parent
215c458b56
commit
6fe11be108
@ -0,0 +1,18 @@ |
|||||||
|
module.exports = (app, passAuth) => { |
||||||
|
return requiredPermissions => { |
||||||
|
if (!Array.isArray(requiredPermissions)) {requiredPermissions = [requiredPermissions];} |
||||||
|
return (req, res, next) => { |
||||||
|
if (!req.authenticatedUser) {return next();} |
||||||
|
if (req.authenticatedUser.permissions.includes("admin")) {return next();} |
||||||
|
else { |
||||||
|
let hasAllPerms = true; |
||||||
|
for (let permission of requiredPermissions) { |
||||||
|
if (!req.authenticatedUser.permissions.includes(permission)) {hasAllPerms = false;} |
||||||
|
} |
||||||
|
|
||||||
|
if (!hasAllPerms) {req.unauthorized = true; return passAuth ? next() : res.status(401).send("You are not authorized to do that!");} |
||||||
|
else {return next();} |
||||||
|
} |
||||||
|
}; |
||||||
|
}; |
||||||
|
}; |
Loading…
Reference in new issue