-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
Commit
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -315,7 +315,7 @@ module.exports.extendModel = function extendModel(Post, Posts, ghostBookshelf) { | |
} | ||
|
||
function isCurrentOwner() { | ||
return context.user === postModel.related('authors').models[0].id; | ||
return postModel.related('authors').models.map(author => author.id).includes(context.user); | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
naz
Contributor
|
||
} | ||
|
||
if (isContributor && isEdit) { | ||
|
Is this fix correct? π€
e.g.
Case: If the logged in user is a contributor and he wants to destroy the post.
Behaviour: The contributor can delete a post as secondary author.
Feels like a behaviour change? I have not tested it.
IMO we need to functions here:
isPrimaryAuthor
andisAnyAuthor
.