问题
I have this error but it does not specify which code line is faulty. Is there any way I can narrow down which codes I need to focus on?
Not sure if its a related problem, but when I submit a doc and its supposed to recognize my user.username, but it comes out blank when html displays {{author}}.
The code for the collection (shared folder for both public/ server) is as below:
var post = _.extend(postAttributes, {
userId: user._id,
author: user.username
});
Do appreciate any help!
Update:
New error message after shifting the UserAccount codes into server folder.
Exception while simulating the effect of invoking 'postInsert'
"Match error: Unknown key in field message"
回答1:
You have code on the client side that uses something that isn't an _id as its query operator to update a document.
It is not possible to update on the client with a query like this. You can do these on the server though.
So if you have code like this somewhere, you run it without throwing the error you're getting:
MyCollection.update({ someName: someValue }, {$set:{something:true}});
You can do this though:
var doc = MyCollection.findOne({ someName: someValue });
MyCollection.update({ _id: doc._id }, {$set:{something:true}});
Here you explicitly define which document you would like to update. To find this code you might want to look for anything with .update in it that can run on the client side.
回答2:
Changes to allow/deny rules
Starting in 0.5.8, client-only code such as event handlers may only update or remove a single document at a time, specified by _id. Method code can still use arbitrary Mongo selectors to manipulate any number of documents at once. To run complex updates from an event handler, just define a method with Meteor.methods and call it from the event handler.
Hope this helps :)
来源:https://stackoverflow.com/questions/30004772/uncaught-error-not-permitted-untrusted-code-may-only-update-documents-by-id