diff options
Diffstat (limited to 'server/middlewares/user-right.ts')
| -rw-r--r-- | server/middlewares/user-right.ts | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts index aaf0b323a..45dda4781 100644 --- a/server/middlewares/user-right.ts +++ b/server/middlewares/user-right.ts | |||
| @@ -1,6 +1,7 @@ | |||
| 1 | import * as express from 'express' | 1 | import * as express from 'express' |
| 2 | import { UserRight } from '../../shared' | 2 | import { UserRight } from '../../shared' |
| 3 | import { logger } from '../helpers/logger' | 3 | import { logger } from '../helpers/logger' |
| 4 | import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes' | ||
| 4 | 5 | ||
| 5 | function ensureUserHasRight (userRight: UserRight) { | 6 | function ensureUserHasRight (userRight: UserRight) { |
| 6 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { | 7 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { |
| @@ -9,7 +10,8 @@ function ensureUserHasRight (userRight: UserRight) { | |||
| 9 | const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.` | 10 | const message = `User ${user.username} does not have right ${userRight} to access to ${req.path}.` |
| 10 | logger.info(message) | 11 | logger.info(message) |
| 11 | 12 | ||
| 12 | return res.status(403).json({ error: message }) | 13 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 14 | .json({ error: message }) | ||
| 13 | } | 15 | } |
| 14 | 16 | ||
| 15 | return next() | 17 | return next() |