Meteor: Input data to a new collection

Question

I try to insert some elements into a Collection. It is my first attempt to use Meteor/MongoDB. So I don't see, what I'm doing wrong with this. When I try so save a new title, I get the error

"Access denied. No allow validators set on restricted collection for method 'insert'. [403]"

Template:

<template name="casuistry">
    <div class="create">
        <form>
            <input type="text" name="title" placeholder="Title">
            <button>Add</button>
        </form>
    </div>
</template>

collections.es6.js

Casuistry = new Mongo.Collection('casuistry')
Casuistry.attachSchema(new SimpleSchema({
  title: {type: String},
  caseNumber: {type: Number, defaultValue: 0},
  htmlContent: {type: String, defaultValue: '[]'},
}))

casuistry.es6.js

Template.casuistry.events({
  'submit .create form' (e, t) {
    var title = t.val('title')
    Casuistry.insert({title}, (err, _id) => {
      if (err) {
        console.log(err)
        return
      }
      t.val('title', '')
      Router.go('casuistry', {_id})
    })
    return false
  }
})

Answer 1

You're trying to insert into the collection from the client-side. Without the insecure package you have to first define what is allowed and what is not allowed server-side - to make sure that users don't just insert/remove/update whatever they want.

You can either use allow/deny or use methods (highly recommended!). I'm not going to go too deep on methods vs. allow/deny, there are good blog posts available on this topic, but in general: allow/deny is hard to get right and you just have more control in a method.

Something to note is that you can also define client-side collections by passing null into the constructor:

var clientCollection = new Mongo.Collection(null);

In this case, you'd use the Collection exactly like you did - because it's a client-side only collection, there is no reason to worry about someone tampering with your "real" data.