From 98cd714a1b04770af8d66dd253c924b8267166d5 Mon Sep 17 00:00:00 2001
From: Alexander Davis <alex@adcm.uk>
Date: Mon, 10 Aug 2020 18:07:13 +0100
Subject: [PATCH] Changes to authorisation requirements

---
 app/public/actions/close.php  | 6 +++++-
 app/public/actions/reopen.php | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/app/public/actions/close.php b/app/public/actions/close.php
index eb71ade..2ccbddf 100644
--- a/app/public/actions/close.php
+++ b/app/public/actions/close.php
@@ -4,7 +4,11 @@
 
     $request = get_request($db, $_GET['rid']);
     $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
 
     // Close request
     if ($is_authorised == true) {
diff --git a/app/public/actions/reopen.php b/app/public/actions/reopen.php
index 6a43860..90d3d99 100644
--- a/app/public/actions/reopen.php
+++ b/app/public/actions/reopen.php
@@ -4,7 +4,11 @@
 
     $request = get_request($db, $_GET['rid']);
     $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
 
     // Close request
     if ($is_authorised == true) {