fix: regex percorsi editor senza bypass prefisso
This commit is contained in:
+1
-1
@@ -50,7 +50,7 @@ export function logout(db: Database.Database, token: string): void {
|
||||
}
|
||||
|
||||
// Percorsi admin consentiti anche al ruolo editor.
|
||||
const EDITOR_ALLOWED = [/^\/admin\/content(\/|$)?/, /^\/api\/admin\/content(\/|$)/, /^\/admin\/logout$/];
|
||||
const EDITOR_ALLOWED = [/^\/admin\/content(\/|$)/, /^\/api\/admin\/content(\/|$)/, /^\/admin\/logout$/];
|
||||
|
||||
export function canAccessAdminPath(role: string, pathname: string): boolean {
|
||||
if (role === 'admin') return true;
|
||||
|
||||
Reference in New Issue
Block a user