New option to use and configure Prosody mod_firewall WIP (#97):

* new setting * new configuration screen for Peertube admins * include the mod_firewall module * load mod_firewall if enabled * sys admin can disable the firewall config editing by creating a special file on the disk * user documentation
2024-08-12 18:17:31 +02:00
parent 481f265a44
commit 8e99199f29
76 changed files with 7577 additions and 300 deletions
--- a/server/lib/middlewares/is-admin.ts
+++ b/server/lib/middlewares/is-admin.ts
@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/>
+//
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import type { RegisterServerOptions } from '@peertube/peertube-types'
+import type { Request, Response, NextFunction } from 'express'
+import type { RequestPromiseHandler } from './async'
+import { isUserAdmin } from '../helpers'
+
+/**
+ * Returns a middleware handler to check if advanced configuration is not disabled
+ * @param options Peertube server options
+ * @returns middleware function
+ */
+function checkUserIsAdminMiddleware (options: RegisterServerOptions): RequestPromiseHandler {
+  return async (req: Request, res: Response, next: NextFunction) => {
+    const logger = options.peertubeHelpers.logger
+    if (!await isUserAdmin(options, res)) {
+      logger.warn('Current user tries to access a page only allowed for admins, and has no right.')
+      res.sendStatus(403)
+      return
+    }
+
+    logger.debug('User is admin, can access the page..')
+    next()
+  }
+}
+
+export {
+  checkUserIsAdminMiddleware
+}