diff --git a/API/db/app.db b/API/db/app.db index 7680fd1877fc4b7fcf94bea21b4a1d6b2bfed5da..79e49ef675b59fddc8dfe076dbb54df0c8b860aa 100644 Binary files a/API/db/app.db and b/API/db/app.db differ diff --git a/API/src/routes/BaseRoutes.ts b/API/src/routes/BaseRoutes.ts index 1479e16e3417a5d948c449f58f72222bd1f1e66a..93703d5ed518f079c31cd747cb81d685bf4f1e4e 100644 --- a/API/src/routes/BaseRoutes.ts +++ b/API/src/routes/BaseRoutes.ts @@ -91,7 +91,6 @@ router.patch(ROUTE+'/user/:id', (req: express.Request, res: express.Response) => const a = req.body as User_t; const token = req.headers['authorization'] && req.headers['authorization'].split(' ')[1] const id: number = +req.params.id; - if (a.admin && !isAdmin(token)) { return res.status(StatusCodes.UNAUTHORIZED).end(); @@ -109,6 +108,9 @@ router.patch(ROUTE+'/user/:id', (req: express.Request, res: express.Response) => if (!isAdmin(token)) user = tokenDecode(req); + if (user === undefined) + return res.status(StatusCodes.BAD_REQUEST).end(); + if (a.username !== user.username) DBHandler.verifyUsernameExistence(a.username) .then(exists => { diff --git a/Documentation/TP-ArchiWeb.postman_collection.json b/Documentation/TP-ArchiWeb.postman_collection.json new file mode 100644 index 0000000000000000000000000000000000000000..3e1c027de15869ac5002c6dcdb9648528cd9bfdb --- /dev/null +++ b/Documentation/TP-ArchiWeb.postman_collection.json @@ -0,0 +1,534 @@ +{ + "info": { + "_postman_id": "4ce300c2-2a5c-4124-93ce-5c4c46a378e9", + "name": "TP-ArchiWeb", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" + }, + "item": [ + { + "name": "get all users", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFsZWMiLCJwYXNzd29yZCI6IjA5ODc2NTQzIiwidHlwZSI6ImFkbWluIiwiaWF0IjoxNjg0OTQ2NDA2fQ.GqEzXzEyf4wz9FZNjEuNgwoECnXDNR6IVjf00jQY3HE", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "http://0.0.0.0:30992/API/v1/user", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "user" + ] + } + }, + "response": [] + }, + { + "name": "create user", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFsZWMiLCJhZG1pbiI6MSwiaWF0IjoxNjg2MTU0NDMwfQ.kVrq-EiY1CHZqjVUux8C_YEvbMHlyO24Uq8HNcwH5iA", + "type": "string" + } + ] + }, + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"username\": \"usertest\",\n \"password\": \"test\",\n \"admin\": true\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/user", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "user" + ] + } + }, + "response": [] + }, + { + "name": "create user admin", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFsZWMiLCJhZG1pbiI6MSwiaWF0IjoxNjg2MTU0NDMwfQ.kVrq-EiY1CHZqjVUux8C_YEvbMHlyO24Uq8HNcwH5iA", + "type": "string" + } + ] + }, + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"username\": \"vincent\",\n \"password\": \"test\",\n \"admin\": true\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/user", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "user" + ] + } + }, + "response": [] + }, + { + "name": "update user", + "request": { + "method": "PATCH", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"username\": \"updated\",\n \"admin\": false\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/user/5", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "user", + "5" + ] + } + }, + "response": [] + }, + { + "name": "delete user", + "request": { + "method": "DELETE", + "header": [], + "body": { + "mode": "raw", + "raw": "", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/user/7", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "user", + "7" + ] + } + }, + "response": [] + }, + { + "name": "get questions", + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [], + "body": { + "mode": "raw", + "raw": "", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/question/2", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "question", + "2" + ] + } + }, + "response": [] + }, + { + "name": "create question", + "request": { + "auth": { + "type": "bearer" + }, + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"question\": \"Quelle est cette question de test ? - 4\",\n \"category\": \"Histoire\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/question", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "question" + ] + } + }, + "response": [] + }, + { + "name": "create question Copy", + "request": { + "auth": { + "type": "bearer" + }, + "method": "PATCH", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"question\": \"Quelle est cette question modifiée ? - 4\",\n \"category\": \"Histoire\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/question/2", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "question", + "2" + ] + } + }, + "response": [] + }, + { + "name": "delete question", + "request": { + "auth": { + "type": "bearer" + }, + "method": "DELETE", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"question\": \"Quelle est cette question de test ? - 4\",\n \"category\": \"Histoire\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/question/2", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "question", + "2" + ] + } + }, + "response": [] + }, + { + "name": "get answers", + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [], + "body": { + "mode": "raw", + "raw": "", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/answer", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "answer" + ] + } + }, + "response": [] + }, + { + "name": "create answer", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"text_answer\": \"bonsoir\",\n \"id_question\": 1,\n \"correct\": true\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/answer", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "answer" + ] + } + }, + "response": [] + }, + { + "name": "update answer", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFsZWMiLCJhZG1pbiI6MSwiaWF0IjoxNjg2MTU0NDMwfQ.kVrq-EiY1CHZqjVUux8C_YEvbMHlyO24Uq8HNcwH5iA", + "type": "string" + } + ] + }, + "method": "PATCH", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"id\": 1,\n \"text_answer\": \"modified\",\n \"id_question\": 1,\n \"correct\": 0\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/answer/1", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "answer", + "1" + ] + } + }, + "response": [] + }, + { + "name": "delete answer", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFsZWMiLCJhZG1pbiI6MSwiaWF0IjoxNjg2MTU0NDMwfQ.kVrq-EiY1CHZqjVUux8C_YEvbMHlyO24Uq8HNcwH5iA", + "type": "string" + } + ] + }, + "method": "DELETE", + "header": [], + "body": { + "mode": "raw", + "raw": "", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/answer/1", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "answer", + "1" + ] + } + }, + "response": [] + }, + { + "name": "login", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"username\": \"alec\",\n \"password\": \"alec\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://0.0.0.0:30992/API/v1/login", + "protocol": "http", + "host": [ + "0", + "0", + "0", + "0" + ], + "port": "30992", + "path": [ + "API", + "v1", + "login" + ] + } + }, + "response": [] + } + ] +} \ No newline at end of file