working on supervisors view for office admin

parent 6b502290
...@@ -135,14 +135,28 @@ module.exports = { ...@@ -135,14 +135,28 @@ module.exports = {
.findOne({ id: req.params.id }) .findOne({ id: req.params.id })
.populate('supervisors') .populate('supervisors')
.then(function (office) { .then(function (office) {
if (office) { if (!office)
res.ok(office.supervisors); return res.notFound();
} else { var sups = [];
res.notFound(); async.eachSeries(office.supervisors,
} function(sup, next) {
StuSup.find({id_sup: sup.id})
.populate('student')
.then((stusups) => {
var sup_obj = sup.toObject();
sup_obj.students = stusups.map((stusup) => {return stusup.student});
sups.push(sup_obj);
})
.catch((err) => next(err));
},
function(err) {
if (err)
return res.serverError("Unable to get students");
return res.ok(sups);
});
}) })
.catch(function () { .catch(function () {
res.badRequest(); return res.badRequest();
}); });
}, },
}; };
...@@ -13,7 +13,7 @@ module.exports = { ...@@ -13,7 +13,7 @@ module.exports = {
autoPK : false, autoPK : false,
autoCreatedAt : false, autoCreatedAt : false,
autoUpdatedAt : false, autoUpdatedAt : false,
attributes: { attributes: {
id: { id: {
type: "integer", type: "integer",
...@@ -32,9 +32,9 @@ module.exports = { ...@@ -32,9 +32,9 @@ module.exports = {
size: 80 size: 80
}, },
logo_url: { logo_url: {
required: true, required: true,
type: "string", type: "string",
size: 240 size: 240
}, },
contactPerson: { contactPerson: {
columnName: "contact_person", columnName: "contact_person",
...@@ -79,7 +79,7 @@ module.exports = { ...@@ -79,7 +79,7 @@ module.exports = {
required: false required: false
//type: 'integer' //type: 'integer'
}, },
// Relación con Teacher. [1 Office to N Teacher] // Relación con Teacher. [1 Office to N Teacher]
supervisors: { supervisors: {
collection: "Supervisor", collection: "Supervisor",
via: 'office' via: 'office'
......
module.exports = function isAdmin (req, res, next) {
//
// Only if the user that has connected is global administrator (Yotta employee)
//
if (!req.token || !(req.token.isAdmin || req.token.isSupAdmin))
res.json(401, {error: 'Access denied'});
// Finally, if the user has a clean record, we'll call the `next()` function
// to let them through to the next policy or our controller
next();
};
...@@ -63,7 +63,7 @@ module.exports.policies = { ...@@ -63,7 +63,7 @@ module.exports.policies = {
getAll: true, getAll: true,
get: ['tokenAuth'], get: ['tokenAuth'],
getBasic: true, getBasic: true,
supervisors: ['tokenAuth', 'isAdmin'] supervisors: ['tokenAuth', 'isAdminOrIsSupAdmin']
}, },
PictoController: { PictoController: {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment