diff --git a/backend/internal/database/db.go b/backend/internal/database/db.go index 12b0ee1..d444b85 100644 --- a/backend/internal/database/db.go +++ b/backend/internal/database/db.go @@ -47,8 +47,6 @@ type Database interface { GetUserName(id int) (string, error) UnsignWeeklyReport(reportId int, projectManagerId int) error DeleteReport(reportID int) error - ChangeProjectName(projectName string, newProjectName string) error - ChangeUserPassword(username string, password string) error } // This struct is a wrapper type that holds the database connection @@ -672,14 +670,3 @@ func (d *Db) DeleteReport(reportID int) error { _, err := d.Exec("DELETE FROM weekly_reports WHERE report_id = ?", reportID) return err } - -// ChangeProjectName is a handler that changes the name of a project -func (d *Db) ChangeProjectName(projectName string, newProjectName string) error { - _, err := d.Exec("UPDATE projects SET name = ? WHERE name = ?", newProjectName, projectName) - return err -} - -func (d *Db) ChangeUserPassword(username string, password string) error { - _, err := d.Exec("UPDATE users SET password = ? WHERE username = ?", password, username) - return err -} diff --git a/backend/internal/database/db_test.go b/backend/internal/database/db_test.go index 7b599f2..f24175a 100644 --- a/backend/internal/database/db_test.go +++ b/backend/internal/database/db_test.go @@ -1092,53 +1092,3 @@ func TestDeleteReport(t *testing.T) { } } - -func TestChangeProjectName(t *testing.T) { - db, err := setupAdvancedState() - if err != nil { - t.Error("setupState failed:", err) - } - - // Promote user to Admin - err = db.PromoteToAdmin("demouser") - if err != nil { - t.Error("PromoteToAdmin failed:", err) - } - - // Change project name - err = db.ChangeProjectName("projecttest", "newprojectname") - if err != nil { - t.Error("ChangeProjectName failed:", err) - } - - // Check if the project name was changed - projects, err := db.GetAllProjects() - if err != nil { - t.Error("GetAllProjects failed:", err) - } - if projects[0].Name != "newprojectname" { - t.Error("ChangeProjectName failed: expected newprojectname, got", projects[0].Name) - } -} - -func TestChangeUserPassword(t *testing.T) { - db, err := setupState() - if err != nil { - t.Error("setupState failed:", err) - } - - // Add a user - _ = db.AddUser("testuser", "password") - - // Change user password - err = db.ChangeUserPassword("testuser", "newpassword") - if err != nil { - t.Error("ChangeUserPassword failed:", err) - } - - // Check if the password was changed - if !db.CheckUser("testuser", "newpassword") { - t.Error("ChangeUserPassword failed: password not changed") - } - -} diff --git a/backend/internal/handlers/projects/ChangeProjectName.go b/backend/internal/handlers/projects/ChangeProjectName.go deleted file mode 100644 index f6831db..0000000 --- a/backend/internal/handlers/projects/ChangeProjectName.go +++ /dev/null @@ -1,43 +0,0 @@ -package projects - -import ( - db "ttime/internal/database" - - "github.com/gofiber/fiber/v2" - "github.com/gofiber/fiber/v2/log" - "github.com/golang-jwt/jwt/v5" -) - -// ChangeProjectName is a handler that changes the name of a project -func ChangeProjectName(c *fiber.Ctx) error { - - //check token and get username of current user - user := c.Locals("user").(*jwt.Token) - claims := user.Claims.(jwt.MapClaims) - username := claims["name"].(string) - - // Extract the necessary parameters from the request - projectName := c.Params("projectName") - newProjectName := c.Query("newProjectName") - - // Check if user is site admin - issiteadmin, err := db.GetDb(c).IsSiteAdmin(username) - if err != nil { - log.Warn("Error checking if siteadmin:", err) - return c.Status(500).SendString(err.Error()) - } else if !issiteadmin { - log.Warn("User is not siteadmin") - return c.Status(401).SendString("User is not siteadmin") - } - - - // Perform the project name change - err = db.GetDb(c).ChangeProjectName(projectName, newProjectName) - if err != nil { - log.Warn("Error changing project name:", err) - return c.Status(500).SendString(err.Error()) - } - - // Return a success message - return c.Status(200).SendString("Project name changed successfully") -} diff --git a/backend/internal/handlers/reports/Statistics.go b/backend/internal/handlers/reports/Statistics.go index dac017d..8afa0f0 100644 --- a/backend/internal/handlers/reports/Statistics.go +++ b/backend/internal/handlers/reports/Statistics.go @@ -16,7 +16,6 @@ func GetStatistics(c *fiber.Ctx) error { // Extract project name from query parameters projectName := c.Query("projectName") - userNameParam := c.Query("userName") log.Info(username, " trying to get statistics for project: ", projectName) @@ -25,23 +24,18 @@ func GetStatistics(c *fiber.Ctx) error { return c.Status(400).SendString("Missing project name") } - // Check if the user is a project manager + // If the user is not a project manager, they can't view statistics pm, err := db.GetDb(c).IsProjectManager(username, projectName) if err != nil { log.Info("Error checking if user is project manager:", err) return c.Status(500).SendString(err.Error()) } - // Bail if the user is not a PM or checking its own statistics - if !pm && userNameParam != "" && userNameParam != username { - log.Info("Unauthorized access for user: ", username, "trying to access project: ", projectName, "statistics for user: ", userNameParam) + if !pm { + log.Info("Unauthorized access") return c.Status(403).SendString("Unauthorized access") } - if pm && userNameParam != "" { - username = userNameParam - } - // Retrieve statistics for the project from the database statistics, err := db.GetDb(c).ReportStatistics(username, projectName) if err != nil { diff --git a/backend/internal/handlers/users/ChangeUserPassword.go b/backend/internal/handlers/users/ChangeUserPassword.go deleted file mode 100644 index 1596247..0000000 --- a/backend/internal/handlers/users/ChangeUserPassword.go +++ /dev/null @@ -1,42 +0,0 @@ -package users - -import ( - db "ttime/internal/database" - - "github.com/gofiber/fiber/v2" - "github.com/gofiber/fiber/v2/log" - "github.com/golang-jwt/jwt/v5" -) - -// ChangeUserPassword is a handler that changes the password of a user -func ChangeUserPassword(c *fiber.Ctx) error { - - //Check token and get username of current user - user := c.Locals("user").(*jwt.Token) - claims := user.Claims.(jwt.MapClaims) - admin := claims["name"].(string) - - // Extract the necessary parameters from the request - username := c.Params("username") - newPassword := c.Query("newPassword") - - // Check if user is site admin - issiteadmin, err := db.GetDb(c).IsSiteAdmin(admin) - if err != nil { - log.Warn("Error checking if siteadmin:", err) - return c.Status(500).SendString(err.Error()) - } else if !issiteadmin { - log.Warn("User is not siteadmin") - return c.Status(401).SendString("User is not siteadmin") - } - - // Perform the password change - err = db.GetDb(c).ChangeUserPassword(username, newPassword) - if err != nil { - log.Warn("Error changing password:", err) - return c.Status(500).SendString(err.Error()) - } - - // Return a success message - return c.Status(200).SendString("Password changed successfully") -} diff --git a/backend/main.go b/backend/main.go index 282f2c2..8a3466a 100644 --- a/backend/main.go +++ b/backend/main.go @@ -110,7 +110,6 @@ func main() { api.Post("/promoteToAdmin", users.PromoteToAdmin) api.Put("/changeUserName", users.ChangeUserName) api.Delete("/userdelete/:username", users.UserDelete) // Perhaps just use POST to avoid headaches - api.Put("/changeUserPassword/:username", users.ChangeUserPassword) // All project related routes // projectGroup := api.Group("/project") // Not currently in use @@ -126,7 +125,6 @@ func main() { api.Delete("/removeUserFromProject/:projectName", projects.RemoveUserFromProject) api.Delete("/removeProject/:projectName", projects.RemoveProject) api.Delete("/project/:projectID", projects.DeleteProject) - api.Put("/ChangeProjectName/:projectName", projects.ChangeProjectName) // All report related routes // reportGroup := api.Group("/report") // Not currently in use diff --git a/frontend/src/API/API.ts b/frontend/src/API/API.ts index 29789c4..eb9f3f0 100644 --- a/frontend/src/API/API.ts +++ b/frontend/src/API/API.ts @@ -269,32 +269,7 @@ interface API { getStatistics( projectName: string, token: string, - userName?: string, ): Promise>; - - /** - * Changes the name of a project - * @param {string} projectName The name of the project - * @param {string} newProjectName The new name of the project - * @param {string} token The authentication token - */ - changeProjectName( - projectName: string, - newProjectName: string, - token: string, - ): Promise>; - - /** - * Changes the password of a user - * @param {string} username The username of the user - * @param {string} newPassword The new password - * @param {string} token The authentication token - */ - changeUserPassword( - username: string, - newPassword: string, - token: string, - ): Promise>; } /** An instance of the API */ @@ -1002,11 +977,10 @@ export const api: API = { async getStatistics( token: string, projectName: string, - userName?: string, ): Promise> { try { const response = await fetch( - `/api/getStatistics/?projectName=${projectName}&userName=${userName ?? ""}`, + `/api/getStatistics/?projectName=${projectName}`, { method: "GET", headers: { @@ -1026,58 +1000,4 @@ export const api: API = { return { success: false, message: "Failed to get statistics" }; } }, - - async changeProjectName( - projectName: string, - newProjectName: string, - token: string, - ): Promise> { - try { - const response = await fetch( - `/api/changeProjectName/${projectName}?newProjectName=${newProjectName}`, - { - method: "PUT", - headers: { - "Content-Type": "application/json", - Authorization: "Bearer " + token, - }, - }, - ); - - if (!response.ok) { - return { success: false, message: "Failed to change project name" }; - } else { - return { success: true, message: "Project name changed" }; - } - } catch (e) { - return { success: false, message: "Failed to change project name" }; - } - }, - - async changeUserPassword( - username: string, - newPassword: string, - token: string, - ): Promise> { - try { - const response = await fetch( - `/api/changePassword/${username}?newPassword=${newPassword}`, - { - method: "PUT", - headers: { - "Content-Type": "application/json", - Authorization: "Bearer " + token, - }, - }, - ); - - if (!response.ok) { - return { success: false, message: "Failed to change password" }; - } else { - return { success: true, message: "Password changed" }; - } - } catch (e) { - return { success: false, message: "Failed to change password" }; - } - }, }; diff --git a/testing/helpers.py b/testing/helpers.py index 634933a..8d6b148 100644 --- a/testing/helpers.py +++ b/testing/helpers.py @@ -37,8 +37,6 @@ promoteToPmPath = base_url + "/api/promoteToPm" unsignReportPath = base_url + "/api/unsignReport" deleteReportPath = base_url + "/api/deleteReport" getStatisticsPath = base_url + "/api/getStatistics" -changeProjectNamePath = base_url + "/api/changeProjectName" -changeUserPasswordPath = base_url + "/api/changeUserPassword" debug_output = False @@ -172,20 +170,4 @@ def getStatistics(token: string, projectName: string): headers = {"Authorization": "Bearer " + token}, params={"projectName": projectName} ) - return response.json() - -def changeProjectName(token: string, projectName: string, newProjectName: string): - response = requests.put( - changeProjectNamePath + "/" + projectName, - headers = {"Authorization": "Bearer " + token}, - params={"newProjectName": newProjectName} - ) - return response - -def changeUserPassword(token: string, username: string, newPassword: string): - response = requests.put( - changeUserPasswordPath + "/" + username, - headers = {"Authorization": "Bearer " + token}, - params={"newPassword": newPassword} - ) - return response \ No newline at end of file + return response.json() \ No newline at end of file diff --git a/testing/testing.py b/testing/testing.py index 6baf8f0..daad215 100644 --- a/testing/testing.py +++ b/testing/testing.py @@ -666,82 +666,8 @@ def test_get_statistics(): assert stats["totalDevelopmentTime"] == 20, "Total development time is not correct" gprint("test_get_statistics successful") -def test_project_name_change(): - # Create admin - admin_username = randomString() - admin_password = randomString() - - project_name = "project" + randomString() - - token = register_and_login(admin_username, admin_password) - - # Promote to admin - response = requests.post( - promoteToAdminPath, - json={"username": admin_username}, - headers={"Authorization": "Bearer " + token}, - ) - - - response = create_project(token, project_name) - assert response.status_code == 200, "Create project failed" - - response = requests.get( - getUserProjectsPath + "/" + admin_username, - headers={"Authorization": "Bearer " + token}, - ) - - dprint(response.json()) - - new_project_name = "new project name " + randomString() - dprint("Changing project name from ", project_name, " to ", new_project_name) - response = changeProjectName(token, project_name, new_project_name) - - response = requests.get( - getUserProjectsPath + "/" + admin_username, - headers={"Authorization": "Bearer " + token}, - ) - - dprint(response.json()) - - if (response.json()[0]["name"] != new_project_name): - assert False, "Project name change failed" - - - assert response.status_code == 200, "Project name change failed" - gprint("test_projectNameChange successful") - -def test_change_user_password(): - # Create admin - admin_username = randomString() - admin_password = randomString() - - user = randomString() - password = randomString() - - token = register_and_login(admin_username, admin_password) - - # Promote to admin - response = requests.post( - promoteToAdminPath, - json={"username": admin_username}, - headers={"Authorization": "Bearer " + token}, - ) - - _ = register_and_login(user, password) - - response = changeUserPassword(token, user, "new_password") - assert response.status_code == 200, "Change user password failed" - - response = login(user, "new_password") - assert response.status_code == 200, "Login failed with new password" - - gprint("test_change_user_password successful") - if __name__ == "__main__": - test_change_user_password() - test_project_name_change(); test_delete_report() test_unsign_report() test_promote_to_manager()