the bug has been fixed + set a limit for the size of team's logo

front/style/team_panel.css

@@ -77,7 +77,8 @@ header h1 a{
     width: 90%;
     aspect-ratio: 3/2;
     object-fit: contain;
-    mix-blend-mode: color-burn;
+    max-width: 50%;
+    max-height: 50%;
 }
 
 #delete{

public/index.php

@@ -106,7 +106,7 @@ function getRoutes(): AltoRouter {
     $ar->map("GET", "/team/[i:id]/delete", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->deleteTeamById($id,$s)));
     $ar->map("GET", "/team/[i:id]/addMember", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->displayAddMember($id,$s)));
     $ar->map("POST", "/team/[i:id]/addMember", Action::auth(fn(int $id,SessionHandle $s) => getTeamController()->addMember($id,$_POST, $s)));
-    $ar->map("POST", "/team/[i:idTeam]/remove/[i:idMember]", Action::auth(fn(int $idTeam,int $idMember,SessionHandle $s) => getTeamController()->deleteMember($idTeam,$idMember, $s)));
+    $ar->map("GET", "/team/[i:idTeam]/remove/[i:idMember]", Action::auth(fn(int $idTeam,int $idMember,SessionHandle $s) => getTeamController()->deleteMember($idTeam,$idMember, $s)));
 
     return $ar;
 }

src/App/Controller/TeamController.php

@@ -156,7 +156,11 @@ class TeamController {
      */
     public function addMember(int $idTeam,array $request, SessionHandle $session): HttpResponse {
         $errors = [];
-
+        if(!$this->model->isCoach($idTeam,$session->getAccount()->getUser()->getEmail())){
+            return ViewHttpResponse::twig('error.html.twig', [
+                'failures' => [ValidationFail::unauthorized("Vous n'avez pas accès à cette équipe.")],
+            ], HttpCodes::FORBIDDEN);
+        }
         $request = HttpRequest::from($request, $errors, [
             "email" => [Validators::email(), Validators::lenBetween(5, 256)],
         ]);