added different default color in teams insertion form, display a team where you are not in is now forbidden

2 years ago · 14968b773d
parent 66aaf0c8fb
commit 14968b773d
6 changed files with 47 additions and 19 deletions
--- a/sql/setup-tables.sql
+++ b/sql/setup-tables.sql
@ -10,7 +10,7 @@ CREATE TABLE Account
    email    varchar UNIQUE NOT NULL,
    username varchar        NOT NULL,
    token    varchar UNIQUE NOT NULL,
-    hash     varchar        NOT NULL
+    hash     varchar        NOT NULL,
 );

 CREATE TABLE Tactic
--- a/src/App/Controller/TeamController.php
+++ b/src/App/Controller/TeamController.php
@ -5,10 +5,12 @@ namespace IQBall\App\Controller;
 use IQBall\App\Session\SessionHandle;
 use IQBall\App\ViewHttpResponse;
 use IQBall\Core\Data\Account;
+use IQBall\Core\Http\HttpCodes;
 use IQBall\Core\Http\HttpRequest;
 use IQBall\Core\Http\HttpResponse;
 use IQBall\Core\Model\TeamModel;
 use IQBall\Core\Validation\FieldValidationFail;
+use IQBall\Core\Validation\ValidationFail;
 use IQBall\Core\Validation\Validators;

 class TeamController {
@ -129,8 +131,15 @@ class TeamController {
     * @return ViewHttpResponse a view that displays given team information
     */
    public function displayTeam(int $id, SessionHandle $session): ViewHttpResponse {
-        $result = $this->model->getTeam($id);
-        return ViewHttpResponse::twig('display_team.html.twig', ['team' => $result]);
+        $result = $this->model->getTeam($id,$session->getAccount()->getId());
+        if($result == null){
+            return ViewHttpResponse::twig('error.html.twig', [
+                'failures' => [ValidationFail::unauthorized("Vous n'avez pas accès à cette équipe.")],
+            ], HttpCodes::FORBIDDEN);
+        }
+        else{
+            return ViewHttpResponse::twig('display_team.html.twig', ['team' => $result]);
+        }
    }

    /**
@ -167,4 +176,6 @@ class TeamController {
        ]);
        return $this->displayTeam($this->model->deleteMember($request['email'], intval($request['team'])), $session);
    }
+
+
 }
--- a/src/App/Views/insert_team.html.twig
+++ b/src/App/Views/insert_team.html.twig
@ -68,7 +68,7 @@
            <label for="picture">Logo:</label>
            <input type="text" id="picture" name="picture" required>
            <label for="main_color">Couleur principale</label>
-            <input type="color" id="main_color" name="main_color" required>
+            <input type="color" value="#ffffff" id="main_color" name="main_color" required>
            <label for="second_color">Couleur secondaire</label>
            <input type="color" id="second_color" name="second_color" required>
        </div>
--- a/src/Core/Gateway/MemberGateway.php
+++ b/src/Core/Gateway/MemberGateway.php
@ -66,4 +66,24 @@ class MemberGateway {
        );
    }

+    public function isCoach(string $email, int $idTeam): ?string {
+        return $this->con->fetch(
+                "SELECT role FROM Member WHERE id_team=:team AND id_user = (SELECT id FROM Account WHERE email=:email)",
+                [
+                    "team" => [$idTeam, PDO::PARAM_INT],
+                    "email" => [$email, PDO::PARAM_STR]
+                ]
+            )[0]['role'] ?? null;
+    }
+
+    public function isMemberOfTeam(int $idTeam,int $idCurrentUser): ?int {
+        return $this->con->fetch(
+            "SELECT id_user FROM Member WHERE id_team = :team AND id_user = :user",
+                [
+                    "team" => [$idTeam, PDO::PARAM_INT],
+                    "user" => [$idCurrentUser, PDO::PARAM_INT]
+                ]
+            )[0]['idUser'] ?? null;
+    }
+
 }
--- a/src/Core/Gateway/TeamGateway.php
+++ b/src/Core/Gateway/TeamGateway.php
@ -79,15 +79,7 @@ class TeamGateway {
            )[0]['id'] ?? null;
    }

-    public function isCoach(string $email, int $idTeam): ?string {
-        return $this->con->fetch(
-                "SELECT role FROM Member WHERE id_team=:team AND id_user = (SELECT id FROM Account WHERE email=:email)",
-                [
-                    "team" => [$idTeam, PDO::PARAM_INT],
-                    "email" => [$email, PDO::PARAM_STR]
-                ]
-            )[0]['role'] ?? null;
-    }
+

    public function deleteTeam(int $idTeam): void {
        $this->con->exec(
@ -103,4 +95,5 @@ class TeamGateway {
            ]
        );
    }
+
 }
--- a/src/Core/Model/TeamModel.php
+++ b/src/Core/Model/TeamModel.php
@ -57,12 +57,16 @@ class TeamModel {
    }

    /**
-     * @param int $id
-     * @return Team
+     * @param int $idTeam
+     * @param int $idCurrentUser
+     * @return ?Team
     */
-    public function getTeam(int $id): Team {
-        $teamInfo = $this->teams->getTeamById($id);
-        $members = $this->members->getMembersOfTeam($id);
+    public function getTeam(int $idTeam, int $idCurrentUser): ?Team {
+        if($this->members->isMemberOfTeam($idTeam,$idCurrentUser) == null){
+            return null;
+        }
+        $teamInfo = $this->teams->getTeamById($idTeam);
+        $members = $this->members->getMembersOfTeam($idTeam);
        return new Team($teamInfo, $members);
    }

@ -79,7 +83,7 @@ class TeamModel {
    }

    public function deleteTeam(string $email, int $idTeam): int{
-        if($this->teams->isCoach($email,$idTeam) == "Coach" ){
+        if($this->members->isCoach($email,$idTeam) == "Coach" ){
            $this->teams->deleteTeam($idTeam);
            return 0;
        }