Allow and Deny in Meteor for Security

Meteor’s security system allows us to control database modification without having to define Methods every time we want to make changes.

We didn’t really need to create new Methods for updating and deleting data in database. We just needed to check if the user had permission to do these actions, and this was made easy by allow and deny callbacks. Using these callbacks lets us be more declarative about database modifications, and say what kind of updates can be used.

Multiple callbacks

We can define as many allow callbacks as required. We just need at least one of them to return true for the given change that is happening. So when (database).insert is called in a browser (no matter if it’s from our app’s client-side code or from the console), the server will in turn call whatever allowed- insert checks it can until it finds one that returns true. If it does not find any, it will not allow the insert, and will return a 403 error to the client.

Similarly, we can define one or more deny callbacks. If any of those callbacks return true, the change will be cancelled and a 403 will be returned. The logic of this means that for a successful insert, one or more allow insert callback as well as every deny insert callback will be executed.

In other words, Meteor moves down the callback list starting first with deny , then with allow , and executes every callback until one of them returns true .


Posted

in

,

by

Recent Post

  • Mastering Conversational UX: Best Practices for AI-Driven Chatbots

    In today’s digital landscape, where customer engagement reigns supreme, traditional marketing strategies are giving way to more interactive and personalized approaches. The rise of conversational interfaces, often powered by Artificial Intelligence (AI) and Natural Language Processing (NLP), has transformed how businesses interact with their audiences. Whether through AI-driven chatbots on websites, virtual assistants on mobile […]

  • Mastering React Hooks for Infinite Scroll: An Advanced Tutorial

    What is Infinite Scrolling? Infinite scrolling is a widespread interaction design pattern you might’ve noticed in popular apps such as Instagram, TikTok, Facebook, and so on. The applications that need to showcase large datasets, use infinite scroll. This is because, unlike traditional pagination, infinite scrolling loads content continuously as the user scrolls down the page, […]

  • Advantages of Permissioned Blockchains for Efficiency, Security, and Collaboration

    In the last decade, blockchain has emerged as a robust technology in the digital landscape. Blockchains are continuously transforming various industries by redefining data management, data security, and decentralized collaboration. Blockchain gained popularity with the emergence of cryptocurrencies. Let’s take a look back to the year 2017 when Japan recognized Bitcoin as a legal currency […]

  • How AI Is Revolutionizing Mobile App Development in 2024?

    Introduction In a world where smartphones have become an extension of our lifestyle, mobile applications have also become a major part of our daily routines. From making shopping effortless to booking a doctor’s appointment at our fingertips, from getting our food and groceries delivered to our doorstep to managing our finances and making instant transactions, […]

  • A Comprehensive Guide to Sentiment Analysis Using NLP

    Businesses need to understand public interests, attitudes, behavior, and trigger points in today’s dynamic and competitive market. This enables them to efficiently serve their customers, grab opportunities, grow, and develop resilience in the face of a constantly shifting market. Many businesses find it challenging to process vast amounts of text-based data in order to get […]

  • How AI Is Revolutionizing Banking: Transforming Customer Experiences and Enhancing Financial Security

    Banking is a huge industry with a global Banking market likely to achieve a Net Interest Income of USD 10.34 trillion, with Traditional Banks holding a huge stake of USD 8.30 trillion. According to Statista’s projections suggest an annual growth rate of 4.82% (CAGR 2024-2028), culminating in a market volume of USD12.48 trillion by 2028. […]

Click to Copy