mirror of
https://github.com/vale981/Vulcan
synced 2025-03-06 18:11:40 -05:00
191 lines
No EOL
5.2 KiB
JavaScript
191 lines
No EOL
5.2 KiB
JavaScript
Meteor.publish('users', function() {
|
|
if (this.userId() && isAdminById(this.userId())) {
|
|
return Meteor.users.find();
|
|
}else{
|
|
return Meteor.users.find({}, {fields: {
|
|
secret_id: false,
|
|
isAdmin: false,
|
|
emails: false,
|
|
email_hash: false,
|
|
notifications: false,
|
|
'profile.email': false,
|
|
'services.twitter.accessToken': false,
|
|
'services.twitter.accessTokenSecret': false,
|
|
'services.twitter.id': false,
|
|
'services.password': false
|
|
}});
|
|
}
|
|
});
|
|
|
|
Meteor.startup(function(){
|
|
Meteor.users.allow({
|
|
insert: function(userId, doc){
|
|
//TODO
|
|
return true;
|
|
}
|
|
, update: function(userId, docs, fields, modifier){
|
|
// console.log("updating");
|
|
// console.log(userId);
|
|
// console.log(docs);
|
|
// console.log('fields: '+fields);
|
|
// console.log(modifier); //uncommenting this crashes everything
|
|
if(isAdminById(userId) || (docs[0]._id && docs[0]._id==userId)){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
, remove: function(userId, docs){
|
|
if(isAdminById(userId) || (docs[0]._id && docs[0]._id==userId)){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
});
|
|
});
|
|
|
|
// Posts
|
|
|
|
Posts = new Meteor.Collection('posts');
|
|
// Meteor.publish('posts', function() {
|
|
// return Posts.find({}, {sort: {score: -1}});
|
|
// });
|
|
|
|
Meteor.publish('posts', function(postsView) {
|
|
var collection=Posts.find(postsView.find, {sort: postsView.sort, skip: postsView.skip, limit: postsView.limit});
|
|
|
|
// console.log("publishing…");
|
|
// console.log(postsView.find, postsView.sort, postsView.skip, postsView.limit);
|
|
// collectionArray=collection.fetch();
|
|
// console.log('collection.count() '+collection.count());
|
|
// console.log('collection.fetch().length '+collectionArray.length);
|
|
// for(i=0;i<collectionArray.length;i++){
|
|
// console.log('- '+collectionArray[i].headline);
|
|
// }
|
|
// console.log('\n');
|
|
|
|
return collection;
|
|
});
|
|
|
|
// FIXME -- check all docs, not just the first one.
|
|
Meteor.startup(function(){
|
|
Posts.allow({
|
|
insert: function(userId, doc){
|
|
if(userId){
|
|
doc.userId = userId;
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
, update: function(userId, docs, fields, modifier){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
}
|
|
throw new Meteor.Error(403, 'You do not have permission to edit this post');
|
|
return false;
|
|
}
|
|
, remove: function(userId, docs){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
}
|
|
throw new Meteor.Error(403, 'You do not have permission to delete this post');
|
|
return false; }
|
|
});
|
|
});
|
|
|
|
// Comments
|
|
|
|
Comments = new Meteor.Collection('comments');
|
|
|
|
Meteor.publish('comments', function(postId) {
|
|
return Comments.find({post: postId});
|
|
});
|
|
|
|
Meteor.startup(function(){
|
|
Comments.allow({
|
|
insert: function(userId, doc){
|
|
if(userId){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
, update: function(userId, docs, fields, modifier){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
}
|
|
throw new Meteor.Error(403, 'You do not have permission to edit this comment');
|
|
return false;
|
|
}
|
|
, remove: function(userId, docs){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
throw new Meteor.Error(403, 'You do not have permission to delete this comment');
|
|
}
|
|
return false;
|
|
}
|
|
});
|
|
});
|
|
|
|
// Settings
|
|
|
|
Settings = new Meteor.Collection('settings');
|
|
|
|
Meteor.publish('settings', function() {
|
|
return Settings.find();
|
|
});
|
|
|
|
Meteor.startup(function(){
|
|
Settings.allow({
|
|
insert: function(userId, docs){ return isAdminById(userId); }
|
|
, update: function(userId, docs, fields, modifier){ return isAdminById(userId); }
|
|
, remove: function(userId, docs){ return isAdminById(userId); }
|
|
});
|
|
});
|
|
|
|
|
|
// Notifications
|
|
|
|
Notifications = new Meteor.Collection('notifications');
|
|
|
|
Meteor.publish('notifications', function() {
|
|
// only publish notifications belonging to the current user
|
|
return Notifications.find({userId:this.userId()});
|
|
});
|
|
|
|
Meteor.startup(function(){
|
|
Notifications.allow({
|
|
insert: function(userId, doc){
|
|
if(userId){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
, update: function(userId, docs, fields, modifier){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
, remove: function(userId, docs){
|
|
if(isAdminById(userId) || (docs[0].user_id && docs[0].user_id==userId)){
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
});
|
|
});
|
|
|
|
// Categories
|
|
|
|
Categories = new Meteor.Collection('categories');
|
|
|
|
Meteor.publish('categories', function() {
|
|
return Categories.find();
|
|
});
|
|
|
|
Meteor.startup(function(){
|
|
Categories.allow({
|
|
insert: function(userId, docs){ return isAdminById(userId); }
|
|
, update: function(userId, docs, fields, modifier){ return isAdminById(userId); }
|
|
, remove: function(userId, docs){ return isAdminById(userId); }
|
|
});
|
|
}); |