Second iteration
Second iteration release
In this iteration, there are a lot of functionalities to cover the objective: User roles and permissions and also fixed some bugs
Backend
In the user model we've added the role option that can be (PARTICIPANT, ORGANIZER or ORGANIZER_ADMIN), and when creating a user the default role is PARTICIPANT
New endpoints
GET /users/me/role → Get the user role, using the header Authentication
POST /users/update/role/{user_id} → Update the user user_id to the role specified in the body, this can be done only by ORGANIZER_ADMIN
Secure the endpoints
POST /event/new → Create an event can only be done by ORGANIZER_ADMIN
POST /event/update/{event_id} → Edit an event can only be done by ORGANIZER
POST /event/delete/{event_id} → Delete an event can only be done by ORGANIZER_ADMIN
Frontend
In the video you can see a stable version of the product in this iteration, the added functionalities are:
- In the homepage now you can filter the events (All, past, future)
- In profile screen there are some changes, now you can see your role in a Tag
- The functionalities that are not available for everyone are:
- Create event button only appears for
ORGANIZER_ADMIN - Edit event button only appears for
ORGANIZERandORGANIZER_ADMIN - Delete event button only appears for
ORGANIZER_ADMIN - See all users is only appears for
ORGANIZER_ADMIN - Screen with all users to edit the roles is only appears for
ORGANIZER_ADMIN
- Create event button only appears for
Second.iteration.video.mp4
Bug fixing
- The endpoint
GET /users/is now returning the users ordered alphabetically by username. - The endpoint
GET /events/andGET /events/upcomingare now returning the events ordered by start_date. - In the frontend → all the secured endpoints now requires the token.
- In the homepage, the page renders every time the user enter the screen.
- The warning that was appearing in Input component for web is now fixed.
- The username is stored in lowercase, so now it's case-insensitive.
- The endpoint
POST /users/update/{user_id}is changed toPOST /users/update/me, it requires the headerAuthentication, now you can only edit your information. - The endpoint
GET /events/is returning only the not deleted events
PRs done
- [ORG-52] Add user role in model (Participant, Organizer Admin, Organizer) by @carlotacb in #56
- [ORG-57] Get role from token endpoint by @carlotacb in #57
- [ORG-55] Modify user role, can only be modified by admins by @carlotacb in #58
- [ORG-56] Create button is only shown for admins by @carlotacb in #59
- [ORG-53] Edit event button for ORGANIZERS and ORGANIZERS ADMIN by @carlotacb in #60
- [ORG-63] Delete button in events only for ORGANIZERS_ADMIN by @carlotacb in #61
- [ORG-62] Role in profile screen by @carlotacb in #62
- [ORG-58] Create event endpoint, only admins can create a event by @carlotacb in #63
- [ORG-60] Edit event can only be done by ORGANIZERS and ORGANIZERS_ADMIN by @carlotacb in #64
- [ORG-59] Delete endpoint is only availble for ORGANIZERS ADMINS by @carlotacb in #65
- [ORG-54] Screen for update roles by @carlotacb in #66
- [ORG-65] Get all users endpoint is returning users ordered by username by @carlotacb in #67
- [ORG-67] Authorize calls from frontend (edit, create and delete event) by @carlotacb in #68
- [ORG-66] Order events by start_date by @carlotacb in #69
- [ORG-61] Username is now case insensitive by @carlotacb in #70
- [ORG-46] Edit endpoint to use token instead of user_id by @carlotacb in #71
- [ORG-69] Edit profile the endpoint is changed by @carlotacb in #72
- [ORG-68] Filters are now in events page (all, future, past) by @carlotacb in #73
- [ORG-70] Get all events endpoint is not showing deleted events by @carlotacb in #74
Full Changelog: v0.1...v0.2
