8e99199f29
* new setting * new configuration screen for Peertube admins * include the mod_firewall module * load mod_firewall if enabled * sys admin can disable the firewall config editing by creating a special file on the disk * user documentation
32 lines
1.0 KiB
TypeScript
32 lines
1.0 KiB
TypeScript
// SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/>
|
|
//
|
|
// SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
import type { RegisterServerOptions } from '@peertube/peertube-types'
|
|
import type { Request, Response, NextFunction } from 'express'
|
|
import type { RequestPromiseHandler } from './async'
|
|
import { isUserAdmin } from '../helpers'
|
|
|
|
/**
|
|
* Returns a middleware handler to check if advanced configuration is not disabled
|
|
* @param options Peertube server options
|
|
* @returns middleware function
|
|
*/
|
|
function checkUserIsAdminMiddleware (options: RegisterServerOptions): RequestPromiseHandler {
|
|
return async (req: Request, res: Response, next: NextFunction) => {
|
|
const logger = options.peertubeHelpers.logger
|
|
if (!await isUserAdmin(options, res)) {
|
|
logger.warn('Current user tries to access a page only allowed for admins, and has no right.')
|
|
res.sendStatus(403)
|
|
return
|
|
}
|
|
|
|
logger.debug('User is admin, can access the page..')
|
|
next()
|
|
}
|
|
}
|
|
|
|
export {
|
|
checkUserIsAdminMiddleware
|
|
}
|