From fc7550658dea84be1c3564f70fa8eeb6436f4330 Mon Sep 17 00:00:00 2001
From: Dudley Carr <dudley.carr@gmail.com>
Date: Thu, 28 Sep 2023 15:57:49 -0700
Subject: [PATCH] fix: add admin check for topic/node thombstone endpoint

---
 nsqadmin/http.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nsqadmin/http.go b/nsqadmin/http.go
index 06c65b7b1..e4b8c10db 100644
--- a/nsqadmin/http.go
+++ b/nsqadmin/http.go
@@ -408,6 +408,10 @@ func (s *httpServer) nodeHandler(w http.ResponseWriter, req *http.Request, ps ht
 func (s *httpServer) tombstoneNodeForTopicHandler(w http.ResponseWriter, req *http.Request, ps httprouter.Params) (interface{}, error) {
 	var messages []string
 
+	if !s.isAuthorizedAdminRequest(req) {
+		return nil, http_api.Err{403, "FORBIDDEN"}
+	}
+
 	node := ps.ByName("node")
 
 	var body struct {