From fa27a16e6584828eb505229747d4230323b54955 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=98=99=E2=97=A6=20The=20Tablet=20=E2=9D=80=20GamerGirla?=
 =?UTF-8?q?ndCo=20=E2=97=A6=E2=9D=A7?= <i.am.the.tablet@proton.me>
Date: Wed, 6 Dec 2023 21:48:29 -0500
Subject: [PATCH] fix(api): update review editing endpoint

when checking for whether the requester is the author, treat the author field as an object rather than a number (id)
---
 server/api/review/[revid]/index.put.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/server/api/review/[revid]/index.put.ts b/server/api/review/[revid]/index.put.ts
index 4958bba..f47ac4b 100644
--- a/server/api/review/[revid]/index.put.ts
+++ b/server/api/review/[revid]/index.put.ts
@@ -1,5 +1,6 @@
 import san from "sanitize-html";
 import { messages } from "~/lib/server/constants";
+import { log } from "~/lib/server/logger";
 import isLoggedIn from "~/lib/server/middlewareButNotReally/isLoggedIn";
 import { Review } from "~/models/stories/review";
 
@@ -13,7 +14,10 @@ export default eventHandler(async (ev) => {
 			message: messages[404],
 		});
 	}
-	if (c?.author != ev.context.currentUser?._id) {
+	log.silly(`${ev.context.currentUser!._id!} || ${c.author}`, {
+		label: "what the fuck",
+	});
+	if (c?.author._id != ev.context.currentUser?._id) {
 		throw createError({
 			message: messages[403],
 			statusCode: 403,