Ability to revoke, ShareMenu

server/api/shares.js

@@ -65,8 +65,9 @@ router.post('shares.delete', auth(), async ctx => {
   const { id } = ctx.body;
   ctx.assertPresent(id, 'id is required');
 
+  const user = ctx.state.user;
   const share = await Share.findById(id);
-  authorize(ctx.state.user, 'delete', share);
+  authorize(user, 'delete', share);
 
   await share.destroy();
 

server/policies/share.js

@@ -9,7 +9,7 @@ allow(User, ['read'], Share, (user, share) => user.teamId === share.teamId);
 allow(User, ['update'], Share, (user, share) => false);
 allow(User, ['delete'], Share, (user, share) => {
   if (!share || user.teamId !== share.teamId) return false;
-  if (user.id === share.userId) return false;
+  if (user.id === share.userId) return true;
   if (user.isAdmin) return true;
   throw new AdminRequiredError();
 });

server/presenters/share.js

@@ -6,6 +6,7 @@ function present(ctx: Object, share: Share) {
   return {
     id: share.id,
     documentTitle: share.document.title,
+    documentUrl: share.document.getUrl(),
     url: `${process.env.URL}/share/${share.id}`,
     createdBy: presentUser(ctx, share.user),
     createdAt: share.createdAt,