-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmethods.js
183 lines (168 loc) · 5.96 KB
/
methods.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
if (Meteor.isServer) {
checkRights = {};
/**
* Generates a random password
* @return String
* password with length 10
*/
generatePassword = function () {
var chars = 'ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz';
var string_length = 10;
var randomstring = '';
var charCount = 0;
var numCount = 0;
for (var i = 0; i < string_length; i++) {
if ((Math.floor(Math.random() * 2) === 0) && numCount < 3 || charCount >= 5) {
var rnum = Math.floor(Math.random() * 10);
randomstring += rnum;
numCount += 1;
} else {
var rnum = Math.floor(Math.random() * chars.length);
randomstring += chars.substring(rnum, rnum + 1);
charCount += 1;
}
}
return randomstring;
};
Meteor.methods({
/**
* creates a user without password
* @param Object doc
* @return Boolean
* true = create user successfull
*/
createUserWithoutPassword: function (doc) {
// Important server-side check for security and data integrity
if (Roles.userIsInRole(Meteor.userId(), ['admin', 'superAdmin'])) {
var user = {
'username': doc.username,
'email': doc.emails[0].address,
'profile': doc.profile
};
user = Accounts.createUser(user);
if (user) {
Roles.addUsersToRoles(user, 'user');
return true;
}
if (!user)
throw new Meteor.Error('user', 'User has not been created');
}
},
/**
* removes a user
* @param String userId
* @return Boolean
* true = remove user successfull
*/
removeUser: function (userId) {
if (userId !== Meteor.userId()) {
if (Roles.userIsInRole(Meteor.userId(), ['admin', 'superAdmin'])) {
if (userId) {
var userToRemove = Meteor.users.findOne({
_id: userId
}, {
_id: 0,
createdAt: 0,
emails: 0,
services: 0,
username: 0
});
if (userToRemove && Roles.userIsInRole(userId, 'superAdmin') === false) {
var success = Meteor.users.remove({
_id: userId
});
if (success.nRemoved === 1) {
var to = userToRemove.emails[0].address;
var from = Meteor.user().emails[0].address;
var subject = 'Your account was removed';
var text = 'Your admin has deleted your Account. Please contact him to get further information.';
check([to, from, subject, text], [String]);
// Let other method calls from the same client start running,
// without waiting for the email sending to complete.
this.unblock();
Email.send({
to: to,
from: from,
subject: subject,
text: text
});
// Run hooked functions
_.each(UserManagementTemplates.onRemoveUser, function (func) {
func(userId);
});
}
} else {
throw new Meteor.Error('user', 'superAdmin can not be removed!');
}
} else {
throw new Meteor.Error('user', 'no user id specified');
}
return true;
}
} else {
throw new Meteor.Error('user', 'You are not allowed to delete yourself');
}
},
/**
* checks if a given username already exists
* @param String username
* @return Boolean
* true = username is existing
* false = username not existing
*/
checkUsernameExisting: function (username) {
var existingUsers = Meteor.users.find({
username: username
}).fetch();
if (existingUsers.length > 0)
return true;
return false;
},
/**
* checks if a given email already exists
* @param String email
* @return Boolean
* true = email is existing
* false = email not existing
*/
checkEmailExisting: function (email) {
var emailArray = [{
address: email,
verified: true
}, {
address: email,
verified: false
}];
var existingEmails = Meteor.users.find({
emails: {
$in: emailArray
}
}).fetch();
if (existingEmails.length > 0)
return true;
return false;
},
/**
* remove a role
* @param String role
* @return Boolean
* true = successfully removed role
*/
'removeRole': function (role) {
var users = Meteor.users.find({
roles: role
}).fetch();
Roles.removeUsersFromRoles(users, role);
Roles.deleteRole(role);
return true;
},
enrollAccount: function (userId) {
if (Roles.userIsInRole(this.userId, ['admin', 'superAdmin'])) {
Accounts.sendEnrollmentEmail(userId);
return true;
} else {
throw new Meteor.Error('enrollmentEmail', 'You are not allowed to send encrollment emails');
}
}
});
}