mkrieger/Wachalarm-IP-Web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ensureAdmin verbessert

Browse Source
This commit is contained in:
Robert Richter 2019-05-13 21:47:10 +02:00
parent 7ab105a575
commit 9b28e3408d
1 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
server/auth.js
View File

@ -100,20 +100,22 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
}; };
function ensureAdmin(req, res, next) { function ensureAdmin(req, res, next) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
db.get('SELECT permissions FROM waip_users WHERE id = ?', req.user.id, function(err, row) { db.get('SELECT permissions FROM waip_users WHERE id = ?', req.user.id, function(err, row) {
if (row.permissions == "admin") { if (row.permissions == "admin") {
// req.user is available for use here // req.user is available for use here
return next(); return next();
}; };
var err = new Error('Sie verfügen nicht über die notwendigen Berechtigungen!'); var err = new Error('Sie verfügen nicht über die notwendigen Berechtigungen!');
err.status = 401; err.status = 401;
next(err); next(err);
}); });
// denied. redirect to login } else {
var err = new Error('Sie sind nicht angemeldet!'); // denied. redirect to login
err.status = 401; var err = new Error('Sie sind nicht angemeldet!');
next(err); err.status = 401;
next(err);
};
}; };
function createUser(req, res) { function createUser(req, res) {
@ -152,7 +154,7 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
res.redirect('/edit_users'); res.redirect('/edit_users');
} }
}); });
} };
}; };
function editUser(req, res) { function editUser(req, res) {