X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fuser-right.ts;h=7d53e834125aeaa12226d6a055c5675a27a59cac;hb=5e47f6ab984a7d00782e4c7030afffa1ba480add;hp=5bb5bdfbda5aaee10dcb6902be3bfaf730be9a8c;hpb=da854ddd502cd70685ef779c673b9e63757b8aa0;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index 5bb5bdfbd..7d53e8341 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -1,15 +1,18 @@
-import * as express from 'express'
-import 'express-validator'
-import { UserRight } from '../../shared'
+import express from 'express'
+import { HttpStatusCode, UserRight } from '@shared/models'
 import { logger } from '../helpers/logger'
-import { UserModel } from '../models/account/user'
 
 function ensureUserHasRight (userRight: UserRight) {
   return function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    const user = res.locals.oauth.token.user as UserModel
+    const user = res.locals.oauth.token.user
     if (user.hasRight(userRight) === false) {
-      logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
-      return res.sendStatus(403)
+      const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
+      logger.info(message)
+
+      return res.fail({
+        status: HttpStatusCode.FORBIDDEN_403,
+        message
+      })
     }
 
     return next()