Fixed message editing by non-admins

server/methods/updateMessage.coffee

@@ -6,21 +6,22 @@ Meteor.methods
 		if not RocketChat.settings.get 'Message_AllowEditing'
 			throw new Meteor.Error 'message-editing-not-allowed', "[methods] updateMessage -> Message editing not allowed"
 
-		user = Meteor.users.findOne Meteor.userId()	
+		user = Meteor.users.findOne Meteor.userId()
 
-		unless user?.admin is true or message.u._id is Meteor.userId()
+		originalMessage = ChatMessage.findOne message._id
+
+		unless user?.admin is true or originalMessage?.u?._id is Meteor.userId()
 			throw new Meteor.Error 'not-authorized', '[methods] updateMessage -> Not authorized'
 
 		console.log '[methods] updateMessage -> '.green, 'userId:', Meteor.userId(), 'arguments:', arguments
 
 		# If we keep history of edits, insert a new message to store history information
 		if RocketChat.settings.get 'Message_KeepHistory'
-			history = ChatMessage.findOne message._id
-			history._hidden = true
-			history.parent = history._id
-			history.ets = new Date()
-			delete history._id
-			ChatMessage.insert history
+			originalMessage._hidden = true
+			originalMessage.parent = originalMessage._id
+			originalMessage.ets = new Date()
+			delete originalMessage._id
+			ChatMessage.insert originalMessage
 
 		message.ets = new Date()