add directory config setting

part of #704
This commit is contained in:
Girish Ramakrishnan
2020-07-09 14:35:34 -07:00
parent f94ff49fb9
commit 0f5b7278b8
3 changed files with 59 additions and 12 deletions
+24 -9
View File
@@ -1,15 +1,16 @@
'use strict';
exports = module.exports = {
get: get,
update: update,
getAvatar: getAvatar,
setAvatar: setAvatar,
clearAvatar: clearAvatar,
changePassword: changePassword,
setTwoFactorAuthenticationSecret: setTwoFactorAuthenticationSecret,
enableTwoFactorAuthentication: enableTwoFactorAuthentication,
disableTwoFactorAuthentication: disableTwoFactorAuthentication
authorize,
get,
update,
getAvatar,
setAvatar,
clearAvatar,
changePassword,
setTwoFactorAuthenticationSecret,
enableTwoFactorAuthentication,
disableTwoFactorAuthentication,
};
var assert = require('assert'),
@@ -25,6 +26,20 @@ var assert = require('assert'),
settings = require('../settings.js'),
_ = require('underscore');
function authorize(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
if (users.compareRoles(req.user.role, users.ROLE_USER_MANAGER) >= 0) return next();
settings.getDirectoryConfig(function (error, directoryConfig) {
if (error) return next(BoxError.toHttpError(error));
if (directoryConfig.lockUserProfiles) return next(new HttpError(403, 'admin has disallowed users from editing profiles'));
next();
});
}
function get(req, res, next) {
assert.strictEqual(typeof req.user, 'object');