fix: remove unused body variable in permissions e2e test

test(permissions): add unit and e2e tests for GET /permissions (#115 )
Handler is static (no DB), tests verify the 9 known permissions are returned with correct id/nom shapes.
2026-04-26 13:08:35 +00:00 · 2026-04-26 13:08:35 +00:00 · 2026-04-26 14:30:40 +02:00 · 2026-04-26 14:18:09 +02:00 · 2026-04-26 14:00:38 +02:00 · 2026-04-26 11:30:33 +00:00
35 changed files with 3097 additions and 66 deletions
@@ -6,9 +6,26 @@ on:
      - main

 jobs:
+  check-code:
+    name: "Check Deno code"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Check formatting
+        run: deno fmt --check
+
+      - name: Check linting
+        run: deno lint
+
  deploy:
    name: "Build Docker image"
    runs-on: ubuntu-latest
+    needs: check-code
    steps:
      - name: Login to Docker Hub
        uses: docker/login-action@v3
@@ -4,6 +4,10 @@ on:
  pull_request:
    branches:
      - main
+      - develop
+  push:
+    branches:
+      - develop

 permissions:
  contents: read
@@ -24,6 +28,3 @@ jobs:

      - name: Check linting
        run: deno lint
-
-      - name: Run tests
-        run: deno test -A --no-check tests/
@@ -0,0 +1,79 @@
+name: "Tests"
+
+on:
+  pull_request:
+    branches:
+      - main
+      - develop
+  push:
+    branches:
+      - develop
+
+jobs:
+  unit:
+    name: "Unit tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Install dependencies
+        run: deno install
+
+      - name: Run unit tests
+        run: deno task test:unit
+
+  integration:
+    name: "Integration tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Start postgres
+        run: |
+          sudo apt-get update -qq && sudo apt-get install -y -qq postgresql > /dev/null
+          PG_VER=$(ls /etc/postgresql/)
+          sudo sed -i "s/^#*listen_addresses\s*=.*/listen_addresses = '127.0.0.1'/" /etc/postgresql/$PG_VER/main/postgresql.conf
+          echo "host all all 127.0.0.1/32 md5" | sudo tee -a /etc/postgresql/$PG_VER/main/pg_hba.conf
+          sudo pg_ctlcluster $PG_VER main restart
+          until sudo -u postgres pg_isready -h 127.0.0.1; do sleep 1; done
+          sudo -u postgres psql -c "CREATE USER test WITH PASSWORD 'test';"
+          sudo -u postgres psql -c "CREATE DATABASE polympr_test OWNER test;"
+          sudo -u postgres psql -d polympr_test -c "GRANT ALL ON SCHEMA public TO test;"
+
+      - name: Apply migrations
+        run: |
+          sed 's/--> statement-breakpoint/;/g' databases/migrations/0000_square_jetstream.sql | \
+            PGPASSWORD=test psql -h 127.0.0.1 -U test -d polympr_test
+
+      - name: Install dependencies
+        run: npm install --ignore-scripts && deno install
+
+      - name: Run integration tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:integration
+
+      - name: Run e2e tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:e2e
@@ -0,0 +1,79 @@
+name: "Tests"
+
+on:
+  pull_request:
+    branches:
+      - main
+      - develop
+  push:
+    branches:
+      - develop
+
+jobs:
+  unit:
+    name: "Unit tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Install dependencies
+        run: deno install
+
+      - name: Run unit tests
+        run: deno task test:unit
+
+  integration:
+    name: "Integration tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Start postgres
+        run: |
+          sudo apt-get update -qq && sudo apt-get install -y -qq postgresql > /dev/null
+          PG_VER=$(ls /etc/postgresql/)
+          sudo sed -i "s/^#*listen_addresses\s*=.*/listen_addresses = '127.0.0.1'/" /etc/postgresql/$PG_VER/main/postgresql.conf
+          echo "host all all 127.0.0.1/32 md5" | sudo tee -a /etc/postgresql/$PG_VER/main/pg_hba.conf
+          sudo pg_ctlcluster $PG_VER main restart
+          until sudo -u postgres pg_isready -h 127.0.0.1; do sleep 1; done
+          sudo -u postgres psql -c "CREATE USER test WITH PASSWORD 'test';"
+          sudo -u postgres psql -c "CREATE DATABASE polympr_test OWNER test;"
+          sudo -u postgres psql -d polympr_test -c "GRANT ALL ON SCHEMA public TO test;"
+
+      - name: Apply migrations
+        run: |
+          sed 's/--> statement-breakpoint/;/g' databases/migrations/0000_square_jetstream.sql | \
+            PGPASSWORD=test psql -h 127.0.0.1 -U test -d polympr_test
+
+      - name: Install dependencies
+        run: npm install --ignore-scripts && deno install
+
+      - name: Run integration tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:integration
+
+      - name: Run e2e tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:e2e
@@ -0,0 +1,338 @@
+# PolyMPR - Claude Code Context
+
+## 📋 Project Overview
+
+**PolyMPR** (Poly Management Platform for Resources) is a modular HR management
+system built with **Deno + Fresh** framework. It's designed to help
+organizations manage HR, student records, notes, mobility programs, and
+role-based administration.
+
+### Stack
+
+- **Runtime**: Deno
+- **Framework**: Fresh (edge-ready web framework)
+- **Database**: PostgreSQL with Drizzle ORM
+- **Frontend**: Preact with signals
+- **Authentication**: JWT-based via cookies
+- **Testing**: Deno test framework with HappyDOM for DOM testing
+
+### Current Status
+
+🚧 **In Progress** - Application is far from complete. The schema below is the
+**final/definitive schema** that should guide all development.
+
+---
+
+## 🏗️ Architecture
+
+### Module Structure
+
+The application uses a **modulith architecture** with the following modules:
+
+```
+routes/(apps)/
+├── students/      - Student management & promotions
+├── notes/         - Grade management & academic records
+├── mobility/      - Mobility programs & exchanges
+└── admin/         - Role & permission management
+```
+
+### Key Directories
+
+- `/routes` - Fresh routes and components
+- `/databases` - Database connection, schema, and migrations
+- `/defaults` - Interfaces and shared types
+- `/tests` - Unit, integration, and E2E tests
+- `/static` - Public assets
+
+### Authentication Flow
+
+1. User authenticates via CAS (Polytech)
+2. JWT token stored in `sessionToken` cookie
+3. Middleware validates token on each request
+4. Public routes: `/`, `/login`, `/logout`, `/about`, `/contact`
+5. All other routes require authentication
+
+---
+
+## 📊 Database Schema (Final/Definitive)
+
+```mermaid
+erDiagram
+  USER {
+    string id PK
+    string nom
+    string prenom
+    int idRole FK
+  }
+  ROLE {
+    int id PK
+    string nom
+  }
+  PERMISSION {
+    int id PK
+    string nom
+  }
+  ROLE_PERMISSION {
+    int idRole PK,FK
+    int idPermission PK,FK
+  }
+  STUDENT {
+    int numEtud PK
+    string nom
+    string prenom
+    string idPromo FK
+  }
+  PROMOTION {
+    string idPromo PK
+    string annee
+  }
+  MODULE {
+    string id PK
+    string nom
+  }
+  ENSEIGNEMENT {
+    string idProf PK,FK
+    string idModule PK,FK
+    string idPromo PK,FK
+  }
+  UE {
+    int id PK
+    string nom
+  }
+  UE_MODULE {
+    string idModule PK,FK
+    int idUE PK,FK
+    string idPromo PK,FK
+    float coeff
+  }
+  NOTE {
+    int numEtud PK,FK
+    string idModule PK,FK
+    float note
+  }
+  AJUSTEMENT {
+    int numEtud PK,FK
+    int idUE PK,FK
+    float valeur
+  }
+
+  USER }o--|| ROLE : "a"
+  ROLE_PERMISSION }o--|| ROLE : "accorde"
+  ROLE_PERMISSION }o--|| PERMISSION : "inclut"
+  ENSEIGNEMENT }o--|| USER : "réalisé par"
+  ENSEIGNEMENT }o--|| MODULE : "porte sur"
+  ENSEIGNEMENT }o--|| PROMOTION : "concerne"
+  STUDENT }o--|| PROMOTION : "appartient à"
+  UE_MODULE }o--|| MODULE : "associe"
+  UE_MODULE }o--|| UE : "appartient à"
+  UE_MODULE }o--|| PROMOTION : "pour"
+  NOTE }o--|| STUDENT : "reçoit"
+  NOTE }o--|| MODULE : "dans"
+  AJUSTEMENT }o--|| STUDENT : "concerne"
+  AJUSTEMENT }o--|| UE : "dans"
+```
+
+### Current Schema (Incomplete)
+
+The current Drizzle ORM schema in `/databases/schema.ts` only implements:
+
+- `promotions`
+- `students`
+- `mobility`
+
+**Migration needed**: Update schema to match the final ER diagram above.
+
+---
+
+## 🎯 Open Issues (69 total)
+
+### UI Pages
+
+**Catalog**
+
+- 📋 UI - Page Catalogue d'applications (#71)
+
+**Components**
+
+- 🎨 UI (composant) - Popup Résultats d'import (#75)
+
+**Students**
+
+- 📋 UI - Admin – Liste des élèves (#79)
+- 📋 UI - Admin – Gestion des promotions (#80)
+- 📋 UI - Admin – Import xlsx élèves (#81)
+- 📋 UI - Admin – Édition d'un élève (#82)
+
+**Notes**
+
+- 📋 UI - Page Élève – Mes Notes (#72)
+- 📋 UI - Admin – Consulter les notes (#73)
+- 📋 UI - Admin – Importer des notes (.xlsx) (#74)
+- 📋 UI - Admin – Édition notes d'un élève (#76)
+- 📋 UI - Admin – Récap notes élève / semestre (#77)
+- 📋 UI - Admin – Gestion des UEs (#78)
+
+**Administration**
+
+- 📋 UI - Gestion des utilisateurs (#83)
+- 📋 UI - Gestion des rôles (#84)
+- 📋 UI - Permissions d'un rôle (#85)
+- 📋 UI - Vue des permissions (#86)
+- 📋 UI - Gestion des modules (#87)
+- 📋 UI - Enseignements (Assignations) (#88)
+
+---
+
+### API Endpoints
+
+**Students API**
+
+- 📋 GET `/students` (#7)
+- 📋 POST `/students` (#8)
+- 📋 POST `/students/import-csv` (#9)
+- 📋 GET `/students/{numEtud}` (#10)
+- 📋 PUT `/students/{numEtud}` (#11)
+- 📋 DELETE `/students/{numEtud}` (#12)
+- 📋 GET `/promotions` (#13)
+- 📋 POST `/promotions` (#14)
+- 📋 GET `/promotions/{idPromo}` (#15)
+- 📋 PUT `/promotions/{idPromo}` (#16)
+- 📋 DELETE `/promotions/{idPromo}` (#17)
+
+**Administration API - Modules & Enseignements**
+
+- 📋 GET `/modules` (#23)
+- 📋 POST `/modules` (#24)
+- 📋 GET `/modules/{idModule}` (#25)
+- 📋 PUT `/modules/{idModule}` (#26)
+- 📋 DELETE `/modules/{idModule}` (#27)
+- 📋 POST `/enseignements` (#29)
+- 📋 GET `/enseignements/{idProf}/{idModule}/{idPromo}` (#30)
+- 📋 DELETE `/enseignements/{idProf}/{idModule}/{idPromo}` (#31)
+
+**Notes API - UEs & UE-Modules**
+
+- 📋 GET `/ues` (#32)
+- 📋 POST `/ues` (#33)
+- 📋 GET `/ues/{idUE}` (#34)
+- 📋 PUT `/ues/{idUE}` (#35)
+- 📋 DELETE `/ues/{idUE}` (#36)
+- 📋 GET `/ue-modules` (#37)
+- 📋 POST `/ue-modules` (#38)
+- 📋 GET `/ue-modules/{idModule}/{idUE}/{idPromo}` (#39)
+- 📋 PUT `/ue-modules/{idModule}/{idUE}/{idPromo}` (#40)
+- 📋 DELETE `/ue-modules/{idModule}/{idUE}/{idPromo}` (#41)
+
+**Notes API - Notes & Ajustements**
+
+- 📋 GET `/notes` (#42)
+- 📋 POST `/notes` (#43)
+- 📋 POST `/notes/import-xlsx` (#44)
+- 📋 GET `/notes/{numEtud}/{idModule}` (#45)
+- 📋 PUT `/notes/{numEtud}/{idModule}` (#46)
+- 📋 DELETE `/notes/{numEtud}/{idModule}` (#47)
+- 📋 GET `/ajustements` (#48)
+- 📋 POST `/ajustements` (#49)
+- 📋 GET `/ajustements/{numEtud}/{idUE}` (#50)
+- 📋 PUT `/ajustements/{numEtud}/{idUE}` (#51)
+- 📋 DELETE `/ajustements/{numEtud}/{idUE}` (#52)
+
+**Administration API - Users, Roles & Permissions**
+
+- 📋 GET `/users` (#60)
+- 📋 POST `/users` (#61)
+- 📋 GET `/users/{id}` (#62)
+- 📋 PUT `/users/{id}` (#63)
+- 📋 DELETE `/users/{id}` (#64)
+- 📋 GET `/roles` (#65)
+- 📋 POST `/roles` (#66)
+- 📋 GET `/roles/{idRole}` (#67)
+- 📋 PUT `/roles/{idRole}` (#68)
+- 📋 DELETE `/roles/{idRole}` (#69)
+- 📋 GET `/permissions` (#70)
+
+---
+
+## 🎨 Design Reference
+
+**Figma Prototype**:
+https://www.figma.com/design/La79bsUsWnJCtMsrrt2zGd/Prototype?node-id=0-1
+
+This is the **final design specification** for the UI. All UI implementations
+should follow this design.
+
+---
+
+## 🚀 Development Guidelines
+
+### Getting Started
+
+```bash
+# Run tests
+deno task test
+
+# Start development server
+deno task start
+
+# Build for production
+deno task build
+
+# Format & lint
+deno task check
+```
+
+### Git Workflow
+
+1. Create branch: `git checkout -b PMPR-{ISSUE_ID}`
+2. Implement changes
+3. Run tests and linting
+4. Submit PR
+
+### Code Style
+
+- Format: Follow Deno defaults (enforced via `deno fmt`)
+- Linting: Fresh recommended rules
+- TypeScript strict mode enabled
+- Use Drizzle ORM for database operations
+
+### Testing
+
+- Write unit tests for business logic
+- Integration tests for API endpoints
+- E2E tests with HappyDOM for UI interactions
+- Mock database with provided helpers
+
+---
+
+## 📦 Key Dependencies
+
+- **fresh@1.7.3** - Web framework
+- **drizzle-orm@0.45.2** - ORM
+- **pg@8.20.0** - PostgreSQL driver
+- **@popov/jwt@1.0.1** - JWT utilities
+- **preact@10.22.0** - UI library
+- **happy-dom@16.0.0** - DOM testing
+
+---
+
+## 🔗 Related Resources
+
+- **Repository**: https://git.polytech.djalim.fr/djalim/PolyMPR
+- **Issue Tracker**: Gitea (via `tea` CLI)
+- **Wiki**: Check CONTRIBUTING.md for dev setup
+- **Database**: PostgreSQL (configured in `.env`)
+
+---
+
+## 💡 Important Notes
+
+1. **Current Limitation**: The database schema in `/databases/schema.ts` does
+   NOT match the final ER diagram. This is a priority migration task.
+2. **Design System**: Follow the Figma prototype for all UI work.
+3. **Module Pattern**: Each module should follow the same pattern: routes, API
+   endpoints, components, and tests.
+4. **Permissions**: All admin operations should respect the ROLE_PERMISSION
+   system.
+5. **Fresh Conventions**: Routes use Fresh's file-based routing convention
+   (e.g., `routes/path/index.tsx`).
@@ -0,0 +1,158 @@
+# Bug Report — PolyMPR
+
+> Généré le 2026-04-23
+
+---
+
+## 🔴 Critique
+
+### #1 — Schema mismatch : module mobility entièrement cassé
+
+**Fichier** : `routes/(apps)/mobility/api/insert_mobility.ts`
+
+Références à des colonnes inexistantes dans le schéma Drizzle :
+
+| Utilisé dans le code   | Colonne réelle     |
+| ---------------------- | ------------------ |
+| `students.userId`      | `students.numEtud` |
+| `students.firstName`   | `students.nom`     |
+| `students.lastName`    | `students.prenom`  |
+| `students.promotionId` | `students.idPromo` |
+| `promotions.endyear`   | `promotions.annee` |
+| `promotions.current`   | _(n'existe pas)_   |
+
+Le module crashe à l'exécution. À corriger en alignant les noms de colonnes avec
+le schéma.
+
+---
+
+### #2 — Auth manquante sur de nombreux endpoints
+
+Les endpoints suivants n'ont aucune vérification `eduPersonPrimaryAffiliation` :
+
+- `routes/(apps)/notes/api/notes.ts` (GET, POST)
+- `routes/(apps)/notes/api/ue-modules.ts` (GET, POST)
+- `routes/(apps)/notes/api/ues.ts` (GET, POST)
+- `routes/(apps)/notes/api/ues/[idUE].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/users.ts` (GET, POST)
+- `routes/(apps)/admin/api/users/[id].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/modules/[idModule].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/roles.ts` (GET, POST)
+- `routes/(apps)/admin/api/roles/[idRole].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/permissions.ts` (GET)
+- `routes/(apps)/mobility/api/insert_mobility.ts`
+
+Tous ces endpoints exposent des données sensibles sans vérifier les permissions.
+
+---
+
+## 🟠 Haut
+
+### #3 — Bug Drizzle ORM : `.where()` avec plusieurs `eq()` sans `and()`
+
+**Fichier** : `routes/(apps)/notes/api/ajustements/[numEtud]/[idUE].ts` — lignes
+34, 72, 100
+
+`.where()` n'accepte qu'un seul argument. Passer plusieurs `eq()` séparés par
+des virgules ne génère pas le SQL attendu (seule la première condition est prise
+en compte).
+
+```ts
+// ❌ Incorrect
+.where(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE))
+
+// ✅ Correct
+.where(and(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE)))
+```
+
+---
+
+### #4 — Bug Drizzle ORM : `.where()` à 3 conditions sans `and()`
+
+**Fichier** :
+`routes/(apps)/notes/api/ue-modules/[idModule]/[idUE]/[idPromo].ts` — handler
+GET (~ligne 41)
+
+Même problème que #3, mais avec 3 conditions. Les handlers PUT et DELETE ont
+déjà `and()`, seul le GET est affecté.
+
+```ts
+// ❌ Incorrect
+.where(
+  eq(ueModules.idModule, idModule),
+  eq(ueModules.idUE, idUE),
+  eq(ueModules.idPromo, idPromo),
+)
+
+// ✅ Correct
+.where(
+  and(
+    eq(ueModules.idModule, idModule),
+    eq(ueModules.idUE, idUE),
+    eq(ueModules.idPromo, idPromo),
+  ),
+)
+```
+
+---
+
+## 🟡 Moyen
+
+### #5 — `and()` passé avec des valeurs `undefined`
+
+**Fichier** : `routes/(apps)/notes/api/ue-modules.ts`
+
+```ts
+and(
+  idPromo ? eq(ueModules.idPromo, idPromo) : undefined,
+  idUE ? eq(ueModules.idUE, idUE) : undefined,
+);
+```
+
+Drizzle tolère les `undefined` dans `and()` dans certaines versions, mais ce
+n'est pas garanti. Mieux vaut construire les conditions dynamiquement avant de
+les passer.
+
+---
+
+### #6 — Validation `!numEtud` rejette faussement `0`
+
+**Fichier** : `routes/(apps)/notes/api/notes.ts` — handler POST
+
+```ts
+// ❌ Rejette numEtud = 0
+if (note === undefined || !numEtud || !idModule)
+
+// ✅ Correct
+if (note === undefined || numEtud === undefined || numEtud === null || !idModule)
+```
+
+---
+
+### #7 — `Number(idRole)` sans vérification `isNaN`
+
+**Fichier** : `routes/(apps)/admin/api/users.ts`
+
+Si `idRole` est une chaîne non numérique, `Number()` retourne `NaN` ce qui
+provoque une erreur SQL.
+
+```ts
+// ❌ Pas de vérification
+const rows = idRole
+  ? await db.select().from(users).where(eq(users.idRole, Number(idRole)))
+  : await db.select().from(users);
+
+// ✅ Valider avant usage
+const role = Number(idRole);
+if (isNaN(role)) return new Response(..., { status: 400 });
+```
+
+---
+
+### #8 — Réponses d'erreur en texte brut au lieu de JSON
+
+**Fichier** : `routes/(apps)/notes/api/notes.ts`
+
+Certaines réponses d'erreur retournent une string sans
+`content-type: application/json`, incohérent avec le reste de l'API qui retourne
+`{ error: "..." }`.
@@ -16,11 +16,9 @@ services:
    image: postgres
    restart: always
    shm_size: 128mb
-    environment: 
+    environment:
      POSTGRES_PASSWORD: ${POSTGRES_PASS}
    deploy:
      replicas: 1
      placement:
        constraints: [node.role == manager]
-
-
@@ -0,0 +1,100 @@
+CREATE TABLE "ajustements" (
+	"numEtud" integer NOT NULL,
+	"idUE" integer NOT NULL,
+	"valeur" double precision NOT NULL,
+	CONSTRAINT "ajustements_numEtud_idUE_pk" PRIMARY KEY("numEtud","idUE")
+);
+--> statement-breakpoint
+CREATE TABLE "enseignements" (
+	"idProf" text NOT NULL,
+	"idModule" text NOT NULL,
+	"idPromo" text NOT NULL,
+	CONSTRAINT "enseignements_idProf_idModule_idPromo_pk" PRIMARY KEY("idProf","idModule","idPromo")
+);
+--> statement-breakpoint
+CREATE TABLE "mobility" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"studentId" integer,
+	"startDate" date,
+	"endDate" date,
+	"weeksCount" integer,
+	"destinationCountry" text,
+	"destinationName" text,
+	"mobilityStatus" text DEFAULT 'N/A'
+);
+--> statement-breakpoint
+CREATE TABLE "modules" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "notes" (
+	"numEtud" integer NOT NULL,
+	"idModule" text NOT NULL,
+	"note" double precision NOT NULL,
+	CONSTRAINT "notes_numEtud_idModule_pk" PRIMARY KEY("numEtud","idModule")
+);
+--> statement-breakpoint
+CREATE TABLE "permissions" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "promotions" (
+	"idPromo" text PRIMARY KEY NOT NULL,
+	"annee" text
+);
+--> statement-breakpoint
+CREATE TABLE "role_permissions" (
+	"idRole" integer NOT NULL,
+	"idPermission" text NOT NULL,
+	CONSTRAINT "role_permissions_idRole_idPermission_pk" PRIMARY KEY("idRole","idPermission")
+);
+--> statement-breakpoint
+CREATE TABLE "roles" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "students" (
+	"numEtud" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL,
+	"prenom" text NOT NULL,
+	"idPromo" text
+);
+--> statement-breakpoint
+CREATE TABLE "ue_modules" (
+	"idModule" text NOT NULL,
+	"idUE" integer NOT NULL,
+	"idPromo" text NOT NULL,
+	"coeff" double precision NOT NULL,
+	CONSTRAINT "ue_modules_idModule_idUE_idPromo_pk" PRIMARY KEY("idModule","idUE","idPromo")
+);
+--> statement-breakpoint
+CREATE TABLE "ues" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "users" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL,
+	"prenom" text NOT NULL,
+	"idRole" integer
+);
+--> statement-breakpoint
+ALTER TABLE "ajustements" ADD CONSTRAINT "ajustements_numEtud_students_numEtud_fk" FOREIGN KEY ("numEtud") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ajustements" ADD CONSTRAINT "ajustements_idUE_ues_id_fk" FOREIGN KEY ("idUE") REFERENCES "public"."ues"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idProf_users_id_fk" FOREIGN KEY ("idProf") REFERENCES "public"."users"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "mobility" ADD CONSTRAINT "mobility_studentId_students_numEtud_fk" FOREIGN KEY ("studentId") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "notes" ADD CONSTRAINT "notes_numEtud_students_numEtud_fk" FOREIGN KEY ("numEtud") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "notes" ADD CONSTRAINT "notes_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "role_permissions" ADD CONSTRAINT "role_permissions_idRole_roles_id_fk" FOREIGN KEY ("idRole") REFERENCES "public"."roles"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "role_permissions" ADD CONSTRAINT "role_permissions_idPermission_permissions_id_fk" FOREIGN KEY ("idPermission") REFERENCES "public"."permissions"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "students" ADD CONSTRAINT "students_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idUE_ues_id_fk" FOREIGN KEY ("idUE") REFERENCES "public"."ues"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "users" ADD CONSTRAINT "users_idRole_roles_id_fk" FOREIGN KEY ("idRole") REFERENCES "public"."roles"("id") ON DELETE no action ON UPDATE no action;
@@ -0,0 +1,680 @@
+{
+  "id": "bd317b68-1c46-4e83-b4d3-a14f68751afb",
+  "prevId": "00000000-0000-0000-0000-000000000000",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "public.ajustements": {
+      "name": "ajustements",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idUE": {
+          "name": "idUE",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "valeur": {
+          "name": "valeur",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "ajustements_numEtud_students_numEtud_fk": {
+          "name": "ajustements_numEtud_students_numEtud_fk",
+          "tableFrom": "ajustements",
+          "tableTo": "students",
+          "columnsFrom": [
+            "numEtud"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ajustements_idUE_ues_id_fk": {
+          "name": "ajustements_idUE_ues_id_fk",
+          "tableFrom": "ajustements",
+          "tableTo": "ues",
+          "columnsFrom": [
+            "idUE"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "ajustements_numEtud_idUE_pk": {
+          "name": "ajustements_numEtud_idUE_pk",
+          "columns": [
+            "numEtud",
+            "idUE"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.enseignements": {
+      "name": "enseignements",
+      "schema": "",
+      "columns": {
+        "idProf": {
+          "name": "idProf",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "enseignements_idProf_users_id_fk": {
+          "name": "enseignements_idProf_users_id_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "users",
+          "columnsFrom": [
+            "idProf"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "enseignements_idModule_modules_id_fk": {
+          "name": "enseignements_idModule_modules_id_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "enseignements_idPromo_promotions_idPromo_fk": {
+          "name": "enseignements_idPromo_promotions_idPromo_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "enseignements_idProf_idModule_idPromo_pk": {
+          "name": "enseignements_idProf_idModule_idPromo_pk",
+          "columns": [
+            "idProf",
+            "idModule",
+            "idPromo"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.mobility": {
+      "name": "mobility",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "studentId": {
+          "name": "studentId",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "startDate": {
+          "name": "startDate",
+          "type": "date",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "endDate": {
+          "name": "endDate",
+          "type": "date",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "weeksCount": {
+          "name": "weeksCount",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "destinationCountry": {
+          "name": "destinationCountry",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "destinationName": {
+          "name": "destinationName",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "mobilityStatus": {
+          "name": "mobilityStatus",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "default": "'N/A'"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "mobility_studentId_students_numEtud_fk": {
+          "name": "mobility_studentId_students_numEtud_fk",
+          "tableFrom": "mobility",
+          "tableTo": "students",
+          "columnsFrom": [
+            "studentId"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.modules": {
+      "name": "modules",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.notes": {
+      "name": "notes",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "note": {
+          "name": "note",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "notes_numEtud_students_numEtud_fk": {
+          "name": "notes_numEtud_students_numEtud_fk",
+          "tableFrom": "notes",
+          "tableTo": "students",
+          "columnsFrom": [
+            "numEtud"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "notes_idModule_modules_id_fk": {
+          "name": "notes_idModule_modules_id_fk",
+          "tableFrom": "notes",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "notes_numEtud_idModule_pk": {
+          "name": "notes_numEtud_idModule_pk",
+          "columns": [
+            "numEtud",
+            "idModule"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.permissions": {
+      "name": "permissions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.promotions": {
+      "name": "promotions",
+      "schema": "",
+      "columns": {
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "annee": {
+          "name": "annee",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.role_permissions": {
+      "name": "role_permissions",
+      "schema": "",
+      "columns": {
+        "idRole": {
+          "name": "idRole",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPermission": {
+          "name": "idPermission",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "role_permissions_idRole_roles_id_fk": {
+          "name": "role_permissions_idRole_roles_id_fk",
+          "tableFrom": "role_permissions",
+          "tableTo": "roles",
+          "columnsFrom": [
+            "idRole"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "role_permissions_idPermission_permissions_id_fk": {
+          "name": "role_permissions_idPermission_permissions_id_fk",
+          "tableFrom": "role_permissions",
+          "tableTo": "permissions",
+          "columnsFrom": [
+            "idPermission"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "role_permissions_idRole_idPermission_pk": {
+          "name": "role_permissions_idRole_idPermission_pk",
+          "columns": [
+            "idRole",
+            "idPermission"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.roles": {
+      "name": "roles",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.students": {
+      "name": "students",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "prenom": {
+          "name": "prenom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "students_idPromo_promotions_idPromo_fk": {
+          "name": "students_idPromo_promotions_idPromo_fk",
+          "tableFrom": "students",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.ue_modules": {
+      "name": "ue_modules",
+      "schema": "",
+      "columns": {
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idUE": {
+          "name": "idUE",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "coeff": {
+          "name": "coeff",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "ue_modules_idModule_modules_id_fk": {
+          "name": "ue_modules_idModule_modules_id_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ue_modules_idUE_ues_id_fk": {
+          "name": "ue_modules_idUE_ues_id_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "ues",
+          "columnsFrom": [
+            "idUE"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ue_modules_idPromo_promotions_idPromo_fk": {
+          "name": "ue_modules_idPromo_promotions_idPromo_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "ue_modules_idModule_idUE_idPromo_pk": {
+          "name": "ue_modules_idModule_idUE_idPromo_pk",
+          "columns": [
+            "idModule",
+            "idUE",
+            "idPromo"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.ues": {
+      "name": "ues",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.users": {
+      "name": "users",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "prenom": {
+          "name": "prenom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idRole": {
+          "name": "idRole",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "users_idRole_roles_id_fk": {
+          "name": "users_idRole_roles_id_fk",
+          "tableFrom": "users",
+          "tableTo": "roles",
+          "columnsFrom": [
+            "idRole"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {},
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}
@@ -0,0 +1,13 @@
+{
+  "version": "7",
+  "dialect": "postgresql",
+  "entries": [
+    {
+      "idx": 0,
+      "version": "7",
+      "when": 1777155028708,
+      "tag": "0000_square_jetstream",
+      "breakpoints": true
+    }
+  ]
+}
@@ -0,0 +1,99 @@
+import {
+  date,
+  doublePrecision,
+  integer,
+  pgTable,
+  primaryKey,
+  serial,
+  text,
+} from "drizzle-orm/pg-core";
+
+export const roles = pgTable("roles", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const permissions = pgTable("permissions", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const rolePermissions = pgTable("role_permissions", {
+  idRole: integer("idRole").notNull().references(() => roles.id),
+  idPermission: text("idPermission").notNull().references(() => permissions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idRole, t.idPermission] }),
+}));
+
+export const users = pgTable("users", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idRole: integer("idRole").references(() => roles.id),
+});
+
+export const promotions = pgTable("promotions", {
+  id: text("idPromo").primaryKey(),
+  annee: text("annee"),
+});
+
+export const students = pgTable("students", {
+  numEtud: serial("numEtud").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idPromo: text("idPromo").references(() => promotions.id),
+});
+
+export const modules = pgTable("modules", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const enseignements = pgTable("enseignements", {
+  idProf: text("idProf").notNull().references(() => users.id),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idProf, t.idModule, t.idPromo] }),
+}));
+
+export const ues = pgTable("ues", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const ueModules = pgTable("ue_modules", {
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+  coeff: doublePrecision("coeff").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idModule, t.idUE, t.idPromo] }),
+}));
+
+export const notes = pgTable("notes", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  note: doublePrecision("note").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idModule] }),
+}));
+
+export const ajustements = pgTable("ajustements", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  valeur: doublePrecision("valeur").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idUE] }),
+}));
+
+export const mobility = pgTable("mobility", {
+  id: serial("id").primaryKey(),
+  studentId: integer("studentId").references(() => students.numEtud),
+  startDate: date("startDate"),
+  endDate: date("endDate"),
+  weeksCount: integer("weeksCount"),
+  destinationCountry: text("destinationCountry"),
+  destinationName: text("destinationName"),
+  mobilityStatus: text("mobilityStatus").default("N/A"),
+});
@@ -10,7 +10,11 @@
    "build": "deno run -A --unstable-ffi dev.ts build",
    "preview": "deno run -A --unstable-ffi main.ts",
    "update": "deno run -A -r https://fresh.deno.dev/update .",
-    "test": "deno test -A --no-check tests/"
+    "test": "deno test -A --no-check tests/",
+    "test:unit": "deno test -A --no-check tests/unit/",
+    "test:integration": "deno test -A --no-check tests/integration/",
+    "test:e2e": "deno test -A --no-check tests/e2e/",
+    "migrate": "node_modules/.bin/drizzle-kit migrate"
  },
  "lint": {
    "rules": {
@@ -1,15 +1,17 @@
 import { defineConfig } from "drizzle-kit";
 import process from "node:process";

+const url = process.env.DATABASE_URL ??
+  `postgresql://${process.env.POSTGRES_USER}:${process.env.POSTGRES_PASS}@${
+    process.env.POSTGRES_HOST ?? "localhost"
+  }:${process.env.POSTGRES_PORT ?? 5432}/${process.env.POSTGRES_DB}`;
+
 export default defineConfig({
  dialect: "postgresql",
-  schema: "./databases/schema.ts",
+  schema: "./databases/schema.kit.ts",
  out: "./databases/migrations",
  dbCredentials: {
-    host: process.env.POSTGRES_HOST!,
-    port: Number(process.env.POSTGRES_PORT ?? 5432),
-    user: process.env.POSTGRES_USER!,
-    password: process.env.POSTGRES_PASS!,
-    database: process.env.POSTGRES_DB!,
+    url,
+    ssl: false,
  },
 });
@@ -0,0 +1,61 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1776548001,
+        "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
@@ -0,0 +1,62 @@
+{
+  description = "PolyMPR CLI - A tool for managing PolyMPR modules";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs = { self, nixpkgs, flake-utils }:
+    flake-utils.lib.eachDefaultSystem (system:
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+      in
+      {
+        packages.pmpr = pkgs.stdenv.mkDerivation {
+          pname = "pmpr";
+          version = "0.1.0";
+          src = ./.;
+
+          nativeBuildInputs = [
+            pkgs.deno
+            pkgs.autoPatchelfHook
+          ];
+
+          buildInputs = [
+            pkgs.stdenv.cc.cc.lib
+          ];
+
+          buildPhase = ''
+            export HOME=$TMPDIR
+            deno cache toolbox/cli.ts
+            deno compile -A --output pmpr toolbox/cli.ts
+          '';
+
+          installPhase = ''
+            mkdir -p $out/bin
+            cp pmpr $out/bin/pmpr
+          '';
+        };
+
+        packages.default = self.packages.${system}.pmpr;
+
+        devShells.default = pkgs.mkShell {
+          nativeBuildInputs = [
+            pkgs.deno
+            pkgs.patchelf
+          ];
+
+          buildInputs = [
+            pkgs.stdenv.cc.cc.lib
+          ];
+
+          shellHook = ''
+            export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:$LD_LIBRARY_PATH"
+            export NIX_LD_INTERPRETER=$(cat ${pkgs.stdenv.cc}/nix-support/dynamic-linker)
+            echo "Welcome to PolyMPR development shell!"
+            echo "Use 'deno task compile' to build the CLI."
+          '';
+        };
+      }
+    );
+}
@@ -9,4 +9,4 @@
    "drizzle-kit": "^0.31.10",
    "tsx": "^4.21.0"
  }
-}
+}
@@ -4,7 +4,7 @@ import { enseignements } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 import { and, eq } from "npm:drizzle-orm@0.45.2";

-const NOT_FOUND = new Response(
+const _NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
  { status: 404, headers: { "content-type": "application/json" } },
 );
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { modules } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers<null, AuthenticatedState> = {
  // #23 GET /modules
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { modules } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 const NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
@@ -1,7 +1,7 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "../../../../databases/db.ts";
 import { notes } from "../../../../databases/schema.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
  // #42 GET /notes
@@ -44,10 +44,13 @@ export const handler: Handlers = {
      const { note, numEtud, idModule } = body;

      if (note === undefined || !numEtud || !idModule) {
-        return new Response("Champs 'note', 'numEtud' et 'idModule' requis", { status: 400 });
+        return new Response("Champs 'note', 'numEtud' et 'idModule' requis", {
+          status: 400,
+        });
      }

-      const result = await db.insert(notes).values({ note, numEtud, idModule }).returning();
+      const result = await db.insert(notes).values({ note, numEtud, idModule })
+        .returning();

      return new Response(JSON.stringify(result[0]), {
        status: 201,
@@ -58,4 +61,4 @@ export const handler: Handlers = {
      return new Response("Failed to create note", { status: 500 });
    }
  },
-};
+};
@@ -1,20 +1,23 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "../../../../../../databases/db.ts";
 import { notes } from "../../../../../../databases/schema.ts";
-import { and, eq } from "npm:drizzle-orm";
+import { and, eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
-  // #45 GET /notes/:numEtud/:idModule  
+  // #45 GET /notes/:numEtud/:idModule
  async GET(_request, context) {
    try {
      const numEtud = parseInt(context.params.numEtud);
      const { idModule } = context.params;

      if (isNaN(numEtud)) {
-        return new Response(JSON.stringify({ error: "Paramètre numEtud invalide" }), {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      const result = await db.select().from(notes).where(
@@ -25,10 +28,13 @@ export const handler: Handlers = {
      );

      if (result.length === 0) {
-        return new Response(JSON.stringify({ error: "Ressource introuvable" }), {
-          status: 404,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      return new Response(JSON.stringify(result[0]), {
@@ -40,4 +46,94 @@ export const handler: Handlers = {
      return new Response("Failed to fetch data", { status: 500 });
    }
  },
-};
+
+  // #46 PUT /notes/:numEtud/:idModule
+  async PUT(request, context) {
+    try {
+      const numEtud = parseInt(context.params.numEtud);
+      const { idModule } = context.params;
+
+      if (isNaN(numEtud)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const body = await request.json();
+      const { note } = body;
+
+      if (note === undefined) {
+        return new Response("Champ 'note' manquant", { status: 400 });
+      }
+
+      const result = await db.update(notes).set({ note }).where(
+        and(
+          eq(notes.numEtud, numEtud),
+          eq(notes.idModule, idModule),
+        ),
+      ).returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error updating note:", error);
+      return new Response("Failed to update note", { status: 500 });
+    }
+  },
+
+  // #47 DELETE /notes/:numEtud/:idModule
+  async DELETE(_request, context) {
+    try {
+      const numEtud = parseInt(context.params.numEtud);
+      const { idModule } = context.params;
+
+      if (isNaN(numEtud)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const result = await db.delete(notes).where(
+        and(
+          eq(notes.numEtud, numEtud),
+          eq(notes.idModule, idModule),
+        ),
+      ).returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(null, { status: 204 });
+    } catch (error) {
+      console.error("Error deleting note:", error);
+      return new Response("Failed to delete note", { status: 500 });
+    }
+  },
+};
@@ -1,10 +1,10 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "../../../../databases/db.ts";
 import { ueModules } from "../../../../databases/schema.ts";
-import { and, eq } from "npm:drizzle-orm";
+import { and, eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
-  // #37 GET /ue-modules  
+  // #37 GET /ue-modules
  async GET(request) {
    try {
      const url = new URL(request.url);
@@ -33,7 +33,7 @@ export const handler: Handlers = {
      return new Response("Failed to fetch data", { status: 500 });
    }
  },
-  
+
  // #38 POST /ue-modules
  async POST(request) {
    try {
@@ -41,10 +41,18 @@ export const handler: Handlers = {
      const { idModule, idUE, idPromo, coeff } = body;

      if (!idModule || !idUE || !idPromo || coeff === undefined) {
-        return new Response("Champs 'idModule', 'idUE', 'idPromo' et 'coeff' requis", { status: 400 });
+        return new Response(
+          "Champs 'idModule', 'idUE', 'idPromo' et 'coeff' requis",
+          { status: 400 },
+        );
      }

-      const result = await db.insert(ueModules).values({ idModule, idUE, idPromo, coeff }).returning();
+      const result = await db.insert(ueModules).values({
+        idModule,
+        idUE,
+        idPromo,
+        coeff,
+      }).returning();

      return new Response(JSON.stringify(result[0]), {
        status: 201,
@@ -55,4 +63,4 @@ export const handler: Handlers = {
      return new Response("Failed to create UE-module", { status: 500 });
    }
  },
-};
+};
@@ -0,0 +1,139 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { ueModules } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Association UE-Module introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+const BAD_REQUEST = new Response(
+  JSON.stringify({ error: "Paramètres invalides" }),
+  { status: 400, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #39 GET /ue-modules/{idModule}/{idUE}/{idPromo}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const ueModuleAssociation = await db
+      .select()
+      .from(ueModules)
+      .where(
+        eq(ueModules.idModule, idModule),
+        eq(ueModules.idUE, idUE),
+        eq(ueModules.idPromo, idPromo),
+      )
+      .then((rows) => rows[0] ?? null);
+
+    if (!ueModuleAssociation) return NOT_FOUND;
+
+    return new Response(JSON.stringify(ueModuleAssociation), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #40 PUT /ue-modules/{idModule}/{idUE}/{idPromo}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const body: { coeff: number } = await request.json();
+
+    if (typeof body.coeff !== "number") {
+      return new Response(
+        JSON.stringify({ error: "Le champ 'coeff' doit être un nombre" }),
+        { status: 400, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [updated] = await db
+      .update(ueModules)
+      .set({ coeff: body.coeff })
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(
+      JSON.stringify({
+        idModule: updated.idModule,
+        idUE: updated.idUE,
+        idPromo: updated.idPromo,
+        coeff: updated.coeff,
+      }),
+      {
+        headers: { "content-type": "application/json" },
+      },
+    );
+  },
+
+  // #41 DELETE /ue-modules/{idModule}/{idUE}/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const [deleted] = await db
+      .delete(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -39,4 +39,4 @@ export const handler: Handlers = {
      return new Response("Failed to create UE", { status: 500 });
    }
  },
-};
+};
@@ -1,28 +1,34 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "../../../../../databases/db.ts";
 import { ues } from "../../../../../databases/schema.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
-  // # 34 GET /ues/:idUE  
+  // # 34 GET /ues/:idUE
  async GET(_request, context) {
    try {
      const idUE = parseInt(context.params.idUE);

      if (isNaN(idUE)) {
-        return new Response(JSON.stringify({ error: "Paramètre idUE invalide" }), {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      const result = await db.select().from(ues).where(eq(ues.id, idUE));

      if (result.length === 0) {
-        return new Response(JSON.stringify({ error: "Ressource introuvable" }), {
-          status: 404,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      return new Response(JSON.stringify(result[0]), {
@@ -41,10 +47,13 @@ export const handler: Handlers = {
      const idUE = parseInt(context.params.idUE);

      if (isNaN(idUE)) {
-        return new Response(JSON.stringify({ error: "Paramètre idUE invalide" }), {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      const body = await request.json();
@@ -54,13 +63,17 @@ export const handler: Handlers = {
        return new Response("Champ 'nom' manquant", { status: 400 });
      }

-      const result = await db.update(ues).set({ nom }).where(eq(ues.id, idUE)).returning();
+      const result = await db.update(ues).set({ nom }).where(eq(ues.id, idUE))
+        .returning();

      if (result.length === 0) {
-        return new Response(JSON.stringify({ error: "Ressource introuvable" }), {
-          status: 404,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      return new Response(JSON.stringify(result[0]), {
@@ -79,19 +92,25 @@ export const handler: Handlers = {
      const idUE = parseInt(context.params.idUE);

      if (isNaN(idUE)) {
-        return new Response(JSON.stringify({ error: "Paramètre idUE invalide" }), {
-          status: 400,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      const result = await db.delete(ues).where(eq(ues.id, idUE)).returning();

      if (result.length === 0) {
-        return new Response(JSON.stringify({ error: "Ressource introuvable" }), {
-          status: 404,
-          headers: { "Content-Type": "application/json" },
-        });
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
      }

      return new Response(null, { status: 204 });
@@ -0,0 +1,23 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+pkgs.mkShell {
+  name = "polympr-dev";
+  nativeBuildInputs = [
+    pkgs.deno
+    pkgs.patchelf
+    pkgs.tea
+  ];
+
+  buildInputs = [
+    pkgs.stdenv.cc.cc.lib
+  ];
+
+  shellHook = ''
+    export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:$LD_LIBRARY_PATH"
+    # Find the dynamic linker
+    export NIX_LD_INTERPRETER=$(cat ${pkgs.stdenv.cc}/nix-support/dynamic-linker)
+    echo "Welcome to PolyMPR development shell!"
+    echo "Use 'deno task compile' to build the CLI."
+    echo "If on NixOS, it will be automatically patched."
+  '';
+}
@@ -0,0 +1,42 @@
+// #115 - E2E tests for GET /permissions
+// Handler statique (pas de DB), test direct du handler
+
+import { assertEquals, assertExists } from "@std/assert";
+import { makeEmployeeContext, makeGetRequest } from "../helpers/handler.ts";
+import { handler as permissionsHandler } from "$apps/admin/api/permissions.ts";
+
+Deno.test({
+  name: "e2e permissions: GET /permissions returns all 9 permissions",
+  fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    return res.text().then((text) => {
+      const data = JSON.parse(text);
+      assertEquals(data.length, 9);
+      assertExists(data.find((p: { id: string }) => p.id === "student_read"));
+      assertExists(data.find((p: { id: string }) => p.id === "role_write"));
+    });
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e permissions: GET /permissions - all entries have id and nom",
+  async fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    const data: { id: string; nom: string }[] = await res.json();
+    for (const p of data) {
+      assertEquals(typeof p.id, "string");
+      assertEquals(typeof p.nom, "string");
+    }
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,288 @@
+// #109 - E2E tests for /students endpoints
+// Appelle les handlers Fresh directement avec un vrai contexte + vraie DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedPromotions,
+  seedStudents,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as studentsHandler } from "$apps/students/api/students.ts";
+import { handler as studentHandler } from "$apps/students/api/students/[numEtud].ts";
+
+// --- GET /students ---
+
+Deno.test({
+  name: "e2e students: GET /students returns all students as employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+    ]);
+
+    const req = makeGetRequest("/students");
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertExists(body.find((s: { nom: string }) => s.nom === "Dupont"));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students returns empty array for non-employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+    ]);
+
+    const req = makeGetRequest("/students");
+    const ctx = makeContextWithAffiliation("student");
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students?idPromo filters by promotion",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }, { id: "PEIP2-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+      { nom: "Durand", prenom: "Claire", idPromo: "PEIP2-2024" },
+    ]);
+
+    const req = makeGetRequest("/students", { idPromo: "PEIP1-2024" });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertEquals(
+      body.every((s: { idPromo: string }) => s.idPromo === "PEIP1-2024"),
+      true,
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /students ---
+
+Deno.test({
+  name: "e2e students: POST /students creates a student (201)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const req = makeJsonRequest("/students", "POST", {
+      nom: "Leroy",
+      prenom: "Paul",
+      idPromo: "INFO3-2024",
+    });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.numEtud);
+    assertEquals(body.nom, "Leroy");
+    assertEquals(body.idPromo, "INFO3-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: POST /students 403 for non-employee",
+  async fn() {
+    await truncateAll();
+
+    const req = makeJsonRequest("/students", "POST", {
+      nom: "Test",
+      prenom: "User",
+      idPromo: "PEIP1-2024",
+    });
+    const ctx = makeContextWithAffiliation("student");
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: POST /students 400 when missing required fields",
+  async fn() {
+    await truncateAll();
+
+    const req = makeJsonRequest("/students", "POST", { nom: "Leroy" });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud returns student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Bernard", prenom: "Lucie", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeGetRequest(`/students/${s.numEtud}`);
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.numEtud, s.numEtud);
+    assertEquals(body.nom, "Bernard");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/999999");
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud 403 for non-employee",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/12345");
+    const ctx = makeContextWithAffiliation("student", { numEtud: "12345" });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: PUT /students/:numEtud updates student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }, { id: "INFO4-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Petit", prenom: "Hugo", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeJsonRequest(`/students/${s.numEtud}`, "PUT", {
+      nom: "Grand",
+      prenom: "Hugo",
+      idPromo: "INFO4-2024",
+    });
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.PUT!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "Grand");
+    assertEquals(body.idPromo, "INFO4-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: PUT /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const req = makeJsonRequest("/students/999999", "PUT", {
+      nom: "Ghost",
+      prenom: "Ghost",
+      idPromo: "INFO3-2024",
+    });
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.PUT!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: DELETE /students/:numEtud returns 204",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Thomas", prenom: "Eva", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeGetRequest(`/students/${s.numEtud}`);
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.DELETE!(req, ctx);
+
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: DELETE /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/999999");
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.DELETE!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,89 @@
+// Helper pour les tests d'intégration avec PostgreSQL
+// Nécessite les variables d'environnement POSTGRES_* (ou TEST_DATABASE_URL)
+
+import { drizzle } from "npm:drizzle-orm@0.45.2/node-postgres";
+import pg from "npm:pg@8.20.0";
+import * as schema from "$root/databases/schema.ts";
+
+const { Pool } = pg;
+
+function createTestPool(): pg.Pool {
+  const url = Deno.env.get("TEST_DATABASE_URL");
+  if (url) {
+    return new Pool({ connectionString: url });
+  }
+  return new Pool({
+    host: Deno.env.get("POSTGRES_HOST") ?? "localhost",
+    port: Number(Deno.env.get("POSTGRES_PORT") ?? 5432),
+    user: Deno.env.get("POSTGRES_USER") ?? "test",
+    password: Deno.env.get("POSTGRES_PASS") ?? "test",
+    database: Deno.env.get("POSTGRES_DB") ?? "polympr_test",
+    ssl: false,
+  });
+}
+
+export const testPool = createTestPool();
+export const testDb = drizzle(testPool, { schema });
+
+const ALL_TABLES =
+  '"mobility","ajustements","notes","ue_modules","enseignements","role_permissions","students","users","modules","ues","promotions","permissions","roles"';
+
+/**
+ * Vide toutes les tables dans le bon ordre.
+ * À appeler dans beforeEach de chaque test d'intégration.
+ */
+export async function truncateAll(): Promise<void> {
+  const client = await testPool.connect();
+  try {
+    await client.query(
+      `TRUNCATE TABLE ${ALL_TABLES} RESTART IDENTITY CASCADE`,
+    );
+  } finally {
+    client.release();
+  }
+}
+
+/**
+ * Ferme le pool à la fin de la suite de tests.
+ */
+export async function closeTestPool(): Promise<void> {
+  await testPool.end();
+}
+
+// --- Helpers d'insertion de fixtures ---
+
+export async function seedRoles(
+  rows: { nom: string }[],
+): Promise<typeof schema.roles.$inferSelect[]> {
+  return await testDb.insert(schema.roles).values(rows).returning();
+}
+
+export async function seedPromotions(
+  rows: { id: string; annee?: string }[],
+): Promise<typeof schema.promotions.$inferSelect[]> {
+  return await testDb.insert(schema.promotions).values(rows).returning();
+}
+
+export async function seedStudents(
+  rows: { nom: string; prenom: string; idPromo?: string }[],
+): Promise<typeof schema.students.$inferSelect[]> {
+  return await testDb.insert(schema.students).values(rows).returning();
+}
+
+export async function seedModules(
+  rows: { id: string; nom: string }[],
+): Promise<typeof schema.modules.$inferSelect[]> {
+  return await testDb.insert(schema.modules).values(rows).returning();
+}
+
+export async function seedUes(
+  rows: { nom: string }[],
+): Promise<typeof schema.ues.$inferSelect[]> {
+  return await testDb.insert(schema.ues).values(rows).returning();
+}
+
+export async function seedUsers(
+  rows: { id: string; nom: string; prenom: string; idRole?: number }[],
+): Promise<typeof schema.users.$inferSelect[]> {
+  return await testDb.insert(schema.users).values(rows).returning();
+}
@@ -0,0 +1,88 @@
+// Helper pour les tests E2E — appel direct des handlers Fresh
+// sans lancer de serveur HTTP
+
+import { FreshContext } from "$fresh/server.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { CasContent } from "$root/defaults/interfaces.ts";
+
+const BASE_EMPLOYEE_SESSION: CasContent = {
+  amuCampus: "",
+  amuComposante: "",
+  amuDateValidation: "",
+  coGroup: "",
+  eduPersonPrimaryAffiliation: "employee",
+  eduPersonPrincipalName: "test.user@polytech.fr",
+  mail: "test.user@polytech.fr",
+  displayName: "Test User",
+  givenName: "Test",
+  memberOf: [],
+  sn: "User",
+  supannCivilite: "M.",
+  supannEntiteAffectation: "",
+  supannEtuAnneeInscription: "",
+  supannEtuEtape: "",
+  uid: "test.user",
+};
+
+/**
+ * Crée un FreshContext mock authentifié en tant qu'employee.
+ */
+export function makeEmployeeContext(
+  params: Record<string, string> = {},
+): FreshContext<AuthenticatedState> {
+  return {
+    params,
+    state: {
+      isAuthenticated: true,
+      session: { ...BASE_EMPLOYEE_SESSION },
+      availablePages: {},
+    },
+    render: () => Promise.resolve(new Response()),
+    renderNotFound: () => Promise.resolve(new Response(null, { status: 404 })),
+    next: () => Promise.resolve(new Response()),
+  } as unknown as FreshContext<AuthenticatedState>;
+}
+
+/**
+ * Crée un FreshContext mock avec un affiliation personnalisée.
+ */
+export function makeContextWithAffiliation(
+  affiliation: string,
+  params: Record<string, string> = {},
+): FreshContext<AuthenticatedState> {
+  const ctx = makeEmployeeContext(params);
+  (ctx.state as AuthenticatedState).session.eduPersonPrimaryAffiliation =
+    affiliation;
+  return ctx;
+}
+
+/**
+ * Crée une Request GET simple.
+ */
+export function makeGetRequest(
+  path: string,
+  searchParams?: Record<string, string>,
+): Request {
+  const url = new URL(`http://localhost${path}`);
+  if (searchParams) {
+    for (const [k, v] of Object.entries(searchParams)) {
+      url.searchParams.set(k, v);
+    }
+  }
+  return new Request(url.toString());
+}
+
+/**
+ * Crée une Request POST/PUT avec un corps JSON.
+ */
+export function makeJsonRequest(
+  path: string,
+  method: string,
+  body: unknown,
+): Request {
+  return new Request(`http://localhost${path}`, {
+    method,
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify(body),
+  });
+}
@@ -0,0 +1,173 @@
+// #109 - Integration tests for /students endpoints
+// Teste les opérations DB directement avec une vraie base de données
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  seedPromotions,
+  seedStudents,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { students } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration students: list all students",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+    ]);
+
+    const rows = await testDb.select().from(students);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: filter by idPromo",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }, { id: "PEIP2-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+      { nom: "Durand", prenom: "Claire", idPromo: "PEIP2-2024" },
+    ]);
+
+    const rows = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.idPromo, "PEIP1-2024"));
+    assertEquals(rows.length, 2);
+    assertEquals(rows.every((s) => s.idPromo === "PEIP1-2024"), true);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: create and retrieve by numEtud",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const [created] = await testDb
+      .insert(students)
+      .values({ nom: "Leroy", prenom: "Paul", idPromo: "INFO3-2024" })
+      .returning();
+
+    assertExists(created.numEtud);
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, created.numEtud))
+      .then((r) => r[0] ?? null);
+
+    assertExists(row);
+    assertEquals(row.nom, "Leroy");
+    assertEquals(row.idPromo, "INFO3-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: get by numEtud returns null when not found",
+  async fn() {
+    await truncateAll();
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, 999999))
+      .then((r) => r[0] ?? null);
+
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: update student fields",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }, { id: "INFO4-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Petit", prenom: "Hugo", idPromo: "INFO3-2024" },
+    ]);
+
+    const [updated] = await testDb
+      .update(students)
+      .set({ nom: "Grand", idPromo: "INFO4-2024" })
+      .where(eq(students.numEtud, s.numEtud))
+      .returning();
+
+    assertEquals(updated.nom, "Grand");
+    assertEquals(updated.idPromo, "INFO4-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: delete student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Thomas", prenom: "Eva", idPromo: "INFO3-2024" },
+    ]);
+
+    await testDb.delete(students).where(eq(students.numEtud, s.numEtud));
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, s.numEtud))
+      .then((r) => r[0] ?? null);
+
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: update non-existent student returns empty",
+  async fn() {
+    await truncateAll();
+
+    const result = await testDb
+      .update(students)
+      .set({ nom: "Ghost" })
+      .where(eq(students.numEtud, 999999))
+      .returning();
+
+    assertEquals(result.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: delete non-existent student returns empty",
+  async fn() {
+    await truncateAll();
+
+    const result = await testDb
+      .delete(students)
+      .where(eq(students.numEtud, 999999))
+      .returning();
+
+    assertEquals(result.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,58 @@
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  closeTestPool,
+  seedRoles,
+  seedUsers,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { users } from "$root/databases/schema.ts";
+
+Deno.test({
+  name: "integration: GET /users - DB round trip",
+  async fn() {
+    await truncateAll();
+
+    const [role] = await seedRoles([{ nom: "employee" }]);
+    await seedUsers([
+      { id: "dupont.jean", nom: "Dupont", prenom: "Jean", idRole: role.id },
+      { id: "martin.alice", nom: "Martin", prenom: "Alice", idRole: role.id },
+    ]);
+
+    const rows = await testDb.select().from(users);
+    assertEquals(rows.length, 2);
+    assertExists(rows.find((u) => u.id === "dupont.jean"));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration: INSERT user and retrieve by id",
+  async fn() {
+    await truncateAll();
+
+    const [role] = await seedRoles([{ nom: "admin" }]);
+    const [created] = await testDb.insert(users).values({
+      id: "durand.claire",
+      nom: "Durand",
+      prenom: "Claire",
+      idRole: role.id,
+    }).returning();
+
+    assertExists(created);
+    assertEquals(created.id, "durand.claire");
+    assertEquals(created.nom, "Durand");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration: cleanup - close pool",
+  async fn() {
+    await closeTestPool();
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,65 @@
+// #115 - Unit tests for GET /permissions
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+
+interface Permission {
+  id: string;
+  nom: string;
+}
+
+const EXPECTED_PERMISSIONS: Permission[] = [
+  { id: "student_read", nom: "Consulter les élèves" },
+  { id: "student_write", nom: "Gérer les élèves" },
+  { id: "note_read", nom: "Consulter les notes" },
+  { id: "note_write", nom: "Gérer les notes" },
+  { id: "module_read", nom: "Consulter les modules" },
+  { id: "module_write", nom: "Gérer les modules" },
+  { id: "user_read", nom: "Consulter les utilisateurs" },
+  { id: "user_write", nom: "Gérer les utilisateurs" },
+  { id: "role_write", nom: "Gérer les rôles" },
+];
+
+Deno.test("permissions: known permission ids", () => {
+  const ids = EXPECTED_PERMISSIONS.map((p) => p.id);
+  assertEquals(ids.includes("student_read"), true);
+  assertEquals(ids.includes("student_write"), true);
+  assertEquals(ids.includes("note_read"), true);
+  assertEquals(ids.includes("role_write"), true);
+  assertEquals(ids.length, 9);
+});
+
+Deno.test("permissions: all permissions have string id and nom", () => {
+  for (const p of EXPECTED_PERMISSIONS) {
+    assertEquals(typeof p.id, "string");
+    assertEquals(typeof p.nom, "string");
+  }
+});
+
+Deno.test("mock API: GET /permissions returns all permissions", async () => {
+  mockFetch({ "/permissions": EXPECTED_PERMISSIONS });
+  try {
+    const res = await fetch("http://localhost/api/permissions");
+    assertEquals(res.status, 200);
+    const data: Permission[] = await res.json();
+    assertEquals(data.length, 9);
+    assertExists(data.find((p) => p.id === "student_read"));
+    assertExists(data.find((p) => p.id === "role_write"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /permissions - each permission has id and nom", async () => {
+  mockFetch({ "/permissions": EXPECTED_PERMISSIONS });
+  try {
+    const res = await fetch("http://localhost/api/permissions");
+    const data: Permission[] = await res.json();
+    for (const p of data) {
+      assertExists(p.id);
+      assertExists(p.nom);
+    }
+  } finally {
+    restoreFetch();
+  }
+});
@@ -0,0 +1,216 @@
+// #109 - Unit tests for /students endpoints
+// Tests purs : fixtures, mock API, mock DB — aucun appel réseau réel
+
+import { assertEquals, assertExists } from "@std/assert";
+import { getFetchCalls, mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Student, students } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("students: fixtures have correct shape", () => {
+  assertEquals(students.length, 3);
+  assertEquals(typeof students[0].numEtud, "number");
+  assertEquals(typeof students[0].nom, "string");
+  assertEquals(typeof students[0].prenom, "string");
+  assertEquals(typeof students[0].idPromo, "string");
+});
+
+Deno.test("students: two students belong to the same promo", () => {
+  const promo4 = students.filter((s) => s.idPromo === "4AFISE25/26");
+  assertEquals(promo4.length, 2);
+});
+
+// --- Mock API - GET /students ---
+
+Deno.test("mock API: GET /students returns list", async () => {
+  mockFetch({ "/students": students });
+  try {
+    const res = await fetch("http://localhost/api/students");
+    assertEquals(res.status, 200);
+    const data: Student[] = await res.json();
+    assertEquals(data.length, 3);
+    assertExists(data.find((s) => s.nom === "Dupont"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students?idPromo filters by promo", async () => {
+  const filtered = students.filter((s) => s.idPromo === "4AFISE25/26");
+  mockFetch({ "/students": filtered });
+  try {
+    const res = await fetch(
+      "http://localhost/api/students?idPromo=4AFISE25/26",
+    );
+    const data: Student[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((s) => s.idPromo === "4AFISE25/26"), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students/:numEtud returns one student", async () => {
+  mockFetch({ "/students/21212006": students[0] });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006");
+    assertEquals(res.status, 200);
+    const data: Student = await res.json();
+    assertEquals(data.numEtud, 21212006);
+    assertEquals(data.nom, "Dupont");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students/:numEtud 404 when not found", async () => {
+  mockFetch({
+    "/students/99999": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/99999");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /students creates student", async () => {
+  const newStudent = students[0];
+  mockFetch({ "/students": { method: "POST", status: 201, body: newStudent } });
+  try {
+    const res = await fetch("http://localhost/api/students", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        nom: "Dupont",
+        prenom: "Jean",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 201);
+    const data: Student = await res.json();
+    assertEquals(data.nom, "Dupont");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /students/:numEtud updates student", async () => {
+  const updated = { ...students[0], nom: "Dupont-Modifié" };
+  mockFetch({
+    "/students/21212006": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        nom: "Dupont-Modifié",
+        prenom: "Jean",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 200);
+    const data: Student = await res.json();
+    assertEquals(data.nom, "Dupont-Modifié");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /students/:numEtud returns 204", async () => {
+  mockFetch({ "/students/21212006": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /students 400 on missing fields", async () => {
+  mockFetch({ "/students": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/students", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "Test" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find student by numEtud", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const s = db.findOne<Student>("students", (r) => r.numEtud === 21212006);
+  assertExists(s);
+  assertEquals(s.nom, "Dupont");
+});
+
+Deno.test("mock DB: filter students by idPromo", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const rows = db.findMany<Student>(
+    "students",
+    (s) => s.idPromo === "4AFISE25/26",
+  );
+  assertEquals(rows.length, 2);
+});
+
+Deno.test("mock DB: insert student increments count", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  db.insert<Student>("students", {
+    numEtud: 21212099,
+    nom: "Test",
+    prenom: "Ing",
+    idPromo: "4AFISE25/26",
+  });
+  assertEquals(db.getTable("students").length, 4);
+});
+
+Deno.test("mock DB: update student nom", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const count = db.updateWhere<Student>(
+    "students",
+    (s) => s.numEtud === 21212006,
+    { nom: "Nouveau" },
+  );
+  assertEquals(count, 1);
+  assertEquals(
+    db.findOne<Student>("students", (s) => s.numEtud === 21212006)?.nom,
+    "Nouveau",
+  );
+});
+
+Deno.test("mock DB: delete student removes exactly one", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const count = db.deleteWhere<Student>(
+    "students",
+    (s) => s.numEtud === 21212006,
+  );
+  assertEquals(count, 1);
+  assertEquals(db.getTable("students").length, 2);
+});
+
+Deno.test("mock API: getFetchCalls tracks student requests", async () => {
+  mockFetch({ "/students": students });
+  try {
+    await fetch("http://localhost/api/students");
+    await fetch("http://localhost/api/students?idPromo=4AFISE25/26");
+    const calls = getFetchCalls();
+    assertEquals(calls.length, 2);
+    assertEquals(calls[0].method, "GET");
+  } finally {
+    restoreFetch();
+  }
+});
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -e
+
+# Default output path
+OUTPUT_PATH="${HOME}/.deno/bin/pmpr"
+
+# Ensure directory exists
+mkdir -p "$(dirname "$OUTPUT_PATH")"
+
+# Check if we are on a system that needs patching (like NixOS)
+IS_NIXOS=false
+if [ "$(uname)" = "Linux" ]; then
+    if [ ! -f /lib64/ld-linux-x86-64.so.2 ] || ls -l /lib64/ld-linux-x86-64.so.2 | grep -q "stub-ld"; then
+        IS_NIXOS=true
+    fi
+fi
+
+if [ "$IS_NIXOS" = true ]; then
+    echo "NixOS detected. Creating a wrapper script instead of a compiled binary to avoid linking issues with Deno."
+    # Use absolute paths for config and script to make it work from anywhere
+    PROJECT_ROOT="$(pwd)"
+    cat > "$OUTPUT_PATH" <<EOF
+#!/usr/bin/env bash
+# PolyMPR CLI Wrapper for Nix
+exec deno run -A --config "$PROJECT_ROOT/deno.json" "$PROJECT_ROOT/toolbox/cli.ts" "\$@"
+EOF
+    chmod +x "$OUTPUT_PATH"
+    echo "Wrapper created at $OUTPUT_PATH"
+else
+    echo "Compiling CLI to $OUTPUT_PATH..."
+    deno compile -A --output "$OUTPUT_PATH" toolbox/cli.ts
+    echo "Done."
+fi
Author	SHA1	Message	Date
djalim	f672d6467b	fix: remove unused body variable in permissions e2e test Check Deno code / Check Deno code (pull_request) Successful in 5s Details Tests / Unit tests (pull_request) Successful in 11s Details Tests / Integration tests (pull_request) Successful in 57s Details	2026-04-26 13:08:35 +00:00
djalim	0f32cee620	test(permissions): add unit and e2e tests for GET /permissions (#115 ) Handler is static (no DB), tests verify the 9 known permissions are returned with correct id/nom shapes.	2026-04-26 13:08:35 +00:00
djalim	e2f5bf7b95	ci: remove Run tests step from lint workflow Check Deno code / Check Deno code (push) Successful in 6s Details Tests / Unit tests (push) Successful in 12s Details Tests / Integration tests (push) Successful in 57s Details Check Deno code / Check Deno code (pull_request) Successful in 6s Details Tests / Unit tests (pull_request) Successful in 12s Details Tests / Integration tests (pull_request) Successful in 1m3s Details	2026-04-26 14:30:40 +02:00
djalim	cd5c524ff0	style: fix deno fmt on students tests and drizzle.config Check Deno code / Check Deno code (pull_request) Failing after 8s Details Tests / Unit tests (pull_request) Successful in 11s Details Tests / Integration tests (pull_request) Successful in 58s Details	2026-04-26 14:18:09 +02:00
djalim	e5c6c389ea	test(students): add unit, integration and e2e tests for /students (#109 ) Check Deno code / Check Deno code (pull_request) Failing after 5s Details Tests / Unit tests (pull_request) Successful in 12s Details Tests / Integration tests (pull_request) Successful in 58s Details - unit: fixture shapes, mock API (GET/POST/PUT/DELETE), mock DB operations - integration: real DB CRUD via testDb (list, filter, create, get, update, delete) - e2e: handler calls directly with mock FreshContext + real DB covers auth (employee vs non-employee), 400/403/404 cases - adds test:e2e deno task and CI step - adds tests/helpers/handler.ts with makeEmployeeContext, makeContextWithAffiliation, makeGetRequest, makeJsonRequest utilities Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-26 14:00:38 +02:00
djalim	daa7f4951f	fix(ci): fix postgres TCP setup and truncateAll superuser error Check Deno code / Check Deno code (push) Failing after 5s Details Tests / Unit tests (push) Successful in 11s Details Tests / Integration tests (push) Successful in 55s Details - Use apt-get install + configure listen_addresses + md5 auth in pg_hba so psql can connect via 127.0.0.1 (not just Unix socket) - Use pg_ctlcluster restart after config changes + wait for pg_isready - Replace session_replication_role (requires superuser) with a single TRUNCATE ... CASCADE which handles FK deps without elevated privileges - All 3 integration tests now pass in CI (act + Gitea Actions) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-26 11:30:33 +00:00
djalim	a95818e3bf	fix(ci): use connection URL with ssl:false in drizzle config	2026-04-26 11:30:33 +00:00
djalim	26eedcc4f2	debug(ci): add connection diagnostics before migrate	2026-04-26 11:30:33 +00:00
djalim	ce4782580d	fix(ci): remove unsupported --verbose from drizzle-kit migrate	2026-04-26 11:30:33 +00:00
djalim	91248370da	fix(ci): add GRANT on public schema and verbose migrate output	2026-04-26 11:30:33 +00:00
djalim	6b8b5e6aa3	fix(ci): start postgres with pg_ctlcluster instead of systemctl	2026-04-26 11:30:33 +00:00
djalim	d1c3b93755	fix(ci): install postgres via apt-get instead of docker	2026-04-26 11:30:33 +00:00
djalim	f42df29f06	fix(ci): use docker run instead of services for postgres	2026-04-26 11:30:33 +00:00
djalim	c8b808f509	fix(ci): use bash /dev/tcp for postgres readiness check	2026-04-26 11:30:33 +00:00
djalim	fdfdd74894	fix(ci): replace pg_isready with nc for postgres readiness check	2026-04-26 11:30:33 +00:00
djalim	60dde4675c	fix(ci): use deno install for unit tests, add postgres readiness check	2026-04-26 11:30:33 +00:00
djalim	fef9457795	fix(ci): install npm deps before running unit tests	2026-04-26 11:30:33 +00:00
djalim	6db04045f4	fix(lint): add version to drizzle-orm imports and prefix unused NOT_FOUND	2026-04-26 11:30:33 +00:00
djalim	cdd9c0bf06	chore(test): set up integration test framework with postgres - Generate Drizzle migrations (databases/migrations/) - Add databases/schema.kit.ts for drizzle-kit (Node-compatible imports) - Update drizzle.config.ts to use schema.kit.ts - Add deno tasks: test:unit, test:integration, migrate - Add tests/helpers/db_integration.ts: testDb, truncateAll, seed helpers - Add .gitea/workflows/test.yml: CI with postgres service container - Update lint.yml: run test:unit only (no DB needed) - Update deploy.yml: add check-code job, gate deploy on it	2026-04-26 11:30:33 +00:00
djalim	980efcfbc3	ci: add Deno code check job and enable lint on develop Check Deno code / Check Deno code (pull_request) Failing after 9s Details Check Deno code / Check Deno code (push) Failing after 6s Details	2026-04-23 14:29:08 +02:00
anys	66183c2ad8	feat(api): implement UE-Module coefficient update and deletion endpoint - PUT /ue-modules/{idModule}/{idUE}/{idPromo}: update coeff for UE-Module-Promo association - DELETE /ue-modules/{idModule}/{idUE}/{idPromo}: remove UE-Module-Promo association - requires employee role	2026-04-23 14:01:40 +02:00
anys	9976b9e2b4	feat(api): implement UE-Module association get endpoint - GET /ue-modules/{idModule}/{idUE}/{idPromo}: recover the detail of an ue-module association by its composite key - requires employee role	2026-04-23 11:57:30 +00:00
Clément Oudelet	457b008ba3	PMPR-46/47 : PUT et DELETE /notes/{numEtud}/{idModule}	2026-04-23 11:56:20 +00:00