digilord
commented
11 years ago What do you mean by an 'insecure collection'?
Closed mizzao closed 11 years ago
digilord
commented
11 years ago What do you mean by an 'insecure collection'?
mizzao
commented
11 years ago A collection on which FooCollection._insecure = true or in most cases, any collection in an app where the insecure package is being used and there is no explicit allow or deny set on the collection.
No one uses insecure collections except in development/testing so this is more of a wishlist item but it would just be nice to have things act consistently if this code is used more widely.
digilord
commented
11 years ago How do you 'force a validator'?
mizzao
commented
11 years ago http://docs.meteor.com/#allow last paragraph
matb33
commented
11 years ago @mizzao @digilord this should work in the "refactor" branch. If you guys have time, please give it a try -- I'd like to merge it with master soon
The API has changed (see examples): https://github.com/matb33/meteor-collection-hooks/tree/refactor
matb33
commented
11 years ago This should be working in the new version of collection hooks. If you find that it doesn't, we can re-open.
Because of the way the mutator methods are called in https://github.com/meteor/meteor/blob/master/packages/mongo-livedata/collection.js, (i.e. by using
self._collection[method].call, a client doinginsert,update, orremovewill not trigger the hooks on the server if the collection is insecure. This is because it's directly calling the_collectionmethod instead of the prototype.One way to get around this in implementation is to simply force a validator (even all true) on the collection that is being hooked. However, if it's possible to fix this, it would make things more consistent.
All this is just pointing more toward a proper integration with Meteor :)