From b7d5059d604be752042bfe44f15486299f2d2580 Mon Sep 17 00:00:00 2001
From: Gisle Aune <dev@gisle.me>
Date: Tue, 16 Oct 2018 19:01:11 +0200
Subject: [PATCH] graph2: Fixed chapter using story permissions.

---
 graph2/queries/chapter.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/graph2/queries/chapter.go b/graph2/queries/chapter.go
index 40312b5..d2e81fe 100644
--- a/graph2/queries/chapter.go
+++ b/graph2/queries/chapter.go
@@ -28,7 +28,7 @@ func (r *mutationResolver) AddChapter(ctx context.Context, input input.ChapterAd
 	}
 
 	token := auth.TokenFromContext(ctx)
-	if !token.Authenticated() {
+	if !token.Permitted("member", "story.add") {
 		return models.Chapter{}, errors.New("Unauthorized")
 	}
 
@@ -55,7 +55,7 @@ func (r *mutationResolver) EditChapter(ctx context.Context, input input.ChapterE
 	}
 
 	token := auth.TokenFromContext(ctx)
-	if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "story.edit") {
+	if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "chapter.edit") {
 		return models.Chapter{}, errors.New("Unauthorized")
 	}
 
@@ -73,7 +73,7 @@ func (r *mutationResolver) RemoveChapter(ctx context.Context, input input.Chapte
 	}
 
 	token := auth.TokenFromContext(ctx)
-	if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "story.remove") {
+	if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "chapter.remove") {
 		return models.Chapter{}, errors.New("Unauthorized")
 	}