Coder Social home page Coder Social logo

ers's Introduction

Expense Reimbursement System (ERS) API

The Expense Reimbursement System (ERS) will manage the process of reimbursing employees for expenses incurred while on company time. All employees in the company can login and submit requests for reimbursement and view their past tickets and pending requests. Finance managers can log in and view all reimbursement requests and past history for all employees in the company. Finance managers are authorized to approve and deny requests for expense reimbursement.

Models

User
The User model keeps track of users information.

{
  userId: number, // primary key
	username: string, // not null, unique
	password: string, // not null
	firstName: string, // not null
	lastName: string, // not null
	email: string, // not null
	role: Role // not null
}

Role
The Role model is used to track what permissions a user has

{
  roleId: number, // primary key
  role: string // not null, unique
}

Reimbursement
The Reimbursement model is used to represent a single reimbursement that an employee would submit

{
  reimbursementId: number, // primary key
	author: number,  // foreign key -> User, not null
	amount: number,  // not null
  dateSubmitted: number, // not null
  dateResolved: number, // not null
  description: string, // not null
  resolver: number, // foreign key -> User
  status: number, // foreign ey -> ReimbursementStatus, not null
  type: number // foreign key -> ReimbursementType
}

ReimbursementStatus
The ReimbursementStatus model is used to track the status of reimbursements. Status possibilities are Pending, Approved, or Denied.

{
  statusId: number, // primary key
  status: string // not null, unique
}

ReimbursementType
The ReimbursementType model is used to track what kind of reimbursement is being submitted. Type possibilities are Lodging, Travel, Food, or Other.

{
  typeId: number, // primary key
  type: string, // not null, unique
}

Endpoints

Security

Security should be handled through session storage. If a user does not have permission to access a particular endpoint it should return the following:

  • Status Code: 401 UNAUTHORIZED
    Content: 
    {
  "message": "The incoming token has expired"
}
    Occurs if they do not have the appropriate permissions.

Available Endpoints

Retreives users from the database

Login

  • URL /login

  • Method: POST

  • Request:

    {
  username: string,
  password: string
}

  • Response:

      User

  • Error Response

    • Status Code: 400 BAD REQUEST
    {
  message: "Invalid Credentials"
}

Find Users

  • URL /users

  • Method: GET

  • Allowed Roles finance-manager

  • Response:

    [
  User
]

Find Users By Id

  • URL /users/:id

  • Method: GET

  • Allowed Roles finance-manager or if the id provided matches the id of the current user

  • Response:

    [
  User
]

Update User

  • URL /users

  • Method: PATCH

  • Allowed Roles admin

  • Request The userId must be presen as well as all fields to update, any field left undefined will not be updated.

      User

  • Response:

      User

Find Reimbursements By Status

Reimbursements should be ordered by date

  • URL /reimbursements/status/:statusId
    For a challenge you could do this instead:
    /reimbursements/status/:statudId/date-submitted?start=:startDate&end=:endDate

  • Method: GET

  • Allowed Roles finance-manager

  • Response:

    [
  Reimbursement
]

Find Reimbursements By User

Reimbursements should be ordered by date

  • URL /reimbursements/author/userId/:userId
    For a challenge you could do this instead:
    /reimbursements/author/userId/:userId/date-submitted?start=:startDate&end=:endDate

  • Method: GET

  • Allowed Roles finance-manager or if ther userId is the user making the request.

  • Response:

    [
  Reimbursement
]

Submit Reimbursement

  • URL /reimbursements

  • Method: POST

  • Rquest: The reimbursementId should be 0

    Reimbursement

  • Response:

    • Status Code 201 CREATED 
        Reimbursement

Update Reimbursement

  • URL /users

  • Method: PATCH

  • Allowed Roles finance-manager

  • Request The reimbursementId must be presen as well as all fields to update, any field left undefined will not be updated. This can be used to approve and deny.

      Reimbursement

  • Response:

      Reimbursement

Stretch Goals

These are not part of the core requirements but are things that could be worked on once the core requirements are done.

  • Password Hashing
  • Paging ans Sorting endpoints: Reference For How
  • Using JSON Web Tokens (JWTs) instead of Session Storage
  • Being able to submit receipts. (I would recommend using AWS S3 buckets for this but if you do be cautious of including AWS Access Keys in your application)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.