yanis/rate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

body length

Browse Source
This commit is contained in:
Yanis Rigaudeau
2022-11-02 20:36:13 +01:00
parent 82d356ef5e
commit 5c21712344
3 changed files with 14 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
api/src/framework/express/middleware.ts
View File

@ -35,36 +35,34 @@ export function CheckPermissions(): RequestHandler {
return (req, res, next) => {
if (!req.session.user) {
next({ status: 401, messsage: 'Unauthorized' });
return;
return next({ status: 401, messsage: 'Unauthorized' });
}
if (req.session.user.role === UserRoles.ADMIN) {
next();
return;
return next();
}
const ressourceId = getResourceId(req);
if (!ressourceId) {
next({ status: 403, messsage: 'Forbidden' });
return;
return next({ status: 403, messsage: 'Forbidden' });
}
if (canAccessRessource(req.session.user, ressourceId)) {
next();
return;
} else {
next({ status: 403, messsage: 'Forbidden' });
return;
return next();
}
// Should be unreachable
next({ status: 403, messsage: 'Forbidden' });
};
}
export function SchemaValidator(): RequestHandler {
export function SchemaValidator(keys: number = 0): RequestHandler {
return (req, res, next) => {
if (Object.keys(req.body).length > keys)
return next({
status: 400,
message: `Found ${Object.keys(req.body).length} keys expected ${keys}`,
});
const error = validationResult(req);
error.isEmpty()
? next()