From 30a2b301eb1f19a8f1c3f65681766d4625ddb750 Mon Sep 17 00:00:00 2001
From: Miodec <jack@monkeytype.com>
Date: Mon, 17 Jul 2023 14:19:23 +0200
Subject: [PATCH] checking if user is admin instead

---
 backend/src/api/routes/configuration.ts | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/backend/src/api/routes/configuration.ts b/backend/src/api/routes/configuration.ts
index c8d56c14e..17df5bf95 100644
--- a/backend/src/api/routes/configuration.ts
+++ b/backend/src/api/routes/configuration.ts
@@ -2,7 +2,7 @@ import joi from "joi";
 import { Router } from "express";
 import {
   asyncHandler,
-  checkUserPermissions,
+  checkIfUserIsAdmin,
   useInProduction,
   validateRequest,
 } from "../../middlewares/api-utils";
@@ -12,18 +12,17 @@ import { adminLimit } from "../../middlewares/rate-limit";
 
 const router = Router();
 
-const checkIfUserIsConfigurationMod = checkUserPermissions({
-  criteria: (user) => {
-    return !!user.configurationMod;
-  },
-});
-
 router.get("/", asyncHandler(ConfigurationController.getConfiguration));
 
 router.patch(
   "/",
   adminLimit,
-  useInProduction([authenticateRequest(), checkIfUserIsConfigurationMod]),
+  useInProduction([
+    authenticateRequest({
+      noCache: true,
+    }),
+    checkIfUserIsAdmin(),
+  ]),
   validateRequest({
     body: {
       configuration: joi.object(),
@@ -35,7 +34,12 @@ router.patch(
 router.get(
   "/schema",
   adminLimit,
-  useInProduction([authenticateRequest(), checkIfUserIsConfigurationMod]),
+  useInProduction([
+    authenticateRequest({
+      noCache: true,
+    }),
+    checkIfUserIsAdmin(),
+  ]),
   asyncHandler(ConfigurationController.getSchema)
 );