Public editing

3ach · 3ach · commit f4b7761a676a · 2020-05-12T11:23:36.000-06:00
diff --git a/lib/app.js b/lib/app.js
@@ -531,7 +531,7 @@ function App () {
   }
 
   async function authorize (req, res, next) {
-    if (!req.url.startsWith('/user/') && !req.url.startWith('/public/')) {
+    if (!req.url.startsWith('/user/') && !req.url.startsWith('/public/')) {
       next()
       return
     }
diff --git a/lib/auth/access.js b/lib/auth/access.js
@@ -83,8 +83,6 @@ async function getPrivilege (userIds, path) {
     uri = uri.split('/').slice(0, -2).join('/')
   }
 
-  console.log(uri)
-
   let user = await db.model.User.findAll({
     where: {
       id: userIds,
@@ -104,20 +102,20 @@ async function getPrivilege (userIds, path) {
     }
   })
 
-  let usernames = await db.model.User.findAll({
+  let userUris = await db.model.User.findAll({
     where: {
       id: userIds,
       virtual: false
     }
   }).then(results => {
-    return results.map(result => result.username)
+    return results.map(result => databasePrefix + 'user/' + result.username)
   })
 
   let owners = await getOwnedBy(uri, graph)
 
   // If we're an owner, we upgrade the privilege
   owners.forEach(owner => {
-    if (usernames.includes(owner)) {
+    if (userUris.includes(owner)) {
       minPrivilege = 3
     }
   })

Original file line number	Diff line number	Diff line change
`@@ -531,7 +531,7 @@ function App () {`
`531`	`531`	`}`
`532`	`532`
`533`	`533`	`async function authorize (req, res, next) {`
`534`		`- if (!req.url.startsWith('/user/') && !req.url.startWith('/public/')) {`
	`534`	`+ if (!req.url.startsWith('/user/') && !req.url.startsWith('/public/')) {`
`535`	`535`	`next()`
`536`	`536`	`return`
`537`	`537`	`}`