Workplace is Facebook's child.
It has community and within it there could be groups. Now there could be groups that are created outside the community.
The Group of Workplace has a feature called Events, that can let its members to create Events as well as edit them.
When a user has created an Event in a Group and later if he is kept in mute, he could change the details like the Name of the Event and locaiton. But while muting a user this is the alert shown in the UI
What it says is it only allows to VIEW the group. When it says why it allowed the Group to be edited..
Now, when the same member is muted in the group he can only view the contents in the Group.
Here's something which is ironic, THE STATUS.
When the event editing isn't allowed the status also must be the same.
So, when a user has updated a status in the Group and edits it and captures the HTTP request.
THe HTTP Request would be as follows.
POST /webgraphql/mutation/?doc_id=1396480790477967 HTTP/1.1
Host: my.workplace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0
Accept: */**
Origin: https://my.workplace.com
Connection: close
Cookie*******
variables=%7B%22client_mutation_id%22%3A%22020a9e82-a9c3-4564-965f-19035001af13%22%2C%22actor_id%22%3A%221000****%22%2C%22input%22%3A%7B%22actor_id%22%3A%2210***%22%2C%22client_mutation_id%22%3A%223ced4c57-0b81-40dc-bf68-224bb00609c7%22%2C%22story_id%22%3A%22Uz***M%3D%22%2C%22with_tags_ids%22%3A[]%2C%22multilingual_translations%22%3A[]%2C%22editable_post_feature_capabilities%22%3A[%22STICKER%22%2C%22CONTAINED_MEDIA%22%2C%22CONTAINED_LINK%22]%2C%22sticker_id%22%3Anull%2C%22explicit_place_id%22%3Anull%2C%22inline_activities%22%3A[]%2C%22web_graphml_migration_params%22%3A%7B%22edit_callsite%22%3A%22GROUP_MALL%22%2C%22story_dom_id%22%3A%22u_39_0%22%2C%22composer_dom_element_id%22%3A%22rc.u_3e_0%22%2C%22entstory_context%22%3A%22%7B%5C%22fbfeed_context%5C%22%3Atrue%2C%5C%22location_type%5C%22%3A2%2C%5C%22outer_object_element_id%5C%22%3A%5C%22u_39_0%5C%22%2C%5C%22object_element_id%5C%22%3A%5C%22u_39_0%5C%22%2C%5C%22is_ad_preview%5C%22%3Afalse%2C%5C%22is_editable%5C%22%3Afalse%2C%5C%22mall_how_many_post_comments%5C%22%3A2%2C%5C%22bump_reason%5C%22%3A0%2C%5C%22enable_comment%5C%22%3Afalse%2C%5C%22has_preclick_auto_pivot_unit%5C%22%3Afalse%2C%5C%22story_width%5C%22%3A502%2C%5C%22frtp_eligible%5C%22%3Afalse%2C%5C%22tn-str%5C%22%3A%5C%22-R%5C%22%7D%22%2C%22save_only%22%3Atrue%7D%2C%22message%22%3A%7B%22text%22%3A%22Pentets%20edits.%20Editeed%20Whatsup%22%2C%22ranges%22%3A[]%7D%2C%22formatting%22%3A%22PLAINTEXT%22%2C%22attachments%22%3A[]%2C%22attached_files_data%22%3A%7B%22files%22%3A[]%7D%2C%22logging%22%3A%7B%22composer_session_id%22%3A%22e1eb3d23-3280-4e1d-b8c8-cbd23d4f4852%22%7D%7D%7D**
Now when the same users is muted and performs the same Request for editing, it doesn't allow him to edit the status. That's Hilarious for not allowing to do on events and the Response would be
for (;;);{"__ar":1,"payload":{"data":{"story_edit":null},"errors":[{"message":"Errors while executing operation \"ComposerStoryEditMutation\": At Mutation.story_edit: Field implementation threw an exception. Check your server logs for more information.","severity":"CRITICAL","code":1376025,"api_error_code":200,"summary":"No Permission to Post","description":"You do not have permission to post in this group.
But the updating or editing of the event details could be done without any restriction.
I reported it to the team and once again the report status is hilarious.. LOL ๐๐
