]>
Commit | Line | Data |
---|---|---|
9bd26629 C |
1 | 'use strict' |
2 | ||
9bd26629 C |
3 | const logger = require('../helpers/logger') |
4 | ||
5 | const adminMiddleware = { | |
c4403b29 | 6 | ensureIsAdmin |
9bd26629 C |
7 | } |
8 | ||
9 | function ensureIsAdmin (req, res, next) { | |
10 | const user = res.locals.oauth.token.user | |
ab683a8e | 11 | if (user.isAdmin() === false) { |
9bd26629 C |
12 | logger.info('A non admin user is trying to access to an admin content.') |
13 | return res.sendStatus(403) | |
14 | } | |
15 | ||
16 | return next() | |
17 | } | |
18 | ||
19 | // --------------------------------------------------------------------------- | |
20 | ||
21 | module.exports = adminMiddleware |