Hi,
I’m working on simple Meteor 1.3 Mantra project.
Currently I’m implementing the routing logic and have some questions on best practices.
I want to redirect a user when accessing a route and having insufficient access rights.
This is my approach:
A function that can be called from every route and checks the privileges:
const can_view = function(routename, redirect){
// check permissions here
redirect('/login');
}
A common route for a module:
import React from 'react';
import {mount} from 'react-mounter';
import {can_view} from '/lib/access-control';
import App from '../core/components/App.jsx';
import {MainPage} from '../core/containers/index.js';
export default function (injectDeps, {FlowRouter}) {
const AppLayout = injectDeps(App);
FlowRouter.route('/posts', {
name: 'post.list',
triggersEnter: [function(context, redirect) {
can_view('post.list', redirect);
}],
action() {
mount(AppLayout, {
content: () => (<MainPage />)
});
}
});
FlowRouter.route('/posts/:postId/edit', {
name: 'post.edit',
triggersEnter: [function(context, redirect) {
can_view('post.edit', redirect);
}],
action({postId}) {
mount(AppLayout, {
content: () => (<MainPage postId={postId}/>)
});
}
});
}
Do you think this a good approach? Are there any best practices?
I think it’s wird that no nether the Meteor guide nor the Mantra specs have some explanation or examples on this topic. Or am I totally wrong?
regards and thanks
Janik