diff --git a/app/controllers/forms.server.controller.js b/app/controllers/forms.server.controller.js index 7a12250e..8beb8c3e 100644 --- a/app/controllers/forms.server.controller.js +++ b/app/controllers/forms.server.controller.js @@ -364,8 +364,8 @@ exports.update = function(req, res) { var form = req.form; var updatedForm = req.body.form; - - if(!form.analytics){ + + if(!form.analytics && req.body.form.analytics){ form.analytics = { visitors: [], gaCode: '' @@ -379,9 +379,18 @@ exports.update = function(req, res) { diff.applyChange(form._doc, true, change); }); } else { + if(!updatedForm){ + res.status(400).send({ + message: 'Updated Form is empty' + }); + } - delete updatedForm.__v; + delete updatedForm.lastModified; delete updatedForm.created; + delete updatedForm.id; + delete updatedForm._id; + delete updatedForm.__v; + //Unless we have 'admin' privileges, updating the form's admin is disabled if(updatedForm && req.user.roles.indexOf('admin') === -1) { delete updatedForm.admin; @@ -556,7 +565,8 @@ exports.formByIDFast = function(req, res, next, id) { */ exports.hasAuthorization = function(req, res, next) { var form = req.form; - if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) { + debugger + if (req.form.admin.id !== req.user.id || req.user.roles.indexOf('admin') > -1) { res.status(403).send({ message: 'User '+req.user.username+' is not authorized to edit Form: '+form.title }); diff --git a/app/libs/send-email-notifications.js b/app/libs/send-email-notifications.js index 8d4fd281..bbbc8548 100644 --- a/app/libs/send-email-notifications.js +++ b/app/libs/send-email-notifications.js @@ -39,8 +39,8 @@ module.exports = { createFieldDict: function(form_fields){ var formFieldDict = {}; form_fields.forEach(function(field){ - if(field.hasOwnProperty('globalId') && field.hasOwnProperty('fieldValue')){ - formFieldDict[field.globalId+''] = field.fieldValue+''; + if(field.hasOwnProperty('fieldValue')){ + formFieldDict[field.id] = String(field.fieldValue); } }); return formFieldDict; diff --git a/app/models/form.server.model.js b/app/models/form.server.model.js index 4aa58f89..3693a93f 100644 --- a/app/models/form.server.model.js +++ b/app/models/form.server.model.js @@ -228,30 +228,6 @@ FormSchema.plugin(timeStampPlugin, { useVirtual: false }); -function getDeletedIndexes(needle, haystack){ - var deletedIndexes = []; - - if(haystack.length > 0){ - for(var i = 0; i < needle.length; i++){ - if(haystack.indexOf(needle[i]) === -1){ - deletedIndexes.push(i); - } - } - } - return deletedIndexes; -} - -function formFieldsAllHaveIds(form_fields){ - if(form_fields){ - for(var i=0; i 0){ error.errors.ratingOptions = new mongoose.Error.ValidatorError({path:'fieldOptions', message: 'fieldOptions are only allowed for type dropdown, checkbox or radio fields.', type: 'notvalid', value: this.ratingOptions}); console.error(error); - return(next(error)); + return next(error); } } return next(); }); -//LogicJump Save -FormFieldSchema.pre('save', function(next) { - if(!this.globalId){ - this.globalId = tokgen(); - } - next(); -}); - //Submission fieldValue correction FormFieldSchema.pre('save', function(next) { if(this.fieldType === 'dropdown' && this.isSubmission){ diff --git a/app/tests/form.server.routes.test.js b/app/tests/form.server.routes.test.js index 495ba38d..fbdd1259 100644 --- a/app/tests/form.server.routes.test.js +++ b/app/tests/form.server.routes.test.js @@ -32,7 +32,8 @@ var sampleVisitorData = [{ language: 'en', ipAddr: '192.168.1.1', deviceType: 'desktop', - userAgent: 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36' + userAgent: 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36', + filledOutFields: [] }]; /** @@ -412,22 +413,84 @@ describe('Form Routes Unit tests', function() { CurrentForm.save(function(err, form) { if(err) return done(err); - loginSession.post('/forms/' + form._id) - .send(formUpdateObject) + loginSession.put('/forms/' + form.id) + .send({ form: formUpdateObject }) .expect(200) - .end(function(FormSaveErr) { + .end(function(err, res) { - should.not.exist(FormSaveErr); + should.not.exist(err); - Form.findById(form._id, function (FormFindErr, UpdatedForm){ + Form.findById(form.id, function (FormFindErr, UpdatedForm){ should.not.exist(FormFindErr); should.exist(UpdatedForm); - UpdatedForm.toObject().visitors.should.deepEqual(sampleVisitorData); + var updatedFormObj = UpdatedForm.toJSON(); + var oldFormObj = CurrentForm.toJSON(); + + updatedFormObj.analytics.should.deepEqual(oldFormObj.analytics); + + done(FormFindErr); + }); + }); + }); + }); + + it(' > shouldn\'t allow a user to change the id when updating a form', function(done) { + // Create new Form model instance + + var formObject = { + title: 'First Form', + language: 'en', + admin: user.id, + form_fields: [ + new Field({'fieldType':'textfield', 'title':'First Name', 'fieldValue': ''}), + new Field({'fieldType':'legal', 'title':'nascar', 'fieldValue': ''}), + new Field({'fieldType':'legal', 'title':'hockey', 'fieldValue': ''}) + ], + isLive: true + }; + + var formUpdateObject = { + id: mongoose.Types.ObjectId(), + title: 'First Form', + language: 'en', + admin: user.id, + form_fields: [ + new Field({'fieldType':'textfield', 'title':'Last Name', 'fieldValue': ''}), + new Field({'fieldType':'legal', 'title':'formula one', 'fieldValue': ''}), + new Field({'fieldType':'legal', 'title':'football', 'fieldValue': ''}) + ], + isLive: true + }; + + var CurrentForm = new Form(formObject); + + // Save the Form + CurrentForm.save(function(err, InitialForm) { + if(err) return done(err); + + loginSession.put('/forms/' + InitialForm.id) + .send({ form: formUpdateObject }) + .expect(200) + .end(function(err, OldForm) { + console.log(OldForm.body); + + should.not.exist(err); + + Form.findById(InitialForm.id, function (FormFindErr, UpdatedForm){ + should.not.exist(FormFindErr); + should.exist(UpdatedForm); + + var updatedFormObj = UpdatedForm.toJSON(); + var oldFormObj = InitialForm.toJSON(); + + delete oldFormObj.lastModified; + delete updatedFormObj.lastModified; + + updatedFormObj.should.deepEqual(oldFormObj); done(FormFindErr); }); - }); }); }); diff --git a/app/tests/form_submission.model.test.js b/app/tests/form_submission.model.test.js index b857e9a9..219f5d87 100644 --- a/app/tests/form_submission.model.test.js +++ b/app/tests/form_submission.model.test.js @@ -166,7 +166,7 @@ describe('FormSubmission Model Unit Tests:', function() { }); it('should be able to find FormSubmission by $elemMatch on form_fields id', function(done){ - FormSubmission.findOne({ form: myForm._id, form_fields: {$elemMatch: {globalId: myForm.form_fields[0].globalId} } }) + FormSubmission.findOne({ form: myForm.id, form_fields: {$elemMatch: {id: myForm.form_fields[0].id} } }) .exec(function(err, submission){ should.not.exist(err); should.exist(submission); @@ -176,78 +176,6 @@ describe('FormSubmission Model Unit Tests:', function() { }); }); - /* - describe('Test FormField and Submission Logic', function() { - - beforeEach(function(done){ - - //Create Submission - mySubmission = new FormSubmission({ - form_fields: _.merge(sampleSubmission, myForm.form_fields), - admin: user, - form: myForm, - timeElapsed: 17.55 - }); - - mySubmission.save(function(err){ - should.not.exist(err); - done(); - }); - - }); - - it('should preserve deleted form_fields that have submissions without any problems', function(done) { - - var fieldPropertiesToOmit = ['deletePreserved', 'globalId', 'lastModified', 'created', '_id', 'submissionId', 'isSubmission', 'validFieldTypes', 'title']; - var old_fields = myForm.toObject().form_fields; - var new_form_fields = _.clone(myForm.toObject().form_fields); - new_form_fields.splice(0, 1); - - myForm.form_fields = new_form_fields; - - myForm.save(function(err, _form) { - - should.not.exist(err); - should.exist(_form.form_fields); - - var actual_fields = _.deepOmit(_form.toObject().form_fields, fieldPropertiesToOmit); - old_fields = _.deepOmit(old_fields, fieldPropertiesToOmit); - - should.deepEqual(actual_fields, old_fields, 'old form_fields not equal to newly saved form_fields'); - done(); - }); - }); - - it('should delete \'preserved\' form_fields whose submissions have been removed without any problems', function(done) { - - var old_fields = myForm.toObject().form_fields; - old_fields.splice(0,1); - var new_form_fields = _.clone(myForm.toObject().form_fields); - new_form_fields.splice(0, 1); - - myForm.form_fields = new_form_fields; - - myForm.save(function(err, _form){ - should.not.exist(err); - should.exist(_form.form_fields); - should.exist(old_fields); - - var actual_fields = _.deepOmit(_form.toObject().form_fields, ['lastModified', 'created', '_id']); - old_fields = _.deepOmit(old_fields, ['lastModified', 'created', '_id']); - - should.deepEqual(JSON.stringify(actual_fields), JSON.stringify(old_fields)); //'old form_fields not equal to newly saved form_fields'); - done(); - }); - }); - - afterEach(function(done){ - mySubmission.remove(function(){ - done(); - }); - }); - }); - */ - afterEach(function(done) { Form.remove().exec(function() { User.remove().exec(function() { diff --git a/app/tests/libs/send-email-notifications.test.js b/app/tests/libs/send-email-notifications.test.js index 9f9db698..38beb031 100644 --- a/app/tests/libs/send-email-notifications.test.js +++ b/app/tests/libs/send-email-notifications.test.js @@ -14,9 +14,9 @@ const should = require('should'), * Globals */ const validFormFields = [ - {fieldType:'textfield', title:'First Name', fieldValue: 'John Smith', deletePreserved: false, globalId:'56340745f59a6fc9e22028e9'}, - {fieldType:'link', title:'Your Website', fieldValue: 'https://johnsmith.me', deletePreserved: false, globalId:'5c9e22028e907634f45f59a6'}, - {fieldType:'number', title:'Your Age', fieldValue: 45, deletePreserved: false, globalId:'56e90745f5934fc9e22028a6'} + {fieldType:'textfield', title:'First Name', fieldValue: 'John Smith', deletePreserved: false, id:'56340745f59a6fc9e22028e9'}, + {fieldType:'link', title:'Your Website', fieldValue: 'https://johnsmith.me', deletePreserved: false, id:'5c9e22028e907634f45f59a6'}, + {fieldType:'number', title:'Your Age', fieldValue: 45, deletePreserved: false, id:'56e90745f5934fc9e22028a6'} ]; const validFieldDict = { diff --git a/public/modules/forms/admin/directives/configure-form.client.directive.js b/public/modules/forms/admin/directives/configure-form.client.directive.js index d57653d6..e2405ab2 100644 --- a/public/modules/forms/admin/directives/configure-form.client.directive.js +++ b/public/modules/forms/admin/directives/configure-form.client.directive.js @@ -18,7 +18,7 @@ angular.module('forms').directive('configureFormDirective', ['$rootScope', '$sta placeholder: { placeholders: $scope.myform.visible_form_fields.map(function(field){ return { - id: field.globalId, + id: field.id, label: field.title }; }), diff --git a/public/modules/forms/admin/views/adminTabs/configureTabs/respondent-notifications.html b/public/modules/forms/admin/views/adminTabs/configureTabs/respondent-notifications.html index 5c10ca8a..563f147a 100644 --- a/public/modules/forms/admin/views/adminTabs/configureTabs/respondent-notifications.html +++ b/public/modules/forms/admin/views/adminTabs/configureTabs/respondent-notifications.html @@ -36,7 +36,7 @@ {{$select.selected.title}} - + diff --git a/public/modules/forms/admin/views/adminTabs/configureTabs/self-notifications.html b/public/modules/forms/admin/views/adminTabs/configureTabs/self-notifications.html index 77b594ae..570c0334 100644 --- a/public/modules/forms/admin/views/adminTabs/configureTabs/self-notifications.html +++ b/public/modules/forms/admin/views/adminTabs/configureTabs/self-notifications.html @@ -42,7 +42,7 @@ {{$select.selected.title}} - +