Browse Source

graph2: Fixed chapter using story permissions.

1.0 1.0.3
Gisle Aune 6 years ago
parent
commit
b7d5059d60
  1. 6
      graph2/queries/chapter.go

6
graph2/queries/chapter.go

@ -28,7 +28,7 @@ func (r *mutationResolver) AddChapter(ctx context.Context, input input.ChapterAd
} }
token := auth.TokenFromContext(ctx) token := auth.TokenFromContext(ctx)
if !token.Authenticated() {
if !token.Permitted("member", "story.add") {
return models.Chapter{}, errors.New("Unauthorized") return models.Chapter{}, errors.New("Unauthorized")
} }
@ -55,7 +55,7 @@ func (r *mutationResolver) EditChapter(ctx context.Context, input input.ChapterE
} }
token := auth.TokenFromContext(ctx) token := auth.TokenFromContext(ctx)
if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "story.edit") {
if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "chapter.edit") {
return models.Chapter{}, errors.New("Unauthorized") return models.Chapter{}, errors.New("Unauthorized")
} }
@ -73,7 +73,7 @@ func (r *mutationResolver) RemoveChapter(ctx context.Context, input input.Chapte
} }
token := auth.TokenFromContext(ctx) token := auth.TokenFromContext(ctx)
if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "story.remove") {
if !token.Authenticated() || !token.PermittedUser(chapter.Author, "member", "chapter.remove") {
return models.Chapter{}, errors.New("Unauthorized") return models.Chapter{}, errors.New("Unauthorized")
} }

Loading…
Cancel
Save