Not working with Meteor.users collection?

Question

Not working with Meteor.users collection?

workflow opened this issue 9 years ago · comments

Hi,

first of all thx for this awesome package!

Not sure if I'm missing something here,
but it would seem that I cannot use it with the special Meteor.users collection.

Running

Meteor.users.permit(['insert', 'update', 'remove']).never().apply();

Results in

W20150201-19:01:07.771(1)? (STDERR) TypeError: Object [object Object] has no method 'permit'
W20150201-19:01:07.771(1)? (STDERR)     at app/server/security/users.js:2:14

Ben Strahan · Answer 1 · Tue Feb 03 2015 18:03:40 GMT+0800 (China Standard Time)

This works for me.


Users = Meteor.users;
Products = new Mongo.Collection("products");

if(Meteor.isServer){
  Security.permit(['insert', 'update', 'remove']).collections([
    Users,
    Products
  ]).never().apply();
}

Florian Peter · Answer 2 · Tue Feb 03 2015 19:41:48 GMT+0800 (China Standard Time)

Yes, can confirm.

Thx for the workaround!
Suggestion: document this special case?

Eric Dobbertin · Answer 3 · Tue Feb 03 2015 20:33:04 GMT+0800 (China Standard Time)

I'm not sure why Meteor.users.permit would not work. I am calling it that way in one of my apps. Maybe another pkg you're using is interfering with the prototype chain on Meteor.users collection.

Florian Peter · Answer 4 · Tue Feb 03 2015 21:05:31 GMT+0800 (China Standard Time)

Possible, thx for noting that. How can I best find out?

Here's my package list for that app:

accounts-base                            1.1.3  A user account system
accounts-facebook                        1.0.3  Login service for Facebook accounts
accounts-password                        1.0.6  Password support for accounts
accounts-twitter                         1.0.3  Login service for Twitter accounts
alanning:roles                           1.2.13  Role-based authorization
aldeed:autoform                          3.2.0* Easily create forms with automatic insert and update, and automatic reactive validation.
aldeed:collection2                       2.3.1  Automatic validation of insert and update operations on the client and server.
audit-argument-checks                    1.0.2  Try to detect inadequate input sanitization
babrahams:editable-list                  0.2.8  Editable list widget for Meteor
babrahams:editable-text                  0.7.8  Editable text drop-in template helper
email                                    1.0.5  Send email messages
iron:router                              1.0.7  Routing specifically designed for Meteor
jbrousseau:meteor-collection-behaviours  0.2.4  Extends Meteor.Collection with behaviour patterns using CollectionHooks compatible with >0.9.0
meteor-platform                          1.2.1  Include a standard set of Meteor packages in your app
mrt:jquery-csv                           0.7.1  Parse CSV (Comma Separated Values) to Javascript arrays or dictionaries. Note: The JQuery-CSV.js fil
mrt:moment                               2.8.1  Moment.js, a JavaScript date library for dates, packaged for Meteor. See http://momentjs.com.
ongoworks:security                       1.0.1  Logical security for client-originated MongoDB collection operations
pauli:accounts-linkedin                  1.0.1  Accounts service for LinkedIn accounts
sacha:spin                               2.0.4  Simple spinner package for Meteor
service-configuration                    1.0.3  Manage the configuration for third-party services
underscore                               1.0.2  Collection of small helpers: _.map, _.each, ...

Eric Dobbertin · Answer 5 · Sat Mar 14 2015 00:06:31 GMT+0800 (China Standard Time)

@workflow, I'm guessing the culprit is collection-behaviours, related to this code.

Also see this, born out of this discussion.

Levin Keller · Answer 6 · Thu Mar 19 2015 00:02:08 GMT+0800 (China Standard Time)

Thank you @aldeed This was helpful here: dburles/meteor-collection-helpers#27