added different default color in teams insertion form, display a team where you are not in is now forbidden
continuous-integration/drone/push Build is passing Details

pull/84/head
Maël DAIM 2 years ago
parent 66aaf0c8fb
commit 14968b773d

@ -10,7 +10,7 @@ CREATE TABLE Account
email varchar UNIQUE NOT NULL,
username varchar NOT NULL,
token varchar UNIQUE NOT NULL,
hash varchar NOT NULL
hash varchar NOT NULL,
);
CREATE TABLE Tactic

@ -5,10 +5,12 @@ namespace IQBall\App\Controller;
use IQBall\App\Session\SessionHandle;
use IQBall\App\ViewHttpResponse;
use IQBall\Core\Data\Account;
use IQBall\Core\Http\HttpCodes;
use IQBall\Core\Http\HttpRequest;
use IQBall\Core\Http\HttpResponse;
use IQBall\Core\Model\TeamModel;
use IQBall\Core\Validation\FieldValidationFail;
use IQBall\Core\Validation\ValidationFail;
use IQBall\Core\Validation\Validators;
class TeamController {
@ -129,8 +131,15 @@ class TeamController {
* @return ViewHttpResponse a view that displays given team information
*/
public function displayTeam(int $id, SessionHandle $session): ViewHttpResponse {
$result = $this->model->getTeam($id);
return ViewHttpResponse::twig('display_team.html.twig', ['team' => $result]);
$result = $this->model->getTeam($id,$session->getAccount()->getId());
if($result == null){
return ViewHttpResponse::twig('error.html.twig', [
'failures' => [ValidationFail::unauthorized("Vous n'avez pas accès à cette équipe.")],
], HttpCodes::FORBIDDEN);
}
else{
return ViewHttpResponse::twig('display_team.html.twig', ['team' => $result]);
}
}
/**
@ -167,4 +176,6 @@ class TeamController {
]);
return $this->displayTeam($this->model->deleteMember($request['email'], intval($request['team'])), $session);
}
}

@ -68,7 +68,7 @@
<label for="picture">Logo:</label>
<input type="text" id="picture" name="picture" required>
<label for="main_color">Couleur principale</label>
<input type="color" id="main_color" name="main_color" required>
<input type="color" value="#ffffff" id="main_color" name="main_color" required>
<label for="second_color">Couleur secondaire</label>
<input type="color" id="second_color" name="second_color" required>
</div>

@ -66,4 +66,24 @@ class MemberGateway {
);
}
public function isCoach(string $email, int $idTeam): ?string {
return $this->con->fetch(
"SELECT role FROM Member WHERE id_team=:team AND id_user = (SELECT id FROM Account WHERE email=:email)",
[
"team" => [$idTeam, PDO::PARAM_INT],
"email" => [$email, PDO::PARAM_STR]
]
)[0]['role'] ?? null;
}
public function isMemberOfTeam(int $idTeam,int $idCurrentUser): ?int {
return $this->con->fetch(
"SELECT id_user FROM Member WHERE id_team = :team AND id_user = :user",
[
"team" => [$idTeam, PDO::PARAM_INT],
"user" => [$idCurrentUser, PDO::PARAM_INT]
]
)[0]['idUser'] ?? null;
}
}

@ -79,15 +79,7 @@ class TeamGateway {
)[0]['id'] ?? null;
}
public function isCoach(string $email, int $idTeam): ?string {
return $this->con->fetch(
"SELECT role FROM Member WHERE id_team=:team AND id_user = (SELECT id FROM Account WHERE email=:email)",
[
"team" => [$idTeam, PDO::PARAM_INT],
"email" => [$email, PDO::PARAM_STR]
]
)[0]['role'] ?? null;
}
public function deleteTeam(int $idTeam): void {
$this->con->exec(
@ -103,4 +95,5 @@ class TeamGateway {
]
);
}
}

@ -57,12 +57,16 @@ class TeamModel {
}
/**
* @param int $id
* @return Team
* @param int $idTeam
* @param int $idCurrentUser
* @return ?Team
*/
public function getTeam(int $id): Team {
$teamInfo = $this->teams->getTeamById($id);
$members = $this->members->getMembersOfTeam($id);
public function getTeam(int $idTeam, int $idCurrentUser): ?Team {
if($this->members->isMemberOfTeam($idTeam,$idCurrentUser) == null){
return null;
}
$teamInfo = $this->teams->getTeamById($idTeam);
$members = $this->members->getMembersOfTeam($idTeam);
return new Team($teamInfo, $members);
}
@ -79,7 +83,7 @@ class TeamModel {
}
public function deleteTeam(string $email, int $idTeam): int{
if($this->teams->isCoach($email,$idTeam) == "Coach" ){
if($this->members->isCoach($email,$idTeam) == "Coach" ){
$this->teams->deleteTeam($idTeam);
return 0;
}

Loading…
Cancel
Save