I have account-password and alanning:roles installed. I want admins to be able to update users’ credentials.
In /server/publish.js
Meteor.startup(function () {
Meteor.users.allow({
insert: function(userId, doc) {
if(this.userId && Roles.userIsInRole(this.userId, ['admin'], 'default_group')) {
return true;
}
return false;
},
update: function(userID, doc, fieldss, modifier) {
if(this.userId && Roles.userIsInRole(this.userId, ['admin'], 'default_group')) {
return true;
}
return false;
}
});
Meteor.publish("directory", function() {
if(this.userId && Roles.userIsInRole(this.userId, ['admin'], 'default_group')) {
return Meteor.users.find({}, {fields:{emails:1, profile:1, roles:1}});
} else {
return [];
}
});
});
On the client I have (I’ve left out the form code)
var id = $('[name=edit_user_id]').val();
var email = $('[name=edit_user_email]').val().toLowerCase();
var fullname = $('[name=edit_user_fullname]').val();
Meteor.users.update( {_id: id }, { $set: {'profile.fullname': fullname, 'emails.0.address': email} }); Output is: update failed: Access denied
Anybody see what I’m doing wrong?