Menu
I am using collectionFS for file upload, my code is bellow. Logged user can insert image to images collection, also I can see that file is uploaded on server. Image links and download button is displaying before remove insecure package able to see images and download. After removed insecure package from project. Images are not displaying also download is not working(can retrieve image name and url), receiving access denied 403 error. What I really wanted is that signed user can insert files to server and everyone can see images, also able to download files.I wrote allow rules and also publish and subscribe. What is the problem here?
js file
if (Meteor.isClient) {
Template.myForm.events({
'change .myFileInput': function(event, template) {
FS.Utility.eachFile(event, function(file) {
var fsFile = new FS.File(event.target.files[0]);
fsFile.owner = Meteor.userId();
Images.insert(file, function (err, fileObj) {
//If !err, we have inserted new doc with ID fileObj._id, and
//kicked off the data upload using HTTP
});
});
}
});
Template.imageView.helpers({
images: function () {
return Images.find(); // Where Images is an FS.Collection instance
}
});
Meteor.subscribe('images');
}
if (Meteor.isServer) {
Meteor.startup(function () {
// code to run on server at startup
});
Meteor.publish('images', function(){
return Images.find();
});
}
Images = new FS.Collection("images", {
stores: [new FS.Store.FileSystem("images", {path: "~/uploaded"})],
});
Images.allow({
insert: function(userId, doc){
return !!userId;
},
update: function(userId, doc){
return !!userId;
},
remove: function(userId, doc){
return false;
}
});
html file
<head>
<title>uploader</title>
</head>
<body>
{{> loginButtons}}
{{> imageView}}
{{>myForm}}
</body>
<template name="imageView">
<div class="imageView">
{{#each images}}
<div>
<a href="{{this.url}}" target="_blank"><img src="{{this.url}}" alt="" class="thumbnail" />{{this.url}}</a><br/>
<strong>{{this.name}}</strong> <a href="{{this.url download=true}}" class="btn btn-primary">Download</a>
</div>
{{/each}}
</div>
</template>
<template name="myForm">
<p>
Please specify a file, or a set of files:<br>
<input type="file" name="datafile" class="myFileInput">
</p>
</template>
277
If you have insecure and autopublish turned off, and you access your files through a subscription, I believe you just need a download var in your allow hash.
Uploads.allow({
insert:function(userId,project){
return true;
},
update:function(userId,project,fields,modifier){
return true;
},
remove:function(userId,project){
return true;
},
download:function(){
return true;
}
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
