ATM role update API

controllers/ControllerController.js

@@ -121,7 +121,7 @@ router.get("/staff", async (req, res) => {
     const staff = {
       atm: {
         title: "Air Traffic Manager",
-        code: "atm",
+        code: "atm1",
         email: "zab-atm",
         users: [],
       },
@@ -219,7 +219,7 @@ router.get("/oi", async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.get("/visit", getUser, auth(["atm", "datm"]), async ({ res }) => {
+router.get("/visit", getUser, auth(["atm1", "datm"]), async ({ res }) => {
   try {
     const applications = await VisitApplication.find({
       deletedAt: null,
@@ -234,7 +234,7 @@ router.get("/visit", getUser, auth(["atm", "datm"]), async ({ res }) => {
   return res.json(res.stdRes);
 });
 
-router.get("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
+router.get("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
   try {
     const absences = await Absence.find({
       expirationDate: {
@@ -257,7 +257,7 @@ router.get("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.post("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
+router.post("/absence", getUser, auth(["atm1", "datm"]), async (req, res) => {
   try {
     if (
       !req.body ||
@@ -310,7 +310,7 @@ router.post("/absence", getUser, auth(["atm", "datm"]), async (req, res) => {
 router.delete(
   "/absence/:id",
   getUser,
-  auth(["atm", "datm"]),
+  auth(["atm1", "datm"]),
   async (req, res) => {
     try {
       if (!req.params.id) {
@@ -340,7 +340,7 @@ router.delete(
 router.get(
   "/log",
   getUser,
-  auth(["atm", "datm", "ta", "fe", "ec", "wm"]),
+  auth(["atm1", "datm", "ta", "fe", "ec", "wm"]),
   async (req, res) => {
     const page = +req.query.page || 1;
     const limit = +req.query.limit || 20;
@@ -524,7 +524,7 @@ router.post("/visit", getUser, async (req, res) => {
       },
     });
     await transporter.sendMail({
-      to: "atm@zabartcc.org, datm@zabartcc.org",
+      to: "zab-atm@vatusa.net, zab-datm@vatusa.net",
       from: {
         name: "Albuquerque ARTCC",
         address: "[email protected]",
@@ -564,7 +564,7 @@ router.get("/visit/status", getUser, async (req, res) => {
   return res.json(res.stdRes);
 });
 
-router.put("/visit/:cid", getUser, auth(["atm", "datm"]), async (req, res) => {
+router.put("/visit/:cid", getUser, auth(["atm1", "datm"]), async (req, res) => {
   try {
     await VisitApplication.delete({ cid: req.params.cid });
 
@@ -617,7 +617,7 @@ router.put("/visit/:cid", getUser, auth(["atm", "datm"]), async (req, res) => {
 router.delete(
   "/visit/:cid",
   getUser,
-  auth(["atm", "datm"]),
+  auth(["atm1", "datm"]),
   async (req, res) => {
     try {
       await VisitApplication.delete({ cid: req.params.cid });
@@ -715,7 +715,7 @@ router.post("/:cid", microAuth, async (req, res) => {
     ];
 
     await transporter.sendMail({
-      to: "atm@zabartcc.org; datm@zabartcc.org; ta@zabartcc.org",
+      to: "zab-atm@vatusa.net; zab-datm@vatusa.net; zab-ta@vatusa.net",
       from: {
         name: "Albuquerque ARTCC",
         address: "[email protected]",
@@ -824,7 +824,7 @@ router.put("/:cid/visit", microAuth, async (req, res) => {
 router.put(
   "/:cid",
   getUser,
-  auth(["atm", "datm", "ta", "wm", "ins"]),
+  auth(["atm1", "datm", "ta", "wm", "ins"]),
   async (req, res) => {
     try {
       if (!req.body.form) {
@@ -895,7 +895,7 @@ router.put(
   }
 );
 
-router.delete("/:cid", getUser, auth(["atm", "datm"]), async (req, res) => {
+router.delete("/:cid", getUser, auth(["atm1", "datm"]), async (req, res) => {
   try {
     if (!req.body.reason) {
       throw {

controllers/EventController.js

@@ -178,7 +178,7 @@ router.delete('/:slug/signup', getUser, async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug/mandelete/:cid', getUser, auth(['atm', 'datm', 'ec']), async(req, res) => {
+router.delete('/:slug/mandelete/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async(req, res) => {
 	try {
 		const signup = await Event.findOneAndUpdate({url: req.params.slug}, {
 			$pull: {
@@ -211,7 +211,7 @@ router.delete('/:slug/mandelete/:cid', getUser, auth(['atm', 'datm', 'ec']), asy
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/mansignup/:cid', getUser, auth(['atm', 'datm', 'ec']), async (req, res) => {
+router.put('/:slug/mansignup/:cid', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const user = await User.findOne({cid: req.params.cid});
 		if(user !== null) {
@@ -242,7 +242,7 @@ router.put('/:slug/mansignup/:cid', getUser, auth(['atm', 'datm', 'ec']), async
 	return res.json(res.stdRes);
 });
 
-router.post('/', getUser, auth(['atm', 'datm', 'ec']), upload.single('banner'), async (req, res) => {
+router.post('/', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
 	try {
 		const url = req.body.name.replace(/\s+/g, '-').toLowerCase().replace(/^-+|-+(?=-|$)/g, '').replace(/[^a-zA-Z0-9-_]/g, '') + '-' + Date.now().toString().slice(-5);
 		const allowedTypes = ['image/jpg', 'image/jpeg', 'image/png', 'image/gif'];
@@ -296,7 +296,7 @@ router.post('/', getUser, auth(['atm', 'datm', 'ec']), upload.single('banner'),
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug', getUser, auth(['atm', 'datm', 'ec']), upload.single('banner'), async (req, res) => {
+router.put('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), upload.single('banner'), async (req, res) => {
 	try {
 		const event = await Event.findOne({url: req.params.slug});
 		const {name, description, startTime, endTime, positions} = req.body;
@@ -408,7 +408,7 @@ router.put('/:slug', getUser, auth(['atm', 'datm', 'ec']), upload.single('banner
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug', getUser, auth(['atm', 'datm', 'ec']), async (req, res) => {
+router.delete('/:slug', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const deleteEvent = await Event.findOne({url: req.params.slug});
 		await deleteEvent.delete();
@@ -448,7 +448,7 @@ router.delete('/:slug', getUser, auth(['atm', 'datm', 'ec']), async (req, res) =
 // 	return res.json(res.stdRes);
 // });
 
-router.put('/:slug/assign', getUser, auth(['atm', 'datm', 'ec']), async (req, res) => {
+router.put('/:slug/assign', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		const {position, cid} = req.body;
 
@@ -484,7 +484,7 @@ router.put('/:slug/assign', getUser, auth(['atm', 'datm', 'ec']), async (req, re
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/notify', getUser, auth(['atm', 'datm', 'ec']), async (req, res) => {
+router.put('/:slug/notify', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		await Event.updateOne({url: req.params.slug}, {
 			$set: {
@@ -524,7 +524,7 @@ router.put('/:slug/notify', getUser, auth(['atm', 'datm', 'ec']), async (req, re
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug/close', getUser, auth(['atm', 'datm', 'ec']), async (req, res) => {
+router.put('/:slug/close', getUser, auth(['atm1', 'datm', 'ec', 'wm']), async (req, res) => {
 	try {
 		await Event.updateOne({url: req.params.slug}, {
 			$set: {

controllers/FeedbackController.js

@@ -6,7 +6,7 @@ import Notification from '../models/Notification.js';
 import getUser from '../middleware/getUser.js';
 import auth from '../middleware/auth.js';
 
-router.get('/', getUser, auth(['atm', 'datm', 'ta', 'ec']), async (req, res) => { // All feedback
+router.get('/', getUser, auth(['atm1', 'datm', 'ta', 'ec','wm']), async (req, res) => { // All feedback
 	try {
 		const page = +req.query.page || 1;
 		const limit = +req.query.limit || 20;
@@ -85,7 +85,7 @@ router.get('/controllers', async ({res}) => { // Controller list on feedback pag
 	return res.json(res.stdRes);
 });
 
-router.get('/unapproved', getUser, auth(['atm', 'datm', 'ta', 'ec']), async ({res}) => { // Get all unapproved feedback
+router.get('/unapproved', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'wm']), async ({res}) => { // Get all unapproved feedback
 	try {
 		const feedback = await Feedback.find({deletedAt: null, approved: false}).populate('controller', 'fname lname cid').sort({createdAt: 'desc'}).lean();
 		res.stdRes.data = feedback;
@@ -96,7 +96,7 @@ router.get('/unapproved', getUser, auth(['atm', 'datm', 'ta', 'ec']), async ({re
 	return res.json(res.stdRes);
 });
 
-router.put('/approve/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res) => { // Approve feedback
+router.put('/approve/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, res) => { // Approve feedback
 	try {
 		const approved = await Feedback.findOneAndUpdate({_id: req.params.id}, {
 			approved: true
@@ -123,7 +123,7 @@ router.put('/approve/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res
 	return res.json(res.stdRes);
 });
 
-router.put('/reject/:id', getUser, auth(['atm', 'datm', 'ta']), async (req, res) => { // Reject feedback
+router.put('/reject/:id', getUser, auth(['atm1', 'datm', 'ta']), async (req, res) => { // Reject feedback
 	try {
 		const feedback = await Feedback.findOne({_id: req.params.id});
 		await feedback.delete();

controllers/FileController.js

@@ -50,7 +50,7 @@ router.get('/downloads/:id', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/downloads', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
+router.post('/downloads', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
 	try {
 		if(!req.body.category) {
 			throw {
@@ -95,7 +95,7 @@ router.post('/downloads', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.sin
 	return res.json(res.stdRes);
 });
 
-router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
+router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		if(!req.file) { // no updated file provided
 			await Downloads.findByIdAndUpdate(req.params.id, {
@@ -140,7 +140,7 @@ router.put('/downloads/:id', upload.single('download'), getUser, auth(['atm', 'd
 	return res.json(res.stdRes);
 });
 
-router.delete('/downloads/:id', getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
+router.delete('/downloads/:id', getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const download = await Downloads.findByIdAndDelete(req.params.id).lean();
 		await req.app.dossier.create({
@@ -181,7 +181,7 @@ router.get('/documents/:slug', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/documents', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
+router.post('/documents', getUser, auth(['atm1', 'datm', 'ta', 'fe']), upload.single('download'), async (req, res) => {
 	try {
 		const {name, category, description, content, type} = req.body;
 		if(!category) {
@@ -252,7 +252,7 @@ router.post('/documents', getUser, auth(['atm', 'datm', 'ta', 'fe']), upload.sin
 	return res.json(res.stdRes);
 });
 
-router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
+router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const document = await Document.findOne({slug: req.params.slug});
 		const {name, category, description, content, type} = req.body;
@@ -318,7 +318,7 @@ router.put('/documents/:slug', upload.single('download'), getUser, auth(['atm',
 	return res.json(res.stdRes);
 })
 
-router.delete('/documents/:id', getUser, auth(['atm', 'datm', 'ta', 'fe']), async (req, res) => {
+router.delete('/documents/:id', getUser, auth(['atm1', 'datm', 'ta', 'fe']), async (req, res) => {
 	try {
 		const doc = await Document.findByIdAndDelete(req.params.id);
 		await req.app.dossier.create({

controllers/NewsController.js

@@ -18,7 +18,7 @@ router.get('/', async (req, res) => {
 	return res.json(res.stdRes);
 });
 
-router.post('/', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
+router.post('/', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
 	try {
 		if(!req.body || !req.body.title || !req.body.content) {
 			throw {
@@ -74,7 +74,7 @@ router.get('/:slug', async (req, res) =>{
 	return res.json(res.stdRes);
 });
 
-router.put('/:slug', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
+router.put('/:slug', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) => {
 	try {
 		const {title, content} = req.body;
 		const newsItem = await News.findOne({uriSlug: req.params.slug});
@@ -98,7 +98,7 @@ router.put('/:slug', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), asy
 	return res.json(res.stdRes);
 });
 
-router.delete('/:slug', getUser, auth(['atm', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) =>{
+router.delete('/:slug', getUser, auth(['atm1', 'datm', 'ta', 'ec', 'fe', 'wm']), async (req, res) =>{
 	try {
 		const newsItem = await News.findOne({uriSlug: req.params.slug});
 		const status = await newsItem.delete();

controllers/StatsController.js

@@ -16,7 +16,7 @@ import { DateTime as L } from 'luxon';
 const months = ['', 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'];
 const ratings = ["Unknown", "OBS", "S1", "S2", "S3", "C1", "C2", "C3", "I1", "I2", "I3", "SUP", "ADM"];
 
-router.get('/admin', getUser, auth(['atm', 'datm', 'ta', 'fe', 'ec', 'wm']), async (req, res) => {
+router.get('/admin', getUser, auth(['atm1', 'datm', 'ta', 'fe', 'ec', 'wm']), async (req, res) => {
 	try {
 		const d = new Date();
 		const thisMonth = new Date(Date.UTC(d.getUTCFullYear(), d.getUTCMonth(), 1));
@@ -117,7 +117,7 @@ router.get('/admin', getUser, auth(['atm', 'datm', 'ta', 'fe', 'ec', 'wm']), asy
 	return res.json(res.stdRes);
 })
 
-router.get('/ins', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
+router.get('/ins', getUser, auth(['atm1', 'datm', 'ta', 'ins', 'mtr']), async (req, res) => {
 	try {
 		let lastTraining = await TrainingSession.aggregate([
 			{$group: {
@@ -170,7 +170,7 @@ router.get('/ins', getUser, auth(['atm', 'datm', 'ta', 'ins', 'mtr']), async (re
 	return res.json(res.stdRes);
 })
 
-router.get('/activity', getUser, auth(['atm', 'datm', 'ta', 'wm']), async (req, res) => {
+router.get('/activity', getUser, auth(['atm1', 'datm', 'ta', 'wm']), async (req, res) => {
 	try {
 		const today = L.utc();
 		const chkDate = today.minus({days: 91});