diff options
Diffstat (limited to 'server/lib')
| -rw-r--r-- | server/lib/api/collaborator.js | 20 | ||||
| -rw-r--r-- | server/lib/auth/mail.js | 2 | ||||
| -rw-r--r-- | server/lib/schemas/Collaborator.js | 1 | ||||
| -rw-r--r-- | server/lib/views.js | 2 |
4 files changed, 15 insertions, 10 deletions
diff --git a/server/lib/api/collaborator.js b/server/lib/api/collaborator.js index f39022f..c080070 100644 --- a/server/lib/api/collaborator.js +++ b/server/lib/api/collaborator.js @@ -1,20 +1,22 @@ /* jshint node: true */ var _ = require('lodash'), + auth = require('../auth'), util = require('../util'), upload = require('../upload'), config = require('../../../config.json'), + User = require('../schemas/User'), Collaborator = require('../schemas/Collaborator'), Project = require('../schemas/Project'); var collaborator = { join: function(req, res){ - var nonce = req.query.nonce + var nonce = req.params.nonce if (! nonce || ! nonce.length) { return res.json({ error: "invalid invite code" }) } Collaborator.findOne({ nonce: nonce }, function(err, collaborator){ if (err || ! collaborator) { return res.json({ error: "can't find collaborator" }) } - collaborator.user_id = req.user.user_id + collaborator.user_id = req.user._id collaborator.nonce = "" collaborator.save(function(err, collaborator){ Project.findOne({ _id: collaborator.project_id }, function(err, project){ @@ -31,7 +33,7 @@ var collaborator = { if (! req.project) { return res.json({ error: "can't find project" }) } - if (req.project.user_id !== req.user._id) { return res.json({ error: "insufficient permission" }) } + if (String(req.project.user_id) !== String(req.user._id)) { return res.json({ error: "insufficient permission" }) } Collaborator.find({ project_id: req.project._id }, function(err, collaborators){ var user_ids = _.pluck(collaborators, "user_id").filter(function(id){ return !! id }) User.find({ _id: user_ids }, "username displayName photo", function(err, users){ @@ -44,6 +46,7 @@ var collaborator = { obj.user = userIndex[ obj.user_id ] return obj }) + collaborators.unshift( { user: req.user.toObject(), owner: true } ) res.json(collaborators) }) }) @@ -60,11 +63,12 @@ var collaborator = { Collaborator.makeNonce(function(nonce){ data.nonce = nonce + new Collaborator(data).save(function(err, collaborator){ if (err || ! collaborator) { return res.json({ error: err }) } - auth.mail.forgotPassword(req.project, req.user, collaborator, function(){ - res.json(collaborator) - }) + console.log(collaborator) + res.json(collaborator) + auth.mail.collaborator(req.project, req.user, collaborator, function(){}) }) }) }, @@ -73,10 +77,10 @@ var collaborator = { if (! req.project) { return res.json({ error: "can't find project" }) } - if (req.project.user_id !== req.user._id) { + if (String(req.project.user_id) !== String(req.user._id)) { return res.json({ error: "insufficient permission" }) } - Collaborator.remove({ _id: _id }, function(err){ + Collaborator.remove({ _id: req.body._id }, function(err){ res.json({ status: "OK" }) }) } diff --git a/server/lib/auth/mail.js b/server/lib/auth/mail.js index 0211325..0ba6d5d 100644 --- a/server/lib/auth/mail.js +++ b/server/lib/auth/mail.js @@ -81,7 +81,7 @@ var mail = { ] } mail.send(message, cb) - console.log("sent collaborator email to", user.email) + console.log("sent collaborator email to", collaborator.email) }, } diff --git a/server/lib/schemas/Collaborator.js b/server/lib/schemas/Collaborator.js index 79e3287..6b3d452 100644 --- a/server/lib/schemas/Collaborator.js +++ b/server/lib/schemas/Collaborator.js @@ -2,6 +2,7 @@ var mongoose = require('mongoose'), _ = require('lodash'), + crypto = require('crypto'), config = require('../../../config.json'), util = require('../util'); diff --git a/server/lib/views.js b/server/lib/views.js index 7137041..b3c1d18 100644 --- a/server/lib/views.js +++ b/server/lib/views.js @@ -33,7 +33,7 @@ views.editor = function (req, res) { if (! req.project) { res.redirect('/') } - else if (req.isCollaborator || req.isOwner) { + else if (req.isOwner || req.isCollaborator) { res.render('editor') } else { |