A very small library to conveniently allow user-settable configuration for the WebApp, with security.
Always define your allowed variables like this:
config.add(key [, initValue] [, allowCallback])
If the key does not exist in the database, it will be added with
initValue. See SECURITY below for the allowCallback.
-
config.set(key, value)- set the value of a previously added key. On the client this will only succeed if allowed, see SECURITY below. -
config.get(key)- get the value of a previously added key
By default, any key can be set by a logged in user. You can override
this behaviour, by setting config.allow = function(key, value).
You can also override the allow function for a particular key. When
defining the key, use config.add(key, initValue, allowCallback),
which is called as allowCallBack(key, value).
In both cases, return true to allow the set, and false to deny.
Note, this will be as per the regular this keyword in Meteor Methods,
so you can use this.userId.
e.g.
For all keys:
config.allow = function(key, value) {
var user = Meteor.users.findOne(this.userId);
return !!user.isAdmin;
}For specific keys:
config.add('serverStopped', false, function(key, value) {
var user = Meteor.users.findOne(this.userId);
return !!user.isAdmin;
});