From a55d00765581e2dd0b686c2dfdf533116b8bd420 Mon Sep 17 00:00:00 2001
From: Pau Navarro <pau@verdnatura.es>
Date: Tue, 3 Jan 2023 08:12:46 +0100
Subject: [PATCH] requested changes

---
 back/models/notificationSubscription.js    | 20 +++++++-------------
 db/changes/230201/00-acl_notifications.sql | 15 ++++-----------
 2 files changed, 11 insertions(+), 24 deletions(-)

diff --git a/back/models/notificationSubscription.js b/back/models/notificationSubscription.js
index 811914634..26fcc04df 100644
--- a/back/models/notificationSubscription.js
+++ b/back/models/notificationSubscription.js
@@ -14,7 +14,7 @@ module.exports = Self => {
     });
 
     Self.remoteMethod('deleteNotification', {
-        description: 'Gets the current user data',
+        description: 'Deletes a notification subscription',
         accepts: [
             {
                 arg: 'ctx',
@@ -22,15 +22,11 @@ module.exports = Self => {
                 http: {source: 'context'}
             },
             {
-                arg: 'userId',
+                arg: 'userFk',
                 type: 'string'
             },
             {
-                arg: 'notificationId',
-                type: 'number'
-            },
-            {
-                arg: 'authorId',
+                arg: 'notificationFk',
                 type: 'number'
             }
         ],
@@ -44,18 +40,16 @@ module.exports = Self => {
         }
     });
 
-    Self.deleteNotification = async function(ctx) {
+    Self.deleteNotification = async function(ctx, userFk, notificationFk) {
         const models = Self.app.models;
-        const user = await ctx.args.authorId;
-        const notificationId = await ctx.args.notificationId;
-        const userId = await ctx.args.userId;
-        const modifiedUser = await getUserToModify(userId, models);
+        const user = ctx.req.accessToken.userId;
+        const modifiedUser = await getUserToModify(userFk, models);
 
         if (user == modifiedUser.id || modifiedUser.bossFk == user) {
             const query = `DELETE FROM util.notificationSubscription 
             WHERE notificationFk = ? AND userFk = ?`;
 
-            await Self.rawSql(query, [notificationId, userId]);
+            await Self.rawSql(query, [notificationFk, userFk]);
 
             return;
         } else
diff --git a/db/changes/230201/00-acl_notifications.sql b/db/changes/230201/00-acl_notifications.sql
index c206dd27f..4b86e2cd0 100644
--- a/db/changes/230201/00-acl_notifications.sql
+++ b/db/changes/230201/00-acl_notifications.sql
@@ -1,11 +1,4 @@
-INSERT INTO
-	`salix`.`ACL` (
-		`model`,
-		`property`,
-		`accessType`,
-		`permission`,
-		`principalId`
-	)
-VALUES
-	('NotificationSubscription', '*', '*', 'employee'),
-	('NotificationAcl', '*', '*', 'employee');
\ No newline at end of file
+INSERT INTO `salix`.`ACL` (model,property,accessType,principalId)
+	VALUES ('NotificationSubscription','*','*','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,principalId)
+	VALUES ('NotificationAcl','*','*','employee');