Hello!
I have ReactiveCountdown function on server. On tick is running server calculation function and update my collection objects.
I need to denny updates on client, but i need to allow update to server side!
Client is not loggin.
How I can do it? thanks
Make sure you meteor remove autopublish insecure.
Then, if you ensure your code is only on the server* (no client or shared js), then it cannot be accessed on the client.
* Put code in the server/ folder. If you are using import, put code in the imports/server/ folder.
EDIT: forgot to add insecure to the remove list.
ok,but client can open browser console and run coommand to update collection object! I can`t denny permition to update because i need to update on server side!
Not if it’s not available on the client.
https://www.meteor.com/tutorials/blaze/security-with-methods
meteor remove insecure
(…) after removing this package (…) all client-side database permissions have been revoked