Is it possible to use a variable in a meteor collection update/removal?

Question

So I was thinking about refactoring my code in the following way.

Meteor.call(\"RemoveNotification\", this._id, function(error, response){
}

an

Answer 1

Here is a working implementation of RemoveFromDatabase that can be shared between the client and the server:

Meteor.methods({
  RemoveFromDatabase: function(collectionName, id) {
    check(collectionName, String);
    check(id, String);

    var globalObject = Meteor.isServer ? global : window;
    var collection = globalObject[collectionName];
    if (collection instanceof Meteor.Collection) {
      return collection.remove(id);
    } else {
      throw new Meteor.Error(404, 'Cannot find the collection');
    }
  }
});

In general I'd strongly caution you against using this technique, because it allows literally anyone to remove any document from any collection as server-side code does not run though allow/deny methods. Avoiding these kinds of security holes are why people implement per-collection remove methods in the first place. At a minimum, you may want to check that the user is logged in, or that collectionName is in some acceptable subset.