-import 'express-validator'
import * as express from 'express'
-
-import { UserInstance } from '../models'
import { UserRight } from '../../shared'
-import { logger } from '../helpers'
+import { logger } from '../helpers/logger'
+import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
function ensureUserHasRight (userRight: UserRight) {
return function (req: express.Request, res: express.Response, next: express.NextFunction) {
- const user: UserInstance = res.locals.oauth.token.user
+ const user = res.locals.oauth.token.user
if (user.hasRight(userRight) === false) {
- logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
- return res.sendStatus(403)
+ const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
+ logger.info(message)
+
+ return res.status(HttpStatusCode.FORBIDDEN_403)
+ .json({ error: message })
}
return next()