mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-11-29 07:09:48 +03:00
d81bc91bd2
refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
32 lines
1.0 KiB
JavaScript
32 lines
1.0 KiB
JavaScript
var errors = require('../errors'),
|
|
labs = require('../utils/labs'),
|
|
i18n = require('../i18n'),
|
|
authorize;
|
|
|
|
authorize = {
|
|
// Workaround for missing permissions
|
|
// TODO: rework when https://github.com/TryGhost/Ghost/issues/3911 is done
|
|
requiresAuthorizedUser: function requiresAuthorizedUser(req, res, next) {
|
|
if (req.user && req.user.id) {
|
|
return next();
|
|
} else {
|
|
return next(new errors.NoPermissionError({message: i18n.t('errors.middleware.auth.pleaseSignIn')}));
|
|
}
|
|
},
|
|
|
|
// ### Require user depending on public API being activated.
|
|
requiresAuthorizedUserPublicAPI: function requiresAuthorizedUserPublicAPI(req, res, next) {
|
|
if (labs.isSet('publicAPI') === true) {
|
|
return next();
|
|
} else {
|
|
if (req.user && req.user.id) {
|
|
return next();
|
|
} else {
|
|
return next(new errors.NoPermissionError({message: i18n.t('errors.middleware.auth.pleaseSignIn')}));
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
module.exports = authorize;
|