Not working with Meteor.users collection?
workflow opened this issue · comments
Hi,
first of all thx for this awesome package!
Not sure if I'm missing something here,
but it would seem that I cannot use it with the special Meteor.users
collection.
Running
Meteor.users.permit(['insert', 'update', 'remove']).never().apply();
Results in
W20150201-19:01:07.771(1)? (STDERR) TypeError: Object [object Object] has no method 'permit'
W20150201-19:01:07.771(1)? (STDERR) at app/server/security/users.js:2:14
This works for me.
Users = Meteor.users;
Products = new Mongo.Collection("products");
if(Meteor.isServer){
Security.permit(['insert', 'update', 'remove']).collections([
Users,
Products
]).never().apply();
}
Yes, can confirm.
Thx for the workaround!
Suggestion: document this special case?
I'm not sure why Meteor.users.permit
would not work. I am calling it that way in one of my apps. Maybe another pkg you're using is interfering with the prototype chain on Meteor.users
collection.
Possible, thx for noting that. How can I best find out?
Here's my package list for that app:
accounts-base 1.1.3 A user account system
accounts-facebook 1.0.3 Login service for Facebook accounts
accounts-password 1.0.6 Password support for accounts
accounts-twitter 1.0.3 Login service for Twitter accounts
alanning:roles 1.2.13 Role-based authorization
aldeed:autoform 3.2.0* Easily create forms with automatic insert and update, and automatic reactive validation.
aldeed:collection2 2.3.1 Automatic validation of insert and update operations on the client and server.
audit-argument-checks 1.0.2 Try to detect inadequate input sanitization
babrahams:editable-list 0.2.8 Editable list widget for Meteor
babrahams:editable-text 0.7.8 Editable text drop-in template helper
email 1.0.5 Send email messages
iron:router 1.0.7 Routing specifically designed for Meteor
jbrousseau:meteor-collection-behaviours 0.2.4 Extends Meteor.Collection with behaviour patterns using CollectionHooks compatible with >0.9.0
meteor-platform 1.2.1 Include a standard set of Meteor packages in your app
mrt:jquery-csv 0.7.1 Parse CSV (Comma Separated Values) to Javascript arrays or dictionaries. Note: The JQuery-CSV.js fil
mrt:moment 2.8.1 Moment.js, a JavaScript date library for dates, packaged for Meteor. See http://momentjs.com.
ongoworks:security 1.0.1 Logical security for client-originated MongoDB collection operations
pauli:accounts-linkedin 1.0.1 Accounts service for LinkedIn accounts
sacha:spin 2.0.4 Simple spinner package for Meteor
service-configuration 1.0.3 Manage the configuration for third-party services
underscore 1.0.2 Collection of small helpers: _.map, _.each, ...
@workflow, I'm guessing the culprit is collection-behaviours, related to this code.
Also see this, born out of this discussion.
Thank you @aldeed This was helpful here: dburles/meteor-collection-helpers#27