Commit c89f4d84 authored by Manuel Gauto's avatar Manuel Gauto
Browse files

Add allows for ChannelMemberships

parent a330c5ff
......@@ -9,4 +9,5 @@ insecure
iron:router
ewall:foundation
aldeed:collection2
alanning:roles
accounts-base@1.1.2
alanning:roles@1.2.13
aldeed:collection2@2.2.0
aldeed:simple-schema@1.0.3
application-configuration@1.0.3
......@@ -36,6 +38,7 @@ jquery@1.0.1
json@1.0.1
launch-screen@1.0.0
livedata@1.0.11
localstorage@1.0.1
logging@1.0.5
meteor-platform@1.2.0
meteor@1.1.3
......@@ -52,6 +55,7 @@ reactive-var@1.0.3
reload@1.1.1
retry@1.0.1
routepolicy@1.0.2
service-configuration@1.0.2
session@1.0.4
spacebars-compiler@1.0.3
spacebars@1.0.3
......
......@@ -79,6 +79,81 @@ if(Meteor.isServer) {
Meteor.publish('channelMemberships', function() {
return ChannelMemberships.find({userId: Meteor.userId()}).fetch();
});
//Allow Statements
Channels.allow({
insert: function(userId, channel) {
},
remove: function(userId, channel) {
},
update: function(userId, channel) {
}
});
ChannelMemberships.allow({
/* Users should only be able to manage ChannelMemberships under these conditions
* - It is their membership
* - It is their channel
* - They are an admin
*/
insert: function(userId, channelMembership) {
//Check to see if they are an admin
if(Roles.userIsInRole(loggedInUser, 'admin')) {
return true;
}
//Check to see if it their channel
var channelObj = Channels.findOne(channelMembership.channelId);
var channelOwnerId = channelObj.createdBy;
if(channelOwnerId === userId) {
return true;
}
//Check if it is their membership
return (channelMembership.userId===userId);
},
remove: function(userId, channelMembership) {
//Check to see if they are an admin
if(Roles.userIsInRole(loggedInUser, 'admin')) {
return true;
}
//Check to see if it their channel
var channelObj = Channels.findOne(channelMembership.channelId);
var channelOwnerId = channelObj.createdBy;
if(channelOwnerId === userId) {
return true;
}
//Check if it is their membership
return (channelMembership.userId===userId);
},
update: function(userId, channelMembership) {
//Check to see if they are an admin
if(Roles.userIsInRole(loggedInUser, 'admin')) {
return true;
}
//Check to see if it their channel
var channelObj = Channels.findOne(channelMembership.channelId);
var channelOwnerId = channelObj.createdBy;
if(channelOwnerId === userId) {
return true;
}
//Check if it is their membership
return (channelMembership.userId===userId);
}
});
Messages.allow({
insert: function(userId, message) {
return (message.senderId===userId);
},
remove: function(userId, message) {
return (message.senderId===userId);
},
update: function(userId, message) {
return (message.senderId===userId);
}
});
}
if(Meteor.isClient) {
Meteor.subscribe('channels');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment