Permission checking in templates #11
Comments
|
@davedx Good point, I will also think how to solve this problem. The first thing that comes to my mind is to use two different helpers like |
|
@apendua I think that would work - it's probably the simplest solution too. I assume both would render all the tags, but only {{editTags}} would allow the editing controls (delete and add buttons)? Maybe another option would be to parameterize it, e.g. {{showTags editable}} or {{showTags readonly}}? |
|
@apendua I've done some work on this on our own fork, and was wondering if you'd be interested in a PR. Here's the compare: https://github.com/solvers/meteor-tags/compare As you can see, as well as the permission changes we also removed the dependency on Bootstrap. This was necessary for us as we're using Bootstrap 3, and we couldn't have both versions present. Do you think this is acceptable? (Of course we'd have to change the metadata back too before sending the PR :) ) |
|
@davedx Thank you for these suggestions. I will have a look and prepare a |
|
Sounds good! On Tue, Jan 28, 2014 at 12:52 PM, Tomasz Lenarcik
|
|
@davedx Cool :) So |
|
PR sent! On Wed, Jan 29, 2014 at 10:59 AM, Tomasz Lenarcik
|
Hi there,
I'm using tags for a current project where we need to only allow owners of documents or admins to add or edit tags.
On the server side this was easy to implement as the tags package uses the standard Meteor "allow" method -- I just added the document to the callback and was then able to do my perm checking.
On the client side in the templates this seems less easy, as the tags seem to be alongside the delete and add buttons in one chunk of template. So I was thinking of modifying the template to somehow allow permission checking here too, so users do not think they can add/edit/delete when they actually cannot.
Do you have any suggestions on how to approach this? I'll submit a PR when I've got something useful. :)
The text was updated successfully, but these errors were encountered: