apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The communications platform that puts data protection first.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17681 Commits
1041 Branches
1079 Tags
1.9 GiB
 
 
 
 
 
Tag: Branch: Tree: 2516626dca
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2516626dca'
${ noResults }
Rocket.Chat/server/methods/saveUserProfile.js

95 lines
2.5 KiB
Raw Blame History

import { Meteor } from 'meteor/meteor';
import { Match, check } from 'meteor/check';
import { Accounts } from 'meteor/accounts-base';
import { saveCustomFields, passwordPolicy } from '../../app/lib';
import { Users } from '../../app/models';
import { settings as rcSettings } from '../../app/settings';
Meteor.methods({
saveUserProfile(settings, customFields) {
check(settings, Object);
check(customFields, Match.Maybe(Object));
if (!rcSettings.get('Accounts_AllowUserProfileChange')) {
throw new Meteor.Error('error-not-allowed', 'Not allowed', {
method: 'saveUserProfile',
});
}
if (!this.userId) {
throw new Meteor.Error('error-invalid-user', 'Invalid user', {
method: 'saveUserProfile',
});
}
const user = Users.findOneById(this.userId);
function checkPassword(user = {}, typedPassword) {
if (!(user.services && user.services.password && user.services.password.bcrypt && user.services.password.bcrypt.trim())) {
return true;
}
const passCheck = Accounts._checkPassword(user, {
digest: typedPassword.toLowerCase(),
algorithm: 'sha-256',
});
if (passCheck.error) {
return false;
}
return true;
}
if (settings.realname || (!settings.realname && !rcSettings.get('Accounts_RequireNameForSignUp'))) {
Meteor.call('setRealName', settings.realname);
}
if (settings.username) {
Meteor.call('setUsername', settings.username);
}
if (settings.statusText || settings.statusText === '') {
Meteor.call('setUserStatus', null, settings.statusText);
}
if (settings.email) {
if (!checkPassword(user, settings.typedPassword)) {
throw new Meteor.Error('error-invalid-password', 'Invalid password', {
method: 'saveUserProfile',
});
}
Meteor.call('setEmail', settings.email);
}
// Should be the last check to prevent error when trying to check password for users without password
if (settings.newPassword && rcSettings.get('Accounts_AllowPasswordChange') === true) {
if (!checkPassword(user, settings.typedPassword)) {
throw new Meteor.Error('error-invalid-password', 'Invalid password', {
method: 'saveUserProfile',
});
}
passwordPolicy.validate(settings.newPassword);
Accounts.setPassword(this.userId, settings.newPassword, {
logout: false,
});
try {
Meteor.call('removeOtherTokens');
} catch (e) {
Accounts._clearAllLoginTokens(this.userId);
}
}
Users.setProfile(this.userId, {});
if (customFields && Object.keys(customFields).length) {
saveCustomFields(this.userId, customFields);
}
return true;
},
});