The first insert works fine, but the second Gives "Insert Failed: 403 -- Access denied" in the console. Auto subscribe is enabled, and I am on the auth branch. How do I set up my code so that I have a server MongoDB that clients can write to?
People = new Meteor.Collection('people');
if (Meteor.is_server) {
People.insert({name: 'Bob'});
}
if (Meteor.is_client) {
People.insert({name: 'Bob'});
}
Because you are working with auth, you must allow or deny clients trying to do inserts, updates, removes, and fetches. To fix this specific issue you must add Collection.allow() to let the client's insert work.
if(Meteor.is_server) {
People.allow({
'insert': function (userId,doc) {
/* user and doc checks ,
return true to allow insert */
return true;
}
});
}
Use method allow() in the Collection People. This method assign access CRUD.
function adminUser(userId) {
var adminUser = Meteor.users.findOne({username:"admin"});
return (userId && adminUser && userId === adminUser._id);
}
Lugares.allow({
insert: function(userId, lugar){
return adminUser(userId);
},
update: function(userId, lugares, fields, modifier){
return adminUser(userId);
},
remove: function (userId, docs){
return adminUser(userId);
}
});
I've encountered this error after I removed insecure package from my project.
meteor remove insecure
Following fixed my problem.
Posts = new Meteor.Collection('posts');
Posts.allow({
insert: function(userId, doc) {
// only allow posting if you are logged in
return !! userId;
}
});
If you have only testing project such as simple-todos tutorial, you can solve it with adding the insecure package
meteor add insecure
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With