Diagnostic tools: testing user rights.

server/lib/helpers.ts

@@ -1,3 +1,5 @@
+import { Response } from 'express'
+
 const packagejson: any = require('../../../package.json')
 const version: string = packagejson.version || ''
 if (!/^\d+\.\d+\.\d+/.test(version)) {
@@ -19,7 +21,20 @@ function getBaseStaticRoute (): string {
   return '/plugins/' + shortName + '/' + version + '/static/'
 }
 
+// FIXME: Peertube <= 3.1.0 has no way to test that current user is admin
+// This is a hack.
+function isUserAdmin (res: Response): boolean {
+  if (!res.locals?.authenticated) {
+    return false
+  }
+  if (res.locals?.oauth?.token?.User?.role === 0) {
+    return true
+  }
+  return false
+}
+
 export {
   getBaseRouter,
-  getBaseStaticRoute
+  getBaseStaticRoute,
+  isUserAdmin
 }

server/lib/routers/settings.ts

@@ -1,5 +1,5 @@
 import type { Router, Request, Response, NextFunction } from 'express'
-import { getBaseStaticRoute } from '../helpers'
+import { getBaseStaticRoute, isUserAdmin } from '../helpers'
 
 interface Result {
   label?: string
@@ -33,8 +33,9 @@ async function initSettingsRouter ({
       if (!res.locals.authenticated) {
         return res.sendStatus(403)
       }
-      // FIXME: test that user is admin.
+      if (!isUserAdmin(res)) {
-      logger.error('FIXME: test that user is admin')
+        return res.sendStatus(403)
+      }
 
       const test: string = req.body.test || ''
       logger.info('Accessing peertube-plugin-livechat diagnostic tool, test "' + test + '".')