kjao/archive
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed Security :D git status!

Browse Source
This commit is contained in:
Yaman 2015-02-07 11:27:10 -05:00
parent 1f4d87e46e
commit 5eedb68e0f
6 changed files with 143 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
chromebook-checkout-meteor/client/admin.js
View File

@ -21,119 +21,34 @@ ReactiveTabs.createInterface({
}); });
Template.admin.events({ Template.admin.events({
"submit .add, click .add": function (event) { "submit .add, click .add": function () {
event.preventDefault(); Meteor.call('addchromebook', $("input[name='anumber']")[0].value, $("input[name='aserial']")[0].value);
var chromebook_number = $("input[name='anumber']")[0].value;
var chromebook_serial = $("input[name='aserial']")[0].value;
var currNumbers = Chromebooks.find({ number: chromebook_number }).fetch();
var currSerials = Chromebooks.find({ serial: chromebook_serial }).fetch();
if(currNumbers.length !== 0) {
alert("That Chromebook already exists!");
$("input[name='anumber']")[0].value = "";
$("input[name='anumber']")[0].focus();
throw new Error("That Chromebook already exists!");
}
if(currSerials.length !== 0) {
alert("That serial number already exists!");
$("input[name='aserial']")[0].value = "";
$("input[name='aserial']").focus();
throw new Error("That serial number already exists!");
}
if (!((chromebook_number === "") || (chromebook_serial === "")))
Chromebooks.insert({
"status": 0,
"userid": null,
"last_checkout": null,
"serial": chromebook_serial,
"number": chromebook_number
});
// Clear form
$("input[name='anumber']")[0].value = ""; $("input[name='anumber']")[0].value = "";
$("input[name='aserial']")[0].value = ""; $("input[name='aserial']")[0].value = "";
$("input[name='anumber']").focus(); $("input[name='anumber']")[0].focus();
// Prevent default form
return false; return false;
}, },
"submit .addc, click .addc": function (event) { "submit .addc, click .addc": function (event) {
event.preventDefault(); Meteor.call('addcart', $("input[name='acnumber']")[0].value);
var cart_number = $("input[name='acnumber']")[0].value;
var currCName = carts.find({ number: cart_number }).fetch()
if(currCName.length !== 0) {
alert("That cart already exists!");
$("input[name='acnumber']")[0].value = "";
$("input[name='acnumber']").focus();
throw new Error("That cart already exists!");
}
if (!((cart_number === "")))
carts.insert({
"status": 0,
"userid": null,
"last_checkout": null,
"number": cart_number
});
// Clear form
$("input[name='acnumber']")[0].value = ""; $("input[name='acnumber']")[0].value = "";
// Prevent default form
return false; return false;
}, },
'click .cross' : function() { 'click .cross' : function() {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) { Meteor.call('removechromebook', this);
Chromebooks.remove(this._id);
}
}, },
'click .crossc' : function() { 'click .crossc' : function() {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) { Meteor.call('removecart', this);
carts.remove(this._id);
}
}, },
'click .yieldc' : function() { 'click .yieldc' : function() {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) { Meteor.call('yieldcart', this);
if (this.status === 0) {
carts.update(this._id, {$set: {status: 2}});
}
else if (this.status === 1) {
carts.update(this._id, {$set: {status: 2}});
}
else {
carts.update(this._id, {$set: {status: 0}});
carts.update(this._id, {$set: {last_checkout: null}});
carts.update(this._id, {$set: {userid: null}});
carts.update(this._id, {$set: {user: null}});
}
}
else {
alert("Access Denied");
}
}, },
'click .yield' : function() { 'click .yield' : function() {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) { Meteor.call('yieldchromebook', this);
if (this.status === 0) {
Chromebooks.update(this._id, {$set: {status: 2}});
Chromebooks.update(this._id, {$set: {user: null}});
}
else if (this.status ===1) {
Chromebooks.update(this._id, {$set: {status: 2}});
}
else {
Chromebooks.update(this._id, {$set: {status: 0}});
Chromebooks.update(this._id, {$set: {last_checkout: null}});
Chromebooks.update(this._id, {$set: {userid: null}});
}
}
else {
alert("Access Denied");
}
} }
}); });

15
chromebook-checkout-meteor/client/cart.js
View File

@ -24,20 +24,9 @@ Template.cart.helpers({
Template.cart.events({ Template.cart.events({
'click .available': function() { 'click .available': function() {
if ((carts.findOne({userid: Meteor.userId()}) === undefined) Meteor.call('availablecart', this);
|| (Roles.userIsInRole(Meteor.userId(), ['admin', 'teacher']))) {
carts.update(this._id, {$set: {status: 1}});
carts.update(this._id, {$set: {last_checkout: new Date()}});
carts.update(this._id, {$set: {userid: Meteor.userId()}});
carts.update(this._id, {$set: {user: Meteor.user().profile.name}});
}
}, },
'click .checkedout': function() { 'click .checkedout': function() {
if (Meteor.userId() === this.userid) { Meteor.call('checkedoutcart', this);
carts.update(this._id, {$set: {status: 0}});
carts.update(this._id, {$set: {last_checkout: null}});
carts.update(this._id, {$set: {userid: null}});
carts.update(this._id, {$set: {user: null}});
}
} }
}); });

28
chromebook-checkout-meteor/client/checkout.js
View File

@ -12,31 +12,3 @@ Template.checkout.rendered = function() {
alwaysShowScrollbar: 2 alwaysShowScrollbar: 2
}); });
} }
Object.defineProperty(window, "console", {
value: console,
writable: false,
configurable: false
});
var i = 0;
function showWarningAndThrow() {
if (!i) {
setTimeout(function () {
console.log("%cWarning message", "font: 2em sans-serif; color: yellow; background-color: red;");
}, 1);
i = 1;
}
throw "Console is disabled";
}
var l, n = {
set: function (o) {
l = o;
},
get: function () {
showWarningAndThrow();
return l;
}
};
Object.defineProperty(console, "_commandLineAPI", n);
Object.defineProperty(console, "__commandLineAPI", n);

15
chromebook-checkout-meteor/client/chromebook.js
View File

@ -25,21 +25,10 @@ Template.chromebook.helpers({
Template.chromebook.events({ Template.chromebook.events({
'click .available': function() { 'click .available': function() {
if ((Chromebooks.findOne({userid: Meteor.userId()}) === undefined) Meteor.call('availablechromebook', this);
|| (Roles.userIsInRole(Meteor.userId(), ['admin', 'teacher']))) {
Chromebooks.update(this._id, {$set: {status: 1}});
Chromebooks.update(this._id, {$set: {last_checkout: new Date()}});
Chromebooks.update(this._id, {$set: {userid: Meteor.userId()}});
Chromebooks.update(this._id, {$set: {user: Meteor.user().profile.name}});
}
}, },
'click .checkedout': function() { 'click .checkedout': function() {
if (Meteor.userId() === this.userid) { Meteor.call('checkedoutchromebook', this);
Chromebooks.update(this._id, {$set: {status: 0}});
Chromebooks.update(this._id, {$set: {last_checkout: null}});
Chromebooks.update(this._id, {$set: {userid: null}});
Chromebooks.update(this._id, {$set: {user: null}});
}
} }
}); });

118
chromebook-checkout-meteor/server/checkingout.js Normal file
View File

@ -0,0 +1,118 @@
Meteor.methods({
availablechromebook: function(chrome) {
if ((Chromebooks.findOne({userid: Meteor.userId()}) === undefined)
|| (Roles.userIsInRole(Meteor.userId(), ['admin', 'teacher']))) {
Chromebooks.update(chrome._id, {$set: {status: 1}});
Chromebooks.update(chrome._id, {$set: {last_checkout: new Date()}});
Chromebooks.update(chrome._id, {$set: {userid: Meteor.userId()}});
Chromebooks.update(chrome._id, {$set: {user: Meteor.user().profile.name}});
}
},
checkedoutchromebook: function(chrome) {
if (Meteor.userId() === chrome.userid) {
Chromebooks.update(chrome._id, {$set: {status: 0}});
Chromebooks.update(chrome._id, {$set: {last_checkout: null}});
Chromebooks.update(chrome._id, {$set: {userid: null}});
Chromebooks.update(chrome._id, {$set: {user: null}});
}
},
addchromebook: function(chromebook_number, chromebook_serial) {
var currNumbers = Chromebooks.find({ number: chromebook_number }).fetch();
var currSerials = Chromebooks.find({ serial: chromebook_serial }).fetch();
if (Roles.userIsInRole(Meteor.userId(), ['admin']) &&
!((currNumbers.length != 0)
|| (currSerials.length != 0)
|| (chromebook_number == "")
|| (chromebook_serial == ""))) {
Chromebooks.insert({
"status": 0,
"userid": null,
"last_checkout": null,
"serial": chromebook_serial,
"number": chromebook_number
});
}
},
addcart: function(cart_number) {
var currCName = carts.find({ number: cart_number }).fetch()
if ((currCName.length == 0)
&& (cart_number != "")
&& ((Roles.userIsInRole(Meteor.userId(), ['admin'])))) {
carts.insert({
"status": 0,
"userid": null,
"last_checkout": null,
"number": cart_number
});
}
},
removechromebook: function(chrome) {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) {
Chromebooks.remove(chrome._id);
}
},
removecart: function(chrome) {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) {
carts.remove(chrome._id);
}
},
yieldchromebook: function(chrome) {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) {
if (chrome.status === 0) {
Chromebooks.update(chrome._id, {$set: {status: 2}});
Chromebooks.update(chrome._id, {$set: {user: null}});
}
else if (chrome.status ===1) {
Chromebooks.update(chrome._id, {$set: {status: 2}});
}
else {
Chromebooks.update(chrome._id, {$set: {status: 0}});
Chromebooks.update(chrome._id, {$set: {last_checkout: null}});
Chromebooks.update(chrome._id, {$set: {userid: null}});
}
}
else {
alert("Access Denied");
}
},
yieldcart: function(chrome) {
if (Roles.userIsInRole(Meteor.userId(), ['admin'])) {
if (chrome.status === 0) {
carts.update(chrome._id, {$set: {status: 2}});
}
else if (chrome.status === 1) {
carts.update(chrome._id, {$set: {status: 2}});
}
else {
carts.update(chrome._id, {$set: {status: 0}});
carts.update(chrome._id, {$set: {last_checkout: null}});
carts.update(chrome._id, {$set: {userid: null}});
carts.update(chrome._id, {$set: {user: null}});
}
}
else {
alert("Access Denied");
}
},
availablecart: function(chrome) {
if ((carts.findOne({userid: Meteor.userId()}) === undefined)
|| (Roles.userIsInRole(Meteor.userId(), ['admin', 'teacher']))) {
carts.update(chrome._id, {$set: {status: 1}});
carts.update(chrome._id, {$set: {last_checkout: new Date()}});
carts.update(chrome._id, {$set: {userid: Meteor.userId()}});
carts.update(chrome._id, {$set: {user: Meteor.user().profile.name}});
}
},
checkedoutcart: function(chrome) {
if (Meteor.userId() === chrome.userid) {
carts.update(chrome._id, {$set: {status: 0}});
carts.update(chrome._id, {$set: {last_checkout: null}});
carts.update(chrome._id, {$set: {userid: null}});
carts.update(chrome._id, {$set: {user: null}});
}
}
})

18
chromebook-checkout-meteor/server/users.js
View File

@ -1,3 +1,9 @@
if (Meteor.isClient) {
Chromebooks.permit(['insert', 'update', 'remove']).never().apply();
carts.permit(['insert', 'update', 'remove']).never().apply();
};
Meteor.publish('chromebook', function() { Meteor.publish('chromebook', function() {
if (Roles.userIsInRole(this.userId, ['admin'])) { if (Roles.userIsInRole(this.userId, ['admin'])) {
@ -16,18 +22,8 @@ Meteor.publish('carts', function() {
} }
}); });
Chromebooks.permit(['insert', 'update', 'remove']).ifHasRole('admin').apply();
carts.permit(['insert', 'update', 'remove']).ifHasRole(['admin', 'teacher']).apply();
/*if ( Check if Meteor.userId() != Current logged in user Meteor.userId if they update hack way ) {
Chromebooks.update
}
*/
var adminusers = [ var adminusers = [
//Add all Users here //Add all Admins here
"mminer@bloomfield.org", "mminer@bloomfield.org",
"qalieh.yaman90@bloomfield.org", "qalieh.yaman90@bloomfield.org",
"ksjdragon@gmail.com", "ksjdragon@gmail.com",