From 35cc38ba7c2aa2f03682d7f5893042faaaf67385 Mon Sep 17 00:00:00 2001
From: Moriz Wahl <moriz.wahl@gmx.de>
Date: Mon, 14 Mar 2022 14:15:24 +0100
Subject: [PATCH] introduce reset token, comment isAuthorized

---
 backend/src/graphql/directive/isAuthorized.ts     | 6 ++++++
 backend/src/graphql/resolver/UserResolver.test.ts | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/backend/src/graphql/directive/isAuthorized.ts b/backend/src/graphql/directive/isAuthorized.ts
index 4a31dfede..c72a52ac4 100644
--- a/backend/src/graphql/directive/isAuthorized.ts
+++ b/backend/src/graphql/directive/isAuthorized.ts
@@ -14,6 +14,12 @@ const isAuthorized: AuthChecker<any> = async ({ context }, rights) => {
   context.role = ROLE_UNAUTHORIZED // unauthorized user
 
   // moriz: I think it is better to check the INALIENABLE_RIGHTS here
+  /* 
+  if ((<RIGHTS[]>rights).reduce(
+    (acc, right) => acc && INALIENABLE_RIGHTS.includes(right),
+    true,
+  )) return true
+  */
 
   // Do we have a token?
   if (context.token) {
diff --git a/backend/src/graphql/resolver/UserResolver.test.ts b/backend/src/graphql/resolver/UserResolver.test.ts
index 9b2db42e8..570f09823 100644
--- a/backend/src/graphql/resolver/UserResolver.test.ts
+++ b/backend/src/graphql/resolver/UserResolver.test.ts
@@ -373,7 +373,7 @@ describe('UserResolver', () => {
 
     describe('user is in database and wrong password', () => {
       beforeAll(async () => {
-        // resetToken()
+        resetToken()
         await createUser(mutate, {
           email: 'peter@lustig.de',
           firstName: 'Peter',