Explore
For Enterprise
Join for Free
Log In

艺术与人文
商务
计算机科学
数据科学
信息技术
健康
数学和逻辑
个人发展
物理科学与工程
社会科学
语言学习
學位
證書

瀏覽 Coursera 的全部課程

瀏覽
搜索
企業版
登錄
免費加入

Controlling document access

Loading...

使用 Javascript 和 MongoDB 开发 Web 应用

4.6（508 個評分） | 41K 名學生已註冊

課程 4（共 6 門，响应式网站开发与设计專項課程）

In this course, you will develop more advanced web application programming skills. You will learn how to control data read and write access using methods, publish and subscribe. You will learn how to access your database and server shells using command line tools. You will use the SimpleSchema system to validate data and generate input forms automatically. You will see a complete collaborative code editing environment, TextCircle, being built from scratch. At the end of this course, you will be able to: - use Meteor methods to control data write access - use publish and subscribe to control data read access - install and use advanced Meteor packages - add user accounts to your applications - implement complex MongoDB filters - use the MongoDB and meteor server shells - define data validations schemas using SimpleSchema - generate data input forms automatically using SimpleSchema In this course, you will complete: 2 programming assignments taking ~4 hours each to complete 4 quizzes, each taking ~20 minutes to complete multiple practice quizzes, each taking ~5 minutes to complete Participation in or completion of this online course will not confer academic credit for University of London programmes

查看授課大綱

您將學習的技能

Mongodb, Meteor, JavaScript, Routing

審閱

4.6（508 個評分）

5 stars
368 ratings
4 stars
99 ratings
3 stars
21 ratings
2 stars
9 ratings
1 star
11 ratings

SM

Feb 17, 2016

Matthew is a great instructor. Loved the way how he taught the entire series especially this one. Step by Step explaining every little detail. Keep up the good work...

AS

Aug 16, 2016

This is really quite an advanced course that quickly takes you into making a functional, collaborative app. Very well taught despite the quite quick pace!

從本節課中

Publish and subscribe model and MongoDB filters

Welcome to the third module of 'Web Application Development with JavaScript and MongoDB!' In this module we will use bootstrap icons and use the publish and subscribe model to control data read access. We will understand the concept of asynchronous execution and work with template data contexts and helper functions. Finally we will use packages to implement in-place content editing and use complex MongoDB filters. Enjoy!

Controlling document access9:41

教學方

Dr Matthew Yee-King
Lecturer

腳本

[MUSIC]

Right, so now we can access whichever documents we want.

And we can change the titles if we're the owner.

And we can create new documents.

But the next step is to add a bit of extra security for the user so

they can select whether a document is private or public.

And if it's private, it's gonna appear only in their list of documents.

And if it's public, it is in everyone's list.

So the way we're gonna do is by adding a simple check box to the user interface,

which says, allows them to check whether it's public or private,

and we'll use a bootstrap component to do that.

First of all, I'm on the bootstrap CSS page here,

which has all the simplest types of constructs that you can use in bootstrap.

there's the forms on the right hand side there.

It gives me this check box.

That's the thing I'm interested in.

So where's the code right there.

I grab that code and I'm gonna put this check box into the template code,

into doc meta.

There's my doc meta template being embedded there.

I roll down and there's the, let's make

it a bit more compact, there's my, there it is.

There's my doc meta template and

what I want to do is inside this same data context,

I'm gonna drop in a check box,

which basically says private.

Okay, and let's just see how that looks in the interface.

That gives me a little private check box under there which is great.

And then I need to connect an event listener to it.

I need to put a special class on the check box and

then figure out how I can deal with the event back in the JavaScript so

first of all, add the special class, and it goes here.

Class equals js tog private

as in toggling that field there.

And then I go back into my js and I'm gonna write

a new event listener on the doc meta template.

So template dot doc meta dot events.

After you've done a bit of this you get reasonably fluent

with sort of writing all this stuff.

Especially if you use a nice text editor like this one.

And the event is a click on js toggle, don't forget the full stop,

and its function which receives an event, and

first of all let's just do console log.

Now I happen to know that you can get the state

of the check box by calling event dot target dot checked.

So event dot target gives me access to the thing that actually they clipped on or

whatever is related to the event.

The web page, so in this case that's the check box and check is a property that

check boxes have which is either true or false depending what state they're in.

Let's just see if we see the correct state of the check box there.

I click on it it's now checked and I'm, true is being printed out.

Click on it again it's now false.

False is being printed out.

My next step is to take that information and

use it to update the documents to set a private flag on it to true or false.

And so I do that by calling a method.

Now, remember that we're no longer just doing inserts and

updates wherever we, once in our code.

We have to do it through a method.

And that's more secure.

I'm gonna say meteor.

Well first of all I wanna know what my document ID is.

And so I'll create a little, I'm gonna create a little object,

which I'm gonna send to the method, which tells it what I wanna do.

And the object is gonna look like this.

Var doc equals and, and the document ID, so

I'm going to set an ID on the document to, the session, get doc ID,

so that's always going to be the current document that's being edited so

I can only toggle private, public on the current document.

Even though I could access the real document that's imbedded in the template

or whatever.

I'm gonna force it to be the currently edited document.

And I'm gonna set a private field to,

well let's call it is private.

To the value of the form there.

So as we saw earlier true or false.

Right?

I'm going to create this document thing,

and then I call meteor method, and

the method's going to be called update doc.

Privacy and I'm going to post it in my doc there.

Then I need to write this method.

I'm just going to jump down to the bottom of the code there, more or

less where I'm writing my method.

There's one of the methods, and the method is called

update doc privacy, and so I'll put it in here.

Update doc privacy function as usual.

And.

I'm gonna let it receive a doc.

And it's gonna,

let's just logout the doc to make sure we're getting it okay into the method.

And it's always good to check the data that's coming into your

functions before you kind of think, oh, that's all gone horribly wrong.

It's always good to check what you're working with.

So I'll say that I'm in the method, and I've got that.

Okay, syntax error.

What have I done wrong?

I've forgotten the comma.

Okay, meteor method is not a function.

That's right.

So, I go back here.

Because I don't call a method by calling meteor method,

I call it by saying meteor call, fair enough.

Back in, reload.

Let's toggle it.

Okay, update privacy method, and I'm receiving that object which I created.

That's good, so the method is receiving the correct data.

The final step is to actually do the update on the database.

And I would go back into the method, and say.

What I can do is, I can pull out the document I want to update, and

then set that private field to what it should be.

So I can do it like this.

Var real doc equals documents find

one where the ID equals doc dot ID, okay.

And if I've got a real doc,

then real doc dot is private

is going to be set to doc dot is.

Private and then I do documents dot update.

Same filter.

And pass it real doc.

Okay so this means that I sort of pass a really simple bit of data from

the client's side into the method.

And the method does the work of kind of checking that yeah, this document exists.

Then it could also check if you're the owner, that kind of thing, so

that other people can't toggle it.

That's probably a good thing we should put in here.

We could in fact find one and say,

owner Is this dot user ID, there we go.

Now, it has to have the ID of the document listed and

it has to be owned by the current user so that's more secure.

And then if we get a document, then go ahead update the private field and

then store it back into the database.

And so, we'll just run this if we've got any problems, okay.

No errors.

And if I go into the database with our old friend meteor mongo.

Oops.

Let's go into there.

Meteor Mongo.

Here it is.

And I do that.

Okay.

So I've just, all I've done is, I've called db documents find.

I'm printing out all of the documents that's coming back.

You see private is set to true.

Let's just check if that talleys with what I can see in interface.

Currently private is indeed set to true.

If I set it to false.

Then it should now be false.

Right. That's correct and

nothing else has changed cause I haven't allowed it to update any of the other

fields.

It's kind of limiting what that method can do.

It can only change the private field and only if they own it.

Okay. So that's cool and

the next step is to control which list of documents

you can see based on whether they're public or private.

And we'll do that in the next lesson.

[MUSIC]

探索我們的目錄

免費加入並獲得個性化推薦、更新和優惠。

Coursera 致力於普及全世界最好的教育，它與全球一流大學和機構合作提供在線課程。

© 2019 Coursera Inc. 保留所有權利。

通過 App Store 下載

通過 Google Play 獲取

Coursera
關於
管理團隊
工作機會
目錄
證書
MasterTrack™ 證書
學位
企業版
政府版

社區
Learners
Partners
Developers
Beta Testers
Translators

連接
博客
Facebook
領英
Twitter
Instagram
YouTube
技術博客

更多
條款
隱私
幫助
內容訪問
媒體
聯繫我們
目錄
附屬公司