Description

Small example app to manage a training center :

Members have a role (student or coach)
Each role has specific permissions
Students can register into a Training (ex: "Python")
Trainings contain Modules (ex: "Introduction to Python")
Modules contain Lessons (ex: "Loops & flow structures")
API requires an auth token, which you can get through the /login endpoint

Dependencies

PostgreSQL : Database
NestJS : Main framework
Prisma : ORM
@nestjs/jwt : Authentication
argon2 : Password hashing
pg : PostgreSQL integration

Installation

Create the database in PostgreSQL
Copy .env.example as .env and change DB host/user/password
Run npm install

Running the app

# development mode
$ npm run start:dev

# production mode
$ npm run start:prod

This repo also contains :

/curl_examples : cURL scripts to test any endpoint of the API
/documentation : auto-generated documentation
/docs :
- /cdm : Conceptual Data Model
- install.md, postgresql.md and run.md : command-line reference for installing the app, creating the PostgreSQL user account, and running the app
- rbac.png : list of permissions for each role

Endpoints

Auth

POST /login (login with username & password, and get back an auth token)

Parameters

name type data type description

name required string username

password required string password

Responses

http code content-type response

200 application/json

TODO application/json

Example cURL

 curl -X GET -H "Content-Type: application/json" http://localhost:3000/login

User

GET /user/{id} (get a specific User)

Parameters

name type data type description

id required int User id

Responses

http code content-type response

200 application/json User

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/user/1

GET /user/list (get all Users. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json User[]

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/user/list

POST /user/signup (create/signup a new User)

Parameters

name type data type description

roleId required int N/A

name required string username

password required string password (will be hashed)

Responses

http code content-type response

201 application/json User

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/user/signup

DELETE /user/{id} (delete a User)

Parameters

name type data type description

id required int User id

Responses

http code content-type response

200 application/json User

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/user/1/delete

PUT /user/{id}/setrole (update a User's role)

Parameters

name type data type description

id required int User id

roleId required int roleId of the new role

Responses

http code content-type response

200 application/json User

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/user/1/setrole

Training

GET /training/{id} (get a specific Training)

Parameters

name type data type description

id required int Training id

Responses

http code content-type response

200 application/json Training

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/training/1

GET /training/list (get all Trainings. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json Training[]

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/training/list

POST /training/create (create a new Training)

Parameters

name type data type description

name required string Name of the Training

modules required int[] Array of Module ids to include in this Training

coachId required int User ID of the coach assigned to this module

Responses

http code content-type response

201 application/json Training

TODO application/json

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/training/create

DELETE /training/{id} (delete a Training)

Parameters

name type data type description

id required int Training id

Responses

http code content-type response

200 application/json Training

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/training/1/delete

PUT /training/{id}/update (update a Training. Can add or delete associated Modules)

Parameters

name type data type description

name optional string Training id

addModules optional int[] list of Modules to add to this Training

deleteModules optional int[] list of Modules to delete from this Training

Responses

http code content-type response

200 application/json Training

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/training/1/update

Module

GET /module/{id} (get a specific Module)

Parameters

name type data type description

id required int Module id

Responses

http code content-type response

200 application/json Module

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/module/1

GET /module/list (get all Modules. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json Module[]

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/module/list

POST /module/create (create a new Module)

Parameters

name type data type description

name required string Name of the Module

lessons optional int[] Array of Lessons to include in this Module

Responses

http code content-type response

201 application/json Module

TODO application/json

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/module/create

DELETE /module/{id} (delete a Module)

Parameters

name type data type description

id required int Module id

Responses

http code content-type response

200 application/json Module

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/module/1/delete

PUT /module/{id}/update (update a Module. Can add or delete associated Lessons)

Parameters

name type data type description

name optional string Module id

addLessons optional int[] list of Lessons to add to this Module

deleteLessons optional int[] list of Lessons to delete from this Module

Responses

http code content-type response

200 application/json Module

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/module/1/update

Lesson

GET /lesson/{id} (get a specific Lesson)

Parameters

name type data type description

id required int Lesson id

Responses

http code content-type response

200 application/json Lesson

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/lesson/1

GET /lesson/list (get all Lessons. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json Lesson[]

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/lesson/list

POST /lesson/create (create a new Lesson)

Parameters

name type data type description

name optional string Name of the Lesson

content required string Content of the lesson

Responses

http code content-type response

201 application/json Lesson

TODO application/json

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/lesson/create

DELETE /lesson/{id} (delete a Lesson)

Parameters

name type data type description

id required int Lesson id

Responses

http code content-type response

200 application/json Lesson

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/lesson/1/delete

PUT /lesson/{id}/update (update a Lesson)

Parameters

name type data type description

name optional string Lesson id

content optional string Lesson text content

Responses

http code content-type response

200 application/json Lesson

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/lesson/1/update

Role

GET /role/{id} (get a specific Role)

Parameters

name type data type description

id required int Role id

Responses

http code content-type response

200 application/json Role

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/role/1

GET /role/list (get all Roles. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json Role[]

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/role/list

POST /role/create (create a new Role)

Parameters

name type data type description

name optional string Name of the Role

permissions required int[] Array of Roles to include in this Role

Responses

http code content-type response

201 application/json Role

TODO application/json

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/role/create

DELETE /role/{id} (delete a Role)

Parameters

name type data type description

id required int Role id

Responses

http code content-type response

200 application/json Role

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/role/1/delete

PUT /role/{id}/update (update a Role. Can add or delete associated Permissions)

Parameters

name type data type description

name optional string Name of role

addPermissions optional string List of Permissions to add to this Role

deletePermissions optional string List of Permissions to remove from this Role

Responses

http code content-type response

200 application/json Role

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/role/1/update

Permission

GET /permission/{id} (get a specific Permission)

Parameters

name type data type description

id required int Permission id

Responses

http code content-type response

200 application/json Permission

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/permission/1

GET /permission/list (get all Permissions. limit=1000)

Parameters

None

Responses

http code content-type response

200 application/json Permission[]

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/permission/list

POST /permission/create (create a new Permission)

Parameters

name type data type description

name required string Name

description required string Description

Responses

http code content-type response

201 application/json Permission

TODO application/json

Example cURL

 curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/permission/create

DELETE /permission/{id} (delete a Permission)

Parameters

name type data type description

id required int Permission id

Responses

http code content-type response

200 application/json Permission

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer [token]" http://localhost:3000/permission/1/delete

PUT /permission/{id}/update (update a Permission)

Parameters

name type data type description

name optional string Permission name

description optional string Permission description

Responses

http code content-type response

200 application/json Permission

404 application/json {"code":"404","message":"Not Found"}

Example cURL

 curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer [token]" -d data.json http://localhost:3000/permission/1/update

http code	content-type	response
`200`	`application/json`	User
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

name	type	data type	description
roleId	required	int	N/A
name	required	string	username
password	required	string	password (will be hashed)

http code	content-type	response
`201`	`application/json`	User
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

http code	content-type	response
`200`	`application/json`	Training[]
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

name	type	data type	description
name	optional	string	Training id
addModules	optional	int[]	list of Modules to add to this Training
deleteModules	optional	int[]	list of Modules to delete from this Training

http code	content-type	response
`200`	`application/json`	Module[]
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

http code	content-type	response
`200`	`application/json`	Lesson[]
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

http code	content-type	response
`200`	`application/json`	Role[]
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

http code	content-type	response
`200`	`application/json`	Permission[]
`404`	`application/json`	`{"code":"404","message":"Not Found"}`

Files

README.md

Latest commit

History

README.md

File metadata and controls

Description

Dependencies

Installation

Running the app

This repo also contains :

Endpoints

Auth

Parameters

Responses

Example cURL

User

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Training

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Module

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Lesson

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL

Parameters

Responses

Example cURL