working on supervisors view for office admin

90a42e40 · Arturo Montejo Ráez · 6b502290 · 90a42e40 · 90a42e40 · 90a42e40
Commit 90a42e40 authored Jan 30, 2017 by Arturo Montejo Ráez
Showing with 38 additions and 12 deletions
sails/src/api/controllers/OfficeController.js
sails/src/api/models/Office.js
sails/src/api/policies/isAdminOrIsSupAdmin.js
sails/src/config/policies.js
--- a/sails/src/api/controllers/OfficeController.js
+++ b/sails/src/api/controllers/OfficeController.js
@@ -135,14 +135,28 @@ module.exports = {
    .findOne({ id: req.params.id })
    .populate('supervisors')
    .then(function (office) {
-      if (office) {
-        res.ok(office.supervisors);
-      } else {
-        res.notFound();
-      }
+      if (!office)
+        return res.notFound();
+      var sups = [];
+      async.eachSeries(office.supervisors,
+        function(sup, next) {
+          StuSup.find({id_sup: sup.id})
+          .populate('student')
+          .then((stusups) => {
+            var sup_obj = sup.toObject();
+            sup_obj.students = stusups.map((stusup) => {return stusup.student});
+            sups.push(sup_obj);
+          })
+          .catch((err) => next(err));
+        },
+        function(err) {
+          if (err)
+            return res.serverError("Unable to get students");
+            return res.ok(sups);
+      });
    })
    .catch(function () {
-      res.badRequest();
+      return res.badRequest();
    });
  },
 };
--- a/sails/src/api/models/Office.js
+++ b/sails/src/api/models/Office.js
@@ -13,7 +13,7 @@ module.exports = {
  autoPK        : false,
  autoCreatedAt : false,
  autoUpdatedAt : false,
-  
+
  attributes: {
    id: {
      type: "integer",
@@ -32,9 +32,9 @@ module.exports = {
      size: 80
    },
    logo_url: {
-	required: true,
-	type: "string",
-	size: 240
+    	required: true,
+    	type: "string",
+    	size: 240
    },
    contactPerson: {
      columnName: "contact_person",
@@ -79,7 +79,7 @@ module.exports = {
      required: false
      //type: 'integer'
    },
-    // Relación con Teacher. [1 Office to N Teacher] 
+    // Relación con Teacher. [1 Office to N Teacher]
    supervisors: {
      collection: "Supervisor",
      via: 'office'

--- a/sails/src/api/policies/isAdminOrIsSupAdmin.js
+++ b/sails/src/api/policies/isAdminOrIsSupAdmin.js
+module.exports = function isAdmin (req, res, next) {
+
+  //
+  // Only if the user that has connected is global administrator (Yotta employee)
+  //
+  if (!req.token || !(req.token.isAdmin  || req.token.isSupAdmin))
+    res.json(401, {error: 'Access denied'});
+
+  // Finally, if the user has a clean record, we'll call the `next()` function
+  // to let them through to the next policy or our controller
+  next();
+};
--- a/sails/src/config/policies.js
+++ b/sails/src/config/policies.js
@@ -63,7 +63,7 @@ module.exports.policies = {
    getAll: true,
    get: ['tokenAuth'],
    getBasic: true,
-    supervisors: ['tokenAuth', 'isAdmin']
+    supervisors: ['tokenAuth', 'isAdminOrIsSupAdmin']
  },

  PictoController: {