From 3567330799e948533c468a9bf41416cee4b06756 Mon Sep 17 00:00:00 2001
From: Ryan Blenis <ryan.blenis@gmail.com>
Date: Tue, 5 Nov 2019 04:17:10 -0500
Subject: [PATCH] Pass through user info, plugin dev's can handle their own
 permissions.

---
 pluginHandler.js | 8 ++++----
 webserver.js     | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/pluginHandler.js b/pluginHandler.js
index 7ea2c6e5..fddc3f03 100644
--- a/pluginHandler.js
+++ b/pluginHandler.js
@@ -383,22 +383,22 @@ module.exports.pluginHandler = function (parent) {
         });
     };
     
-    obj.handleAdminReq = function (req, res, serv) {
+    obj.handleAdminReq = function (req, res, user, serv) {
         var path = obj.path.join(obj.pluginPath, req.query.pin, 'views');
         serv.app.set('views', path);
         if (obj.plugins[req.query.pin] != null && typeof obj.plugins[req.query.pin].handleAdminReq == 'function') {
-            obj.plugins[req.query.pin].handleAdminReq(req, res);
+            obj.plugins[req.query.pin].handleAdminReq(req, res, user);
         }
         else {
             res.sendStatus(401);
         }
     }
     
-    obj.handleAdminPostReq = function(req, res, serv) {
+    obj.handleAdminPostReq = function(req, res, user, serv) {
         var path = obj.path.join(obj.pluginPath, req.query.pin, 'views');
         serv.app.set('views', path);
         if (obj.plugins[req.query.pin] != null && typeof obj.plugins[req.query.pin].handleAdminPostReq == 'function') {
-            obj.plugins[req.query.pin].handleAdminPostReq(req, res);
+            obj.plugins[req.query.pin].handleAdminPostReq(req, res, user);
         }
         else {
             res.sendStatus(401);
diff --git a/webserver.js b/webserver.js
index 6587d915..8aeb33e8 100644
--- a/webserver.js
+++ b/webserver.js
@@ -3196,7 +3196,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
         var user = obj.users[req.session.userid];
         if ((user == null) || ((user.siteadmin & 0xFFFFFFFF) == 0)) { res.sendStatus(401); return; }
         
-        parent.pluginHandler.handleAdminReq(req, res, obj);
+        parent.pluginHandler.handleAdminReq(req, res, user, obj);
     }
     
     obj.handlePluginAdminPostReq = function(req, res) {
@@ -3206,7 +3206,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
         var user = obj.users[req.session.userid];
         if ((user == null) || ((user.siteadmin & 0xFFFFFFFF) == 0)) { res.sendStatus(401); return; }
         
-        parent.pluginHandler.handleAdminPostReq(req, res, obj);
+        parent.pluginHandler.handleAdminPostReq(req, res, user, obj);
     }
 
     // Starts the HTTPS server, this should be called after the user/mesh tables are loaded