diff options
Diffstat (limited to 'ui/imports/api/accounts')
-rw-r--r-- | ui/imports/api/accounts/methods.js | 203 | ||||
-rw-r--r-- | ui/imports/api/accounts/server/publications.js | 29 |
2 files changed, 0 insertions, 232 deletions
diff --git a/ui/imports/api/accounts/methods.js b/ui/imports/api/accounts/methods.js deleted file mode 100644 index f6c271c..0000000 --- a/ui/imports/api/accounts/methods.js +++ /dev/null @@ -1,203 +0,0 @@ -///////////////////////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 Koren Lev (Cisco Systems), Yaron Yogev (Cisco Systems) and others / -// / -// All rights reserved. This program and the accompanying materials / -// are made available under the terms of the Apache License, Version 2.0 / -// which accompanies this distribution, and is available at / -// http://www.apache.org/licenses/LICENSE-2.0 / -///////////////////////////////////////////////////////////////////////////////////////// -import { ValidatedMethod } from 'meteor/mdg:validated-method'; -import { SimpleSchema } from 'meteor/aldeed:simple-schema'; -import * as R from 'ramda'; -import { Roles } from 'meteor/alanning:roles'; -import { Environments } from '/imports/api/environments/environments'; -import { UserSettings } from '/imports/api/user-settings/user-settings'; - -let userSchema = new SimpleSchema({ - _id: { type: String }, - username: { type: String }, - password: { type: String }, - viewEnvs: { type: [ String ] }, - editEnvs: { type: [ String ] }, -}); - -export const insert = new ValidatedMethod({ - name: 'accounts.insert', - validate: userSchema - .pick([ - 'username', - 'password', - 'viewEnvs', - 'viewEnvs.$', - 'editEnvs', - 'editEnvs.$', - ]).validator({ clean: true, filter: false }), - run({ - username, - password, - viewEnvs, - editEnvs, - }) { - if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) { - throw new Meteor.Error('unauthorized for removing users'); - } - - let userId = Accounts.createUser({ - username: username, - password: password - }); - - addRole(viewEnvs, 'view-env', userId); - addRole(editEnvs, 'edit-env', userId); - - let userSettings = UserSettings.schema.clean({}); - userSettings = R.merge(userSettings, { - user_id: userId, - }); - UserSettings.insert(userSettings); - } -}); - - - -export const update = new ValidatedMethod({ - name: 'accounts.update', - validate: userSchema - .pick([ - '_id', - // 'password', - 'viewEnvs', - 'viewEnvs.$', - 'editEnvs', - 'editEnvs.$', - ]).validator({ clean: true, filter: false }), - run({ - _id, - //_password, - viewEnvs, - editEnvs, - }) { - console.log('accounts - methods - update - start'); - //throw new Meteor.Error('unimplemented'); - if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) { - throw new Meteor.Error('unauthorized for updating users'); - } - - /* - let item = Meteor.users.findOne({ _id: _id }); - console.log('user for update: ', item); - - item = R.merge(R.pick([ - 'password', - ], item), { - password - }); - */ - - /* - let item = { - //password - }; - - Meteor.users.update({ _id: _id }, { $set: item }); - */ - - let currentViewEnvs = R.map((env) => { - return env.name; - }, Environments.find({ 'auth.view-env': { $in: [ _id ] }}).fetch()); - - let viewEnvsForDelete = R.difference(currentViewEnvs, viewEnvs); - let viewEnvsForAdd = R.difference(viewEnvs, currentViewEnvs); - - removeRole(viewEnvsForDelete, 'view-env', _id); - addRole(viewEnvsForAdd, 'view-env', _id); - - // - - let currentEditEnvs = R.map((env) => { - return env.name; - }, Environments.find({ 'auth.edit-env': { $in: [ _id ] }}).fetch()); - - let editEnvsForDelete = R.difference(currentEditEnvs, editEnvs); - let editEnvsForAdd = R.difference(editEnvs, currentEditEnvs); - - removeRole(editEnvsForDelete, 'edit-env', _id); - addRole(editEnvsForAdd, 'edit-env', _id); - - console.log('accounts - methods - update - end'); - } -}); - -export const remove = new ValidatedMethod({ - name: 'accounts.remove', - validate: userSchema - .pick([ - '_id', - ]).validator({ clean: true, filter: false }), - run({ - _id - }) { - if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) { - throw new Meteor.Error('unauthorized for removing users'); - } - - let user = Meteor.users.findOne({ _id: _id }); - console.log('user for remove: ', user); - - Meteor.users.remove({ _id: _id }); - } -}); - -function removeRole(rolesForRemoval, roleName, userId) { - R.forEach((envName) => { - let env = Environments.findOne({ name: envName }); - let auth = env.auth; - if (R.isNil(auth)) { auth = { }; } - if (R.isNil(R.path([roleName], auth))) { - auth = R.assoc(roleName, [], auth); - } - auth = R.assoc(roleName, R.reject(R.equals(userId), auth[roleName]), auth); - - updateEnv(auth, env); - //let newEnv = R.merge(env, { auth: auth }); - - }, rolesForRemoval); -} - -function addRole(rolesForAdd, roleName, userId) { - R.forEach((envName) => { - let env = Environments.findOne({ name: envName }); - let auth = env.auth; - if (R.isNil(auth)) { auth = { }; } - if (R.isNil(R.path([roleName], auth))) { - auth = R.assoc(roleName, [], auth); - } - auth = R.assoc(roleName, R.append(userId, auth[roleName]), auth); - - updateEnv(auth, env); - //let newEnv = R.merge(env, { auth: auth }); - - }, rolesForAdd); -} - -function updateEnv(auth, env) { - console.log('update env. set: ' + R.toString(auth)); - try { - Environments.update(env._id, { - $set: { - auth: auth, - configuration: env.configuration, - //distribution: distribution, - //name: name, - type_drivers: env.type_drivers, - mechanism_drivers: env.mechanism_drivers, - listen: env.listen, - enable_monitoring: env.enable_monitoring, - } - }); - } catch(e) { - console.error('error in update: ' + R.toString(e)); - throw new Meteor.Error('enviornment update error', - `unable to update ACL for environment - ${env.name}. Please check envrironment info. ${e.message}`); - } -} diff --git a/ui/imports/api/accounts/server/publications.js b/ui/imports/api/accounts/server/publications.js deleted file mode 100644 index 47718d3..0000000 --- a/ui/imports/api/accounts/server/publications.js +++ /dev/null @@ -1,29 +0,0 @@ -///////////////////////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 Koren Lev (Cisco Systems), Yaron Yogev (Cisco Systems) and others / -// / -// All rights reserved. This program and the accompanying materials / -// are made available under the terms of the Apache License, Version 2.0 / -// which accompanies this distribution, and is available at / -// http://www.apache.org/licenses/LICENSE-2.0 / -///////////////////////////////////////////////////////////////////////////////////////// -import { Meteor } from 'meteor/meteor'; -//import * as R from 'ramda'; -//import { Environments } from '/imports/api/environments/environments'; -//import { Roles } from 'meteor/alanning:roles'; - -Meteor.publish('users', function () { - console.log('server subscribtion to: users'); - /* - let that = this; - - let query = {}; - - if (! Roles.userIsInRole(that.userId, 'manage-users', 'default-group')) { - query = { - _id: that.userId - }; - } - */ - - return Meteor.users.find({}); -}); |