diff --git a/History.md b/History.md index 5b9ca6c6ed..654afb65cc 100644 --- a/History.md +++ b/History.md @@ -3,6 +3,8 @@ * Speed up updates of NPM modules by patching NPM to work around https://github.com/npm/npm/issues/3265 instead of passing `--force`. +* Fix 0.8.1 regression preventing clients from specifying `_id` on insert. + ## v0.8.1 #### Meteor Accounts diff --git a/packages/mongo-livedata/allow_tests.js b/packages/mongo-livedata/allow_tests.js index e3f6c9e35e..e8a919a03e 100644 --- a/packages/mongo-livedata/allow_tests.js +++ b/packages/mongo-livedata/allow_tests.js @@ -50,7 +50,7 @@ if (Meteor.isServer) { // totally locked down collection var lockedDownCollection = defineCollection( "collection-locked-down", false /*insecure*/); - // resticted collection with same allowed modifications, both with and + // restricted collection with same allowed modifications, both with and // without the `insecure` package var restrictedCollectionDefaultSecure = defineCollection( "collection-restrictedDefaultSecure", false /*insecure*/); @@ -71,7 +71,9 @@ if (Meteor.isServer) { return doc.a; }); var restrictedCollectionForInvalidTransformTest = defineCollection( - "collection-restictedForInvalidTransform", false /*insecure*/); + "collection-restrictedForInvalidTransform", false /*insecure*/); + var restrictedCollectionForClientIdTest = defineCollection( + "collection-restrictedForClientIdTest", false /*insecure*/); if (needToConfigure) { restrictedCollectionWithTransform.allow({ @@ -98,6 +100,11 @@ if (Meteor.isServer) { transform: function (doc) { return doc._id; }, insert: function () { return true; } }); + restrictedCollectionForClientIdTest.allow({ + // This test just requires the collection to trigger the restricted + // case. + insert: function () { return true; } + }); // two calls to allow to verify that either validator is sufficient. var allows = [{ @@ -241,7 +248,7 @@ if (Meteor.isClient) { // totally locked down collection var lockedDownCollection = defineCollection("collection-locked-down"); - // resticted collection with same allowed modifications, both with and + // restricted collection with same allowed modifications, both with and // without the `insecure` package var restrictedCollectionDefaultSecure = defineCollection( "collection-restrictedDefaultSecure"); @@ -262,7 +269,9 @@ if (Meteor.isClient) { return doc.a; }); var restrictedCollectionForInvalidTransformTest = defineCollection( - "collection-restictedForInvalidTransform"); + "collection-restrictedForInvalidTransform"); + var restrictedCollectionForClientIdTest = defineCollection( + "collection-restrictedForClientIdTest"); // test that if allow is called once then the collection is // restricted, and that other mutations aren't allowed @@ -760,6 +769,18 @@ if (Meteor.isClient) { test.isTrue(err); })); }]); + testAsyncMulti( + "collection - restricted collection allows client-side id, " + idGeneration, + [function (test, expect) { + var self = this; + self.id = Random.id(); + restrictedCollectionForClientIdTest.insert({_id: self.id}, expect(function (err, res) { + test.isFalse(err); + test.equal(res, self.id); + test.equal(restrictedCollectionForClientIdTest.findOne(self.id), + {_id: self.id}); + })); + }]); }); // end idGeneration loop } // end if isClient diff --git a/packages/mongo-livedata/collection.js b/packages/mongo-livedata/collection.js index f7a0626ce3..c1f275fd92 100644 --- a/packages/mongo-livedata/collection.js +++ b/packages/mongo-livedata/collection.js @@ -700,7 +700,7 @@ Meteor.Collection.prototype._defineMutationMethods = function() { var validatedMethodName = '_validated' + method.charAt(0).toUpperCase() + method.slice(1); args.unshift(this.userId); - generatedId !== null && args.push(generatedId); + method === 'insert' && args.push(generatedId); return self[validatedMethodName].apply(self, args); } else if (self._isInsecure()) { if (generatedId !== null)