diff --git a/src/routes/accesscontrol.js b/src/routes/accesscontrol.js index 558c620d9..2936c7560 100644 --- a/src/routes/accesscontrol.js +++ b/src/routes/accesscontrol.js @@ -5,8 +5,7 @@ exports = module.exports = { uninitialize: uninitialize, scope: scope, - websocketAuth: websocketAuth, - verifyOperator: verifyOperator + websocketAuth: websocketAuth }; var accesscontrol = require('../accesscontrol.js'), @@ -16,7 +15,6 @@ var accesscontrol = require('../accesscontrol.js'), clients = require('../clients.js'), ClientPasswordStrategy = require('passport-oauth2-client-password').Strategy, ClientsError = clients.ClientsError, - config = require('../config.js'), HttpError = require('connect-lastmile').HttpError, LocalStrategy = require('passport-local').Strategy, passport = require('passport'), @@ -140,9 +138,3 @@ function websocketAuth(requiredScopes, req, res, next) { next(); }); } - -function verifyOperator(req, res, next) { - if (config.allowOperatorActions()) return next(); - - next(new HttpError(401, 'Not allowed in this edition')); -} diff --git a/src/routes/users.js b/src/routes/users.js index 1f375a3f9..1828db9c6 100644 --- a/src/routes/users.js +++ b/src/routes/users.js @@ -11,10 +11,12 @@ exports = module.exports = { createInvite: createInvite, sendInvite: sendInvite, setGroups: setGroups, - transferOwnership: transferOwnership + transferOwnership: transferOwnership, + verifyOperator: verifyOperator }; var assert = require('assert'), + config = require('../config.js'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, users = require('../users.js'), @@ -25,6 +27,12 @@ function auditSource(req) { return { ip: ip, username: req.user ? req.user.username : null, userId: req.user ? req.user.id : null }; } +function verifyOperator(req, res, next) { + if (config.allowOperatorActions()) return next(); + + next(new HttpError(401, 'Not allowed in this edition')); +} + function create(req, res, next) { assert.strictEqual(typeof req.body, 'object');