From 8491293b02ed2ec53eb0fa128161ea0b08d3def9 Mon Sep 17 00:00:00 2001
From: Rigel Kent <sendmemail@rigelk.eu>
Date: Thu, 2 Jul 2020 22:49:51 +0200
Subject: add blocked filter in users list to filter banned users

fixes #2914
---
 server/middlewares/validators/users.ts | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'server/middlewares/validators')

diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 4a9ed6830..6860a3bed 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -38,6 +38,21 @@ import { UserRole } from '../../../shared/models/users'
 import { MUserDefault } from '@server/types/models'
 import { Hooks } from '@server/lib/plugins/hooks'
 
+const usersListValidator = [
+  query('blocked')
+    .optional()
+    .customSanitizer(toBooleanOrNull)
+    .isBoolean().withMessage('Should be a valid boolean banned state'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking usersList parameters', { parameters: req.query })
+
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
+
 const usersAddValidator = [
   body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
   body('password').custom(isUserPasswordValidOrEmpty).withMessage('Should have a valid password'),
@@ -444,6 +459,7 @@ const ensureCanManageUser = [
 // ---------------------------------------------------------------------------
 
 export {
+  usersListValidator,
   usersAddValidator,
   deleteMeValidator,
   usersRegisterValidator,
-- 
cgit v1.2.3