From ec166c5779fe9eb833eefb035e828d96a582711d Mon Sep 17 00:00:00 2001
From: Anand Chowdhary <mail@anandchowdhary.com>
Date: Thu, 30 May 2019 13:37:19 +0200
Subject: [PATCH] :bug: Fix bug with email authorization

---
 src/controllers/organization.ts | 2 +-
 src/helpers/errors.ts           | 2 +-
 src/rest/email.ts               | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/controllers/organization.ts b/src/controllers/organization.ts
index 0aa44fc55..0ec89198c 100644
--- a/src/controllers/organization.ts
+++ b/src/controllers/organization.ts
@@ -151,7 +151,7 @@ export class OrganizationController {
     );
   }
 
-  @Get(":id/plans")
+  @Get(":id/pricing/:product")
   async getPlans(req: Request, res: Response) {
     const product = req.params.product;
     const organizationId = req.params.id;
diff --git a/src/helpers/errors.ts b/src/helpers/errors.ts
index a69f92042..282b7125b 100644
--- a/src/helpers/errors.ts
+++ b/src/helpers/errors.ts
@@ -7,7 +7,6 @@ import Joi from "@hapi/joi";
  */
 export const safeError = (error: string) => {
   const errorString = error.toString();
-  console.log("Got", errorString);
   if (errorString.startsWith("joi:")) {
     const joiError = JSON.parse(
       errorString.split("joi:")[1]
@@ -28,5 +27,6 @@ export const sendError = (error: string) => {
     const code = error.split("/")[1];
     return { status, code } as HTTPError;
   }
+  console.log("Backup error", error);
   return { status: 500, code: error } as HTTPError;
 };
diff --git a/src/rest/email.ts b/src/rest/email.ts
index 49eda5a2f..4fd499db1 100644
--- a/src/rest/email.ts
+++ b/src/rest/email.ts
@@ -55,7 +55,7 @@ export const addEmailToUserForUser = async (
   email: string,
   locals: Locals
 ) => {
-  if (await can(tokenUserId, Authorizations.UPDATE, "user", userId))
+  if (!(await can(tokenUserId, Authorizations.UPDATE, "user", userId)))
     throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
   validate(email, ValidationTypes.EMAIL);
   await checkIfNewEmail(email);
@@ -73,7 +73,7 @@ export const deleteEmailFromUserForUser = async (
   emailId: number,
   locals: Locals
 ) => {
-  if (await can(tokenUserId, Authorizations.UPDATE, "user", userId))
+  if (!(await can(tokenUserId, Authorizations.UPDATE, "user", userId)))
     throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
   const email = await getEmail(emailId);
   if (email.userId != userId)