From 5aa6a7602780b68633889b2d7814f4f80434127e Mon Sep 17 00:00:00 2001
From: "mael.daim" <Mael.DAIM@etu.uca.fr>
Date: Thu, 21 Dec 2023 09:06:36 +0100
Subject: [PATCH] the bug has been fixed + set a limit for the size of team's
 logo

---
 front/style/team_panel.css            | 3 ++-
 public/index.php                      | 2 +-
 src/App/Controller/TeamController.php | 6 +++++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/front/style/team_panel.css b/front/style/team_panel.css
index 935ed96..8c1d435 100644
--- a/front/style/team_panel.css
+++ b/front/style/team_panel.css
@@ -77,7 +77,8 @@ header h1 a{
     width: 90%;
     aspect-ratio: 3/2;
     object-fit: contain;
-    mix-blend-mode: color-burn;
+    max-width: 50%;
+    max-height: 50%;
 }
 
 #delete{
diff --git a/public/index.php b/public/index.php
index 46da6c5..4a4f0d4 100644
--- a/public/index.php
+++ b/public/index.php
@@ -106,7 +106,7 @@ function getRoutes(): AltoRouter {
     $ar->map("GET", "/team/[i:id]/delete", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->deleteTeamById($id,$s)));
     $ar->map("GET", "/team/[i:id]/addMember", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->displayAddMember($id,$s)));
     $ar->map("POST", "/team/[i:id]/addMember", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->addMember($id,$_POST, $s)));
-    $ar->map("POST", "/team/[i:idTeam]/remove/[i:idMember]", Action::auth(fn(int $idTeam,int $idMember,SessionHandle $s) => getTeamController()->deleteMember($idTeam,$idMember, $s)));
+    $ar->map("GET", "/team/[i:idTeam]/remove/[i:idMember]", Action::auth(fn(int $idTeam,int $idMember,SessionHandle $s) => getTeamController()->deleteMember($idTeam,$idMember, $s)));
 
     return $ar;
 }
diff --git a/src/App/Controller/TeamController.php b/src/App/Controller/TeamController.php
index 45b14a2..acc4839 100644
--- a/src/App/Controller/TeamController.php
+++ b/src/App/Controller/TeamController.php
@@ -156,7 +156,11 @@ class TeamController {
      */
     public function addMember(int $idTeam,array $request, SessionHandle $session): HttpResponse {
         $errors = [];
-
+        if(!$this->model->isCoach($idTeam,$session->getAccount()->getUser()->getEmail())){
+            return ViewHttpResponse::twig('error.html.twig', [
+                'failures' => [ValidationFail::unauthorized("Vous n'avez pas accès à cette équipe.")],
+            ], HttpCodes::FORBIDDEN);
+        }
         $request = HttpRequest::from($request, $errors, [
             "email" => [Validators::email(), Validators::lenBetween(5, 256)],
         ]);