diff --git a/packages/server/src/utilities/security/permissions.js b/packages/server/src/utilities/security/permissions.js index e6028ac2da..03fa5fa562 100644 --- a/packages/server/src/utilities/security/permissions.js +++ b/packages/server/src/utilities/security/permissions.js @@ -138,7 +138,7 @@ exports.doesHaveResourcePermission = ( ) => { // set foundSub to not subResourceId, incase there is no subResource let foundMain = false, - foundSub = !subResourceId + foundSub = false for (let [resource, level] of Object.entries(permissions)) { const levels = getAllowedLevels(level) if (resource === resourceId && levels.indexOf(permLevel) !== -1) {