9 lines
261 B
JavaScript
9 lines
261 B
JavaScript
// utils/access.js
|
|
exports.requireAccess = (...allowed) => {
|
|
return (req, res, next) => {
|
|
if (!req.user || !allowed.includes(req.user.access_level)) {
|
|
return res.status(403).json({ error: '접근 권한이 없습니다' });
|
|
}
|
|
next();
|
|
};
|
|
}; |