minor fix

2024-03-05 12:11:40 -05:00
parent e59ab23b3d
commit 9bfba6037e
2 changed files with 37 additions and 37 deletions
@@ -16,44 +16,11 @@ export default async function updateLinkById(
    };

  const collectionIsAccessible = await getPermission({ userId, linkId });
-  const targetCollectionIsAccessible = await getPermission({
-    userId,
-    collectionId: data.collection.id,
-  });
-
-  const memberHasAccess = collectionIsAccessible?.members.some(
-    (e: UsersAndCollections) => e.userId === userId && e.canUpdate
-  );

  const isCollectionOwner =
    collectionIsAccessible?.ownerId === data.collection.ownerId &&
    data.collection.ownerId === userId;

-  const targetCollectionsAccessible =
-    targetCollectionIsAccessible?.ownerId === userId;
-
-  const targetCollectionMatchesData = data.collection.id
-    ? data.collection.id === targetCollectionIsAccessible?.id
-    : true && data.collection.name
-      ? data.collection.name === targetCollectionIsAccessible?.name
-      : true && data.collection.ownerId
-        ? data.collection.ownerId === targetCollectionIsAccessible?.ownerId
-        : true;
-
-  if (!targetCollectionsAccessible)
-    return {
-      response: "Target collection is not accessible.",
-      status: 401,
-    };
-  else if (!targetCollectionMatchesData)
-    return {
-      response: "Target collection does not match the data.",
-      status: 401,
-    };
-
-  const unauthorizedSwitchCollection =
-    !isCollectionOwner && collectionIsAccessible?.id !== data.collection.id;
-
  const canPinPermission = collectionIsAccessible?.members.some(
    (e: UsersAndCollections) => e.userId === userId
  );
@@ -84,6 +51,40 @@ export default async function updateLinkById(
    return { response: updatedLink, status: 200 };
  }

+  const targetCollectionIsAccessible = await getPermission({
+    userId,
+    collectionId: data.collection.id,
+  });
+
+  const memberHasAccess = collectionIsAccessible?.members.some(
+    (e: UsersAndCollections) => e.userId === userId && e.canUpdate
+  );
+
+  const targetCollectionsAccessible =
+    targetCollectionIsAccessible?.ownerId === userId;
+
+  const targetCollectionMatchesData = data.collection.id
+    ? data.collection.id === targetCollectionIsAccessible?.id
+    : true && data.collection.name
+      ? data.collection.name === targetCollectionIsAccessible?.name
+      : true && data.collection.ownerId
+        ? data.collection.ownerId === targetCollectionIsAccessible?.ownerId
+        : true;
+
+  if (!targetCollectionsAccessible)
+    return {
+      response: "Target collection is not accessible.",
+      status: 401,
+    };
+  else if (!targetCollectionMatchesData)
+    return {
+      response: "Target collection does not match the data.",
+      status: 401,
+    };
+
+  const unauthorizedSwitchCollection =
+    !isCollectionOwner && collectionIsAccessible?.id !== data.collection.id;
+
  // Makes sure collection members (non-owners) cannot move a link to/from a collection.
  if (unauthorizedSwitchCollection)
    return {