Currently I am just trying to check if the user is logged in before inserting an item. I will eventually change this so only certain users can insert certain items, but for now I am just trying to make sure the user is logged in before adding an item to the DB.
This is my meteor method for inserting an item
Meteor.methods({
addItem : function(newItem) {
var item = {
time: new Date(),
type: newItem.type
}
console.log("User ID: "+Meteor.userId());
console.log("item: " +item);
Item.insert(Meteor.userId(), item);
}
});
My allow statement
Item.allow({
insert: function(userId, item){
return userId != null;
}
})
The error message in console
I20150630-23:27:29.811(-4)? User ID: null
I20150630-23:27:29.912(-4)? item: [object Object]
I20150630-23:27:29.917(-4)? Exception in Mongo write: TypeError: object is not a
function
I20150630-23:27:29.918(-4)? at writeCallback (packages/mongo/mongo_driver.js
:313:1)
I20150630-23:27:29.918(-4)? at Meteor.bindEnvironment.runWithEnvironment (pa
ckages/meteor/dynamics_nodejs.js:108:1)
EDIT:
after logging in the console prints
I20150630-23:31:43.006(-4)? User ID: So9WoeueDJ6oEWkKf
I20150630-23:31:43.016(-4)? item: [object Object]
I20150630-23:31:43.018(-4)? at Meteor.bindEnvironment.runWithEnvironment (pa
ckages/meteor/dynamics_nodejs.js:108:1)
I20150630-23:31:43.017(-4)? at writeCallback (packages/mongo/mongo_driver.js
:313:1)
I20150630-23:31:43.017(-4)? Exception in Mongo write: TypeError: object is not a
function
EDIT 2:
Item.allow({
insert: function(userId, item){
console.log("userId: "+userId);
return userId != null;
}
})
Meteor.methods({
addItem : function(newItem) {
var item = {
time: new Date(),
type: newItem.type
}
console.log("userID going into insert: "+Meteor.userId());
Item.insert(item);
}
});
output
I20150701-00:11:56.267(-4)? userID going into insert: null
and more importantly, the item gets added to the database
http://docs.meteor.com/#/full/insert
CollectionName.insert
takes an object you want to insert as the first argument and then a callback function to run as the second argument.
In your code you're putting in a string as the first argument and then an object as the second argument. That's why you have the message object is not a function
:
Item.insert(Meteor.userId(), item);
Do something like:
if( Meteor.userId() ){
// insert something
Item.insert(item, function(error, idOfInsertedDocument){
// do something if there is an error during insertion
// or do something with the ID of the inserted document
});
} else {
// do something to notify the user that nothing can be inserted because there is no user
};
So the issue it turns out was 2 fold.
One, the user_id doesn't get passed into the insert method
Two, the allow/deny ONLY works on client side inserts.
Since it is generally bad practice to do the insert client side (it's harder to secure and gives a lot of information to the would be attackers), it is best to just do the logic in your Meteor.methods functionality.
Final solution was to do the following:
Meteor.methods({
addItem : function(newItem) {
var item = {
time: new Date(),
type: newItem.type
}
if (Meteor.userId()){
Item.insert(item);
}
}
});
You are misunderstanding what allow
does. It tells the client what is allowed and what is not. Moreover the signature of the insert
command is not the same as that of the allow
, as you are doing.
That said, the solution is to simply do the insert on the client:
Item.insert(item);
or, if you really want to do it via a method, then still just drop the first argument.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.