BRS-806 non-sysadmins cant access facilities (#175)

* BRS-806 non-sysadmins cant access facilities * BRS-806 - public should NOT be auth
bcgov · Sep 1, 2022 · 01eed07 · 01eed07
1 parent 9d8c453
commit 01eed07
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/lambda/readReservation/index.js b/lambda/readReservation/index.js
@@ -33,14 +33,14 @@ exports.handler = async (event, context) => {
         logger.debug('**SYSADMIN**');
       } else {
         logger.debug('**AUTHENTICATED, NOT SYSADMIN**');
-        let parkObj = await getPark(park.sk, true);
+        let parkObj = await getPark(park, true);
 
         // Check roles.
         logger.debug('Roles:', permissionObject.roles);
-        parkObj = await roleFilter(park, permissionObject.roles);
+        parkObj = await roleFilter([parkObj], permissionObject.roles);
 
         // If user does not have correct park role, then they are not authorized.
-        if (park.length < 1) {
+        if (parkObj.length < 1) {
           return sendResponse(403, { msg: 'Unauthorized' }, context);
         }
       }