From 8613010630a30937feb172d2b3e6acfe106b19b4 Mon Sep 17 00:00:00 2001
From: Yaman <ybq987@gmail.com>
Date: Tue, 30 Dec 2014 11:35:40 -0500
Subject: [PATCH] allowed only one chromebook to each user and began security
 framework

---
 chromebook-checkout-meteor/client/chromebook.js | 12 +++++++++---
 chromebook-checkout-meteor/server/users.js      |  7 ++++++-
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/chromebook-checkout-meteor/client/chromebook.js b/chromebook-checkout-meteor/client/chromebook.js
index 10d8f91..8994f03 100644
--- a/chromebook-checkout-meteor/client/chromebook.js
+++ b/chromebook-checkout-meteor/client/chromebook.js
@@ -6,6 +6,8 @@ var statusmap = {
 
 Meteor.subscribe('chromebook');
 
+//Meteor.subscribe('user');
+
 Template.chromebook.helpers({
   status_class: function() {
     return statusmap[this.status];
@@ -24,13 +26,17 @@ Template.chromebook.helpers({
 
 Template.chromebook.events({
   'click .available': function() {
+    if (Chromebooks.findOne({userid: Meteor.userId()}) === undefined) {
     Chromebooks.update(this._id, {$set: {status: 1}});
     Chromebooks.update(this._id, {$set: {last_checkout: new Date()}});
     Chromebooks.update(this._id, {$set: {userid: Meteor.userId()}});
+    }
   },
   'click .checkedout': function() {
-    Chromebooks.update(this._id, {$set: {status: 0}});
-    Chromebooks.update(this._id, {$set: {last_checkout: null}});
-    Chromebooks.update(this._id, {$set: {userid: null}});
+    if (Meteor.userId() === this.userid) {
+      Chromebooks.update(this._id, {$set: {status: 0}});
+      Chromebooks.update(this._id, {$set: {last_checkout: null}});
+      Chromebooks.update(this._id, {$set: {userid: null}});
+    }
   }
 });
\ No newline at end of file
diff --git a/chromebook-checkout-meteor/server/users.js b/chromebook-checkout-meteor/server/users.js
index d03a7d4..b8c2724 100644
--- a/chromebook-checkout-meteor/server/users.js
+++ b/chromebook-checkout-meteor/server/users.js
@@ -2,9 +2,14 @@ Meteor.publish('chromebook', function() {
   return Chromebooks.find();
 });
 
+/*Meteor.publish('user', function() {
+  return Meteor.users.find({_id: this.userId},
+      {fields: {'_id': 1, 'profile.name': 1}});
+});
+*/
+
 var adminusers = [
   "ybq987@gmail.com",
-  // "ksjdragon@gmail.com",
   // "mminer@bloomfield.org",
   "qalieh.yaman90@bloomfield.org"
 ];