Merge branch 'soohwa-1285-feature-disable-user' into devel

REST API: - Disable and enable user login. - Take ownership boards of a user. - List boards of user. Thanks to soohwa ! Closes #1285, closes #1220, closes #1118
2026-01-06 01:28:49 +01:00 · 2017-10-20 14:29:32 +03:00 · 2017-10-20 14:29:32 +03:00 · b92cde23aa
commit b92cde23aa
parent 93d8a3f88a 21f76bcacc
4 changed files with 61 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,11 @@
+# Upcoming Wekan release
+
+This release adds the following new features:
+
+* [REST API: Disable and enable user login. Take ownership boards of a user. List boards of user.](https://github.com/wekan/wekan/pull/1296)
+
+Thanks to GitHub user soohwa for contributions.
+
 # v0.50 2017-10-10 Wekan release

 This release fixes the following bugs:
--- a/models/boards.js
+++ b/models/boards.js
@ -298,6 +298,15 @@ Boards.mutations({
    return { $pull: { labels: { _id: labelId } } };
  },

+  changeOwnership(fromId, toId) {
+    const memberIndex = this.memberIndex(fromId);
+    return {
+      $set: {
+        [`members.${memberIndex}.userId`]: toId,
+      },
+    };
+  },
+
  addMember(memberId) {
    const memberIndex = this.memberIndex(memberId);
    if (memberIndex >= 0) {
@ -565,7 +574,7 @@ if (Meteor.isServer) {

    const data = Boards.find({
      archived: false,
-      'members.userId': req.userId,
+      'members.userId': paramUserId,
    }, {
      sort: ['title'],
    }).map(function(board) {
--- a/models/users.js
+++ b/models/users.js
@ -112,6 +112,10 @@ Users.attachSchema(new SimpleSchema({
    type: Boolean,
    optional: true,
  },
+  loginDisabled: {
+    type: Boolean,
+    optional: true,
+  },
 }));

 // Search a user in the complete server database by its name or username. This
@ -597,6 +601,40 @@ if (Meteor.isServer) {
      data: Meteor.users.findOne({ _id: id }),
    });
  });
+  JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
+    Authentication.checkUserId( req.userId);
+    const id = req.params.id;
+    const action = req.body.action;
+    let data = Meteor.users.findOne({ _id: id });
+    if (data !== undefined) {
+      if (action === 'takeOwnership') {
+        data = Boards.find({
+          'members.userId': id,
+          'members.isAdmin': true,
+        }).map(function(board) {
+          if (board.hasMember(req.userId)) {
+            board.removeMember(req.userId);
+          }
+          board.changeOwnership(id, req.userId);
+          return {
+            _id: board._id,
+            title: board.title,
+          };
+        });
+      } else {
+        if ((action === 'disableLogin') && (id !== req.userId)) {
+          Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
+        } else if (action === 'enableLogin') {
+          Users.update({ _id: id }, { $set: { loginDisabled: '' } });
+        }
+        data = Meteor.users.findOne({ _id: id });
+      }
+    }
+    JsonRoutes.sendResult(res, {
+      code: 200,
+      data,
+    });
+  });
  JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
    Authentication.checkUserId( req.userId);
    const id = Accounts.createUser({
--- a/server/authentication.js
+++ b/server/authentication.js
@ -1,4 +1,9 @@
 Meteor.startup(() => {
+
+  Accounts.validateLoginAttempt(function (options) {
+    return !options.user.loginDisabled;
+  });
+
  Authentication = {};

  Authentication.checkUserId = function (userId) {