Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-17 07:50:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

direct hook to bypass the checking step with API request

Browse source
This commit is contained in:
zago 2017-07-19 10:27:23 +02:00
parent cbcf10a02b
commit e2ee005a5f
2 changed files with 186 additions and 141 deletions
Download patch file Download diff file Expand all files Collapse all files

24
models/cardComments.js
View file

@ -56,6 +56,16 @@ CardComments.helpers({
CardComments.hookOptions.after.update = { fetchPrevious: false }; CardComments.hookOptions.after.update = { fetchPrevious: false };
function commentCreation(userId, doc){
Activities.insert({
userId,
activityType: 'addComment',
boardId: doc.boardId,
cardId: doc.cardId,
commentId: doc._id,
});
}
if (Meteor.isServer) { if (Meteor.isServer) {
// Comments are often fetched within a card, so we create an index to make these // Comments are often fetched within a card, so we create an index to make these
// queries more efficient. // queries more efficient.
@ -64,13 +74,7 @@ if (Meteor.isServer) {
}); });
CardComments.after.insert((userId, doc) => { CardComments.after.insert((userId, doc) => {
Activities.insert({ commentCreation(userId, doc);
userId,
activityType: 'addComment',
boardId: doc.boardId,
cardId: doc.cardId,
commentId: doc._id,
});
}); });
CardComments.after.remove((userId, doc) => { CardComments.after.remove((userId, doc) => {
@ -114,12 +118,16 @@ if (Meteor.isServer) {
Authentication.checkUserId( req.userId); Authentication.checkUserId( req.userId);
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramCardId = req.params.cardId; const paramCardId = req.params.cardId;
const id = CardComments.insert({ const id = CardComments.direct.insert({
userId: req.body.authorId, userId: req.body.authorId,
text: req.body.comment, text: req.body.comment,
cardId: paramCardId, cardId: paramCardId,
boardId: paramBoardId, boardId: paramBoardId,
}); });
const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId });
commentCreation(req.body.authorId, cardComment);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {

187
models/cards.js
View file

@ -123,15 +123,15 @@ Cards.helpers({
}, },
activities() { activities() {
return Activities.find({ cardId: this._id }, { sort: { createdAt: -1 } }); return Activities.find({cardId: this._id}, {sort: {createdAt: -1}});
}, },
comments() { comments() {
return CardComments.find({ cardId: this._id }, { sort: { createdAt: -1 } }); return CardComments.find({cardId: this._id}, {sort: {createdAt: -1}});
}, },
attachments() { attachments() {
return Attachments.find({ cardId: this._id }, { sort: { uploadedAt: -1 } }); return Attachments.find({cardId: this._id}, {sort: {uploadedAt: -1}});
}, },
cover() { cover() {
@ -142,7 +142,7 @@ Cards.helpers({
}, },
checklists() { checklists() {
return Checklists.find({ cardId: this._id }, { sort: { createdAt: 1 } }); return Checklists.find({cardId: this._id}, {sort: {createdAt: 1}});
}, },
checklistItemCount() { checklistItemCount() {
@ -183,35 +183,35 @@ Cards.helpers({
Cards.mutations({ Cards.mutations({
archive() { archive() {
return { $set: { archived: true } }; return {$set: {archived: true}};
}, },
restore() { restore() {
return { $set: { archived: false } }; return {$set: {archived: false}};
}, },
setTitle(title) { setTitle(title) {
return { $set: { title } }; return {$set: {title}};
}, },
setDescription(description) { setDescription(description) {
return { $set: { description } }; return {$set: {description}};
}, },
move(listId, sortIndex) { move(listId, sortIndex) {
const mutatedFields = { listId }; const mutatedFields = {listId};
if (sortIndex) { if (sortIndex) {
mutatedFields.sort = sortIndex; mutatedFields.sort = sortIndex;
} }
return { $set: mutatedFields }; return {$set: mutatedFields};
}, },
addLabel(labelId) { addLabel(labelId) {
return { $addToSet: { labelIds: labelId } }; return {$addToSet: {labelIds: labelId}};
}, },
removeLabel(labelId) { removeLabel(labelId) {
return { $pull: { labelIds: labelId } }; return {$pull: {labelIds: labelId}};
}, },
toggleLabel(labelId) { toggleLabel(labelId) {
@ -223,11 +223,11 @@ Cards.mutations({
}, },
assignMember(memberId) { assignMember(memberId) {
return { $addToSet: { members: memberId } }; return {$addToSet: {members: memberId}};
}, },
unassignMember(memberId) { unassignMember(memberId) {
return { $pull: { members: memberId } }; return {$pull: {members: memberId}};
}, },
toggleMember(memberId) { toggleMember(memberId) {
@ -239,49 +239,47 @@ Cards.mutations({
}, },
setCover(coverId) { setCover(coverId) {
return { $set: { coverId } }; return {$set: {coverId}};
}, },
unsetCover() { unsetCover() {
return { $unset: { coverId: '' } }; return {$unset: {coverId: ''}};
}, },
setStart(startAt) { setStart(startAt) {
return { $set: { startAt } }; return {$set: {startAt}};
}, },
unsetStart() { unsetStart() {
return { $unset: { startAt: '' } }; return {$unset: {startAt: ''}};
}, },
setDue(dueAt) { setDue(dueAt) {
return { $set: { dueAt } }; return {$set: {dueAt}};
}, },
unsetDue() { unsetDue() {
return { $unset: { dueAt: '' } }; return {$unset: {dueAt: ''}};
}, },
}); });
if (Meteor.isServer) {
// Cards are often fetched within a board, so we create an index to make these
// queries more efficient.
Meteor.startup(() => {
Cards._collection._ensureIndex({ boardId: 1, createdAt: -1 });
});
Cards.after.insert((userId, doc) => { //FUNCTIONS FOR creation of Activities
function cardMove(userId, doc, fieldNames, oldListId) {
if (_.contains(fieldNames, 'listId') && doc.listId !== oldListId) {
Activities.insert({ Activities.insert({
userId, userId,
activityType: 'createCard', oldListId,
boardId: doc.boardId, activityType: 'moveCard',
listId: doc.listId, listId: doc.listId,
boardId: doc.boardId,
cardId: doc._id, cardId: doc._id,
}); });
}); }
}
// New activity for card (un)archivage function cardState(userId, doc, fieldNames) {
Cards.after.update((userId, doc, fieldNames) => {
if (_.contains(fieldNames, 'archived')) { if (_.contains(fieldNames, 'archived')) {
if (doc.archived) { if (doc.archived) {
Activities.insert({ Activities.insert({
@ -301,25 +299,9 @@ if (Meteor.isServer) {
}); });
} }
} }
}); }
// New activity for card moves function cardMembers(userId, doc, fieldNames, modifier) {
Cards.after.update(function (userId, doc, fieldNames) {
const oldListId = this.previous.listId;
if (_.contains(fieldNames, 'listId') && doc.listId !== oldListId) {
Activities.insert({
userId,
oldListId,
activityType: 'moveCard',
listId: doc.listId,
boardId: doc.boardId,
cardId: doc._id,
});
}
});
// Add a new activity if we add or remove a member to the card
Cards.before.update((userId, doc, fieldNames, modifier) => {
if (!_.contains(fieldNames, 'members')) if (!_.contains(fieldNames, 'members'))
return; return;
let memberId; let memberId;
@ -351,11 +333,19 @@ if (Meteor.isServer) {
}); });
} }
} }
}); }
// Remove all activities associated with a card if we remove the card function cardCreation(userId, doc) {
// Remove also card_comments / checklists / attachments Activities.insert({
Cards.after.remove((userId, doc) => { userId,
activityType: 'createCard',
boardId: doc.boardId,
listId: doc.listId,
cardId: doc._id,
});
}
function cardRemover(userId, doc) {
Activities.remove({ Activities.remove({
cardId: doc._id, cardId: doc._id,
}); });
@ -368,6 +358,40 @@ if (Meteor.isServer) {
Attachments.remove({ Attachments.remove({
cardId: doc._id, cardId: doc._id,
}); });
}
if (Meteor.isServer) {
// Cards are often fetched within a board, so we create an index to make these
// queries more efficient.
Meteor.startup(() => {
Cards._collection._ensureIndex({boardId: 1, createdAt: -1});
});
Cards.after.insert((userId, doc) => {
cardCreation(userId, doc);
});
// New activity for card (un)archivage
Cards.after.update((userId, doc, fieldNames) => {
cardState(userId, doc, fieldNames);
});
//New activity for card moves
Cards.after.update(function (userId, doc, fieldNames) {
const oldListId = this.previous.listId;
cardMove(userId, doc, fieldNames, oldListId);
});
// Add a new activity if we add or remove a member to the card
Cards.before.update((userId, doc, fieldNames, modifier) => {
cardMembers(userId, doc, fieldNames, modifier);
});
// Remove all activities associated with a card if we remove the card
// Remove also card_comments / checklists / attachments
Cards.after.remove((userId, doc) => {
cardRemover(userId, doc);
}); });
} }
//LISTS REST API //LISTS REST API
@ -375,10 +399,10 @@ if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId/cards', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId/cards', function (req, res, next) {
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramListId = req.params.listId; const paramListId = req.params.listId;
Authentication.checkBoardAccess( req.userId, paramBoardId); Authentication.checkBoardAccess(req.userId, paramBoardId);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Cards.find({ boardId: paramBoardId, listId: paramListId, archived: false }).map(function (doc) { data: Cards.find({boardId: paramBoardId, listId: paramListId, archived: false}).map(function (doc) {
return { return {
_id: doc._id, _id: doc._id,
title: doc.title, title: doc.title,
@ -392,20 +416,20 @@ if (Meteor.isServer) {
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramListId = req.params.listId; const paramListId = req.params.listId;
const paramCardId = req.params.cardId; const paramCardId = req.params.cardId;
Authentication.checkBoardAccess( req.userId, paramBoardId); Authentication.checkBoardAccess(req.userId, paramBoardId);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Cards.findOne({ _id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false }), data: Cards.findOne({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false}),
}); });
}); });
JsonRoutes.add('POST', '/api/boards/:boardId/lists/:listId/cards', function (req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/lists/:listId/cards', function (req, res, next) {
Authentication.checkUserId( req.userId); Authentication.checkUserId(req.userId);
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramListId = req.params.listId; const paramListId = req.params.listId;
const check = Users.findOne({_id:req.body.authorId}); const check = Users.findOne({_id: req.body.authorId});
if(typeof check !== 'undefined') { if (typeof check !== 'undefined') {
const id = Cards.insert({ const id = Cards.direct.insert({
title: req.body.title, title: req.body.title,
boardId: paramBoardId, boardId: paramBoardId,
listId: paramListId, listId: paramListId,
@ -420,7 +444,11 @@ if (Meteor.isServer) {
_id: id, _id: id,
}, },
}); });
}else{
const card = Cards.findOne({_id:id});
cardCreation(req.body.authorId, card);
} else {
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 401, code: 401,
}); });
@ -428,24 +456,29 @@ if (Meteor.isServer) {
}); });
JsonRoutes.add('PUT', '/api/boards/:boardId/lists/:listId/cards/:cardId', function (req, res, next) { JsonRoutes.add('PUT', '/api/boards/:boardId/lists/:listId/cards/:cardId', function (req, res, next) {
Authentication.checkUserId( req.userId); Authentication.checkUserId(req.userId);
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramCardId = req.params.cardId; const paramCardId = req.params.cardId;
const paramListId = req.params.listId; const paramListId = req.params.listId;
if(req.body.hasOwnProperty('title')){
if (req.body.hasOwnProperty('title')) {
const newTitle = req.body.title; const newTitle = req.body.title;
Cards.update({ _id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false }, Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
{$set:{title:newTitle}}); {$set: {title: newTitle}});
} }
if(req.body.hasOwnProperty('listId')){ if (req.body.hasOwnProperty('listId')) {
const newParamListId = req.body.listId; const newParamListId = req.body.listId;
Cards.update({ _id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false }, Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
{$set:{listId:newParamListId}}); {$set: {listId: newParamListId}});
const card = Cards.findOne({_id: paramCardId} );
cardMove(req.body.authorId, card, {fieldName: 'listId'}, paramListId);
} }
if(req.body.hasOwnProperty('description')){ if (req.body.hasOwnProperty('description')) {
const newDescription = req.body.description; const newDescription = req.body.description;
Cards.update({ _id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false }, Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
{$set:{description:newDescription}}); {$set: {description: newDescription}});
} }
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
@ -457,16 +490,20 @@ if (Meteor.isServer) {
JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId/cards/:cardId', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId/cards/:cardId', function (req, res, next) {
Authentication.checkUserId( req.userId); Authentication.checkUserId(req.userId);
const paramBoardId = req.params.boardId; const paramBoardId = req.params.boardId;
const paramListId = req.params.listId; const paramListId = req.params.listId;
const paramCardId = req.params.cardId; const paramCardId = req.params.cardId;
Cards.remove({ _id: paramCardId, listId: paramListId, boardId: paramBoardId });
Cards.direct.remove({_id: paramCardId, listId: paramListId, boardId: paramBoardId});
const card = Cards.find({_id: paramCardId} );
cardRemover(req.body.authorId, card);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: paramCardId, _id: paramCardId,
}, },
}); });
}); });
} }