]>
Commit | Line | Data |
---|---|---|
9bd26629 C |
1 | 'use strict' |
2 | ||
3 | const constants = require('../initializers/constants') | |
4 | const logger = require('../helpers/logger') | |
5 | ||
6 | const adminMiddleware = { | |
c4403b29 | 7 | ensureIsAdmin |
9bd26629 C |
8 | } |
9 | ||
10 | function ensureIsAdmin (req, res, next) { | |
11 | const user = res.locals.oauth.token.user | |
12 | if (user.role !== constants.USER_ROLES.ADMIN) { | |
13 | logger.info('A non admin user is trying to access to an admin content.') | |
14 | return res.sendStatus(403) | |
15 | } | |
16 | ||
17 | return next() | |
18 | } | |
19 | ||
20 | // --------------------------------------------------------------------------- | |
21 | ||
22 | module.exports = adminMiddleware |