0

I'm trying to add new function allowing to delete post for authorized users, so they can remove posts only they created. It works only with one statement, so I can allow them to delete all of their (only their) posts or delete selected posts, but of all users. Heres code:

article_collection.remove({ _id: article_collection.db.bson_serializer.ObjectID.createFromHexString(id) }, {authoro: user}, function(error, result) {

When I add $and function, it does nothing, in the case posted above, it allows all users to delete any post. I'm guessing I need to convert passed id of post to hex? but how?

Improve this question

1 Answer 1

Reset to default
3

Both query conditions must be combined into a single object:

article_collection.remove({_id: id, authoro: user}, function(error, result) { ...
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

WOW, it does work. I tried every possible combination except this one :-). Thanks!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.