-import * as express from 'express'
-import 'express-validator'
+import express from 'express'
import { UserRight } from '../../shared'
+import { HttpStatusCode } from '../../shared/models/http/http-error-codes'
import { logger } from '../helpers/logger'
-import { UserModel } from '../models/account/user'
function ensureUserHasRight (userRight: UserRight) {
return function (req: express.Request, res: express.Response, next: express.NextFunction) {
- const user = res.locals.oauth.token.user as UserModel
+ const user = res.locals.oauth.token.user
if (user.hasRight(userRight) === false) {
- const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
+ const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
logger.info(message)
- return res.status(403)
- .json({
- error: message
- })
- .end()
+ return res.fail({
+ status: HttpStatusCode.FORBIDDEN_403,
+ message
+ })
}
return next()