|
|
@ -79,8 +79,14 @@ func (r *mutationResolver) AddStoryTag(ctx context.Context, input input.StoryTag |
|
|
|
return models.Story{}, errors.New("Story not found") |
|
|
|
} |
|
|
|
|
|
|
|
if !token.PermittedUser(story.Author, "member", "story.edit") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
if story.Open { |
|
|
|
if !token.Permitted("member") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
} |
|
|
|
} else { |
|
|
|
if !token.PermittedUser(story.Author, "member", "story.edit") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
story, err = stories.AddTag(story, input.Tag) |
|
|
@ -101,8 +107,14 @@ func (r *mutationResolver) RemoveStoryTag(ctx context.Context, input input.Story |
|
|
|
return models.Story{}, errors.New("Story not found") |
|
|
|
} |
|
|
|
|
|
|
|
if !token.PermittedUser(story.Author, "member", "story.edit") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
if story.Open { |
|
|
|
if !token.Permitted("member") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
} |
|
|
|
} else { |
|
|
|
if !token.PermittedUser(story.Author, "member", "story.edit") { |
|
|
|
return models.Story{}, errors.New("You are not permitted to edit this story") |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
story, err = stories.RemoveTag(story, input.Tag) |
|
|
|