X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fuser-right.ts;h=7d53e834125aeaa12226d6a055c5675a27a59cac;hb=92e66e04f7f51d37b465cff442ce47f6d6d7cadd;hp=5d63ebaf4f361dfaf373c2a8db5b5200b877b0ed;hpb=3fd3ab2d34d512b160a5e6084d7609be7b4f4452;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index 5d63ebaf4..7d53e8341 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -1,15 +1,18 @@
-import * as express from 'express'
-import 'express-validator'
-import { UserRight } from '../../shared'
-import { logger } from '../helpers'
-import { UserModel } from '../models/account/user'
+import express from 'express'
+import { HttpStatusCode, UserRight } from '@shared/models'
+import { logger } from '../helpers/logger'
 
 function ensureUserHasRight (userRight: UserRight) {
   return function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    const user = res.locals.oauth.token.user as UserModel
+    const user = res.locals.oauth.token.user
     if (user.hasRight(userRight) === false) {
-      logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
-      return res.sendStatus(403)
+      const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.`
+      logger.info(message)
+
+      return res.fail({
+        status: HttpStatusCode.FORBIDDEN_403,
+        message
+      })
     }
 
     return next()