O'Reilly logo

Meteor: Full-Stack Web Application Development by Marcelo Reyna, Isaac Strack, Fabian Vogelsteller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Security with the Allow and Deny Rules

In the previous chapter, we created our admin user and prepared the editPost template. In this chapter, we will make this template work so that we can create and edit posts using it.

To make it possible to insert and update documents in our database, we need to set constraints so that not everybody can change our database. In Meteor, this is done using the allow and deny rules. These functions will check documents before they are inserted into the database.

In this chapter, you will cover the following topics:

  • Adding and updating posts
  • Using the allow and deny rules to control the updating of the database
  • Using methods on the server for more flexibility
  • Using method stubs to enhance user experience

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required