tellform/app/controllers/forms.server.controller.js

'use strict';

/**
 * Module dependencies.
 */
var mongoose = require('mongoose'),
	errorHandler = require('./errors.server.controller'),
	Form = mongoose.model('Form'),
	FormSubmission = mongoose.model('FormSubmission'),
	config = require('../../config/config'),
	diff = require('deep-diff'),
	_ = require('lodash');

/**
 * Delete a forms submissions
 */
exports.deleteSubmissions = function(req, res) {

	var submission_id_list = req.body.deleted_submissions,
		form = req.form;

	FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){

		if(err){
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
			return;
		}

		form.analytics.visitors = [];
		form.save(function(err){
			if(err){
				res.status(400).send({
					message: errorHandler.getErrorMessage(err)
				});
				return;
			}
			res.status(200).send('Form submissions successfully deleted');

		});
	});
};

/**
 * Submit a form entry
 */
exports.createSubmission = function(req, res) {
	var form = req.form;

	var timeElapsed = 0;

	if(typeof req.body.timeElapsed == "number"){
		timeElapsed = req.body.timeElapsed;
	}
	var submission = new FormSubmission({
		admin: form.admin._id,
		form: form._id,
		title: form.title,
		form_fields: req.body.form_fields,
		timeElapsed: timeElapsed,
		percentageComplete: req.body.percentageComplete,
		ipAddr: req.body.ipAddr,
		geoLocation: req.body.geoLocation,
		device: req.body.device
	});


	submission.save(function(err, submission){
		if (err) {
			console.error(err.message);
			return res.status(500).send({
				message: errorHandler.getErrorMessage(err)
			});
		}

		form.submissions.push(submission);

		form.save(function (err) {
			if (err) {
				console.error(err);
				return res.status(500).send({
					message: errorHandler.getErrorMessage(err)
				});
			}
			res.status(200).send('Form submission successfully saved');
		});
	});
};

/**
 * Get List of Submissions for a given Form
 */
exports.listSubmissions = function(req, res) {
	var _form = req.form;
	var _user = req.user;

	FormSubmission.find({ form: _form._id }).exec(function(err, _submissions) {
		if (err) {
			console.error(err);
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}
		res.json(_submissions);

	});

};

/**
 * Create a new form
 */
exports.create = function(req, res) {

	if(!req.body.form){
		return res.status(400).send({
			message: "Invalid Input"
		});
	}
	var form = new Form(req.body.form);

	form.admin = req.user._id;

	form.save(function(err) {
		if (err) {
			console.log(err);
			return res.status(405).send({
				message: errorHandler.getErrorMessage(err)
			});
		}

		res.json(form);
	});
};

/**
 * Show the current form
 */
exports.read = function(req, res) {
	FormSubmission.find({ form: req.form._id }).exec(function(err, _submissions) {
		if (err) {
			console.log(err);
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}


		var newForm = req.form.toJSON();
		newForm.submissions = _submissions;

		if (req.userId) {
			if(req.form.admin._id+'' === req.userId+''){
				return res.json(newForm);
			}
			return res.status(404).send({
				message: 'Form Does Not Exist'
			});
		}
		return res.json(newForm);
	});
};

/**
 * Upload temp file for submissions
 */
exports.uploadTemp = function(req, res) {
	//Send uploaded file data back to form
	res.json(req.file);
};

/**
 * Show the current form for rendering form live
 */
exports.readForRender = function(req, res) {
	var newForm = req.form.toJSON();

	if (!newForm.isLive) {
		return res.status(404).send({
			message: 'Form Does Not Exist'
		});
	}

	//Remove extraneous fields from form object
	delete newForm.submissions;
	delete newForm.analytics;
	delete newForm.isLive;
	delete newForm.admin;

	return res.json(newForm);
};

/**
 * Update a form
 */
exports.update = function(req, res) {
	var form = req.form;

	if (req.body.changes) {
		console.log(req.body.changes);
		var formChanges = req.body.changes;

		formChanges.forEach(function (change) {
			diff.applyChange(form, true, change);
		});
	} else {
		//Unless we have 'admin' privileges, updating form admin is disabled
		if(req.body.form && req.user.roles.indexOf('admin') === -1) {
			req.body.form.admin = null;
		}
		//Do this so we can create duplicate fields
		var checkForValidId = new RegExp('^[0-9a-fA-F]{24}$');
		for(var i=0; i<req.body.form.form_fields.length; i++){
			var field = req.body.form.form_fields[i];
			if(!checkForValidId.exec(field._id+'')){
				delete field._id;
			}
		}
		form = _.extend(form, req.body.form);
	}

	form.save(function(err, form) {
		if (err) {
			console.log(err);
			res.status(405).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			res.json(form);
		}
	});
};

/**
 * Delete a form
 */
exports.delete = function(req, res) {
	var form = req.form;
	Form.remove({_id: form._id}, function(err) {
		if (err) {
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			// console.log('Form successfully deleted');
			// res.status(200).send('Form successfully deleted');
			res.json(form);
		}
	});
};

/**
 * Get All of Users' Forms
 */
exports.list = function(req, res) {
	//Allow 'admin' user to view all forms
	var searchObj = {admin: req.user};
	if(req.user.isAdmin()) searchObj = {};

	Form.find(searchObj).sort('-created').populate('admin.username', 'admin._id').exec(function(err, forms) {
		if (err) {
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			res.json(forms);
		}
	});
};

/**
 * Form middleware
 */
exports.formByID = function(req, res, next, id) {
	if (!mongoose.Types.ObjectId.isValid(id)) {
		return res.status(400).send({
			message: 'Form is invalid'
		});
	} else {
		Form.findById(id).populate('admin').populate('submissions').exec(function(err, form) {
			if (err) {
				return next(err);
			} else if (form === undefined || form === null) {
				res.status(404).send({
					message: 'Form not found'
				});
			}
			else {
				//Remove sensitive information from User object
				var _form = form;
				_form.admin.password = undefined;
				_form.admin.salt = undefined;
				_form.provider = undefined;

				req.form = _form;
				return next();
			}
		});
	}
};

/**
 * Form authorization middleware
 */
exports.hasAuthorization = function(req, res, next) {
	var form = req.form;
	if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) {
		res.status(403).send({
			message: 'User '+req.user.username+' is not authorized to edit Form: '+form.title
		});
	}
	return next();
};
got output PDFs to save 2015-06-30 02:14:43 +00:00			`'use strict';`
first commit 2015-06-29 22:51:29 +00:00
			`/**`
			`* Module dependencies.`
			`*/`
			`var mongoose = require('mongoose'),`
			`errorHandler = require('./errors.server.controller'),`
			`Form = mongoose.model('Form'),`
			`FormSubmission = mongoose.model('FormSubmission'),`
			`config = require('../../config/config'),`
changed form updated method to use diffs 2016-07-06 01:48:25 +00:00			`diff = require('deep-diff'),`
first commit 2015-06-29 22:51:29 +00:00			`_ = require('lodash');`

got submission deletion working 2015-07-27 18:11:43 +00:00			`/**`
			`* Delete a forms submissions`
			`*/`
			`exports.deleteSubmissions = function(req, res) {`
added backend tests 2015-08-07 21:02:44 +00:00
got submission deletion working 2015-07-27 18:11:43 +00:00			`var submission_id_list = req.body.deleted_submissions,`
			`form = req.form;`

			`FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){`
got all tests to run 2016-03-30 03:45:16 +00:00
got submission deletion working 2015-07-27 18:11:43 +00:00			`if(err){`
			`res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
added analytics 2016-06-07 00:37:09 +00:00			`return;`
got submission deletion working 2015-07-27 18:11:43 +00:00			`}`

added analytics 2016-06-07 00:37:09 +00:00			`form.analytics.visitors = [];`
			`form.save(function(err){`
			`if(err){`
			`res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
			`return;`
			`}`
			`res.status(200).send('Form submissions successfully deleted');`

			`});`
got submission deletion working 2015-07-27 18:11:43 +00:00			`});`
			`};`
fixed user permissions problem 2015-10-30 18:40:02 +00:00
first commit 2015-06-29 22:51:29 +00:00			`/**`
			`* Submit a form entry`
			`*/`
			`exports.createSubmission = function(req, res) {`
added backend tests 2015-08-07 21:02:44 +00:00			`var form = req.form;`
removed submissions and analytics from form render object 2017-03-06 20:30:31 +00:00
increased request entity size 2017-03-06 19:43:42 +00:00			`var timeElapsed = 0;`
first commit 2015-06-29 22:51:29 +00:00
increased request entity size 2017-03-06 19:43:42 +00:00			`if(typeof req.body.timeElapsed == "number"){`
			`timeElapsed = req.body.timeElapsed;`
			`}`
added backend tests 2015-08-07 21:02:44 +00:00			`var submission = new FormSubmission({`
fixed analytics geolocation 2017-03-06 21:45:11 +00:00			`admin: form.admin._id,`
			`form: form._id,`
			`title: form.title,`
got submission deletion working 2015-07-27 18:11:43 +00:00			`form_fields: req.body.form_fields,`
increased request entity size 2017-03-06 19:43:42 +00:00			`timeElapsed: timeElapsed,`
fixed analytics geolocation 2017-03-06 21:45:11 +00:00			`percentageComplete: req.body.percentageComplete,`
			`ipAddr: req.body.ipAddr,`
			`geoLocation: req.body.geoLocation,`
			`device: req.body.device`
got submission deletion working 2015-07-27 18:11:43 +00:00			`});`
removed submissions and analytics from form render object 2017-03-06 20:30:31 +00:00
added device identification to form submissions 2015-11-13 01:40:23 +00:00
added backend tests 2015-08-07 21:02:44 +00:00			`submission.save(function(err, submission){`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`if (err) {`
			`console.error(err.message);`
			`return res.status(500).send({`
got submission deletion working 2015-07-27 18:11:43 +00:00			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`
fixed form analyze view 2016-11-09 18:02:12 +00:00
			`form.submissions.push(submission);`

			`form.save(function (err) {`
			`if (err) {`
			`console.error(err);`
			`return res.status(500).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`
			`res.status(200).send('Form submission successfully saved');`
			`});`
got submission deletion working 2015-07-27 18:11:43 +00:00			`});`
first commit 2015-06-29 22:51:29 +00:00			`};`

			`/**`
added files 2015-06-30 06:12:32 +00:00			`* Get List of Submissions for a given Form`
first commit 2015-06-29 22:51:29 +00:00			`*/`
			`exports.listSubmissions = function(req, res) {`
			`var _form = req.form;`
got table submissions to display correctly 2015-07-21 23:25:45 +00:00			`var _user = req.user;`
first commit 2015-06-29 22:51:29 +00:00
added geolocation and ip address to submission table 2015-11-12 21:37:36 +00:00			`FormSubmission.find({ form: _form._id }).exec(function(err, _submissions) {`
			`if (err) {`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`console.error(err);`
added geolocation and ip address to submission table 2015-11-12 21:37:36 +00:00			`res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`res.json(_submissions);`
got all tests to run 2016-03-30 03:45:16 +00:00
added geolocation and ip address to submission table 2015-11-12 21:37:36 +00:00			`});`

first commit 2015-06-29 22:51:29 +00:00			`};`

added stuff 2015-07-03 01:40:57 +00:00			`/**`
			`* Create a new form`
			`*/`
			`exports.create = function(req, res) {`
got api subdomain to work with docs 2016-08-26 20:43:37 +00:00
			`if(!req.body.form){`
			`return res.status(400).send({`
			`message: "Invalid Input"`
			`});`
			`}`
made landing page pretty 2015-07-07 01:21:43 +00:00			`var form = new Form(req.body.form);`

added backend tests 2015-08-07 21:02:44 +00:00			`form.admin = req.user._id;`
added stuff 2015-07-03 01:40:57 +00:00
			`form.save(function(err) {`
			`if (err) {`
			`console.log(err);`
got api subdomain to work with docs 2016-08-26 20:43:37 +00:00			`return res.status(405).send({`
added stuff 2015-07-03 01:40:57 +00:00			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`
got api subdomain to work with docs 2016-08-26 20:43:37 +00:00
			`res.json(form);`
added stuff 2015-07-03 01:40:57 +00:00			`});`
			`};`

			`/**`
			`* Show the current form`
			`*/`
			`exports.read = function(req, res) {`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`FormSubmission.find({ form: req.form._id }).exec(function(err, _submissions) {`
			`if (err) {`
			`console.log(err);`
			`res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`


fixed analytics service 2016-11-09 19:04:47 +00:00			`var newForm = req.form.toJSON();`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`newForm.submissions = _submissions;`

			`if (req.userId) {`
			`if(req.form.admin._id+'' === req.userId+''){`
			`return res.json(newForm);`
			`}`
			`return res.status(404).send({`
			`message: 'Form Does Not Exist'`
			`});`
got subdomains to work 2016-06-09 03:32:33 +00:00			`}`
fixed form analyze view 2016-11-09 18:02:12 +00:00			`return res.json(newForm);`
			`});`
added stuff 2015-07-03 01:40:57 +00:00			`};`
first commit 2015-06-29 22:51:29 +00:00
fixed autosaving bug for configure tab 2017-03-10 00:18:18 +00:00			`/**`
			`* Upload temp file for submissions`
			`*/`
			`exports.uploadTemp = function(req, res) {`
			`//Send uploaded file data back to form`
			`res.json(req.file);`
			`};`

removed submissions and analytics from form render object 2017-03-06 20:30:31 +00:00			`/**`
			`* Show the current form for rendering form live`
			`*/`
			`exports.readForRender = function(req, res) {`
			`var newForm = req.form.toJSON();`

			`if (!newForm.isLive) {`
			`return res.status(404).send({`
			`message: 'Form Does Not Exist'`
			`});`
			`}`

			`//Remove extraneous fields from form object`
			`delete newForm.submissions;`
			`delete newForm.analytics;`
			`delete newForm.isLive;`
fixed analytics geolocation 2017-03-06 21:45:11 +00:00			`delete newForm.admin;`
removed submissions and analytics from form render object 2017-03-06 20:30:31 +00:00
			`return res.json(newForm);`
			`};`

first commit 2015-06-29 22:51:29 +00:00			`/**`
			`* Update a form`
			`*/`
got all tests to run 2016-03-30 03:45:16 +00:00			`exports.update = function(req, res) {`
first commit 2015-06-29 22:51:29 +00:00			`var form = req.form;`
added dnsmasq setup file 2016-11-02 18:30:04 +00:00
fixed form analyze view 2016-11-09 18:02:12 +00:00			`if (req.body.changes) {`
fixed signup password input css bug 2017-03-07 00:38:37 +00:00			`console.log(req.body.changes);`
added diff to update 2016-08-26 22:34:29 +00:00			`var formChanges = req.body.changes;`
got table submissions to display correctly 2015-07-21 23:25:45 +00:00
added diff to update 2016-08-26 22:34:29 +00:00			`formChanges.forEach(function (change) {`
			`diff.applyChange(form, true, change);`
			`});`
			`} else {`
			`//Unless we have 'admin' privileges, updating form admin is disabled`
fixed socket.io cdn 2017-03-01 20:11:20 +00:00			`if(req.body.form && req.user.roles.indexOf('admin') === -1) {`
			`req.body.form.admin = null;`
			`}`
added diff to update 2016-08-26 22:34:29 +00:00			`//Do this so we can create duplicate fields`
			`var checkForValidId = new RegExp('^[0-9a-fA-F]{24}$');`
			`for(var i=0; i<req.body.form.form_fields.length; i++){`
			`var field = req.body.form.form_fields[i];`
			`if(!checkForValidId.exec(field._id+'')){`
			`delete field._id;`
			`}`
fixed duplicateField() 'ng-repeat dupes' error 2015-11-13 00:52:14 +00:00			`}`
added diff to update 2016-08-26 22:34:29 +00:00			`form = _.extend(form, req.body.form);`
fixed duplicateField() 'ng-repeat dupes' error 2015-11-13 00:52:14 +00:00			`}`
got all tests to run 2016-03-30 03:45:16 +00:00
got submission deletion working 2015-07-27 18:11:43 +00:00			`form.save(function(err, form) {`
first commit 2015-06-29 22:51:29 +00:00			`if (err) {`
			`console.log(err);`
got api subdomain to work with docs 2016-08-26 20:43:37 +00:00			`res.status(405).send({`
first commit 2015-06-29 22:51:29 +00:00			`message: errorHandler.getErrorMessage(err)`
			`});`
			`} else {`
got submission deletion working 2015-07-27 18:11:43 +00:00			`res.json(form);`
first commit 2015-06-29 22:51:29 +00:00			`}`
			`});`
			`};`

			`/**`
			`* Delete a form`
			`*/`
			`exports.delete = function(req, res) {`
			`var form = req.form;`
got form deletion working 2015-07-02 03:50:57 +00:00			`Form.remove({_id: form._id}, function(err) {`
first commit 2015-06-29 22:51:29 +00:00			`if (err) {`
added backend tests 2015-08-07 21:02:44 +00:00			`res.status(400).send({`
added automatic bower dependency injection 2015-07-03 19:25:02 +00:00			`message: errorHandler.getErrorMessage(err)`
first commit 2015-06-29 22:51:29 +00:00			`});`
			`} else {`
added backend tests 2015-08-07 21:02:44 +00:00			`// console.log('Form successfully deleted');`
			`// res.status(200).send('Form successfully deleted');`
			`res.json(form);`
first commit 2015-06-29 22:51:29 +00:00			`}`
			`});`
			`};`

			`/**`
added submission view 2015-07-02 02:49:35 +00:00			`* Get All of Users' Forms`
first commit 2015-06-29 22:51:29 +00:00			`*/`
			`exports.list = function(req, res) {`
added submission view 2015-07-02 02:49:35 +00:00			`//Allow 'admin' user to view all forms`
			`var searchObj = {admin: req.user};`
got form deletion working 2015-07-02 03:50:57 +00:00			`if(req.user.isAdmin()) searchObj = {};`

fixed logout redirection issue 2015-07-07 01:56:38 +00:00			`Form.find(searchObj).sort('-created').populate('admin.username', 'admin._id').exec(function(err, forms) {`
first commit 2015-06-29 22:51:29 +00:00			`if (err) {`
got form deletion working 2015-07-02 03:50:57 +00:00			`res.status(400).send({`
first commit 2015-06-29 22:51:29 +00:00			`message: errorHandler.getErrorMessage(err)`
			`});`
			`} else {`
got form deletion working 2015-07-02 03:50:57 +00:00			`res.json(forms);`
first commit 2015-06-29 22:51:29 +00:00			`}`
			`});`
			`};`

			`/**`
			`* Form middleware`
			`*/`
			`exports.formByID = function(req, res, next, id) {`
			`if (!mongoose.Types.ObjectId.isValid(id)) {`
fixed login/signup bug 2015-09-15 22:21:49 +00:00			`return res.status(400).send({`
first commit 2015-06-29 22:51:29 +00:00			`message: 'Form is invalid'`
			`});`
added back form list view 2016-05-13 18:13:09 +00:00			`} else {`
created basic analytics dashboard 2016-06-17 21:33:33 +00:00			`Form.findById(id).populate('admin').populate('submissions').exec(function(err, form) {`
fixed login/signup bug 2015-09-15 22:21:49 +00:00			`if (err) {`
fixed server tests 2016-04-29 06:22:47 +00:00			`return next(err);`
fixed login/signup bug 2015-09-15 22:21:49 +00:00			`} else if (form === undefined \|\| form === null) {`
got api subdomain to work with docs 2016-08-26 20:43:37 +00:00			`res.status(404).send({`
fixed login/signup bug 2015-09-15 22:21:49 +00:00			`message: 'Form not found'`
			`});`
			`}`
			`else {`
			`//Remove sensitive information from User object`
added analytics 2016-06-07 00:37:09 +00:00			`var _form = form;`
			`_form.admin.password = undefined;`
			`_form.admin.salt = undefined;`
			`_form.provider = undefined;`
got all tests to run 2016-03-30 03:45:16 +00:00
added analytics 2016-06-07 00:37:09 +00:00			`req.form = _form;`
updated eslint 2016-04-29 06:00:41 +00:00			`return next();`
fixed login/signup bug 2015-09-15 22:21:49 +00:00			`}`
			`});`
			`}`
first commit 2015-06-29 22:51:29 +00:00			`};`

			`/**`
			`* Form authorization middleware`
			`*/`
			`exports.hasAuthorization = function(req, res, next) {`
			`var form = req.form;`
got form deletion working 2015-07-02 03:50:57 +00:00			`if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) {`
			`res.status(403).send({`
added backend tests 2015-08-07 21:02:44 +00:00			`message: 'User '+req.user.username+' is not authorized to edit Form: '+form.title`
first commit 2015-06-29 22:51:29 +00:00			`});`
			`}`
updated eslint 2016-04-29 06:00:41 +00:00			`return next();`
first commit 2015-06-29 22:51:29 +00:00			`};`