permissions:admin:
permissions:permissions-manager:
// Common code on client and server
(new OrbitPermissions.Registrar("chat"))
.definePermission("remove-message")
.definePermission("edit-message")
.definePermission("appoint-manager")
.defineRole("chat-moderator", ["edit-message", "remove-message"]);
// Common code on client and server
// Registrar for the app is created when
// OrbitPermissions.Registrar() is called with no args
appplication_registrar = new OrbitPermissions.Registrar();
appplication_registrar
.definePermission("approve-accounts")
.defineRole("site-moderator",
["chat:edit-message",
"chat:remove-message",
"project:approve-accounts"]);
// On the client, the following requires the
// permissions:edit-custom-roles permission
OrbitPermissions.defineCustomRole("underprivileged-moderator",
["project:approve-accounts", "chat:remove-message"]);
OrbitPermissions.undefineCustomRole("underprivileged-moderator");
// On the client, the following requires the
// permissions:delegate-and-revoke permission
OrbitPermissions.delegate(user,
["chat:chat-moderator", "project:site-moderator"]);
OrbitPermissions.revoke(user,
["chat:chat-moderator", "project:site-moderator"]);
// On the client, checking permissions of other users require the
// permissions:get-users-roles permission
CustomRoles.allow({
insert: function (userId, doc) {
return OrbitPermissions.userCan("edit-custom-roles",
"permissions", userId);
},
remove: function (userId, doc) {
return OrbitPermissions.userCan("edit-custom-roles",
"permissions", userId);
)
});
{{#if can "remove-message" "chat"}}
{{/if}}
// On the client, requires the permissions:get-users-roles permission unless
// checked on logged user
OrbitPermissions.isAdmin(user)
// On the client, requires the permissions:delegate-and-revoke permission
OrbitPermissions.addAdmins(users)
// On the client, requires the permissions:delegate-and-revoke permission
OrbitPermissions.removeAdmins(users)