logas
February 22, 2018, 2:24pm
1
Hello!
I have ReactiveCountdown function on server. On tick is running server calculation function and update my collection objects.
I need to denny updates on client, but i need to allow update to server side!
Client is not loggin.
How I can do it? thanks
Make sure you meteor remove autopublish insecure
.
Then, if you ensure your code is only on the server* (no client or shared js), then it cannot be accessed on the client.
* Put code in the server/
folder. If you are using import
, put code in the imports/server/
folder.
EDIT: forgot to add insecure
to the remove list.
logas
February 22, 2018, 2:46pm
3
ok,but client can open browser console and run coommand to update collection object! I can`t denny permition to update because i need to update on server side!
Not if it’s not available on the client.
https://www.meteor.com/tutorials/blaze/security-with-methods
meteor remove insecure
(…) after removing this package (…) all client-side database permissions have been revoked
1 Like