fix so admins can delete chat msgs

public/js/controllers/groupsCtrl.js

@@ -76,7 +76,7 @@ habitrpg.controller("GroupsCtrl", ['$scope', '$rootScope', 'Groups', '$http', 'A
     }
 
     $scope.deleteChatMessage = function(group, message){
-      if(message.uuid === User.user.id){
+      if(message.uuid === User.user.id || (User.user.backer && User.user.backer.admin)){
         group.$deleteChatMessage({messageId: message.id}, function(){
           var i = _.indexOf(group.chat, message);
           if(i !== -1) group.chat.splice(i, 1);

src/controllers/groups.js

@@ -189,21 +189,18 @@ api.postChat = function(req, res, next) {
 api.deleteChatMessage = function(req, res, next){
   var user = res.locals.user
   var group = res.locals.group;
-  var message = _.find(group.chat, {id: req.params.messageId, uuid: user.id});
+  var message = _.find(group.chat, {id: req.params.messageId});
 
   if(message === undefined) return res.json(404, {err: "Message not found!"});
 
-  if(user.id !== message.uuid){
-    if(!user.backer || (user.backer && !user.backer.admin)){
+  if(user.id !== message.uuid && !(user.backer && user.backer.admin)){
     return res.json(401, {err: "Not authorized to delete this message!"})
   }
-  }
 
   group.chat = _.without(group.chat, message);
   
   group.save(function(err, data){
     if(err) return res.json(500, {err: err});
-
     res.send(204);
   });
 }