working on issue #269

sails/src/api/controllers/StudentController.js

@@ -798,25 +798,28 @@ module.exports = {
 
 		sails.log.debug("Inside actions_batch");
 
+		if (!params.actions)
+			return res.json(400, {'error': "no actions"});
+
 		// We loop through the actions and store them in the database
 		async.forEach(params.actions, function(action, cb){
 		    var id_dev = null;
 		    if (action.attributes.id_dev) 
-			var id_dev = action.attributes.id_dev;
+				id_dev = action.attributes.id_dev;
 		    
 		    var id_sup = null;
 		    if(action.attributes.id_sup) 
-			id_sup = action.attributes.sup; 
+				id_sup = action.attributes.sup; 
 
 		    var id_stu = null;
-		    if(action.attributes.id_stu) 
-			id_stu = action.attributes.id_stu;
+		    if (action.attributes.id_stu) 
+				id_stu = action.attributes.id_stu;
 
 		    var desc = null;
-	      	    if(action.attributes.picto) 
+	      	if(action.attributes.picto) 
 	      		desc = action.attributes.picto; // select, add and delete actions data
 	      	
-	      	    if(action.attributes.pictos) 
+	      	if(action.attributes.pictos) 
 	      		desc = action.attributes.pictos; // show action data
 		   
 			Action.create({
@@ -827,19 +830,23 @@ module.exports = {
 			    device: id_dev,
 			    description: desc
 			}).exec(function (err, created) {
-			    if (err)
-				sails.log.error(err.details);
+			    if (err) {
+			    	console.log(err.details);
+					sails.log.error(err.details);
+					return cb(err);
+				}
 			    else if (created)
-				count++;
+					count++;
 			    cb();
 			});
 		},
-                function(err) { // function called when loop is done
+        function(err) { // function called when loop is done
 		    if (err) {
-			sails.log.error(err.details);
-			res.json({'error': err.details});
+		    	console.log(err.details);
+				sails.log.error(err.details);
+				return res.json({'error': err.details});
 		    } else
-			res.json({'result': 'Ok', 'total': count});
+				return res.json({'result': 'Ok', 'total': count});
 		});
 	},
 

sails/src/api/policies/tokenAuth.js

 module.exports = function(req, res, next) {
-  var token;
+  var token = null;
 
   //
   // Token comes in the header
@@ -8,11 +8,10 @@ module.exports = function(req, res, next) {
     var parts = req.headers.authorization.split(' ');
     if (parts.length == 2) {
       var scheme = parts[0],
-        credentials = parts[1];
+          credentials = parts[1];
 
-      if (/^Bearer$/i.test(scheme)) {
+      if (/^Bearer$/i.test(scheme))
         token = credentials;
-      }
     } else {
       return res.json(401, {err: 'Format is Authorization: Bearer [token]'});
     }
@@ -24,7 +23,7 @@ module.exports = function(req, res, next) {
     token = req.param('token');
     // We delete the token from param to not mess with blueprints
     delete req.query.token;
-  } else {
+  } else { // No token provided
     return res.json(401, {err: 'No Authorization header was found'});
   }
   
@@ -32,7 +31,7 @@ module.exports = function(req, res, next) {
   // We have a token, let's verify it
   //
   sailsTokenAuth.verifyToken(token, function(err, token) {
-    if (err) return res.json(401, {err: 'Invalid token'});
+    if (err) return res.json(401, {err: 'Invalid token ' + token});
     req.token = token;
     next();
   });