Asteroid Publication Security

[aadamsx]

Testing further,

I have a Meteor "Server" app ("MONGO_URL=mongodb://username:[email protected]:2222/test meteor --port 5000 run") that contains the following type services so far:

• Publications
• Methods

For example, here is one publication on "Server":

Meteor.publish("Names", function() {
  if (! this.userId) {
    throw new Meteor.Error('names.unauthorized',
      'This data doesn\'t belong to you.');
  }
  
  return Names.find({ userId: this.userId, limit: 1 });
});

I also have a Meteor "Admin" app ("MONGO_URL=mongodb://username:[email protected]:2222/test meteor --port 5005 run") that does admin stuff, and needs access to the Publications and Methods of the "Server" app

• Subscribes to "Server" Publications
• Calls out to "Server" Methods

I get Publication data from the "Server" if I don't have security applied if (! this.userId) , but if applied like above, I get nothing from the "Server" Publication.

The "Server" and "Admin" Meteor apps both talk to the same MongoDB via the URL. The "Server" & "Admin" has Meteor Accounts installed.

How can I get the this working?

[nesbtesh]

Did you ever get this working with this.userId