Restricting The Viewing of Forms Per User


#1

Please could someone assist with the following:

I’m trying to restrict the viewing of forms using bootstrap and Meteor. In other words, user A logs in and creates a simple (or 2, or 3…) form using a modal which then displays in the html on a panel. How do I ensure that when user B logs in, he only sees his particular forms and not “user A’s” forms?

Thank you.


#2

I guess you need a Forms collection with a userId field. In the publication do something like

Meteor.publish('forms', function() {
  Forms.find(userId: this.userId;
}

#3

Great, thanks very much for the recommendation


#4

There’s a bunch of things you could use to help with this.

you can use iron router and select what to render… you can use roles to give people different roles so you can know what to select…

However, just because it isn’t rendered client side, doesn’t mean it’s secure. Always your server side should check any action for a user is appropriate.