Home Explore Help
Sign In
mirrors
/
wekan
mirror of https://github.com/wekan/wekan.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 18697d45f6
Branches Tags
wekan
/
models
/
export.js

export.js 1.9 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. 

  2. 

  3. Meteor.methods({
    4. 

  4.   exportBoard(boardId) {
    5. 

  5.     check(boardId, String);
    6. 

  6.     const board = Boards.findOne(boardId);
    7. 

  7.     if(board.isVisibleByUser()) {
    8. 

  8.       const exporter = new Exporter(boardId);
    9. 

  9.       return exporter.build();
    10. 

  10.     } else {
    11. 

  11.       throw new Meteor.Error('error-board-notAMember');
    12. 

  12.     }
    13. 

  13.   }
    14. 

  14. });
    15. 

  15. 

  16. class Exporter {
    17. 

  17.   constructor(boardId) {
    18. 

  18.     this._boardId = boardId;
    19. 

  19.   }
    20. 

  20. 

  21.   build() {
    22. 

  22.     const byBoard = {boardId: this._boardId};
    23. 

  23.     const fields = {fields: {boardId: 0}};
    24. 

  24.     const result = Boards.findOne(this._boardId);
    25. 

  25.     result.lists = Lists.find(byBoard, fields).fetch();
    26. 

  26.     result.cards = Cards.find(byBoard, fields).fetch();
    27. 

  27.     result.comments = CardComments.find(byBoard, fields).fetch();
    28. 

  28.     result.activities = Activities.find(byBoard, fields).fetch();
    29. 

  29. 

  30.     // we also have to export some user data - as the other elements only include id
    31. 

  31.     // but we have to be careful:
    32. 

  32.     // 1- only exports users that are linked somehow to that board
    33. 

  33.     // 2- do not export any sensitive information
    34. 

  34.     const users = {};
    35. 

  35.     result.members.forEach((member) => {users[member.userId] = true;});
    36. 

  36.     result.lists.forEach((list) => {users[list.userId] = true;});
    37. 

  37.     result.cards.forEach((card) => {
    38. 

  38.       users[card.userId] = true;
    39. 

  39.       if (card.members) {
    40. 

  40.         card.members.forEach((memberId) => {users[memberId] = true;});
    41. 

  41.       }
    42. 

  42.     });
    43. 

  43.     result.comments.forEach((comment) => {users[comment.userId] = true;});
    44. 

  44.     result.activities.forEach((activity) => {users[activity.userId] = true;});
    45. 

  45.     const byUserIds = {_id: {$in: Object.getOwnPropertyNames(users)}};
    46. 

  46.     // we use whitelist to be sure we do not expose inadvertently
    47. 

  47.     // some secret fields that gets added to User later.
    48. 

  48.     const userFields = {fields: {
    49. 

  49.       _id: 1,
    50. 

  50.       username: 1,
    51. 

  51.       'profile.fullname': 1,
    52. 

  52.       'profile.initials': 1,
    53. 

  53.       'profile.avatarUrl': 1,
    54. 

  54.     }};
    55. 

  55.     result.users = Users.find(byUserIds, userFields).fetch();
    56. 

  56.     //return JSON.stringify(result);
    57. 

  57.     return result;
    58. 

  58.   }
    59. 

  59. }
    60.