Revert ATM role changes

zabartcc · Oct 20, 2024 · 2f3e497 · 2f3e497
1 parent 065af64
commit 2f3e497
Show file tree

Hide file tree

Showing 8 changed files with 45 additions and 45 deletions.
diff --git a/controllers/ControllerController.js b/controllers/ControllerController.js
@@ -121,7 +121,7 @@ router.get("/staff", async (req, res) => {
     const staff = {
       atm: {
         title: "Air Traffic Manager",
-        code: "atm1",
+        code: "atm",
         email: "zab-atm",
         users: [],
       },
@@ -219,7 +219,7 @@ router.get("/oi", async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.get("/visit", getUser, auth(["atm1", "datm"]), async ({ res }) => {
+router.get("/visit", getUser, auth(["atm", "datm"]), async ({ res }) => {
   try {
     const applications = await VisitApplication.find({
       deletedAt: null,
@@ -234,7 +234,7 @@ router.get("/visit", getUser, auth(["atm1", "datm"]), async ({ res }) => {
   return res.json(res.stdRes);
 });
 
-router.get("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
+router.get("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
   try {
     const absences = await Absence.find({
       expirationDate: {
@@ -257,7 +257,7 @@ router.get("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.post("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
+router.post("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
   try {
     if (
       !req.body ||
@@ -310,7 +310,7 @@ router.post("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
 router.delete(
   "/absence/:id",
   getUser,
-  auth(["atm1", "datm"]),
+  auth(["atm", "datm"]),
   async (req, res) => {
     try {
       if (!req.params.id) {
@@ -340,7 +340,7 @@ router.delete(
 router.get(
   "/log",
   getUser,
-  auth(["atm1", "datm", "ta", "fe", "ec", "wm"]),
+  auth(["atm", "datm", "ta", "fe", "ec", "wm"]),
   async (req, res) => {
     const page = +req.query.page || 1;
     const limit = +req.query.limit || 20;
@@ -564,7 +564,7 @@ router.get("/visit/status", getUser, async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.put("/visit/:cid", getUser, auth(["atm1", "datm"]), async (req, res) => {
+router.put("/visit/:cid", getUser, auth(["atm", "datm"]), async (req, res) => {
   try {
     await VisitApplication.delete({ cid: req.params.cid });
 
@@ -617,7 +617,7 @@ router.put("/visit/:cid", getUser, auth(["atm1", "datm"]), async (req, res) => {
 router.delete(
   "/visit/:cid",
   getUser,
-  auth(["atm1", "datm"]),
+  auth(["atm", "datm"]),
   async (req, res) => {
     try {
       await VisitApplication.delete({ cid: req.params.cid });
@@ -824,7 +824,7 @@ router.put("/:cid/visit", microAuth, async (req, res) => {
 router.put(
   "/:cid",
   getUser,
-  auth(["atm1", "datm", "ta", "wm", "ins"]),
+  auth(["atm", "datm", "ta", "wm", "ins"]),
   async (req, res) => {
     try {
       if (!req.body.form) {
@@ -895,7 +895,7 @@ router.put(
   }
 );
 
-router.delete("/:cid", getUser, auth(["atm1", "datm"]), async (req, res) => {
+router.delete("/:cid", getUser, auth(["atm", "datm"]), async (req, res) => {
   try {
     if (!req.body.reason) {
       throw {

diff --git a/controllers/EventController.js b/controllers/EventController.js
@@ -178,7 +178,7 @@ router.delete('/:slug/signup', getUser, async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug/mandelete/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async(req, res) => {
+router.delete('/:slug/mandelete/:cid', getUser, auth(['atm', 'datm', 'ec', 'wm']), async(req, res) => {
 	try {
 		const signup = await Event.findOneAndUpdate({url: req.params.slug}, {
 			$pull: {
@@ -211,7 +211,7 @@ router.delete('/:slug/mandelete/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm'
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/mansignup/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
+router.put('/:slug/mansignup/:cid', getUser, auth(['atm', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const user = await User.findOne({cid: req.params.cid});
 		if(user !== null) {
@@ -242,7 +242,7 @@ router.put('/:slug/mansignup/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm']),
 	return res.json(res.stdRes);
 });
 
-router.post('/', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
+router.post('/', getUser, auth(['atm', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
 	try {
 		const url = req.body.name.replace(/\s+/g, '-').toLowerCase().replace(/^-+|-+(?=-|$)/g, '').replace(/[^a-zA-Z0-9-_]/g, '') + '-' + Date.now().toString().slice(-5);
 		const allowedTypes = ['image/jpg', 'image/jpeg', 'image/png', 'image/gif'];
@@ -296,7 +296,7 @@ router.post('/', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single('ban
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
+router.put('/:slug', getUser, auth(['atm', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
 	try {
 		const event = await Event.findOne({url: req.params.slug});
 		const {name, description, startTime, endTime, positions} = req.body;
@@ -408,7 +408,7 @@ router.put('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single(
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
+router.delete('/:slug', getUser, auth(['atm', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const deleteEvent = await Event.findOne({url: req.params.slug});
 		await deleteEvent.delete();
@@ -448,7 +448,7 @@ router.delete('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req,
 // 	return res.json(res.stdRes);
 // });
 
-router.put('/:slug/assign', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
+router.put('/:slug/assign', getUser, auth(['atm', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const {position, cid} = req.body;
 
@@ -484,7 +484,7 @@ router.put('/:slug/assign', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/notify', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
+router.put('/:slug/notify', getUser, auth(['atm', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		await Event.updateOne({url: req.params.slug}, {
 			$set: {
@@ -524,7 +524,7 @@ router.put('/:slug/notify', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/close', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
+router.put('/:slug/close', getUser, auth(['atm', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		await Event.updateOne({url: req.params.slug}, {
 			$set: {

diff --git a/controllers/FeedbackController.js b/controllers/FeedbackController.js
@@ -6,7 +6,7 @@ import Notification from '../models/Notification.js';
 import getUser from '../middleware/getUser.js';
 import auth from '../middleware/auth.js';
 
-router.get('/', getUser, auth(['atm1', 'datm', 'ta', 'ec','wm']), async (req, res) => { // All feedback
+router.get('/', getUser, auth(['atm', 'datm', 'ta', 'ec','wm']), async (req, res) => { // All feedback
 	try {
 		const page = +req.query.page || 1;
 		const limit = +req.query.limit || 20;
@@ -85,7 +85,7 @@ router.get('/controllers', async ({res}) => { // Controller list on feedback pag
 	return res.json(res.stdRes);
 });
 
-router.get('/unapproved', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'wm']), async ({res}) => { // Get all unapproved feedback
+router.get('/unapproved', getUser, auth(['atm', 'datm', 'ta', 'ec', 'wm']), async ({res}) => { // Get all unapproved feedback
 	try {
 		const feedback = await Feedback.find({deletedAt: null, approved: false}).populate('controller', 'fname lname cid').sort({createdAt: 'desc'}).lean();
 		res.stdRes.data = feedback;
@@ -96,7 +96,7 @@ router.get('/unapproved', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'wm']), asy
 	return res.json(res.stdRes);
 });
 
-router.put('/approve/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, res) => { // Approve feedback
+router.put('/approve/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res) => { // Approve feedback
 	try {
 		const approved = await Feedback.findOneAndUpdate({_id: req.params.id}, {
 			approved: true
@@ -123,7 +123,7 @@ router.put('/approve/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, re
 	return res.json(res.stdRes);
 });
 
-router.put('/reject/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, res) => { // Reject feedback
+router.put('/reject/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res) => { // Reject feedback
 	try {
 		const feedback = await Feedback.findOne({_id: req.params.id});
 		await feedback.delete();

diff --git a/controllers/FileController.js b/controllers/FileController.js
@@ -50,7 +50,7 @@ router.get('/downloads/:id', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/downloads', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
+router.post('/downloads', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
 	try {
 		if(!req.body.category) {
 			throw {
@@ -95,7 +95,7 @@ router.post('/downloads', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.si
 	return res.json(res.stdRes);
 });
 
-router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
+router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		if(!req.file) { // no updated file provided
 			await Downloads.findByIdAndUpdate(req.params.id, {
@@ -140,7 +140,7 @@ router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm1', '
 	return res.json(res.stdRes);
 });
 
-router.delete('/downloads/:id', getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
+router.delete('/downloads/:id', getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const download = await Downloads.findByIdAndDelete(req.params.id).lean();
 		await req.app.dossier.create({
@@ -181,7 +181,7 @@ router.get('/documents/:slug', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/documents', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
+router.post('/documents', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
 	try {
 		const {name, category, description, content, type} = req.body;
 		if(!category) {
@@ -252,7 +252,7 @@ router.post('/documents', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.si
 	return res.json(res.stdRes);
 });
 
-router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
+router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const document = await Document.findOne({slug: req.params.slug});
 		const {name, category, description, content, type} = req.body;
@@ -318,7 +318,7 @@ router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm1',
 	return res.json(res.stdRes);
 })
 
-router.delete('/documents/:id', getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
+router.delete('/documents/:id', getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const doc = await Document.findByIdAndDelete(req.params.id);
 		await req.app.dossier.create({

diff --git a/controllers/NewsController.js b/controllers/NewsController.js
@@ -18,7 +18,7 @@ router.get('/', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
+router.post('/', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
 	try {
 		if(!req.body || !req.body.title || !req.body.content) {
 			throw {
@@ -74,7 +74,7 @@ router.get('/:slug', async (req, res) =>{
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
+router.put('/:slug', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
 	try {
 		const {title, content} = req.body;
 		const newsItem = await News.findOne({uriSlug: req.params.slug});
@@ -98,7 +98,7 @@ router.put('/:slug', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), as
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) =>{
+router.delete('/:slug', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) =>{
 	try {
 		const newsItem = await News.findOne({uriSlug: req.params.slug});
 		const status = await newsItem.delete();

diff --git a/controllers/StatsController.js b/controllers/StatsController.js
@@ -16,7 +16,7 @@ import { DateTime as L } from 'luxon';
 const months = ['', 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'];
 const ratings = ["Unknown", "OBS", "S1", "S2", "S3", "C1", "C2", "C3", "I1", "I2", "I3", "SUP", "ADM"];
 
-router.get('/admin', getUser, auth(['atm1', 'datm', 'ta', 'fe', 'ec', 'wm']), async (req, res) => {
+router.get('/admin', getUser, auth(['atm', 'datm', 'ta', 'fe', 'ec', 'wm']), async (req, res) => {
 	try {
 		const d = new Date();
 		const thisMonth = new Date(Date.UTC(d.getUTCFullYear(), d.getUTCMonth(), 1));
@@ -117,7 +117,7 @@ router.get('/admin', getUser, auth(['atm1', 'datm', 'ta', 'fe', 'ec', 'wm']), as
 	return res.json(res.stdRes);
 })
 
-router.get('/ins', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.get('/ins', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		let lastTraining = await TrainingSession.aggregate([
 			{$group: {
@@ -170,7 +170,7 @@ router.get('/ins', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (r
 	return res.json(res.stdRes);
 })
 
-router.get('/activity', getUser, auth(['atm1', 'datm', 'ta', 'wm']), async (req, res) => {
+router.get('/activity', getUser, auth(['atm', 'datm', 'ta', 'wm']), async (req, res) => {
 	try {
 		const today = L.utc();
 		const chkDate = today.minus({days: 91});

diff --git a/controllers/TrainingController.js b/controllers/TrainingController.js
@@ -129,7 +129,7 @@ router.get('/milestones', getUser, async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.get('/request/open', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.get('/request/open', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		const days = +req.query.period || 21; // days from start of CURRENT week
 		const d = new Date(Date.now()),
@@ -155,7 +155,7 @@ router.get('/request/open', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']),
 	return res.json(res.stdRes);
 });
 
-router.post('/request/take/:id', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.post('/request/take/:id', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		if(new Date(req.body.startTime) >= new Date(req.body.endTime)) {
 			throw {
@@ -206,7 +206,7 @@ router.post('/request/take/:id', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mt
 	return res.json(res.stdRes);
 });
 
-router.delete('/request/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, res) => {
+router.delete('/request/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res) => {
 	try {
 		const request = await TrainingRequest.findById(req.params.id);
 		request.delete();
@@ -224,7 +224,7 @@ router.delete('/request/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req,
 	return res.json(res.stdRes);
 });
 
-router.get('/request/:date', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.get('/request/:date', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		const d = new Date(`${req.params.date.slice(0,4)}-${req.params.date.slice(4,6)}-${req.params.date.slice(6,8)}`);
 		const dayAfter = new Date(d);
@@ -248,7 +248,7 @@ router.get('/request/:date', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr'])
 	return res.json(res.stdRes);
 });
 
-router.get('/session/open', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.get('/session/open', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		const sessions = await TrainingSession.find({
 			instructorCid: res.user.cid,
@@ -266,7 +266,7 @@ router.get('/session/open', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']),
 
 router.get('/session/:id', getUser, async(req, res) => {
 	try {
-		const isIns = ['ta', 'ins', 'mtr', 'atm1', 'datm'].some(r => res.user.roleCodes.includes(r));
+		const isIns = ['ta', 'ins', 'mtr', 'atm', 'datm'].some(r => res.user.roleCodes.includes(r));
 
 		if(isIns) {
 			const session = await TrainingSession.findById(
@@ -303,7 +303,7 @@ router.get('/session/:id', getUser, async(req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.get('/sessions', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
+router.get('/sessions', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
 	try {
 		const page = +req.query.page || 1;
 		const limit = +req.query.limit || 20;
@@ -404,7 +404,7 @@ router.get('/sessions/past', getUser, async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.get('/sessions/:cid', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
+router.get('/sessions/:cid', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
 	try {
 		const controller = await User.findOne({cid: req.params.cid}).select('fname lname').lean();
 		if(!controller) {
@@ -441,7 +441,7 @@ router.get('/sessions/:cid', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr'])
 	return res.json(res.stdRes);
 });
 
-router.put('/session/save/:id', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
+router.put('/session/save/:id', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
 	try {
 		await TrainingSession.findByIdAndUpdate(req.params.id, req.body);
 	} catch(e) {
@@ -452,7 +452,7 @@ router.put('/session/save/:id', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr
 	return res.json(res.stdRes);
 });
 
-router.put('/session/submit/:id', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
+router.put('/session/submit/:id', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async(req, res) => {
 	try {
 		if(req.body.position === '' || req.body.progress === null || req.body.movements === null || req.body.location === null || req.body.ots === null || req.body.studentNotes === null || (req.body.studentNotes && req.body.studentNotes.length > 3000) || (req.body.insNotes && req.body.insNotes.length > 3000)) {
 			throw {