diff --git a/backend/docs/docs.go b/backend/docs/docs.go index 322c812..ac1589c 100644 --- a/backend/docs/docs.go +++ b/backend/docs/docs.go @@ -73,11 +73,6 @@ const docTemplate = `{ }, "/loginerenew": { "post": { - "security": [ - { - "bererToken": [] - } - ], "description": "renews the users token", "consumes": [ "application/json" @@ -88,7 +83,7 @@ const docTemplate = `{ "tags": [ "User" ], - "summary": "LoginRenews", + "summary": "renews the users token", "responses": { "200": { "description": "Successfully signed token for user", @@ -111,58 +106,6 @@ const docTemplate = `{ } } }, - "/promoteToAdmin": { - "post": { - "description": "promote chosen user to admin", - "consumes": [ - "application/json" - ], - "produces": [ - "text/plain" - ], - "tags": [ - "User" - ], - "summary": "PromoteToAdmin", - "parameters": [ - { - "description": "user info", - "name": "NewUser", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/types.NewUser" - } - } - ], - "responses": { - "200": { - "description": "Successfully prometed user", - "schema": { - "type": "json" - } - }, - "400": { - "description": "bad request", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized", - "schema": { - "type": "string" - } - }, - "500": { - "description": "Internal server error", - "schema": { - "type": "string" - } - } - } - } - }, "/register": { "post": { "description": "Register a new user", @@ -175,7 +118,7 @@ const docTemplate = `{ "tags": [ "User" ], - "summary": "Register", + "summary": "Register a new user", "parameters": [ { "description": "User to register", @@ -221,7 +164,7 @@ const docTemplate = `{ "tags": [ "User" ], - "summary": "UserDelete", + "summary": "Deletes a user", "responses": { "200": { "description": "User deleted", @@ -249,41 +192,6 @@ const docTemplate = `{ } } } - }, - "/users/all": { - "get": { - "description": "lists all users", - "consumes": [ - "application/json" - ], - "produces": [ - "text/plain" - ], - "tags": [ - "User" - ], - "summary": "ListsAllUsers", - "responses": { - "200": { - "description": "Successfully signed token for user", - "schema": { - "type": "json" - } - }, - "401": { - "description": "Unauthorized", - "schema": { - "type": "string" - } - }, - "500": { - "description": "Internal server error", - "schema": { - "type": "string" - } - } - } - } } }, "definitions": { @@ -299,13 +207,6 @@ const docTemplate = `{ } } }, - "securityDefinitions": { - "bererToken": { - "type": "apiKey", - "name": "Authorization", - "in": "header" - } - }, "externalDocs": { "description": "OpenAPI", "url": "https://swagger.io/resources/open-api/" diff --git a/backend/internal/database/db.go b/backend/internal/database/db.go index ad408a7..25dd04b 100644 --- a/backend/internal/database/db.go +++ b/backend/internal/database/db.go @@ -201,18 +201,7 @@ func (d *Db) GetProjectId(projectname string) (int, error) { // Creates a new project in the database, associated with a user func (d *Db) AddProject(name string, description string, username string) error { - tx := d.MustBegin() - _, err := tx.Exec(projectInsert, name, description, username) - if err != nil { - tx.Rollback() - return err - } - _, err = tx.Exec(changeUserRole, "project_manager", username, name) - if err != nil { - tx.Rollback() - return err - } - tx.Commit() + _, err := d.Exec(projectInsert, name, description, username) return err } diff --git a/backend/internal/handlers/handlers_user_related.go b/backend/internal/handlers/handlers_user_related.go index 96fddb7..1d94270 100644 --- a/backend/internal/handlers/handlers_user_related.go +++ b/backend/internal/handlers/handlers_user_related.go @@ -12,15 +12,15 @@ import ( // Register is a simple handler that registers a new user // -// @Summary Register +// @Summary Register a new user // @Description Register a new user // @Tags User // @Accept json // @Produce plain -// @Param NewUser body types.NewUser true "User to register" -// @Success 200 {string} string "User added" -// @Failure 400 {string} string "Bad request" -// @Failure 500 {string} string "Internal server error" +// @Param NewUser body types.NewUser true "User to register" +// @Success 200 {string} string "User added" +// @Failure 400 {string} string "Bad request" +// @Failure 500 {string} string "Internal server error" // @Router /register [post] func (gs *GState) Register(c *fiber.Ctx) error { u := new(types.NewUser) @@ -42,15 +42,15 @@ func (gs *GState) Register(c *fiber.Ctx) error { // This path should obviously be protected in the future // UserDelete deletes a user from the database // -// @Summary UserDelete +// @Summary Deletes a user // @Description UserDelete deletes a user from the database // @Tags User // @Accept json // @Produce plain -// @Success 200 {string} string "User deleted" -// @Failure 403 {string} string "You can only delete yourself" -// @Failure 500 {string} string "Internal server error" -// @Failure 401 {string} string "Unauthorized" +// @Success 200 {string} string "User deleted" +// @Failure 403 {string} string "You can only delete yourself" +// @Failure 500 {string} string "Internal server error" +// @Failure 401 {string} string "Unauthorized" // @Router /userdelete/{username} [delete] func (gs *GState) UserDelete(c *fiber.Ctx) error { // Read from path parameters @@ -79,12 +79,12 @@ func (gs *GState) UserDelete(c *fiber.Ctx) error { // @Description logs the user in and returns a jwt token // @Tags User // @Accept json -// @Param NewUser body types.NewUser true "login info" +// @Param NewUser body types.NewUser true "login info" // @Produce plain -// @Success 200 Token types.Token "Successfully signed token for user" -// @Failure 400 {string} string "Bad request" -// @Failure 401 {string} string "Unauthorized" -// @Failure 500 {string} string "Internal server error" +// @Success 200 Token types.Token "Successfully signed token for user" +// @Failure 400 {string} string "Bad request" +// @Failure 401 {string} string "Unauthorized" +// @Failure 500 {string} string "Internal server error" // @Router /login [post] func (gs *GState) Login(c *fiber.Ctx) error { // The body type is identical to a NewUser @@ -125,15 +125,14 @@ func (gs *GState) Login(c *fiber.Ctx) error { // LoginRenew is a simple handler that renews the token // -// @Summary LoginRenews +// @Summary renews the users token // @Description renews the users token -// @Security bererToken // @Tags User // @Accept json // @Produce plain -// @Success 200 Token types.Token "Successfully signed token for user" -// @Failure 401 {string} string "Unauthorized" -// @Failure 500 {string} string "Internal server error" +// @Success 200 Token types.Token "Successfully signed token for user" +// @Failure 401 {string} string "Unauthorized" +// @Failure 500 {string} string "Internal server error" // @Router /loginerenew [post] func (gs *GState) LoginRenew(c *fiber.Ctx) error { user := c.Locals("user").(*jwt.Token) @@ -159,16 +158,6 @@ func (gs *GState) LoginRenew(c *fiber.Ctx) error { } // ListAllUsers is a handler that returns a list of all users in the application database -// -// @Summary ListsAllUsers -// @Description lists all users -// @Tags User -// @Accept json -// @Produce plain -// @Success 200 {json} json "Successfully signed token for user" -// @Failure 401 {string} string "Unauthorized" -// @Failure 500 {string} string "Internal server error" -// @Router /users/all [get] func (gs *GState) ListAllUsers(c *fiber.Ctx) error { // Get all users from the database users, err := gs.Db.GetAllUsersApplication() @@ -182,17 +171,6 @@ func (gs *GState) ListAllUsers(c *fiber.Ctx) error { return c.JSON(users) } -// @Summary PromoteToAdmin -// @Description promote chosen user to admin -// @Tags User -// @Accept json -// @Produce plain -// @Param NewUser body types.NewUser true "user info" -// @Success 200 {json} json "Successfully prometed user" -// @Failure 400 {string} string "bad request" -// @Failure 401 {string} string "Unauthorized" -// @Failure 500 {string} string "Internal server error" -// @Router /promoteToAdmin [post] func (gs *GState) PromoteToAdmin(c *fiber.Ctx) error { // Extract the username from the request body var newUser types.NewUser diff --git a/backend/main.go b/backend/main.go index e578c52..9abe995 100644 --- a/backend/main.go +++ b/backend/main.go @@ -23,10 +23,6 @@ import ( // @license.name AGPL // @license.url https://www.gnu.org/licenses/agpl-3.0.html -//@securityDefinitions.apikey bererToken -//@in header -//@name Authorization - // @host localhost:8080 // @BasePath /api @@ -83,7 +79,7 @@ func main() { })) // Protected routes (require a valid JWT bearer token authentication header) - server.Post("/api/submitWeeklyReport", gs.SubmitWeeklyReport) + server.Post("/api/submitReport", gs.SubmitWeeklyReport) server.Get("/api/getUserProjects", gs.GetUserProjects) server.Post("/api/loginrenew", gs.LoginRenew) server.Delete("/api/userdelete/:username", gs.UserDelete) // Perhaps just use POST to avoid headaches @@ -93,7 +89,7 @@ func main() { server.Post("/api/signReport", gs.SignReport) server.Put("/api/addUserToProject", gs.AddUserToProjectHandler) server.Post("/api/promoteToAdmin", gs.PromoteToAdmin) - server.Get("/api/users/all", gs.ListAllUsers) + // Announce the port we are listening on and start the server err = server.Listen(fmt.Sprintf(":%d", conf.Port)) if err != nil { diff --git a/testing.py b/testing.py index a3de715..1eea03b 100644 --- a/testing.py +++ b/testing.py @@ -2,16 +2,6 @@ import requests import string import random -debug_output = False - -def gprint(*args, **kwargs): - print("\033[92m", *args, "\033[00m", **kwargs) - -print("Running Tests...") - -def dprint(*args, **kwargs): - if debug_output: - print(*args, **kwargs) def randomString(len=10): """Generate a random string of fixed length""" @@ -30,7 +20,7 @@ base_url = "http://localhost:8080" registerPath = base_url + "/api/register" loginPath = base_url + "/api/login" addProjectPath = base_url + "/api/project" -submitReportPath = base_url + "/api/submitWeeklyReport" +submitReportPath = base_url + "/api/submitReport" getWeeklyReportPath = base_url + "/api/getWeeklyReport" getProjectPath = base_url + "/api/project" signReportPath = base_url + "/api/signReport" @@ -41,7 +31,7 @@ getUserProjectsPath = base_url + "/api/getUserProjects" def test_get_user_projects(): - dprint("Testing get user projects") + print("Testing get user projects") loginResponse = login("user2", "123") # Check if the user is added to the project response = requests.get( @@ -49,29 +39,29 @@ def test_get_user_projects(): json={"username": "user2"}, headers={"Authorization": "Bearer " + loginResponse.json()["token"]}, ) - dprint(response.text) - dprint(response.json()) + print(response.text) + print(response.json()) assert response.status_code == 200, "Get user projects failed" - gprint("test_get_user_projects successful") + print("got user projects successfully") # Posts the username and password to the register endpoint def register(username: string, password: string): - dprint("Registering with username: ", username, " and password: ", password) + print("Registering with username: ", username, " and password: ", password) response = requests.post( registerPath, json={"username": username, "password": password} ) - dprint(response.text) + print(response.text) return response # Posts the username and password to the login endpoint def login(username: string, password: string): - dprint("Logging in with username: ", username, " and password: ", password) + print("Logging in with username: ", username, " and password: ", password) response = requests.post( loginPath, json={"username": username, "password": password} ) - dprint(response.text) + print(response.text) return response @@ -79,8 +69,7 @@ def login(username: string, password: string): def test_login(): response = login(username, "always_same") assert response.status_code == 200, "Login failed" - dprint("Login successful") - gprint("test_login successful") + print("Login successful") return response.json()["token"] @@ -88,7 +77,8 @@ def test_login(): def test_create_user(): response = register(username, "always_same") assert response.status_code == 200, "Registration failed" - gprint("test_create_user successful") + print("Registration successful") + # Test function to add a project def test_add_project(): @@ -99,9 +89,10 @@ def test_add_project(): json={"name": projectName, "description": "This is a project"}, headers={"Authorization": "Bearer " + token}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Add project failed" - gprint("test_add_project successful") + print("Add project successful") + # Test function to submit a report def test_submit_report(): @@ -120,9 +111,10 @@ def test_submit_report(): }, headers={"Authorization": "Bearer " + token}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Submit report failed" - gprint("test_submit_report successful") + print("Submit report successful") + # Test function to get a weekly report def test_get_weekly_report(): @@ -132,9 +124,8 @@ def test_get_weekly_report(): headers={"Authorization": "Bearer " + token}, params={"username": username, "projectName": projectName, "week": 1}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Get weekly report failed" - gprint("test_get_weekly_report successful") # Tests getting a project by id @@ -144,9 +135,8 @@ def test_get_project(): getProjectPath + "/1", # Assumes that the project with id 1 exists headers={"Authorization": "Bearer " + token}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Get project failed" - gprint("test_get_project successful") # Test function to add a user to a project @@ -154,13 +144,13 @@ def test_add_user_to_project(): # Log in as a site admin admin_username = randomString() admin_password = "admin_password" - dprint( + print( "Registering with username: ", admin_username, " and password: ", admin_password ) response = requests.post( registerPath, json={"username": admin_username, "password": admin_password} ) - dprint(response.text) + print(response.text) admin_token = login(admin_username, admin_password).json()["token"] response = requests.post( @@ -168,9 +158,9 @@ def test_add_user_to_project(): json={"username": admin_username}, headers={"Authorization": "Bearer " + admin_token}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Promote to site admin failed" - dprint("Admin promoted to site admin successfully") + print("Admin promoted to site admin successfully") # Create a new user to add to the project new_user = randomString() @@ -183,9 +173,10 @@ def test_add_user_to_project(): headers={"Authorization": "Bearer " + admin_token}, ) - dprint(response.text) + print(response.text) assert response.status_code == 200, "Add user to project failed" - gprint("test_add_user_to_project successful") + print("Add user to project successful") + # Test function to sign a report def test_sign_report(): @@ -196,13 +187,13 @@ def test_sign_report(): # Register an admin admin_username = randomString() admin_password = "admin_password2" - dprint( + print( "Registering with username: ", admin_username, " and password: ", admin_password ) response = requests.post( registerPath, json={"username": admin_username, "password": admin_password} ) - dprint(response.text) + print(response.text) # Log in as the admin admin_token = login(admin_username, admin_password).json()["token"] @@ -222,7 +213,7 @@ def test_sign_report(): headers={"Authorization": "Bearer " + admin_token}, ) assert response.status_code == 200, "Add project manager to project failed" - dprint("Project manager added to project successfully") + print("Project manager added to project successfully") # Log in as the project manager project_manager_token = login(project_manager, "project_manager_password").json()[ @@ -246,7 +237,7 @@ def test_sign_report(): headers={"Authorization": "Bearer " + token}, ) assert response.status_code == 200, "Submit report failed" - dprint("Submit report successful") + print("Submit report successful") # Retrieve the report ID response = requests.get( @@ -254,7 +245,7 @@ def test_sign_report(): headers={"Authorization": "Bearer " + token}, params={"username": username, "projectName": projectName, "week": 1}, ) - dprint(response.text) + print(response.text) report_id = response.json()["reportId"] # Sign the report as the project manager @@ -264,7 +255,7 @@ def test_sign_report(): headers={"Authorization": "Bearer " + project_manager_token}, ) assert response.status_code == 200, "Sign report failed" - dprint("Sign report successful") + print("Sign report successful") # Retrieve the report ID again for confirmation response = requests.get( @@ -272,8 +263,7 @@ def test_sign_report(): headers={"Authorization": "Bearer " + token}, params={"username": username, "projectName": projectName, "week": 1}, ) - dprint(response.text) - gprint("test_sign_report successful") + print(response.text) if __name__ == "__main__":