github-mirrors/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-04-22 04:57:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
wekan/models/cardComments.js
Maxime Quandalle 45b662a1dd Centralize all mutations at the model level 
This commit uses a new package that I need to document. It tries to
solve the long-standing debate in the Meteor community about
allow/deny rules versus methods (RPC).

This approach gives us both the centralized security rules of
allow/deny and the white-list of allowed mutations similarly to Meteor
methods. The idea to have static mutation descriptions is also
inspired by Facebook's Relay/GraphQL.

This will allow the development of a REST API using the high-level
methods instead of the MongoDB queries to do the mapping between the
HTTP requests and our collections.
2015-09-08 20:19:42 +02:00

69 lines
1.5 KiB
JavaScript
Raw Permalink Blame History

CardComments = new Mongo.Collection('card_comments');
CardComments.attachSchema(new SimpleSchema({
boardId: {
type: String,
},
cardId: {
type: String,
},
// XXX Rename in `content`? `text` is a bit vague...
text: {
type: String,
},
// XXX We probably don't need this information here, since we already have it
// in the associated comment creation activity
createdAt: {
type: Date,
denyUpdate: false,
},
// XXX Should probably be called `authorId`
userId: {
type: String,
},
}));
CardComments.allow({
insert(userId, doc) {
return allowIsBoardMember(userId, Boards.findOne(doc.boardId));
},
update(userId, doc) {
return userId === doc.userId;
},
remove(userId, doc) {
return userId === doc.userId;
},
fetch: ['userId', 'boardId'],
});
CardComments.helpers({
user() {
return Users.findOne(this.userId);
},
});
CardComments.hookOptions.after.update = { fetchPrevious: false };
CardComments.before.insert((userId, doc) => {
doc.createdAt = new Date();
doc.userId = userId;
});
if (Meteor.isServer) {
CardComments.after.insert((userId, doc) => {
Activities.insert({
userId,
activityType: 'addComment',
boardId: doc.boardId,
cardId: doc.cardId,
commentId: doc._id,
});
});
CardComments.after.remove((userId, doc) => {
const activity = Activities.findOne({ commentId: doc._id });
if (activity) {
Activities.remove(activity._id);
}
});
}
Reference in a new issue View git blame Copy permalink