1 import * as express from 'express'
2 import { UserRight } from '../../shared'
3 import { logger } from '../helpers/logger'
4 import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
6 function ensureUserHasRight (userRight: UserRight) {
7 return function (req: express.Request, res: express.Response, next: express.NextFunction) {
8 const user = res.locals.oauth.token.user
9 if (user.hasRight(userRight) === false) {
10 const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
14 status: HttpStatusCode.FORBIDDEN_403,
23 // ---------------------------------------------------------------------------