Create publication to populate roles field in model scopes

ef83ce39 · Marcelo Schmidt · 8f0cbd83 · ef83ce39 · ef83ce39 · ef83ce39
Commit ef83ce39 authored 9 years ago by Marcelo Schmidt
--- a/.meteor/versions
+++ b/.meteor/versions
@@ -85,7 +85,7 @@ mizzao:autocomplete@0.5.1
 mizzao:timesync@0.3.4
 mobile-experience@1.0.1
 mobile-status-bar@1.0.6
-momentjs:moment@2.10.6
+momentjs:moment@2.11.0
 monbro:mongodb-mapreduce-aggregation@1.0.1
 mongo@1.1.3
 mongo-id@1.0.1

--- a/packages/rocketchat-authorization/client/roles.js
+++ b/packages/rocketchat-authorization/client/roles.js
 "use strict"

-
-////////////////////////////////////////////////////////////
-// Debugging helpers
-//
-// Run this in your browser console to turn on debugging
-// for this package:
-//
-//   localstorage.setItem('Roles.debug', true)
-//
-
-Roles.debug = false
-
-if (localStorage) {
-  var temp = localStorage.getItem("Roles.debug")
-
-  if ('undefined' !== typeof temp) {
-    Roles.debug = !!temp
-  }
-}
-
-/**
- * Convenience functions for use on client.
- *
- * NOTE: You must restrict user actions on the server-side; any
- * client-side checks are strictly for convenience and must not be
- * trusted.
- *
- * @module UIHelpers
- */
-
-
-////////////////////////////////////////////////////////////
-// UI helpers
-//
-// Use a semi-private variable rather than declaring UI
-// helpers directly so that we can unit test the helpers.
-// XXX For some reason, the UI helpers are not registered
-// before the tests run.
-//
-Roles._uiHelpers = {
-
-  /**
-   * UI helper to check if current user is in at least one
-   * of the target roles.  For use in client-side templates.
-   *
-   * @example
-   *     {{#if isInRole 'admin'}}
-   *     {{/if}}
-   *
-   *     {{#if isInRole 'editor,user'}}
-   *     {{/if}}
-   *
-   *     {{#if isInRole 'editor,user' 'group1'}}
-   *     {{/if}}
-   *
-   * @method isInRole
-   * @param {String} role Name of role or comma-seperated list of roles
-   * @param {String} [group] Optional, name of group to check
-   * @return {Boolean} true if current user is in at least one of the target roles
-   * @static
-   * @for UIHelpers
-   */
-  isInRole: function (role, group) {
-    var user = Meteor.user(),
-        comma = (role || '').indexOf(','),
-        roles
-
-    if (!user) return false
-    if (!Match.test(role, String)) return false
-
-    if (comma !== -1) {
-      roles = _.reduce(role.split(','), function (memo, r) {
-        if (!r || !r.trim()) {
-          return memo
-        }
-        memo.push(r.trim())
-        return memo
-      }, [])
-    } else {
-      roles = [role]
-    }
-
-    if (Match.test(group, String)) {
-      return Roles.userIsInRole(user, roles, group)
-    }
-
-    return Roles.userIsInRole(user, roles)
-  }
-}
-
-
-
-////////////////////////////////////////////////////////////
-// Register UI helpers
-//
-
-if (Roles.debug && console.log) {
-  console.log("[roles] Roles.debug =", Roles.debug)
-}
-
-if ('undefined' !== typeof Package.blaze &&
-    'undefined' !== typeof Package.blaze.Blaze &&
-    'function'  === typeof Package.blaze.Blaze.registerHelper) {
-  _.each(Roles._uiHelpers, function (func, name) {
-    if (Roles.debug && console.log) {
-      console.log("[roles] registering Blaze helper '" + name + "'")
-    }
-    Package.blaze.Blaze.registerHelper(name, func)
-  })
-}
-
 /**
 * Subscription handle for the currently logged in user's permissions.
 *
@@ -128,5 +17,6 @@ if ('undefined' !== typeof Package.blaze &&
 */

 Tracker.autorun(function () {
-  Roles.subscription = Meteor.subscribe("_roles")
+	// Subscribe to global user roles
+	Meteor.subscribe("scope-roles", "Users")
 })
--- a/packages/rocketchat-authorization/lib/roles.js
+++ b/packages/rocketchat-authorization/lib/roles.js
--- a/packages/rocketchat-authorization/package.js
+++ b/packages/rocketchat-authorization/package.js
@@ -14,7 +14,7 @@ Package.onUse(function(api) {
    'rocketchat:lib'
    ]);

-  api.use('mongo', 'client');
+  api.use('mongo', ['client', 'server']);
  api.use('kadira:flow-router', 'client');
  api.use('less@2.5.1', 'client');
  api.use('tracker', 'client');
@@ -25,6 +25,7 @@ Package.onUse(function(api) {
  api.addFiles('server/roles.js', ['server']);
  api.addFiles('lib/roles.js', ['client', 'server']);
  api.addFiles('client/roles.js', ['client']);
+  api.addFiles('server/models/Users.js', ['server']);

  api.addFiles('lib/rocketchat.coffee', ['server','client']);
  api.addFiles('client/collection.coffee', ['client']);
@@ -79,5 +80,5 @@ Package.onUse(function(api) {
  api.use('tap:i18n');
  api.addFiles(tapi18nFiles);

-  api.export('Roles');
+  api.export('Roles', 'server');
 });
--- a/packages/rocketchat-authorization/server/models/Users.js
+++ b/packages/rocketchat-authorization/server/models/Users.js
+RocketChat.models.Users.findRolesByUserId = function(userId, options) {
+	query = {
+		_id: userId
+	};
+
+	if ("object" !== typeof options) {
+		options = {}
+	}
+
+	options.fields = { roles: 1 }
+
+	return this.find(query, options);
+};
--- a/packages/rocketchat-authorization/server/publications/integrations.coffee
+++ b/packages/rocketchat-authorization/server/publications/integrations.coffee
--- a/packages/rocketchat-authorization/server/roles.js
+++ b/packages/rocketchat-authorization/server/roles.js
@@ -6,27 +6,23 @@
 *   ex: { _id: "123", name: "admin" }
 */
 if (!Meteor.roles) {
-  Meteor.roles = new Meteor.Collection("roles")
+	Meteor.roles = new Mongo.Collection("roles")

-  // Create default indexes for roles collection
-  Meteor.roles._ensureIndex('name', {unique: 1})
+	// Create default indexes for roles collection
+	Meteor.roles._ensureIndex('name', {unique: 1})
 }


 /**
- * Publish logged-in user's roles so client-side checks can work.
+ * Publish logged-in user's roles (global) so client-side checks can work.
 *
 * Use a named publish function so clients can check `ready()` state.
 */
-Meteor.publish('_roles', function () {
-  var loggedInUserId = this.userId,
-      fields = {roles: 1}
+Meteor.publish('scope-roles', function (scope) {
+	if (!this.userId || "undefined" === typeof RocketChat.models[scope] || "function" !== typeof RocketChat.models[scope].findRolesByUserId) {
+		this.ready()
+		return
+	}

-  if (!loggedInUserId) {
-    this.ready()
-    return
-  }
-
-  return Meteor.users.find({_id: loggedInUserId},
-                           {fields: fields})
-})
+	return RocketChat.models[scope].findRolesByUserId(this.userId);
+});
--- a/packages/rocketchat-authorization/server/startup.coffee
+++ b/packages/rocketchat-authorization/server/startup.coffee
@@ -106,14 +106,17 @@ Meteor.startup ->
 		roles : ['admin', 'bot']}
 	]

-	#alanning:roles
-	roles = _.pluck(Roles.getAllRoles().fetch(), 'name');
-
 	for permission in permissions
 		RocketChat.models.Permissions.upsert( permission._id, {$set: permission })
-		for role in permission.roles
-			unless role in roles
-				Roles.createRole role
-				roles.push(role)

+	roles = _.pluck(Roles.getAllRoles().fetch(), 'name');
+	defaultRoles = [
+		{ name: 'admin', scope: 'Users' }
+		{ name: 'moderator', scope: 'Subscriptions' }
+		{ name: 'user', scope: 'Users' }
+		{ name: 'bot', scope: 'Users' }
+	]

+	for role in defaultRoles
+		unless role.name in roles
+			Roles.createRole role