Browse Source

Email testing wasn't authenticated. Oops.

master
Zed A. Shaw 1 week ago
parent
commit
a108fcb040
  1. 15
      api/admin/email.js

15
api/admin/email.js

@ -1,6 +1,5 @@
import logging from '../../lib/logging.js';
import assert from 'assert';
import { API } from '../../lib/api.js';
import { developer_admin, API } from '../../lib/api.js';
import { company } from '../../emails/config.js';
import { get_config, dns_check, send_email, load_templates } from '../../lib/email.js';
@ -100,6 +99,10 @@ export const get = async (req, res) => {
const rules = { domain_name: "required"}
const form = api.validate(rules);
if(!api.admin_authenticated) {
return api.error(401, "Admin rights required.");
}
try {
if(form._valid) {
const dns = await dns_check(form.domain_name);
@ -116,6 +119,8 @@ export const get = async (req, res) => {
}
}
get.authenticated = !developer_admin;
const send_test = async (email) => {
try {
const test_email = await load_templates("test");
@ -138,6 +143,10 @@ export const post = async (req, res) => {
const rules = { to_address: "required|email" }
const api = new API(req, res);
if(!api.admin_authenticated) {
return api.error(401, "Admin rights required.");
}
try {
const form = api.validate(rules);
@ -158,3 +167,5 @@ export const post = async (req, res) => {
return api.error(500, error.message || "Internal Server Error");
}
}
post.authenticated = !developer_admin;

Loading…
Cancel
Save