Quality pass over all publications, fixed public documents permission error
This commit is contained in:
Thaum Rystra
@@ -1,20 +1,26 @@
|
||||
import Creatures from "/imports/api/creature/Creatures.js";
|
||||
import Creatures from '/imports/api/creature/Creatures.js';
|
||||
import Parties from '/imports/api/campaign/Parties.js';
|
||||
|
||||
Meteor.publish("characterList", function(){
|
||||
Meteor.publish('characterList', function(){
|
||||
var userId = this.userId;
|
||||
if (!userId) {
|
||||
this.ready();
|
||||
return;
|
||||
return [];
|
||||
}
|
||||
const user = Meteor.user();
|
||||
const subs = user && user.subscribedCharacters || [];
|
||||
return [
|
||||
Creatures.find(
|
||||
{$or: [{readers: userId}, {writers: userId}, {owner: userId}], type: "pc"},
|
||||
{
|
||||
Creatures.find({
|
||||
$or: [
|
||||
{readers: userId},
|
||||
{writers: userId},
|
||||
{owner: userId},
|
||||
{_id: {$in: subs}},
|
||||
],
|
||||
type: 'pc',
|
||||
}, {
|
||||
fields: {
|
||||
name: 1,
|
||||
urlName: 1,
|
||||
race: 1,
|
||||
alignment: 1,
|
||||
gender: 1,
|
||||
readers: 1,
|
||||
@@ -22,16 +28,10 @@ Meteor.publish("characterList", function(){
|
||||
owner: 1,
|
||||
color: 1,
|
||||
picture: 1,
|
||||
public: 1,
|
||||
}
|
||||
}
|
||||
),
|
||||
Parties.find({owner: userId}),
|
||||
];
|
||||
});
|
||||
|
||||
DDPRateLimiter.addRule({
|
||||
name: "characterList",
|
||||
type: "subscription",
|
||||
userId(){ return true; },
|
||||
connectionId(){ return true; },
|
||||
}, 8, 5000);
|
||||
|
||||
@@ -1,11 +1,10 @@
|
||||
import Icons from '/imports/api/icons/Icons.js';
|
||||
|
||||
Meteor.publish("sampleIcons", function(){
|
||||
Meteor.publish('sampleIcons', function(){
|
||||
return Icons.find({}, {limit: 50});
|
||||
});
|
||||
|
||||
|
||||
Meteor.publish("searchIcons", function(searchValue) {
|
||||
Meteor.publish('searchIcons', function(searchValue) {
|
||||
// Don't publish anything if there's no search value
|
||||
if (!searchValue) {
|
||||
return [];
|
||||
@@ -15,11 +14,11 @@ Meteor.publish("searchIcons", function(searchValue) {
|
||||
{
|
||||
// relevant documents have a higher score.
|
||||
fields: {
|
||||
score: { $meta: "textScore" }
|
||||
score: { $meta: 'textScore' }
|
||||
},
|
||||
// `score` property specified in the projection fields above.
|
||||
sort: {
|
||||
score: { $meta: "textScore" }
|
||||
score: { $meta: 'textScore' }
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import './characterList.js';
|
||||
import './library.js';
|
||||
import './singleCharacter.js';
|
||||
import './users.js';
|
||||
import './icons.js';
|
||||
import '/imports/server/publications/characterList.js';
|
||||
import '/imports/server/publications/library.js';
|
||||
import '/imports/server/publications/singleCharacter.js';
|
||||
import '/imports/server/publications/users.js';
|
||||
import '/imports/server/publications/icons.js';
|
||||
|
||||
@@ -10,32 +10,28 @@ Meteor.publish('standardLibraries', function(){
|
||||
});
|
||||
|
||||
Meteor.publish('libraries', function(){
|
||||
if (!this.userId) return [];
|
||||
const user = Meteor.user();
|
||||
const userId = user && user._id;
|
||||
if (!userId) return [];
|
||||
const subs = user && user.subscribedLibraries || [];
|
||||
return Libraries.find({
|
||||
$or: [
|
||||
{owner: userId},
|
||||
{writers: userId},
|
||||
{readers: userId},
|
||||
{owner: this.userId},
|
||||
{writers: this.userId},
|
||||
{readers: this.userId},
|
||||
{_id: {$in: subs}},
|
||||
]
|
||||
});
|
||||
});
|
||||
|
||||
Meteor.publish('library', function(libraryId){
|
||||
const user = Meteor.user();
|
||||
const userId = user && user._id;
|
||||
if (!userId) return [];
|
||||
const subs = user && user.subscribedLibraries || [];
|
||||
if (!this.userId) return [];
|
||||
let libraryCursor = Libraries.find({
|
||||
_id: libraryId,
|
||||
$or: [
|
||||
{owner: userId},
|
||||
{writers: userId},
|
||||
{readers: userId},
|
||||
{_id: {$in: subs}},
|
||||
{owner: this.userId},
|
||||
{writers: this.userId},
|
||||
{readers: this.userId},
|
||||
{public: true},
|
||||
],
|
||||
});
|
||||
if (!libraryCursor.count()) return [];
|
||||
|
||||
@@ -2,14 +2,14 @@ import Creatures from '/imports/api/creature/Creatures.js';
|
||||
import CreatureProperties from '/imports/api/creature/CreatureProperties.js';
|
||||
|
||||
Meteor.publish('singleCharacter', function(charId){
|
||||
userId = this.userId;
|
||||
let userId = this.userId;
|
||||
var char = Creatures.findOne({
|
||||
_id: charId,
|
||||
$or: [
|
||||
{readers: userId},
|
||||
{writers: userId},
|
||||
{owner: userId},
|
||||
{'settings.viewPermission': 'public'},
|
||||
{public: true},
|
||||
],
|
||||
});
|
||||
if (char){
|
||||
@@ -23,29 +23,3 @@ Meteor.publish('singleCharacter', function(charId){
|
||||
return [];
|
||||
}
|
||||
});
|
||||
|
||||
DDPRateLimiter.addRule({
|
||||
name: 'singleCharacter',
|
||||
type: 'subscription',
|
||||
userId: null,
|
||||
connectionId(){ return true; },
|
||||
}, 8, 10000, function(reply, ruleInput){
|
||||
if(!reply.allowed){
|
||||
logRateError(reply, ruleInput);
|
||||
}
|
||||
});
|
||||
|
||||
Meteor.publish('singleCharacterName', function(charId){
|
||||
userId = this.userId;
|
||||
return Creatures.find({
|
||||
_id: charId,
|
||||
$or: [
|
||||
{readers: userId},
|
||||
{writers: userId},
|
||||
{owner: userId},
|
||||
{'settings.viewPermission': 'public'},
|
||||
],
|
||||
}, {
|
||||
fields:{'name': 1}
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user