aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/user-right.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/user-right.ts')
-rw-r--r--server/middlewares/user-right.ts10
1 files changed, 8 insertions, 2 deletions
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index 5bb5bdfbd..7cea7aa1e 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -8,8 +8,14 @@ function ensureUserHasRight (userRight: UserRight) {
8 return function (req: express.Request, res: express.Response, next: express.NextFunction) { 8 return function (req: express.Request, res: express.Response, next: express.NextFunction) {
9 const user = res.locals.oauth.token.user as UserModel 9 const user = res.locals.oauth.token.user as UserModel
10 if (user.hasRight(userRight) === false) { 10 if (user.hasRight(userRight) === false) {
11 logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path) 11 const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
12 return res.sendStatus(403) 12 logger.info(message)
13
14 return res.status(403)
15 .json({
16 error: message
17 })
18 .end()
13 } 19 }
14 20
15 return next() 21 return next()