Comments (13)
Speaking with Mike on IRC, I suggested this instead: https://gist.github.com/2552266
from meteor.
At first I got this working in the meteor dev branch but then it was easy to see how to extract it.
Definitely took some inspiration from @jonathanKingston's gist, thanks!
from meteor.
Code lives here now if anyone is interested (; It's evolved quite a bit, using it happily in a couple projects.
https://github.com/possibilities/meteor-filters
from meteor.
The problem as I see it with these solutions currently, they can't reliably be used for security purposes actually.
When a client or another server for that matter calls a meteor method it has the possibility of being undefined as the server starts up. This isn't a problem as the client can keep retrying, however if the filter code has not loaded then that is where a problem springs. I might be checking that they are the emperor of a small island in Thailand or that they have a valid rail card number in a filter method. If this filter method is undefined and the other method is defined, it seems as though the method would run.
Ok this is a slim chance of firing in the current set-ups, but Meteor could be come a far more scalable solution where it gets rolled onto hundreds of instances all being pulled up and down and the moment that happens a client could be trying to invoke a method.
This sort of problem doesn't happen with Rails as it is fully evaluated before being executed. Now this issue could be solved in several ways:
- Meteor has a lib directory we can use which we could make project makers put code in they need to load, at the moment this gets called first so that would be an optimal place to put the code but what would be great is if we could change this to be invoked and complete before Meteor.startup.
- We could the change Meteor methods api to make all start-ups be part of that object call, still not ideal as you can access the Meteor.methods calls where you like
from meteor.
Sorry but I don't think that really adds up, the server code is all loaded before clients are served
http://hastebin.com/ritatosato.lua
from meteor.
@possibilities Yeah sorry I was mixing my head with collections which the server side sometimes calls.
I will do some more testing on this code :).
from meteor.
Just logging what we spoke about @possibilities.
I think the return value of the filter should be an array of the arguments going into the next filter/method.
so a one argument return would be: return ['value'];
To cancel the chain of filters and not fire the method that they are wrapping you would return false;
an exception would do the same functionality too.
from meteor.
For anyone that cares about this... (; I'm now using this in a couple important places so I've vastly improved the implementation. The README has most of the details but in a nutshell it's more flexible, less buggy and the code is far prettier.
https://github.com/possibilities/meteor-filters
I think you might be happier with it now. You can return a single value in or out of an array and it's treated the same way.
I still can't get down with passing false as a way to stop the filter chain from completing... I think since we're talking about Meteor.methods throwing a Meteor.Error is the right way to end the chain and communicate back to the client that the chain didn't complete.
The other reason I don't like it is what if I want to wrap a meteor method that takes a single boolean value as an argument? I could special case it but it wouldn't play nice with the next()
approach explained here https://github.com/possibilities/meteor-filters#writing-filters-client-or-server
Last reason I'm not a fan is that you say returning false stops the chain and the original method never fires. Then what? The client doesn't know what happened and if it has a callback it never gets called.
from meteor.
The reason I wanted the array return was to that a single false wouldn't be considered the same at all, as a boolean output would be: return [false]; or return [true];
The false could then fire a generic Meteor.error.
Personally I just find exceptions as a hack and that if a function is going to be firing an exception it should also return false (Even if it doesn't get fired)... I just like the idea that if for example the exception didn't fire or got caught this function gets stopped and other methods don't fire (defence in depth - however paranoid / ill advised / pedantic it seems I just prefer it).
I also like clear cut api's to functions, the function either returns an array, fires an exception or returns false. Only an array is success.
from meteor.
Also are you relying on a function always returning the same result (From first glance your code seems to be). So one of your filter calls a collection and updates the times modified for example, does your chain call this several times (or could call it several times depending on the use of next and so on?).
If this is so, I suggest I replicate this functionality in my own filter method as I think we are after different things (as I said before).
from meteor.
Ah, OK, got ya, definitely thinking differently about this. But to clarify my approach... I don't think of the Meteor methods as event callbacks so the returning false to end the filter chain doesn't resonate with me. And I think explicitly throwing Meteor.Errors to communicate back to the client elegant. Keep in mind Meteor.Errors arrive on the client as a blob of JSON so they can carry a payload with as much or as little specific information about what prevented the Meteor.method from completing... <- very nice methinks. Peace!
from meteor.
Since this discussion predates the auth implementation, I'm going to close this.
I'm not sure if middleware around methods is the right pattern. Let's use meteor-core for a free-form middleware discussion, or of course a PR if anyone has a concrete idea to propose.
from meteor.
Even with auth, isn't middleware for methods nice when you need to use them instead of allow/deny rules?
from meteor.
Related Issues (20)
- Meteor.loginWithPassword should have a similar signature as Accounts.createUser HOT 5
- Meteor 3: TypeError: Cannot read properties of undefined (reading βformatβ) HOT 2
- Missing Accounts.addEmailAsync
- Meteor 3.0-beta.7 not working HOT 2
- CoffeeScript/Babel turning classes into functions on Cordova/Desktop HOT 1
- Problem importing packages on meteor 3.0-beta.7 HOT 16
- Google Maps JS API will stop working in Cordova in May for iOS+Android HOT 3
- [ Meteor v3 ] - Error in OAuth Server: findOne
- [v3.0-beta.7] Cannot create project or update meteor to v3 error: Command failed: HOT 2
- [Meteor 3] WebApp.addRuntimeConfigHook is broken HOT 1
- [3.0] error on boot.js TypeError: next.runImage.call is not a function HOT 6
- [3.0-rc.0] error on boot.js TypeError: next.runImage.call is not a function HOT 2
- Unable to create new meteor 3 projects HOT 2
- why am i getting this isses, please someone help. FormData { file name β {} } HOT 2
- Idle Crash in Development Mode
- Meteor 3 Migration Guide Feedback
- [Meteor 3] Tinytest major version increased HOT 2
- [Meteor 3] Environment Variables resets value too early HOT 2
- [Meteor 3] EnvironmentVariable.withValue has different return value on client and server
- [Meteor 3] SyntaxError: Unexpected token 'export'
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from meteor.