1 import 'express-validator'
2 import * as express from 'express'
4 import { UserInstance } from '../models'
5 import { UserRight } from '../../shared'
6 import { logger } from '../helpers'
8 function ensureUserHasRight (userRight: UserRight) {
9 return function (req: express.Request, res: express.Response, next: express.NextFunction) {
10 const user: UserInstance = res.locals.oauth.token.user
11 if (user.hasRight(userRight) === false) {
12 logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
13 return res.sendStatus(403)
20 // ---------------------------------------------------------------------------