aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/admin.js
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/admin.js')
-rw-r--r--server/middlewares/admin.js22
1 files changed, 22 insertions, 0 deletions
diff --git a/server/middlewares/admin.js b/server/middlewares/admin.js
new file mode 100644
index 000000000..e6d9dc887
--- /dev/null
+++ b/server/middlewares/admin.js
@@ -0,0 +1,22 @@
1'use strict'
2
3const constants = require('../initializers/constants')
4const logger = require('../helpers/logger')
5
6const adminMiddleware = {
7 ensureIsAdmin
8}
9
10function ensureIsAdmin (req, res, next) {
11 const user = res.locals.oauth.token.user
12 if (user.role !== constants.USER_ROLES.ADMIN) {
13 logger.info('A non admin user is trying to access to an admin content.')
14 return res.sendStatus(403)
15 }
16
17 return next()
18}
19
20// ---------------------------------------------------------------------------
21
22module.exports = adminMiddleware