2014-06-30 22:16:26 -04:00
|
|
|
LevelSession = require './LevelSession'
|
|
|
|
Handler = require '../../commons/Handler'
|
2014-03-31 18:48:22 -04:00
|
|
|
log = require 'winston'
|
2014-01-03 13:32:13 -05:00
|
|
|
|
|
|
|
TIMEOUT = 1000 * 30 # no activity for 30 seconds means it's not active
|
|
|
|
|
|
|
|
class LevelSessionHandler extends Handler
|
|
|
|
modelClass: LevelSession
|
|
|
|
|
|
|
|
getByRelationship: (req, res, args...) ->
|
2014-03-31 18:48:22 -04:00
|
|
|
return @getActiveSessions req, res if args.length is 2 and args[1] is 'active'
|
2014-04-08 22:26:19 -04:00
|
|
|
super(arguments...)
|
2014-06-11 22:38:41 -04:00
|
|
|
|
2014-05-15 18:18:15 -04:00
|
|
|
formatEntity: (req, document) ->
|
|
|
|
documentObject = super(req, document)
|
2014-06-11 22:38:41 -04:00
|
|
|
if req.user.isAdmin() or req.user.id is document.creator or ('employer' in req.user.get('permissions'))
|
2014-05-15 18:18:15 -04:00
|
|
|
return documentObject
|
|
|
|
else
|
2014-06-19 11:07:30 -04:00
|
|
|
return _.omit documentObject, @privateProperties
|
2014-06-11 22:38:41 -04:00
|
|
|
|
2014-03-31 18:48:22 -04:00
|
|
|
getActiveSessions: (req, res) ->
|
|
|
|
return @sendUnauthorizedError(res) unless req.user.isAdmin()
|
2014-01-03 13:32:13 -05:00
|
|
|
start = new Date()
|
|
|
|
start = new Date(start.getTime() - TIMEOUT)
|
|
|
|
query = @modelClass.find({'changed': {$gt: start}})
|
|
|
|
query.exec (err, documents) =>
|
|
|
|
return @sendDatabaseError(res, err) if err
|
|
|
|
documents = (@formatEntity(req, doc) for doc in documents)
|
|
|
|
@sendSuccess(res, documents)
|
|
|
|
|
2014-02-13 19:42:35 -05:00
|
|
|
hasAccessToDocument: (req, document, method=null) ->
|
|
|
|
return true if req.method is 'GET' and document.get('totalScore')
|
2014-06-11 22:38:41 -04:00
|
|
|
return true if ('employer' in req.user.get('permissions')) and (method ? req.method).toLowerCase() is 'get'
|
2014-02-13 19:42:35 -05:00
|
|
|
super(arguments...)
|
|
|
|
|
2014-01-03 13:32:13 -05:00
|
|
|
module.exports = new LevelSessionHandler()
|