### Client-Side Operations

#### Insert

- `Posts.insert()` should always fail (no `allow/deny` validators are set on `Posts` collection for `insert` operation).

#### Update on allowed property

`Posts.update(postId, {$set: {title: "Hello World"}})` should return 1 only if current user is admin, or current user owns the post.

#### Update on admin-only property

`Posts.update(postId, {$set: {status: 1}})` should return 1 only if current user is admin.

#### Update on disallowed property

`Posts.update(postId, {$set: {baseScore: 999}})` should always throw an error.



### Meteor Method Calls

#### submitPost

#### editPost



### Server-Side Calls

#### Posts.submit()

`Posts.submit(post)` should insert a post in the database.