mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-02-01 11:22:41 +01:00
18 lines
499 B
JavaScript
18 lines
499 B
JavaScript
'use strict';
|
|
const securityManager = require('./db/SecurityManager');
|
|
|
|
// checks for padAccess
|
|
module.exports = async (req, res) => {
|
|
const {session: {user} = {}} = req;
|
|
const accessObj = await securityManager.checkAccess(
|
|
req.params.pad, req.cookies.sessionID, req.cookies.token, user);
|
|
|
|
if (accessObj.accessStatus === 'grant') {
|
|
// there is access, continue
|
|
return true;
|
|
} else {
|
|
// no access
|
|
res.status(403).send("403 - Can't touch this");
|
|
return false;
|
|
}
|
|
};
|