fix acls access for user exists remote method

2015-06-10 17:11:32 -07:00
parent bdb7d40548
commit 9f5ace03dc
3 changed files with 26 additions and 8 deletions
--- a/common/models/user.json
+++ b/common/models/user.json
@@ -174,6 +174,12 @@
  },
  "validations": [],
  "relations": {},
-  "acls": [],
+  "acls": [{
+    "accessType": "EXECUTE",
+    "principalType": "ROLE",
+    "principalId": "$everyone",
+    "permission": "ALLOW",
+    "property": "doesExist"
+  }],
  "methods": []
 }
--- a/public/js/main_0.0.2.js
+++ b/public/js/main_0.0.2.js
@@ -475,14 +475,16 @@ profileValidation.directive('uniqueEmail', ['$http', function($http) {
      element.bind("keyup", function (event) {
        ngModel.$setValidity('unique', true);
        var email = element.val();
-        if (element.val()) {
+        if (email) {
          var config = { params: { email: email } };
          $http
            .get('/api/users/exists', config)
            .success(function (exists) {
              if (email === scope.storedEmail) {
                ngModel.$setValidity('unique', true);
-              } else if (exists) {
+                console.log('scoped.storedEmail', scoped.storedEmail);
+              } else if (exists.exists) {
+                console.log('setValid to false');
                ngModel.$setValidity('unique', false);
              }
            });
--- a/server/boot/a-extendUser.js
+++ b/server/boot/a-extendUser.js
@@ -64,17 +64,26 @@ module.exports = function(app) {
  });

  User.doesExist = function doesExist(username, email, cb) {
+    if (!username && !email) {
+      return process.nextTick(function() {
+        cb(null, false);
+      });
+    }
    debug('checking existence');
    var where = {};
    if (username) {
-      where.username = username;
+      where.username = username.toLowerCase();
    } else {
-      where.email = email;
+      where.email = email ? email.toLowerCase() : email;
    }
+    debug('where', where);
    User.count(
-      { where: where },
+      where,
      function (err, count) {
-        if (err) { return cb(err); }
+        if (err) {
+          debug('err checking existance: ', err);
+          return cb(err);
+        }
        if (count > 0) {
          return cb(null, true);
        }
@@ -104,7 +113,8 @@ module.exports = function(app) {
        }
      ],
      http: {
-        path: '/exists'
+        path: '/exists',
+        verb: 'get'
      }
    }
  );