let XDate = require('xdate')
return async env => {
- let post_request = await _require('/_lib/post_request.jst')
+ let get_account = await _require('/_lib/get_account.jst')
let get_session = await _require('/_lib/get_session.jst')
+ let post_request = await _require('/_lib/post_request.jst')
let Problem = await _require('/_lib/Problem.jst')
await post_request(
async () => {
let transaction = await env.site.database.Transaction()
try {
- // initialize env.session_key, set cookie in env.response
- await get_session(env, transaction)
- if (env.signed_in_as === null)
+ let account = await get_account(
+ env,
+ transaction,
+ await get_session(env, transaction)
+ )
+ if (account === undefined)
throw new Problem('Unauthorized', 'Please sign in first.', 401)
-
- let root = await transaction.get({})
- let account = await (
- await root.get('accounts', {})
- ).get(env.signed_in_as)
if (!await account.get_json('administrator'))
throw new Problem('Unauthorized', 'Not administrator.', 401)
- globals = await root.get_json('globals', {})
+ globals = await (await transaction.get({})).get_json('globals', {})
await transaction.commit()
return globals