Skip to content

chatr/safe-update

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.versions
.versions
 
 
README.md
README.md
 
 
package.js
package.js
 
 
safe-update-tests.js
safe-update-tests.js
 
 
safe-update.js
safe-update.js
 
 

Repository files navigation

chatra:safe-update

Version License

Make Meteor’s collection.update/collection.updateAsync safer by preventing unintended updates and enforcing best practices.

Table of Contents

Introduction

The chatra:safe-update package enhances the safety of MongoDB update operations in Meteor applications by:

  • Preventing updates with empty selectors unless explicitly allowed.
  • Ensuring that updates use modifier operators (e.g., $set, $inc) unless the replace option is specified.
  • Providing configuration options to include or exclude specific collections.

Installation

meteor add chatra:safe-update

Compatibility

  • Meteor Version 3 and Above: Fully compatible, using the new asynchronous Meteor collections’ methods.
  • Meteor Version 2: Maintains compatibility with synchronous methods.

Usage

Prevent Empty Selector Updates

By default, the package throws an error if you attempt to perform an update with an empty selector:

// Throws an error
MyCollection.update({}, { $set: { field: 'value' } });

To allow updates with an empty selector, pass allowEmptySelector: true in the options:

// Allowed
MyCollection.update({}, { $set: { field: 'value' } }, { allowEmptySelector: true });

Enforce Modifier Operators

The package ensures that you use modifier operators (e.g., $set, $inc) in your updates:

// Throws an error
MyCollection.update({ _id: 'docId' }, { field: 'value' });

To replace a document entirely, pass replace: true in the options:

// Allowed
MyCollection.update({ _id: 'docId' }, { field: 'value' }, { replace: true });

Configuration

To configure the package behavior, use the setSafeUpdateConfig function provided by the package:

import { setSafeUpdateConfig } from 'meteor/chatra:safe-update';

setSafeUpdateConfig({
  except: ['logs'], // Collections to exclude from safety checks
  only: ['users', 'posts'], // Only apply safety checks to these collections
});
  • except: An array of collection names to exclude from the safety checks.
  • only: An array of collection names to include in the safety checks (all others are excluded).

Examples

import { Mongo } from 'meteor/mongo';

const Messages = new Mongo.Collection('messages');

// Safe update with modifier
Messages.update({ _id: 'msgId' }, { $set: { text: 'Updated message' } });
await Messages.updateAsync({ _id: 'msgId' }, { $set: { text: 'Updated message' } });

// Unsafe update without modifier (throws error)
Messages.update({ _id: 'msgId' }, { text: 'Updated message' }); // Throws error
await Messages.updateAsync({ _id: 'msgId' }, { text: 'Updated message' }); // Throws error

// Replacing document with replace option
Messages.update({ _id: 'msgId' }, { text: 'Updated message' }, { replace: true });
await Messages.updateAsync({ _id: 'msgId' }, { text: 'Updated message' }, { replace: true });

Tests

The package includes a comprehensive test suite. To run the tests:

meteor test-packages ./

License

This package is licensed under the MIT License.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages