From c008a6885f8e68e7cda06bde3d95326ec2f7a5ee Mon Sep 17 00:00:00 2001
From: Daria Voytova <d.voytova@2glab.com>
Date: Tue, 1 Nov 2016 17:25:54 +0300
Subject: [PATCH 1/4] Replace try/catch bundle to if/else

---
 core/client/navbar/navbar.js | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/core/client/navbar/navbar.js b/core/client/navbar/navbar.js
index a3195da6e8..596ce382c5 100755
--- a/core/client/navbar/navbar.js
+++ b/core/client/navbar/navbar.js
@@ -91,29 +91,31 @@ Template.navbar.helpers({
     return false;
   },
   userCanAddApi () {
-    try {
-      // Get settigns document
-      const settings = Settings.findOne();
+    // Get settigns document
+    const settings = Settings.findOne();
 
+    if (settings) {
       // Get access setting value
-      const onlyAdminsCanAddApis = settings.access.onlyAdminsCanAddApis;
+      // If access field doesn't exist, these is false. Allow users to add an API on default
+      const onlyAdminsCanAddApis = settings.access ? settings.access.onlyAdminsCanAddApis : false;
 
+      // Allow user to add an API because not only for admin
       if (!onlyAdminsCanAddApis) {
         return true;
       }
 
+      // Otherwise check of user role
       // Get current user Id
       const userId = Meteor.userId();
 
       // Check if current user is admin
       const userIsAdmin = Roles.userIsInRole(userId, ['admin']);
 
-      return onlyAdminsCanAddApis && userIsAdmin;
-    } catch (e) {
-      // If caught an error, then returning true because no access settings is set
-      // By default allowing all user to add an API
-      return true;
+      return userIsAdmin;
     }
+    // Return true because no settings are set
+    // By default allowing all user to add an API
+    return true;
   },
 });
 

From 1ee29c71eb0fc2931e9339b24eecbca398616ba7 Mon Sep 17 00:00:00 2001
From: Daria Voytova <d.voytova@2glab.com>
Date: Tue, 1 Nov 2016 17:26:47 +0300
Subject: [PATCH 2/4] Add new helper for checking dashboard page

---
 core/client/navbar/navbar.js | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/core/client/navbar/navbar.js b/core/client/navbar/navbar.js
index 596ce382c5..6b2afbeae1 100755
--- a/core/client/navbar/navbar.js
+++ b/core/client/navbar/navbar.js
@@ -117,6 +117,36 @@ Template.navbar.helpers({
     // By default allowing all user to add an API
     return true;
   },
+  userCanViewPage () {
+    // Allow or not regular user to view Dashboard page
+    // It depends on onlyAdminsCanAddApis settings
+
+    // Get settigns document
+    const settings = Settings.findOne();
+
+    if (settings) {
+      // Get access setting value
+      // If access field doesn't exist, these is false. Allow users to view page
+      const onlyAdminsCanAddApis = settings.access ? settings.access.onlyAdminsCanAddApis : false;
+
+      // Allow user to view page because not only for admin
+      if (!onlyAdminsCanAddApis) {
+        return true;
+      }
+
+      // Otherwise check of user role
+      // Get current user Id
+      const userId = Meteor.userId();
+
+      // Check if current user is admin or manager
+      const userIsAdminOrManager = Roles.userIsInRole(userId, ['admin', 'manager']);
+
+      return userIsAdminOrManager;
+    }
+    // Return true because no settings are set
+    // By default allowing all user to add an API
+    return true;
+  },
 });
 
 Template.navbar.onRendered(() => {

From 73381b0df287adaf4548f76eebe60311c5a0c07e Mon Sep 17 00:00:00 2001
From: Daria Voytova <d.voytova@2glab.com>
Date: Tue, 1 Nov 2016 17:27:46 +0300
Subject: [PATCH 3/4] Add condition in navbar for Dashboard button

---
 core/client/navbar/navbar.html | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/core/client/navbar/navbar.html b/core/client/navbar/navbar.html
index def96104a1..d5174c932b 100755
--- a/core/client/navbar/navbar.html
+++ b/core/client/navbar/navbar.html
@@ -24,12 +24,14 @@
         <ul class="nav navbar-nav navbar-left">
           {{# if currentUser }}
             {{# if proxyIsDefined }}
-              <li class="{{ isActiveRoute 'dashboard' }}">
-                <a href="/dashboard">
-                  <i class="fa fa-bar-chart" aria-hidden="true"></i>
-                  {{_ "navbar_dashboard" }}
-                </a>
-              </li>
+              {{# if userCanViewPage }}
+                <li class="{{ isActiveRoute 'dashboard' }}">
+                  <a href="/dashboard">
+                    <i class="fa fa-bar-chart" aria-hidden="true"></i>
+                    {{_ "navbar_dashboard" }}
+                  </a>
+                </li>
+              {{/ if }}
             {{/ if }}
           {{/ if }}
           <li class="{{ isActiveRoute 'catalogue' }}">

From 948301371d280f684bda09150f8c25fd427b72ca Mon Sep 17 00:00:00 2001
From: Daria Voytova <d.voytova@2glab.com>
Date: Wed, 2 Nov 2016 11:12:13 +0300
Subject: [PATCH 4/4] Rename helper

---
 core/client/navbar/navbar.html | 2 +-
 core/client/navbar/navbar.js   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/client/navbar/navbar.html b/core/client/navbar/navbar.html
index d5174c932b..8e8b82c802 100755
--- a/core/client/navbar/navbar.html
+++ b/core/client/navbar/navbar.html
@@ -24,7 +24,7 @@
         <ul class="nav navbar-nav navbar-left">
           {{# if currentUser }}
             {{# if proxyIsDefined }}
-              {{# if userCanViewPage }}
+              {{# if userCanViewDashboard }}
                 <li class="{{ isActiveRoute 'dashboard' }}">
                   <a href="/dashboard">
                     <i class="fa fa-bar-chart" aria-hidden="true"></i>
diff --git a/core/client/navbar/navbar.js b/core/client/navbar/navbar.js
index 6b2afbeae1..57a791814d 100755
--- a/core/client/navbar/navbar.js
+++ b/core/client/navbar/navbar.js
@@ -117,7 +117,7 @@ Template.navbar.helpers({
     // By default allowing all user to add an API
     return true;
   },
-  userCanViewPage () {
+  userCanViewDashboard () {
     // Allow or not regular user to view Dashboard page
     // It depends on onlyAdminsCanAddApis settings