- fixed webfinger test to work with docker(hackfix)

- fixed permissions middleware to properly authenticate users

backend/src/activitypub/routes/webfinger.spec.js

@@ -98,12 +98,12 @@ describe('webfinger', () => {
           expect(json).toHaveBeenCalledWith({
             links: [
               {
-                href: 'http://localhost:3000/activitypub/users/some-user',
+                href: 'http://webapp:3000/activitypub/users/some-user',
                 rel: 'self',
                 type: 'application/activity+json',
               },
             ],
-            subject: 'acct:some-user@localhost:3000',
+            subject: 'acct:some-user@webapp:3000',
           })
         })
       })

backend/src/middleware/permissionsMiddleware.js

@@ -29,15 +29,25 @@ const onlyYourself = rule({
 
 const isMyOwn = rule({
   cache: 'no_cache',
-})(async (parent, args, context, info) => {
+})(async (parent, args, { user }, info) => {
-  return context.user.id === parent.id
+  return user && user.id === parent.id
 })
 
 const isMySocialMedia = rule({
   cache: 'no_cache',
 })(async (_, args, { user }) => {
+  // We need a User
+  if (!user){
+    return false
+  }
   let socialMedia = await neode.find('SocialMedia', args.id)
-  socialMedia = await socialMedia.toJson()
+  // Did we find a social media node?
+  if(!socialMedia){
+    return false
+  }
+  socialMedia = await socialMedia.toJson() // whats this for?
+
+  //Is it my social media entry?
   return socialMedia.ownedBy.node.id === user.id
 })