diff --git a/.eslintignore b/.eslintignore index 65f959b54a..50b7080461 100644 --- a/.eslintignore +++ b/.eslintignore @@ -37,14 +37,4 @@ proxy_backends/collection/permissions.js proxy_backends/collection/regex.js proxy_backends/collection/schema.js proxy_backends/collection/server/publications.js -proxy_backends/server/methods.js -users/client/account/account.js -users/client/account/password/autoform.js -users/client/lib/accounts_config.js -users/collection/roles_schema.js -users/collection/server/publications.js -users/collection/users_permissions.js -users/server/accounts_hooks.js -users/server/login_verify.js -users/server/methods.js -users/server/startup_roles.js +proxy_backends/server/methods.js \ No newline at end of file diff --git a/users/client/account/account.js b/users/client/account/account.js index 0793b21ef5..7165c0ea85 100644 --- a/users/client/account/account.js +++ b/users/client/account/account.js @@ -1,3 +1,4 @@ +import { Modal } from 'meteor/peppelg:bootstrap-3-modal'; import { Template } from 'meteor/templating'; Template.account.events({ diff --git a/users/client/account/password/autoform.js b/users/client/account/password/autoform.js index 99551c31e8..021ed159bb 100644 --- a/users/client/account/password/autoform.js +++ b/users/client/account/password/autoform.js @@ -1,9 +1,14 @@ +import { Accounts } from 'meteor/accounts-base'; +import { AutoForm } from 'meteor/aldeed:autoform'; +import { TAPi18n } from 'meteor/tap:i18n'; +import { sAlert } from 'meteor/juliancwirko:s-alert'; + AutoForm.hooks({ updatePassword: { - onSubmit (insertDoc, updateDoc, currentDoc) { + onSubmit (insertDoc) { this.event.preventDefault(); const instance = this; - Accounts.changePassword(insertDoc.old, insertDoc.new, function (error) { + Accounts.changePassword(insertDoc.old, insertDoc.new, (error) => { $('.btn-primary').attr('disabled', null); if (error) { // Alert the user of failure diff --git a/users/client/lib/accounts_config.js b/users/client/lib/accounts_config.js index 3c1ad1360d..08d4d27e54 100644 --- a/users/client/lib/accounts_config.js +++ b/users/client/lib/accounts_config.js @@ -1,3 +1,5 @@ +import { AccountsTemplates } from 'meteor/useraccounts:core'; + // User accounts guide // https://github.com/meteor-useraccounts/core/blob/master/Guide.md AccountsTemplates.configure({ diff --git a/users/collection/roles_schema.js b/users/collection/roles_schema.js index 84edc253b9..12053629b6 100644 --- a/users/collection/roles_schema.js +++ b/users/collection/roles_schema.js @@ -1,3 +1,6 @@ +import { Meteor } from 'meteor/meteor'; +import { SimpleSchema } from 'meteor/aldeed:simple-schema'; + const RolesSchema = new SimpleSchema({ name: { type: String, diff --git a/users/collection/server/publications.js b/users/collection/server/publications.js index 479092022d..15273dbab5 100644 --- a/users/collection/server/publications.js +++ b/users/collection/server/publications.js @@ -1,13 +1,15 @@ +import { check } from 'meteor/check'; import { Meteor } from 'meteor/meteor'; + import Apis from '/apis/collection'; -Meteor.publish('allUsersUsernamesOnly', function () { +Meteor.publish('allUsersUsernamesOnly', () => { return Meteor.users.find({}, { fields: { username: 1 } }); }); // TODO: determine whether this publication is used // If it is used, refactor it to be a regular publication -Meteor.publishComposite('user', function () { +Meteor.publishComposite('user', () => { return { find () { return Meteor.users.find({ @@ -17,12 +19,15 @@ Meteor.publishComposite('user', function () { }; }); -Meteor.publish('apiAuthorizedUsersPublicDetails', function (apiId) { +Meteor.publish('apiAuthorizedUsersPublicDetails', (apiId) => { + // Make sure apiId is a String + check(apiId, String); + // Get API document const api = Apis.findOne(apiId); // Return all authorized user documents - return Meteor.users.find({_id: {$in: api.authorizedUserIds } }, + return Meteor.users.find({ _id: { $in: api.authorizedUserIds } }, { fields: { username: 1, emails: 1, _id: 1 } } ); }); diff --git a/users/collection/users_permissions.js b/users/collection/users_permissions.js index f5da67d257..b55d4f8a02 100644 --- a/users/collection/users_permissions.js +++ b/users/collection/users_permissions.js @@ -1,8 +1,8 @@ +import { Meteor } from 'meteor/meteor'; + Meteor.users.allow({ update (currentUserId, user) { // Only allow user to update own username - if (currentUserId === user._id) { - return true; - } + return (currentUserId === user._id); }, }); diff --git a/users/server/accounts_hooks.js b/users/server/accounts_hooks.js index 0d5b4610a4..afb15ae95f 100644 --- a/users/server/accounts_hooks.js +++ b/users/server/accounts_hooks.js @@ -18,7 +18,7 @@ Accounts.onCreateUser((options, user) => { ]; // Search 'githubUsername' from database. const githubUsername = user.services.github.username; - const existingUser = Meteor.users.findOne({ 'username': githubUsername }); + const existingUser = Meteor.users.findOne({ username: githubUsername }); if (existingUser === undefined) { // Username available, set username to Github username. user.username = githubUsername; diff --git a/users/server/login_verify.js b/users/server/login_verify.js index efd48e0de8..83bff33c87 100644 --- a/users/server/login_verify.js +++ b/users/server/login_verify.js @@ -1,13 +1,14 @@ import { Meteor } from 'meteor/meteor'; import { TAPi18n } from 'meteor/tap:i18n'; import { Roles } from 'meteor/alanning:roles'; -import { _ } from 'lodash'; import Settings from '/settings/collection'; import { mailSettingsValid } from '/core/helper_functions/validate_settings'; +import { _ } from 'lodash'; + // Login attempt verifier to require verified email before login -export function loginAttemptVerifier (parameters) { +export default function loginAttemptVerifier (parameters) { // Init user login allowed let userLoginAllowed = false; diff --git a/users/server/methods.js b/users/server/methods.js index 52471c2384..1090140919 100644 --- a/users/server/methods.js +++ b/users/server/methods.js @@ -1,15 +1,27 @@ import { Accounts } from 'meteor/accounts-base'; +import { Meteor } from 'meteor/meteor'; +import { ValidEmail } from 'meteor/froatsnook:valid-email'; +import { check } from 'meteor/check'; + import Settings from '/settings/collection'; Meteor.methods({ deleteAccount (userId) { + // Make sure userId is a String + check(userId, String); + + let user; if (this.userId === userId) { - return Meteor.users.remove({ + user = Meteor.users.remove({ _id: this.userId, }); } + return user; }, checkIfEmailIsRegistered (email) { + // Make sure email is a valid email + check(email, ValidEmail); + // Get any user with matching email const user = Accounts.findUserByEmail(email); @@ -25,13 +37,16 @@ Meteor.methods({ return emailIsRegistered; }, - sendRegistrationEmailVerification( userId ) { + sendRegistrationEmailVerification (userId) { + // Make sure userId is a String + check(userId, String); + // Get settings const settings = Settings.findOne(); // Check mail settings have been enabled - if(settings && settings.mail && settings.mail.enabled) { - Accounts.sendVerificationEmail( userId ); + if (settings && settings.mail && settings.mail.enabled) { + Accounts.sendVerificationEmail(userId); } }, }); diff --git a/users/server/startup.js b/users/server/startup.js index ecd922d186..7416abd954 100644 --- a/users/server/startup.js +++ b/users/server/startup.js @@ -1,6 +1,7 @@ import { Accounts } from 'meteor/accounts-base'; import { Meteor } from 'meteor/meteor'; -import { loginAttemptVerifier } from './login_verify'; + +import loginAttemptVerifier from './login_verify'; Meteor.startup(() => { // In case of server restart, we need to set MAIL_URL diff --git a/users/server/startup_roles.js b/users/server/startup_roles.js index 9189cb5cbd..d15a5b0291 100644 --- a/users/server/startup_roles.js +++ b/users/server/startup_roles.js @@ -9,7 +9,7 @@ Meteor.startup(() => { const roles = Roles.getAllRoles().fetch(); // Create an array of role names - const roleNames = _.map(roles, (role) => role.name); + const roleNames = _.map(roles, (role) => { return role.name; }); // Check if 'manager' role is defined const managerRoleIsDefined = _.includes(roleNames, 'manager');