jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Just check for .admin flag in the user object

Browse Source
This commit is contained in:
Johannes Zellner
2016-02-25 11:42:25 +01:00
parent c8db6419d8
commit 63013c7297
1 changed files with 2 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/routes/user.js
View File

@@ -202,15 +202,9 @@ function verifyPassword(req, res, next) {
function requireAdmin(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
groups.isMember(groups.ADMIN_GROUP_ID, req.user.id, function (error, isAdmin) {
if (error) return next(new HttpError(500, error));
if (!req.user.admin) return next(new HttpError(403, 'API call requires admin rights.'));
if (!isAdmin) return next(new HttpError(403, 'API call requires admin rights.'));
req.user.admin = true;
next();
});
next();
}
function sendInvite(req, res, next) {