Skip to content

Commit 7def9f7

Browse files
DerekTBrownDerekTBrown
committed
Adding Search Permissions
1 parent 1c44404 commit 7def9f7

1 file changed

Lines changed: 59 additions & 7 deletions

File tree

server/methods/course.methods.ts

Lines changed: 59 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -175,13 +175,65 @@
175175
},
176176

177177
'Courses.search'({query}){
178-
return Courses.find({
179-
$or : [
180-
{ "_id" : query },
181-
{ "name" : { $regex : query, $options : 'i' }},
182-
{ "course_number" : { $regex : query, $options : 'i' }}
183-
]
184-
}).fetch();
178+
// Unauthenticated
179+
if(!Meteor.userId()){
180+
return Courses.find({
181+
$or : [
182+
{ "_id" : query },
183+
{ "name" : { $regex : query, $options : 'i' }},
184+
{ "course_number" : { $regex : query, $options : 'i' }}
185+
],
186+
permissions: {
187+
content: ContentPermissions.Any,
188+
meta: true
189+
}
190+
}).fetch();
191+
}
192+
193+
// Global Admin
194+
else if(Users.isGlobalAdministrator(Meteor.userId())){
195+
return Courses.find({
196+
$or : [
197+
{ "_id" : query },
198+
{ "name" : { $regex : query, $options : 'i' }},
199+
{ "course_number" : { $regex : query, $options : 'i' }}
200+
]
201+
}).fetch();
202+
}
203+
204+
// Role
205+
else {
206+
return Courses.find({
207+
$and: [
208+
{
209+
$or : [
210+
{ "_id" : query },
211+
{ "name" : { $regex : query, $options : 'i' }},
212+
{ "course_number" : { $regex : query, $options : 'i' }}
213+
],
214+
},
215+
{
216+
$or : [
217+
218+
// Any
219+
{
220+
permissions: {
221+
content: ContentPermissions.Any,
222+
meta: true
223+
}
224+
},
225+
226+
// Authenticated Instructor or Course Admin
227+
{
228+
instructors: { $elemMatch : Meteor.userId() }
229+
}
230+
]
231+
}
232+
]
233+
}).fetch();
234+
}
235+
236+
185237
},
186238

187239
'Courses.setFeatured'({ course_id, featured }){

0 commit comments

Comments
 (0)