add organizer role and features
All checks were successful
Build Images and Deploy / Update-PROD-Stack (push) Successful in 29s
All checks were successful
Build Images and Deploy / Update-PROD-Stack (push) Successful in 29s
This commit is contained in:
@@ -20,12 +20,24 @@ function requireAdmin(req, res, next) {
|
||||
res.redirect('/auth/login');
|
||||
}
|
||||
|
||||
function requireOrganizerOrAdmin(req, res, next) {
|
||||
if (req.session && req.session.userId && (req.session.isAdmin || req.session.isOrganizer)) {
|
||||
return next();
|
||||
}
|
||||
if (req.session && req.session.userId) {
|
||||
return res.status(403).render('error', { title: 'Forbidden', message: 'You do not have access to this page.' });
|
||||
}
|
||||
req.session.returnTo = req.originalUrl;
|
||||
res.redirect('/auth/login');
|
||||
}
|
||||
|
||||
function loadUser(req, res, next) {
|
||||
if (req.session && req.session.userId) {
|
||||
res.locals.currentUser = {
|
||||
id: req.session.userId,
|
||||
username: req.session.username,
|
||||
isAdmin: req.session.isAdmin
|
||||
isAdmin: req.session.isAdmin,
|
||||
isOrganizer: req.session.isOrganizer
|
||||
};
|
||||
} else {
|
||||
res.locals.currentUser = null;
|
||||
@@ -34,4 +46,4 @@ function loadUser(req, res, next) {
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = { requireAuth, requireAdmin, loadUser };
|
||||
module.exports = { requireAuth, requireAdmin, requireOrganizerOrAdmin, loadUser };
|
||||
|
||||
Reference in New Issue
Block a user