enable editing only for `profile` field in User document
achtan opened this issue · comments
Hi, how to enable editing only for profile
field in User document?
this is not working
Users.permit(['update']).onlyProps('profile').ifOwner().apply();
What do you mean by "not working"?
What is the definition for ifOwner
?
I'm assuming you aliased Meteor.users
as Users
?
yes, Users = Meteor.users
ifOwner
is ok
i got permission denied when i am editing property of profile
object for example profile.firstName
You may have to use the Security.permit
syntax:
Security.permit(['update']).collections([ Meteor.users ]).onlyProps('profile').ifOwner().apply();
Or trying putting the security pkg before the accounts packages in .meteor/packages.
Also, the security you're trying to define is the default security that the accounts package sets up, so technically there should be no need to do it again, though it should work.
thx, man ill try it!