migrate permissions and admin flag to user.role

src/server.js

@@ -17,6 +17,7 @@ var accesscontrol = require('./accesscontrol.js'),
     middleware = require('./middleware'),
     routes = require('./routes/index.js'),
     settings = require('./settings.js'),
+    users = require('./users.js'),
     ws = require('ws');
 
 var gHttpServer = null;
@@ -45,7 +46,7 @@ function initializeExpressSync() {
             return [
                 'Box',
                 tokens.method(req, res),
-                tokens.url(req, res).replace(/(access_token=)[^\&]+/, '$1' + '<redacted>'),
+                tokens.url(req, res).replace(/(access_token=)[^&]+/, '$1' + '<redacted>'),
                 tokens.status(req, res),
                 tokens['response-time'](req, res), 'ms', '-',
                 tokens.res(req, res, 'content-length')
@@ -79,8 +80,8 @@ function initializeExpressSync() {
     // to keep routes code short
     const password = routes.accesscontrol.passwordAuth;
     const token = routes.accesscontrol.tokenAuth;
-    const authorizeAdmin = routes.accesscontrol.authorize(accesscontrol.PERMISSION_ADMIN);
-    const authorizeUserManager = routes.accesscontrol.authorize(accesscontrol.PERMISSION_MANAGE_USERS);
+    const authorizeAdmin = routes.accesscontrol.authorize(users.ROLE_ADMIN);
+    const authorizeUserManager = routes.accesscontrol.authorize(users.ROLE_USER_MANAGER);
 
     // public routes
     router.post('/api/v1/cloudron/setup', routes.provision.providerTokenAuth, routes.provision.setup);    // only available until no-domain