Meteor Collection.allow

时间:2013-09-01 11:02:40

标签: javascript mongodb authentication meteor

嘿伙计们,我对Meteor账号api有疑问。 我试图让只有登录的用户更改自己的列表,而不影响其他用户列表这里是我的代码: 客户端:

Meteor.subscribe('Categories');

Meteor.autosubscribe(function() {
    Meteor.subscribe("listdetails",
        Session.get('current_list'));
});
'keyup #add-category': function (e,t){
        if (e.which === 13)
        {
            var catVal = String(e.target.value || "");
            if (catVal)
            {
                lists.insert({Category:catVal,owner:this.userId});
                Session.set('adding_category', false);
            }
        }
    },

服务器端:

Meteor.startup(function () {

    Meteor.publish("Categories", function() {
        return lists.find({owner:Meteor.userId},{fields:{Category:1}});
    });


    Meteor.publish("listdetails", function(category_id){
        return lists.find({_id:category_id});
    });
});

双方(客户和服务器):

lists = new Meteor.Collection("Lists");

/*function adminUser(userId) {
    var adminUser = Meteor.users.findOne({username:"boazhoch"});
    return userId && adminUser && userId === adminUser._id;
} */
function adminUser(userId) {
    var adminUser = Meteor.users.findOne({username:"admin"});
    return (userId && adminUser && userId === adminUser._id);
}
lists.allow({
    insert: function (userId, doc) {
    // the user must be logged in, and the document must be owned by the user
    return (adminUser(userId) || userId && doc.owner === userId);
    },
    update: function(userId, docs, fields, modifier){
        return adminUser(userId) || _.all(docs, function(doc) {
            return doc.owner === userId;
        });
    },
    remove: function (userId, docs){
        return adminUser(userId) || _.all(docs, function(doc) {
            return doc.owner === userId;
        });
    },
    fetch: ['owner']
});

enter image description here

你可以清楚地看到,当使用admin登录并且未登录时,屏幕是相似的(不是我想要的结果)并注意到this.userId是“undefined”,这是有线的,这就是我使用Meteor.userId的原因。

3 个答案:

答案 0 :(得分:3)

将您的代码更改为以下内容:

客户端(在“keyup#add-category”事件中):

lists.insert({Category:catVal,owner:Meteor.userId()});

服务器(在发布类别中):

 return lists.find({owner:this.userId},{fields:{Category:1}});

双方(客户和服务器):

lists.allow({
    insert: function(userId, doc){
        return adminUser(userId) || (userId && doc.owner === userId);
    },
    update: function(userId, doc, fields, modifier) {
        return adminUser(userId) || doc.owner === userId;
    },
    remove: function (userId, doc){
        return adminUser(userId) || doc.owner === userId;
    },
    fetch: ['owner']
});

答案 1 :(得分:1)

在客户端上,您应该使用Meteor.userId()并在服务器this.userId上,但只能在发布功能中使用:

Meteor.publish("Categories", function() {
    return lists.find({owner:this.userId},{fields:{Category:1}});
});

当你插入它时,在客户端上:

lists.insert({Category:catVal,owner:Meteor.userId()});

您还需要确保在启动流星之前删除自动发布,自动发布所有内容

meteor remove autopublish

答案 2 :(得分:0)

完整的客户端代码:

Meteor.subscribe('Categories');

Meteor.autosubscribe(function() {
    Meteor.subscribe("listdetails",
        Session.get('current_list'));
});

Template.categories.lists = function () {
    return lists.find({},{sort: {Category: 1}});
};

Session.set('adding_category', false);

Template.categories.new_cat = function () {
    return Session.equals('adding_category',true);
};
Template.categories.events({

    'click #btnNewCat': function (e, t) {

        Session.set('adding_category', true);

        Meteor.flush();
        focusText(t.find("#add-category"));
    },

    'keyup #add-category': function (e,t){
        if (e.which === 13)
        {
            var catVal = String(e.target.value || "");
            if (catVal)
            {
                lists.insert({Category:catVal,owner:Meteor.userId});
                Session.set('adding_category', false);
            }
        }
    },
    'focusout #add-category': function(e,t){

        Session.set('adding_category',false);

    },
    'click .category': selectCategory
});

/////Generic Helper Functions/////

//this function puts our cursor where it needs to be.
function focusText(i,val) {
    i.focus();
    i.value = val ? val : "";
    i.select();

};//< -----This is the end tag for focusText() -----

function selectCategory(e,t){
    Session.set('current_list',this._id);
}

function addItem(list_id,item_name){
    if (!item_name&&!list_id)
        return;
    lists.update({_id:list_id},
        {$addToSet:{items:{Name:item_name}}});
}

function removeItem(list_id,item_name){
    if (!item_name&&!list_id)
        return;
    lists.update({_id:list_id},
        {$pull:{items:{Name:item_name}}});
}

function updateLendee(list_id,item_name,lendee_name){
    var l = lists.findOne({"_id":list_id ,
        "items.Name":item_name});
    if (l&&l.items)
    {
        for (var i = 0; i<l.items.length; i++)
        {
            if (l.items[i].Name === item_name)
            {
                l.items[i].LentTo = lendee_name;
            }
        }
        lists.update({"_id":list_id},{$set:{"items":l.items}});
    }
};

Template.list.items = function () {
    if (Session.equals('current_list',null)) return null;
    else
    {
        var cats = lists.findOne({_id:Session.get('current_list')});
        if (cats&&cats.items)
        {
            for(var i = 0; i<cats.items.length;i++) {
                var d = cats.items[i]; d.Lendee = d.LentTo ? d.LentTo :
                    "free"; d.LendClass = d.LentTo ?
                    "label-important" : "label-success";
            }
            return cats.items;
        }
    }
};// < ---- ending bracket for Template.list.items function ----

Template.list.list_selected = function() {
    return ((Session.get('current_list')!=null) &&
        (!Session.equals('current_list',null)));
};
Template.categories.list_status = function(){
    if (Session.equals('current_list',this._id))
        return "";
    else
        return " btn-inverse";
};
Template.list.list_adding = function(){
    return (Session.equals('list_adding',true));
};
Template.list.lendee_editing = function(){
    return (Session.equals('lendee_input',this.Name));
};

Template.list.events({
    'click #btnAddItem': function (e,t){
        Session.set('list_adding',true);
        Meteor.flush();
        focusText(t.find("#item_to_add"));
    },
    'keyup #item_to_add': function (e,t){
        if (e.which === 13)
        {
            addItem(Session.get('current_list'),e.target.value);
            Session.set('list_adding',false);
        }
    },
    'focusout #item_to_add': function(e,t){
        Session.set('list_adding',false);
    },
    'click .delete_item': function(e,t){
        removeItem(Session.get('current_list'),e.target.id);
    },
    'click .lendee' : function(e,t){
        Session.set('lendee_input',this.Name);
        Meteor.flush();
        focusText(t.find("#edit_lendee"),this.LentTo);
    },
    'keyup #edit_lendee': function (e,t){
        if (e.which === 13)
        {
            updateLendee(Session.get('current_list'),this.Name,
                e.target.value);
            Session.set('lendee_input',null);
        }
        if (e.which === 27)
        {
            Session.set('lendee_input',null);
        }
    }
});

Accounts.ui.config({
    passwordSignupFields: 'USERNAME_AND_OPTIONAL_EMAIL'
});
相关问题
最新问题