ChrisChrome/uhppoted-db-web
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Guh

Browse source
This commit is contained in:
Christopher Cookman 2025-08-31 13:32:26 -06:00
parent 4ce8634b66
commit 7d64d0e78a
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
index.js
View file

@ -44,15 +44,15 @@ global.comparePassword = async function(password, hash) {
return await bcrypt.compare(password, hash); return await bcrypt.compare(password, hash);
}; };
global.checkACL = function(req, res, next, perm) { global.checkACL = function(req,, perm) {
if (!req.session.user) { if (!req.session.user) {
return res.status(401).render('error', { error: 'You must be logged in to access this resource.' }); return res.status(401).render('error', { error: 'You must be logged in to access this resource.' });
} }
const perms = req.session.user.perms ? JSON.parse(req.session.user.perms) : []; const perms = req.session.user.perms ? JSON.parse(req.session.user.perms) : [];
if (perms.includes('*') || perms.includes(perm)) { if (perms.includes('*') || perms.includes(perm)) {
return next(); return true;
} }
return res.status(403).render('error', { error: 'You do not have permission to access this resource.', button: {text: "Go Back", action:"back"} }); return false;
}; };