From 01eed073b2d9147a303337d614a43446172b618f Mon Sep 17 00:00:00 2001
From: Cameron Pettit <71421099+cameronpettit@users.noreply.github.com>
Date: Thu, 1 Sep 2022 16:35:42 -0700
Subject: [PATCH] BRS-806 non-sysadmins cant access facilities (#175)

* BRS-806 non-sysadmins cant access facilities

* BRS-806 - public should NOT be auth
---
 lambda/readReservation/index.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lambda/readReservation/index.js b/lambda/readReservation/index.js
index 85899ee6..733ec8fe 100644
--- a/lambda/readReservation/index.js
+++ b/lambda/readReservation/index.js
@@ -33,14 +33,14 @@ exports.handler = async (event, context) => {
         logger.debug('**SYSADMIN**');
       } else {
         logger.debug('**AUTHENTICATED, NOT SYSADMIN**');
-        let parkObj = await getPark(park.sk, true);
+        let parkObj = await getPark(park, true);
 
         // Check roles.
         logger.debug('Roles:', permissionObject.roles);
-        parkObj = await roleFilter(park, permissionObject.roles);
+        parkObj = await roleFilter([parkObj], permissionObject.roles);
 
         // If user does not have correct park role, then they are not authorized.
-        if (park.length < 1) {
+        if (parkObj.length < 1) {
           return sendResponse(403, { msg: 'Unauthorized' }, context);
         }
       }