From dd039b0fd68155a0cfbcf777d2c404704bea5a1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Wed, 28 Jun 2023 21:47:24 +0200
Subject: [PATCH] Security => Add teaching staff permission check

---
 ExpressAPI/src/middlewares/SecurityMiddleware.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ExpressAPI/src/middlewares/SecurityMiddleware.ts b/ExpressAPI/src/middlewares/SecurityMiddleware.ts
index 6e895eb..67c03bd 100644
--- a/ExpressAPI/src/middlewares/SecurityMiddleware.ts
+++ b/ExpressAPI/src/middlewares/SecurityMiddleware.ts
@@ -33,6 +33,9 @@ class SecurityMiddleware {
                 for ( let checkType of checkTypes ) {
                     try {
                         switch ( checkType ) {
+                            case SecurityCheckType.TEACHING_STAFF:
+                                isAllowed = isAllowed || req.session.profile.isTeachingStaff;
+                                break;
                             default:
                                 isAllowed = isAllowed || false;
                                 break;
-- 
GitLab