feat(api): implement UE-Module coefficient update and deletion endpoint

- PUT /ue-modules/{idModule}/{idUE}/{idPromo}: update coeff for
  UE-Module-Promo association
- DELETE /ue-modules/{idModule}/{idUE}/{idPromo}: remove UE-Module-Promo
  association
- requires employee role

routes/(apps)/notes/api/ue-modules/[idModule]/[idUE]/[idPromo].ts

@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { ueModules } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm@0.45.2";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
 
 const NOT_FOUND = new Response(
   JSON.stringify({ error: "Association UE-Module introuvable" }),
@@ -50,4 +50,87 @@ export const handler: Handlers<null, AuthenticatedState> = {
       headers: { "content-type": "application/json" },
     });
   },
+
+  // #40 PUT /ue-modules/{idModule}/{idUE}/{idPromo}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const body: { coeff: number } = await request.json();
+
+    if (typeof body.coeff !== "number") {
+      return new Response(
+        JSON.stringify({ error: "Le champ 'coeff' doit être un nombre" }),
+        { status: 400, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [updated] = await db
+      .update(ueModules)
+      .set({ coeff: body.coeff })
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify({
+      idModule: updated.idModule,
+      idUE: updated.idUE,
+      idPromo: updated.idPromo,
+      coeff: updated.coeff,
+    }), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #41 DELETE /ue-modules/{idModule}/{idUE}/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const [deleted] = await db
+      .delete(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
 };