
server/methods/users.ts
import { Meteor } from 'meteor/meteor'; import { Meteor } from 'meteor/meteor';
import { Roles } from '../collections/role'; import { Roles } from '../collections/role';
import { PERMISSIONS } from '../config'; import { PERMISSIONS } from '../config';
import { User } from '../models/user';
import { UtilsService } from '../services/utils.service'; import { UtilsService } from '../services/utils.service';
import { Query } from '../models/query'; import { Query } from '../models/query';
...@@ -25,11 +24,7 @@ Meteor.methods({ ...@@ -25,11 +24,7 @@ Meteor.methods({
username: user.username, username: user.username,
profile: { profile: {
Name: user.name, Name: user.name,
Email: user.email,
Password: user.password,
Role: myRole._id, Role: myRole._id,
Status: user.status,
RoleObj: myRole,
}, },
}; };
return Accounts.createUser(userObj); return Accounts.createUser(userObj);
...@@ -37,7 +32,7 @@ Meteor.methods({ ...@@ -37,7 +32,7 @@ Meteor.methods({
throw new Meteor.Error(422, 'Email address already in use.'); throw new Meteor.Error(422, 'Email address already in use.');
}, },
updateUser(user: User): any { updateUser(user: any): any {
if (!UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)) { if (!UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_OWN_USER)) {
throw new Meteor.Error(403, 'Forbidden.'); throw new Meteor.Error(403, 'Forbidden.');
} }
...@@ -50,30 +45,9 @@ Meteor.methods({ ...@@ -50,30 +45,9 @@ Meteor.methods({
return Meteor.users.update(user._id, updateObj); return Meteor.users.update(user._id, updateObj);
} }
}, },
disableUser(user: User): any {
if (UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_USER)) {
const disableRole = Roles.findOne({ Title: 'Blocked' });
const usr = Meteor.users.findOne(user._id);
usr.profile.Role = disableRole._id;
return Meteor.users.update(user._id, usr); checkUserByEmail(email: string): any {
}
throw new Meteor.Error(403, 'Not enough permissions');
},
checkUserByEmail(email: string): User {
return Accounts.findUserByEmail(email); return Accounts.findUserByEmail(email);
}, },
async enableUser(user: User): Promise<any> {
if (UtilsService.hasPermission(PERMISSIONS.CAN_UPDATE_USER)) {
// const role = Roles.findOne({ Slug: user.profile.OriginalRole });
const usr = Meteor.users.findOne(user._id);
// usr.profile.Role = role._id;
return Meteor.users.update(user._id, usr);
}
throw new Meteor.Error(403, 'Not enough permissions');
},
}); });
server/models/user.ts deleted 100644 → 0
import { Role } from './role';
export interface User {
_id?: string;
emails?: Meteor.UserEmail[];
email?: string;
password?: string;
username?: string;
profile?: UserProfile;
OldPassword?: string;
NewPassword?: string;
ConfirmNewPassword?: string;
}
export interface UserProfile {
Name?: string;
Email: string;
Password: string;
Role: string;
RoleObj?: Role;
Status?: 'ACTIVE' | 'DISABLED';
}
server/services/utils.service.ts
...@@ -3,19 +3,18 @@ import AWS = require('aws-sdk'); ...@@ -3,19 +3,18 @@ import AWS = require('aws-sdk');
import { Meteor } from 'meteor/meteor'; import { Meteor } from 'meteor/meteor';
import { Observable, Subject } from 'rxjs'; import { Observable, Subject } from 'rxjs';
import { Roles } from '../collections/role'; import { Roles } from '../collections/role';
import { User } from '../models/user';
export class UtilsService { export class UtilsService {
static getLoggedInUserPermissions(): string[] { static getLoggedInUserPermissions(): string[] {
const usr: User = Meteor.user(); const usr: Meteor.User = Meteor.user();
const role = Roles.findOne(usr.profile.Role); const role = Roles.findOne(usr.profile.Role);
return role.Permissions; return role.Permissions;
} }
static hasPermission(permissions: string | string[]): boolean { static hasPermission(permissions: string | string[]): boolean {
const usr: User = Meteor.user(); const usr: Meteor.User = Meteor.user();
if (usr) { if (usr) {
const role = Roles.findOne(usr.profile.Role); const role = Roles.findOne(usr.profile.Role);
...@@ -29,7 +28,7 @@ export class UtilsService { ...@@ -29,7 +28,7 @@ export class UtilsService {
return false; return false;
} }
static hasPermissionOfUser(user: User, permission: string): boolean { static hasPermissionOfUser(user: Meteor.User, permission: string): boolean {
const role = Roles.findOne(user.profile.Role); const role = Roles.findOne(user.profile.Role);
return role.Permissions.indexOf(permission) !== -1; return role.Permissions.indexOf(permission) !== -1;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment