Pad: Plumb author ID through mutation operations

2025-04-22 08:26:16 -04:00 · 2022-02-17 00:01:07 -05:00 · 2022-02-17 00:01:07 -05:00 · 3b8549342a
commit 3b8549342a
parent 5f60b3aab2
7 changed files with 35 additions and 30 deletions
--- a/src/node/hooks/express/importexport.js
+++ b/src/node/hooks/express/importexport.js
@ -70,12 +70,12 @@ exports.expressCreateServer = (hookName, args, cb) => {
  args.app.post('/p/:pad/import', (req, res, next) => {
    (async () => {
      const {session: {user} = {}} = req;
-      const {accessStatus} = await securityManager.checkAccess(
+      const {accessStatus, authorID: authorId} = await securityManager.checkAccess(
          req.params.pad, req.cookies.sessionID, req.cookies.token, user);
      if (accessStatus !== 'grant' || !webaccess.userCanModify(req.params.pad, req)) {
        return res.status(403).send('Forbidden');
      }
-      await importHandler.doImport(req, res, req.params.pad);
+      await importHandler.doImport(req, res, req.params.pad, authorId);
    })().catch((err) => next(err || new Error(err)));
  });