user-roles
This package will add simple user access management to Meteor application.
Package is used by Meteor Kitchen - source code generator for Meteor.
Instalation
meteor add perak:user-roles
Users collection
Collection Users extends Meteor.users collection. When user is created, roles: [] array is added to the user document. You can add one or more role names to this array:
1{ 2 //...user's document... 3 4 roles: ["admin", "user"] 5 6 //... 7} 8
Users.isInRole(userId, role)
Check if user is in given role. Example:
1if(Users.isInRole(Meteor.userId(), "admin")) { 2 // user is admin 3 ... 4} else { 5 // user is not admin 6 ... 7}
Users.isInRoles(userId, roleList)
Check if user is in any of listed roles. Example:
1if(Users.isInRoles(Meteor.userId(), ["admin", "staff"])) { 2 // user is admin or staff 3 ... 4} else { 5 // user is not admin or staff 6 ... 7}
Users.isAdmin(userId)
Check if user is admin. Example:
1if(Users.isAdmin(Meteor.userId()) { 2 // user is admin 3 ... 4} else { 5 // user is not admin 6 ... 7}
Users.isAdminOrInRole(userId, role)
Check if user is admin or in given role. Example:
1if(Users.isAdminOrInRole(Meteor.userId(), "staff") { 2 // user is admin or staff 3 ... 4} else { 5 // user is not admin or staff 6 ... 7}
Permisions to Users collection
Only admins can update user roles via the client
Global helpers
{{isAdmin}}
returns true if current user is admin
1{{#if isAdmin}} 2 Visible to Admin 3{{else}} 4 Visible to others 5{{/if}}
{{isUserInRole role}}
returns true if current user is in given role
1{{#if isUserInRole "manager"}} 2 Visible to Manager 3{{else}} 4 Visible to others 5{{/if}}
{{isUserInRoles [roleList]}}
returns true if current user is in any of roles given as array of strings. Example:
1{{#if isUserInRoles ["admin", "manager"]}} 2 Visible to Admin and Manager 3{{else}} 4 Visible to others 5{{/if}}
Publications
Meteor.subscribe("admin_user", userId)
Subscribes to data of user with given userId. Only user with "admin" role can subscribe. Complete user document is exposed to admin.
Meteor.subscribe("admin_users")
Subscribes to all users. Only user with "admin" role can subscribe. Following fields from user document are published:
- profile
- roles
- emails
- stats
Meteor.subscribe("admin_users_paged", extraOptions)
Data from all users, but depending on extraOptions, documents can be filtered, sorted and paged (used in applications generated with meteor-kitchen). Only user with "admin" role can subscribe. Complete user document is exposed to admin.
extraOptions is object:
1{ 2 searchText: "textToFind", // search string 3 searchFields: [ "fieldNameToSearch" ], // list of collection fields to search 4 sortBy: "fieldNameToSortBy", // sort by field 5 sortAscending: true, // sort direction 6 pageNo: 0, // page number (zero-based) 7 pageSize: 32, // number of documents per page. If this member is -1 then entire resultset is returned 8 doSkip: true, // if this member is "false" then only first page will be returned (pageNo is ignored) 9 noPaging: false // if this member value is "true" then pageNo and pageSize are ignored and entire resultset is returned 10}
Meteor.subscribe("admin_users_paged_count", extraOptions)
This subscription is using tmeasday:publish-counts Meteor (atmosphere) package to return total number of documents in filtered dataset. Used to calculate total number of pages. extraOptions argument is the same as described in admin_users_paged publication, but only searchText and searchFields members are used (other members are not required to calculate total number of records and are ignored).
Meteor.subscribe("current_user_data")
Current user's data. Any user can subscribe to own data. Following fields from user document are exposed:
- username
- profile
- private
- public
- roles
- emails