add permissions and fix profile/publishing bugs

2016-08-13 09:02:04 -04:00 · 2016-08-13 09:02:04 -04:00 · 6c2e98e6d0
commit 6c2e98e6d0
parent 0afd5c2ba1
4 changed files with 12 additions and 8 deletions
--- a/hourglass/.meteor/packages
+++ b/hourglass/.meteor/packages
@ -17,7 +17,6 @@ standard-minifier-js@1.1.8    # JS minifier run for production mode
 es5-shim@4.6.13                # ECMAScript 5 compatibility for older browsers.
 ecmascript@0.5.7              # Enable ECMAScript2015+ syntax in app code
 insecure@1.0.7                # Allow all DB writes from clients (for prototyping)
 fortawesome:fontawesome
 session
 proyk:meteor-cookies
--- a/hourglass/.meteor/versions
+++ b/hourglass/.meteor/versions
@ -41,7 +41,6 @@ html-tools@1.0.10
 htmljs@1.0.10
 http@1.1.8
 id-map@1.0.8
 insecure@1.0.7
 iron:controller@1.0.12
 iron:core@1.0.11
 iron:dynamic-template@1.0.12
--- a/hourglass/client/profile/profile.js
+++ b/hourglass/client/profile/profile.js
@ -95,7 +95,7 @@ Template.profile.helpers({
    avatar() {
        var dim = window.innerWidth * 1600 / 1920 * 0.16;
        if (Meteor.user().profile.avatar) {
-            var pic = Meteor.user().profile.avatar;
+            var pic = Meteor.user().profile.avatar + ".png";
        } else {
            var pic = "Avatars/" + (Math.floor(Math.random() * (11 - 1)) + 1).toString(); + ".png";
            currentprofile = Meteor.user().profile;
--- a/hourglass/server/main.js
+++ b/hourglass/server/main.js
@ -42,7 +42,7 @@ Meteor.publish('classes', function() {
                privacy: false
            }, {
                _id: {
-                    $in: this.user().profile.classes
+                    $in: Meteor.users.findOne(this.userId).profile.classes
                }
            }]
        }, {
@ -70,13 +70,15 @@ Meteor.publish('work', function() {
    } else {
        return work.find({
            class: {
-                $in: this.user().profile.classes
+                $in: Meteor.users.findOne(this.userId).profile.classes
            }
        });
    }
 });
 Security.permit(['insert', 'update', 'remove']).collections([schools, classes, work]).ifHasRole('superadmin');
 Meteor.methods({
    'genCode': function() {
        return 'xxxxxx'.replace(/[x]/g, _uuid4);
@ -202,7 +204,7 @@ Meteor.methods({
                Meteor.update({_id: change._id}, {$set: {name: change.name, dueDate: change.dueDate, attachments: change.attachments, type: change.type}});
            }
        } else {
-            throw "Unauthorized."
+            throw "Unauthorized.";
        }
    },
    'addComment': function(input) {
@ -221,7 +223,7 @@ Meteor.methods({
        var currentclass = classes.findOne({_id: workobject.class});
        if (currentclass.subscribers.indexOf(Meteor.userId()) != -1 &&
            ["confirmations", "reports", "done"].indexOf(input[1]) != -1) {
-            userindex = workobject[input[1]].indexOf(Meteor.userId())
+            userindex = workobject[input[1]].indexOf(Meteor.userId());
            if (userindex === -1) {
                workobject[input[1]] = workobject[input[1]].push(Meteor.userId());
            } else {
@ -245,6 +247,10 @@ Meteor.methods({
        var current = Meteor.user().profile;
        current.school = change.school;
        current.grade = change.grade;
        current.classes = change.classes;
        if (!current.classes) {
            current.classes = [];
        }
        current.description = change.description;
        current.avatar = change.avatar;
        current.banner = change.banner;
@ -332,4 +338,4 @@ Meteor.methods({
            Roles.removeUsersToRoles(userId, ['admin']);
        }
    }
-});
+});