2016-08-25 22:35:44 -04:00
|
|
|
//meteor things
|
2016-08-12 12:13:26 -04:00
|
|
|
import {
|
|
|
|
|
Meteor
|
|
|
|
|
} from 'meteor/meteor';
|
|
|
|
|
import {
|
|
|
|
|
Mongo
|
|
|
|
|
} from 'meteor/mongo';
|
2016-08-01 19:30:32 +08:00
|
|
|
|
2016-08-25 22:35:44 -04:00
|
|
|
// Defines who the admins are - not added
|
2016-08-29 21:13:35 -04:00
|
|
|
var superadmins = [
|
2016-08-12 19:10:54 -04:00
|
|
|
"ybq987@gmail.com",
|
2016-08-31 01:28:37 -04:00
|
|
|
"ksjdragon@gmail.com",
|
2016-08-31 07:05:23 -04:00
|
|
|
//"aravagarwal3073@gmail.com"
|
2016-08-12 19:10:54 -04:00
|
|
|
];
|
2016-08-25 22:35:44 -04:00
|
|
|
|
2016-08-29 21:13:35 -04:00
|
|
|
var worktype = ["test", "quiz", "project", "normal", "other"];
|
2016-08-12 21:52:14 -04:00
|
|
|
|
2016-08-23 21:35:10 -04:00
|
|
|
// Adds roles to superadmins
|
|
|
|
|
// Not necessary on every run
|
2016-08-30 22:50:54 -04:00
|
|
|
// Makes superadmins
|
2016-08-25 22:35:44 -04:00
|
|
|
|
2016-08-12 19:10:54 -04:00
|
|
|
for (var i = 0; i < superadmins.length; i++) {
|
2016-08-30 22:50:54 -04:00
|
|
|
superadmin = Meteor.users.findOne({
|
|
|
|
|
"services.google.email": superadmins[i]
|
|
|
|
|
});
|
|
|
|
|
if (superadmin && !(Roles.userIsInRole(superadmin._id, 'superadmin'))) {
|
|
|
|
|
Roles.addUsersToRoles(superadmin._id, 'superadmin');
|
2016-08-12 19:10:54 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-12 20:11:26 -04:00
|
|
|
Meteor.publish('schools', function() {
|
|
|
|
|
return schools.find();
|
|
|
|
|
});
|
|
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
// Returns the code for classes (for debug)
|
2016-08-25 22:35:44 -04:00
|
|
|
|
2016-08-12 20:11:26 -04:00
|
|
|
Meteor.publish('classes', function() {
|
2016-08-12 20:42:29 -04:00
|
|
|
if (Roles.userIsInRole(this.userId, ['superadmin', 'admin'])) {
|
2016-08-12 20:11:26 -04:00
|
|
|
return classes.find();
|
2016-09-03 21:54:39 -04:00
|
|
|
} else if (this.userId !== null) {
|
2016-08-30 22:50:54 -04:00
|
|
|
// Return user classes and all _public_ classes.
|
2016-09-01 00:13:17 -04:00
|
|
|
var userprofile = Meteor.users.findOne(this.userId);
|
|
|
|
|
if (userprofile !== undefined && userprofile.profile.classes !== undefined) {
|
2016-08-24 21:09:34 -04:00
|
|
|
return classes.find({
|
|
|
|
|
$or: [{
|
|
|
|
|
privacy: false
|
|
|
|
|
}, {
|
|
|
|
|
_id: {
|
2016-09-01 00:13:17 -04:00
|
|
|
$in: userprofile.profile.classes
|
2016-08-24 21:09:34 -04:00
|
|
|
}
|
|
|
|
|
}]
|
2016-08-12 20:11:26 -04:00
|
|
|
}, {
|
2016-08-24 21:09:34 -04:00
|
|
|
// Return non-sensitive fields
|
|
|
|
|
fields: {
|
|
|
|
|
school: 1,
|
|
|
|
|
name: 1,
|
|
|
|
|
hour: 1,
|
|
|
|
|
teacher: 1,
|
|
|
|
|
admin: 1,
|
|
|
|
|
status: 1,
|
|
|
|
|
privacy: 1,
|
|
|
|
|
category: 1,
|
|
|
|
|
moderators: 1,
|
|
|
|
|
banned: 1,
|
|
|
|
|
subscribers: 1
|
2016-08-12 20:11:26 -04:00
|
|
|
}
|
2016-08-24 21:09:34 -04:00
|
|
|
});
|
|
|
|
|
} else {
|
2016-09-01 00:13:17 -04:00
|
|
|
Meteor.call('createProfile', this.userId);
|
2016-09-03 21:34:06 -04:00
|
|
|
return classes.find({
|
|
|
|
|
_id: null
|
|
|
|
|
});
|
2016-08-24 21:09:34 -04:00
|
|
|
}
|
2016-08-12 20:11:26 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
// Gives everything in work if superadmin
|
2016-08-25 22:35:44 -04:00
|
|
|
|
2016-08-12 20:11:26 -04:00
|
|
|
Meteor.publish('work', function() {
|
2016-08-12 20:42:29 -04:00
|
|
|
if (Roles.userIsInRole(this.userId, ['superadmin', 'admin'])) {
|
2016-08-12 20:11:26 -04:00
|
|
|
return work.find();
|
2016-09-03 21:54:39 -04:00
|
|
|
} else if (this.userId !== null) {
|
2016-09-01 00:13:17 -04:00
|
|
|
var userprofile = Meteor.users.findOne(this.userId);
|
|
|
|
|
if (userprofile !== undefined && userprofile.profile.classes !== undefined) {
|
2016-08-26 21:32:17 -04:00
|
|
|
return work.find({
|
|
|
|
|
// Only return work of enrolled classes
|
|
|
|
|
class: {
|
2016-09-03 21:36:33 -04:00
|
|
|
$in: userprofile.profile.classes.concat(Meteor.userId())
|
2016-08-26 21:32:17 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
} else {
|
2016-09-01 00:13:17 -04:00
|
|
|
Meteor.call('createProfile', this.userId);
|
2016-09-03 21:36:33 -04:00
|
|
|
return work.find({
|
2016-09-03 21:34:06 -04:00
|
|
|
_id: null
|
|
|
|
|
});
|
2016-08-26 21:32:17 -04:00
|
|
|
}
|
2016-08-24 21:15:16 -04:00
|
|
|
|
2016-08-12 20:11:26 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2016-08-25 22:35:44 -04:00
|
|
|
//Returns issues in sites (not implemented on client)
|
|
|
|
|
|
2016-08-20 22:38:01 -04:00
|
|
|
Meteor.publish('requests', function() {
|
|
|
|
|
if (Roles.userIsInRole(this.userId, ['superadmin', 'admin'])) {
|
|
|
|
|
return requests.find();
|
|
|
|
|
} else {
|
2016-08-24 21:09:34 -04:00
|
|
|
return requests.find({
|
|
|
|
|
requestor: this.userId
|
|
|
|
|
});
|
2016-08-20 22:38:01 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
2016-08-25 22:35:44 -04:00
|
|
|
//Publishes every-persons email and user-ids
|
|
|
|
|
|
2016-08-15 20:55:21 -04:00
|
|
|
Meteor.publish('users', function() {
|
|
|
|
|
if (Roles.userIsInRole(this.userId, ['superadmin', 'admin'])) {
|
|
|
|
|
return Meteor.users.find();
|
|
|
|
|
} else {
|
2016-08-18 06:54:22 -04:00
|
|
|
return Meteor.users.find({}, {
|
2016-08-23 21:35:10 -04:00
|
|
|
// Only return necessary fields
|
2016-08-18 06:54:22 -04:00
|
|
|
fields: {
|
2016-09-04 15:47:45 -04:00
|
|
|
'services.google.email': 1,
|
|
|
|
|
'profile.avatar': 1,
|
|
|
|
|
'profile.banner': 1,
|
|
|
|
|
'profile.grade': 1,
|
|
|
|
|
'profile.description': 1,
|
|
|
|
|
'profile.name': 1,
|
|
|
|
|
'profile.school': 1
|
2016-08-18 06:54:22 -04:00
|
|
|
}
|
|
|
|
|
});
|
2016-08-15 20:55:21 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
2016-08-23 21:35:10 -04:00
|
|
|
// Allows only superadmins to edit collections from client
|
2016-08-13 09:02:04 -04:00
|
|
|
Security.permit(['insert', 'update', 'remove']).collections([schools, classes, work]).ifHasRole('superadmin');
|
|
|
|
|
|
2016-08-23 21:35:10 -04:00
|
|
|
|
2016-08-08 20:55:02 -04:00
|
|
|
Meteor.methods({
|
2016-08-30 22:50:54 -04:00
|
|
|
// Stuff that is accessible in client
|
2016-08-26 21:32:17 -04:00
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
// Generates private codes for classes - like google classroom
|
|
|
|
|
'genCode': function(privacy) {
|
|
|
|
|
if (privacy) {
|
|
|
|
|
var currcode = Math.random().toString(36).substr(2, 6);
|
|
|
|
|
while (classes.findOne({
|
2016-08-31 07:05:23 -04:00
|
|
|
code: currcode
|
|
|
|
|
})) {
|
2016-08-30 22:50:54 -04:00
|
|
|
currcode = Math.random().toString(36).substr(2, 6);
|
|
|
|
|
}
|
|
|
|
|
return currcode;
|
|
|
|
|
} else {
|
|
|
|
|
return "";
|
2016-08-18 19:08:58 -04:00
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-23 21:35:10 -04:00
|
|
|
|
|
|
|
|
// School Functions
|
2016-08-25 22:35:44 -04:00
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
// Ability to create schools for selections
|
2016-08-12 12:13:26 -04:00
|
|
|
'createSchool': function(schoolname) {
|
2016-08-25 21:57:22 -04:00
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin'])) {
|
2016-08-12 12:13:26 -04:00
|
|
|
schools.insert({
|
2016-08-25 21:57:22 -04:00
|
|
|
name: schoolname
|
2016-08-12 12:13:26 -04:00
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-30 22:50:54 -04:00
|
|
|
// Deletes school
|
2016-08-12 19:10:54 -04:00
|
|
|
'deleteSchool': function(schoolId) {
|
|
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin'])) {
|
|
|
|
|
schools.remove({
|
|
|
|
|
_id: schoolId
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 19:10:54 -04:00
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-23 21:35:10 -04:00
|
|
|
|
|
|
|
|
// Class Functions
|
2016-08-12 12:13:26 -04:00
|
|
|
'createClass': function(input) {
|
|
|
|
|
classes.schema.validate(input);
|
2016-08-30 22:50:54 -04:00
|
|
|
if (Meteor.user() &&
|
2016-08-12 12:13:26 -04:00
|
|
|
classes.find({
|
|
|
|
|
status: false,
|
|
|
|
|
admin: Meteor.userId()
|
|
|
|
|
}).fetch().length < 5 &&
|
|
|
|
|
schools.findOne({
|
|
|
|
|
name: input.school
|
2016-08-30 22:50:54 -04:00
|
|
|
})) {
|
|
|
|
|
input.status = Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin']);
|
2016-08-12 12:13:26 -04:00
|
|
|
input.admin = Meteor.userId();
|
2016-08-30 22:50:54 -04:00
|
|
|
Meteor.call('genCode', function(error, result) {
|
|
|
|
|
input.code = result;
|
|
|
|
|
});
|
2016-08-12 12:13:26 -04:00
|
|
|
if (input.category != "class" && input.category != "club") {
|
|
|
|
|
input.category = "other";
|
|
|
|
|
}
|
2016-08-30 22:50:54 -04:00
|
|
|
input.subscribers = [];
|
2016-08-12 12:13:26 -04:00
|
|
|
input.moderators = [];
|
2016-08-16 20:46:38 -04:00
|
|
|
input.banned = [];
|
2016-08-17 22:32:33 -04:00
|
|
|
|
|
|
|
|
classes.insert(input, function(err, result) {
|
|
|
|
|
Meteor.call('joinClass', [result, input.code]);
|
|
|
|
|
});
|
2016-08-18 06:54:22 -04:00
|
|
|
|
2016-08-12 12:13:26 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-15 22:32:00 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-27 09:34:23 -04:00
|
|
|
// For class admins to get code
|
|
|
|
|
'getCode': function(classId) {
|
2016-08-27 09:47:59 -04:00
|
|
|
var foundclass = classes.find({
|
|
|
|
|
_id: classId
|
|
|
|
|
});
|
2016-08-27 09:34:23 -04:00
|
|
|
if (foundclass && foundclass.admin == Meteor.userId()) {
|
|
|
|
|
return foundclass.code;
|
|
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-27 09:34:23 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-15 22:32:00 -04:00
|
|
|
'changeAdmin': function(input) {
|
2016-08-30 22:50:54 -04:00
|
|
|
var userId = input[0];
|
|
|
|
|
var classId = input[1];
|
2016-08-18 06:54:22 -04:00
|
|
|
var found = Meteor.users.find({
|
2016-08-30 22:50:54 -04:00
|
|
|
_id: userId
|
2016-08-18 06:54:22 -04:00
|
|
|
});
|
|
|
|
|
var foundclass = classes.find({
|
2016-08-30 22:50:54 -04:00
|
|
|
_id: classId
|
2016-08-18 06:54:22 -04:00
|
|
|
});
|
2016-08-30 22:50:54 -04:00
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin']) ||
|
|
|
|
|
|
|
|
|
|
(found && foundclass && foundclass.admin == Meteor.userId() &&
|
2016-08-31 07:05:23 -04:00
|
|
|
!_.contains(foundclass.banned, userId) &&
|
|
|
|
|
_.contains(foundclass.subscribers, userId)
|
2016-08-30 22:50:54 -04:00
|
|
|
)) {
|
2016-08-18 06:54:22 -04:00
|
|
|
classes.update({
|
2016-08-30 22:50:54 -04:00
|
|
|
_id: classId
|
2016-08-18 06:54:22 -04:00
|
|
|
}, {
|
|
|
|
|
$set: {
|
2016-08-30 22:50:54 -04:00
|
|
|
admin: userId
|
2016-08-18 06:54:22 -04:00
|
|
|
}
|
|
|
|
|
});
|
2016-08-15 22:32:00 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-15 22:32:00 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-25 22:35:44 -04:00
|
|
|
|
|
|
|
|
// Allows someone to manage the class
|
|
|
|
|
|
2016-08-15 22:32:00 -04:00
|
|
|
'trackUserInClass': function(input) {
|
2016-08-30 22:50:54 -04:00
|
|
|
var userId = input[0];
|
|
|
|
|
var classId = input[1];
|
|
|
|
|
var userlist = input[2];
|
|
|
|
|
var dowhat = input[3];
|
2016-08-18 06:54:22 -04:00
|
|
|
var foundclass = classes.findOne({
|
2016-08-30 22:50:54 -04:00
|
|
|
_id: classId
|
2016-08-18 06:54:22 -04:00
|
|
|
});
|
2016-08-30 22:50:54 -04:00
|
|
|
classlist = foundclass[userlist];
|
|
|
|
|
var index = ["moderators", "banned"].indexOf(userlist);
|
|
|
|
|
var set = foundclass;
|
|
|
|
|
var presence = false;
|
|
|
|
|
if (dowhat) {
|
|
|
|
|
set[userlist] = set[userlist].concat(userId);
|
|
|
|
|
presence = true;
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-30 22:50:54 -04:00
|
|
|
set[userlist] = _.without(set[userlist], userId);
|
2016-08-15 22:32:00 -04:00
|
|
|
}
|
2016-08-16 18:22:02 -04:00
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin']) ||
|
|
|
|
|
|
|
|
|
|
(foundclass && foundclass.admin == Meteor.userId() && index !== -1 &&
|
2016-08-31 07:05:23 -04:00
|
|
|
(index === 0 ^ _.contains(foundclass.moderators, Meteor.userId())) &&
|
|
|
|
|
(!_.contains(classlist, userId) ^ presence))) {
|
2016-08-18 06:54:22 -04:00
|
|
|
classes.update({
|
2016-08-30 22:50:54 -04:00
|
|
|
_id: classId
|
2016-08-18 06:54:22 -04:00
|
|
|
}, {
|
|
|
|
|
$set: set
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
'deleteClass': function(classid) {
|
2016-08-12 21:52:14 -04:00
|
|
|
var found = classes.findOne({
|
2016-08-12 12:13:26 -04:00
|
|
|
_id: classid
|
|
|
|
|
});
|
2016-08-30 22:50:54 -04:00
|
|
|
if (Meteor.user() && found &&
|
2016-08-18 06:54:22 -04:00
|
|
|
(found.admin === Meteor.user()._id || Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin']))) {
|
2016-08-15 13:48:00 -04:00
|
|
|
for (var i = 0; i < found.subscribers.length; i++) {
|
2016-08-18 06:54:22 -04:00
|
|
|
var current = Meteor.users.findOne({
|
|
|
|
|
_id: found.subscribers[i]
|
|
|
|
|
}).profile;
|
2016-08-17 22:32:33 -04:00
|
|
|
var index = current.classes.indexOf(classid);
|
|
|
|
|
current.classes.splice(index, 1);
|
2016-08-15 13:48:00 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: found.subscribers[i]
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-15 22:32:00 -04:00
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
classes.remove({
|
|
|
|
|
_id: classid
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-23 21:35:10 -04:00
|
|
|
|
|
|
|
|
// Work Functions
|
2016-08-12 12:13:26 -04:00
|
|
|
'createWork': function(input) {
|
2016-08-18 17:13:59 -04:00
|
|
|
var ref = new Date();
|
2016-08-20 22:38:01 -04:00
|
|
|
ref.setHours(0, 0, 0, 0);
|
2016-08-18 17:13:59 -04:00
|
|
|
ref = ref.getTime();
|
2016-08-12 21:52:14 -04:00
|
|
|
input.creator = Meteor.userId();
|
2016-08-12 12:13:26 -04:00
|
|
|
work.schema.validate(input);
|
2016-08-13 17:26:07 -04:00
|
|
|
var found = classes.findOne({
|
2016-08-12 12:13:26 -04:00
|
|
|
_id: input.class
|
2016-08-09 17:10:08 -04:00
|
|
|
});
|
2016-08-13 18:58:54 -04:00
|
|
|
|
2016-08-30 22:50:54 -04:00
|
|
|
if (Meteor.user() &&
|
2016-09-03 21:12:17 -04:00
|
|
|
((found && _.contains(Meteor.user().profile.classes, input.class) &&
|
2016-09-03 21:34:06 -04:00
|
|
|
!_.contains(found.banned, Meteor.userId())) ||
|
|
|
|
|
(Meteor.userId() === input.class)) &&
|
2016-08-18 06:54:22 -04:00
|
|
|
input.dueDate instanceof Date && input.dueDate.getTime() >= ref &&
|
2016-08-30 22:50:54 -04:00
|
|
|
_.contains(worktype, input.type) &&
|
2016-08-18 06:54:22 -04:00
|
|
|
input.name.length <= 50 && input.description.length <= 150) {
|
2016-08-11 03:10:32 -04:00
|
|
|
|
2016-08-12 12:13:26 -04:00
|
|
|
input.confirmations = [Meteor.userId()];
|
|
|
|
|
input.reports = [];
|
|
|
|
|
input.done = [];
|
|
|
|
|
input.numberdone = 0;
|
2016-08-12 21:00:32 -04:00
|
|
|
input.comments = [];
|
2016-08-12 12:13:26 -04:00
|
|
|
work.insert(input);
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
2016-08-10 17:42:07 -04:00
|
|
|
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-12 21:52:14 -04:00
|
|
|
'editWork': function(change) {
|
2016-08-18 17:13:59 -04:00
|
|
|
var ref = new Date();
|
2016-08-20 22:38:01 -04:00
|
|
|
ref.setHours(0, 0, 0, 0);
|
2016-08-18 17:13:59 -04:00
|
|
|
ref = ref.getTime();
|
2016-09-03 21:54:39 -04:00
|
|
|
var currentwork = work.findOne({
|
|
|
|
|
_id: change._id
|
|
|
|
|
});
|
2016-08-13 13:32:40 -04:00
|
|
|
var currentclass = classes.findOne({
|
2016-09-03 21:34:06 -04:00
|
|
|
_id: currentwork.class
|
2016-08-13 13:32:40 -04:00
|
|
|
});
|
2016-08-16 18:14:07 -04:00
|
|
|
var authorized = currentclass.moderators.concat(currentclass.admin);
|
2016-08-12 22:05:06 -04:00
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin'])) {
|
2016-08-13 19:24:10 -04:00
|
|
|
work.update({
|
2016-09-03 21:34:06 -04:00
|
|
|
_id: currentwork._id
|
2016-08-13 13:32:40 -04:00
|
|
|
}, {
|
|
|
|
|
$set: change
|
|
|
|
|
});
|
2016-09-03 21:34:06 -04:00
|
|
|
} else if ((_.contains(authorized, Meteor.userId()) ||
|
2016-09-03 21:54:39 -04:00
|
|
|
currentwork.class === Meteor.userId() ||
|
|
|
|
|
Meteor.userId() === currentwork.creator) &&
|
|
|
|
|
change.name.length <= 50 && change.description.length <= 150 &&
|
|
|
|
|
change.dueDate instanceof Date && change.dueDate.getTime() >= ref &&
|
|
|
|
|
_.contains(worktype, change.type)) {
|
|
|
|
|
work.update({
|
|
|
|
|
_id: change._id
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
name: change.name,
|
|
|
|
|
dueDate: change.dueDate,
|
|
|
|
|
description: change.description,
|
|
|
|
|
attachments: change.attachments,
|
|
|
|
|
type: change.type
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-12 21:52:14 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 21:52:14 -04:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
'addComment': function(input) {
|
2016-08-22 16:52:04 -04:00
|
|
|
var comment = input[0];
|
2016-08-13 13:32:40 -04:00
|
|
|
var workobject = work.findOne({
|
|
|
|
|
_id: input[1]
|
|
|
|
|
});
|
|
|
|
|
var currentclass = classes.findOne({
|
|
|
|
|
_id: workobject.class
|
|
|
|
|
});
|
2016-08-13 16:10:01 -04:00
|
|
|
var user = Meteor.userId();
|
2016-08-12 21:52:14 -04:00
|
|
|
if (typeof comment === "string" && comment.length <= 200 &&
|
2016-09-02 11:24:54 -04:00
|
|
|
_.contains(currentclass.subscribers, Meteor.userId()) &&
|
2016-09-02 00:34:40 -04:00
|
|
|
!_.contains(currentclass.banned, Meteor.userId())) {
|
2016-08-29 21:13:35 -04:00
|
|
|
var commentInfo = {
|
2016-08-31 07:05:23 -04:00
|
|
|
"comment": input[0],
|
|
|
|
|
"user": user,
|
2016-08-27 19:29:51 -04:00
|
|
|
"date": new Date()
|
|
|
|
|
};
|
|
|
|
|
var comments = workobject.comments.concat(commentInfo);
|
2016-08-13 13:32:40 -04:00
|
|
|
work.update({
|
|
|
|
|
_id: input[1]
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
2016-08-27 19:29:51 -04:00
|
|
|
comments: comments
|
2016-08-13 13:32:40 -04:00
|
|
|
}
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 21:52:14 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-26 21:32:17 -04:00
|
|
|
|
2016-08-12 22:35:28 -04:00
|
|
|
'toggleWork': function(input) {
|
2016-08-13 13:32:40 -04:00
|
|
|
var workobject = work.findOne({
|
|
|
|
|
_id: input[0]
|
|
|
|
|
});
|
|
|
|
|
var currentclass = classes.findOne({
|
|
|
|
|
_id: workobject.class
|
|
|
|
|
});
|
2016-08-30 22:50:54 -04:00
|
|
|
if (_.contains(currentclass.subscribers, Meteor.userId()) && _.contains(["confirmations", "reports", "done"], input[1])) {
|
2016-08-29 21:13:35 -04:00
|
|
|
var userindex = workobject[input[1]].indexOf(Meteor.userId());
|
2016-08-12 22:43:56 -04:00
|
|
|
if (userindex === -1) {
|
2016-08-16 18:14:07 -04:00
|
|
|
workobject[input[1]] = workobject[input[1]].concat(Meteor.userId());
|
2016-08-28 19:22:51 -04:00
|
|
|
if (input[1] === "confirmations" &&
|
2016-08-30 22:50:54 -04:00
|
|
|
_.contains(workobject.reports, Meteor.userId())) {
|
2016-08-28 19:22:51 -04:00
|
|
|
workobject.reports.splice(userindex, 1);
|
|
|
|
|
} else if (input[1] === "reports" &&
|
2016-08-31 07:05:23 -04:00
|
|
|
_.contains(workobject.confirmations, Meteor.userId())) {
|
2016-08-28 19:22:51 -04:00
|
|
|
workobject.confirmations.splice(userindex, 1);
|
|
|
|
|
}
|
2016-08-12 22:35:28 -04:00
|
|
|
} else {
|
2016-08-28 18:41:35 -04:00
|
|
|
workobject[input[1]].splice(userindex, 1);
|
2016-08-12 22:35:28 -04:00
|
|
|
}
|
2016-08-13 13:32:40 -04:00
|
|
|
work.update({
|
2016-08-28 18:41:35 -04:00
|
|
|
_id: input[0]
|
2016-08-13 13:32:40 -04:00
|
|
|
}, {
|
|
|
|
|
$set: workobject
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 21:52:14 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-12 21:00:32 -04:00
|
|
|
'deleteWork': function(workId) {
|
2016-09-03 21:54:39 -04:00
|
|
|
var currentwork = wokr.findOne({
|
|
|
|
|
_id: workId
|
|
|
|
|
});
|
2016-08-13 13:32:40 -04:00
|
|
|
var currentclass = classes.findOne({
|
2016-09-03 21:34:06 -04:00
|
|
|
_id: currentwork.class
|
2016-08-13 13:32:40 -04:00
|
|
|
});
|
2016-08-16 18:14:07 -04:00
|
|
|
var authorized = currentclass.moderators.concat(currentclass.admin);
|
2016-08-12 21:52:14 -04:00
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin']) ||
|
2016-09-03 21:34:06 -04:00
|
|
|
_.contains(authorized, Meteor.userId()) || Meteor.userId() === currentwork.class) {
|
2016-08-12 21:52:14 -04:00
|
|
|
work.remove({
|
|
|
|
|
_id: workId
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 21:00:32 -04:00
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-23 21:35:10 -04:00
|
|
|
|
|
|
|
|
// User Functions
|
2016-08-12 12:13:26 -04:00
|
|
|
'editProfile': function(change) {
|
2016-08-12 21:52:14 -04:00
|
|
|
var current = Meteor.user().profile;
|
2016-08-12 12:13:26 -04:00
|
|
|
current.school = change.school;
|
|
|
|
|
current.grade = change.grade;
|
2016-08-13 09:02:04 -04:00
|
|
|
current.classes = change.classes;
|
|
|
|
|
if (!current.classes) {
|
|
|
|
|
current.classes = [];
|
|
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
current.description = change.description;
|
|
|
|
|
current.avatar = change.avatar;
|
|
|
|
|
current.banner = change.banner;
|
|
|
|
|
current.preferences = change.preferences;
|
2016-09-01 07:15:17 -04:00
|
|
|
|
|
|
|
|
if (current.description && current.description.length > 50) {
|
|
|
|
|
current.description = current.description.slice(0, 50);
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
2016-09-01 07:15:17 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: Meteor.userId()
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-24 21:09:34 -04:00
|
|
|
'createProfile': function(userId) {
|
2016-08-29 21:13:35 -04:00
|
|
|
var current = Meteor.users.findOne({
|
2016-08-24 21:09:34 -04:00
|
|
|
_id: userId
|
|
|
|
|
}).profile;
|
|
|
|
|
current.classes = [];
|
2016-08-31 23:05:26 -04:00
|
|
|
current.preferences = {
|
|
|
|
|
"theme": "light",
|
|
|
|
|
"mode": "classes",
|
|
|
|
|
"timeHide": 1,
|
|
|
|
|
"done": true
|
|
|
|
|
};
|
2016-08-24 21:09:34 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: userId
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
},
|
2016-08-12 12:13:26 -04:00
|
|
|
'joinClass': function(input) {
|
2016-08-12 21:52:14 -04:00
|
|
|
var change = input[0];
|
|
|
|
|
var pass = input[1];
|
|
|
|
|
var prof = Meteor.user().profile;
|
|
|
|
|
var found = classes.findOne({
|
2016-08-12 12:13:26 -04:00
|
|
|
_id: change,
|
|
|
|
|
status: true
|
|
|
|
|
});
|
|
|
|
|
if (Meteor.user() !== null &&
|
2016-08-18 06:54:22 -04:00
|
|
|
found !== null &&
|
|
|
|
|
pass === found.code &&
|
2016-08-30 22:50:54 -04:00
|
|
|
!_.contains(prof.classes, change)) {
|
2016-08-29 21:13:35 -04:00
|
|
|
var foundsubs = found.subscribers;
|
2016-08-18 06:54:22 -04:00
|
|
|
classes.update({
|
|
|
|
|
_id: found._id
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
2016-08-20 20:56:05 -04:00
|
|
|
subscribers: foundsubs.concat(Meteor.userId())
|
2016-08-18 06:54:22 -04:00
|
|
|
}
|
|
|
|
|
});
|
2016-08-12 21:52:14 -04:00
|
|
|
var current = Meteor.user().profile;
|
2016-08-17 22:32:33 -04:00
|
|
|
current.classes = current.classes.concat(change);
|
2016-08-12 12:13:26 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: Meteor.userId()
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
return true;
|
2016-08-09 18:23:02 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-09 18:23:02 -04:00
|
|
|
}
|
2016-08-12 12:13:26 -04:00
|
|
|
},
|
2016-08-17 18:45:50 -04:00
|
|
|
'joinPrivateClass': function(input) {
|
2016-08-18 06:54:22 -04:00
|
|
|
var found = classes.findOne({
|
|
|
|
|
status: true,
|
|
|
|
|
privacy: true,
|
|
|
|
|
code: input
|
|
|
|
|
});
|
2016-08-18 00:44:13 -04:00
|
|
|
var current = Meteor.user().profile;
|
|
|
|
|
if (found !== undefined && input !== undefined &&
|
2016-08-30 22:50:54 -04:00
|
|
|
!_.contains(current.classes, found._id)) {
|
2016-08-18 06:54:22 -04:00
|
|
|
classes.update({
|
|
|
|
|
_id: found._id
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
subscribers: found.subscribers.concat(Meteor.userId())
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-18 00:44:13 -04:00
|
|
|
current.classes = current.classes.concat(found._id);
|
2016-08-18 06:54:22 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: Meteor.userId()
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-18 00:44:13 -04:00
|
|
|
return true;
|
|
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-17 18:45:50 -04:00
|
|
|
}
|
|
|
|
|
},
|
2016-08-12 12:13:26 -04:00
|
|
|
'leaveClass': function(change) {
|
|
|
|
|
if (Meteor.user() !== null) {
|
2016-08-21 22:48:15 -04:00
|
|
|
var current = Meteor.user().profile;
|
|
|
|
|
var index = current.classes.indexOf(change);
|
2016-08-12 12:13:26 -04:00
|
|
|
if (index >= 0) {
|
|
|
|
|
if (classes.findOne({
|
2016-08-31 07:05:23 -04:00
|
|
|
_id: change
|
|
|
|
|
}).admin != Meteor.userId()) {
|
2016-08-21 22:48:15 -04:00
|
|
|
current.classes.splice(index, 1);
|
2016-08-12 12:13:26 -04:00
|
|
|
Meteor.users.update({
|
|
|
|
|
_id: Meteor.userId()
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
profile: current
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-18 06:54:22 -04:00
|
|
|
var newstudents = classes.findOne({
|
|
|
|
|
_id: change
|
|
|
|
|
}).subscribers.splice(Meteor.userId(), 1);
|
|
|
|
|
classes.update({
|
|
|
|
|
_id: change
|
|
|
|
|
}, {
|
|
|
|
|
$set: {
|
|
|
|
|
subscribers: newstudents
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
return true;
|
2016-08-12 12:13:26 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are currently the admin of this class. Transfer ownership in order to leave this class.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
|
|
|
|
}
|
2016-08-09 18:03:31 -04:00
|
|
|
|
2016-08-20 22:38:01 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 12:13:26 -04:00
|
|
|
}
|
2016-08-12 19:10:54 -04:00
|
|
|
},
|
2016-08-23 21:35:10 -04:00
|
|
|
|
|
|
|
|
// Admin Functions
|
2016-08-12 19:10:54 -04:00
|
|
|
'createAdmin': function(userId) {
|
|
|
|
|
if (Roles.userIsInRole(Meteor.user()._id, ['superadmin'])) {
|
|
|
|
|
Roles.addUsersToRoles(userId, ['admin']);
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 19:10:54 -04:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
'deleteAdmin': function(userId) {
|
|
|
|
|
if (Roles.userIsInRole(Meteor.user()._id, ['superadmin'])) {
|
|
|
|
|
Roles.removeUsersToRoles(userId, ['admin']);
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-12 19:10:54 -04:00
|
|
|
}
|
2016-08-20 22:38:01 -04:00
|
|
|
},
|
|
|
|
|
'createRequest': function(request) {
|
2016-08-31 20:33:25 -04:00
|
|
|
if (request.length <= 500 && Meteor.userId() !== null &&
|
|
|
|
|
_.contains(['bug', 'feature'], request.type)) {
|
2016-08-20 22:38:01 -04:00
|
|
|
requests.insert({
|
|
|
|
|
requestor: Meteor.userId(),
|
2016-08-31 20:33:25 -04:00
|
|
|
request: request.content,
|
|
|
|
|
type: request.type,
|
|
|
|
|
info: request.info,
|
2016-08-20 22:38:01 -04:00
|
|
|
timeRequested: new Date()
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-20 22:38:01 -04:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
'deleteRequest': function(requestId) {
|
|
|
|
|
if (Roles.userIsInRole(Meteor.userId(), ['superadmin', 'admin'])) {
|
2016-08-24 21:09:34 -04:00
|
|
|
requests.remove({
|
|
|
|
|
_id: requestId
|
|
|
|
|
});
|
2016-08-21 10:02:07 -04:00
|
|
|
} else {
|
2016-08-31 23:21:53 -04:00
|
|
|
throw new Meteor.Error("unauthorized", "You are not authorized to complete this action.");
|
2016-08-20 22:38:01 -04:00
|
|
|
}
|
2016-08-09 18:03:31 -04:00
|
|
|
}
|
2016-08-13 09:02:04 -04:00
|
|
|
});
|
