Multiple editors with access can't edit the common article

[kacperduras]

To Reproduce

1. Create new article
2. Add 2+ people
3. Try edit:
   

Only the first person on the list can edit the content (any time).
Editing by single person, never more in one moment.

Technical details:

• Ghost Version: latest (2.6.1)
• Node Version: 10.13.0 LTS
• Browser/OS: Firefox, latest stable/W10
• Database: MySQL

[naz]

Hi @kacperduras 👋 Could you please add more details about which roles those 2+ people are assigned to, what's the role of the user who is trying to edit the post?

[kacperduras]

Hi @gargol, they have permissions from Author template.

[naz]

Thanks, @kacperduras. Just to make sure I understand this correctly: when having multiple authors (all having roles of Author) assigned to a post, only the first author in the list is able to edit the post, correct?

[kacperduras]

@gargor yes

[naz]

@kacperduras was able to reproduce, definitely a bug 😄

[naz]

We are currently only checking primary author in the context of being able to edit the post:

            function isCurrentOwner() {
                return context.user === postModel.related('authors').models[0].id;
            }

but any co-author should be able to change the content of the post they are a co-author of. Should check if isCurrentOwner is to be modified or new method like isCoAuthor should be introduced for this change, but the body of it would be something along the lines:

postModel.related('authors').models.map(author => author.id).includes(context.user)

[kacperduras]

IMHO, one method is better option than separate function - we check author permissions for users, but we have the order not because of the access level, but the addition list.

I will create PR soon, maybe today.