Commit ef4c7872 authored by Curtis Adam's avatar Curtis Adam

Only create leitner and wozniak cards for users with the required cardset access level

parent 49410654
import {Meteor} from "meteor/meteor"; import {Meteor} from "meteor/meteor";
import {Cardsets} from "./cardsets";
import {Paid} from "./paid";
export let UserPermissions = class UserPermissions { export let UserPermissions = class UserPermissions {
static canCreateContent () { static canCreateContent () {
...@@ -28,4 +30,30 @@ export let UserPermissions = class UserPermissions { ...@@ -28,4 +30,30 @@ export let UserPermissions = class UserPermissions {
static isLecturer () { static isLecturer () {
return (Roles.userIsInRole(Meteor.userId(), ['lecturer'])); return (Roles.userIsInRole(Meteor.userId(), ['lecturer']));
} }
static hasCardsetPermission (cardset_id) {
if (!Meteor.isServer) {
if (Router.current().route.getName() === "demo" || Router.current().route.getName() === "making") {
return true;
}
}
let cardset = Cardsets.findOne({_id: cardset_id});
if (cardset === undefined) {
return false;
}
let userId = Meteor.userId();
let cardsetKind = cardset.kind;
let hasRole = false;
if (Roles.userIsInRole(userId, 'pro') ||
(Roles.userIsInRole(userId, 'lecturer')) ||
(Roles.userIsInRole(userId, 'admin')) ||
(Roles.userIsInRole(userId, 'editor')) ||
(Roles.userIsInRole(userId, 'university') && (cardsetKind === 'edu' || cardsetKind === 'free')) ||
(cardsetKind === 'free') ||
(Paid.find({cardset_id: cardset._id, user_id: userId}).count())) {
hasRole = true;
}
return (cardset.owner === Meteor.userId() || cardset.editors.includes(Meteor.userId())) || hasRole;
}
}; };
...@@ -5,7 +5,6 @@ import {CollegesCourses} from "../../api/colleges_courses.js"; ...@@ -5,7 +5,6 @@ import {CollegesCourses} from "../../api/colleges_courses.js";
import {Leitner} from "../../api/learned.js"; import {Leitner} from "../../api/learned.js";
import {Session} from "meteor/session"; import {Session} from "meteor/session";
import {MeteorMathJax} from 'meteor/mrt:mathjax'; import {MeteorMathJax} from 'meteor/mrt:mathjax';
import {Paid} from "../../api/paid";
import {CardType} from "../../api/cardTypes"; import {CardType} from "../../api/cardTypes";
import DOMPurify from 'dompurify'; import DOMPurify from 'dompurify';
import {DOMPurifyConfig} from "../../api/dompurify.js"; import {DOMPurifyConfig} from "../../api/dompurify.js";
...@@ -427,27 +426,7 @@ Template.registerHelper("getCourses", function () { ...@@ -427,27 +426,7 @@ Template.registerHelper("getCourses", function () {
}); });
Template.registerHelper("hasCardsetPermission", function () { Template.registerHelper("hasCardsetPermission", function () {
if (Router.current().route.getName() === "demo" || Router.current().route.getName() === "making") { return UserPermissions.hasCardsetPermission(Router.current().params._id);
return true;
}
let cardset = Cardsets.findOne({_id: Router.current().params._id});
if (cardset === undefined) {
return false;
}
let userId = Meteor.userId();
let cardsetKind = cardset.kind;
let hasRole = false;
if (Roles.userIsInRole(userId, 'pro') ||
(Roles.userIsInRole(userId, 'lecturer')) ||
(Roles.userIsInRole(userId, 'admin')) ||
(Roles.userIsInRole(userId, 'editor')) ||
(Roles.userIsInRole(userId, 'university') && (cardsetKind === 'edu' || cardsetKind === 'free')) ||
(cardsetKind === 'free') ||
(Paid.find({cardset_id: cardset._id, user_id: userId}).count())) {
hasRole = true;
}
return (cardset.owner === Meteor.userId() || cardset.editors.includes(Meteor.userId())) || hasRole;
}); });
......
...@@ -52,10 +52,14 @@ ...@@ -52,10 +52,14 @@
<div class="item active"> <div class="item active">
<div class="box flashcard emptyCard"> <div class="box flashcard emptyCard">
{{#if isActiveRoute 'box'}} {{#if isActiveRoute 'box'}}
<h4>{{_ "learnedEverything"}}</h4> {{#if gotLeitnerWorkload}}
<h4>{{_ "bonus.message.learnedEverything"}}</h4>
{{/if}}
{{/if}} {{/if}}
{{#if isActiveRoute 'memo'}} {{#if isActiveRoute 'memo'}}
<h4>{{_ "wozniak.empty.text"}}</h4> {{#if gotWozniakWorkload}}
<h4>{{_ "wozniak.empty.text"}}</h4>
{{/if}}
{{/if}} {{/if}}
{{> learnBackButton}} {{> learnBackButton}}
</div> </div>
......
...@@ -10,6 +10,7 @@ import {CardIndex} from "../../api/cardIndex.js"; ...@@ -10,6 +10,7 @@ import {CardIndex} from "../../api/cardIndex.js";
import {Route} from "../../api/route.js"; import {Route} from "../../api/route.js";
import {CardType} from "../../api/cardTypes"; import {CardType} from "../../api/cardTypes";
import {CardNavigation} from "../../api/cardNavigation"; import {CardNavigation} from "../../api/cardNavigation";
import {Leitner, Wozniak} from "../../api/learned.js";
import "./card.html"; import "./card.html";
import '/client/thirdParty/hammer.js'; import '/client/thirdParty/hammer.js';
import './header/header.js'; import './header/header.js';
...@@ -154,6 +155,12 @@ Template.flashcardsEmpty.helpers({ ...@@ -154,6 +155,12 @@ Template.flashcardsEmpty.helpers({
}, },
isCardset: function () { isCardset: function () {
return Route.isCardset(); return Route.isCardset();
},
gotLeitnerWorkload: function () {
return Leitner.find({cardset_id: Router.current().params._id, user_id: Meteor.user()}).count();
},
gotWozniakWorkload: function () {
return Wozniak.find({cardset_id: Router.current().params._id, user_id: Meteor.user()}).count();
} }
}); });
......
...@@ -9,6 +9,7 @@ import {check} from "meteor/check"; ...@@ -9,6 +9,7 @@ import {check} from "meteor/check";
import {CardType} from "../imports/api/cardTypes"; import {CardType} from "../imports/api/cardTypes";
import {Bonus} from "../imports/api/bonus"; import {Bonus} from "../imports/api/bonus";
import {Profile} from "../imports/api/profile"; import {Profile} from "../imports/api/profile";
import {UserPermissions} from "../imports/api/permissions";
/** Function returns the amount of cards inside a box that are valid to learn /** Function returns the amount of cards inside a box that are valid to learn
* @param {string} cardset_id - The id of the cardset with active learners * @param {string} cardset_id - The id of the cardset with active learners
...@@ -468,7 +469,7 @@ Meteor.methods({ ...@@ -468,7 +469,7 @@ Meteor.methods({
* */ * */
addToLeitner: function (cardset_id) { addToLeitner: function (cardset_id) {
check(cardset_id, String); check(cardset_id, String);
if (!Meteor.userId() || Roles.userIsInRole(this.userId, 'blocked')) { if (!Meteor.userId() || Roles.userIsInRole(this.userId, 'blocked') || !UserPermissions.hasCardsetPermission(cardset_id)) {
throw new Meteor.Error("not-authorized"); throw new Meteor.Error("not-authorized");
} else { } else {
let cardset = Cardsets.findOne({_id: cardset_id}); let cardset = Cardsets.findOne({_id: cardset_id});
...@@ -504,7 +505,7 @@ Meteor.methods({ ...@@ -504,7 +505,7 @@ Meteor.methods({
check(cardset_id, String); check(cardset_id, String);
let cardset = Cardsets.findOne({_id: cardset_id}); let cardset = Cardsets.findOne({_id: cardset_id});
let user_id = this.userId; let user_id = this.userId;
if (!Meteor.userId() || Roles.userIsInRole(user_id, 'blocked') || Bonus.isInBonus(cardset._id, Meteor.userId())) { if (!Meteor.userId() || Roles.userIsInRole(user_id, 'blocked') || Bonus.isInBonus(cardset._id, Meteor.userId()) || !UserPermissions.hasCardsetPermission(cardset_id)) {
throw new Meteor.Error("not-authorized"); throw new Meteor.Error("not-authorized");
} else { } else {
Meteor.call('initializeWorkloadData', cardset._id, Meteor.userId()); Meteor.call('initializeWorkloadData', cardset._id, Meteor.userId());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment