search

Meteor-Community-Packages / meteor-roles

Authorization package for Meteor, compatible with built-in accounts packages
http://meteor-community-packages.github.io/meteor-roles/
MIT License
921 stars 168 forks source link

isInRole & userIsInRole() not working #122

Closed lookingcloudy closed 9 years ago

lookingcloudy commented 9 years ago

I created users server side as per your docs:

Meteor.startup(function () {
    var users = [
        {name:"brad",email:"brad@blah.org",roles:['admin']}
    ];

    isUser = function (username) {
        return Meteor.users.findOne({emails: {$elemMatch: {address: username}}})
    };

    _.each(users, function (user) {
        var id;

        if (!isUser(user.email)) {
            id = Accounts.createUser({
                email: user.email,
                password: "blah",
                profile: { name: user.name }
            });

            if (user.roles.length > 0) {
                // Need _id of existing user record so this call must come
                // after `Accounts.createUser` or `Accounts.onCreate`
                Roles.addUsersToRoles(id, user.roles, 'default-group');
            }
        }

    });
})

This does not work:

{{#if ifInRole 'admin'}}
    <a class="waves-effect waves-light btn">Stuff</a>
{{else}}
    <p>Login required</p>
{{/if}}

Nor does this work:

Roles.userIsInRole(user, ['admin'])
alanning commented 9 years ago

Hi @lookingcloudy, because a group was specified when you added the role/permission, you must also use the group when checking to see if the user has that permission:

{{#if ifInRole 'admin' 'default-group'}}
    <a class="waves-effect waves-light btn">Stuff</a>
{{else}}
    <p>Login required</p>
{{/if}}
Roles.userIsInRole(user, 'admin', 'default-group')

If you want the permission to apply irrespective of groups, then use Roles.GLOBAL_GROUP as the group:

Roles.addUsersToRoles(id, user.roles, Roles.GLOBAL_GROUP)

I'll update the readme to hopefully be more clear on that.

Also, just fyi, in mongo you can avoid $elemMatch by changing your key like so: Meteor.users.findOne({'emails.address':'brad@blah.org'})

lookingcloudy commented 9 years ago

Thanks!

On Mon, Aug 31, 2015 at 2:01 PM, Adrian Lanning notifications@github.com wrote:

Hi @lookingcloudy https://github.com/lookingcloudy, because a group was specified when you added the role/permission, you must also use the group when checking to see if the user has that permission:

{{#if ifInRole 'admin' 'default-group'}} Stuff {{else}}

Login required

{{/if}}

Roles.userIsInRole(user, 'admin', 'default-group')

If you want the permission to apply irrespective of groups, then use Roles.GLOBAL_GROUP as the group:

Roles.addUsersToRoles(id, user.roles, Roles.GLOBAL_GROUP)

I'll update the readme to hopefully be more clear on that.

Also, just fyi, in mongo you can avoid $elemMatch by changing your key like so: Meteor.users.findOne({'emails.address':'brad@blah.org'})

— Reply to this email directly or view it on GitHub https://github.com/alanning/meteor-roles/issues/122#issuecomment-136447020 .