byklyci
commented
5 years ago I tried to solve this problem with using the {'owner' : req.params.id} inside the findByIdAndUpdate function I am not sure it is proper way but it seems like that.
Closed okyksl closed 5 years ago
byklyci
commented
5 years ago I tried to solve this problem with using the {'owner' : req.params.id} inside the findByIdAndUpdate function I am not sure it is proper way but it seems like that.
okyksl
commented
5 years ago How about using req.user object?
byklyci
commented
5 years ago I am closing this issue.
Currently, any user can edit any events. We must allow only the creator of the event to edit the event.