Set permissions of new annotations on login
While signed out create a new annotation. You'll see a "You must sign in to create an annotation" card. This card is in fact an annotation in the client-side code, but one that has no user, no permissions, etc etc. If you sign in, you'll then see a full annotation card with editor open in place of the previous card, you can type an annotation and save it. Except that this will send invalid permissions to the server, which will happy save them (no validation) and then crash. The fix: On sign in, set the model.permissions of such annotations. This means that the Post dropdown will set itself correctly to shared or private and on posting the annotation the correct permissions will be sent to the server. Also fixed permissions.coffee to return null instead of invalid permissions when not signed in. Fixes #2686.
Showing
Please register or sign in to comment