I have carefully picked apart RubaXa’s Sortable example in order to understand the minimum bits and pieces required for using it in my own project, but I have hit a snag: if I do …
meteor remove insecure
… the demo stops working properly. Attempts to modify the list with drag’n drop cause errors like …
insert failed : Access denied
I do not see any dependency on a user being logged in, but even if I do create a user and log in I get “Access denied” in any case.
When I look in the files ./.meteor/local/build/programs/server/packages/rubaxa-sortable.js & ./.meteor/local/build/programs/server/packages/rubaxa-sortable.js , I see that methods are defined on the server side and called from the client – so why is access denied?
Weird, I’m using Sortable in my application currently, and while I do have some issues (below) it does generally work fine. Can you create a MeteorPad with an example?
Maybe I’m pathetic but I have been utterly unable to use MeteorPad. I see no buttons to save my file changes, so all I ever see is the Leader-board example, unchanged, no matter what I do. I have tried in both Firefox and Chrome, under Ubuntu 14.04, but there is no difference. Is there some sort of secret “Easter Egg” button bar somewhere?
If someone would be willing to give my GitHub repository a try, or explain how to save changes to files in MeteorPad, I’ll be immensely grateful.
Allow and Deny are two server-side callbacks that execute for any insert, update, or remove database operations.
The operation is only permitted to go through if either:
At least one allow callback returns true.
No deny callback returns true.
This means that if you haven’t written any allow callbacks yet, no database operation will be permitted to go through from the client (assuming of course you’ve already removed the insecure package).