Fixed an issue with non-admin Jira connector auth

Role check should be OR and not AND.
2025-07-18 20:59:43 +02:00 · 2019-01-24 16:57:23 +00:00 · 2019-01-24 16:57:23 +00:00 · c0c3ca18e2
commit c0c3ca18e2
parent 2e443de84e
1 changed files with 1 additions and 6 deletions
--- a/domain/section/endpoint.go
+++ b/domain/section/endpoint.go
@ -60,12 +60,7 @@ func (h *Handler) RunSectionCommand(w http.ResponseWriter, r *http.Request) {
 	// it's up to the section handler to parse if required.

 	// Permission checks
-	if !permission.CanChangeDocument(ctx, *h.Store, documentID) {
-		response.WriteForbiddenError(w)
-		return
-	}
-
-	if !ctx.Editor {
+	if !ctx.Editor && !permission.CanChangeDocument(ctx, *h.Store, documentID) {
 		response.WriteForbiddenError(w)
 		return
 	}