Chapter 8. Security with the Allow and Deny Rules
In the previous chapter, we created our admin user and prepared the editPost
template. In this chapter, we will make this template work so that we can create and edit posts using it.
To make it possible to insert and update documents in our database, we need to set constraints so that not everybody can change our database. In Meteor, this is done using the allow and deny rules. These functions will check documents before they are inserted into the database.
In this chapter, you will cover the following topics:
Adding and updating posts
Using the allow and deny rules to control the updating of the database
Using methods on the server for more flexibility
Using method stubs to enhance user experience
Note
If you've jumped right into the chapter and want to follow the examples, download the previous chapter's code examples from either the book's web page at https://www.packtpub.com/books/content/support/17713 or from the GitHub repository at https:...