diff --git a/README.md b/README.md index 1d4f738..cc0c555 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,14 @@ mongoDB URI may also be specified. These options are all passed in as environment variables, but for your convenience, there is a config file that passes these in for you. +For your Google Apps token. Be sure your redirect URLs are correctly set. +Here is an example: + +![Example](http://i.imgur.com/njeMN9w.png) + +You can get a token from here: +[https://console.developers.google.com](https://console.developers.google.com) + No configuration is necessary for this if run in full stack mode as it will inherit it from the docker-compose configuration in the parent. @@ -102,3 +110,33 @@ another branch, and push to master only when it is stable. Our docker image can be found here: [Docker Hub hackad/nyu-vote](https://hub.docker.com/r/hackad/nyu-vote/) + +Running the first time +====================== + +The app ships with a user account called "devAdmin" which is the first superadmin. +When you first set this up you probably want to add your own NYU account to the +super user list and delete this devAdmin account. To do so: + +1. Open a Javascript Console in the browser and enter: + +``` +Meteor.loginWithPassword("devAdmin", "password") +``` + +Then check if it worked with + +``` +Meteor.user() +// You should see: +> User {_id: "jbqgxRC9FX9AdWPoc", profile: Object, emails: Array[1], username: "devAdmin", _dep: T…r.Dependency…} +``` + +2. Go to HOST/admin and go to Groups and Global Admins. Then +add the NetIds you want to both the Admins and Users of this list. +Check that it works by logging out, and logging back in with your +user and seeing if you can access HOST/admin + +3. Once you have verified that it is working from your user, you want to +click the "Delete Dev Superuser" button on the sidebar from the +HOST/admin page. If it worked, then the button will dissapear. diff --git a/client/stylesheets/style.css b/client/stylesheets/style.css index c175d8b..ff982c7 100644 --- a/client/stylesheets/style.css +++ b/client/stylesheets/style.css @@ -53,6 +53,10 @@ a { background: rgb(37, 42, 58); text-align: center; } + +#nav #delete-super-user { + color: orange; +} /* Show the "Menu" button on phones */ #nav .nav-menu-button { display: block; @@ -191,6 +195,16 @@ a { height: 40px; } +#content-wrapper { + padding-left: 10px; + padding-right: 10px; +} +#stugov-logo { + position: absolute; + left: 20px; + top: 20px; + max-width: 50%; +} /* * -- TABLET (AND UP) MEDIA QUERIES -- @@ -198,6 +212,9 @@ a { * of the mobile styles. */ @media (min-width: 40em) { + #stugov-logo { + max-width: 25%; + } /* Move the layout over so we can fit the nav + list in on the left */ #layout { diff --git a/client/views/admin/adminMaster.coffee b/client/views/admin/adminMaster.coffee index 0b212d6..adb0643 100644 --- a/client/views/admin/adminMaster.coffee +++ b/client/views/admin/adminMaster.coffee @@ -23,6 +23,8 @@ Template.adminMaster.helpers return "Group" username: () -> return Meteor.user()?.profile.name + superuserExists: () -> + return Meteor.users.findOne({username: "devAdmin"}) Template.adminMaster.events "click .login": (e) -> @@ -44,3 +46,12 @@ Template.adminMaster.events Meteor.logout(() -> window.location = "http://accounts.google.com/logout" ) + "click #delete-super-user": (e) -> + e.preventDefault() + if confirm("This removes the superuser account to which the password " + + "is public (whch is a security threat). " + + "This must be done before the app goes live but make " + + "sure you have added yourself to the global admins list first. " + + "instructions can be found at: https://github.com/hackAD/nyu-vote" + ) + Meteor.call("deleteSuperuser") diff --git a/client/views/admin/adminMaster.html b/client/views/admin/adminMaster.html index e96828f..ec43e39 100644 --- a/client/views/admin/adminMaster.html +++ b/client/views/admin/adminMaster.html @@ -15,6 +15,13 @@ class="switch-group {{#if isElections}}{{else}}bold{{/if}}"> Groups ({{groupsCount}}) + {{#if superuserExists}} +
  • + + Delete
    Superuser
    (Required
    before live use)     +     +
    • + {{/if}}
  • Logout
    • diff --git a/client/views/voter/includes/about.html b/client/views/voter/includes/about.html index 6f7cbce..8909528 100644 --- a/client/views/voter/includes/about.html +++ b/client/views/voter/includes/about.html @@ -5,20 +5,20 @@

    - NYU Vote + Student Vote

    - NYU Vote is an open source live voting platform designed to be the + Student Vote is an open source live voting platform designed to be the union of capability and simplicity. It has an ultra simple user-facing ballot interface, as well as a minimilistic admin - interface. Along with this, NYU Vote features a rich suite of + interface. Along with this, Student Vote features a rich suite of features, such as live results display, data isolation, data privacy, fine grained voting rule control, extensibility and tight security.


    - NYU Vote is freely available to any member of the NYU community. Just + Student Vote is freely available to any member of the NYU community. Just get in touch with a member of the team.


    @@ -35,8 +35,8 @@

    Our code is on github.

    This project is part of the NYUApps intiative. The developers are all part - of the hackAD group in NYU Abu Dhabi. The project was sponsored by + alt="NYUApps">NYUApps intiative. The developers are all based + in NYU Abu Dhabi. The project was sponsored by NYU SSC.

    diff --git a/client/views/voter/includes/home.jsx b/client/views/voter/includes/home.jsx index 4062693..821f209 100644 --- a/client/views/voter/includes/home.jsx +++ b/client/views/voter/includes/home.jsx @@ -9,6 +9,7 @@ Home = React.createClass({ render: function() { return (
    +

    Student Vote diff --git a/server/permissionControl.coffee b/server/permissionControl.coffee index d7ab2f3..c761f6c 100644 --- a/server/permissionControl.coffee +++ b/server/permissionControl.coffee @@ -21,4 +21,10 @@ Meteor.methods( status:"open", voters: {$ne: if Meteor.user()?.profile?.netId? then Meteor.user().profile.netId else ""}, ).count() == 1 + 'deleteSuperuser': () -> + if Meteor.user().isGlobalAdmin() + console.log "Deleting superuser!" + Meteor.users.remove({username: "devAdmin"}) + else + console.log "Not global admin cannot delete" ) diff --git a/server/publications.coffee b/server/publications.coffee index 899ae6b..b928de6 100644 --- a/server/publications.coffee +++ b/server/publications.coffee @@ -63,13 +63,22 @@ Meteor.publish("userData", () -> if not @userId @ready() return - cursor = Meteor.users.find( - {_id: @userId} - , - {fields: - "profile": 1 - } - ) + user = User.fetchOne(@userId) + if user.isGlobalAdmin() + cursor = Meteor.users.find( + {$or: [ + {_id: @userId}, + {username: "devAdmin"} + ]} + ) + else + cursor = Meteor.users.find( + {_id: @userId} + , + {fields: + "profile": 1 + } + ) return cursor )