From 4d921326613969abafda3b1a7b9e0ee4c29cb743 Mon Sep 17 00:00:00 2001
From: Matthew Lorimor <mattlorimor@gmail.com>
Date: Wed, 2 May 2018 15:44:33 -0500
Subject: [PATCH] Add the authenticated users URI as a Grantee URI to check
 (#1)

* Add the authenticated users URI as a Grantee URI to check
---
 index.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/index.js b/index.js
index 1dbe3ac..b913335 100644
--- a/index.js
+++ b/index.js
@@ -1,5 +1,6 @@
 const AWS = require("aws-sdk");
 const allUsersUri = "http://acs.amazonaws.com/groups/global/AllUsers";
+const authenticatedUsersUri = "http://acs.amazonaws.com/groups/global/AuthenticatedUsers";
 const snoozeTopic = process.env.snsTopicArn;
 
 exports.handler = (event, context) => {
@@ -21,7 +22,7 @@ exports.handler = (event, context) => {
         // Grant[0] is always owner, so we only need to check further if we have more than 1 grant
         if (grants.length > 1) {
             for (const grant of grants) {
-                if (grant.Grantee.URI && grant.Grantee.URI == allUsersUri) {
+                if (grant.Grantee.URI && (grant.Grantee.URI == allUsersUri || grant.Grantee.URI == authenticatedUsersUri)) {
                     if (grant.Permission == "READ") {
                         publicPermissions.push("read");
                     } else {
@@ -84,4 +85,4 @@ function getUserDetails(event) {
     }
     
     return userDetails;
-}
\ No newline at end of file
+}