/meteor-user-roles

User roles for Meteor >= 1.3 + React

Primary LanguageJavaScriptMIT LicenseMIT

meteor-user-roles

This package will add simple user access management to Meteor application.

Package is used by Meteor Kitchen - source code generator for Meteor.

Instalation

meteor npm install meteor-user-roles 

Users collection

Collection Users extends Meteor.users collection. When user is created, roles: [] array is added to the user document. You can add / remove multiple role names to this array:

{
	...user's document...

	roles: ["admin", "user"]

	...
}

Users.isInRole(userId, role)

Check if user is in given role. Example:

if(Users.isInRole(Meteor.userId(), "admin")) {
	// user is admin
	...
} else {
	// user is not admin
	...
}

Users.isInRoles(userId, roleList)

Check if user is in any of listed roles. Example:

if(Users.isInRoles(Meteor.userId(), ["admin", "staff"])) {
	// user is admin or staff
	...
} else {
	// user is not admin or staff
	...
}

Users.isAdmin(userId)

Check if user is admin. Example:

if(Users.isAdmin(Meteor.userId()) {
	// user is admin
	...
} else {
	// user is not admin
	...
}

Users.isAdminOrInRole(userId, role)

Check if user is admin or in given role. Example:

if(Users.isAdminOrInRole(Meteor.userId(), "staff") {
	// user is admin or staff
	...
} else {
	// user is not admin or staff
	...
}

Permisions to Users collection

Only admins can update user roles via the client

Global functions

isAdmin()

returns true if current user is admin

if(isUserAdmin()) {
	// user is admin
	...
} else {
	// user is not admin
	...

isUserInRole(role)

returns true if current user is in given role

if(isUserInRole("staff")) {
	// user is "staff"
	...
} else {
	// user is not "staff"
	...

isUserInRoles(roleList)

returns true if current user is in any of roles given as array of strings. Example:

if(isUserInRoles(["admin", "staff"])) {
	// user is admin or staff
	...
} else {
	// user is not admin or staff
	...

Publications

Meteor.subscribe("admin_user", userId)

Data from user with given userId. Only user with "admin" role can subscribe. Complete user document is exposed to admin.

Meteor.subscribe("admin_users")

Data from all users. Only user with "admin" role can subscribe. Complete user document is exposed to admin.

Meteor.subscribe("admin_users_paged", extraOptions)

Data from all users, but depending on extraOptions, documents can be filtered, sorted and paged (used in applications generated with meteor-kitchen). Only user with "admin" role can subscribe. Complete user document is exposed to admin.

extraOptions is object:

{
	searchText: "textToFind", // search string
	searchFields: [ "fieldNameToSearch" ], // list of collection fields to search
	sortBy: "fieldNameToSortBy", // sort by field
	sortAscending: true, // sort direction
	pageNo: 0, // page number (zero-based)
	pageSize: 32, // number of documents per page. If this member is -1 then entire resultset is returned
	doSkip: true, // if this member is "false" then only first page will be returned (pageNo is ignored)
	noPaging: false // if this member value is "true" then pageNo and pageSize are ignored and entire resultset is returned
}

Meteor.subscribe("admin_users_paged_count", extraOptions)

This subscription is using tmeasday:publish-counts Meteor (atmosphere) package to return total number of documents in filtered dataset. Used to calculate total number of pages. extraOptions argument is the same as described in admin_users_paged publication, but only searchText and searchFields members are used (other members are not required to calculate total number of records and are ignored).

Meteor.subscribe("current_user_data")

Data from current user. Any user can subscribe to own data.

  • username
  • profile
  • private
  • public
  • roles
  • emails