aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/oauth.ts2
-rw-r--r--server/middlewares/validators/users.ts21
2 files changed, 22 insertions, 1 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
index a6f28dd5b..5233b66bd 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@@ -39,7 +39,7 @@ function token (req: express.Request, res: express.Response, next: express.NextF
39 if (err) { 39 if (err) {
40 return res.status(err.status) 40 return res.status(err.status)
41 .json({ 41 .json({
42 error: 'Authentication failed.', 42 error: err.message,
43 code: err.name 43 code: err.name
44 }) 44 })
45 .end() 45 .end()
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 3c207c81f..94d8ab53b 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -74,6 +74,26 @@ const usersRemoveValidator = [
74 } 74 }
75] 75]
76 76
77const usersBlockingValidator = [
78 param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
79
80 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
81 logger.debug('Checking usersRemove parameters', { parameters: req.params })
82
83 if (areValidationErrors(req, res)) return
84 if (!await checkUserIdExist(req.params.id, res)) return
85
86 const user = res.locals.user
87 if (user.username === 'root') {
88 return res.status(400)
89 .send({ error: 'Cannot block the root user' })
90 .end()
91 }
92
93 return next()
94 }
95]
96
77const deleteMeValidator = [ 97const deleteMeValidator = [
78 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 98 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
79 const user: UserModel = res.locals.oauth.token.User 99 const user: UserModel = res.locals.oauth.token.User
@@ -230,6 +250,7 @@ export {
230 usersAddValidator, 250 usersAddValidator,
231 deleteMeValidator, 251 deleteMeValidator,
232 usersRegisterValidator, 252 usersRegisterValidator,
253 usersBlockingValidator,
233 usersRemoveValidator, 254 usersRemoveValidator,
234 usersUpdateValidator, 255 usersUpdateValidator,
235 usersUpdateMeValidator, 256 usersUpdateMeValidator,