bigbluebutton-Github/labs/meteor-client/app/server/user_permissions.coffee
2014-12-11 17:23:19 +00:00

37 lines
1.1 KiB
CoffeeScript

moderator = null
presenter = null
viewer =
# raising/lowering hand
raiseOwnHand : true
lowerOwnHand : true
# muting
muteSelf : true
unmuteSelf : true
logoutSelf : true
#subscribing
subscribeUsers: true
subscribeChat: true
#chat
chatPublic: true #should make this dynamically modifiable later on
chatPrivate: true #should make this dynamically modifiable later on
@isAllowedTo = (action, meetingId, userId, authToken) ->
Meteor.log.info "in isAllowedTo: action-#{action}, userId=#{userId}, authToken=#{authToken}"
user = Meteor.Users.findOne({meetingId:meetingId, userId: userId})
if user?
# we check if the user is who he claims to be
if authToken is user.authToken
if user.user?.role is 'VIEWER' or user.user?.role is undefined
return viewer[action] or false
Meteor.log.error "in meetingId=#{meetingId} userId=#{userId} tried to perform #{action} without permission" +
"\n..while the authToken was #{user.authToken} and the user's object is #{JSON.stringify user}"
# the current version of the HTML5 client represents only VIEWER users
return false