var fs = require('fs');
var path = require('path');
var uuid = require('node-uuid');
-var appDir = path.dirname(require.main.filename);
+var appDir = path.dirname(require.resolve('../../app'));
// Send generation worker
var launchWorker = function (report) {
if (!report) {
return res.status(404).send('Not Found');
}
- if (parseInt(report.user) !== parseInt(userId)) {
+ //Allow admin users to download all reports
+ if (report.user !== userId.toString() && req.user.role !== 'admin') {
return res.status(403).send('Forbidden');
}
if (!report.isGenerated) {
return res.status(202).send('Generating');
}
var file = appDir + "/components/worker/generator/output/" + report.uuid + ".pdf";
- res.download(file, "rapport-" + report.filename + ".pdf");
+ try {
+ fs.accessSync(file, fs.F_OK);
+ res.download(file, "rapport-" + report.filename + ".pdf");
+ } catch (e) {
+ return res.status(410).send('File Not Found');
+ }
// File has been downloaded... Now we delete the entry in DB... Keep the file, just in case
report.remove();
});
_id: userId
}, '-salt -hashedPassword', function (err, user) { // don't ever give out the password or salt
if (err) return handleError(res, err);
- if (!user) return res.status(401).send('Unauthorized');
- // We found the current user
+
+ if (!req.files) {
+ return res.status(400).send('File Missing');
+ }
+
// Generate ID
- var id = uuid.v1();
+ var id = uuid.v4();
// Create directory with ID for name
var dirname = appDir + "/components/worker/generator/input/" + id + "/";
}
}
- console.log(Date.now());
//Create object
var generated = {
uuid: id,
isGenerated: false
};
-
Report.create(generated, function (err, report) {
if (err) {
return handleError(res, err);
launchWorker(report);
user.reportCounter = !user.reportCounter ? 1 : user.reportCounter + 1;
- user.save();
-
- // Return ONLY the uuid, you don't need more
- return res.status(200).json({id: report._id});
+ user.save(function () {
+ // Return ONLY the uuid, you don't need more
+ return res.status(200).json({id: report._id});
+ });
});
});