From 589078e8b39ad1605ea2409ceffd8008b4ac1064 Mon Sep 17 00:00:00 2001
From: Ruben Verborgh <ruben@verborgh.org>
Date: Fri, 30 Jun 2017 20:59:46 -0400
Subject: [PATCH] Expose ACL and user ID on request.

The PATCH handler needs ACL for detailed permission checking,
as the full set of needed permissions is unknown
until the patch document has been parsed.
---
 lib/handlers/allow.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/handlers/allow.js b/lib/handlers/allow.js
index 5487d909a..dcc709065 100644
--- a/lib/handlers/allow.js
+++ b/lib/handlers/allow.js
@@ -27,9 +27,11 @@ function allow (mode) {
       suffix: ldp.suffixAcl,
       strictOrigin: ldp.strictOrigin
     })
+    req.acl = acl
 
     getUserId(req, function (err, userId) {
       if (err) return next(err)
+      req.userId = userId
 
       var reqPath = res && res.locals && res.locals.path
         ? res.locals.path