projects
/
oweals
/
peertube.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add video comments RSS
[oweals/peertube.git]
/
server
/
middlewares
/
user-right.ts
diff --git
a/server/middlewares/user-right.ts
b/server/middlewares/user-right.ts
index bcebe9d7f09797c57988de94fcf58ac1556b549a..7cea7aa1e6c0e34eb2e812df4024956da44d7cc8 100644
(file)
--- a/
server/middlewares/user-right.ts
+++ b/
server/middlewares/user-right.ts
@@
-1,16
+1,21
@@
-import 'express-validator'
import * as express from 'express'
import * as express from 'express'
-
-import { UserInstance } from '../models'
+import 'express-validator'
import { UserRight } from '../../shared'
import { UserRight } from '../../shared'
-import { logger } from '../helpers'
+import { logger } from '../helpers/logger'
+import { UserModel } from '../models/account/user'
function ensureUserHasRight (userRight: UserRight) {
return function (req: express.Request, res: express.Response, next: express.NextFunction) {
function ensureUserHasRight (userRight: UserRight) {
return function (req: express.Request, res: express.Response, next: express.NextFunction) {
- const user
: UserInstance = res.locals.oauth.token.user
+ const user
= res.locals.oauth.token.user as UserModel
if (user.hasRight(userRight) === false) {
if (user.hasRight(userRight) === false) {
- logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path)
- return res.sendStatus(403)
+ const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
+ logger.info(message)
+
+ return res.status(403)
+ .json({
+ error: message
+ })
+ .end()
}
return next()
}
return next()