mkrieger/Wachalarm-IP-Web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Routen mit Admin-Rechten angepasst

Browse Source
This commit is contained in:
Robert Richter 2019-05-11 22:30:46 +02:00
parent 5e5fcdd9c0
commit 828ded0aa7
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server/routing.js
View File

@ -40,7 +40,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
user: req.user user: req.user
}); });
} else { } else {
var err = new Error('Wache ' + parmeter_id + ' nicht vorhanden'); var err = new Error('Wache ' + parmeter_id + ' nicht vorhanden!');
err.status = 404; err.status = 404;
next(err); next(err);
} }
@ -89,7 +89,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
}); });
// get /show_active_user // get /show_active_user
app.get('/show_active_user', auth.ensureAuthenticated, function(req, res) { app.get('/show_active_user', auth.ensureAdmin, function(req, res) {
sql.db_get_active_clients(function(data) { sql.db_get_active_clients(function(data) {
res.render('show_active_user', { res.render('show_active_user', {
title: 'Verbundene PCs/Benutzer', title: 'Verbundene PCs/Benutzer',
@ -100,7 +100,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
}); });
// get /show_active_waip // get /show_active_waip
app.get('/show_active_waip', auth.ensureAuthenticated, function(req, res) { app.get('/show_active_waip', auth.ensureAdmin, function(req, res) {
sql.db_get_active_waips(function(data) { sql.db_get_active_waips(function(data) {
res.render('show_active_waip', { res.render('show_active_waip', {
title: 'Akutelle Einsätze', title: 'Akutelle Einsätze',
@ -111,7 +111,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
}); });
// get /show_log // get /show_log
app.get('/show_log', auth.ensureAuthenticated, function(req, res) { app.get('/show_log', auth.ensureAdmin, function(req, res) {
sql.db_get_log(function(data) { sql.db_get_log(function(data) {
res.render('show_log', { res.render('show_log', {
title: 'Log-Datei', title: 'Log-Datei',
@ -122,7 +122,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
}); });
// get /edit_users // get /edit_users
app.get('/edit_users', auth.ensureAuthenticated, function(req, res) { app.get('/edit_users', auth.ensureAdmin, function(req, res) {
sql.db_get_users(function(data) { sql.db_get_users(function(data) {
res.render('edit_users', { res.render('edit_users', {
title: 'Benutzer und Rechte verwalten', title: 'Benutzer und Rechte verwalten',
@ -134,7 +134,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
}); });
}); });
app.post('/edit_users', auth.ensureAuthenticated, function(req, res) { app.post('/edit_users', auth.ensureAdmin, function(req, res) {
if (req.user && req.user.permissions == "admin") { if (req.user && req.user.permissions == "admin") {
switch (req.body["modal_method"]) { switch (req.body["modal_method"]) {
case "DELETE": case "DELETE":
@ -186,7 +186,7 @@ module.exports = function(app, sql, app_cfg, passport, auth) {
// catch 404 and forward to error handler // catch 404 and forward to error handler
app.use(function(req, res, next) { app.use(function(req, res, next) {
var err = new Error('Not Found'); var err = new Error('Seite nicht gefunden!');
err.status = 404; err.status = 404;
next(err); next(err);
}); });