diff --git a/chromebook-checkout-meteor/client/chromebook.html b/chromebook-checkout-meteor/client/chromebook.html
index c193fbf..8aade37 100644
--- a/chromebook-checkout-meteor/client/chromebook.html
+++ b/chromebook-checkout-meteor/client/chromebook.html
@@ -3,7 +3,7 @@
   	<p class="pure-u-3-5">Chromebook #{{number}}</p> 
   	  {{#if status }}
   	  	<div class="timestamp pure-u-2-5">
-  	  		<p class="user"> <b>{{username}}</b></p>
+  	  		<p class="user"> <b>{{user}}</b></p>
   	  		<p class="time">{{time_ago}}</p>
   	  	</div>
   	  {{/if}}
diff --git a/chromebook-checkout-meteor/client/chromebook.js b/chromebook-checkout-meteor/client/chromebook.js
index 8994f03..b0890df 100644
--- a/chromebook-checkout-meteor/client/chromebook.js
+++ b/chromebook-checkout-meteor/client/chromebook.js
@@ -18,18 +18,16 @@ Template.chromebook.helpers({
     } else {
       return moment(this.last_checkout).fromNow();      
     }
-  },
-  username: function() {
-    return Meteor.users.findOne({_id: this.userid}).profile.name;
   }
 });
 
 Template.chromebook.events({
   'click .available': function() {
     if (Chromebooks.findOne({userid: Meteor.userId()}) === undefined) {
-    Chromebooks.update(this._id, {$set: {status: 1}});
-    Chromebooks.update(this._id, {$set: {last_checkout: new Date()}});
-    Chromebooks.update(this._id, {$set: {userid: Meteor.userId()}});
+      Chromebooks.update(this._id, {$set: {status: 1}});
+      Chromebooks.update(this._id, {$set: {last_checkout: new Date()}});
+      Chromebooks.update(this._id, {$set: {userid: Meteor.userId()}});
+      Chromebooks.update(this._id, {$set: {user: Meteor.user().profile.name}});
     }
   },
   'click .checkedout': function() {
diff --git a/chromebook-checkout-meteor/server/users.js b/chromebook-checkout-meteor/server/users.js
index 2b73f69..aacaf2a 100644
--- a/chromebook-checkout-meteor/server/users.js
+++ b/chromebook-checkout-meteor/server/users.js
@@ -1,24 +1,30 @@
 Meteor.publish('chromebook', function() {
-  //return Chromebooks.find({}, {fields: {number: 1, status: 1, userid: 1, last_checkout: 1}});
-  /*
-    if (Meteor.user().roles === ['admin']) {
+  // return Chromebooks.find({}, {fields: {number: 1, status: 1, userid: 1, last_checkout: 1}});
+
+  // var user = Meteor.user();
+  // console.log("user:", user);
+  // var field;
+
+  // if (user && user.roles[0] == 'admin') {
+  //   field = {number: 1, status: 1, userid: 1, last_checkout: 1, serial: 1};
+  // }
+  // else {
+  //   field = {number: 1, status: 1, userid: 1, last_checkout: 1};
+  // }
+  // console.log("field:", field);
+  // return Chromebooks.find({}, {fields: field});
+
+  if (Roles.userIsInRole(this.userId, ['admin'])) {
+
     return Chromebooks.find();
-  }
-  else {
-    return Chromebooks.find({}, {fields: {number: 1, status: 1, userid: 1, last_checkout: 1}});
-  }
-  */
 
-  var user = Meteor.user();
-  var field;
+  } else {
+
+    // user not authorized. do not publish secrets
+    this.stop();
+    return;
 
-  if (user && user.roles[0] === 'admin') {
-    field = {number: 1, status: 1, userid: 1, last_checkout: 1, serial: 1};
   }
-  else {
-    field = {number: 1, status: 1, userid: 1, last_checkout: 1};
-  }
-  return Chromebooks.find({}, {fields: field});
 });
 
 Meteor.publish('user', function() {
@@ -40,15 +46,15 @@ for (var i = 0; i < adminusers.length; i++) {
   }
 };
 
-Accounts.validateNewUser(function (user) {
-  var loggedInUser = Meteor.user();
+// Accounts.validateNewUser(function (user) {
+//   var loggedInUser = Meteor.user();
 
-  if (Roles.userIsInRole(loggedInUser, ['admin'])) {
-    return true;
-  }
+//   if (Roles.userIsInRole(loggedInUser, ['admin'])) {
+//     return true;
+//   }
 
-  throw new Meteor.Error(403, "Not authorized to create new users");
-});
+//   throw new Meteor.Error(403, "Not authorized to create new users");
+// });
 
 Meteor.methods({
   deleteUser: function (targetUserId, group) {