Skip to content

yotta / pictogram

Go to a project
Commit b0215055 by Arturo Montejo Ráez
Options

GET /office/get/:id/supervisors working

parent e9ada63d
Inline Side-by-side
Showing with 4 additions and 3 deletions
sails/src/api/controllers/OfficeController.js
...@@ -144,15 +144,16 @@ module.exports = { ...@@ -144,15 +144,16 @@ module.exports = {
.populate('student') .populate('student')
.then((stusups) => { .then((stusups) => {
var sup_obj = sup.toObject(); var sup_obj = sup.toObject();
sup_obj.students = stusups.map((stusup) => {return stusup.student}); sup_obj.students = stusups.map((stusup) => {return stusup.student;});
sups.push(sup_obj); sups.push(sup_obj);
next();
}) })
.catch((err) => next(err)); .catch((err) => next(err));
}, },
function(err) { function(err) {
if (err) if (err)
return res.serverError("Unable to get students"); return res.serverError("Unable to get students");
return res.ok(sups); return res.ok(sups);
}); });
}) })
.catch(function () { .catch(function () {
......
sails/src/api/policies/isAdminOrIsSupAdmin.js
...@@ -3,7 +3,7 @@ module.exports = function isAdmin (req, res, next) { ...@@ -3,7 +3,7 @@ module.exports = function isAdmin (req, res, next) {
// //
// Only if the user that has connected is global administrator (Yotta employee) // Only if the user that has connected is global administrator (Yotta employee)
// //
if (!req.token || !(req.token.isAdmin || req.token.isSupAdmin)) if (!req.token || !req.token.isAdmin && !req.token.isSupAdmin)
res.json(401, {error: 'Access denied'}); res.json(401, {error: 'Access denied'});
// Finally, if the user has a clean record, we'll call the `next()` function // Finally, if the user has a clean record, we'll call the `next()` function
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment