Vulcan/packages/nova-users/lib/methods.js

import Users from './collection.js';

var completeUserProfile = function (userId, modifier, user) {

  Users.update(userId, modifier);

  Telescope.callbacks.runAsync("profileCompletedAsync", Users.findOne(userId));

  return Users.findOne(userId);

};

Users.methods = {};

/**
 * @summary Edit a user in the database
 * @param {string} userId – the ID of the user being edited
 * @param {Object} modifier – the modifier object
 * @param {Object} user - the current user object
 */
Users.methods.edit = (userId, modifier, user) => {
  
  if (typeof user === "undefined") {
    user = Users.findOne(userId);
  }

  // ------------------------------ Callbacks ------------------------------ //

  modifier = Telescope.callbacks.run("UsersEdit", modifier, user);

  // ------------------------------ Update ------------------------------ //

  Users.update(userId, modifier);

  // ------------------------------ Callbacks ------------------------------ //

  Telescope.callbacks.runAsync("UsersEditAsync", Users.findOne(userId), user);

  // ------------------------------ After Update ------------------------------ //
  return Users.findOne(userId);
  
}

Users.methods.setSetting = (userId, settingName, value) => {
  // all settings should be in the user.telescope namespace, so add "telescope." if needed
  var field = settingName.slice(0,10) === "telescope." ? settingName : "telescope." + settingName;

  var modifier = {$set: {}};
  modifier.$set[field] = value;

  Users.update(userId, modifier);
}

Users.methods.addGroup = (userId, groupName) => {
  Users.update(userId, {$push: {"telescope.groups": groupName}});
};

Users.methods.removeGroup = (userId, groupName) => {
  Users.update(userId, {$pull: {"telescope.groups": groupName}});
};

Meteor.methods({
  'users.compleProfile'(modifier, userId) {
    
    check(modifier, Match.OneOf({$set: Object}, {$unset: Object}, {$set: Object, $unset: Object}));
    check(userId, String);

    var currentUser = Meteor.user(),
        user = Users.findOne(userId),
        schema = Users.simpleSchema()._schema;

    // ------------------------------ Checks ------------------------------ //

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
    }

    // if an $unset modifier is present, it means one or more of the fields is missing
    if (modifier.$unset) {
      throw new Meteor.Error(601, 'all_fields_are_required');
    }

    // check for existing emails and throw error if necessary
    // NOTE: redundant with collection hook, but better to throw the error here to avoid wiping out the form
    if (modifier.$set && modifier.$set["telescope.email"]) {
      var email = modifier.$set["telescope.email"];
      if (Users.findByEmail(email)) {
        throw new Meteor.Error("email_taken1", "this_email_is_already_taken" + " (" + email + ")");
      }

    }

    // go over each field and throw an error if it's not editable
    // loop over each operation ($set, $unset, etc.)
    _.each(modifier, function (operation) {
      // loop over each property being operated on
      _.keys(operation).forEach(function (fieldName) {
        var field = schema[fieldName];
        if (!Users.can.editField(user, field, user)) {
          throw new Meteor.Error("disallowed_property", 'disallowed_property_detected' + ": " + fieldName);
        }

      });
    });

    completeUserProfile(userId, modifier, user);
  },

  'users.edit'(userId, modifier) {

    // checking might be redundant because SimpleSchema already enforces the schema, but you never know
    check(modifier, Match.OneOf({$set: Users.simpleSchema()}, {$unset: Object}, {$set: Users.simpleSchema(), $unset: Object}));
    check(userId, String);

    var currentUser = Meteor.user(),
        user = Users.findOne(userId),
        schema = Users.simpleSchema()._schema;

    // ------------------------------ Checks ------------------------------ //

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
    }

    // go over each field and throw an error if it's not editable
    // loop over each operation ($set, $unset, etc.)
    _.each(modifier, function (operation) {
      // loop over each property being operated on
      _.keys(operation).forEach(function (fieldName) {

        var field = schema[fieldName];
        if (!Users.can.editField(currentUser, field, user)) {
          throw new Meteor.Error("disallowed_property", 'disallowed_property_detected' + ": " + fieldName);
        }

      });
    });

    return Users.methods.edit(userId, modifier, user);

  },

  'users.remove'(userId, options) {

    if (Users.is.adminById(this.userId)) {

      const user = Users.findOne(userId);

      Meteor.users.remove(userId);

      Telescope.callbacks.runAsync("users.remove.async", user, options);
    
    }

  },

  'users.setSetting'(userId, settingName, value) {

    check(userId, String);
    check(settingName, String);
    check(value, Match.OneOf(String, Number, Boolean));

    var currentUser = Meteor.user(),
      user = Users.findOne(userId);

    // check that user can edit document
    if (!user || !Users.can.edit(currentUser, user)) {
      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
    }

    Users.methods.setSetting(userId, settingName, value);

  }

});
-												removing Users global

											
										
										
											2016-06-23 15:00:58 +09:00
+								import Users from './collection.js';
-												add imports

											
										
										
											2016-06-15 11:07:10 +09:00
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								var completeUserProfile = function (userId, modifier, user) {
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
-												make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts

											
										
										
											2015-05-19 12:34:27 +09:00
+								  Users.update(userId, modifier);
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
-												make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts

											
										
										
											2015-05-19 12:34:27 +09:00
+								  Telescope.callbacks.runAsync("profileCompletedAsync", Users.findOne(userId));
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
-												make profileCompletedAsync callback work; make invites work even with Twitter or Facebook accounts

											
										
										
											2015-05-19 12:34:27 +09:00
+								  return Users.findOne(userId);
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
 								};
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								Users.methods = {};
-												removing Posts global

											
										
										
											2016-06-23 11:40:35 +09:00
+								/**
 								 * @summary Edit a user in the database
 								 * @param {string} userId – the ID of the user being edited
 								 * @param {Object} modifier – the modifier object
 								 * @param {Object} user - the current user object
 								 */
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								Users.methods.edit = (userId, modifier, user) => {
 								  if (typeof user === "undefined") {
-												removing Posts global

											
										
										
											2016-06-23 11:40:35 +09:00
+								    user = Users.findOne(userId);
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								  }
 								  // ------------------------------ Callbacks ------------------------------ //
-												making component names and class names more consistent.

- Posts, Comments, Users, etc. are always pluralized.
- CSS classes are based off component names (PostsTitle -> posts-title)

											
										
										
											2016-04-19 15:45:36 +09:00
+								  modifier = Telescope.callbacks.run("UsersEdit", modifier, user);
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
 								  // ------------------------------ Update ------------------------------ //
 								  Users.update(userId, modifier);
 								  // ------------------------------ Callbacks ------------------------------ //
-												making component names and class names more consistent.

- Posts, Comments, Users, etc. are always pluralized.
- CSS classes are based off component names (PostsTitle -> posts-title)

											
										
										
											2016-04-19 15:45:36 +09:00
+								  Telescope.callbacks.runAsync("UsersEditAsync", Users.findOne(userId), user);
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
 								  // ------------------------------ After Update ------------------------------ //
 								  return Users.findOne(userId);
 								}
-												move newsletter callback to server only; split users.setSetting method in method+mutator; always call mutator directly when on server

											
										
										
											2016-06-15 19:55:59 +09:00
+								Users.methods.setSetting = (userId, settingName, value) => {
 								  // all settings should be in the user.telescope namespace, so add "telescope." if needed
 								  var field = settingName.slice(0,10) === "telescope." ? settingName : "telescope." + settingName;
 								  var modifier = {$set: {}};
 								  modifier.$set[field] = value;
 								  Users.update(userId, modifier);
 								}
-												groups first pass

											
										
										
											2016-07-19 17:30:59 +09:00
+								Users.methods.addGroup = (userId, groupName) => {
 								  Users.update(userId, {$push: {"telescope.groups": groupName}});
 								};
 								Users.methods.removeGroup = (userId, groupName) => {
 								  Users.update(userId, {$pull: {"telescope.groups": groupName}});
 								};
-												clean up users package files

											
										
										
											2015-05-06 12:28:00 +09:00
+								Meteor.methods({
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								  'users.compleProfile'(modifier, userId) {
-												fix completeUserProfile check

											
										
										
											2015-07-15 10:11:29 +09:00
 								    check(modifier, Match.OneOf({$set: Object}, {$unset: Object}, {$set: Object, $unset: Object}));
-												more checks

											
										
										
											2015-07-10 11:40:11 +09:00
+								    check(userId, String);
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
+								    var currentUser = Meteor.user(),
 								        user = Users.findOne(userId),
 								        schema = Users.simpleSchema()._schema;
 								    // ------------------------------ Checks ------------------------------ //
 								    // check that user can edit document
 								    if (!user || !Users.can.edit(currentUser, user)) {
-												remove old i18n function call

											
										
										
											2016-07-04 10:42:50 +09:00
+								      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
-												clean up users package files

											
										
										
											2015-05-06 12:28:00 +09:00
+								    }
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
-												show error when user tries to complete their profile with a duplicate email

											
										
										
											2015-06-02 11:53:18 +09:00
+								    // if an $unset modifier is present, it means one or more of the fields is missing
 								    if (modifier.$unset) {
-												remove old i18n function call

											
										
										
											2016-07-04 10:42:50 +09:00
+								      throw new Meteor.Error(601, 'all_fields_are_required');
-												show error when user tries to complete their profile with a duplicate email

											
										
										
											2015-06-02 11:53:18 +09:00
+								    }
 								    // check for existing emails and throw error if necessary
 								    // NOTE: redundant with collection hook, but better to throw the error here to avoid wiping out the form
 								    if (modifier.$set && modifier.$set["telescope.email"]) {
 								      var email = modifier.$set["telescope.email"];
 								      if (Users.findByEmail(email)) {
-												remove old i18n function call

											
										
										
											2016-07-04 10:42:50 +09:00
+								        throw new Meteor.Error("email_taken1", "this_email_is_already_taken" + " (" + email + ")");
-												show error when user tries to complete their profile with a duplicate email

											
										
										
											2015-06-02 11:53:18 +09:00
+								      }
 								    }
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
+								    // go over each field and throw an error if it's not editable
 								    // loop over each operation ($set, $unset, etc.)
 								    _.each(modifier, function (operation) {
 								      // loop over each property being operated on
 								      _.keys(operation).forEach(function (fieldName) {
 								        var field = schema[fieldName];
 								        if (!Users.can.editField(user, field, user)) {
-												more i18n cleanup

											
										
										
											2016-07-07 10:38:18 +09:00
+								          throw new Meteor.Error("disallowed_property", 'disallowed_property_detected' + ": " + fieldName);
-												clean up users package files

											
										
										
											2015-05-06 12:28:00 +09:00
+								        }
-												i18ze users package; add profileCompletedAsync callback hook

											
										
										
											2015-05-06 16:41:15 +09:00
 								      });
 								    });
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								    completeUserProfile(userId, modifier, user);
 								  },
 								  'users.edit'(userId, modifier) {
 								    // checking might be redundant because SimpleSchema already enforces the schema, but you never know
 								    check(modifier, Match.OneOf({$set: Users.simpleSchema()}, {$unset: Object}, {$set: Users.simpleSchema(), $unset: Object}));
 								    check(userId, String);
 								    var currentUser = Meteor.user(),
 								        user = Users.findOne(userId),
 								        schema = Users.simpleSchema()._schema;
 								    // ------------------------------ Checks ------------------------------ //
 								    // check that user can edit document
 								    if (!user || !Users.can.edit(currentUser, user)) {
-												more i18n cleanup

											
										
										
											2016-07-07 10:38:18 +09:00
+								      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								    }
 								    // go over each field and throw an error if it's not editable
 								    // loop over each operation ($set, $unset, etc.)
 								    _.each(modifier, function (operation) {
 								      // loop over each property being operated on
 								      _.keys(operation).forEach(function (fieldName) {
 								        var field = schema[fieldName];
 								        if (!Users.can.editField(currentUser, field, user)) {
-												more i18n cleanup

											
										
										
											2016-07-07 10:38:18 +09:00
+								          throw new Meteor.Error("disallowed_property", 'disallowed_property_detected' + ": " + fieldName);
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								        }
 								      });
 								    });
 								    return Users.methods.edit(userId, modifier, user);
-												add removeUser method to also remove a user's post

											
										
										
											2015-09-21 09:59:17 +09:00
+								  },
-												removing Posts global

											
										
										
											2016-06-23 11:40:35 +09:00
+								  'users.remove'(userId, options) {
-												add removeUser method to also remove a user's post

											
										
										
											2015-09-21 09:59:17 +09:00
 								    if (Users.is.adminById(this.userId)) {
-												removing Posts global

											
										
										
											2016-06-23 11:40:35 +09:00
+								      const user = Users.findOne(userId);
-												add removeUser method to also remove a user's post

											
										
										
											2015-09-21 09:59:17 +09:00
 								      Meteor.users.remove(userId);
-												removing Posts global

											
										
										
											2016-06-23 11:40:35 +09:00
+								      Telescope.callbacks.runAsync("users.remove.async", user, options);
-												add removeUser method to also remove a user's post

											
										
										
											2015-09-21 09:59:17 +09:00
 								    }
-												add users.setSetting method; finish newsletter; add close button to messages

											
										
										
											2016-03-27 17:30:28 +09:00
+								  },
 								  'users.setSetting'(userId, settingName, value) {
 								    check(userId, String);
 								    check(settingName, String);
 								    check(value, Match.OneOf(String, Number, Boolean));
 								    var currentUser = Meteor.user(),
 								      user = Users.findOne(userId);
 								    // check that user can edit document
 								    if (!user || !Users.can.edit(currentUser, user)) {
-												remove old i18n function call

											
										
										
											2016-07-04 10:42:50 +09:00
+								      throw new Meteor.Error(601, 'sorry_you_cannot_edit_this_user');
-												add users.setSetting method; finish newsletter; add close button to messages

											
										
										
											2016-03-27 17:30:28 +09:00
+								    }
-												move newsletter callback to server only; split users.setSetting method in method+mutator; always call mutator directly when on server

											
										
										
											2016-06-15 19:55:59 +09:00
+								    Users.methods.setSetting(userId, settingName, value);
-												add users.setSetting method; finish newsletter; add close button to messages

											
										
										
											2016-03-27 17:30:28 +09:00
-												clean up users package files

											
										
										
											2015-05-06 12:28:00 +09:00
+								  }
-												add removeUser method to also remove a user's post

											
										
										
											2015-09-21 09:59:17 +09:00
-												clean up users package files

											
										
										
											2015-05-06 12:28:00 +09:00
+								});