Don't require token if enableAccessToken is disabled and the resource…

… is not write protected.
salesforce · Aug 18, 2017 · bd0ad6e · bd0ad6e
1 parent 49f801d
commit bd0ad6e
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/api/v1/helpers/verbs/utils.js b/api/v1/helpers/verbs/utils.js
@@ -185,22 +185,24 @@ function isWritable(req, modelInst) {
         reject(new apiErrors.ForbiddenError(
           'Resource not writable for provided token'))
       )
-      .catch((err) => reject(err));
+      .catch(reject);
     } else if (req.user) {
       // try to use the logged-in user
       modelInst.isWritableBy(req.user.name)
       .then((ok) => ok ? resolve(modelInst) :
         reject(new apiErrors.ForbiddenError(
           'Resource not writable by this user'))
       )
-      .catch((err) => reject(err));
+      .catch(reject);
     } else {
-      // check if isWritable by default (no writers)
+      // check if isWritable with no user
+      // when not passed a user, isWritable will return true if
+      // the resource is not write protected, false if it is
       modelInst.isWritableBy()
       .then((ok) => ok ? resolve(modelInst) :
         reject(new apiErrors.ForbiddenError('Resource is write protected'))
       )
-      .catch((err) => reject(err));
+      .catch(reject);
     }
   });
 }