2015-06-29 19:14:43 -07:00
|
|
|
'use strict';
|
2015-06-29 15:51:29 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Module dependencies.
|
|
|
|
*/
|
|
|
|
var mongoose = require('mongoose'),
|
|
|
|
errorHandler = require('./errors.server.controller'),
|
|
|
|
Form = mongoose.model('Form'),
|
|
|
|
FormSubmission = mongoose.model('FormSubmission'),
|
2015-10-31 17:32:37 -07:00
|
|
|
pdfFiller = require('pdffiller'),
|
2015-06-29 15:51:29 -07:00
|
|
|
config = require('../../config/config'),
|
|
|
|
fs = require('fs-extra'),
|
|
|
|
async = require('async'),
|
2015-07-01 16:14:39 -07:00
|
|
|
path = require('path'),
|
2015-06-29 15:51:29 -07:00
|
|
|
_ = require('lodash');
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Upload PDF
|
|
|
|
*/
|
2015-07-02 14:49:21 -07:00
|
|
|
exports.uploadPDF = function(req, res, next) {
|
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
// console.log('inside uploadPDF');
|
2015-07-27 11:11:43 -07:00
|
|
|
|
|
|
|
// console.log(req.files.file);
|
|
|
|
// console.log('\n\nProperty Descriptor\n-----------');
|
|
|
|
// console.log(Object.getOwnPropertyDescriptor(req.files.file, 'path'));
|
2015-08-07 14:02:44 -07:00
|
|
|
|
2015-10-31 17:32:37 -07:00
|
|
|
if(req.file){
|
|
|
|
var pdfFile = req.file;
|
2015-07-02 14:49:21 -07:00
|
|
|
var _user = req.user;
|
2015-10-31 17:32:37 -07:00
|
|
|
if (req.file.size === 0) {
|
2015-07-02 14:49:21 -07:00
|
|
|
next(new Error('File uploaded is EMPTY'));
|
|
|
|
}else if(req.files.size > 200000000){
|
|
|
|
next(new Error('File uploaded exceeds MAX SIZE of 200MB'));
|
|
|
|
}else {
|
|
|
|
fs.exists(pdfFile.path, function(exists) {
|
|
|
|
//If file exists move to user's tmp directory
|
|
|
|
if(exists) {
|
|
|
|
|
|
|
|
var newDestination = config.tmpUploadPath+_user.username;
|
|
|
|
var stat = null;
|
|
|
|
try {
|
|
|
|
stat = fs.statSync(newDestination);
|
|
|
|
} catch (err) {
|
|
|
|
fs.mkdirSync(newDestination);
|
|
|
|
}
|
|
|
|
if (stat && !stat.isDirectory()) {
|
|
|
|
console.log('Directory cannot be created');
|
|
|
|
next(new Error('Directory cannot be created because an inode of a different type exists at "' + newDestination + '"'));
|
|
|
|
}
|
|
|
|
|
|
|
|
fs.move(pdfFile.path, path.join(newDestination, pdfFile.name), function (err) {
|
|
|
|
if (err) {
|
|
|
|
next(new Error(err.message));
|
|
|
|
}
|
|
|
|
pdfFile.path = path.join(newDestination, pdfFile.name);
|
2015-07-02 16:34:00 -07:00
|
|
|
console.log(pdfFile.name + ' uploaded to ' + pdfFile.path);
|
2015-07-27 11:11:43 -07:00
|
|
|
res.json(pdfFile);
|
2015-07-02 14:49:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
} else {
|
|
|
|
next(new Error('Did NOT get your file!'));
|
|
|
|
}
|
|
|
|
});
|
2015-06-29 15:51:29 -07:00
|
|
|
}
|
2015-07-01 16:14:39 -07:00
|
|
|
}else {
|
2015-07-02 14:49:21 -07:00
|
|
|
next(new Error('Uploaded files were NOT detected'));
|
2015-07-01 16:14:39 -07:00
|
|
|
}
|
2015-06-29 15:51:29 -07:00
|
|
|
};
|
|
|
|
|
2015-07-27 11:11:43 -07:00
|
|
|
/**
|
|
|
|
* Delete a forms submissions
|
|
|
|
*/
|
|
|
|
exports.deleteSubmissions = function(req, res) {
|
|
|
|
console.log(req.body);
|
2015-08-07 14:02:44 -07:00
|
|
|
|
2015-07-27 11:11:43 -07:00
|
|
|
var submission_id_list = req.body.deleted_submissions,
|
|
|
|
form = req.form;
|
|
|
|
|
|
|
|
FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){
|
|
|
|
|
|
|
|
if(err){
|
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
res.status(200).send('Form submissions successfully deleted');
|
|
|
|
});
|
|
|
|
};
|
2015-10-30 11:40:02 -07:00
|
|
|
|
2015-06-29 15:51:29 -07:00
|
|
|
/**
|
|
|
|
* Submit a form entry
|
|
|
|
*/
|
|
|
|
exports.createSubmission = function(req, res) {
|
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
var form = req.form;
|
|
|
|
// console.log('in createSubmission()');
|
|
|
|
// console.log(req.body);
|
2015-06-29 15:51:29 -07:00
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
var submission = new FormSubmission({
|
|
|
|
admin: req.form.admin._id,
|
|
|
|
form: req.form._id,
|
|
|
|
title: req.form.title,
|
2015-07-27 11:11:43 -07:00
|
|
|
form_fields: req.body.form_fields,
|
2015-08-05 22:52:59 -07:00
|
|
|
timeElapsed: req.body.timeElapsed,
|
|
|
|
percentageComplete: req.body.percentageComplete
|
2015-07-27 11:11:43 -07:00
|
|
|
});
|
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
if(form.pdf) submission.pdf = form.pdf;
|
|
|
|
|
2015-07-29 17:22:53 -07:00
|
|
|
if(req.headers['x-forwarded-for'] || req.connection.remoteAddress){
|
|
|
|
var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
|
2015-08-07 14:02:44 -07:00
|
|
|
// console.log('ip address of client is: '+ip);
|
|
|
|
// if(ip) submission.ipAddr = ip;
|
2015-07-29 17:22:53 -07:00
|
|
|
}
|
2015-06-29 19:14:43 -07:00
|
|
|
|
2015-07-01 21:54:46 -07:00
|
|
|
if(form.autofillPDFs){
|
2015-08-07 14:02:44 -07:00
|
|
|
try {
|
|
|
|
submission.fdfData = pdfFiller.convFieldJson2FDF(submission.form_fields);
|
|
|
|
} catch(err){
|
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
2015-07-03 12:25:02 -07:00
|
|
|
}
|
2015-07-27 11:11:43 -07:00
|
|
|
}else{
|
2015-08-07 14:02:44 -07:00
|
|
|
submission.fdfData = null;
|
2015-07-01 21:54:46 -07:00
|
|
|
}
|
2015-06-29 15:51:29 -07:00
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
submission.save(function(err, submission){
|
2015-10-30 13:14:48 -07:00
|
|
|
// console.log('in submissions.save()\n submission: '+JSON.stringify(submission) )
|
2015-07-27 11:11:43 -07:00
|
|
|
if(err){
|
2015-10-30 13:14:48 -07:00
|
|
|
console.log(err.message);
|
2015-07-27 11:11:43 -07:00
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
}
|
|
|
|
res.status(200).send('Form submission successfully saved');
|
|
|
|
});
|
2015-06-29 15:51:29 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
2015-06-29 23:12:32 -07:00
|
|
|
* Get List of Submissions for a given Form
|
2015-06-29 15:51:29 -07:00
|
|
|
*/
|
|
|
|
exports.listSubmissions = function(req, res) {
|
|
|
|
var _form = req.form;
|
2015-07-21 16:25:45 -07:00
|
|
|
var _user = req.user;
|
2015-10-30 11:40:02 -07:00
|
|
|
console.log('listSubmissions');
|
2015-07-21 16:25:45 -07:00
|
|
|
// console.log(_form);
|
2015-06-29 15:51:29 -07:00
|
|
|
|
2015-07-03 16:47:14 -07:00
|
|
|
// if(_form.submissions.length){
|
|
|
|
// res.json(_form.submissions);
|
|
|
|
// }else{
|
2015-10-30 11:40:02 -07:00
|
|
|
FormSubmission.find({ form: _form._id, admin: _user._id }).populate('admin', 'form').exec(function(err, _submissions) {
|
2015-07-03 12:25:02 -07:00
|
|
|
if (err) {
|
|
|
|
console.log(err);
|
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
}
|
2015-07-21 16:25:45 -07:00
|
|
|
|
|
|
|
_form.update({ $set : { submissions: _submissions }}).exec(function(err, form){
|
|
|
|
if (err) {
|
|
|
|
console.log(err);
|
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
}
|
|
|
|
res.json(_submissions);
|
|
|
|
});
|
|
|
|
// res.status(200).send('Updated forms');
|
|
|
|
|
2015-07-03 12:25:02 -07:00
|
|
|
});
|
2015-07-03 16:47:14 -07:00
|
|
|
// }
|
2015-06-29 15:51:29 -07:00
|
|
|
};
|
|
|
|
|
2015-07-02 18:40:57 -07:00
|
|
|
/**
|
|
|
|
* Create a new form
|
|
|
|
*/
|
|
|
|
exports.create = function(req, res) {
|
2015-07-06 18:21:43 -07:00
|
|
|
var form = new Form(req.body.form);
|
|
|
|
|
2015-08-07 14:02:44 -07:00
|
|
|
form.admin = req.user._id;
|
|
|
|
// console.log('Create a new form');
|
2015-07-27 11:11:43 -07:00
|
|
|
// console.log(form);
|
2015-08-07 14:02:44 -07:00
|
|
|
// console.log(req.body.form)
|
2015-07-27 11:11:43 -07:00
|
|
|
// console.log(req.user);
|
2015-07-02 18:40:57 -07:00
|
|
|
|
|
|
|
form.save(function(err) {
|
|
|
|
if (err) {
|
|
|
|
console.log(err);
|
|
|
|
res.status(400).send({
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
} else {
|
2015-07-27 11:11:43 -07:00
|
|
|
res.json(form);
|
2015-07-02 18:40:57 -07:00
|
|
|
}
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show the current form
|
|
|
|
*/
|
|
|
|
exports.read = function(req, res) {
|
2015-10-30 11:40:02 -07:00
|
|
|
var validUpdateTypes= Form.schema.path('plugins.oscarhost.settings.updateType').enumValues;
|
|
|
|
|
|
|
|
var newForm = JSON.parse(JSON.stringify(req.form));
|
|
|
|
newForm.plugins.oscarhost.settings.validUpdateTypes = validUpdateTypes;
|
|
|
|
res.json(newForm);
|
2015-07-02 18:40:57 -07:00
|
|
|
};
|
2015-06-29 15:51:29 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Update a form
|
|
|
|
*/
|
2015-07-03 16:47:14 -07:00
|
|
|
exports.update = function(req, res) {
|
2015-06-29 15:51:29 -07:00
|
|
|
var form = req.form;
|
2015-07-21 16:25:45 -07:00
|
|
|
delete req.body.form.__v;
|
|
|
|
delete req.body.form._id;
|
2015-07-27 11:11:43 -07:00
|
|
|
|
2015-07-21 16:25:45 -07:00
|
|
|
//Unless we have 'admin' priviledges, updating form admin is disabled
|
|
|
|
if(req.user.roles.indexOf('admin') === -1) delete req.body.form.admin;
|
|
|
|
|
|
|
|
form = _.extend(form, req.body.form);
|
|
|
|
|
2015-07-27 11:11:43 -07:00
|
|
|
form.save(function(err, form) {
|
2015-06-29 15:51:29 -07:00
|
|
|
if (err) {
|
|
|
|
console.log(err);
|
2015-07-01 20:50:57 -07:00
|
|
|
res.status(400).send({
|
2015-06-29 15:51:29 -07:00
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
} else {
|
2015-07-27 11:11:43 -07:00
|
|
|
res.json(form);
|
2015-06-29 15:51:29 -07:00
|
|
|
}
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete a form
|
|
|
|
*/
|
|
|
|
exports.delete = function(req, res) {
|
|
|
|
var form = req.form;
|
2015-08-07 14:02:44 -07:00
|
|
|
// console.log('deleting form');
|
2015-07-01 20:50:57 -07:00
|
|
|
Form.remove({_id: form._id}, function(err) {
|
2015-06-29 15:51:29 -07:00
|
|
|
if (err) {
|
2015-08-07 14:02:44 -07:00
|
|
|
res.status(400).send({
|
2015-07-03 12:25:02 -07:00
|
|
|
message: errorHandler.getErrorMessage(err)
|
2015-06-29 15:51:29 -07:00
|
|
|
});
|
|
|
|
} else {
|
2015-08-07 14:02:44 -07:00
|
|
|
// console.log('Form successfully deleted');
|
|
|
|
// res.status(200).send('Form successfully deleted');
|
|
|
|
res.json(form);
|
2015-06-29 15:51:29 -07:00
|
|
|
}
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
2015-07-01 19:49:35 -07:00
|
|
|
* Get All of Users' Forms
|
2015-06-29 15:51:29 -07:00
|
|
|
*/
|
|
|
|
exports.list = function(req, res) {
|
2015-07-01 19:49:35 -07:00
|
|
|
//Allow 'admin' user to view all forms
|
|
|
|
var searchObj = {admin: req.user};
|
2015-07-01 20:50:57 -07:00
|
|
|
if(req.user.isAdmin()) searchObj = {};
|
|
|
|
|
2015-07-06 18:56:38 -07:00
|
|
|
Form.find(searchObj).sort('-created').populate('admin.username', 'admin._id').exec(function(err, forms) {
|
2015-06-29 15:51:29 -07:00
|
|
|
if (err) {
|
2015-07-01 20:50:57 -07:00
|
|
|
res.status(400).send({
|
2015-06-29 15:51:29 -07:00
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
});
|
|
|
|
} else {
|
2015-07-01 20:50:57 -07:00
|
|
|
res.json(forms);
|
2015-06-29 15:51:29 -07:00
|
|
|
}
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Form middleware
|
|
|
|
*/
|
|
|
|
exports.formByID = function(req, res, next, id) {
|
|
|
|
|
|
|
|
if (!mongoose.Types.ObjectId.isValid(id)) {
|
2015-09-15 15:21:49 -07:00
|
|
|
return res.status(400).send({
|
2015-06-29 15:51:29 -07:00
|
|
|
message: 'Form is invalid'
|
|
|
|
});
|
|
|
|
}
|
2015-09-15 15:21:49 -07:00
|
|
|
else {
|
|
|
|
Form.findById(id).populate('admin').exec(function(err, form) {
|
|
|
|
if (err) {
|
|
|
|
return next(err);
|
|
|
|
} else if (form === undefined || form === null) {
|
|
|
|
res.status(400).send({
|
|
|
|
message: 'Form not found'
|
|
|
|
});
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
//Remove sensitive information from User object
|
|
|
|
form.admin.password = undefined;
|
|
|
|
form.admin.salt = undefined;
|
|
|
|
form.provider = undefined;
|
2015-10-30 11:40:02 -07:00
|
|
|
|
2015-09-15 15:21:49 -07:00
|
|
|
req.form = form;
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2015-06-29 15:51:29 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Form authorization middleware
|
|
|
|
*/
|
|
|
|
exports.hasAuthorization = function(req, res, next) {
|
|
|
|
|
|
|
|
var form = req.form;
|
2015-07-01 20:50:57 -07:00
|
|
|
if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) {
|
|
|
|
res.status(403).send({
|
2015-08-07 14:02:44 -07:00
|
|
|
message: 'User '+req.user.username+' is not authorized to edit Form: '+form.title
|
2015-06-29 15:51:29 -07:00
|
|
|
});
|
|
|
|
}
|
|
|
|
next();
|
|
|
|
};
|