Updated roles and permissions logic.

2022-12-06 18:36:41 -08:00
parent 4eb3140e43
commit b57ecf33e6
63 changed files with 432 additions and 546 deletions
--- a/lib/middleware.js
+++ b/lib/middleware.js
@@ -6,6 +6,7 @@ import { findSession } from 'lib/session';
 import { getAuthToken, parseShareToken } from 'lib/auth';
 import { secret } from 'lib/crypto';
 import redis from 'lib/redis';
+import { ROLES } from 'lib/constants';
 import { getUser } from '../queries';

 const log = debug('umami:middleware');
@@ -45,6 +46,10 @@ export const useAuth = createMiddleware(async (req, res, next) => {
    return unauthorized(res);
  }

+  if (user) {
+    user.isAdmin = user.role === ROLES.admin;
+  }
+
  req.auth = { user, token, shareToken, key };
  next();
 });