user-right.ts 833 B

1234567891011121314151617181920212223242526272829
  1. import * as express from 'express'
  2. import 'express-validator'
  3. import { UserRight } from '../../shared'
  4. import { logger } from '../helpers/logger'
  5. import { UserModel } from '../models/account/user'
  6. function ensureUserHasRight (userRight: UserRight) {
  7. return function (req: express.Request, res: express.Response, next: express.NextFunction) {
  8. const user = res.locals.oauth.token.user as UserModel
  9. if (user.hasRight(userRight) === false) {
  10. const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
  11. logger.info(message)
  12. return res.status(403)
  13. .json({
  14. error: message
  15. })
  16. .end()
  17. }
  18. return next()
  19. }
  20. }
  21. // ---------------------------------------------------------------------------
  22. export {
  23. ensureUserHasRight
  24. }