mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 17:05:18 +00:00
48f86b21b1
* create admin/generate-license page * create generate-license-key action, update routes, policies, importer, regenerate cloud-sdk * update layouts * use moment * Update view-generate-license.js * Fixing lint errors * Update generate-license-key.js * Update redirects in is-super-admin policy * redirect super admins to the license generator * Update login form * requested changes from mike-j-thomas * Update generate-license.page.js * Update is-super-admin.js * Update view-login.js * Update generate-license-key.js * Update generate-license-key.js * use naming convention for js timestamps * validTo » expiresAt Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
35 lines
1.1 KiB
JavaScript
Vendored
35 lines
1.1 KiB
JavaScript
Vendored
/**
|
|
* is-super-admin
|
|
*
|
|
* A simple policy that blocks requests from non-super-admins.
|
|
*
|
|
* For more about how to use policies, see:
|
|
* https://sailsjs.com/config/policies
|
|
* https://sailsjs.com/docs/concepts/policies
|
|
* https://sailsjs.com/docs/concepts/policies/access-control-and-permissions
|
|
*/
|
|
module.exports = async function (req, res, proceed) {
|
|
|
|
// First, check whether the request comes from a logged-in user.
|
|
// > For more about where `req.me` comes from, check out this app's
|
|
// > custom hook (`api/hooks/custom/index.js`).
|
|
if (!req.me) {
|
|
// Rather than use the standard res.unauthorized(), if the request did not come from a logged-in user,
|
|
// we'll redirect them to an generic version of the customer login page.
|
|
if (req.wantsJSON) {
|
|
return res.sendStatus(401);
|
|
} else {
|
|
return res.redirect('/customers/login?admin');
|
|
}
|
|
}//•
|
|
|
|
// Then check that this user is a "super admin".
|
|
if (!req.me.isSuperAdmin) {
|
|
return res.forbidden();
|
|
}//•
|
|
|
|
// IWMIH, we've got ourselves a "super admin".
|
|
return proceed();
|
|
|
|
};
|