FilesExpand file tree

 develop

/

deleteUser.js

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

52 lines (41 loc) · 1.27 KB

 develop

/

deleteUser.js

Copy path

Top

File metadata and controls

• Code
• Blame

52 lines (41 loc) · 1.27 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

import { Meteor } from 'meteor/meteor';

import { check } from 'meteor/check';

import { Users } from '../../app/models';

import { hasPermission } from '../../app/authorization';

import { deleteUser } from '../../app/lib';

Meteor.methods({

deleteUser(userId) {

check(userId, String);

if (!Meteor.userId()) {

throw new Meteor.Error('error-not-allowed', 'Not allowed', {

method: 'deleteUser',

});

}

if (hasPermission(Meteor.userId(), 'delete-user') !== true) {

throw new Meteor.Error('error-not-allowed', 'Not allowed', {

method: 'deleteUser',

});

}

const user = Users.findOneById(userId);

if (!user) {

throw new Meteor.Error('error-invalid-user', 'Invalid user to delete', {

method: 'deleteUser',

});

}

if (user.type === 'app') {

throw new Meteor.Error('error-cannot-delete-app-user', 'Deleting app user is not allowed', {

method: 'deleteUser',

});

}

const adminCount = Meteor.users.find({ roles: 'admin' }).count();

const userIsAdmin = user.roles.indexOf('admin') > -1;

if (adminCount === 1 && userIsAdmin) {

throw new Meteor.Error('error-action-not-allowed', 'Leaving the app without admins is not allowed', {

method: 'deleteUser',

action: 'Remove_last_admin',

});

}

deleteUser(userId);

return true;

},

});