Vulcan/packages/nova-users/lib/methods.js

var completeUserProfile = function (userId, modifier, user) {

  Users.update(userId, modifier);

  Telescope.callbacks.runAsync("profileCompletedAsync", Users.findOne(userId));

  return Users.findOne(userId);

};

Users.methods = {};

Users.methods.edit = (userId, modifier, user) => {
  
  if (typeof user === "undefined") {
    user = Posts.findOne(userId);
  }

  // ------------------------------ Callbacks ------------------------------ //

  modifier = Telescope.callbacks.run("UsersEdit", modifier, user);

  // ------------------------------ Update ------------------------------ //

  Users.update(userId, modifier);

  // ------------------------------ Callbacks ------------------------------ //

  Telescope.callbacks.runAsync("UsersEditAsync", Users.findOne(userId), user);

  // ------------------------------ After Update ------------------------------ //
  return Users.findOne(userId);
  
}

Meteor.methods({
  'users.compleProfile'(modifier, userId) {
    
    check(modifier, Match.OneOf({$set: Object}, {$unset: Object}, {$set: Object, $unset: Object}));
    check(userId, String);

    var currentUser = Meteor.user(),
        user = Users.findOne(userId),
        schema = Users.simpleSchema()._schema;

    // ------------------------------ Checks ------------------------------ //

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));
    }

    // if an $unset modifier is present, it means one or more of the fields is missing
    if (modifier.$unset) {
      throw new Meteor.Error(601, __('all_fields_are_required'));
    }

    // check for existing emails and throw error if necessary
    // NOTE: redundant with collection hook, but better to throw the error here to avoid wiping out the form
    if (modifier.$set && modifier.$set["telescope.email"]) {
      var email = modifier.$set["telescope.email"];
      if (Users.findByEmail(email)) {
        throw new Meteor.Error("email_taken1", __("this_email_is_already_taken") + " (" + email + ")");
      }

    }

    // go over each field and throw an error if it's not editable
    // loop over each operation ($set, $unset, etc.)
    _.each(modifier, function (operation) {
      // loop over each property being operated on
      _.keys(operation).forEach(function (fieldName) {
        var field = schema[fieldName];
        if (!Users.can.editField(user, field, user)) {
          throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);
        }

      });
    });

    completeUserProfile(userId, modifier, user);
  },

  'users.edit'(userId, modifier) {

    // checking might be redundant because SimpleSchema already enforces the schema, but you never know
    check(modifier, Match.OneOf({$set: Users.simpleSchema()}, {$unset: Object}, {$set: Users.simpleSchema(), $unset: Object}));
    check(userId, String);

    var currentUser = Meteor.user(),
        user = Users.findOne(userId),
        schema = Users.simpleSchema()._schema;

    // ------------------------------ Checks ------------------------------ //

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));
    }

    // go over each field and throw an error if it's not editable
    // loop over each operation ($set, $unset, etc.)
    _.each(modifier, function (operation) {
      // loop over each property being operated on
      _.keys(operation).forEach(function (fieldName) {

        var field = schema[fieldName];
        if (!Users.can.editField(currentUser, field, user)) {
          throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);
        }

      });
    });

    return Users.methods.edit(userId, modifier, user);

  },

  'users.remove'(userId, removePosts) {

    if (Users.is.adminById(this.userId)) {

      removePosts = (typeof removePosts === "undefined") ? false : removePosts;

      Meteor.users.remove(userId);

      if (removePosts) {
        var deletedPosts = Posts.remove({userId: userId});
        var deletedComments = Comments.remove({userId: userId});
        return "Deleted "+deletedPosts+" posts and "+deletedComments+" comments";
      } else {
        // not sure if anything should be done in that scenario yet
        // Posts.update({userId: userId}, {$set: {author: "\[deleted\]"}}, {multi: true});
        // Comments.update({userId: userId}, {$set: {author: "\[deleted\]"}}, {multi: true});
      }
    
    }

  },

  'users.setSetting'(userId, settingName, value) {

    check(userId, String);
    check(settingName, String);
    check(value, Match.OneOf(String, Number, Boolean));

    var currentUser = Meteor.user(),
      user = Users.findOne(userId);

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));
    }

    // all settings should be in the user.telescope namespace, so add "telescope." if needed
    var field = settingName.slice(0,10) === "telescope." ? settingName : "telescope." + settingName;

    var modifier = {$set: {}};
    modifier.$set[field] = value;

    Users.update(userId, modifier);

  }

});
user edit/account page 2016-02-23 11:34:40 +09:00			`var completeUserProfile = function (userId, modifier, user) {`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts 2015-05-19 12:34:27 +09:00			`Users.update(userId, modifier);`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts 2015-05-19 12:34:27 +09:00			`Telescope.callbacks.runAsync("profileCompletedAsync", Users.findOne(userId));`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts 2015-05-19 12:34:27 +09:00			`return Users.findOne(userId);`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
			`};`

user edit/account page 2016-02-23 11:34:40 +09:00			`Users.methods = {};`

			`Users.methods.edit = (userId, modifier, user) => {`

			`if (typeof user === "undefined") {`
			`user = Posts.findOne(userId);`
			`}`

			`// ------------------------------ Callbacks ------------------------------ //`

making component names and class names more consistent. - Posts, Comments, Users, etc. are always pluralized. - CSS classes are based off component names (PostsTitle -> posts-title) 2016-04-19 15:45:36 +09:00			`modifier = Telescope.callbacks.run("UsersEdit", modifier, user);`
user edit/account page 2016-02-23 11:34:40 +09:00
			`// ------------------------------ Update ------------------------------ //`

			`Users.update(userId, modifier);`

			`// ------------------------------ Callbacks ------------------------------ //`

making component names and class names more consistent. - Posts, Comments, Users, etc. are always pluralized. - CSS classes are based off component names (PostsTitle -> posts-title) 2016-04-19 15:45:36 +09:00			`Telescope.callbacks.runAsync("UsersEditAsync", Users.findOne(userId), user);`
user edit/account page 2016-02-23 11:34:40 +09:00
			`// ------------------------------ After Update ------------------------------ //`
			`return Users.findOne(userId);`

			`}`

clean up users package files 2015-05-06 12:28:00 +09:00			`Meteor.methods({`
user edit/account page 2016-02-23 11:34:40 +09:00			`'users.compleProfile'(modifier, userId) {`
fix completeUserProfile check 2015-07-15 10:11:29 +09:00
			`check(modifier, Match.OneOf({$set: Object}, {$unset: Object}, {$set: Object, $unset: Object}));`
more checks 2015-07-10 11:40:11 +09:00			`check(userId, String);`

i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00			`var currentUser = Meteor.user(),`
			`user = Users.findOne(userId),`
			`schema = Users.simpleSchema()._schema;`

			`// ------------------------------ Checks ------------------------------ //`

			`// check that user can edit document`
			`if (!user \|\| !Users.can.edit(currentUser, user)) {`
create separate PostNewForm component; add error messages to post new and edit forms (for now); add errors to comment new and edit 2016-03-31 09:36:25 +09:00			`throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));`
clean up users package files 2015-05-06 12:28:00 +09:00			`}`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
show error when user tries to complete their profile with a duplicate email 2015-06-02 11:53:18 +09:00			`// if an $unset modifier is present, it means one or more of the fields is missing`
			`if (modifier.$unset) {`
create separate PostNewForm component; add error messages to post new and edit forms (for now); add errors to comment new and edit 2016-03-31 09:36:25 +09:00			`throw new Meteor.Error(601, __('all_fields_are_required'));`
show error when user tries to complete their profile with a duplicate email 2015-06-02 11:53:18 +09:00			`}`

			`// check for existing emails and throw error if necessary`
			`// NOTE: redundant with collection hook, but better to throw the error here to avoid wiping out the form`
			`if (modifier.$set && modifier.$set["telescope.email"]) {`
			`var email = modifier.$set["telescope.email"];`
			`if (Users.findByEmail(email)) {`
create separate PostNewForm component; add error messages to post new and edit forms (for now); add errors to comment new and edit 2016-03-31 09:36:25 +09:00			`throw new Meteor.Error("email_taken1", __("this_email_is_already_taken") + " (" + email + ")");`
show error when user tries to complete their profile with a duplicate email 2015-06-02 11:53:18 +09:00			`}`

			`}`

i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00			`// go over each field and throw an error if it's not editable`
			`// loop over each operation ($set, $unset, etc.)`
			`_.each(modifier, function (operation) {`
			`// loop over each property being operated on`
			`_.keys(operation).forEach(function (fieldName) {`
			`var field = schema[fieldName];`
			`if (!Users.can.editField(user, field, user)) {`
create separate PostNewForm component; add error messages to post new and edit forms (for now); add errors to comment new and edit 2016-03-31 09:36:25 +09:00			`throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);`
clean up users package files 2015-05-06 12:28:00 +09:00			`}`
i18ze users package; add profileCompletedAsync callback hook 2015-05-06 16:41:15 +09:00
			`});`
			`});`

user edit/account page 2016-02-23 11:34:40 +09:00			`completeUserProfile(userId, modifier, user);`
			`},`

			`'users.edit'(userId, modifier) {`

			`// checking might be redundant because SimpleSchema already enforces the schema, but you never know`
			`check(modifier, Match.OneOf({$set: Users.simpleSchema()}, {$unset: Object}, {$set: Users.simpleSchema(), $unset: Object}));`
			`check(userId, String);`

			`var currentUser = Meteor.user(),`
			`user = Users.findOne(userId),`
			`schema = Users.simpleSchema()._schema;`

			`// ------------------------------ Checks ------------------------------ //`

			`// check that user can edit document`
			`if (!user \|\| !Users.can.edit(currentUser, user)) {`
			`throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));`
			`}`

			`// go over each field and throw an error if it's not editable`
			`// loop over each operation ($set, $unset, etc.)`
			`_.each(modifier, function (operation) {`
			`// loop over each property being operated on`
			`_.keys(operation).forEach(function (fieldName) {`

			`var field = schema[fieldName];`
			`if (!Users.can.editField(currentUser, field, user)) {`
			`throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);`
			`}`

			`});`
			`});`

			`return Users.methods.edit(userId, modifier, user);`

add removeUser method to also remove a user's post 2015-09-21 09:59:17 +09:00			`},`

user edit/account page 2016-02-23 11:34:40 +09:00			`'users.remove'(userId, removePosts) {`
add removeUser method to also remove a user's post 2015-09-21 09:59:17 +09:00
			`if (Users.is.adminById(this.userId)) {`

			`removePosts = (typeof removePosts === "undefined") ? false : removePosts;`

			`Meteor.users.remove(userId);`

			`if (removePosts) {`
user deletion tweaks 2015-09-21 10:13:25 +09:00			`var deletedPosts = Posts.remove({userId: userId});`
			`var deletedComments = Comments.remove({userId: userId});`
			`return "Deleted "+deletedPosts+" posts and "+deletedComments+" comments";`
add removeUser method to also remove a user's post 2015-09-21 09:59:17 +09:00			`} else {`
			`// not sure if anything should be done in that scenario yet`
			`// Posts.update({userId: userId}, {$set: {author: "\[deleted\]"}}, {multi: true});`
			`// Comments.update({userId: userId}, {$set: {author: "\[deleted\]"}}, {multi: true});`
			`}`

			`}`

add users.setSetting method; finish newsletter; add close button to messages 2016-03-27 17:30:28 +09:00			`},`

			`'users.setSetting'(userId, settingName, value) {`

			`check(userId, String);`
			`check(settingName, String);`
			`check(value, Match.OneOf(String, Number, Boolean));`

			`var currentUser = Meteor.user(),`
			`user = Users.findOne(userId);`

			`// check that user can edit document`
			`if (!user \|\| !Users.can.edit(currentUser, user)) {`
			`throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_user'));`
			`}`

			`// all settings should be in the user.telescope namespace, so add "telescope." if needed`
			`var field = settingName.slice(0,10) === "telescope." ? settingName : "telescope." + settingName;`

			`var modifier = {$set: {}};`
			`modifier.$set[field] = value;`

			`Users.update(userId, modifier);`

clean up users package files 2015-05-06 12:28:00 +09:00			`}`
add removeUser method to also remove a user's post 2015-09-21 09:59:17 +09:00
clean up users package files 2015-05-06 12:28:00 +09:00			`});`