From e0cc72b278aec98b38e912d41ac3daf7760fa7f9 Mon Sep 17 00:00:00 2001
From: Gino Miceli <228050+gino-m@users.noreply.github.com>
Date: Mon, 12 Aug 2024 15:02:55 -0400
Subject: [PATCH] Use correct field to check view submissions permissions
 (#1965)

---
 web/src/app/services/data-store/data-store.service.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/web/src/app/services/data-store/data-store.service.ts b/web/src/app/services/data-store/data-store.service.ts
index a56e8a0f9..53b1525fb 100644
--- a/web/src/app/services/data-store/data-store.service.ts
+++ b/web/src/app/services/data-store/data-store.service.ts
@@ -596,8 +596,9 @@ export class DataStoreService {
   }
 
   /**
-   * Creates a new Query object to filter submissions based on two
-   * criteria: loi and user
+   * Creates a new Query object to filter submissions based on
+   * LOI and user IDs. User ID is ignored if user can manage this
+   * survey (i.e., they can view all submissions by default).
    */
   private canViewSubmissions(
     ref: CollectionReference,
@@ -606,7 +607,7 @@ export class DataStoreService {
     canManageSurvey: boolean
   ) {
     return canManageSurvey
-      ? ref.where(s.loiId, '==', loiId)
+      ? ref.where(sb.loiId, '==', loiId)
       : ref.where(sb.loiId, '==', loiId).where(sb.ownerId, '==', userId);
   }
 }