From c284f0858e00a31ab6928b60f09f4a03edfd4fd1 Mon Sep 17 00:00:00 2001
From: Michael Both <michael@sternensplitter.de>
Date: Thu, 22 Nov 2018 15:44:05 +0100
Subject: [PATCH 1/2] Fix 404 on removing a comment

---
 server/services/comments/comments.hooks.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/server/services/comments/comments.hooks.js b/server/services/comments/comments.hooks.js
index a6fdc5d..918ff5a 100644
--- a/server/services/comments/comments.hooks.js
+++ b/server/services/comments/comments.hooks.js
@@ -37,10 +37,10 @@ const xssFields = ['content', 'contentExcerpt'];
 module.exports = {
   before: {
     all: [
-      softDelete(),
       xss({ fields: xssFields })
     ],
     find: [
+      softDelete(),
       // We want to deleted comments to show up
       iff(
         hook => hook.params.headers && hook.params.headers.authorization,
@@ -52,12 +52,14 @@ module.exports = {
       }
     ],
     get: [
+      softDelete(),
       iff(
         hook => hook.params.headers && hook.params.headers.authorization,
         authenticate('jwt')
       )
     ],
     create: [
+      softDelete(),
       authenticate('jwt'),
       // Allow seeder to seed comments
       unless(isProvider('server'),
@@ -67,6 +69,7 @@ module.exports = {
       createExcerpt({ length: 180 })
     ],
     update: [
+      softDelete(),
       authenticate('jwt'),
       unless(isProvider('server'),
         isVerified(),
@@ -76,6 +79,7 @@ module.exports = {
       setNow('updatedAt')
     ],
     patch: [
+      softDelete(),
       authenticate('jwt'),
       unless(isProvider('server'),
         isVerified(),
@@ -105,7 +109,8 @@ module.exports = {
       unless(isProvider('server'),
         unless(isModerator(),
           isVerified(),
-          restrictToOwner()
+          restrictToOwner(),
+          softDelete()
         )
       )
     ]

From 236fe42a5edae2b46a1fa7da6255d36064a0761c Mon Sep 17 00:00:00 2001
From: Michael Both <michael@sternensplitter.de>
Date: Sun, 9 Dec 2018 18:18:29 +0100
Subject: [PATCH 2/2] Correct hook order

---
 server/services/comments/comments.hooks.js | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/server/services/comments/comments.hooks.js b/server/services/comments/comments.hooks.js
index 918ff5a..841fd02 100644
--- a/server/services/comments/comments.hooks.js
+++ b/server/services/comments/comments.hooks.js
@@ -105,9 +105,15 @@ module.exports = {
       })
     ],
     remove: [
-      authenticate('jwt'),
-      unless(isProvider('server'),
-        unless(isModerator(),
+      iff(isProvider('server'),
+        softDelete(),
+        authenticate('jwt')
+      ).else( // isProvider == false
+        iff(isModerator(),
+          softDelete(),
+          authenticate('jwt')
+        ).else( // isModerator == false
+          authenticate('jwt'),
           isVerified(),
           restrictToOwner(),
           softDelete()