From 1a4fce71a673f4f4df7661af601fc0ef056729f8 Mon Sep 17 00:00:00 2001
From: Yomguithereal <guillaumeplique@gmail.com>
Date: Thu, 12 Jan 2017 11:34:49 +0100
Subject: [PATCH] Fixing confidential fields computation. Forgot something
 @naholyr ? :) Refs #222

---
 server/lib/permissions.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/lib/permissions.js b/server/lib/permissions.js
index 840103c1..6e42579f 100644
--- a/server/lib/permissions.js
+++ b/server/lib/permissions.js
@@ -443,6 +443,7 @@ const canViewConfidentialFields = (req) => Promise.resolve(
 )
 
 const computeRestrictedFieldsLong = (modelName, userCentralRole, userRoles, organizationId) => {
+
 	// Central admin → no restriction
 	if (userCentralRole === 'admin') {
 		return Promise.resolve({
@@ -470,7 +471,7 @@ const computeRestrictedFieldsLong = (modelName, userCentralRole, userRoles, orga
 	})
 }
 
-const computeRestrictedFieldsShort = (modelName, req) => computeRestrictedFieldsLong(modelName, req.userRoles, req.userScopeOrganizationId)
+const computeRestrictedFieldsShort = (modelName, req) => computeRestrictedFieldsLong(modelName, req.userCentralRole, req.userRoles, req.userScopeOrganizationId)
 
 exports.computeRestrictedFields = (modelName, userCentralRoleOrReq, userRoles = undefined, organizationId = undefined) => {
 	if (userRoles !== undefined && organizationId !== undefined) {