19 lines
489 B
TypeScript
19 lines
489 B
TypeScript
import { NextFunction, Response } from 'express';
|
|
import { isAdminSub } from '../baseblocks/admin/admin.service';
|
|
import { RequestContext } from '../util/request-context.type';
|
|
|
|
export const isAdmin = async (
|
|
req: RequestContext,
|
|
res: Response,
|
|
next: NextFunction,
|
|
) => {
|
|
const userSub = req.currentUserSub;
|
|
const isAdmin = await isAdminSub(userSub);
|
|
if (!isAdmin) {
|
|
res.status(403).json({
|
|
error: 'User does not have permission',
|
|
});
|
|
return;
|
|
}
|
|
next();
|
|
};
|