From a19e562b3ca8bc7a2c18002dc535b798916bc82c Mon Sep 17 00:00:00 2001
From: Jules Laplace <jules@okfoc.us>
Date: Mon, 20 Mar 2017 05:07:10 +0100
Subject: block managers from editing user meals

---
 client/components/App.jsx      |  4 +++-
 client/components/MealList.jsx | 22 ++++++++++++++++++++--
 client/components/Menu.jsx     |  6 +++---
 3 files changed, 26 insertions(+), 6 deletions(-)

(limited to 'client')

diff --git a/client/components/App.jsx b/client/components/App.jsx
index eafd309..1a7e854 100644
--- a/client/components/App.jsx
+++ b/client/components/App.jsx
@@ -23,7 +23,9 @@ export default class App extends React.Component {
       })
       .catch(error => {
         this.setState({ ready: true })
-        console.error(error)
+        if (! error.message.match(/stored JWT/)) {
+          console.error(error)
+        }
       })
   }
   didAuthenticate(user) {
diff --git a/client/components/MealList.jsx b/client/components/MealList.jsx
index 7efbf4d..ef13ac9 100644
--- a/client/components/MealList.jsx
+++ b/client/components/MealList.jsx
@@ -51,6 +51,7 @@ export default class MealList extends React.Component {
     this.setState({ data: meals })
   }
   render() {
+    const canEdit = canEditUserMeals(this.props.currentUser, this.props.user)
     var groups = groupByDate(this.state.data)
     const items = Object.keys(groups).sort().reverse().map((date) => {
       const group = groups[date]
@@ -59,6 +60,7 @@ export default class MealList extends React.Component {
           <MealItem
             key={meal.id}
             meal={meal}
+            canEdit={canEdit}
             onClick={this.pickMeal}
             onDelete={this.handleDelete} />
         )
@@ -81,6 +83,7 @@ export default class MealList extends React.Component {
     return (
       <div>
         <MealForm user={this.props.user}
+          currentUser={this.props.currentUser}
           ref={(mealForm) => { this.mealForm = mealForm }}
           onCreate={(meal) => { this.handleCreate(meal) }}
           onUpdate={(meal) => { this.handleUpdate(meal) }}
@@ -100,8 +103,14 @@ export default class MealList extends React.Component {
 class MealItem extends React.Component {
   constructor() {
     super()
+    this.handleClick = this.handleClick.bind(this)
     this.remove = this.remove.bind(this)
   }
+  handleClick() {
+    if (this.props.canEdit) {
+      this.props.onClick(this.props.meal)
+    }
+  }
   remove(e) {
     e.stopPropagation()
     const mealid = this.props.meal.id
@@ -116,11 +125,11 @@ class MealItem extends React.Component {
   render() {
     const meal = this.props.meal
     // const canEdit = this.props.meal.userid === this.props.currentUser.id ? 'canEdit' : ''
-    const canEdit = 'canEdit'
+    const canEdit = this.props.canEdit ? 'canEdit' : ''
     const date = parseDate(meal.date)
     const time = parseTime(meal.date)
     return (
-      <div className={'meal row ' + canEdit} onClick={() => this.props.onClick(meal)}>
+      <div className={'meal row ' + canEdit} onClick={this.handleClick}>
         <div className='name'>{meal.name}</div>
         <div className='calories'>{meal.calories} cal</div>
         <div className='date'>{date}</div>
@@ -213,6 +222,10 @@ class MealForm extends React.Component {
   render() {
     const id = this.state.id
     const action = id ? 'update' : 'create'
+    const canEdit = canEditUserMeals(this.props.currentUser, this.props.user)
+    if (! canEdit) {
+      return (<div></div>)
+    }
 
     const date = parseDate(this.state.date)
     const time = parseTime(this.state.date)
@@ -232,6 +245,11 @@ class MealForm extends React.Component {
   }
 }
 
+function canEditUserMeals (currentUser, user) {
+  const isValidRole = (currentUser.role === 'admin')
+  return (user.id == currentUser.id) || isValidRole
+}
+
 function groupByDate(a) {
   return a.reduce(function(rv, x) {
     var date = parseDate(x.date)
diff --git a/client/components/Menu.jsx b/client/components/Menu.jsx
index 471336e..452c395 100644
--- a/client/components/Menu.jsx
+++ b/client/components/Menu.jsx
@@ -39,9 +39,9 @@ export default class Menu extends React.Component {
     items.push( <li key='goal' onMouseDown={this.setGoal}><a href='#'>Goal</a>: {user.goal} cal</li> )
     switch (currentUser.role) {
       case 'admin':
-        if (this.props.user.id !== this.props.currentUser.id) {
-          items.push( <li key='resetUser'><a href='#' onClick={this.resetUser}>Reset User</a></li> )
-        }
+//         if (this.props.user.id !== this.props.currentUser.id) {
+//           items.push( <li key='resetUser'><a href='#' onClick={this.resetUser}>Stop viewing</a></li> )
+//         }
         items.push( <li key='userlist'><a href='#' onClick={this.props.toggleMode}>Users</a></li> )
         items.push( <li key='meallist'><a href='#' onClick={this.props.toggleMode}>Meals</a></li> )
         break
-- 
cgit v1.2.3-70-g09d2