From 51735f79dc4ea8e5d045507a7a03a4206caa3fcf Mon Sep 17 00:00:00 2001
From: j-weissen <jweissen@htl-steyr.ac.at>
Date: Mon, 17 Oct 2022 00:01:21 +0200
Subject: [PATCH] fixed update

---
 backend/strapi/src/api/note/controllers/note.js | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/backend/strapi/src/api/note/controllers/note.js b/backend/strapi/src/api/note/controllers/note.js
index 9cf8879..4f3cd54 100644
--- a/backend/strapi/src/api/note/controllers/note.js
+++ b/backend/strapi/src/api/note/controllers/note.js
@@ -63,22 +63,26 @@ module.exports = createCoreController(noteUid, ({strapi}) => ({
   async update(ctx) {
     const noteId = getNoteIdFromUrl(ctx.request.url)
     const userId = ctx.state.user.id;
-    const requestBody = ctx.request.body;
+    const requestBody = JSON.parse(ctx.request.body);
+    console.log(JSON.stringify(requestBody, null, 2))
     const entry = await strapi.entityService.findOne(noteUid, noteId, {
       populate: ['owners'],
     });
     const authorized = entry.owners.some(owner => owner.id === userId)
-    let allPreviousOwnersKept = false;
+    let allPreviousOwnersKept = true;
     if (requestBody.data.hasOwnProperty("owners")) {
       allPreviousOwnersKept = entry.owners.every(owner => requestBody.data.owners.includes(owner));
     }
+    console.log({
+      "auth": authorized,
+      "allprev": allPreviousOwnersKept,
+    })
     if (!authorized) {
       ctx.response.status = 403;
     } else if (!allPreviousOwnersKept) {
       ctx.response.status = 400;
-    } else {
-      return super.update(ctx);
     }
+    return await strapi.entityService.update(noteUid, noteId, requestBody);
   },
   /**
    * Creates a new note, automatically sets owners to the user making the request and lastViewed