Add the ability for the admin :

- disabling a login for a user (not himself) - enabling a login for a user - transfering the ownership of all user's boards to himself
8 years ago · 77d23df87f
parent 3ab33ed826
commit 77d23df87f
3 changed files with 53 additions and 1 deletions
--- a/models/boards.js
+++ b/models/boards.js
@ -298,6 +298,15 @@ Boards.mutations({
    return { $pull: { labels: { _id: labelId } } };
  },

+  changeOwnership(fromId, toId) {
+    const memberIndex = this.memberIndex(fromId);
+    return {
+      $set: {
+        [`members.${memberIndex}.userId`]: toId,
+      },
+    };
+  },
+
  addMember(memberId) {
    const memberIndex = this.memberIndex(memberId);
    if (memberIndex >= 0) {
@ -565,7 +574,7 @@ if (Meteor.isServer) {

    const data = Boards.find({
      archived: false,
-      'members.userId': req.userId,
+      'members.userId': paramUserId,
    }, {
      sort: ['title'],
    }).map(function(board) {
--- a/models/users.js
+++ b/models/users.js
@ -112,6 +112,10 @@ Users.attachSchema(new SimpleSchema({
    type: Boolean,
    optional: true,
  },
+  loginDisabled: {
+    type: Boolean,
+    optional: true,
+  },
 }));

 // Search a user in the complete server database by its name or username. This
@ -597,6 +601,40 @@ if (Meteor.isServer) {
      data: Meteor.users.findOne({ _id: id }),
    });
  });
+  JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
+    Authentication.checkUserId( req.userId);
+    const id = req.params.id;
+    const action = req.body.action;
+    var data = Meteor.users.findOne({ _id: id });
+    if (data != undefined) {
+      if (action === 'takeOwnership') {
+        data = Boards.find({
+          'members.userId': id,
+          'members.isAdmin': true,
+          }).map(function(board) {
+            if (board.hasMember(req.userId)) {
+              board.removeMember(req.userId);
+            }
+            board.changeOwnership(id, req.userId);
+            return {
+              _id: board._id,
+              title: board.title,
+            };
+          });
+      } else {
+        if ((action === 'disableLogin') && (id != req.userId)) {
+          Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
+        } else if (action === 'enableLogin') {
+          Users.update({ _id: id }, { $set: { loginDisabled: '' } });
+        }
+        data = Meteor.users.findOne({ _id: id });
+      }
+    }
+    JsonRoutes.sendResult(res, {
+      code: 200,
+      data: data,
+    });
+  });
  JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
    Authentication.checkUserId( req.userId);
    const id = Accounts.createUser({
--- a/server/authentication.js
+++ b/server/authentication.js
@ -1,4 +1,9 @@
 Meteor.startup(() => {
+
+  Accounts.validateLoginAttempt(function (options) {
+    return !options.user.loginDisabled;
+  });
+
  Authentication = {};

  Authentication.checkUserId = function (userId) {