From b68861d95dfd51123a142510c2abac3a2065ca3f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Thu, 6 Jul 2023 14:15:19 +0200
Subject: [PATCH] SecurityCheck => Add check if user is in enonce's staff

---
 ExpressAPI/src/middlewares/SecurityMiddleware.ts | 4 ++++
 ExpressAPI/src/types/SecurityCheckType.ts        | 1 +
 2 files changed, 5 insertions(+)

diff --git a/ExpressAPI/src/middlewares/SecurityMiddleware.ts b/ExpressAPI/src/middlewares/SecurityMiddleware.ts
index 62030f9..4beeee7 100644
--- a/ExpressAPI/src/middlewares/SecurityMiddleware.ts
+++ b/ExpressAPI/src/middlewares/SecurityMiddleware.ts
@@ -3,6 +3,7 @@ import { StatusCodes }   from 'http-status-codes';
 import SecurityCheckType from '../types/SecurityCheckType';
 import logger            from '../shared/logging/WinstonLogger';
 import ApiRequest        from '../types/ApiRequest';
+import EnonceManager     from '../managers/EnonceManager';
 
 
 class SecurityMiddleware {
@@ -24,6 +25,9 @@ class SecurityMiddleware {
                             case SecurityCheckType.TEACHING_STAFF:
                                 isAllowed = isAllowed || req.session.profile.isTeachingStaff;
                                 break;
+                            case SecurityCheckType.ENONCE_STAFF:
+                                isAllowed = isAllowed || await EnonceManager.isUserAllowedToAccessEnonce(req.boundParams.enonce, req.session.profile);
+                                break;
                             default:
                                 isAllowed = isAllowed || false;
                                 break;
diff --git a/ExpressAPI/src/types/SecurityCheckType.ts b/ExpressAPI/src/types/SecurityCheckType.ts
index 38e59c2..32a1592 100644
--- a/ExpressAPI/src/types/SecurityCheckType.ts
+++ b/ExpressAPI/src/types/SecurityCheckType.ts
@@ -1,5 +1,6 @@
 enum SecurityCheckType {
     TEACHING_STAFF = 'teachingStaff',
+    ENONCE_STAFF   = 'enonceStaff'
 }
 
 
-- 
GitLab