Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
yotta
/
pictogram
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
60
Merge Requests
0
Pipelines
Wiki
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
978e2490
authored
Jan 29, 2017
by
Arturo Montejo Ráez
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
problem with isSupervisorOfStudentOrIsSupAdmin fixed
parent
fac1eb02
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
14 additions
and
18 deletions
sails/src/api/models/Student.js
sails/src/api/policies/isSupervisorOfStudentOrIsSupAdmin.js
sails/src/api/models/Student.js
View file @
978e2490
...
...
@@ -266,7 +266,6 @@ module.exports = {
// student
supervisors
:
function
(
id_stu
,
callback
)
{
StuSup
.
find
({
id_stu
:
id_stu
}).
populate
(
'supervisor'
).
exec
(
function
(
err
,
stuSups
)
{
if
(
err
)
return
callback
(
err
,
[]);
if
(
!
stuSups
||
stuSups
.
length
==
0
)
...
...
sails/src/api/policies/isSupervisorOfStudentOrIsSupAdmin.js
View file @
978e2490
...
...
@@ -6,33 +6,30 @@ module.exports = function isSupervisorOfStudentOrIsSupAdmin(req, res, next) {
if
(
!
studentId
||
!
supervisorId
)
{
sails
.
log
.
error
(
'This request needs an id_stu parameter and a authenticated supervisor'
);
res
.
json
(
401
,
{
error
:
'Access denied'
});
re
turn
re
s
.
json
(
401
,
{
error
:
'Access denied'
});
}
else
{
Student
.
findOne
(
studentId
)
.
then
(
function
(
s
)
{
if
(
s
.
office
==
req
.
token
.
office
.
id
&&
req
.
token
.
isSupAdmin
)
{
if
(
req
.
token
.
office
&&
s
.
office
==
req
.
token
.
office
.
id
&&
req
.
token
.
isSupAdmin
)
next
();
}
else
{
Student
.
supervisors
(
studentId
,
function
(
err
,
sups
)
{
const
studentSupervisorsIds
=
sups
.
map
((
studentSupervisor
)
=>
studentSupervisor
.
id
);
if
(
err
)
return
res
.
json
(
401
,
{
error
:
'Access denied'
});
var
supIds
=
sups
.
map
((
studentSupervisor
)
=>
studentSupervisor
.
id
);
if
(
supIds
.
indexOf
(
supervisorId
)
>=
0
)
return
next
();
if
(
err
||
studentSupervisorsIds
.
length
===
0
)
{
sails
.
log
.
error
(
`Student
${
studentId
}
has no supervisor assigned`
);
res
.
json
(
401
,
{
error
:
'Access denied'
});
}
else
if
(
studentSupervisorsIds
.
indexOf
(
supervisorId
)
<
0
)
{
sails
.
log
.
error
(
`Supervisor
${
supervisorId
}
is not assigned to Student
${
studentId
}
`
);
sails
.
log
.
debug
(
`Student supervisors:
${
studentSupervisorsIds
}
`
);
res
.
json
(
401
,
{
error
:
'Access denied'
});
}
else
{
sails
.
log
.
debug
(
`Supervisor
${
supervisorId
}
is assigned to Student
${
studentId
}
`
);
next
();
}
})
sails
.
log
.
error
(
`Supervisor
${
supervisorId
}
is not assigned to Student
${
studentId
}
`
);
return
res
.
json
(
401
,
{
error
:
'Access denied'
});
});
}
})
.
catch
((
err
)
=>
{
res
.
json
(
401
,
{
error
:
"No student found"
})
sails
.
log
.
error
(
JSON
.
stringify
(
err
));
return
res
.
json
(
401
,
{
error
:
"No student found"
})
});
}
};
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
