|
@@ -12,7 +12,16 @@ Posts = new Mongo.Collection('posts');
|
|
|
|
|
|
// Removed Posts.allow : we no longer trigger inserts from client.
|
|
|
|
|
|
-// This is in lib/ instead of server/ for latency compensation (?).
|
|
|
+Posts.allow({
|
|
|
+ update: function (userId, post) {
|
|
|
+ return ownsDocument(userId, post);
|
|
|
+ },
|
|
|
+ remove: function (userId, post) {
|
|
|
+ return ownsDocument(userId, post);
|
|
|
+ }
|
|
|
+});
|
|
|
+
|
|
|
+// This is in lib/ instead of server/ for latency compensation.
|
|
|
Meteor.methods({
|
|
|
postInsert: function(postAttributes) {
|
|
|
"use strict";
|