Improve role add/edit error message

2020-03-06 13:16:47 -08:00
parent ad72a8a929
commit afa2fe8177
1 changed files with 2 additions and 2 deletions
--- a/src/routes/users.js
+++ b/src/routes/users.js
@@ -43,7 +43,7 @@ function create(req, res, next) {
    if ('password' in req.body && typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be string'));
    if ('role' in req.body) {
        if (typeof req.body.role !== 'string') return next(new HttpError(400, 'role must be string'));
-        if (users.compareRoles(req.user.role, req.body.role) < 0) return next(new HttpError(403, `role '${req.body.role}' is required but user has only '${req.user.role}'`));
+        if (users.compareRoles(req.user.role, req.body.role) < 0) return next(new HttpError(403, `role '${req.body.role}' is required but you are only '${req.user.role}'`));
    }

    var password = req.body.password || null;
@@ -72,7 +72,7 @@ function update(req, res, next) {
        if (typeof req.body.role !== 'string') return next(new HttpError(400, 'role must be a string'));
        if (req.user.id === req.resource.id) return next(new HttpError(409, 'Cannot set role flag on self'));

-        if (users.compareRoles(req.user.role, req.body.role) < 0) return next(new HttpError(403, `role '${req.body.role}' is required but user has only '${req.user.role}'`));
+        if (users.compareRoles(req.user.role, req.body.role) < 0) return next(new HttpError(403, `role '${req.body.role}' is required but you are only '${req.user.role}'`));
    }

    if ('active' in req.body) {