17 lines
406 B
TypeScript
17 lines
406 B
TypeScript
import { jsonError } from "../../common.js";
|
|
|
|
export async function onRequest(context: RequestContext) {
|
|
const { current_user: user } = context.data;
|
|
|
|
if (!user) return jsonError("Unauthorized", 401);
|
|
|
|
if (
|
|
typeof [0, 2, 4, 5, 6, 7, 9, 10, 11, 12].find(
|
|
(i) => user.permissions & (1 << i),
|
|
) === "undefined"
|
|
)
|
|
return jsonError("Forbidden", 403);
|
|
|
|
return await context.next();
|
|
}
|