🐛 Fix bug with email authorization

staart · May 30, 2019 · ec166c5 · ec166c5
1 parent ddcba1b
commit ec166c5
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/src/controllers/organization.ts b/src/controllers/organization.ts
@@ -151,7 +151,7 @@ export class OrganizationController {
     );
   }
 
-  @Get(":id/plans")
+  @Get(":id/pricing/:product")
   async getPlans(req: Request, res: Response) {
     const product = req.params.product;
     const organizationId = req.params.id;

diff --git a/src/helpers/errors.ts b/src/helpers/errors.ts
@@ -7,7 +7,6 @@ import Joi from "@hapi/joi";
  */
 export const safeError = (error: string) => {
   const errorString = error.toString();
-  console.log("Got", errorString);
   if (errorString.startsWith("joi:")) {
     const joiError = JSON.parse(
       errorString.split("joi:")[1]
@@ -28,5 +27,6 @@ export const sendError = (error: string) => {
     const code = error.split("/")[1];
     return { status, code } as HTTPError;
   }
+  console.log("Backup error", error);
   return { status: 500, code: error } as HTTPError;
 };
diff --git a/src/rest/email.ts b/src/rest/email.ts
@@ -55,7 +55,7 @@ export const addEmailToUserForUser = async (
   email: string,
   locals: Locals
 ) => {
-  if (await can(tokenUserId, Authorizations.UPDATE, "user", userId))
+  if (!(await can(tokenUserId, Authorizations.UPDATE, "user", userId)))
     throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
   validate(email, ValidationTypes.EMAIL);
   await checkIfNewEmail(email);
@@ -73,7 +73,7 @@ export const deleteEmailFromUserForUser = async (
   emailId: number,
   locals: Locals
 ) => {
-  if (await can(tokenUserId, Authorizations.UPDATE, "user", userId))
+  if (!(await can(tokenUserId, Authorizations.UPDATE, "user", userId)))
     throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
   const email = await getEmail(emailId);
   if (email.userId != userId)