O'Reilly logo

Meteor: Full-Stack Web Application Development by Marcelo Reyna, Isaac Strack, Fabian Vogelsteller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hiding data with façades

Some of our security (and performance) problems can be resolved through limiting access to certain fields and records in our data collections, for example, if the owner field of a record isn't sent to the client, a potential hacker will never be able to get the userId value of another user. Likewise, if only records belonging to a certain userId, or ones marked for sharing, are passed to the client, private records can stay private and visible only to the user that created them. This recipe will show you how to create a façade to limit fields and records being sent to the client.

Getting ready

Please complete the Securing data transactions with allow and deny recipe found in this chapter, including the additional deny

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required