From c0c3ca18e2d985cd907707f46bfddb692646395a Mon Sep 17 00:00:00 2001
From: sauls8t <saul@documize.com>
Date: Thu, 24 Jan 2019 16:57:23 +0000
Subject: [PATCH] Fixed an issue with non-admin Jira connector auth

Role check should be OR and not AND.
---
 domain/section/endpoint.go | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/domain/section/endpoint.go b/domain/section/endpoint.go
index aaa2f2c4..a97d38b3 100644
--- a/domain/section/endpoint.go
+++ b/domain/section/endpoint.go
@@ -60,12 +60,7 @@ func (h *Handler) RunSectionCommand(w http.ResponseWriter, r *http.Request) {
 	// it's up to the section handler to parse if required.
 
 	// Permission checks
-	if !permission.CanChangeDocument(ctx, *h.Store, documentID) {
-		response.WriteForbiddenError(w)
-		return
-	}
-
-	if !ctx.Editor {
+	if !ctx.Editor && !permission.CanChangeDocument(ctx, *h.Store, documentID) {
 		response.WriteForbiddenError(w)
 		return
 	}