kjao/archive
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

plz work security

Browse Source
This commit is contained in:
yamanq 2015-02-02 00:03:48 -05:00
parent df9796994e
commit a94a648b0b
5 changed files with 31 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
chromebook-checkout-meteor/.meteor/packages
View File

@ -16,3 +16,4 @@ templates:tabs
accounts-ui accounts-ui
percolate:momentum percolate:momentum
maazalik:malihu-jquery-custom-scrollbar maazalik:malihu-jquery-custom-scrollbar
ongoworks:security

1
chromebook-checkout-meteor/.meteor/versions
View File

@ -54,6 +54,7 @@ mrt:purecss@0.6.0
oauth@1.1.3 oauth@1.1.3
oauth2@1.1.2 oauth2@1.1.2
observe-sequence@1.0.4 observe-sequence@1.0.4
ongoworks:security@1.0.1
ordered-dict@1.0.2 ordered-dict@1.0.2
percolate:momentum@0.7.0 percolate:momentum@0.7.0
percolate:velocityjs@1.1.0 percolate:velocityjs@1.1.0

24
chromebook-checkout-meteor/collections/carts.js
View File

@ -1,13 +1,13 @@
carts = new Mongo.Collection("carts"); carts = new Mongo.Collection("carts");
carts.allow({ // carts.allow({
insert: function (userId, doc) { // insert: function (userId, doc) {
return Roles.userIsInRole(userId, ['admin']); // return Roles.userIsInRole(userId, ['admin']);
}, // },
update: function (userId, doc) { // update: function (userId, doc) {
return Roles.userIsInRole(userId, ['admin', 'teacher']; // return Roles.userIsInRole(userId, ['admin', 'teacher'];
}, // },
remove: function (userId, doc) { // remove: function (userId, doc) {
return Roles.userIsInRole(userId, ['admin']); // return Roles.userIsInRole(userId, ['admin']);
}, // },
fetch: [] // fetch: []
}); // });

30
chromebook-checkout-meteor/collections/chromebooks.js
View File

@ -1,19 +1,13 @@
Chromebooks = new Mongo.Collection("chromebook"); Chromebooks = new Mongo.Collection("chromebook");
Chromebooks.allow({ // Chromebooks.allow({
insert: function (userId, doc) { // insert: function (userId, doc) {
return Roles.userIsInRole(userId, ['admin']); // return Roles.userIsInRole(userId, ['admin']);
}, // },
update: function (userId, doc) { // update: function (userId, doc) {
if ((Chromebooks.findOne({userid: Meteor.userId()}) === undefined) // return (userId != null);
|| (Roles.userIsInRole(Meteor.userId(), ['admin', 'teacher']))) { // },
Chromebooks.update(this._id, {$set: {status: 1}}); // remove: function (userId, doc) {
Chromebooks.update(this._id, {$set: {last_checkout: new Date()}}); // return Roles.userIsInRole(userId, ['admin']);
Chromebooks.update(this._id, {$set: {userid: Meteor.userId()}}); // },
Chromebooks.update(this._id, {$set: {user: Meteor.user().profile.name}}); // fetch: []
} // });
},
remove: function (userId, doc) {
return Roles.userIsInRole(userId, ['admin']);
},
fetch: []
});

6
chromebook-checkout-meteor/server/users.js
View File

@ -11,10 +11,14 @@ Meteor.publish('chromebook', function() {
}); });
Meteor.publish('carts', function() { Meteor.publish('carts', function() {
return carts.find(); if (Roles.userIsInRole(this.userId, ['admin', 'teacher'])) {
return carts.find();
}
}); });
Posts.permit(['insert', 'update', 'remove']).never();
var adminusers = [ var adminusers = [
//Add all Users here
"mminer@bloomfield.org", "mminer@bloomfield.org",
"qalieh.yaman90@bloomfield.org", "qalieh.yaman90@bloomfield.org",
"ksjdragon@gmail.com", "ksjdragon@gmail.com",