Currently, we just modify the publish function's output. But another common pattern is to decide to return or not the output at all, based on some permission checks. So to help code reusability, middleware could allow registering hooks which would be called to allow running the publish function, or returning empty publish instead. An allow/deny hooks could be done in similar way to Meteor allow/deny.
Currently, we just modify the publish function's output. But another common pattern is to decide to return or not the output at all, based on some permission checks. So to help code reusability, middleware could allow registering hooks which would be called to allow running the publish function, or returning empty publish instead. An allow/deny hooks could be done in similar way to Meteor allow/deny.