WebPlay/server
1
1
Fork 0
Code Issues 7 Pull Requests Packages Projects Releases Wiki Activity

protect shared items collection #6

Merged
artem merged 2 commits from dev into main 2023-02-17 22:23:17 +01:00
Conversation 0 Commits 2 Files Changed 3 +10 -6
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 6c43cf5f62 - Show all commits

4
router/share.js
View File

@ -8,9 +8,13 @@ var passport = server.passport;
router.route("/")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
if (req.user.roles.includes("admin")) {
database.share.collection(result => {
res.json(result).status(200).end();
})
} else {
res.status(403).end();
}
});
router.route("/:id")
.get((req, res) => {

6
router/system.js
View File

@ -19,7 +19,7 @@ router
})
})
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
if (req.user.roles.indexOf("admin") > -1) {
if (req.user.roles.includes("admin")) {
database.system.setAllows(req.body, () => {
res.status(200).end();
})
@ -31,7 +31,7 @@ router
router
.route("/domains")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
if (req.user.roles.indexOf("admin") > -1) {
if (req.user.roles.includes("admin")) {
let domains = {
const: config.allowed_domains,
dynamic: []
@ -47,7 +47,7 @@ router
}
})
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
if (req.user.roles.indexOf("admin") > -1) {
if (req.user.roles.includes("admin")) {
database.system.setDomains(req.body, () => {
res.status(200).end();
});