/**
 * @file
 *
 *
 * User: marand
 * Date: 30/08/15
 * Time: 10:48
 */

// Not a "var", to make it global.
Posts = new Mongo.Collection('posts');

// Removed Posts.allow : we no longer trigger inserts from client.

Posts.allow({
  update: function (userId, post) {
    return ownsDocument(userId, post);
  },
  remove: function (userId, post) {
    return ownsDocument(userId, post);
  }
});

Posts.deny({
  update: function (userId, post, fieldNames) {
    // _.without() is like PHP array_diff($source, ...$keys).
    return (_.without(fieldNames, "url", "title").length > 0);
  }
});

// This is in lib/ instead of server/ for latency compensation.
Meteor.methods({
  postInsert: function(postAttributes) {
    "use strict";
    check(Meteor.userId(), String);
    check(postAttributes, {
      title: String,
      url: String
    });

    var postWithSameLink = Posts.findOne({ url: postAttributes.url });
    if (postWithSameLink) {
      // Return to skip the insert.
      return {
        postExists: true,
        _id: postWithSameLink._id
      };
    }

    var user = Meteor.user();
    var post = _.extend(postAttributes, {
      userId: user._id,
      author: user.username,
      submitted: new Date()
    });
    var postId =  Posts.insert(post);
    return {
      _id: postId
    };
  }
});