copied alanning:roles package to rocketchat:authorization

.meteor/versions

@@ -6,7 +6,6 @@ accounts-meteor-developer@1.0.6
 accounts-oauth@1.1.8
 accounts-password@1.1.4
 accounts-twitter@1.0.6
-alanning:roles@1.2.14
 aldeed:simple-schema@1.5.3
 arunoda:streams@0.1.17
 autoupdate@1.2.4

packages/rocketchat-authorization/client/roles.js

+"use strict"
+
+
+////////////////////////////////////////////////////////////
+// Debugging helpers
+//
+// Run this in your browser console to turn on debugging
+// for this package:
+//
+//   localstorage.setItem('Roles.debug', true)
+//
+
+Roles.debug = false
+
+if (localStorage) {
+  var temp = localStorage.getItem("Roles.debug")
+
+  if ('undefined' !== typeof temp) {
+    Roles.debug = !!temp
+  }
+}
+
+/**
+ * Convenience functions for use on client.
+ *
+ * NOTE: You must restrict user actions on the server-side; any
+ * client-side checks are strictly for convenience and must not be
+ * trusted.
+ *
+ * @module UIHelpers
+ */
+
+
+////////////////////////////////////////////////////////////
+// UI helpers
+//
+// Use a semi-private variable rather than declaring UI
+// helpers directly so that we can unit test the helpers.
+// XXX For some reason, the UI helpers are not registered
+// before the tests run.
+//
+Roles._uiHelpers = {
+
+  /**
+   * UI helper to check if current user is in at least one
+   * of the target roles.  For use in client-side templates.
+   *
+   * @example
+   *     {{#if isInRole 'admin'}}
+   *     {{/if}}
+   *
+   *     {{#if isInRole 'editor,user'}}
+   *     {{/if}}
+   *
+   *     {{#if isInRole 'editor,user' 'group1'}}
+   *     {{/if}}
+   *
+   * @method isInRole
+   * @param {String} role Name of role or comma-seperated list of roles
+   * @param {String} [group] Optional, name of group to check
+   * @return {Boolean} true if current user is in at least one of the target roles
+   * @static
+   * @for UIHelpers
+   */
+  isInRole: function (role, group) {
+    var user = Meteor.user(),
+        comma = (role || '').indexOf(','),
+        roles
+
+    if (!user) return false
+    if (!Match.test(role, String)) return false
+
+    if (comma !== -1) {
+      roles = _.reduce(role.split(','), function (memo, r) {
+        if (!r || !r.trim()) {
+          return memo
+        }
+        memo.push(r.trim())
+        return memo
+      }, [])
+    } else {
+      roles = [role]
+    }
+
+    if (Match.test(group, String)) {
+      return Roles.userIsInRole(user, roles, group)
+    }
+
+    return Roles.userIsInRole(user, roles)
+  }
+}
+
+
+
+////////////////////////////////////////////////////////////
+// Register UI helpers
+//
+
+if (Roles.debug && console.log) {
+  console.log("[roles] Roles.debug =", Roles.debug)
+}
+
+if ('undefined' !== typeof Package.blaze &&
+    'undefined' !== typeof Package.blaze.Blaze &&
+    'function'  === typeof Package.blaze.Blaze.registerHelper) {
+  _.each(Roles._uiHelpers, function (func, name) {
+    if (Roles.debug && console.log) {
+      console.log("[roles] registering Blaze helper '" + name + "'")
+    }
+    Package.blaze.Blaze.registerHelper(name, func)
+  })
+}
+
+/**
+ * Subscription handle for the currently logged in user's permissions.
+ *
+ * NOTE: The corresponding publish function, `_roles`, depends on
+ * `this.userId` so it will automatically re-run when the currently
+ * logged-in user changes.
+ *
+ * @example
+ *
+ *     `Roles.subscription.ready()` // => `true` if user roles have been loaded
+ *
+ * @property subscription
+ * @type Object
+ * @for Roles
+ */
+
+Tracker.autorun(function () {
+  Roles.subscription = Meteor.subscribe("_roles")
+})

packages/rocketchat-authorization/package.js

@@ -11,16 +11,21 @@ Package.onUse(function(api) {
   api.use([
     'coffeescript',
     'underscore',
-    'rocketchat:lib@0.0.1',
-    'alanning:roles@1.2.12'
+    'rocketchat:lib'
     ]);
 
   api.use('mongo', 'client');
   api.use('kadira:flow-router', 'client');
   api.use('less@2.5.1', 'client');
+  api.use('tracker', 'client');
 
   api.use('templating', 'client');
 
+  // roles
+  api.addFiles('server/roles.js', ['server']);
+  api.addFiles('lib/roles.js', ['client', 'server']);
+  api.addFiles('client/roles.js', ['client']);
+
   api.addFiles('lib/rocketchat.coffee', ['server','client']);
   api.addFiles('client/collection.coffee', ['client']);
   api.addFiles('client/startup.coffee', ['client']);
@@ -73,4 +78,6 @@ Package.onUse(function(api) {
   }));
   api.use('tap:i18n');
   api.addFiles(tapi18nFiles);
+
+  api.export('Roles');
 });

packages/rocketchat-authorization/server/roles.js

+"use strict"
+
+
+/**
+ * Roles collection documents consist only of an id and a role name.
+ *   ex: { _id: "123", name: "admin" }
+ */
+if (!Meteor.roles) {
+  Meteor.roles = new Meteor.Collection("roles")
+
+  // Create default indexes for roles collection
+  Meteor.roles._ensureIndex('name', {unique: 1})
+}
+
+
+/**
+ * Publish logged-in user's roles so client-side checks can work.
+ *
+ * Use a named publish function so clients can check `ready()` state.
+ */
+Meteor.publish('_roles', function () {
+  var loggedInUserId = this.userId,
+      fields = {roles: 1}
+
+  if (!loggedInUserId) {
+    this.ready()
+    return
+  }
+
+  return Meteor.users.find({_id: loggedInUserId},
+                           {fields: fields})
+})

packages/rocketchat-integrations/package.js

@@ -12,8 +12,8 @@ Package.onUse(function(api) {
   api.use('coffeescript');
   api.use('underscore');
   api.use('simple:highlight.js');
-  api.use('rocketchat:lib@0.0.1');
-  api.use('alanning:roles@1.2.12');
+  api.use('rocketchat:lib');
+  api.use('rocketchat:authorization');
 
   api.use('kadira:flow-router', 'client');
   api.use('templating', 'client');

packages/rocketchat-livechat/package.js

@@ -20,8 +20,8 @@ Package.onUse(function(api) {
 
 	api.use(['webapp', 'autoupdate'], 'server');
 	api.use('ecmascript');
-	api.use('alanning:roles@1.2.12');
 	api.use('rocketchat:lib');
+	api.use('rocketchat:authorization');
 	api.use('kadira:flow-router', 'client');
 	api.use('templating', 'client');
 	api.use('mongo');