Drop authorization for admin on delete endpoint
This commit is contained in:
parent
8b92ade9af
commit
c5a877ce6b
|
@ -103,7 +103,7 @@ router.post('/add_comment', auth.jwtCheck, function(req, res, next) {
|
|||
router.get('/get_comments', auth.jwtCheck, function(req, res, next) {
|
||||
});
|
||||
|
||||
router.delete('/delete_comment/:news_id/:comment_id', auth.jwtCheck, auth.adminScope, (req, res, next) => {
|
||||
router.delete('/delete_comment/:news_id/:comment_id', auth.jwtCheck, (req, res, next) => {
|
||||
if (!req.params) {
|
||||
res.status(400).send({
|
||||
message: "Query params can not be empty!"
|
||||
|
|
Loading…
Reference in New Issue