sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2026-01-05 05:40:06 +00:00
Code Issues Projects Releases Wiki Activity

fix: add authorize middleware for appStreams

Browse Source
This commit is contained in:
Sabir Hassan
2022-07-04 17:14:17 +05:00
parent 4c35e04802
commit e54a09db19
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/middlewares/authorize.ts
View File

@@ -5,7 +5,7 @@ import { PermissionSetting } from '../controllers/permission'
export const authorize: RequestHandler = async (req, res, next) => {
let permission
const user = req.user
const user = req.user || req.session.user
if (user) {
// no need to check for permissions when user is admin
if (user.isAdmin) return next()
@@ -13,7 +13,7 @@ export const authorize: RequestHandler = async (req, res, next) => {
const dbUser = await User.findOne({ id: user.userId })
if (!dbUser) return res.sendStatus(401)
const uri = req.baseUrl + req.route.path
const uri = req.baseUrl + req.path
// find permission w.r.t user
permission = await Permission.findOne({ uri, user: dbUser._id })