blob: bcebe9d7f09797c57988de94fcf58ac1556b549a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
import 'express-validator'
import * as express from 'express'
import { UserInstance } from '../models'
import { UserRight } from '../../shared'
import { logger } from '../helpers'
function ensureUserHasRight (userRight: UserRight) {
return function (req: express.Request, res: express.Response, next: express.NextFunction) {
const user: UserInstance = res.locals.oauth.token.user
if (user.hasRight(userRight) === false) {
logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
return res.sendStatus(403)
}
return next()
}
}
// ---------------------------------------------------------------------------
export {
ensureUserHasRight
}
|
