Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 23:40:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

v3.22

Browse source
This commit is contained in:
Lauri Ojansivu 2019-08-20 19:25:37 +03:00
parent e9bbbb6a04
commit f96c1eda70
7 changed files with 36 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

39
models/users.js
View file

@ -259,21 +259,38 @@ Users.attachSchema(
Users.before.update(function(userId, fieldNames) {
const user = Users.findOne({ _id: userId });
if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) { return true; }
if (!user) { return false; }
if (_.contains(fieldNames, 'services')) { return false; }
if (_.contains(fieldNames, 'heartBeat')) { return false; }
if (_.contains(fieldNames, 'isAdmin')) { return false; }
if (_.contains(fieldNames, 'loginDisabled')) { return false; }
if (_.contains(fieldNames, 'authenticationMethod')) { return false; }
if ((user && user.isAdmin) || (Meteor.user() && Meteor.user().isAdmin)) {
return true;
}
if (!user) {
return false;
}
if (_.contains(fieldNames, 'services')) {
return false;
}
if (_.contains(fieldNames, 'heartBeat')) {
return false;
}
if (_.contains(fieldNames, 'isAdmin')) {
return false;
}
if (_.contains(fieldNames, 'loginDisabled')) {
return false;
}
if (_.contains(fieldNames, 'authenticationMethod')) {
return false;
}
});
Users.allow({
update(userId, doc) {
const user = Users.findOne({ _id: userId });
if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) return true;
if (!user) { return false; }
return doc._id === userId;
const user = Users.findOne({ _id: userId });
if ((user && user.isAdmin) || (Meteor.user() && Meteor.user().isAdmin))
return true;
if (!user) {
return false;
}
return doc._id === userId;
},
remove(userId, doc) {
const adminsNumber = Users.find({ isAdmin: true }).count();