tellform/app/controllers/forms.server.controller.js

'use strict';

/**
 * Module dependencies.
 */
var mongoose = require('mongoose'),
	errorHandler = require('./errors.server.controller'),
	Form = mongoose.model('Form'),
	FormSubmission = mongoose.model('FormSubmission'),
	pdfFiller = require('node-pdffiller'),
	config = require('../../config/config'),
	fs = require('fs-extra'),
	async = require('async'),
	path = require('path'),
	_ = require('lodash');

/**
 * Upload PDF 
 */
exports.uploadPDF = function(req, res, next) {

	// console.log('inside uploadPDF');

	// console.log(req.files.file);
	// console.log('\n\nProperty Descriptor\n-----------');
	// console.log(Object.getOwnPropertyDescriptor(req.files.file, 'path'));
	
	if(req.files){
		var pdfFile = req.files.file;
		var _user = req.user;
		if (req.files.size === 0) {
			next(new Error('File uploaded is EMPTY'));
		}else if(req.files.size > 200000000){
			next(new Error('File uploaded exceeds MAX SIZE of 200MB'));
		}else {
			fs.exists(pdfFile.path, function(exists) { 
				//If file exists move to user's tmp directory
				if(exists) { 

					var newDestination = config.tmpUploadPath+_user.username;
				    var stat = null;
				    try {
				        stat = fs.statSync(newDestination);
				    } catch (err) {
				        fs.mkdirSync(newDestination);
				    }
				    if (stat && !stat.isDirectory()) {
				    	console.log('Directory cannot be created');
				        next(new Error('Directory cannot be created because an inode of a different type exists at "' + newDestination + '"'));
				    }
				    
				    fs.move(pdfFile.path, path.join(newDestination, pdfFile.name), function (err) {
						if (err) {
							next(new Error(err.message));
						}
						pdfFile.path = path.join(newDestination, pdfFile.name);
						console.log(pdfFile.name + ' uploaded to ' + pdfFile.path);
						res.json(pdfFile);
					});				

				} else { 
					next(new Error('Did NOT get your file!'));
				} 
			}); 
		}
	}else {
		next(new Error('Uploaded files were NOT detected'));
	}
};

/**
 * Delete a forms submissions
 */
exports.deleteSubmissions = function(req, res) {
	console.log(req.body);

	var submission_id_list = req.body.deleted_submissions,
		form = req.form;

	FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){
		
		if(err){
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}

		res.status(200).send('Form submissions successfully deleted');
	});
};

/**
 * Submit a form entry
 */
exports.createSubmission = function(req, res) {

	var form = req.form;
	// console.log('in createSubmission()');
	// console.log(req.body);

	var submission = new FormSubmission({
		admin: req.form.admin._id,
		form: req.form._id,
		title: req.form.title,
		form_fields: req.body.form_fields,
		timeElapsed: req.body.timeElapsed,
		percentageComplete: req.body.percentageComplete
	});

	if(form.pdf) submission.pdf = form.pdf;

	if(req.headers['x-forwarded-for'] || req.connection.remoteAddress){
		var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
		// console.log('ip address of client is: '+ip);
		// if(ip) submission.ipAddr = ip;
	}

	if(form.autofillPDFs){
		try {
			submission.fdfData = pdfFiller.convFieldJson2FDF(submission.form_fields);
		} catch(err){
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}
	}else{
		submission.fdfData = null;
	}

	submission.save(function(err, submission){
		// console.log('in submissions.save()\n submission: '+JSON.stringify(submission) );
		if(err){
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}
		res.status(200).send('Form submission successfully saved');
	});
};

/**
 * Get List of Submissions for a given Form
 */
exports.listSubmissions = function(req, res) {
	var _form = req.form;
	var _user = req.user;
	console.log('listSubmissions');
	// console.log(_form);

	// if(_form.submissions.length){
		// res.json(_form.submissions);
	// }else{
		FormSubmission.find({ form: _form._id, admin: _user._id }).populate('admin', 'form').exec(function(err, _submissions) {
			if (err) {
				console.log(err);
				res.status(400).send({
					message: errorHandler.getErrorMessage(err)
				});
			}

			_form.update({ $set : { submissions: _submissions }}).exec(function(err, form){
				if (err) {
					console.log(err);
					res.status(400).send({
						message: errorHandler.getErrorMessage(err)
					});
				} 
				res.json(_submissions);
			});
			// res.status(200).send('Updated forms');
		
		});
	// }
};

/**
 * Create a new form
 */
exports.create = function(req, res) {
	var form = new Form(req.body.form);

	form.admin = req.user._id;
	// console.log('Create a new form');
	// console.log(form);
	// console.log(req.body.form)
	// console.log(req.user);

	form.save(function(err) {
		if (err) {
			console.log(err);
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			res.json(form);
		}
	});
};

/**
 * Show the current form
 */
exports.read = function(req, res) {
	var validUpdateTypes= Form.schema.path('plugins.oscarhost.settings.updateType').enumValues;

	var newForm = JSON.parse(JSON.stringify(req.form));
	newForm.plugins.oscarhost.settings.validUpdateTypes = validUpdateTypes;
	res.json(newForm);
};

/**
 * Update a form
 */
exports.update = function(req, res) { 
	var form = req.form;
	delete req.body.form.__v;
	delete req.body.form._id;

	//Unless we have 'admin' priviledges, updating form admin is disabled
	if(req.user.roles.indexOf('admin') === -1) delete req.body.form.admin;

	form = _.extend(form, req.body.form);
	
	form.save(function(err, form) {
		if (err) {
			console.log(err);
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			res.json(form);
		}
	});
};

/**
 * Delete a form
 */
exports.delete = function(req, res) {
	var form = req.form;
	// console.log('deleting form');
	Form.remove({_id: form._id}, function(err) {
		if (err) {
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			// console.log('Form successfully deleted');
			// res.status(200).send('Form successfully deleted');
			res.json(form);
		}
	});
};

/**
 * Get All of Users' Forms
 */
exports.list = function(req, res) {
	//Allow 'admin' user to view all forms
	var searchObj = {admin: req.user};
	if(req.user.isAdmin()) searchObj = {};

	Form.find(searchObj).sort('-created').populate('admin.username', 'admin._id').exec(function(err, forms) {
		if (err) {
			res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		} else {
			res.json(forms);
		}
	});
};

/**
 * Form middleware
 */
exports.formByID = function(req, res, next, id) {

	if (!mongoose.Types.ObjectId.isValid(id)) {
		return res.status(400).send({
			message: 'Form is invalid'
		});
	}
	else {
		Form.findById(id).populate('admin').exec(function(err, form) {
			if (err) {
				return next(err);
			} else if (form === undefined || form === null) {
				res.status(400).send({
					message: 'Form not found'
				});
			}
			else {
				//Remove sensitive information from User object
				form.admin.password = undefined;
				form.admin.salt = undefined;
				form.provider = undefined;
				
				req.form = form;
				next();
			}
		});
	}
};

/**
 * Form authorization middleware
 */
exports.hasAuthorization = function(req, res, next) {

	var form = req.form;
	if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) {
		res.status(403).send({
			message: 'User '+req.user.username+' is not authorized to edit Form: '+form.title
		});
	}
	next();
};