apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Change field name to roles and type to Array.

Browse Source
pull/5114/head
a5his 9 years ago
parent 98a199c158
commit 97848ddefb
2 changed files with 9 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      packages/rocketchat-api/server/v1/users.js
  2. 14
      packages/rocketchat-lib/server/functions/saveUser.js

4
packages/rocketchat-api/server/v1/users.js
Unescape View File

@ -7,7 +7,7 @@ RocketChat.API.v1.addRoute('users.create', { authRequired: true }, {
password: String,
username: String,
active: Match.Maybe(Boolean),
role: Match.Maybe(String),
roles: Match.Maybe(Array),
joinDefaultChannels: Match.Maybe(Boolean),
requirePasswordChange: Match.Maybe(Boolean),
sendWelcomeEmail: Match.Maybe(Boolean),
@ -191,7 +191,7 @@ RocketChat.API.v1.addRoute('users.update', { authRequired: true }, {
password: Match.Maybe(String),
username: Match.Maybe(String),
active: Match.Maybe(Boolean),
role: Match.Maybe(String),
roles: Match.Maybe(Array),
joinDefaultChannels: Match.Maybe(Boolean),
requirePasswordChange: Match.Maybe(Boolean),
sendWelcomeEmail: Match.Maybe(Boolean),

14
packages/rocketchat-lib/server/functions/saveUser.js
Unescape View File

@ -1,6 +1,6 @@
RocketChat.saveUser = function(userId, userData) {
const user = RocketChat.models.Users.findOneById(userId);
let existingRoles = _.map(_.pluck(RocketChat.authz.getRoles(), '_id'), function(r) { return r.toLowerCase(); });
let existingRoles = _.pluck(RocketChat.authz.getRoles(), '_id');
if (userData._id && userId !== userData._id && !RocketChat.authz.hasPermission(userId, 'edit-other-user-info')) {
throw new Meteor.Error('error-action-not-allowed', 'Editing user is not allowed', { method: 'insertOrUpdateUser', action: 'Editing_user' });
@ -10,11 +10,11 @@ RocketChat.saveUser = function(userId, userData) {
throw new Meteor.Error('error-action-not-allowed', 'Adding user is not allowed', { method: 'insertOrUpdateUser', action: 'Adding_user' });
}
if (existingRoles.indexOf(userData.role) < 0) {
throw new Meteor.Error('error-action-not-allowed', 'The role you are assigning does not exist', { method: 'insertOrUpdateUser', action: 'Assign_role' });
if (userData.roles && _.difference(userData.roles, existingRoles).length > 0) {
throw new Meteor.Error('error-action-not-allowed', 'The field Roles consist invalid role name', { method: 'insertOrUpdateUser', action: 'Assign_role' });
}
if (userData.role === 'admin' && !RocketChat.authz.hasPermission(userId, 'assign-admin-role')) {
if (userData.roles && _.indexOf(userData.roles, 'admin') >= 0 && !RocketChat.authz.hasPermission(userId, 'assign-admin-role')) {
throw new Meteor.Error('error-action-not-allowed', 'Assigning admin is not allowed', { method: 'insertOrUpdateUser', action: 'Assign_admin' });
}
@ -68,7 +68,7 @@ RocketChat.saveUser = function(userId, userData) {
const updateUser = {
$set: {
name: userData.name,
roles: [ (userData.role || 'user') ]
roles: userData.roles || ['user']
}
};
@ -142,8 +142,8 @@ RocketChat.saveUser = function(userId, userData) {
updateUser.$set.name = userData.name;
}
if (userData.role) {
updateUser.$set.roles = [ (userData.role || 'user') ];
if (userData.roles) {
updateUser.$set.roles = userData.roles;
}
if (userData.requirePasswordChange) {

Write Preview
Loading…
Cancel
Save