Documentation Powered by ReDoc

employee-management-app (v1.0.0)

Download OpenAPI specification:Download

License: MIT

Employee management app API.

Authentication

user-token

Token for a regular user. Can read employees, but not CUD them.

Security Scheme Type API Key
Header parameter name: Authorization

superuser-token

Token for the superuser. Can CRUD employees, as well as grant or deny permissions for users.

Security Scheme Type API Key
Header parameter name: Authorization

Login

Logs a user in either through processing their credentials (username and password) or by validating and refreshing their authentication token.

header Parameters
Authorization
string

Authentication token previously issued by server, if applicable.

Request Body schema: application/json

Body to use when authenticating with username and password (i.e. token has not been previously issued or issued token has expired).

username
string
password
string

Responses

Request samples

Content type
application/json
{
  • "username": "superuser",
  • "password": "test"
}

Response samples

Content type
application/json
{
  • "message": "OK"
}

Logout

Logs a user out by terminating the session related to their authentication token.

Authorizations:
None

Responses

Response samples

Content type
application/json
{
  • "message": "OK"
}

Create new employee

Creates a new employee.

Authorizations:
superuser-token
Request Body schema: application/json

Details of the employee to create.

firstName
string
lastName
string
title
string
salary
integer
secLevel
integer
permanent
boolean
projects
Array of strings

Responses

Request samples

Content type
application/json
{
  • "id": "62273e66c62057b707d2df21",
  • "firstName": "John",
  • "lastName": "Appleseed",
  • "title": "Senior Software Developer",
  • "salary": 100000,
  • "secLevel": 5,
  • "permanent": true,
  • "projects": [
    ]
}

Response samples

Content type
application/json
{
  • "message": "OK"
}

Get all employees

Returns a list of all employees. Properties of the employee objects may be filtered away depending on user permissions and server configuration. All properties of the employee object should therefore be considered optional.

Authorizations:
None

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Update employee

Updates the information of an employee.

Authorizations:
superuser-token
path Parameters
id
required
string

Employee ID

Request Body schema: application/json

Properties to update. All properties are optional, and only the values of declared properties are changed.

firstName
string
lastName
string
title
string
salary
integer
secLevel
integer
permanent
boolean
projects
Array of strings

Responses

Request samples

Content type
application/json
{
  • "id": "62273e66c62057b707d2df21",
  • "firstName": "John",
  • "lastName": "Appleseed",
  • "title": "Senior Software Developer",
  • "salary": 100000,
  • "secLevel": 5,
  • "permanent": true,
  • "projects": [
    ]
}

Response samples

Content type
application/json
{
  • "message": "OK"
}

Delete employee

Deletes an employee.

Authorizations:
superuser-token
path Parameters
id
required
string

Employee ID

Responses

Response samples

Content type
application/json
{
  • "message": "OK"
}

Get available permissions

Returns all available permissions.

Authorizations:
superuser-token

Responses

Response samples

Content type
application/json
[
  • "read:employee.salary"
]

Get user permissions

Returns permissions for a user.

Authorizations:
superuser-token
path Parameters
user
required
string

User ID

Responses

Response samples

Content type
application/json
[
  • "read:employee.salary"
]

Update user permissions

Updates the permissions of a user.

Authorizations:
superuser-token
path Parameters
user
required
string

User ID

Responses

Response samples

Content type
application/json
{
  • "message": "OK"
}

Register new user

Registers a new user.

Request Body schema: application/json

Details for the user to create.

username
required
string
password
required
string

Responses

Request samples

Content type
application/json
{
  • "username": "string",
  • "password": "string"
}

Response samples

Content type
application/json
{
  • "message": "string",
  • "token": "string"
}

Get all users

Returns all users registered in the system.

Authorizations:
superuser-token

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Check for superuser privileges

Checks whether user is a superuser, returning 401 if not and 200 if yes.

Authorizations:
superuser-token

Responses

Response samples

Content type
application/json
{
  • "message": "OK"
}