Commit c8a375b6 authored by Curtis Adam's avatar Curtis Adam

Disable card index creation for standard users

parent 54ebd19d
......@@ -6,6 +6,7 @@ import {Leitner, Wozniak} from "./learned.js";
import {Paid} from "./paid.js";
import {check} from "meteor/check";
import {CardEditor} from "./cardEditor";
import {UserPermissions} from "./permissions";
export const Cards = new Mongo.Collection("cards");
......@@ -199,67 +200,63 @@ Meteor.methods({
check(learningIndex, String);
check(learningUnit, String);
// Make sure the user is logged in and is authorized
var cardset = Cardsets.findOne(cardset_id);
let cardset = Cardsets.findOne(cardset_id);
let card_id = "";
if (!Roles.userIsInRole(this.userId, [
'admin',
'editor'
])) {
if (cardset.owner !== Meteor.userId() || Roles.userIsInRole(Meteor.userId(), ["firstLogin", "blocked"])) {
throw new Meteor.Error("not-authorized");
if (UserPermissions.isAdmin() || UserPermissions.isOwner(cardset.owner)) {
if (cardset.cardType !== 2 || cardset.cardType !== 3 || cardset.cardType !== 5) {
if (subject === "") {
throw new Meteor.Error("Missing subject");
}
} else {
if (subject === "" && learningUnit === "") {
throw new Meteor.Error("Missing subject or reference");
}
}
}
if (cardset.cardType !== 2 || cardset.cardType !== 3 || cardset.cardType !== 5) {
if (subject === "") {
throw new Meteor.Error("Missing subject");
Cards.insert({
subject: subject.trim(),
front: content1,
back: content2,
hint: content3,
lecture: content4,
top: content5,
bottom: content6,
cardset_id: cardset_id,
centerTextElement: centerTextElement,
date: date,
learningGoalLevel: learningGoalLevel,
backgroundStyle: backgroundStyle,
learningIndex: learningIndex,
learningUnit: learningUnit
}, {trimStrings: false}, function (err, card) {
card_id = card;
});
Cardsets.update(cardset_id, {
$set: {
quantity: Cards.find({cardset_id: cardset_id}).count(),
dateUpdated: new Date()
}
});
Meteor.call('updateShuffledCardsetQuantity', cardset_id);
let cardsets = Cardsets.find({
$or: [
{_id: cardset_id},
{cardGroups: {$in: [cardset_id]}}
]
}, {fields: {_id: 1}}).fetch();
for (let i = 0; i < cardsets.length; i++) {
Meteor.call('updateLeitnerCardIndex', cardsets[i]._id);
}
return card_id;
} else {
if (subject === "" && learningUnit === "") {
throw new Meteor.Error("Missing subject or reference");
}
}
Cards.insert({
subject: subject.trim(),
front: content1,
back: content2,
hint: content3,
lecture: content4,
top: content5,
bottom: content6,
cardset_id: cardset_id,
centerTextElement: centerTextElement,
date: date,
learningGoalLevel: learningGoalLevel,
backgroundStyle: backgroundStyle,
learningIndex: learningIndex,
learningUnit: learningUnit
}, {trimStrings: false}, function (err, card) {
card_id = card;
});
Cardsets.update(cardset_id, {
$set: {
quantity: Cards.find({cardset_id: cardset_id}).count(),
dateUpdated: new Date()
}
});
Meteor.call('updateShuffledCardsetQuantity', cardset_id);
let cardsets = Cardsets.find({
$or: [
{_id: cardset_id},
{cardGroups: {$in: [cardset_id]}}
]
}, {fields: {_id: 1}}).fetch();
for (let i = 0; i < cardsets.length; i++) {
Meteor.call('updateLeitnerCardIndex', cardsets[i]._id);
throw new Meteor.Error("not-authorized");
}
return card_id;
},
copyCard: function (sourceCardset_id, targetCardset_id, card_id) {
check(sourceCardset_id, String);
check(targetCardset_id, String);
check(card_id, String);
let cardset = Cardsets.findOne(sourceCardset_id);
if (Roles.userIsInRole(Meteor.userId(), ['admin']) || cardset.owner === Meteor.userId()) {
if (UserPermissions.isAdmin() || UserPermissions.isOwner(cardset.owner)) {
let card = Cards.findOne(card_id);
if (card !== undefined) {
let content1 = "";
......@@ -301,78 +298,44 @@ Meteor.methods({
deleteCard: function (card_id) {
check(card_id, String);
var card = Cards.findOne(card_id);
var cardset = Cardsets.findOne(card.cardset_id);
if (!Roles.userIsInRole(this.userId, [
'admin',
'editor'
])) {
if (!Meteor.userId() || cardset.owner !== Meteor.userId() || Roles.userIsInRole(this.userId, ["firstLogin", "blocked"])) {
throw new Meteor.Error("not-authorized");
let card = Cards.findOne(card_id);
let cardset = Cardsets.findOne(card.cardset_id);
if (UserPermissions.isAdmin() || UserPermissions.isOwner(cardset.owner)) {
if (cardset.learningActive) {
throw new Meteor.Error("not-possible active learnphase");
}
}
if (cardset.learningActive) {
throw new Meteor.Error("not-possible active learnphase");
}
var countCards = Cards.find({cardset_id: cardset._id}).count();
if (countCards <= 5) {
Cardsets.update(cardset._id, {
$set: {
kind: 'personal',
reviewed: false,
request: false,
visible: false
}
});
}
let result = Cards.remove(card_id);
Cardsets.update(card.cardset_id, {
$set: {
quantity: Cards.find({cardset_id: card.cardset_id}).count(),
dateUpdated: new Date()
var countCards = Cards.find({cardset_id: cardset._id}).count();
if (countCards <= 5) {
Cardsets.update(cardset._id, {
$set: {
kind: 'personal',
reviewed: false,
request: false,
visible: false
}
});
}
});
Meteor.call('updateShuffledCardsetQuantity', cardset._id);
Leitner.remove({
card_id: card_id
}, {multi: true});
Wozniak.remove({
card_id: card_id
}, {multi: true});
return result;
},
deleteCardAdmin: function (card_id) {
check(card_id, String);
var card = Cards.findOne({_id: card_id});
if (card !== undefined) {
if (!Roles.userIsInRole(this.userId, [
'admin',
'editor'
])) {
throw new Meteor.Error("not-authorized");
}
Cards.remove(card_id);
let result = Cards.remove(card_id);
Cardsets.update(card.cardset_id, {
$set: {
quantity: Cards.find({cardset_id: card.cardset_id}).count(),
dateUpdated: new Date()
}
});
Meteor.call('updateShuffledCardsetQuantity', card.cardset_id);
Meteor.call('updateShuffledCardsetQuantity', cardset._id);
Leitner.remove({
card_id: card_id
}, {multi: true});
Wozniak.remove({
card_id: card_id
}, {multi: true});
return result;
} else {
throw new Meteor.Error("not-authorized");
}
},
updateCard: function (card_id, subject, content1, content2, content3, content4, content5, content6, centerTextElement, learningGoalLevel, backgroundStyle, learningIndex, learningUnit) {
......@@ -389,48 +352,42 @@ Meteor.methods({
check(backgroundStyle, Number);
check(learningIndex, String);
check(learningUnit, String);
var card = Cards.findOne(card_id);
var cardset = Cardsets.findOne(card.cardset_id);
if (!Roles.userIsInRole(this.userId, [
'admin',
'editor'
])) {
// Make sure the user is logged in and is authorized
if (!Meteor.userId() || (cardset.owner !== Meteor.userId() || cardset.editors.includes(Meteor.userId())) || Roles.userIsInRole(this.userId, ["firstLogin", "blocked"])) {
throw new Meteor.Error("not-authorized");
}
}
if (cardset.cardType !== 2 || cardset.cardType !== 3 || cardset.cardType !== 5) {
if (subject === "") {
throw new Meteor.Error("Missing subject");
let card = Cards.findOne(card_id);
let cardset = Cardsets.findOne(card.cardset_id);
if (UserPermissions.isAdmin() || UserPermissions.isOwner(cardset.owner)) {
if (cardset.cardType !== 2 || cardset.cardType !== 3 || cardset.cardType !== 5) {
if (subject === "") {
throw new Meteor.Error("Missing subject");
}
} else {
if (subject === "" && learningUnit === "") {
throw new Meteor.Error("Missing subject or reference");
}
}
Cards.update(card_id, {
$set: {
subject: subject.trim(),
front: content1,
back: content2,
hint: content3,
lecture: content4,
top: content5,
bottom: content6,
centerTextElement: centerTextElement,
learningGoalLevel: learningGoalLevel,
backgroundStyle: backgroundStyle,
learningIndex: learningIndex,
learningUnit: learningUnit,
dateUpdated: new Date()
}
}, {trimStrings: false});
Cardsets.update(card.cardset_id, {
$set: {
dateUpdated: new Date()
}
});
} else {
if (subject === "" && learningUnit === "") {
throw new Meteor.Error("Missing subject or reference");
}
throw new Meteor.Error("not-authorized");
}
Cards.update(card_id, {
$set: {
subject: subject.trim(),
front: content1,
back: content2,
hint: content3,
lecture: content4,
top: content5,
bottom: content6,
centerTextElement: centerTextElement,
learningGoalLevel: learningGoalLevel,
backgroundStyle: backgroundStyle,
learningIndex: learningIndex,
learningUnit: learningUnit,
dateUpdated: new Date()
}
}, {trimStrings: false});
Cardsets.update(card.cardset_id, {
$set: {
dateUpdated: new Date()
}
});
}
});
This diff is collapsed.
import {Meteor} from "meteor/meteor";
export let UserPermissions = class UserPermissions {
static canCreateContent () {
if (Roles.userIsInRole(Meteor.userId(), ['admin', 'editor', 'university', 'lecturer', 'pro']) && this.isNotBlocked()) {
return true;
}
}
static isAdmin () {
if (Roles.userIsInRole(Meteor.userId(), ['admin', 'editor']) && this.isNotBlocked()) {
return true;
}
}
static isNotBlocked () {
return !Roles.userIsInRole(Meteor.userId(), ['firstLogin', 'blocked']);
}
static isOwner (content_owner) {
return (content_owner === Meteor.userId() && UserPermissions.canCreateContent());
}
static isLecturer () {
return (Roles.userIsInRole(Meteor.userId(), ['lecturer']));
}
};
......@@ -14,6 +14,7 @@ import "/client/markdeep.min.js";
import {getAuthorName} from "../../api/userdata";
import {Route} from "../../api/route";
import {CardVisuals} from "../../api/cardVisuals";
import {UserPermissions} from "../../api/permissions";
Meteor.subscribe("collegesCourses");
Template.registerHelper('isSelectingCardsetToLearn', function () {
......@@ -265,6 +266,10 @@ Template.registerHelper("isLecturerOrPro", function () {
}
});
Template.registerHelper("canCreateContent", function () {
return UserPermissions.canCreateContent();
});
Template.registerHelper("getRoles", function (roles) {
roles.sort();
let translatedRoles = "";
......
......@@ -71,11 +71,13 @@
<template name="create">
<div class="col-md-12" id="set-list-region">
{{#if isActiveRoute 'create'}}
<button id="newCardSet" type="button" class="btn btn-raised btn-success saveSet" {{disableIfOffline}} {{disableIfShuffle}}>
<button id="newCardSet" type="button"
class="btn btn-raised btn-success saveSet" {{disableIfOffline}} {{disableIfShuffle}}>
{{_ "set-list-empty.newset"}}
</button>
<label class="btn btn-raised btn-import btn-success {{disableIfOffline}}">
{{_ "import.cardset"}} <input type="{{#if isProfileComplete}}file{{else}}button{{/if}}" id="{{#if isProfileComplete}}importCardset{{else}}importCardsetCompleteProfile{{/if}}" style="display: none;">
{{_ "import.cardset"}} <input type="{{#if isProfileComplete}}file{{else}}button{{/if}}" id="{{#if
isProfileComplete}}importCardset{{else}}importCardsetCompleteProfile{{/if}}" style="display: none;">
</label>
{{/if}}
{{#if cardsetList 0}}
......@@ -97,9 +99,14 @@
<template name="repetitorium">
<div class="col-md-12" id="set-list-region">
{{#unless selectingCardsetToLearn}}
<button id="newRepetitorium" type="button" class="btn btn-raised btn-success saveSet hidden-xs" {{disableIfOffline}} {{disableIfShuffle}}>
{{_ "set-list.shuffleCardsets"}}
</button>
{{#if canCreateContent}}
<button id="newRepetitorium" type="button"
class="btn btn-raised btn-success saveSet hidden-xs" {{disableIfOffline}} {{disableIfShuffle}}>
{{_ "set-list.shuffleCardsets"}}
</button>
{{else}}
<div class="empty-button-placeholder"></div>
{{/if}}
{{/unless}}
{{#if cardsetList 0}}
{{> filterNavigation}}
......
......@@ -163,3 +163,7 @@ input, textarea {
#importCardset {
visibility: hidden !important;
}
.empty-button-placeholder {
height: 56px;
}
......@@ -83,13 +83,15 @@
{{_ "navbar-collapse.learndecks"}}
</a>
</li>
<li id="navbar-own-decks"
class="{{#if isActiveRoute regex='home|create'}}active{{/if}} hidden-xs"
data-toggle="collapse" data-target="#thm-top-navigation">
<a href="{{pathFor route='create'}}" id="cardsets">
{{getMyCardsetName}}
</a>
</li>
{{#if canCreateContent}}
<li id="navbar-own-decks"
class="{{#if isActiveRoute regex='home|create'}}active{{/if}} hidden-xs"
data-toggle="collapse" data-target="#thm-top-navigation">
<a href="{{pathFor route='create'}}" id="cardsets">
{{getMyCardsetName}}
</a>
</li>
{{/if}}
</ul>
<ul class="nav navbar-nav">
<li id="navbar-help"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment