- body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
- body('password').custom(isUserPasswordValidOrEmpty).withMessage('Should have a valid password'),
- body('email').isEmail().withMessage('Should have a valid email'),
- body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
- body('videoQuotaDaily').custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
- body('role')
- .customSanitizer(toIntOrNull)
- .custom(isUserRoleValid).withMessage('Should have a valid role'),
- body('adminFlags').optional().custom(isUserAdminFlagsValid).withMessage('Should have a valid admin flags'),
-
- async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') })
-
- if (areValidationErrors(req, res)) return
- if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return
-
- const authUser = res.locals.oauth.token.User
- if (authUser.role !== UserRole.ADMINISTRATOR && req.body.role !== UserRole.USER) {
- return res.status(403)
- .json({ error: 'You can only create users (and not administrators or moderators)' })
- }
+ body('username')
+ .custom(isUserUsernameValid)
+ .withMessage('Should have a valid username (lowercase alphanumeric characters)'),
+ body('password')
+ .custom(isUserPasswordValidOrEmpty),
+ body('email')
+ .isEmail(),