Add all users endpoints to apib

api/apib/army-management/awardings.apib

@@ -3,15 +3,15 @@
 List all awardings
 
 + Parameters
-    + userId (string, optional)
+    + userId: `5ab68d42f547ed304064e5f7` (string, optional)
         specific army member Id to show the awardings for
 
-    + inProgress (boolean, optional)
+    + inProgress: false (boolean, optional)
         true to filter by awarding state 'in progress'
 
         + Default: false
 
-    + fractFilter (enum[string], optional)
+    + fractFilter: `BLUFOR` (enum[string], optional)
         Field to filter by fraction
 
         + Members
@@ -22,4 +22,4 @@ List all awardings
 
 + Response 200
 
-    + Attributes (array[Awarding])
+    + Attributes (array[Awarding], fixed-type)

api/apib/army-management/decorations.apib

@@ -3,10 +3,10 @@
 List all decorations
 
 + Parameters
-    + q (string, optional)
+    + q: `tapferkeit` (string, optional)
          Filter string for the partial decoration name
 
-    + fractFilter (enum[string], optional)
+    + fractFilter: `BLUFOR` (enum[string], optional)
         Field to filter by fraction
 
         + Members
@@ -16,4 +16,16 @@ List all decorations
 
 + Response 200
 
-    + Attributes (array[Decoration])
+    + Attributes (array[Decoration], fixed-type)
+
+
+### GET Decoration [GET /decorations/{id}]
+
+Retrieve single decoration data
+
++ Parameters
+    + id: `5abd3dff6e6a0334d95b8ba0` (string, required) - unique id of the decoration to fetch
+
++ Response 200
+
+    + Attributes (Decoration, fixed-type)

api/apib/army-management/promotions.apib

@@ -3,15 +3,15 @@
 List all promotion requests
 
 + Parameters
-    + squadId (string, optional)
+    + squadId: `591470249e9fae286e008e31` (string, optional)
          specific squad Id to show the promotion requests for
 
-    + inProgress (boolean, optional)
+    + inProgress: false (boolean, optional)
         true to filter by promotion state 'in progress'
 
         + Default: false
 
-    + fractFilter (enum[string], optional)
+    + fractFilter: `BLUFOR` (enum[string], optional)
         Field to filter by fraction
 
         + Members

api/apib/army-management/ranks.apib

@@ -5,7 +5,7 @@ List all ranks
 + Parameters
     + q: `Gefr` (string, optional) - filter string which filters for partial rank name
 
-    + fractFilter (enum[string], optional)
+    + fractFilter: `BLUFOR` (enum[string], optional)
         Field to filter by fraction
 
         + Members
@@ -15,4 +15,16 @@ List all ranks
 
 + Response 200
 
-    + Attributes (array[Rank])
+    + Attributes (array[Rank], fixed-type)
+
+
+### GET Rank [GET /ranks/{id}]
+
+Retrieve single rank data
+
++ Parameters
+    + id: `5aba5504eadcce6332c6a775` (string, required) - unique id of the rank to fetch
+
++ Response 200
+
+    + Attributes (Rank, fixed-type)

api/apib/army-management/users.apib

@@ -1,11 +1,11 @@
-### GET Users [GET /users{?q,fractFilter,limit,offset}]
+### Get Users [GET /users{?q,fractFilter,limit,offset}]
 
 Get single army member information
 
 + Parameters
     + q: `hardi` (string, optional) - filter string which filters for partial username
 
-    + fractFilter (enum[string], optional)
+    + fractFilter: `BLUFOR` (enum[string], optional)
         Field to filter by fraction
 
         + Members
@@ -18,7 +18,7 @@ Get single army member information
 
         + Default: Infinity
 
-    + offset (number, optional)
+    + offset: 0 (number, optional)
         Offset into result-set (useful for pagination)
 
         + Default: 0
@@ -32,7 +32,7 @@ Get single army member information
     + Attributes (array[User], fixed-type)
 
 
-### GET User [GET /users/{id}]
+### Get User [GET /users/{id}]
 
 Get single army member information
 
@@ -42,3 +42,46 @@ Get single army member information
 + Response 200
 
     + Attributes (User, fixed-type)
+
+
+### Create User [POST /users]
+
+Create a new army member
+
++ Request Create new army member (application/json)
+
+    + Attributes
+        + username: `[GNC]Paolo` (string, required) - display name of the user
+
++ Response 201
+
+    + Attributes (User, fixed-type)
+
+### Update User [PUT /users/{id}]
+
+Update an army member, identified by its id
+
++ Parameters
+    + id: `5abd4780396bc0487068be0e` (string, required) - unique id of army-member
+
++ Request Create Entry with Title (application/json)
+
+    + Attributes
+        + _id: `5abd4780396bc0487068be0e` (string, required) - unique id of army-member
+        + username: `Paolo` (string, optional) - display name of the user
+        + rankLvl: 22 (number, optional) - rank level representing the rank
+        + squadId: `591470249e9fae286e008e31` (string, optional) - squadId of squad which army member is part of
+
++ Response 200
+
+    + Attributes (User, fixed-type)
+
+
+### Delete User [DELETE /users/{id}]
+
+Delete an army member
+
++ Parameters
+    + id: `5abd4780396bc0487068be0e` (string, required) - unique id of army-member
+
++ Response 204

api/apib/data_structures/_squad.apib

@@ -1,12 +1,13 @@
 # Squad (object)
-Default API Squad entity
+
+A Squad entity
 
 ## Properties
 
-+ _id: `591470249e9fae286e008e31` (string, required)
++ _id: `591470249e9fae286e008e31` (string, required) - the unique id of the squad
-+ sortingNumber: 30 (number, required)
++ sortingNumber: 30 (number, required) - the number for orders in lists of squads
-+ updatedAt: `2017-05-31T20:43:07.165Z` (string, required)
++ updatedAt: `2017-05-31T20:43:07.165Z` (string, required) - version timestamp
-+ timestamp: `2017-05-11T14:07:32.471Z` (string, required)
++ timestamp: `2017-05-11T14:07:32.471Z` (string, required) - creation timestamp
-+ name: `Alpha` (string, required)
++ name: `Alpha` (string, required) - display name of the squad
-+ fraction: `BLUFOR` (string, required)
++ fraction: `BLUFOR` (string, required) - fraction the squad is part of
-+ __v: 2 (number, required)
++ __v: 2 (number, required) - version number

api/apib/dev-doc.apib

@@ -20,7 +20,7 @@ FORMAT: 1A
 
 :[Gists](auth/login.apib)
 
-<!-- Group Account -->
+# Group Account
 
 # Group Army Overview
 
@@ -30,15 +30,15 @@ FORMAT: 1A
 
 :[Gists](army-management/awardings.apib)
 
-<!-- Group Campaigns -->
+# Group Campaigns
 
 # Group Decorations
 
 :[Gists](army-management/decorations.apib)
 
-<!-- Group Logs -->
+# Group Logs
 
-<!-- Group Players -->
+# Group Players
 
 # Group Ranks
 
@@ -48,10 +48,10 @@ FORMAT: 1A
 
 :[Gists](army-management/promotions.apib)
 
-<!-- Group Squads -->
+# Group Squads
 
 # Group Users
 
 :[Gists](army-management/users.apib)
 
-<!-- Group Wars -->
+# Group Wars

api/apib/dredd/data/app_user.json

@@ -1 +1 @@
-{"_id":{"$oid":"5ab68ceef547ed304064e5f6"},"squad":null,"permission":3,"activated":true,"username":"testuser","secret":"my secret","password":"$2a$10$wvgBbcckHrFu8Ctw8hSPNuFLoBy4sRubioyiK1NabOC0UgYD.KITi","timestamp":{"$date":"2018-03-24T17:37:50.668Z"},"updatedAt":{"$date":"2018-03-24T17:37:50.668Z"},"__v":0}
+{"_id":{"$oid":"5ab68ceef547ed304064e5f6"},"squad":null,"permission":4,"activated":true,"username":"testuser","secret":"my secret","password":"$2a$10$wvgBbcckHrFu8Ctw8hSPNuFLoBy4sRubioyiK1NabOC0UgYD.KITi","timestamp":{"$date":"2018-03-24T17:37:50.668Z"},"updatedAt":{"$date":"2018-03-24T17:37:50.668Z"},"__v":0}

api/apib/dredd/data/decoration.json

@@ -0,0 +1 @@
+{"_id":{"$oid":"5abd3dff6e6a0334d95b8ba0"},"sortingNumber":0,"name":"Orden der Tapferkeit","fraction":"BLUFOR","isMedal":true,"description":"Das ist ein Orden den tapfere Leute bekommen","timestamp":{"$date":"2018-03-29T19:26:55.387Z"},"updatedAt":{"$date":"2018-03-29T19:26:55.387Z"},"__v":0}

api/apib/dredd/data/user.json

@@ -1 +1,2 @@
 {"_id":{"$oid":"5ab68d42f547ed304064e5f7"},"rankLvl":0,"squadId":{"$oid":"5aba54eaeadcce6332c6a774"},"username":"hardiready","updatedAt":{"$date":"2018-03-27T14:28:04.533Z"},"__v":0}
+{"_id":{"$oid":"5abd4780396bc0487068be0e"},"rankLvl":0,"squadId":null,"username":"KalleK","timestamp":{"$date":"2018-03-29T20:07:28.960Z"},"updatedAt":{"$date":"2018-03-29T20:07:28.960Z"},"__v":0}

api/dredd.yml

@@ -10,7 +10,7 @@ names: false
 only: []
 reporter: base
 output: []
-header: []
+header: ['X-Access-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YWI2OGNlZWY1NDdlZDMwNDA2NGU1ZjYiLCJpYXQiOjE1MjIzNTMwNzAsImV4cCI6MTAyMzIyMzUzMDcwfQ.aC4TYkPc8gYcpdsYNnYcs8D8e6OPilrgSGZF6pI3g1w']
 sorted: false
 user: null
 inline-errors: false

api/routes/authenticate.js

@@ -46,7 +46,7 @@ let authCheck = (username, password, res) => {
   AppUserModel.findOne({username: username.toLowerCase()}).populate('squad').exec((err, user) => {
     if (err) deferred.reject(err.name + ': ' + err.message);
 
-    const diff = 28 * 60 * 24; // time till expiration [minutes]
+    const diff = 28 * 60 * 1000*1000; // time till expiration [minutes]
 
     if (user && !user.activated) {
       res.status(codes.unauthorized).send('Account is not yet activated');

api/routes/users.js

@@ -103,52 +103,12 @@ users.route('/:id')
        });
      })
 
-     .patch(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
-       if (!req.body || (req.body._id && req.body._id !== req.params.id)) {
-         // little bit different as in PUT. :id does not need to be in data, but if the _id and url id must match
-         const err =
-           new Error('id of PATCH resource and send JSON body are not equal ' + req.params.id + ' ' + req.body._id);
-         err.status = codes.notfound;
-         next(err);
-         return; // prevent node to process this function further after next() has finished.
-       }
-
-       // optional task 3: increment version manually as we do not use .save(.)
-       req.body.updatedAt = new Date();
-       req.body.$inc = {__v: 1};
-
-       // PATCH is easier with mongoose than PUT. You simply update by all data that comes from outside. no need to
-       // reset attributes that are missing.
-       UserModel.findByIdAndUpdate(req.params.id, req.body, {new: true}, (err, item) => {
-         if (err) {
-           err.status = codes.wrongrequest;
-         } else if (!item) {
-           err = new Error('item not found');
-           err.status = codes.notfound;
-         }
-         UserModel.populate(item, {path: 'squadId'}, (err, extUser) => {
-           if (err) {
-             err.status = codes.servererror;
-             return next(err);
-           }
-           if (!user) {
-             res.locals.items = {};
-             res.locals.processed = true;
-             return next();
-           }
-           res.locals.items = extUser;
-           res.locals.processed = true;
-           return next();
-         });
-       });
-     })
-
      .put(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
        // first check that the given element id is the same as the URL id
        if (!req.body || req.body._id !== req.params.id) {
          // the URL does not fit the given element
          let err =
-           new Error('id of PATCH resource and send JSON body are not equal ' + req.params.id + ' ' + req.body._id);
+           new Error('id of PUT resource and send JSON body are not equal ' + req.params.id + ' ' + req.body._id);
          err.status = codes.notfound;
          next(err);
          return; // prevent node to process this function further after next() has finished.
@@ -156,8 +116,8 @@ users.route('/:id')
        // main difference of PUT and PATCH is that PUT expects all data in request: checked by using the schema
        const user = new UserModel(req.body);
        UserModel.findById(req.params.id, req.body, {new: true}, (err, item) => {
-         // with parameter {new: true} the TweetNModel will return the new and changed object from the DB and not the
+         // with parameter {new: true} the TweetNModel will return the new and changed object
-         // old one.
+         // from the DB and not the old one.
          if (err) {
            err.status = codes.wrongrequest;
            return next(err);