refactor: remove create permission check

author: mo khan <mo@mokhan.ca> 2025-07-23 15:33:14 -0600
committer: mo khan <mo@mokhan.ca> 2025-07-23 15:33:14 -0600
commit: 7963e072161907e81544dcdc2ff04a49c9359096 (patch)
tree: 54c8c34feda2cdeee46cdf662d18d89889a7d609 /app/controllers
parent: f861b0df276d26ef8db1e27678f807d22dabd6e3 (diff)
2 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/sparkles/controller.go b/app/controllers/sparkles/controller.go
index ef2ecd5..90767b2 100644
--- a/app/controllers/sparkles/controller.go
+++ b/app/controllers/sparkles/controller.go
@@ -30,7 +30,7 @@ func (c *Controller) MountTo(mux *http.ServeMux) {
 	mux.Handle("POST /sparkles", x.Middleware[http.Handler](
 		http.HandlerFunc(c.Create),
 		middleware.RequireUser(),
-		middleware.RequirePermission("create", c.check),
+		// middleware.RequirePermission("create", c.check),
 	))
 
 	// This is a temporary endpoint to restore a backup
diff --git a/app/controllers/sparkles/controller_test.go b/app/controllers/sparkles/controller_test.go
index 64b4dc5..d2469a7 100644
--- a/app/controllers/sparkles/controller_test.go
+++ b/app/controllers/sparkles/controller_test.go
@@ -121,6 +121,7 @@ func TestSparkles(t *testing.T) {
 			})
 
 			t.Run("when the user is not authorized", func(t *testing.T) {
+				t.Skip()
 				mux := http.NewServeMux()
 				controller := New(repository, stub.Deny())
 				controller.MountTo(mux)
author	mo khan <mo@mokhan.ca>	2025-07-23 15:33:14 -0600
committer	mo khan <mo@mokhan.ca>	2025-07-23 15:33:14 -0600
commit	7963e072161907e81544dcdc2ff04a49c9359096 (patch)
tree	54c8c34feda2cdeee46cdf662d18d89889a7d609 /app/controllers
parent	f861b0df276d26ef8db1e27678f807d22dabd6e3 (diff)