Doc + Security

344fc7b0 · thibaut-felten · b7301862 · 344fc7b0 · 344fc7b0 · 344fc7b0
Commit 344fc7b0 authored Nov 22, 2020 by thibaut-felten
Showing with 39 additions and 6 deletions

UserController.class.php backend/MVC/controller/UserController.class.php +19 -6

delete_user.md backend/MVC/doc/delete_user.md +10 -0

get_user.md backend/MVC/doc/get_user.md +10 -0

No files found.
--- a/backend/MVC/controller/UserController.class.php
+++ b/backend/MVC/controller/UserController.class.php
@@ -47,14 +47,22 @@ class UserController extends Controller {
    protected function getUser($id)
    {
        $user = User::getUserById($id);
-        
-        $response = new Response(200,json_encode($user));
+        if($user == Array()){
+            $response = Response::errorInParametersResponse("User not found");
+        }else{
+            $response = new Response(200,json_encode($user));
+        }
        return $response;
    }

    protected function deleteUser($id){
-        User::deleteUser($id);
-        $response = Response::okResponse("User deleted");
+        $user = User::getUserById($id);
+        if($user == Array()){
+            $response = Response::errorInParametersResponse("User not found");
+        }else{
+            User::deleteUser($id);
+            $response = Response::okResponse("User deleted");
+        }
        return $response;
    }

@@ -113,8 +121,13 @@ class UserController extends Controller {

    protected function createUser($data)
    {
-        $user = User::createUser(array( "login" => $data['USER_LOGIN'], "password" => $data['USER_PASSWORD'], "role" => $data['USER_ROLE'], "email" => $data['USER_EMAIL'],"lastname" => $data['USER_LASTNAME'],"firstname" => $data['USER_FIRSTNAME']));
-        $response = new Response(200,json_encode($user));
+        if(array_key_exists("USER_LOGIN", $data) && array_key_exists("USER_PASSWORD", $data) && array_key_exists("USER_ROLE", $data) && array_key_exists("USER_EMAIL", $data) && array_key_exists("USER_LASTNAME", $data) && array_key_exists("USER_FIRSTNAME", $data)){
+            $user = User::createUser(array( "login" => $data['USER_LOGIN'], "password" => $data['USER_PASSWORD'], "role" => $data['USER_ROLE'], "email" => $data['USER_EMAIL'],"lastname" => $data['USER_LASTNAME'],"firstname" => $data['USER_FIRSTNAME']));
+            $response = new Response(200,json_encode($user));
+        }else{
+            $response = Response::errorInParametersResponse("Parameters missing");
+        }
+        
        return $response;
    }
 }
--- a/backend/MVC/doc/delete_user.md
+++ b/backend/MVC/doc/delete_user.md
@@ -16,3 +16,13 @@ Used to delete a user account.
 **Content example**

 `"User deleted"`
+
+## Error Response
+
+### Mauvais id
+
+**Code** : `400 Bad Request`
+
+**Content example**
+
+`"User not found"`
--- a/backend/MVC/doc/get_user.md
+++ b/backend/MVC/doc/get_user.md
@@ -26,3 +26,13 @@ Used to retrieve the information of one user
        "USER_ROLE": "1"
    }
 ```
+
+## Error Response
+
+### Mauvais identifiant
+
+**Code** : `400 Bad Request`
+
+**Content example**
+
+`"User not found"`