diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2018-08-14 01:05:58 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2018-08-14 01:05:58 +0900 |
| commit | 9021bb5694bbe31cbff09d25d5d610fef0cfdda9 (patch) | |
| tree | 5ac13ce2d4ec309dc7e925929404485e21a85c8b /src/server/api/call.ts | |
| parent | Merge pull request #2189 from syuilo/patch-1 (diff) | |
| download | sharkey-9021bb5694bbe31cbff09d25d5d610fef0cfdda9.tar.gz sharkey-9021bb5694bbe31cbff09d25d5d610fef0cfdda9.tar.bz2 sharkey-9021bb5694bbe31cbff09d25d5d610fef0cfdda9.zip | |
wip
Diffstat (limited to 'src/server/api/call.ts')
| -rw-r--r-- | src/server/api/call.ts | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/server/api/call.ts b/src/server/api/call.ts index 1d0e858762..e4bb30b695 100644 --- a/src/server/api/call.ts +++ b/src/server/api/call.ts @@ -1,6 +1,6 @@ import { performance } from 'perf_hooks'; import limitter from './limitter'; -import { IUser } from '../../models/user'; +import { IUser, isLocalUser } from '../../models/user'; import { IApp } from '../../models/app'; import endpoints from './endpoints'; @@ -21,6 +21,10 @@ export default (endpoint: string, user: IUser, app: IApp, data: any, file?: any) return rej('YOUR_ACCOUNT_HAS_BEEN_SUSPENDED'); } + if (ep.meta.requireAdmin && !(isLocalUser(user) && user.isAdmin)) { + return rej('YOU_ARE_NOT_ADMIN'); + } + if (app && ep.meta.kind) { if (!app.permission.some(p => p === ep.meta.kind)) { return rej('PERMISSION_DENIED'); @@ -53,7 +57,7 @@ export default (endpoint: string, user: IUser, app: IApp, data: any, file?: any) const time = after - before; if (time > 1000) { - console.warn(`SLOW API CALL DETECTED: ${ep.name} (${ time }ms)`); + console.warn(`SLOW API CALL DETECTED: ${ep.name} (${time}ms)`); } } catch (e) { rej(e); |