When following the example, you're publish function might look like this:
Meteor.publish('images.one', function (imageId) {
return Images.find(imageId).cursor;
});
This will publish all fields of course, also some sensitive ones.
But you usually only need a few of those to create download-urls:
const fields = {
_downloadRoute: true,
_collectionName: true,
extension: true,
};
this is the minimum in case you do not need "public" files (served by another webserver).
We should explain that in the readme.
I also think we could reduce that even more. In fact, you would only need a field which tells you the url to download. Or maybe only the id, because the FilesCollection has all the other information.
When following the example, you're publish function might look like this:
This will publish all fields of course, also some sensitive ones.
But you usually only need a few of those to create download-urls:
this is the minimum in case you do not need "public" files (served by another webserver).
We should explain that in the readme.
I also think we could reduce that even more. In fact, you would only need a field which tells you the url to download. Or maybe only the id, because the FilesCollection has all the other information.