« All boards page » only displays tables to which the current user has access

client/components/boards/boardsList.js

@@ -87,16 +87,52 @@ BlazeComponent.extendComponent({
 
   boards() {
     const query = {
-      archived: false,
-      //type: { $in: ['board','template-container'] },
-      type: 'board',
+      //archived: false,
+      ////type: { $in: ['board','template-container'] },
+      //type: 'board',
+      $and: [
+        { archived: false },
+        { type: 'board' },
+        { $or:[] }
+      ]
     };
-    if (FlowRouter.getRouteName() === 'home')
-      query['members.userId'] = Meteor.userId();
+    if (FlowRouter.getRouteName() === 'home'){
+      query.$and[2].$or.push({'members.userId': Meteor.userId()});
+
+      const currUser = Users.findOne(Meteor.userId());
+
+      // const currUser = Users.findOne(Meteor.userId(), {
+      //   fields: {
+      //     orgs: 1,
+      //     teams: 1,
+      //   },
+      // });
+
+      let orgIdsUserBelongs = currUser.teams !== 'undefined' ? currUser.orgIdsUserBelongs() : '';
+      if(orgIdsUserBelongs && orgIdsUserBelongs != ''){
+        let orgsIds = orgIdsUserBelongs.split(',');
+        // for(let i = 0; i < orgsIds.length; i++){
+        //   query.$and[2].$or.push({'orgs.orgId': orgsIds[i]});
+        // }
+
+        //query.$and[2].$or.push({'orgs': {$elemMatch : {orgId: orgsIds[0]}}});
+        query.$and[2].$or.push({'orgs.orgId': {$in : orgsIds}});
+      }
+
+      let teamIdsUserBelongs = currUser.teams !== 'undefined' ? currUser.teamIdsUserBelongs() : '';
+      if(teamIdsUserBelongs && teamIdsUserBelongs != ''){
+        let teamsIds = teamIdsUserBelongs.split(',');
+        // for(let i = 0; i < teamsIds.length; i++){
+        //   query.$or[2].$or.push({'teams.teamId': teamsIds[i]});
+        // }
+        //query.$and[2].$or.push({'teams': { $elemMatch : {teamId: teamsIds[0]}}});
+        query.$and[2].$or.push({'teams.teamId': {$in : teamsIds}});
+      }
+    }
     else query.permission = 'public';
 
     return Boards.find(query, {
-      sort: { sort: 1 /* boards default sorting */ },
+      //sort: { sort: 1 /* boards default sorting */ },
     });
   },
   isStarred() {

server/publications/boards.js

@@ -13,6 +13,17 @@ Meteor.publish('boards', function() {
   const { starredBoards = [] } = (Users.findOne(userId) || {}).profile || {};
   check(starredBoards, [String]);
 
+  let currUser = Users.findOne(userId);
+  let orgIdsUserBelongs = currUser!== 'undefined' && currUser.teams !== 'undefined' ? currUser.orgIdsUserBelongs() : '';
+  let teamIdsUserBelongs = currUser!== 'undefined' && currUser.teams !== 'undefined' ? currUser.teamIdsUserBelongs() : '';
+  let orgsIds = [];
+  let teamsIds = [];
+  if(orgIdsUserBelongs && orgIdsUserBelongs != ''){
+    orgsIds = orgIdsUserBelongs.split(',');
+  }
+  if(teamIdsUserBelongs && teamIdsUserBelongs != ''){
+    teamsIds = teamIdsUserBelongs.split(',');
+  }
   return Boards.find(
     {
       archived: false,
@@ -22,6 +33,8 @@ Meteor.publish('boards', function() {
           permission: 'public',
         },
         { members: { $elemMatch: { userId, isActive: true } } },
+        {'orgs.orgId': {$in : orgsIds}},
+        {'teams.teamId': {$in : teamsIds}},
       ],
     },
     {
@@ -82,11 +95,22 @@ Meteor.publishRelations('board', function(boardId, isArchived) {
   check(isArchived, Boolean);
   const thisUserId = this.userId;
   const $or = [{ permission: 'public' }];
+  let currUser =  (!Match.test(thisUserId, String) || !thisUserId) ? 'undefined' : Users.findOne(thisUserId);
+  let orgIdsUserBelongs = currUser!== 'undefined' && currUser.teams !== 'undefined' ? currUser.orgIdsUserBelongs() : '';
+  let teamIdsUserBelongs = currUser!== 'undefined' && currUser.teams !== 'undefined' ? currUser.teamIdsUserBelongs() : '';
+  let orgsIds = [];
+  let teamsIds = [];
+  if(orgIdsUserBelongs && orgIdsUserBelongs != ''){
+    orgsIds = orgIdsUserBelongs.split(',');
+  }
+  if(teamIdsUserBelongs && teamIdsUserBelongs != ''){
+    teamsIds = teamIdsUserBelongs.split(',');
+  }
 
   if (thisUserId) {
-    $or.push({
-      members: { $elemMatch: { userId: thisUserId, isActive: true } },
-    });
+    $or.push({members: { $elemMatch: { userId: thisUserId, isActive: true } }});
+    $or.push({'orgs.orgId': {$in : orgsIds}});
+    $or.push({'teams.teamId': {$in : teamsIds}});
   }
 
   this.cursor(

server/publications/users.js

@@ -23,6 +23,8 @@ Meteor.publish('user-admin', function() {
   return Meteor.users.find(this.userId, {
     fields: {
       isAdmin: 1,
+      teams: 1,
+      orgs: 1,
     },
   });
 });
@@ -34,6 +36,8 @@ Meteor.publish('user-authenticationMethod', function(match) {
     {
       fields: {
         authenticationMethod: 1,
+        teams: 1,
+        orgs: 1,
       },
     },
   );