function authenticateForAdminOnlyApi()

in src/server/middleware/authenticated.js [38:65]

• 26 lines of code
• 10 McCabe index (conditional complexity)

function authenticateForAdminOnlyApi(req, res, next) {
    passport.authenticate('token', { session: false }, function (err, user) {
        if (err) {
            return next(err)
        }
        if (!user) {
            return res.status(401).json({ message: 'Incorrect token credentials' })
        }
        if (!utils.couldBeAdmin(user.login) || (req.args.org && user.scope.indexOf('admin:org_hook') < 0)) {
            return res.status(403).json({ message: 'Must have admin:org_hook permission scope' })
        }
        let promises = []
        if (req.args.owner && req.args.repo) {
            promises.push(utils.checkRepoPushPermissionByName(req.args.repo, req.args.owner, user.token))
        }
        if (req.args.org) {
            promises.push(utils.checkOrgAdminPermission(req.args.org, user.login, user.token))
        }

        return q.all(promises).then(function () {
            req.user = user
            next()
        }).catch(function (error) {
            return res.status(403).json({ message: error.message || error })
        })

    })(req, res)
}