IntenseWebs/PeerTube
3
0
Fork 0
mirror of https://github.com/Chocobozzz/PeerTube.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

Moderators can only manage users

Browse Source
This commit is contained in:
Chocobozzz
2019-07-30 09:59:19 +02:00
parent dc89026348
commit a95a4cc891
10 changed files with 227 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/controllers/api/users/index.ts
View File

@@ -31,7 +31,8 @@ import {
usersAskSendVerifyEmailValidator,
usersBlockingValidator,
usersResetPasswordValidator,
usersVerifyEmailValidator
usersVerifyEmailValidator,
ensureCanManageUser
} from '../../../middlewares/validators'
import { UserModel } from '../../../models/account/user'
import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
@@ -97,12 +98,14 @@ usersRouter.post('/:id/block',
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersBlockingValidator),
ensureCanManageUser,
asyncMiddleware(blockUser)
)
usersRouter.post('/:id/unblock',
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersBlockingValidator),
ensureCanManageUser,
asyncMiddleware(unblockUser)
)
@@ -132,6 +135,7 @@ usersRouter.put('/:id',
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersUpdateValidator),
ensureCanManageUser,
asyncMiddleware(updateUser)
)
@@ -139,6 +143,7 @@ usersRouter.delete('/:id',
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersRemoveValidator),
ensureCanManageUser,
asyncMiddleware(removeUser)
)