polynux
/
groupomania
mirror of https://github.com/polynux/groupomania-openclassrooms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix permission for edit

This commit is contained in:
Guillaume Dorce 2022-10-14 16:46:30 +02:00
parent 67eb136ff7
commit 504e1352f6
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/controller/PostController.ts
View File

@ -52,7 +52,11 @@ const editPost = async (post: Post): Promise<PrismaPost | null | Error> => {
if (originalPost === null) { if (originalPost === null) {
return null; return null;
} }
if (originalPost.authorId !== post.authorId) { const user = await getUserById(post.authorId);
if (!user) {
return new Error('User not found');
}
if (originalPost.authorId !== post.authorId && user.role === 'USER') {
return new Error('User is not the author of this post'); return new Error('User is not the author of this post');
} }
const editedPost = await prisma.post.update({ const editedPost = await prisma.post.update({