From 8e2483b2e6a60d0423fcf48aff158c453686c375 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Wed, 11 Mar 2015 10:32:49 -0400 Subject: [PATCH] fixed #2849 --- src/middleware/middleware.js | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js index 34d2a79870..c4c4e6d792 100644 --- a/src/middleware/middleware.js +++ b/src/middleware/middleware.js @@ -154,17 +154,9 @@ middleware.checkAccountPermissions = function(req, res, next) { }; middleware.isAdmin = function(req, res, next) { - function render() { - if (res.locals.isAPI) { - return controllers.helpers.notAllowed(req, res); - } - - middleware.buildHeader(req, res, function() { - controllers.helpers.notAllowed(req, res); - }); - } if (!req.user) { - return render(); + req.session.returnTo = nconf.get('relative_path') + req.url.replace(/^\/api/, ''); + return controllers.helpers.redirect(res, '/login'); } user.isAdministrator((req.user && req.user.uid) ? req.user.uid : 0, function (err, isAdmin) { @@ -172,7 +164,13 @@ middleware.isAdmin = function(req, res, next) { return next(err); } - render(); + if (res.locals.isAPI) { + return controllers.helpers.notAllowed(req, res); + } + + middleware.buildHeader(req, res, function() { + controllers.helpers.notAllowed(req, res); + }); }); };