X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fuser-right.ts;h=7d53e834125aeaa12226d6a055c5675a27a59cac;hb=4cf800a350972a078c074da6b31da2b98ab4b007;hp=bcebe9d7f09797c57988de94fcf58ac1556b549a;hpb=954605a804da399317ca62afa2fb9244afa11ebf;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index bcebe9d7f..7d53e8341 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -1,16 +1,18 @@
-import 'express-validator'
-import * as express from 'express'
-
-import { UserInstance } from '../models'
-import { UserRight } from '../../shared'
-import { logger } from '../helpers'
+import express from 'express'
+import { HttpStatusCode, UserRight } from '@shared/models'
+import { logger } from '../helpers/logger'
 
 function ensureUserHasRight (userRight: UserRight) {
   return function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    const user: UserInstance = res.locals.oauth.token.user
+    const user = res.locals.oauth.token.user
     if (user.hasRight(userRight) === false) {
-      logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
-      return res.sendStatus(403)
+      const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
+      logger.info(message)
+
+      return res.fail({
+        status: HttpStatusCode.FORBIDDEN_403,
+        message
+      })
     }
 
     return next()