Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
limit: req.query.limit || 100,
sort: {
updatedAt: -1
}
};
if (!checkUserAccessLevel(req.user.role, accessLevels.root)) {
//non root user limitations
select.deleted = -1;
select.loginCounter = -1;
select.settings = -1;
select.beerCounter = -1;
select.lastLogin = -1;
select.lastIp = -1;
select["telegram.id"] = -1;
select["telegram.enabled"] = 1;
select["telegram.username"] = -1;
select["telegram.first_name"] = -1;
select["telegram.last_name"] = -1;
select["telegram.language_code"] = -1;
query.deleted = false;
}
if (!id) {
DB.User.find(query, select, options, (err, users) => {
if (err) {
console.error(err);
return res.sendStatus(500);
}
res.send(users);
});
} else {
query._id = id;
DB.User.findOne(query, select, (err, user) => {