PMPR-44 : fix missing newline

PMPR-44 : fix formatting
PMPR-44 : POST /notes/import-xlsx - importer des notes via Excel
2026-04-26 23:33:45 +02:00 · 2026-04-26 23:28:50 +02:00 · 2026-04-26 20:47:41 +02:00 · 2026-04-26 19:07:15 +02:00 · 2026-04-26 19:01:53 +02:00 · 2026-04-26 18:25:00 +02:00
96 changed files with 11240 additions and 253 deletions
@@ -0,0 +1,44 @@
+name: "Build and push image"
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  check-code:
+    name: "Check Deno code"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Check formatting
+        run: deno fmt --check
+
+      - name: Check linting
+        run: deno lint
+
+  deploy:
+    name: "Build Docker image"
+    runs-on: ubuntu-latest
+    needs: check-code
+    steps:
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: registry.docker.polytech.djalim.fr
+          username: ${{ secrets.registry_login }}
+          password: ${{ secrets.registry_pass }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: registry.docker.polytech.djalim.fr/polympr:latest
@@ -4,6 +4,10 @@ on:
  pull_request:
    branches:
      - main
+      - develop
+  push:
+    branches:
+      - develop

 permissions:
  contents: read
@@ -0,0 +1,79 @@
+name: "Tests"
+
+on:
+  pull_request:
+    branches:
+      - main
+      - develop
+  push:
+    branches:
+      - develop
+
+jobs:
+  unit:
+    name: "Unit tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Install dependencies
+        run: deno install
+
+      - name: Run unit tests
+        run: deno task test:unit
+
+  integration:
+    name: "Integration tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Start postgres
+        run: |
+          sudo apt-get update -qq && sudo apt-get install -y -qq postgresql > /dev/null
+          PG_VER=$(ls /etc/postgresql/)
+          sudo sed -i "s/^#*listen_addresses\s*=.*/listen_addresses = '127.0.0.1'/" /etc/postgresql/$PG_VER/main/postgresql.conf
+          echo "host all all 127.0.0.1/32 md5" | sudo tee -a /etc/postgresql/$PG_VER/main/pg_hba.conf
+          sudo pg_ctlcluster $PG_VER main restart
+          until sudo -u postgres pg_isready -h 127.0.0.1; do sleep 1; done
+          sudo -u postgres psql -c "CREATE USER test WITH PASSWORD 'test';"
+          sudo -u postgres psql -c "CREATE DATABASE polympr_test OWNER test;"
+          sudo -u postgres psql -d polympr_test -c "GRANT ALL ON SCHEMA public TO test;"
+
+      - name: Apply migrations
+        run: |
+          sed 's/--> statement-breakpoint/;/g' databases/migrations/0000_square_jetstream.sql | \
+            PGPASSWORD=test psql -h 127.0.0.1 -U test -d polympr_test
+
+      - name: Install dependencies
+        run: npm install --ignore-scripts && deno install
+
+      - name: Run integration tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:integration
+
+      - name: Run e2e tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:e2e
@@ -0,0 +1,79 @@
+name: "Tests"
+
+on:
+  pull_request:
+    branches:
+      - main
+      - develop
+  push:
+    branches:
+      - develop
+
+jobs:
+  unit:
+    name: "Unit tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Install dependencies
+        run: deno install
+
+      - name: Run unit tests
+        run: deno task test:unit
+
+  integration:
+    name: "Integration tests"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Start postgres
+        run: |
+          sudo apt-get update -qq && sudo apt-get install -y -qq postgresql > /dev/null
+          PG_VER=$(ls /etc/postgresql/)
+          sudo sed -i "s/^#*listen_addresses\s*=.*/listen_addresses = '127.0.0.1'/" /etc/postgresql/$PG_VER/main/postgresql.conf
+          echo "host all all 127.0.0.1/32 md5" | sudo tee -a /etc/postgresql/$PG_VER/main/pg_hba.conf
+          sudo pg_ctlcluster $PG_VER main restart
+          until sudo -u postgres pg_isready -h 127.0.0.1; do sleep 1; done
+          sudo -u postgres psql -c "CREATE USER test WITH PASSWORD 'test';"
+          sudo -u postgres psql -c "CREATE DATABASE polympr_test OWNER test;"
+          sudo -u postgres psql -d polympr_test -c "GRANT ALL ON SCHEMA public TO test;"
+
+      - name: Apply migrations
+        run: |
+          sed 's/--> statement-breakpoint/;/g' databases/migrations/0000_square_jetstream.sql | \
+            PGPASSWORD=test psql -h 127.0.0.1 -U test -d polympr_test
+
+      - name: Install dependencies
+        run: npm install --ignore-scripts && deno install
+
+      - name: Run integration tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:integration
+
+      - name: Run e2e tests
+        env:
+          POSTGRES_HOST: 127.0.0.1
+          POSTGRES_PORT: 5432
+          POSTGRES_USER: test
+          POSTGRES_PASS: test
+          POSTGRES_DB: polympr_test
+        run: deno task test:e2e
@@ -0,0 +1,338 @@
+# PolyMPR - Claude Code Context
+
+## 📋 Project Overview
+
+**PolyMPR** (Poly Management Platform for Resources) is a modular HR management
+system built with **Deno + Fresh** framework. It's designed to help
+organizations manage HR, student records, notes, mobility programs, and
+role-based administration.
+
+### Stack
+
+- **Runtime**: Deno
+- **Framework**: Fresh (edge-ready web framework)
+- **Database**: PostgreSQL with Drizzle ORM
+- **Frontend**: Preact with signals
+- **Authentication**: JWT-based via cookies
+- **Testing**: Deno test framework with HappyDOM for DOM testing
+
+### Current Status
+
+🚧 **In Progress** - Application is far from complete. The schema below is the
+**final/definitive schema** that should guide all development.
+
+---
+
+## 🏗️ Architecture
+
+### Module Structure
+
+The application uses a **modulith architecture** with the following modules:
+
+```
+routes/(apps)/
+├── students/      - Student management & promotions
+├── notes/         - Grade management & academic records
+├── mobility/      - Mobility programs & exchanges
+└── admin/         - Role & permission management
+```
+
+### Key Directories
+
+- `/routes` - Fresh routes and components
+- `/databases` - Database connection, schema, and migrations
+- `/defaults` - Interfaces and shared types
+- `/tests` - Unit, integration, and E2E tests
+- `/static` - Public assets
+
+### Authentication Flow
+
+1. User authenticates via CAS (Polytech)
+2. JWT token stored in `sessionToken` cookie
+3. Middleware validates token on each request
+4. Public routes: `/`, `/login`, `/logout`, `/about`, `/contact`
+5. All other routes require authentication
+
+---
+
+## 📊 Database Schema (Final/Definitive)
+
+```mermaid
+erDiagram
+  USER {
+    string id PK
+    string nom
+    string prenom
+    int idRole FK
+  }
+  ROLE {
+    int id PK
+    string nom
+  }
+  PERMISSION {
+    int id PK
+    string nom
+  }
+  ROLE_PERMISSION {
+    int idRole PK,FK
+    int idPermission PK,FK
+  }
+  STUDENT {
+    int numEtud PK
+    string nom
+    string prenom
+    string idPromo FK
+  }
+  PROMOTION {
+    string idPromo PK
+    string annee
+  }
+  MODULE {
+    string id PK
+    string nom
+  }
+  ENSEIGNEMENT {
+    string idProf PK,FK
+    string idModule PK,FK
+    string idPromo PK,FK
+  }
+  UE {
+    int id PK
+    string nom
+  }
+  UE_MODULE {
+    string idModule PK,FK
+    int idUE PK,FK
+    string idPromo PK,FK
+    float coeff
+  }
+  NOTE {
+    int numEtud PK,FK
+    string idModule PK,FK
+    float note
+  }
+  AJUSTEMENT {
+    int numEtud PK,FK
+    int idUE PK,FK
+    float valeur
+  }
+
+  USER }o--|| ROLE : "a"
+  ROLE_PERMISSION }o--|| ROLE : "accorde"
+  ROLE_PERMISSION }o--|| PERMISSION : "inclut"
+  ENSEIGNEMENT }o--|| USER : "réalisé par"
+  ENSEIGNEMENT }o--|| MODULE : "porte sur"
+  ENSEIGNEMENT }o--|| PROMOTION : "concerne"
+  STUDENT }o--|| PROMOTION : "appartient à"
+  UE_MODULE }o--|| MODULE : "associe"
+  UE_MODULE }o--|| UE : "appartient à"
+  UE_MODULE }o--|| PROMOTION : "pour"
+  NOTE }o--|| STUDENT : "reçoit"
+  NOTE }o--|| MODULE : "dans"
+  AJUSTEMENT }o--|| STUDENT : "concerne"
+  AJUSTEMENT }o--|| UE : "dans"
+```
+
+### Current Schema (Incomplete)
+
+The current Drizzle ORM schema in `/databases/schema.ts` only implements:
+
+- `promotions`
+- `students`
+- `mobility`
+
+**Migration needed**: Update schema to match the final ER diagram above.
+
+---
+
+## 🎯 Open Issues (69 total)
+
+### UI Pages
+
+**Catalog**
+
+- 📋 UI - Page Catalogue d'applications (#71)
+
+**Components**
+
+- 🎨 UI (composant) - Popup Résultats d'import (#75)
+
+**Students**
+
+- 📋 UI - Admin – Liste des élèves (#79)
+- 📋 UI - Admin – Gestion des promotions (#80)
+- 📋 UI - Admin – Import xlsx élèves (#81)
+- 📋 UI - Admin – Édition d'un élève (#82)
+
+**Notes**
+
+- 📋 UI - Page Élève – Mes Notes (#72)
+- 📋 UI - Admin – Consulter les notes (#73)
+- 📋 UI - Admin – Importer des notes (.xlsx) (#74)
+- 📋 UI - Admin – Édition notes d'un élève (#76)
+- 📋 UI - Admin – Récap notes élève / semestre (#77)
+- 📋 UI - Admin – Gestion des UEs (#78)
+
+**Administration**
+
+- 📋 UI - Gestion des utilisateurs (#83)
+- 📋 UI - Gestion des rôles (#84)
+- 📋 UI - Permissions d'un rôle (#85)
+- 📋 UI - Vue des permissions (#86)
+- 📋 UI - Gestion des modules (#87)
+- 📋 UI - Enseignements (Assignations) (#88)
+
+---
+
+### API Endpoints
+
+**Students API**
+
+- 📋 GET `/students` (#7)
+- 📋 POST `/students` (#8)
+- 📋 POST `/students/import-csv` (#9)
+- 📋 GET `/students/{numEtud}` (#10)
+- 📋 PUT `/students/{numEtud}` (#11)
+- 📋 DELETE `/students/{numEtud}` (#12)
+- 📋 GET `/promotions` (#13)
+- 📋 POST `/promotions` (#14)
+- 📋 GET `/promotions/{idPromo}` (#15)
+- 📋 PUT `/promotions/{idPromo}` (#16)
+- 📋 DELETE `/promotions/{idPromo}` (#17)
+
+**Administration API - Modules & Enseignements**
+
+- 📋 GET `/modules` (#23)
+- 📋 POST `/modules` (#24)
+- 📋 GET `/modules/{idModule}` (#25)
+- 📋 PUT `/modules/{idModule}` (#26)
+- 📋 DELETE `/modules/{idModule}` (#27)
+- 📋 POST `/enseignements` (#29)
+- 📋 GET `/enseignements/{idProf}/{idModule}/{idPromo}` (#30)
+- 📋 DELETE `/enseignements/{idProf}/{idModule}/{idPromo}` (#31)
+
+**Notes API - UEs & UE-Modules**
+
+- 📋 GET `/ues` (#32)
+- 📋 POST `/ues` (#33)
+- 📋 GET `/ues/{idUE}` (#34)
+- 📋 PUT `/ues/{idUE}` (#35)
+- 📋 DELETE `/ues/{idUE}` (#36)
+- 📋 GET `/ue-modules` (#37)
+- 📋 POST `/ue-modules` (#38)
+- 📋 GET `/ue-modules/{idModule}/{idUE}/{idPromo}` (#39)
+- 📋 PUT `/ue-modules/{idModule}/{idUE}/{idPromo}` (#40)
+- 📋 DELETE `/ue-modules/{idModule}/{idUE}/{idPromo}` (#41)
+
+**Notes API - Notes & Ajustements**
+
+- 📋 GET `/notes` (#42)
+- 📋 POST `/notes` (#43)
+- 📋 POST `/notes/import-xlsx` (#44)
+- 📋 GET `/notes/{numEtud}/{idModule}` (#45)
+- 📋 PUT `/notes/{numEtud}/{idModule}` (#46)
+- 📋 DELETE `/notes/{numEtud}/{idModule}` (#47)
+- 📋 GET `/ajustements` (#48)
+- 📋 POST `/ajustements` (#49)
+- 📋 GET `/ajustements/{numEtud}/{idUE}` (#50)
+- 📋 PUT `/ajustements/{numEtud}/{idUE}` (#51)
+- 📋 DELETE `/ajustements/{numEtud}/{idUE}` (#52)
+
+**Administration API - Users, Roles & Permissions**
+
+- 📋 GET `/users` (#60)
+- 📋 POST `/users` (#61)
+- 📋 GET `/users/{id}` (#62)
+- 📋 PUT `/users/{id}` (#63)
+- 📋 DELETE `/users/{id}` (#64)
+- 📋 GET `/roles` (#65)
+- 📋 POST `/roles` (#66)
+- 📋 GET `/roles/{idRole}` (#67)
+- 📋 PUT `/roles/{idRole}` (#68)
+- 📋 DELETE `/roles/{idRole}` (#69)
+- 📋 GET `/permissions` (#70)
+
+---
+
+## 🎨 Design Reference
+
+**Figma Prototype**:
+https://www.figma.com/design/La79bsUsWnJCtMsrrt2zGd/Prototype?node-id=0-1
+
+This is the **final design specification** for the UI. All UI implementations
+should follow this design.
+
+---
+
+## 🚀 Development Guidelines
+
+### Getting Started
+
+```bash
+# Run tests
+deno task test
+
+# Start development server
+deno task start
+
+# Build for production
+deno task build
+
+# Format & lint
+deno task check
+```
+
+### Git Workflow
+
+1. Create branch: `git checkout -b PMPR-{ISSUE_ID}`
+2. Implement changes
+3. Run tests and linting
+4. Submit PR
+
+### Code Style
+
+- Format: Follow Deno defaults (enforced via `deno fmt`)
+- Linting: Fresh recommended rules
+- TypeScript strict mode enabled
+- Use Drizzle ORM for database operations
+
+### Testing
+
+- Write unit tests for business logic
+- Integration tests for API endpoints
+- E2E tests with HappyDOM for UI interactions
+- Mock database with provided helpers
+
+---
+
+## 📦 Key Dependencies
+
+- **fresh@1.7.3** - Web framework
+- **drizzle-orm@0.45.2** - ORM
+- **pg@8.20.0** - PostgreSQL driver
+- **@popov/jwt@1.0.1** - JWT utilities
+- **preact@10.22.0** - UI library
+- **happy-dom@16.0.0** - DOM testing
+
+---
+
+## 🔗 Related Resources
+
+- **Repository**: https://git.polytech.djalim.fr/djalim/PolyMPR
+- **Issue Tracker**: Gitea (via `tea` CLI)
+- **Wiki**: Check CONTRIBUTING.md for dev setup
+- **Database**: PostgreSQL (configured in `.env`)
+
+---
+
+## 💡 Important Notes
+
+1. **Current Limitation**: The database schema in `/databases/schema.ts` does
+   NOT match the final ER diagram. This is a priority migration task.
+2. **Design System**: Follow the Figma prototype for all UI work.
+3. **Module Pattern**: Each module should follow the same pattern: routes, API
+   endpoints, components, and tests.
+4. **Permissions**: All admin operations should respect the ROLE_PERMISSION
+   system.
+5. **Fresh Conventions**: Routes use Fresh's file-based routing convention
+   (e.g., `routes/path/index.tsx`).
@@ -3,11 +3,11 @@ FROM denoland/deno:alpine
 WORKDIR /app

 COPY . .
-RUN deno cache main.ts --allow-import flag
+RUN deno cache main.ts --allow-import
 RUN deno task build

 USER deno
 EXPOSE 80
 EXPOSE 443

-CMD ["run", "-A", "main.ts"]
+CMD ["run", "-A", "main.ts"]
@@ -0,0 +1,158 @@
+# Bug Report — PolyMPR
+
+> Généré le 2026-04-23
+
+---
+
+## 🔴 Critique
+
+### #1 — Schema mismatch : module mobility entièrement cassé
+
+**Fichier** : `routes/(apps)/mobility/api/insert_mobility.ts`
+
+Références à des colonnes inexistantes dans le schéma Drizzle :
+
+| Utilisé dans le code   | Colonne réelle     |
+| ---------------------- | ------------------ |
+| `students.userId`      | `students.numEtud` |
+| `students.firstName`   | `students.nom`     |
+| `students.lastName`    | `students.prenom`  |
+| `students.promotionId` | `students.idPromo` |
+| `promotions.endyear`   | `promotions.annee` |
+| `promotions.current`   | _(n'existe pas)_   |
+
+Le module crashe à l'exécution. À corriger en alignant les noms de colonnes avec
+le schéma.
+
+---
+
+### #2 — Auth manquante sur de nombreux endpoints
+
+Les endpoints suivants n'ont aucune vérification `eduPersonPrimaryAffiliation` :
+
+- `routes/(apps)/notes/api/notes.ts` (GET, POST)
+- `routes/(apps)/notes/api/ue-modules.ts` (GET, POST)
+- `routes/(apps)/notes/api/ues.ts` (GET, POST)
+- `routes/(apps)/notes/api/ues/[idUE].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/users.ts` (GET, POST)
+- `routes/(apps)/admin/api/users/[id].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/modules/[idModule].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/roles.ts` (GET, POST)
+- `routes/(apps)/admin/api/roles/[idRole].ts` (GET, PUT, DELETE)
+- `routes/(apps)/admin/api/permissions.ts` (GET)
+- `routes/(apps)/mobility/api/insert_mobility.ts`
+
+Tous ces endpoints exposent des données sensibles sans vérifier les permissions.
+
+---
+
+## 🟠 Haut
+
+### #3 — Bug Drizzle ORM : `.where()` avec plusieurs `eq()` sans `and()`
+
+**Fichier** : `routes/(apps)/notes/api/ajustements/[numEtud]/[idUE].ts` — lignes
+34, 72, 100
+
+`.where()` n'accepte qu'un seul argument. Passer plusieurs `eq()` séparés par
+des virgules ne génère pas le SQL attendu (seule la première condition est prise
+en compte).
+
+```ts
+// ❌ Incorrect
+.where(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE))
+
+// ✅ Correct
+.where(and(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE)))
+```
+
+---
+
+### #4 — Bug Drizzle ORM : `.where()` à 3 conditions sans `and()`
+
+**Fichier** :
+`routes/(apps)/notes/api/ue-modules/[idModule]/[idUE]/[idPromo].ts` — handler
+GET (~ligne 41)
+
+Même problème que #3, mais avec 3 conditions. Les handlers PUT et DELETE ont
+déjà `and()`, seul le GET est affecté.
+
+```ts
+// ❌ Incorrect
+.where(
+  eq(ueModules.idModule, idModule),
+  eq(ueModules.idUE, idUE),
+  eq(ueModules.idPromo, idPromo),
+)
+
+// ✅ Correct
+.where(
+  and(
+    eq(ueModules.idModule, idModule),
+    eq(ueModules.idUE, idUE),
+    eq(ueModules.idPromo, idPromo),
+  ),
+)
+```
+
+---
+
+## 🟡 Moyen
+
+### #5 — `and()` passé avec des valeurs `undefined`
+
+**Fichier** : `routes/(apps)/notes/api/ue-modules.ts`
+
+```ts
+and(
+  idPromo ? eq(ueModules.idPromo, idPromo) : undefined,
+  idUE ? eq(ueModules.idUE, idUE) : undefined,
+);
+```
+
+Drizzle tolère les `undefined` dans `and()` dans certaines versions, mais ce
+n'est pas garanti. Mieux vaut construire les conditions dynamiquement avant de
+les passer.
+
+---
+
+### #6 — Validation `!numEtud` rejette faussement `0`
+
+**Fichier** : `routes/(apps)/notes/api/notes.ts` — handler POST
+
+```ts
+// ❌ Rejette numEtud = 0
+if (note === undefined || !numEtud || !idModule)
+
+// ✅ Correct
+if (note === undefined || numEtud === undefined || numEtud === null || !idModule)
+```
+
+---
+
+### #7 — `Number(idRole)` sans vérification `isNaN`
+
+**Fichier** : `routes/(apps)/admin/api/users.ts`
+
+Si `idRole` est une chaîne non numérique, `Number()` retourne `NaN` ce qui
+provoque une erreur SQL.
+
+```ts
+// ❌ Pas de vérification
+const rows = idRole
+  ? await db.select().from(users).where(eq(users.idRole, Number(idRole)))
+  : await db.select().from(users);
+
+// ✅ Valider avant usage
+const role = Number(idRole);
+if (isNaN(role)) return new Response(..., { status: 400 });
+```
+
+---
+
+### #8 — Réponses d'erreur en texte brut au lieu de JSON
+
+**Fichier** : `routes/(apps)/notes/api/notes.ts`
+
+Certaines réponses d'erreur retournent une string sans
+`content-type: application/json`, incohérent avec le reste de l'API qui retourne
+`{ error: "..." }`.
@@ -0,0 +1,233 @@
+{
+  "lockfileVersion": 1,
+  "configVersion": 1,
+  "workspaces": {
+    "": {
+      "dependencies": {
+        "dotenv": "^17.4.0",
+        "drizzle-orm": "^0.45.2",
+        "pg": "^8.20.0",
+      },
+      "devDependencies": {
+        "@types/pg": "^8.20.0",
+        "drizzle-kit": "^0.31.10",
+        "tsx": "^4.21.0",
+      },
+    },
+  },
+  "packages": {
+    "@drizzle-team/brocli": ["@drizzle-team/brocli@0.10.2", "", {}, "sha512-z33Il7l5dKjUgGULTqBsQBQwckHh5AbIuxhdsIxDDiZAzBOrZO6q9ogcWC65kU382AfynTfgNumVcNIjuIua6w=="],
+
+    "@esbuild-kit/core-utils": ["@esbuild-kit/core-utils@3.3.2", "", { "dependencies": { "esbuild": "~0.18.20", "source-map-support": "^0.5.21" } }, "sha512-sPRAnw9CdSsRmEtnsl2WXWdyquogVpB3yZ3dgwJfe8zrOzTsV7cJvmwrKVa+0ma5BoiGJ+BoqkMvawbayKUsqQ=="],
+
+    "@esbuild-kit/esm-loader": ["@esbuild-kit/esm-loader@2.6.5", "", { "dependencies": { "@esbuild-kit/core-utils": "^3.3.2", "get-tsconfig": "^4.7.0" } }, "sha512-FxEMIkJKnodyA1OaCUoEvbYRkoZlLZ4d/eXFu9Fh8CbBBgP5EmZxrfTRyN0qpXZ4vOvqnE5YdRdcrmUUXuU+dA=="],
+
+    "@esbuild/aix-ppc64": ["@esbuild/aix-ppc64@0.25.12", "", { "os": "aix", "cpu": "ppc64" }, "sha512-Hhmwd6CInZ3dwpuGTF8fJG6yoWmsToE+vYgD4nytZVxcu1ulHpUQRAB1UJ8+N1Am3Mz4+xOByoQoSZf4D+CpkA=="],
+
+    "@esbuild/android-arm": ["@esbuild/android-arm@0.25.12", "", { "os": "android", "cpu": "arm" }, "sha512-VJ+sKvNA/GE7Ccacc9Cha7bpS8nyzVv0jdVgwNDaR4gDMC/2TTRc33Ip8qrNYUcpkOHUT5OZ0bUcNNVZQ9RLlg=="],
+
+    "@esbuild/android-arm64": ["@esbuild/android-arm64@0.25.12", "", { "os": "android", "cpu": "arm64" }, "sha512-6AAmLG7zwD1Z159jCKPvAxZd4y/VTO0VkprYy+3N2FtJ8+BQWFXU+OxARIwA46c5tdD9SsKGZ/1ocqBS/gAKHg=="],
+
+    "@esbuild/android-x64": ["@esbuild/android-x64@0.25.12", "", { "os": "android", "cpu": "x64" }, "sha512-5jbb+2hhDHx5phYR2By8GTWEzn6I9UqR11Kwf22iKbNpYrsmRB18aX/9ivc5cabcUiAT/wM+YIZ6SG9QO6a8kg=="],
+
+    "@esbuild/darwin-arm64": ["@esbuild/darwin-arm64@0.25.12", "", { "os": "darwin", "cpu": "arm64" }, "sha512-N3zl+lxHCifgIlcMUP5016ESkeQjLj/959RxxNYIthIg+CQHInujFuXeWbWMgnTo4cp5XVHqFPmpyu9J65C1Yg=="],
+
+    "@esbuild/darwin-x64": ["@esbuild/darwin-x64@0.25.12", "", { "os": "darwin", "cpu": "x64" }, "sha512-HQ9ka4Kx21qHXwtlTUVbKJOAnmG1ipXhdWTmNXiPzPfWKpXqASVcWdnf2bnL73wgjNrFXAa3yYvBSd9pzfEIpA=="],
+
+    "@esbuild/freebsd-arm64": ["@esbuild/freebsd-arm64@0.25.12", "", { "os": "freebsd", "cpu": "arm64" }, "sha512-gA0Bx759+7Jve03K1S0vkOu5Lg/85dou3EseOGUes8flVOGxbhDDh/iZaoek11Y8mtyKPGF3vP8XhnkDEAmzeg=="],
+
+    "@esbuild/freebsd-x64": ["@esbuild/freebsd-x64@0.25.12", "", { "os": "freebsd", "cpu": "x64" }, "sha512-TGbO26Yw2xsHzxtbVFGEXBFH0FRAP7gtcPE7P5yP7wGy7cXK2oO7RyOhL5NLiqTlBh47XhmIUXuGciXEqYFfBQ=="],
+
+    "@esbuild/linux-arm": ["@esbuild/linux-arm@0.25.12", "", { "os": "linux", "cpu": "arm" }, "sha512-lPDGyC1JPDou8kGcywY0YILzWlhhnRjdof3UlcoqYmS9El818LLfJJc3PXXgZHrHCAKs/Z2SeZtDJr5MrkxtOw=="],
+
+    "@esbuild/linux-arm64": ["@esbuild/linux-arm64@0.25.12", "", { "os": "linux", "cpu": "arm64" }, "sha512-8bwX7a8FghIgrupcxb4aUmYDLp8pX06rGh5HqDT7bB+8Rdells6mHvrFHHW2JAOPZUbnjUpKTLg6ECyzvas2AQ=="],
+
+    "@esbuild/linux-ia32": ["@esbuild/linux-ia32@0.25.12", "", { "os": "linux", "cpu": "ia32" }, "sha512-0y9KrdVnbMM2/vG8KfU0byhUN+EFCny9+8g202gYqSSVMonbsCfLjUO+rCci7pM0WBEtz+oK/PIwHkzxkyharA=="],
+
+    "@esbuild/linux-loong64": ["@esbuild/linux-loong64@0.25.12", "", { "os": "linux", "cpu": "none" }, "sha512-h///Lr5a9rib/v1GGqXVGzjL4TMvVTv+s1DPoxQdz7l/AYv6LDSxdIwzxkrPW438oUXiDtwM10o9PmwS/6Z0Ng=="],
+
+    "@esbuild/linux-mips64el": ["@esbuild/linux-mips64el@0.25.12", "", { "os": "linux", "cpu": "none" }, "sha512-iyRrM1Pzy9GFMDLsXn1iHUm18nhKnNMWscjmp4+hpafcZjrr2WbT//d20xaGljXDBYHqRcl8HnxbX6uaA/eGVw=="],
+
+    "@esbuild/linux-ppc64": ["@esbuild/linux-ppc64@0.25.12", "", { "os": "linux", "cpu": "ppc64" }, "sha512-9meM/lRXxMi5PSUqEXRCtVjEZBGwB7P/D4yT8UG/mwIdze2aV4Vo6U5gD3+RsoHXKkHCfSxZKzmDssVlRj1QQA=="],
+
+    "@esbuild/linux-riscv64": ["@esbuild/linux-riscv64@0.25.12", "", { "os": "linux", "cpu": "none" }, "sha512-Zr7KR4hgKUpWAwb1f3o5ygT04MzqVrGEGXGLnj15YQDJErYu/BGg+wmFlIDOdJp0PmB0lLvxFIOXZgFRrdjR0w=="],
+
+    "@esbuild/linux-s390x": ["@esbuild/linux-s390x@0.25.12", "", { "os": "linux", "cpu": "s390x" }, "sha512-MsKncOcgTNvdtiISc/jZs/Zf8d0cl/t3gYWX8J9ubBnVOwlk65UIEEvgBORTiljloIWnBzLs4qhzPkJcitIzIg=="],
+
+    "@esbuild/linux-x64": ["@esbuild/linux-x64@0.25.12", "", { "os": "linux", "cpu": "x64" }, "sha512-uqZMTLr/zR/ed4jIGnwSLkaHmPjOjJvnm6TVVitAa08SLS9Z0VM8wIRx7gWbJB5/J54YuIMInDquWyYvQLZkgw=="],
+
+    "@esbuild/netbsd-arm64": ["@esbuild/netbsd-arm64@0.25.12", "", { "os": "none", "cpu": "arm64" }, "sha512-xXwcTq4GhRM7J9A8Gv5boanHhRa/Q9KLVmcyXHCTaM4wKfIpWkdXiMog/KsnxzJ0A1+nD+zoecuzqPmCRyBGjg=="],
+
+    "@esbuild/netbsd-x64": ["@esbuild/netbsd-x64@0.25.12", "", { "os": "none", "cpu": "x64" }, "sha512-Ld5pTlzPy3YwGec4OuHh1aCVCRvOXdH8DgRjfDy/oumVovmuSzWfnSJg+VtakB9Cm0gxNO9BzWkj6mtO1FMXkQ=="],
+
+    "@esbuild/openbsd-arm64": ["@esbuild/openbsd-arm64@0.25.12", "", { "os": "openbsd", "cpu": "arm64" }, "sha512-fF96T6KsBo/pkQI950FARU9apGNTSlZGsv1jZBAlcLL1MLjLNIWPBkj5NlSz8aAzYKg+eNqknrUJ24QBybeR5A=="],
+
+    "@esbuild/openbsd-x64": ["@esbuild/openbsd-x64@0.25.12", "", { "os": "openbsd", "cpu": "x64" }, "sha512-MZyXUkZHjQxUvzK7rN8DJ3SRmrVrke8ZyRusHlP+kuwqTcfWLyqMOE3sScPPyeIXN/mDJIfGXvcMqCgYKekoQw=="],
+
+    "@esbuild/openharmony-arm64": ["@esbuild/openharmony-arm64@0.25.12", "", { "os": "none", "cpu": "arm64" }, "sha512-rm0YWsqUSRrjncSXGA7Zv78Nbnw4XL6/dzr20cyrQf7ZmRcsovpcRBdhD43Nuk3y7XIoW2OxMVvwuRvk9XdASg=="],
+
+    "@esbuild/sunos-x64": ["@esbuild/sunos-x64@0.25.12", "", { "os": "sunos", "cpu": "x64" }, "sha512-3wGSCDyuTHQUzt0nV7bocDy72r2lI33QL3gkDNGkod22EsYl04sMf0qLb8luNKTOmgF/eDEDP5BFNwoBKH441w=="],
+
+    "@esbuild/win32-arm64": ["@esbuild/win32-arm64@0.25.12", "", { "os": "win32", "cpu": "arm64" }, "sha512-rMmLrur64A7+DKlnSuwqUdRKyd3UE7oPJZmnljqEptesKM8wx9J8gx5u0+9Pq0fQQW8vqeKebwNXdfOyP+8Bsg=="],
+
+    "@esbuild/win32-ia32": ["@esbuild/win32-ia32@0.25.12", "", { "os": "win32", "cpu": "ia32" }, "sha512-HkqnmmBoCbCwxUKKNPBixiWDGCpQGVsrQfJoVGYLPT41XWF8lHuE5N6WhVia2n4o5QK5M4tYr21827fNhi4byQ=="],
+
+    "@esbuild/win32-x64": ["@esbuild/win32-x64@0.25.12", "", { "os": "win32", "cpu": "x64" }, "sha512-alJC0uCZpTFrSL0CCDjcgleBXPnCrEAhTBILpeAp7M/OFgoqtAetfBzX0xM00MUsVVPpVjlPuMbREqnZCXaTnA=="],
+
+    "@types/node": ["@types/node@25.5.0", "", { "dependencies": { "undici-types": "~7.18.0" } }, "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw=="],
+
+    "@types/pg": ["@types/pg@8.20.0", "", { "dependencies": { "@types/node": "*", "pg-protocol": "*", "pg-types": "^2.2.0" } }, "sha512-bEPFOaMAHTEP1EzpvHTbmwR8UsFyHSKsRisLIHVMXnpNefSbGA1bD6CVy+qKjGSqmZqNqBDV2azOBo8TgkcVow=="],
+
+    "buffer-from": ["buffer-from@1.1.2", "", {}, "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ=="],
+
+    "dotenv": ["dotenv@17.4.0", "", {}, "sha512-kCKF62fwtzwYm0IGBNjRUjtJgMfGapII+FslMHIjMR5KTnwEmBmWLDRSnc3XSNP8bNy34tekgQyDT0hr7pERRQ=="],
+
+    "drizzle-kit": ["drizzle-kit@0.31.10", "", { "dependencies": { "@drizzle-team/brocli": "^0.10.2", "@esbuild-kit/esm-loader": "^2.5.5", "esbuild": "^0.25.4", "tsx": "^4.21.0" }, "bin": { "drizzle-kit": "bin.cjs" } }, "sha512-7OZcmQUrdGI+DUNNsKBn1aW8qSoKuTH7d0mYgSP8bAzdFzKoovxEFnoGQp2dVs82EOJeYycqRtciopszwUf8bw=="],
+
+    "drizzle-orm": ["drizzle-orm@0.45.2", "", { "peerDependencies": { "@aws-sdk/client-rds-data": ">=3", "@cloudflare/workers-types": ">=4", "@electric-sql/pglite": ">=0.2.0", "@libsql/client": ">=0.10.0", "@libsql/client-wasm": ">=0.10.0", "@neondatabase/serverless": ">=0.10.0", "@op-engineering/op-sqlite": ">=2", "@opentelemetry/api": "^1.4.1", "@planetscale/database": ">=1.13", "@prisma/client": "*", "@tidbcloud/serverless": "*", "@types/better-sqlite3": "*", "@types/pg": "*", "@types/sql.js": "*", "@upstash/redis": ">=1.34.7", "@vercel/postgres": ">=0.8.0", "@xata.io/client": "*", "better-sqlite3": ">=7", "bun-types": "*", "expo-sqlite": ">=14.0.0", "gel": ">=2", "knex": "*", "kysely": "*", "mysql2": ">=2", "pg": ">=8", "postgres": ">=3", "sql.js": ">=1", "sqlite3": ">=5" }, "optionalPeers": ["@aws-sdk/client-rds-data", "@cloudflare/workers-types", "@electric-sql/pglite", "@libsql/client", "@libsql/client-wasm", "@neondatabase/serverless", "@op-engineering/op-sqlite", "@opentelemetry/api", "@planetscale/database", "@prisma/client", "@tidbcloud/serverless", "@types/better-sqlite3", "@types/pg", "@types/sql.js", "@upstash/redis", "@vercel/postgres", "@xata.io/client", "better-sqlite3", "bun-types", "expo-sqlite", "gel", "knex", "kysely", "mysql2", "pg", "postgres", "sql.js", "sqlite3"] }, "sha512-kY0BSaTNYWnoDMVoyY8uxmyHjpJW1geOmBMdSSicKo9CIIWkSxMIj2rkeSR51b8KAPB7m+qysjuHme5nKP+E5Q=="],
+
+    "esbuild": ["esbuild@0.25.12", "", { "optionalDependencies": { "@esbuild/aix-ppc64": "0.25.12", "@esbuild/android-arm": "0.25.12", "@esbuild/android-arm64": "0.25.12", "@esbuild/android-x64": "0.25.12", "@esbuild/darwin-arm64": "0.25.12", "@esbuild/darwin-x64": "0.25.12", "@esbuild/freebsd-arm64": "0.25.12", "@esbuild/freebsd-x64": "0.25.12", "@esbuild/linux-arm": "0.25.12", "@esbuild/linux-arm64": "0.25.12", "@esbuild/linux-ia32": "0.25.12", "@esbuild/linux-loong64": "0.25.12", "@esbuild/linux-mips64el": "0.25.12", "@esbuild/linux-ppc64": "0.25.12", "@esbuild/linux-riscv64": "0.25.12", "@esbuild/linux-s390x": "0.25.12", "@esbuild/linux-x64": "0.25.12", "@esbuild/netbsd-arm64": "0.25.12", "@esbuild/netbsd-x64": "0.25.12", "@esbuild/openbsd-arm64": "0.25.12", "@esbuild/openbsd-x64": "0.25.12", "@esbuild/openharmony-arm64": "0.25.12", "@esbuild/sunos-x64": "0.25.12", "@esbuild/win32-arm64": "0.25.12", "@esbuild/win32-ia32": "0.25.12", "@esbuild/win32-x64": "0.25.12" }, "bin": { "esbuild": "bin/esbuild" } }, "sha512-bbPBYYrtZbkt6Os6FiTLCTFxvq4tt3JKall1vRwshA3fdVztsLAatFaZobhkBC8/BrPetoa0oksYoKXoG4ryJg=="],
+
+    "fsevents": ["fsevents@2.3.3", "", { "os": "darwin" }, "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw=="],
+
+    "get-tsconfig": ["get-tsconfig@4.13.7", "", { "dependencies": { "resolve-pkg-maps": "^1.0.0" } }, "sha512-7tN6rFgBlMgpBML5j8typ92BKFi2sFQvIdpAqLA2beia5avZDrMs0FLZiM5etShWq5irVyGcGMEA1jcDaK7A/Q=="],
+
+    "pg": ["pg@8.20.0", "", { "dependencies": { "pg-connection-string": "^2.12.0", "pg-pool": "^3.13.0", "pg-protocol": "^1.13.0", "pg-types": "2.2.0", "pgpass": "1.0.5" }, "optionalDependencies": { "pg-cloudflare": "^1.3.0" }, "peerDependencies": { "pg-native": ">=3.0.1" }, "optionalPeers": ["pg-native"] }, "sha512-ldhMxz2r8fl/6QkXnBD3CR9/xg694oT6DZQ2s6c/RI28OjtSOpxnPrUCGOBJ46RCUxcWdx3p6kw/xnDHjKvaRA=="],
+
+    "pg-cloudflare": ["pg-cloudflare@1.3.0", "", {}, "sha512-6lswVVSztmHiRtD6I8hw4qP/nDm1EJbKMRhf3HCYaqud7frGysPv7FYJ5noZQdhQtN2xJnimfMtvQq21pdbzyQ=="],
+
+    "pg-connection-string": ["pg-connection-string@2.12.0", "", {}, "sha512-U7qg+bpswf3Cs5xLzRqbXbQl85ng0mfSV/J0nnA31MCLgvEaAo7CIhmeyrmJpOr7o+zm0rXK+hNnT5l9RHkCkQ=="],
+
+    "pg-int8": ["pg-int8@1.0.1", "", {}, "sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw=="],
+
+    "pg-pool": ["pg-pool@3.13.0", "", { "peerDependencies": { "pg": ">=8.0" } }, "sha512-gB+R+Xud1gLFuRD/QgOIgGOBE2KCQPaPwkzBBGC9oG69pHTkhQeIuejVIk3/cnDyX39av2AxomQiyPT13WKHQA=="],
+
+    "pg-protocol": ["pg-protocol@1.13.0", "", {}, "sha512-zzdvXfS6v89r6v7OcFCHfHlyG/wvry1ALxZo4LqgUoy7W9xhBDMaqOuMiF3qEV45VqsN6rdlcehHrfDtlCPc8w=="],
+
+    "pg-types": ["pg-types@2.2.0", "", { "dependencies": { "pg-int8": "1.0.1", "postgres-array": "~2.0.0", "postgres-bytea": "~1.0.0", "postgres-date": "~1.0.4", "postgres-interval": "^1.1.0" } }, "sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA=="],
+
+    "pgpass": ["pgpass@1.0.5", "", { "dependencies": { "split2": "^4.1.0" } }, "sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug=="],
+
+    "postgres-array": ["postgres-array@2.0.0", "", {}, "sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA=="],
+
+    "postgres-bytea": ["postgres-bytea@1.0.1", "", {}, "sha512-5+5HqXnsZPE65IJZSMkZtURARZelel2oXUEO8rH83VS/hxH5vv1uHquPg5wZs8yMAfdv971IU+kcPUczi7NVBQ=="],
+
+    "postgres-date": ["postgres-date@1.0.7", "", {}, "sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q=="],
+
+    "postgres-interval": ["postgres-interval@1.2.0", "", { "dependencies": { "xtend": "^4.0.0" } }, "sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ=="],
+
+    "resolve-pkg-maps": ["resolve-pkg-maps@1.0.0", "", {}, "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw=="],
+
+    "source-map": ["source-map@0.6.1", "", {}, "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g=="],
+
+    "source-map-support": ["source-map-support@0.5.21", "", { "dependencies": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" } }, "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w=="],
+
+    "split2": ["split2@4.2.0", "", {}, "sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg=="],
+
+    "tsx": ["tsx@4.21.0", "", { "dependencies": { "esbuild": "~0.27.0", "get-tsconfig": "^4.7.5" }, "optionalDependencies": { "fsevents": "~2.3.3" }, "bin": { "tsx": "dist/cli.mjs" } }, "sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw=="],
+
+    "undici-types": ["undici-types@7.18.2", "", {}, "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w=="],
+
+    "xtend": ["xtend@4.0.2", "", {}, "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ=="],
+
+    "@esbuild-kit/core-utils/esbuild": ["esbuild@0.18.20", "", { "optionalDependencies": { "@esbuild/android-arm": "0.18.20", "@esbuild/android-arm64": "0.18.20", "@esbuild/android-x64": "0.18.20", "@esbuild/darwin-arm64": "0.18.20", "@esbuild/darwin-x64": "0.18.20", "@esbuild/freebsd-arm64": "0.18.20", "@esbuild/freebsd-x64": "0.18.20", "@esbuild/linux-arm": "0.18.20", "@esbuild/linux-arm64": "0.18.20", "@esbuild/linux-ia32": "0.18.20", "@esbuild/linux-loong64": "0.18.20", "@esbuild/linux-mips64el": "0.18.20", "@esbuild/linux-ppc64": "0.18.20", "@esbuild/linux-riscv64": "0.18.20", "@esbuild/linux-s390x": "0.18.20", "@esbuild/linux-x64": "0.18.20", "@esbuild/netbsd-x64": "0.18.20", "@esbuild/openbsd-x64": "0.18.20", "@esbuild/sunos-x64": "0.18.20", "@esbuild/win32-arm64": "0.18.20", "@esbuild/win32-ia32": "0.18.20", "@esbuild/win32-x64": "0.18.20" }, "bin": { "esbuild": "bin/esbuild" } }, "sha512-ceqxoedUrcayh7Y7ZX6NdbbDzGROiyVBgC4PriJThBKSVPWnnFHZAkfI1lJT8QFkOwH4qOS2SJkS4wvpGl8BpA=="],
+
+    "tsx/esbuild": ["esbuild@0.27.7", "", { "optionalDependencies": { "@esbuild/aix-ppc64": "0.27.7", "@esbuild/android-arm": "0.27.7", "@esbuild/android-arm64": "0.27.7", "@esbuild/android-x64": "0.27.7", "@esbuild/darwin-arm64": "0.27.7", "@esbuild/darwin-x64": "0.27.7", "@esbuild/freebsd-arm64": "0.27.7", "@esbuild/freebsd-x64": "0.27.7", "@esbuild/linux-arm": "0.27.7", "@esbuild/linux-arm64": "0.27.7", "@esbuild/linux-ia32": "0.27.7", "@esbuild/linux-loong64": "0.27.7", "@esbuild/linux-mips64el": "0.27.7", "@esbuild/linux-ppc64": "0.27.7", "@esbuild/linux-riscv64": "0.27.7", "@esbuild/linux-s390x": "0.27.7", "@esbuild/linux-x64": "0.27.7", "@esbuild/netbsd-arm64": "0.27.7", "@esbuild/netbsd-x64": "0.27.7", "@esbuild/openbsd-arm64": "0.27.7", "@esbuild/openbsd-x64": "0.27.7", "@esbuild/openharmony-arm64": "0.27.7", "@esbuild/sunos-x64": "0.27.7", "@esbuild/win32-arm64": "0.27.7", "@esbuild/win32-ia32": "0.27.7", "@esbuild/win32-x64": "0.27.7" }, "bin": { "esbuild": "bin/esbuild" } }, "sha512-IxpibTjyVnmrIQo5aqNpCgoACA/dTKLTlhMHihVHhdkxKyPO1uBBthumT0rdHmcsk9uMonIWS0m4FljWzILh3w=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/android-arm": ["@esbuild/android-arm@0.18.20", "", { "os": "android", "cpu": "arm" }, "sha512-fyi7TDI/ijKKNZTUJAQqiG5T7YjJXgnzkURqmGj13C6dCqckZBLdl4h7bkhHt/t0WP+zO9/zwroDvANaOqO5Sw=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/android-arm64": ["@esbuild/android-arm64@0.18.20", "", { "os": "android", "cpu": "arm64" }, "sha512-Nz4rJcchGDtENV0eMKUNa6L12zz2zBDXuhj/Vjh18zGqB44Bi7MBMSXjgunJgjRhCmKOjnPuZp4Mb6OKqtMHLQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/android-x64": ["@esbuild/android-x64@0.18.20", "", { "os": "android", "cpu": "x64" }, "sha512-8GDdlePJA8D6zlZYJV/jnrRAi6rOiNaCC/JclcXpB+KIuvfBN4owLtgzY2bsxnx666XjJx2kDPUmnTtR8qKQUg=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/darwin-arm64": ["@esbuild/darwin-arm64@0.18.20", "", { "os": "darwin", "cpu": "arm64" }, "sha512-bxRHW5kHU38zS2lPTPOyuyTm+S+eobPUnTNkdJEfAddYgEcll4xkT8DB9d2008DtTbl7uJag2HuE5NZAZgnNEA=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/darwin-x64": ["@esbuild/darwin-x64@0.18.20", "", { "os": "darwin", "cpu": "x64" }, "sha512-pc5gxlMDxzm513qPGbCbDukOdsGtKhfxD1zJKXjCCcU7ju50O7MeAZ8c4krSJcOIJGFR+qx21yMMVYwiQvyTyQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/freebsd-arm64": ["@esbuild/freebsd-arm64@0.18.20", "", { "os": "freebsd", "cpu": "arm64" }, "sha512-yqDQHy4QHevpMAaxhhIwYPMv1NECwOvIpGCZkECn8w2WFHXjEwrBn3CeNIYsibZ/iZEUemj++M26W3cNR5h+Tw=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/freebsd-x64": ["@esbuild/freebsd-x64@0.18.20", "", { "os": "freebsd", "cpu": "x64" }, "sha512-tgWRPPuQsd3RmBZwarGVHZQvtzfEBOreNuxEMKFcd5DaDn2PbBxfwLcj4+aenoh7ctXcbXmOQIn8HI6mCSw5MQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-arm": ["@esbuild/linux-arm@0.18.20", "", { "os": "linux", "cpu": "arm" }, "sha512-/5bHkMWnq1EgKr1V+Ybz3s1hWXok7mDFUMQ4cG10AfW3wL02PSZi5kFpYKrptDsgb2WAJIvRcDm+qIvXf/apvg=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-arm64": ["@esbuild/linux-arm64@0.18.20", "", { "os": "linux", "cpu": "arm64" }, "sha512-2YbscF+UL7SQAVIpnWvYwM+3LskyDmPhe31pE7/aoTMFKKzIc9lLbyGUpmmb8a8AixOL61sQ/mFh3jEjHYFvdA=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-ia32": ["@esbuild/linux-ia32@0.18.20", "", { "os": "linux", "cpu": "ia32" }, "sha512-P4etWwq6IsReT0E1KHU40bOnzMHoH73aXp96Fs8TIT6z9Hu8G6+0SHSw9i2isWrD2nbx2qo5yUqACgdfVGx7TA=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-loong64": ["@esbuild/linux-loong64@0.18.20", "", { "os": "linux", "cpu": "none" }, "sha512-nXW8nqBTrOpDLPgPY9uV+/1DjxoQ7DoB2N8eocyq8I9XuqJ7BiAMDMf9n1xZM9TgW0J8zrquIb/A7s3BJv7rjg=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-mips64el": ["@esbuild/linux-mips64el@0.18.20", "", { "os": "linux", "cpu": "none" }, "sha512-d5NeaXZcHp8PzYy5VnXV3VSd2D328Zb+9dEq5HE6bw6+N86JVPExrA6O68OPwobntbNJ0pzCpUFZTo3w0GyetQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-ppc64": ["@esbuild/linux-ppc64@0.18.20", "", { "os": "linux", "cpu": "ppc64" }, "sha512-WHPyeScRNcmANnLQkq6AfyXRFr5D6N2sKgkFo2FqguP44Nw2eyDlbTdZwd9GYk98DZG9QItIiTlFLHJHjxP3FA=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-riscv64": ["@esbuild/linux-riscv64@0.18.20", "", { "os": "linux", "cpu": "none" }, "sha512-WSxo6h5ecI5XH34KC7w5veNnKkju3zBRLEQNY7mv5mtBmrP/MjNBCAlsM2u5hDBlS3NGcTQpoBvRzqBcRtpq1A=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-s390x": ["@esbuild/linux-s390x@0.18.20", "", { "os": "linux", "cpu": "s390x" }, "sha512-+8231GMs3mAEth6Ja1iK0a1sQ3ohfcpzpRLH8uuc5/KVDFneH6jtAJLFGafpzpMRO6DzJ6AvXKze9LfFMrIHVQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/linux-x64": ["@esbuild/linux-x64@0.18.20", "", { "os": "linux", "cpu": "x64" }, "sha512-UYqiqemphJcNsFEskc73jQ7B9jgwjWrSayxawS6UVFZGWrAAtkzjxSqnoclCXxWtfwLdzU+vTpcNYhpn43uP1w=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/netbsd-x64": ["@esbuild/netbsd-x64@0.18.20", "", { "os": "none", "cpu": "x64" }, "sha512-iO1c++VP6xUBUmltHZoMtCUdPlnPGdBom6IrO4gyKPFFVBKioIImVooR5I83nTew5UOYrk3gIJhbZh8X44y06A=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/openbsd-x64": ["@esbuild/openbsd-x64@0.18.20", "", { "os": "openbsd", "cpu": "x64" }, "sha512-e5e4YSsuQfX4cxcygw/UCPIEP6wbIL+se3sxPdCiMbFLBWu0eiZOJ7WoD+ptCLrmjZBK1Wk7I6D/I3NglUGOxg=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/sunos-x64": ["@esbuild/sunos-x64@0.18.20", "", { "os": "sunos", "cpu": "x64" }, "sha512-kDbFRFp0YpTQVVrqUd5FTYmWo45zGaXe0X8E1G/LKFC0v8x0vWrhOWSLITcCn63lmZIxfOMXtCfti/RxN/0wnQ=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/win32-arm64": ["@esbuild/win32-arm64@0.18.20", "", { "os": "win32", "cpu": "arm64" }, "sha512-ddYFR6ItYgoaq4v4JmQQaAI5s7npztfV4Ag6NrhiaW0RrnOXqBkgwZLofVTlq1daVTQNhtI5oieTvkRPfZrePg=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/win32-ia32": ["@esbuild/win32-ia32@0.18.20", "", { "os": "win32", "cpu": "ia32" }, "sha512-Wv7QBi3ID/rROT08SABTS7eV4hX26sVduqDOTe1MvGMjNd3EjOz4b7zeexIR62GTIEKrfJXKL9LFxTYgkyeu7g=="],
+
+    "@esbuild-kit/core-utils/esbuild/@esbuild/win32-x64": ["@esbuild/win32-x64@0.18.20", "", { "os": "win32", "cpu": "x64" }, "sha512-kTdfRcSiDfQca/y9QIkng02avJ+NCaQvrMejlsB3RRv5sE9rRoeBPISaZpKxHELzRxZyLvNts1P27W3wV+8geQ=="],
+
+    "tsx/esbuild/@esbuild/aix-ppc64": ["@esbuild/aix-ppc64@0.27.7", "", { "os": "aix", "cpu": "ppc64" }, "sha512-EKX3Qwmhz1eMdEJokhALr0YiD0lhQNwDqkPYyPhiSwKrh7/4KRjQc04sZ8db+5DVVnZ1LmbNDI1uAMPEUBnQPg=="],
+
+    "tsx/esbuild/@esbuild/android-arm": ["@esbuild/android-arm@0.27.7", "", { "os": "android", "cpu": "arm" }, "sha512-jbPXvB4Yj2yBV7HUfE2KHe4GJX51QplCN1pGbYjvsyCZbQmies29EoJbkEc+vYuU5o45AfQn37vZlyXy4YJ8RQ=="],
+
+    "tsx/esbuild/@esbuild/android-arm64": ["@esbuild/android-arm64@0.27.7", "", { "os": "android", "cpu": "arm64" }, "sha512-62dPZHpIXzvChfvfLJow3q5dDtiNMkwiRzPylSCfriLvZeq0a1bWChrGx/BbUbPwOrsWKMn8idSllklzBy+dgQ=="],
+
+    "tsx/esbuild/@esbuild/android-x64": ["@esbuild/android-x64@0.27.7", "", { "os": "android", "cpu": "x64" }, "sha512-x5VpMODneVDb70PYV2VQOmIUUiBtY3D3mPBG8NxVk5CogneYhkR7MmM3yR/uMdITLrC1ml/NV1rj4bMJuy9MCg=="],
+
+    "tsx/esbuild/@esbuild/darwin-arm64": ["@esbuild/darwin-arm64@0.27.7", "", { "os": "darwin", "cpu": "arm64" }, "sha512-5lckdqeuBPlKUwvoCXIgI2D9/ABmPq3Rdp7IfL70393YgaASt7tbju3Ac+ePVi3KDH6N2RqePfHnXkaDtY9fkw=="],
+
+    "tsx/esbuild/@esbuild/darwin-x64": ["@esbuild/darwin-x64@0.27.7", "", { "os": "darwin", "cpu": "x64" }, "sha512-rYnXrKcXuT7Z+WL5K980jVFdvVKhCHhUwid+dDYQpH+qu+TefcomiMAJpIiC2EM3Rjtq0sO3StMV/+3w3MyyqQ=="],
+
+    "tsx/esbuild/@esbuild/freebsd-arm64": ["@esbuild/freebsd-arm64@0.27.7", "", { "os": "freebsd", "cpu": "arm64" }, "sha512-B48PqeCsEgOtzME2GbNM2roU29AMTuOIN91dsMO30t+Ydis3z/3Ngoj5hhnsOSSwNzS+6JppqWsuhTp6E82l2w=="],
+
+    "tsx/esbuild/@esbuild/freebsd-x64": ["@esbuild/freebsd-x64@0.27.7", "", { "os": "freebsd", "cpu": "x64" }, "sha512-jOBDK5XEjA4m5IJK3bpAQF9/Lelu/Z9ZcdhTRLf4cajlB+8VEhFFRjWgfy3M1O4rO2GQ/b2dLwCUGpiF/eATNQ=="],
+
+    "tsx/esbuild/@esbuild/linux-arm": ["@esbuild/linux-arm@0.27.7", "", { "os": "linux", "cpu": "arm" }, "sha512-RkT/YXYBTSULo3+af8Ib0ykH8u2MBh57o7q/DAs3lTJlyVQkgQvlrPTnjIzzRPQyavxtPtfg0EopvDyIt0j1rA=="],
+
+    "tsx/esbuild/@esbuild/linux-arm64": ["@esbuild/linux-arm64@0.27.7", "", { "os": "linux", "cpu": "arm64" }, "sha512-RZPHBoxXuNnPQO9rvjh5jdkRmVizktkT7TCDkDmQ0W2SwHInKCAV95GRuvdSvA7w4VMwfCjUiPwDi0ZO6Nfe9A=="],
+
+    "tsx/esbuild/@esbuild/linux-ia32": ["@esbuild/linux-ia32@0.27.7", "", { "os": "linux", "cpu": "ia32" }, "sha512-GA48aKNkyQDbd3KtkplYWT102C5sn/EZTY4XROkxONgruHPU72l+gW+FfF8tf2cFjeHaRbWpOYa/uRBz/Xq1Pg=="],
+
+    "tsx/esbuild/@esbuild/linux-loong64": ["@esbuild/linux-loong64@0.27.7", "", { "os": "linux", "cpu": "none" }, "sha512-a4POruNM2oWsD4WKvBSEKGIiWQF8fZOAsycHOt6JBpZ+JN2n2JH9WAv56SOyu9X5IqAjqSIPTaJkqN8F7XOQ5Q=="],
+
+    "tsx/esbuild/@esbuild/linux-mips64el": ["@esbuild/linux-mips64el@0.27.7", "", { "os": "linux", "cpu": "none" }, "sha512-KabT5I6StirGfIz0FMgl1I+R1H73Gp0ofL9A3nG3i/cYFJzKHhouBV5VWK1CSgKvVaG4q1RNpCTR2LuTVB3fIw=="],
+
+    "tsx/esbuild/@esbuild/linux-ppc64": ["@esbuild/linux-ppc64@0.27.7", "", { "os": "linux", "cpu": "ppc64" }, "sha512-gRsL4x6wsGHGRqhtI+ifpN/vpOFTQtnbsupUF5R5YTAg+y/lKelYR1hXbnBdzDjGbMYjVJLJTd2OFmMewAgwlQ=="],
+
+    "tsx/esbuild/@esbuild/linux-riscv64": ["@esbuild/linux-riscv64@0.27.7", "", { "os": "linux", "cpu": "none" }, "sha512-hL25LbxO1QOngGzu2U5xeXtxXcW+/GvMN3ejANqXkxZ/opySAZMrc+9LY/WyjAan41unrR3YrmtTsUpwT66InQ=="],
+
+    "tsx/esbuild/@esbuild/linux-s390x": ["@esbuild/linux-s390x@0.27.7", "", { "os": "linux", "cpu": "s390x" }, "sha512-2k8go8Ycu1Kb46vEelhu1vqEP+UeRVj2zY1pSuPdgvbd5ykAw82Lrro28vXUrRmzEsUV0NzCf54yARIK8r0fdw=="],
+
+    "tsx/esbuild/@esbuild/linux-x64": ["@esbuild/linux-x64@0.27.7", "", { "os": "linux", "cpu": "x64" }, "sha512-hzznmADPt+OmsYzw1EE33ccA+HPdIqiCRq7cQeL1Jlq2gb1+OyWBkMCrYGBJ+sxVzve2ZJEVeePbLM2iEIZSxA=="],
+
+    "tsx/esbuild/@esbuild/netbsd-arm64": ["@esbuild/netbsd-arm64@0.27.7", "", { "os": "none", "cpu": "arm64" }, "sha512-b6pqtrQdigZBwZxAn1UpazEisvwaIDvdbMbmrly7cDTMFnw/+3lVxxCTGOrkPVnsYIosJJXAsILG9XcQS+Yu6w=="],
+
+    "tsx/esbuild/@esbuild/netbsd-x64": ["@esbuild/netbsd-x64@0.27.7", "", { "os": "none", "cpu": "x64" }, "sha512-OfatkLojr6U+WN5EDYuoQhtM+1xco+/6FSzJJnuWiUw5eVcicbyK3dq5EeV/QHT1uy6GoDhGbFpprUiHUYggrw=="],
+
+    "tsx/esbuild/@esbuild/openbsd-arm64": ["@esbuild/openbsd-arm64@0.27.7", "", { "os": "openbsd", "cpu": "arm64" }, "sha512-AFuojMQTxAz75Fo8idVcqoQWEHIXFRbOc1TrVcFSgCZtQfSdc1RXgB3tjOn/krRHENUB4j00bfGjyl2mJrU37A=="],
+
+    "tsx/esbuild/@esbuild/openbsd-x64": ["@esbuild/openbsd-x64@0.27.7", "", { "os": "openbsd", "cpu": "x64" }, "sha512-+A1NJmfM8WNDv5CLVQYJ5PshuRm/4cI6WMZRg1by1GwPIQPCTs1GLEUHwiiQGT5zDdyLiRM/l1G0Pv54gvtKIg=="],
+
+    "tsx/esbuild/@esbuild/openharmony-arm64": ["@esbuild/openharmony-arm64@0.27.7", "", { "os": "none", "cpu": "arm64" }, "sha512-+KrvYb/C8zA9CU/g0sR6w2RBw7IGc5J2BPnc3dYc5VJxHCSF1yNMxTV5LQ7GuKteQXZtspjFbiuW5/dOj7H4Yw=="],
+
+    "tsx/esbuild/@esbuild/sunos-x64": ["@esbuild/sunos-x64@0.27.7", "", { "os": "sunos", "cpu": "x64" }, "sha512-ikktIhFBzQNt/QDyOL580ti9+5mL/YZeUPKU2ivGtGjdTYoqz6jObj6nOMfhASpS4GU4Q/Clh1QtxWAvcYKamA=="],
+
+    "tsx/esbuild/@esbuild/win32-arm64": ["@esbuild/win32-arm64@0.27.7", "", { "os": "win32", "cpu": "arm64" }, "sha512-7yRhbHvPqSpRUV7Q20VuDwbjW5kIMwTHpptuUzV+AA46kiPze5Z7qgt6CLCK3pWFrHeNfDd1VKgyP4O+ng17CA=="],
+
+    "tsx/esbuild/@esbuild/win32-ia32": ["@esbuild/win32-ia32@0.27.7", "", { "os": "win32", "cpu": "ia32" }, "sha512-SmwKXe6VHIyZYbBLJrhOoCJRB/Z1tckzmgTLfFYOfpMAx63BJEaL9ExI8x7v0oAO3Zh6D/Oi1gVxEYr5oUCFhw=="],
+
+    "tsx/esbuild/@esbuild/win32-x64": ["@esbuild/win32-x64@0.27.7", "", { "os": "win32", "cpu": "x64" }, "sha512-56hiAJPhwQ1R4i+21FVF7V8kSD5zZTdHcVuRFMW0hn753vVfQN8xlx4uOPT4xoGH0Z/oVATuR82AiqSTDIpaHg=="],
+  }
+}
@@ -1,10 +1,24 @@
 services:
  app:
-    container_name: deno_fresh_app
-    build: .
+    image: registry.docker.polytech.djalim.fr/polympr:latest
    ports:
-      - "80:80"
-      - "443:443"
+      - "8008:80"
+      - "4430:443"
    volumes:
-      - .:/app
+      - /home/kevin/PolyMPR/:/app
    command: deno run -A main.ts
+    deploy:
+      replicas: 1
+      placement:
+        constraints: [node.role == manager]
+
+  db:
+    image: postgres
+    restart: always
+    shm_size: 128mb
+    environment:
+      POSTGRES_PASSWORD: ${POSTGRES_PASS}
+    deploy:
+      replicas: 1
+      placement:
+        constraints: [node.role == manager]
@@ -0,0 +1,14 @@
+import { drizzle } from "npm:drizzle-orm@0.45.2/node-postgres";
+import pg from "npm:pg@8.20.0";
+
+const { Pool } = pg;
+
+const pool = new Pool({
+  host: Deno.env.get("POSTGRES_HOST"),
+  port: Number(Deno.env.get("POSTGRES_PORT") ?? 5432),
+  user: Deno.env.get("POSTGRES_USER"),
+  password: Deno.env.get("POSTGRES_PASS"),
+  database: Deno.env.get("POSTGRES_DB"),
+});
+
+export const db = drizzle(pool);
@@ -0,0 +1,100 @@
+CREATE TABLE "ajustements" (
+	"numEtud" integer NOT NULL,
+	"idUE" integer NOT NULL,
+	"valeur" double precision NOT NULL,
+	CONSTRAINT "ajustements_numEtud_idUE_pk" PRIMARY KEY("numEtud","idUE")
+);
+--> statement-breakpoint
+CREATE TABLE "enseignements" (
+	"idProf" text NOT NULL,
+	"idModule" text NOT NULL,
+	"idPromo" text NOT NULL,
+	CONSTRAINT "enseignements_idProf_idModule_idPromo_pk" PRIMARY KEY("idProf","idModule","idPromo")
+);
+--> statement-breakpoint
+CREATE TABLE "mobility" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"studentId" integer,
+	"startDate" date,
+	"endDate" date,
+	"weeksCount" integer,
+	"destinationCountry" text,
+	"destinationName" text,
+	"mobilityStatus" text DEFAULT 'N/A'
+);
+--> statement-breakpoint
+CREATE TABLE "modules" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "notes" (
+	"numEtud" integer NOT NULL,
+	"idModule" text NOT NULL,
+	"note" double precision NOT NULL,
+	CONSTRAINT "notes_numEtud_idModule_pk" PRIMARY KEY("numEtud","idModule")
+);
+--> statement-breakpoint
+CREATE TABLE "permissions" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "promotions" (
+	"idPromo" text PRIMARY KEY NOT NULL,
+	"annee" text
+);
+--> statement-breakpoint
+CREATE TABLE "role_permissions" (
+	"idRole" integer NOT NULL,
+	"idPermission" text NOT NULL,
+	CONSTRAINT "role_permissions_idRole_idPermission_pk" PRIMARY KEY("idRole","idPermission")
+);
+--> statement-breakpoint
+CREATE TABLE "roles" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "students" (
+	"numEtud" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL,
+	"prenom" text NOT NULL,
+	"idPromo" text
+);
+--> statement-breakpoint
+CREATE TABLE "ue_modules" (
+	"idModule" text NOT NULL,
+	"idUE" integer NOT NULL,
+	"idPromo" text NOT NULL,
+	"coeff" double precision NOT NULL,
+	CONSTRAINT "ue_modules_idModule_idUE_idPromo_pk" PRIMARY KEY("idModule","idUE","idPromo")
+);
+--> statement-breakpoint
+CREATE TABLE "ues" (
+	"id" serial PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE "users" (
+	"id" text PRIMARY KEY NOT NULL,
+	"nom" text NOT NULL,
+	"prenom" text NOT NULL,
+	"idRole" integer
+);
+--> statement-breakpoint
+ALTER TABLE "ajustements" ADD CONSTRAINT "ajustements_numEtud_students_numEtud_fk" FOREIGN KEY ("numEtud") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ajustements" ADD CONSTRAINT "ajustements_idUE_ues_id_fk" FOREIGN KEY ("idUE") REFERENCES "public"."ues"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idProf_users_id_fk" FOREIGN KEY ("idProf") REFERENCES "public"."users"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "enseignements" ADD CONSTRAINT "enseignements_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "mobility" ADD CONSTRAINT "mobility_studentId_students_numEtud_fk" FOREIGN KEY ("studentId") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "notes" ADD CONSTRAINT "notes_numEtud_students_numEtud_fk" FOREIGN KEY ("numEtud") REFERENCES "public"."students"("numEtud") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "notes" ADD CONSTRAINT "notes_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "role_permissions" ADD CONSTRAINT "role_permissions_idRole_roles_id_fk" FOREIGN KEY ("idRole") REFERENCES "public"."roles"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "role_permissions" ADD CONSTRAINT "role_permissions_idPermission_permissions_id_fk" FOREIGN KEY ("idPermission") REFERENCES "public"."permissions"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "students" ADD CONSTRAINT "students_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idModule_modules_id_fk" FOREIGN KEY ("idModule") REFERENCES "public"."modules"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idUE_ues_id_fk" FOREIGN KEY ("idUE") REFERENCES "public"."ues"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "ue_modules" ADD CONSTRAINT "ue_modules_idPromo_promotions_idPromo_fk" FOREIGN KEY ("idPromo") REFERENCES "public"."promotions"("idPromo") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "users" ADD CONSTRAINT "users_idRole_roles_id_fk" FOREIGN KEY ("idRole") REFERENCES "public"."roles"("id") ON DELETE no action ON UPDATE no action;
@@ -0,0 +1,680 @@
+{
+  "id": "bd317b68-1c46-4e83-b4d3-a14f68751afb",
+  "prevId": "00000000-0000-0000-0000-000000000000",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "public.ajustements": {
+      "name": "ajustements",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idUE": {
+          "name": "idUE",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "valeur": {
+          "name": "valeur",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "ajustements_numEtud_students_numEtud_fk": {
+          "name": "ajustements_numEtud_students_numEtud_fk",
+          "tableFrom": "ajustements",
+          "tableTo": "students",
+          "columnsFrom": [
+            "numEtud"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ajustements_idUE_ues_id_fk": {
+          "name": "ajustements_idUE_ues_id_fk",
+          "tableFrom": "ajustements",
+          "tableTo": "ues",
+          "columnsFrom": [
+            "idUE"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "ajustements_numEtud_idUE_pk": {
+          "name": "ajustements_numEtud_idUE_pk",
+          "columns": [
+            "numEtud",
+            "idUE"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.enseignements": {
+      "name": "enseignements",
+      "schema": "",
+      "columns": {
+        "idProf": {
+          "name": "idProf",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "enseignements_idProf_users_id_fk": {
+          "name": "enseignements_idProf_users_id_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "users",
+          "columnsFrom": [
+            "idProf"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "enseignements_idModule_modules_id_fk": {
+          "name": "enseignements_idModule_modules_id_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "enseignements_idPromo_promotions_idPromo_fk": {
+          "name": "enseignements_idPromo_promotions_idPromo_fk",
+          "tableFrom": "enseignements",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "enseignements_idProf_idModule_idPromo_pk": {
+          "name": "enseignements_idProf_idModule_idPromo_pk",
+          "columns": [
+            "idProf",
+            "idModule",
+            "idPromo"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.mobility": {
+      "name": "mobility",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "studentId": {
+          "name": "studentId",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "startDate": {
+          "name": "startDate",
+          "type": "date",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "endDate": {
+          "name": "endDate",
+          "type": "date",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "weeksCount": {
+          "name": "weeksCount",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "destinationCountry": {
+          "name": "destinationCountry",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "destinationName": {
+          "name": "destinationName",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "mobilityStatus": {
+          "name": "mobilityStatus",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "default": "'N/A'"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "mobility_studentId_students_numEtud_fk": {
+          "name": "mobility_studentId_students_numEtud_fk",
+          "tableFrom": "mobility",
+          "tableTo": "students",
+          "columnsFrom": [
+            "studentId"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.modules": {
+      "name": "modules",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.notes": {
+      "name": "notes",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "note": {
+          "name": "note",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "notes_numEtud_students_numEtud_fk": {
+          "name": "notes_numEtud_students_numEtud_fk",
+          "tableFrom": "notes",
+          "tableTo": "students",
+          "columnsFrom": [
+            "numEtud"
+          ],
+          "columnsTo": [
+            "numEtud"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "notes_idModule_modules_id_fk": {
+          "name": "notes_idModule_modules_id_fk",
+          "tableFrom": "notes",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "notes_numEtud_idModule_pk": {
+          "name": "notes_numEtud_idModule_pk",
+          "columns": [
+            "numEtud",
+            "idModule"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.permissions": {
+      "name": "permissions",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.promotions": {
+      "name": "promotions",
+      "schema": "",
+      "columns": {
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "annee": {
+          "name": "annee",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.role_permissions": {
+      "name": "role_permissions",
+      "schema": "",
+      "columns": {
+        "idRole": {
+          "name": "idRole",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPermission": {
+          "name": "idPermission",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "role_permissions_idRole_roles_id_fk": {
+          "name": "role_permissions_idRole_roles_id_fk",
+          "tableFrom": "role_permissions",
+          "tableTo": "roles",
+          "columnsFrom": [
+            "idRole"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "role_permissions_idPermission_permissions_id_fk": {
+          "name": "role_permissions_idPermission_permissions_id_fk",
+          "tableFrom": "role_permissions",
+          "tableTo": "permissions",
+          "columnsFrom": [
+            "idPermission"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "role_permissions_idRole_idPermission_pk": {
+          "name": "role_permissions_idRole_idPermission_pk",
+          "columns": [
+            "idRole",
+            "idPermission"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.roles": {
+      "name": "roles",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.students": {
+      "name": "students",
+      "schema": "",
+      "columns": {
+        "numEtud": {
+          "name": "numEtud",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "prenom": {
+          "name": "prenom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "students_idPromo_promotions_idPromo_fk": {
+          "name": "students_idPromo_promotions_idPromo_fk",
+          "tableFrom": "students",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.ue_modules": {
+      "name": "ue_modules",
+      "schema": "",
+      "columns": {
+        "idModule": {
+          "name": "idModule",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idUE": {
+          "name": "idUE",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idPromo": {
+          "name": "idPromo",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "coeff": {
+          "name": "coeff",
+          "type": "double precision",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "ue_modules_idModule_modules_id_fk": {
+          "name": "ue_modules_idModule_modules_id_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "modules",
+          "columnsFrom": [
+            "idModule"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ue_modules_idUE_ues_id_fk": {
+          "name": "ue_modules_idUE_ues_id_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "ues",
+          "columnsFrom": [
+            "idUE"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        },
+        "ue_modules_idPromo_promotions_idPromo_fk": {
+          "name": "ue_modules_idPromo_promotions_idPromo_fk",
+          "tableFrom": "ue_modules",
+          "tableTo": "promotions",
+          "columnsFrom": [
+            "idPromo"
+          ],
+          "columnsTo": [
+            "idPromo"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "ue_modules_idModule_idUE_idPromo_pk": {
+          "name": "ue_modules_idModule_idUE_idPromo_pk",
+          "columns": [
+            "idModule",
+            "idUE",
+            "idPromo"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.ues": {
+      "name": "ues",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "serial",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.users": {
+      "name": "users",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "primaryKey": true,
+          "notNull": true
+        },
+        "nom": {
+          "name": "nom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "prenom": {
+          "name": "prenom",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "idRole": {
+          "name": "idRole",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "users_idRole_roles_id_fk": {
+          "name": "users_idRole_roles_id_fk",
+          "tableFrom": "users",
+          "tableTo": "roles",
+          "columnsFrom": [
+            "idRole"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {},
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}
@@ -0,0 +1,13 @@
+{
+  "version": "7",
+  "dialect": "postgresql",
+  "entries": [
+    {
+      "idx": 0,
+      "version": "7",
+      "when": 1777155028708,
+      "tag": "0000_square_jetstream",
+      "breakpoints": true
+    }
+  ]
+}
@@ -0,0 +1,99 @@
+import {
+  date,
+  doublePrecision,
+  integer,
+  pgTable,
+  primaryKey,
+  serial,
+  text,
+} from "drizzle-orm/pg-core";
+
+export const roles = pgTable("roles", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const permissions = pgTable("permissions", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const rolePermissions = pgTable("role_permissions", {
+  idRole: integer("idRole").notNull().references(() => roles.id),
+  idPermission: text("idPermission").notNull().references(() => permissions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idRole, t.idPermission] }),
+}));
+
+export const users = pgTable("users", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idRole: integer("idRole").references(() => roles.id),
+});
+
+export const promotions = pgTable("promotions", {
+  id: text("idPromo").primaryKey(),
+  annee: text("annee"),
+});
+
+export const students = pgTable("students", {
+  numEtud: serial("numEtud").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idPromo: text("idPromo").references(() => promotions.id),
+});
+
+export const modules = pgTable("modules", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const enseignements = pgTable("enseignements", {
+  idProf: text("idProf").notNull().references(() => users.id),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idProf, t.idModule, t.idPromo] }),
+}));
+
+export const ues = pgTable("ues", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const ueModules = pgTable("ue_modules", {
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+  coeff: doublePrecision("coeff").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idModule, t.idUE, t.idPromo] }),
+}));
+
+export const notes = pgTable("notes", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  note: doublePrecision("note").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idModule] }),
+}));
+
+export const ajustements = pgTable("ajustements", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  valeur: doublePrecision("valeur").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idUE] }),
+}));
+
+export const mobility = pgTable("mobility", {
+  id: serial("id").primaryKey(),
+  studentId: integer("studentId").references(() => students.numEtud),
+  startDate: date("startDate"),
+  endDate: date("endDate"),
+  weeksCount: integer("weeksCount"),
+  destinationCountry: text("destinationCountry"),
+  destinationName: text("destinationName"),
+  mobilityStatus: text("mobilityStatus").default("N/A"),
+});
@@ -0,0 +1,99 @@
+import {
+  date,
+  doublePrecision,
+  integer,
+  pgTable,
+  primaryKey,
+  serial,
+  text,
+} from "npm:drizzle-orm@0.45.2/pg-core";
+
+export const roles = pgTable("roles", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const permissions = pgTable("permissions", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const rolePermissions = pgTable("role_permissions", {
+  idRole: integer("idRole").notNull().references(() => roles.id),
+  idPermission: text("idPermission").notNull().references(() => permissions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idRole, t.idPermission] }),
+}));
+
+export const users = pgTable("users", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idRole: integer("idRole").references(() => roles.id),
+});
+
+export const promotions = pgTable("promotions", {
+  id: text("idPromo").primaryKey(),
+  annee: text("annee"),
+});
+
+export const students = pgTable("students", {
+  numEtud: serial("numEtud").primaryKey(),
+  nom: text("nom").notNull(),
+  prenom: text("prenom").notNull(),
+  idPromo: text("idPromo").references(() => promotions.id),
+});
+
+export const modules = pgTable("modules", {
+  id: text("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const enseignements = pgTable("enseignements", {
+  idProf: text("idProf").notNull().references(() => users.id),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idProf, t.idModule, t.idPromo] }),
+}));
+
+export const ues = pgTable("ues", {
+  id: serial("id").primaryKey(),
+  nom: text("nom").notNull(),
+});
+
+export const ueModules = pgTable("ue_modules", {
+  idModule: text("idModule").notNull().references(() => modules.id),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  idPromo: text("idPromo").notNull().references(() => promotions.id),
+  coeff: doublePrecision("coeff").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.idModule, t.idUE, t.idPromo] }),
+}));
+
+export const notes = pgTable("notes", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idModule: text("idModule").notNull().references(() => modules.id),
+  note: doublePrecision("note").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idModule] }),
+}));
+
+export const ajustements = pgTable("ajustements", {
+  numEtud: integer("numEtud").notNull().references(() => students.numEtud),
+  idUE: integer("idUE").notNull().references(() => ues.id),
+  valeur: doublePrecision("valeur").notNull(),
+}, (t) => ({
+  pk: primaryKey({ columns: [t.numEtud, t.idUE] }),
+}));
+
+export const mobility = pgTable("mobility", {
+  id: serial("id").primaryKey(),
+  studentId: integer("studentId").references(() => students.numEtud),
+  startDate: date("startDate"),
+  endDate: date("endDate"),
+  weeksCount: integer("weeksCount"),
+  destinationCountry: text("destinationCountry"),
+  destinationName: text("destinationName"),
+  mobilityStatus: text("mobilityStatus").default("N/A"),
+});
@@ -9,7 +9,14 @@
    "start": "deno run -A --unstable-ffi --watch=static/,routes/ dev.ts",
    "build": "deno run -A --unstable-ffi dev.ts build",
    "preview": "deno run -A --unstable-ffi main.ts",
-    "update": "deno run -A -r https://fresh.deno.dev/update ."
+    "update": "deno run -A -r https://fresh.deno.dev/update .",
+    "test": "deno test -A --no-check tests/",
+    "test:unit": "deno test -A --no-check tests/unit/",
+    "test:integration": "deno test -A --no-check tests/integration/",
+    "test:e2e": "deno test -A --no-check tests/e2e/",
+    "test:coverage": "deno test -A --no-check --coverage=coverage tests/ && deno coverage coverage --exclude=tests/",
+    "test:coverage:html": "deno test -A --no-check --coverage=coverage tests/ && deno coverage coverage --exclude=tests/ --html",
+    "migrate": "node_modules/.bin/drizzle-kit migrate"
  },
  "lint": {
    "rules": {
@@ -35,6 +42,9 @@
    "@preact/signals": "https://esm.sh/*@preact/signals@1.2.2",
    "@preact/signals-core": "https://esm.sh/*@preact/signals-core@1.5.1",
    "$std/": "https://deno.land/std@0.216.0/",
+    "@std/assert": "jsr:@std/assert@^1.0.0",
+    "@std/testing": "jsr:@std/testing@^1.0.0",
+    "happy-dom": "npm:happy-dom@^16.0.0",
    "$root/": "./",
    "$apps/": "./routes/(apps)/"
  },
@@ -0,0 +1,17 @@
+import { defineConfig } from "drizzle-kit";
+import process from "node:process";
+
+const url = process.env.DATABASE_URL ??
+  `postgresql://${process.env.POSTGRES_USER}:${process.env.POSTGRES_PASS}@${
+    process.env.POSTGRES_HOST ?? "localhost"
+  }:${process.env.POSTGRES_PORT ?? 5432}/${process.env.POSTGRES_DB}`;
+
+export default defineConfig({
+  dialect: "postgresql",
+  schema: "./databases/schema.kit.ts",
+  out: "./databases/migrations",
+  dbCredentials: {
+    url,
+    ssl: false,
+  },
+});
@@ -0,0 +1,8 @@
+#Local mode, set to true to access admin pages with any users
+LOCAL=false
+
+POSTGRES_HOST = db
+POSTGRES_PORT = 5432
+POSTGRES_PASS = astrongpass
+POSTGRES_USER = postgres
+POSTGRES_DB = polympr
@@ -0,0 +1,61 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1776548001,
+        "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
@@ -0,0 +1,62 @@
+{
+  description = "PolyMPR CLI - A tool for managing PolyMPR modules";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs = { self, nixpkgs, flake-utils }:
+    flake-utils.lib.eachDefaultSystem (system:
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+      in
+      {
+        packages.pmpr = pkgs.stdenv.mkDerivation {
+          pname = "pmpr";
+          version = "0.1.0";
+          src = ./.;
+
+          nativeBuildInputs = [
+            pkgs.deno
+            pkgs.autoPatchelfHook
+          ];
+
+          buildInputs = [
+            pkgs.stdenv.cc.cc.lib
+          ];
+
+          buildPhase = ''
+            export HOME=$TMPDIR
+            deno cache toolbox/cli.ts
+            deno compile -A --output pmpr toolbox/cli.ts
+          '';
+
+          installPhase = ''
+            mkdir -p $out/bin
+            cp pmpr $out/bin/pmpr
+          '';
+        };
+
+        packages.default = self.packages.${system}.pmpr;
+
+        devShells.default = pkgs.mkShell {
+          nativeBuildInputs = [
+            pkgs.deno
+            pkgs.patchelf
+          ];
+
+          buildInputs = [
+            pkgs.stdenv.cc.cc.lib
+          ];
+
+          shellHook = ''
+            export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:$LD_LIBRARY_PATH"
+            export NIX_LD_INTERPRETER=$(cat ${pkgs.stdenv.cc}/nix-support/dynamic-linker)
+            echo "Welcome to PolyMPR development shell!"
+            echo "Use 'deno task compile' to build the CLI."
+          '';
+        };
+      }
+    );
+}
@@ -2,7 +2,7 @@ import { defineConfig } from "$fresh/server.ts";
 import ensureDatabases from "$root/databases/ensure.ts";
 import { load } from "@std/dotenv";

-await load({ envPath: "./.env.development.local", export: true });
+await load({ envPath: "./.env", export: true });
 await ensureDatabases();
 export default defineConfig({
  server: {
@@ -0,0 +1,12 @@
+{
+  "dependencies": {
+    "dotenv": "^17.4.0",
+    "drizzle-orm": "^0.45.2",
+    "pg": "^8.20.0"
+  },
+  "devDependencies": {
+    "@types/pg": "^8.20.0",
+    "drizzle-kit": "^0.31.10",
+    "tsx": "^4.21.0"
+  }
+}
@@ -0,0 +1,13 @@
+import { AppProperties } from "$root/defaults/interfaces.ts";
+
+const properties: AppProperties = {
+  name: "Admin",
+  icon: "school",
+  pages: {
+    index: "Homepage",
+  },
+  adminOnly: [],
+  hint: "PolyMPR module",
+};
+
+export default properties;
@@ -0,0 +1,71 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { enseignements } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+const _NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+const CONFLICT = new Response(
+  JSON.stringify({ error: "Cet enseignement existe déjà." }),
+  { status: 409, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #29 POST /enseignements
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    let body: { idProf: string; idModule: string; idPromo: string };
+    try {
+      body = await request.json();
+    } catch {
+      return new Response(null, { status: 500 });
+    }
+
+    if (!body.idProf || !body.idModule || !body.idPromo) {
+      return new Response(null, { status: 400 });
+    }
+
+    // Check if enseignement already exists
+    const existing = await db
+      .select()
+      .from(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, body.idProf),
+          eq(enseignements.idModule, body.idModule),
+          eq(enseignements.idPromo, body.idPromo),
+        ),
+      )
+      .then((rows) => rows[0] ?? null);
+
+    if (existing) {
+      return CONFLICT;
+    }
+
+    const [created] = await db
+      .insert(enseignements)
+      .values({
+        idProf: body.idProf,
+        idModule: body.idModule,
+        idPromo: body.idPromo,
+      })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,75 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { enseignements } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #30 GET /enseignements/{idProf}/{idModule}/{idPromo}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idProf = context.params.idProf;
+    const idModule = context.params.idModule;
+    const idPromo = context.params.idPromo;
+
+    const enseignement = await db
+      .select()
+      .from(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, idProf),
+          eq(enseignements.idModule, idModule),
+          eq(enseignements.idPromo, idPromo),
+        ),
+      )
+      .then((rows) => rows[0] ?? null);
+
+    if (!enseignement) return NOT_FOUND;
+
+    return new Response(JSON.stringify(enseignement), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #31 DELETE /enseignements/{idProf}/{idModule}/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idProf = context.params.idProf;
+    const idModule = context.params.idModule;
+    const idPromo = context.params.idPromo;
+
+    const [deleted] = await db
+      .delete(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, idProf),
+          eq(enseignements.idModule, idModule),
+          eq(enseignements.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,22 @@
+import { Handlers } from "$fresh/server.ts";
+
+export const handler: Handlers = {
+  async POST(request, context) {
+    if (request.headers.get("content-type") != "application/json") {
+      return new Response(null, {
+        status: 400,
+      });
+    }
+
+    const responseBody = {
+      requestBody: await request.json(),
+      context,
+    };
+
+    return new Response(JSON.stringify(responseBody), {
+      headers: {
+        "content-type": "application/json",
+      },
+    });
+  },
+};
@@ -0,0 +1,68 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { modules } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #23 GET /modules
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(JSON.stringify([]), {
+        headers: { "content-type": "application/json" },
+      });
+    }
+
+    const rows = await db.select().from(modules);
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #24 POST /modules
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    let body: { id: string; nom: string };
+    try {
+      body = await request.json();
+    } catch {
+      return new Response(null, { status: 500 });
+    }
+
+    if (!body.id || !body.id.trim() || !body.nom || !body.nom.trim()) {
+      return new Response(null, { status: 400 });
+    }
+
+    const existing = await db
+      .select()
+      .from(modules)
+      .where(eq(modules.id, body.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (existing) {
+      return new Response(
+        JSON.stringify({ error: "Un module avec cet identifiant existe déjà" }),
+        { status: 409, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [created] = await db
+      .insert(modules)
+      .values({ id: body.id, nom: body.nom })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,74 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { modules } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #25 GET /modules/{idModule}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const module = await db
+      .select()
+      .from(modules)
+      .where(eq(modules.id, context.params.idModule))
+      .then((rows) => rows[0] ?? null);
+
+    if (!module) return NOT_FOUND;
+
+    return new Response(JSON.stringify(module), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #26 PUT /modules/{idModule}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    let body: { nom: string };
+    try {
+      body = await request.json();
+    } catch {
+      return new Response(null, { status: 500 });
+    }
+
+    if (typeof body.nom !== "string") {
+      return new Response(null, { status: 400 });
+    }
+
+    const [updated] = await db
+      .update(modules)
+      .set({ nom: body.nom })
+      .where(eq(modules.id, context.params.idModule))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #27 DELETE /modules/{idModule}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const [deleted] = await db
+      .delete(modules)
+      .where(eq(modules.id, context.params.idModule))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,22 @@
+import { Handlers } from "$fresh/server.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+const PERMISSIONS = [
+  { id: "student_read", nom: "Consulter les élèves" },
+  { id: "student_write", nom: "Gérer les élèves" },
+  { id: "note_read", nom: "Consulter les notes" },
+  { id: "note_write", nom: "Gérer les notes" },
+  { id: "module_read", nom: "Consulter les modules" },
+  { id: "module_write", nom: "Gérer les modules" },
+  { id: "user_read", nom: "Consulter les utilisateurs" },
+  { id: "user_write", nom: "Gérer les utilisateurs" },
+  { id: "role_write", nom: "Gérer les rôles" },
+] as const;
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  GET(_request, _context): Response {
+    return new Response(JSON.stringify(PERMISSIONS), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,68 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { rolePermissions, roles } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+async function getRoleWithPermissions(
+  id: number,
+): Promise<{ id: number; nom: string; permissions: string[] } | null> {
+  const role = await db
+    .select()
+    .from(roles)
+    .where(eq(roles.id, id))
+    .then((rows) => rows[0] ?? null);
+
+  if (!role) return null;
+
+  const perms = await db
+    .select({ idPermission: rolePermissions.idPermission })
+    .from(rolePermissions)
+    .where(eq(rolePermissions.idRole, id));
+
+  return {
+    id: role.id,
+    nom: role.nom,
+    permissions: perms.map((p) => p.idPermission),
+  };
+}
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #65 GET /roles
+  async GET(
+    _request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const allRoles = await db.select().from(roles);
+
+    const result = await Promise.all(
+      allRoles.map((r) => getRoleWithPermissions(r.id)),
+    );
+
+    return new Response(JSON.stringify(result), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #66 POST /roles
+  async POST(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const body: { nom: string } = await request.json();
+
+    if (!body.nom) {
+      return new Response(null, { status: 400 });
+    }
+
+    const [created] = await db
+      .insert(roles)
+      .values({ nom: body.nom })
+      .returning();
+
+    return new Response(
+      JSON.stringify({ id: created.id, nom: created.nom, permissions: [] }),
+      { status: 201, headers: { "content-type": "application/json" } },
+    );
+  },
+};
@@ -0,0 +1,101 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { rolePermissions, roles } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+async function getRoleWithPermissions(
+  id: number,
+): Promise<{ id: number; nom: string; permissions: string[] } | null> {
+  const role = await db
+    .select()
+    .from(roles)
+    .where(eq(roles.id, id))
+    .then((rows) => rows[0] ?? null);
+
+  if (!role) return null;
+
+  const perms = await db
+    .select({ idPermission: rolePermissions.idPermission })
+    .from(rolePermissions)
+    .where(eq(rolePermissions.idRole, id));
+
+  return {
+    id: role.id,
+    nom: role.nom,
+    permissions: perms.map((p) => p.idPermission),
+  };
+}
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #67 GET /roles/{idRole}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+    const role = await getRoleWithPermissions(id);
+
+    if (!role) return NOT_FOUND;
+
+    return new Response(JSON.stringify(role), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #68 PUT /roles/{idRole}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+    const body: { nom: string; permissions: string[] } = await request.json();
+
+    const [updated] = await db
+      .update(roles)
+      .set({ nom: body.nom })
+      .where(eq(roles.id, id))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    // Reset permissions
+    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
+
+    if (body.permissions?.length) {
+      await db.insert(rolePermissions).values(
+        body.permissions.map((p) => ({ idRole: id, idPermission: p })),
+      );
+    }
+
+    const role = await getRoleWithPermissions(id);
+    return new Response(JSON.stringify(role), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #69 DELETE /roles/{idRole}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+
+    // Cascade delete role_permissions first
+    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
+
+    const [deleted] = await db
+      .delete(roles)
+      .where(eq(roles.id, id))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,74 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { users } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #60 GET /users
+  async GET(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const url = new URL(request.url);
+    const idRole = url.searchParams.get("idRole");
+
+    const rows = idRole
+      ? await db.select().from(users).where(eq(users.idRole, Number(idRole)))
+      : await db.select().from(users);
+
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #61 POST /users
+  async POST(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    let body: { id: string; nom: string; prenom: string; idRole: number };
+    try {
+      body = await request.json();
+    } catch {
+      return new Response(null, { status: 500 });
+    }
+
+    if (
+      !body.id || !body.id.trim() || !body.nom || !body.nom.trim() ||
+      !body.prenom || !body.prenom.trim()
+    ) {
+      return new Response(null, { status: 400 });
+    }
+
+    const existing = await db
+      .select()
+      .from(users)
+      .where(eq(users.id, body.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (existing) {
+      return new Response(
+        JSON.stringify({
+          error: "Un utilisateur avec cet identifiant existe déjà",
+        }),
+        { status: 409, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [created] = await db
+      .insert(users)
+      .values({
+        id: body.id,
+        nom: body.nom,
+        prenom: body.prenom,
+        idRole: body.idRole,
+      })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,66 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { users } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #62 GET /users/{id}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const user = await db
+      .select()
+      .from(users)
+      .where(eq(users.id, context.params.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (!user) return NOT_FOUND;
+
+    return new Response(JSON.stringify(user), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #63 PUT /users/{id}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const body: { nom: string; prenom: string; idRole: number } = await request
+      .json();
+
+    const [updated] = await db
+      .update(users)
+      .set({ nom: body.nom, prenom: body.prenom, idRole: body.idRole })
+      .where(eq(users.id, context.params.id))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #64 DELETE /users/{id}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const [deleted] = await db
+      .delete(users)
+      .where(eq(users.id, context.params.id))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,2 @@
+import makeIndex from "$root/defaults/makeIndex.ts";
+export default makeIndex(import.meta.dirname!);
@@ -0,0 +1,13 @@
+import {
+  getPartialsConfig,
+  makePartials,
+} from "$root/defaults/makePartials.tsx";
+import { FreshContext } from "$fresh/server.ts";
+import { State } from "$root/routes/_middleware.ts";
+
+export function Index(_request: Request, _context: FreshContext<State>) {
+  return <h2>Welcome to Admin.</h2>;
+}
+
+export const config = getPartialsConfig();
+export default makePartials(Index);
@@ -240,7 +240,7 @@ export default function EditMobility() {
          </table>
        </div>
      ))}
-      <button onClick={handleSave} disabled={isSaving}>
+      <button type="button" onClick={handleSave} disabled={isSaving}>
        {isSaving ? "Saving..." : "Confirm"}
      </button>
    </section>
@@ -1,55 +1,40 @@
 import { Handlers } from "$fresh/server.ts";
-import { Database } from "@db/sqlite";
+import { db } from "$root/databases/db.ts";
+import { mobility, promotions, students } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
-  // deno-lint-ignore require-await
  async GET() {
    try {
-      console.log("Connecting to mobility database...");
-      const connection = new Database("databases/data/mobility.db", {
-        create: false,
-      });
-      connection.run(
-        "ATTACH DATABASE 'databases/data/students.db' AS students",
-      );
-      console.log("Connected to databases.");
+      const studentRows = await db
+        .select({
+          id: students.userId,
+          firstName: students.firstName,
+          lastName: students.lastName,
+          promotionId: students.promotionId,
+          endyear: promotions.endyear,
+          current: promotions.current,
+        })
+        .from(students)
+        .leftJoin(promotions, eq(students.promotionId, promotions.id));

-      const students = connection.prepare(
-        `SELECT 
-          students.userId AS id, 
-          students.firstName, 
-          students.lastName, 
-          students.promotionId AS promotionId, 
-          promotions.name AS promotionName
-         FROM students.students
-         LEFT JOIN students.promotions ON students.promotionId = promotions.id`,
-      ).all();
+      const mobilityRows = await db.select().from(mobility);

-      const mobilities = connection.prepare(
-        `SELECT 
-          mobility.id, 
-          mobility.studentId, 
-          mobility.startDate, 
-          mobility.endDate, 
-          mobility.weeksCount, 
-          mobility.destinationCountry, 
-          mobility.destinationName, 
-          mobility.mobilityStatus 
-        FROM mobility`,
-      ).all();
-
-      const promotions = connection.prepare(
-        `SELECT id, name FROM students.promotions`,
-      ).all();
-
-      connection.close();
+      const promotionRows = await db
+        .select({
+          id: promotions.id,
+          endyear: promotions.endyear,
+          current: promotions.current,
+        })
+        .from(promotions);

      return new Response(
-        JSON.stringify({ mobilities, students, promotions }),
-        {
-          status: 200,
-          headers: { "Content-Type": "application/json" },
-        },
+        JSON.stringify({
+          mobilities: mobilityRows,
+          students: studentRows,
+          promotions: promotionRows,
+        }),
+        { status: 200, headers: { "Content-Type": "application/json" } },
      );
    } catch (error) {
      console.error("Error fetching mobility data:", error);
@@ -58,8 +43,6 @@ export const handler: Handlers = {
  },

  async POST(request) {
-    console.log("API /mobility/api/insert_mobility POST called");
-
    try {
      const body = await request.json();
      const { data } = body;
@@ -67,32 +50,8 @@ export const handler: Handlers = {
      if (!Array.isArray(data)) {
        throw new Error("Invalid request body");
      }
-      console.log("Connecting to mobility database...");
-      const connection = new Database("databases/data/mobility.db", {
-        create: false,
-      });

-      console.log("Attaching students database...");
-      connection.run(
-        "ATTACH DATABASE 'databases/data/students.db' AS students",
-      );
-      console.log("Students database attached successfully.");
-
-      const insertQuery = connection.prepare(
-        `INSERT INTO mobility (
-          id, studentId, startDate, endDate, weeksCount, destinationCountry, destinationName, mobilityStatus
-        )
-        VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-        ON CONFLICT(id) DO UPDATE SET
-          startDate = excluded.startDate,
-          endDate = excluded.endDate,
-          weeksCount = excluded.weeksCount,
-          destinationCountry = excluded.destinationCountry,
-          destinationName = excluded.destinationName,
-          mobilityStatus = excluded.mobilityStatus`,
-      );
-
-      for (const mobility of data) {
+      for (const entry of data) {
        const {
          id,
          studentId,
@@ -102,19 +61,16 @@ export const handler: Handlers = {
          destinationCountry,
          destinationName,
          mobilityStatus = "N/A",
-        } = mobility;
+        } = entry;

-        console.log("Processing mobility data:", mobility);
+        const studentExists = await db
+          .select({ userId: students.userId })
+          .from(students)
+          .where(eq(students.userId, studentId))
+          .limit(1)
+          .then((rows) => rows.length > 0);

-        const studentExists = connection
-          .prepare(
-            `SELECT COUNT(*) AS count FROM students.students WHERE userId = ?`,
-          )
-          .get(studentId);
-
-        console.log(`Student ${studentId} exists:`, studentExists.count > 0);
-
-        if (studentExists.count === 0) {
+        if (!studentExists) {
          console.warn(`Skipping mobility for unknown studentId: ${studentId}`);
          continue;
        }
@@ -123,40 +79,38 @@ export const handler: Handlers = {
        if (startDate && endDate) {
          const start = new Date(startDate);
          const end = new Date(endDate);
-          if (start <= end) {
-            calculatedWeeksCount = Math.ceil(
+          calculatedWeeksCount = start <= end
+            ? Math.ceil(
              (end.getTime() - start.getTime()) / (7 * 24 * 60 * 60 * 1000),
-            );
-          } else {
-            calculatedWeeksCount = null;
-          }
+            )
+            : null;
        }

-        console.log("Executing SQL insert/update query for:", {
-          id,
-          studentId,
-          startDate,
-          endDate,
-          calculatedWeeksCount,
-          destinationCountry,
-          destinationName,
-          mobilityStatus,
-        });
-
-        insertQuery.run(
-          id,
-          studentId,
-          startDate,
-          endDate,
-          calculatedWeeksCount,
-          destinationCountry,
-          destinationName,
-          mobilityStatus,
-        );
+        await db
+          .insert(mobility)
+          .values({
+            id,
+            studentId,
+            startDate,
+            endDate,
+            weeksCount: calculatedWeeksCount,
+            destinationCountry,
+            destinationName,
+            mobilityStatus,
+          })
+          .onConflictDoUpdate({
+            target: mobility.id,
+            set: {
+              startDate,
+              endDate,
+              weeksCount: calculatedWeeksCount,
+              destinationCountry,
+              destinationName,
+              mobilityStatus,
+            },
+          });
      }

-      connection.close();
-      console.log("Mobility data inserted/updated successfully.");
      return new Response("Data inserted/updated successfully", {
        status: 200,
      });
@@ -0,0 +1,83 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { ajustements } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #48 GET /ajustements
+  async GET(request) {
+    try {
+      const url = new URL(request.url);
+      const numEtudParam = url.searchParams.get("numEtud");
+      const idUEParam = url.searchParams.get("idUE");
+
+      let query = db.select().from(ajustements).$dynamic();
+
+      if (numEtudParam) {
+        const numEtud = parseInt(numEtudParam);
+        if (isNaN(numEtud)) {
+          return new Response("Paramètre numEtud invalide", { status: 400 });
+        }
+        query = query.where(eq(ajustements.numEtud, numEtud));
+      }
+
+      if (idUEParam) {
+        const idUE = parseInt(idUEParam);
+        if (isNaN(idUE)) {
+          return new Response("Paramètre idUE invalide", { status: 400 });
+        }
+        query = query.where(eq(ajustements.idUE, idUE));
+      }
+
+      const result = await query;
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching ajustements:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #49 POST /ajustements
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    try {
+      const body: { numEtud: number; idUE: number; valeur: number } =
+        await request.json();
+
+      if (!body.numEtud || !body.idUE || body.valeur === undefined) {
+        return new Response(
+          JSON.stringify({ error: "Champs requis: numEtud, idUE, valeur" }),
+          { status: 400, headers: { "content-type": "application/json" } },
+        );
+      }
+
+      const [created] = await db
+        .insert(ajustements)
+        .values({
+          numEtud: body.numEtud,
+          idUE: body.idUE,
+          valeur: body.valeur,
+        })
+        .returning();
+
+      return new Response(JSON.stringify(created), {
+        status: 201,
+        headers: { "content-type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error creating ajustement:", error);
+      return new Response("Failed to create ajustement", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,107 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { ajustements } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ajustement introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #50 GET /ajustements/{numEtud}/{idUE}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const idUE = Number(context.params.idUE);
+
+    if (isNaN(numEtud) || isNaN(idUE)) {
+      return new Response("Paramètres invalides", { status: 400 });
+    }
+
+    const ajustement = await db
+      .select()
+      .from(ajustements)
+      .where(and(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE)))
+      .then((rows) => rows[0] ?? null);
+
+    if (!ajustement) return NOT_FOUND;
+
+    return new Response(JSON.stringify(ajustement), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #51 PUT /ajustements/{numEtud}/{idUE}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const idUE = Number(context.params.idUE);
+
+    if (isNaN(numEtud) || isNaN(idUE)) {
+      return new Response("Paramètres invalides", { status: 400 });
+    }
+
+    const body: { valeur: number } = await request.json();
+
+    if (body.valeur === undefined) {
+      return new Response(JSON.stringify({ error: "Champ requis: valeur" }), {
+        status: 400,
+        headers: { "content-type": "application/json" },
+      });
+    }
+
+    const [updated] = await db
+      .update(ajustements)
+      .set({ valeur: body.valeur })
+      .where(and(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE)))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #52 DELETE /ajustements/{numEtud}/{idUE}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const idUE = Number(context.params.idUE);
+
+    if (isNaN(numEtud) || isNaN(idUE)) {
+      return new Response("Paramètres invalides", { status: 400 });
+    }
+
+    const [deleted] = await db
+      .delete(ajustements)
+      .where(and(eq(ajustements.numEtud, numEtud), eq(ajustements.idUE, idUE)))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,70 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../databases/db.ts";
+import { notes } from "../../../../databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers = {
+  // #42 GET /notes
+  async GET(request) {
+    try {
+      const url = new URL(request.url);
+      const numEtudParam = url.searchParams.get("numEtud");
+      const idModule = url.searchParams.get("idModule");
+
+      let query = db.select().from(notes).$dynamic();
+
+      if (numEtudParam) {
+        const numEtud = parseInt(numEtudParam);
+        if (isNaN(numEtud)) {
+          return new Response("Paramètre numEtud invalide", { status: 400 });
+        }
+        query = query.where(eq(notes.numEtud, numEtud));
+      }
+
+      if (idModule) {
+        query = query.where(eq(notes.idModule, idModule));
+      }
+
+      const result = await query;
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching notes:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #43 POST /notes
+  async POST(request) {
+    try {
+      const body = await request.json();
+      const { note, numEtud, idModule } = body;
+
+      if (note === undefined || !numEtud || !idModule) {
+        return new Response("Champs 'note', 'numEtud' et 'idModule' requis", {
+          status: 400,
+        });
+      }
+
+      if (typeof note !== "number" || note < 0 || note > 20) {
+        return new Response("Champ 'note' doit être un nombre entre 0 et 20", {
+          status: 400,
+        });
+      }
+
+      const result = await db.insert(notes).values({ note, numEtud, idModule })
+        .returning();
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 201,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error creating note:", error);
+      return new Response("Failed to create note", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,139 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../../../databases/db.ts";
+import { notes } from "../../../../../../databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers = {
+  // #45 GET /notes/:numEtud/:idModule
+  async GET(_request, context) {
+    try {
+      const numEtud = parseInt(context.params.numEtud);
+      const { idModule } = context.params;
+
+      if (isNaN(numEtud)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const result = await db.select().from(notes).where(
+        and(
+          eq(notes.numEtud, numEtud),
+          eq(notes.idModule, idModule),
+        ),
+      );
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching note:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #46 PUT /notes/:numEtud/:idModule
+  async PUT(request, context) {
+    try {
+      const numEtud = parseInt(context.params.numEtud);
+      const { idModule } = context.params;
+
+      if (isNaN(numEtud)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const body = await request.json();
+      const { note } = body;
+
+      if (note === undefined) {
+        return new Response("Champ 'note' manquant", { status: 400 });
+      }
+
+      const result = await db.update(notes).set({ note }).where(
+        and(
+          eq(notes.numEtud, numEtud),
+          eq(notes.idModule, idModule),
+        ),
+      ).returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error updating note:", error);
+      return new Response("Failed to update note", { status: 500 });
+    }
+  },
+
+  // #47 DELETE /notes/:numEtud/:idModule
+  async DELETE(_request, context) {
+    try {
+      const numEtud = parseInt(context.params.numEtud);
+      const { idModule } = context.params;
+
+      if (isNaN(numEtud)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre numEtud invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const result = await db.delete(notes).where(
+        and(
+          eq(notes.numEtud, numEtud),
+          eq(notes.idModule, idModule),
+        ),
+      ).returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(null, { status: 204 });
+    } catch (error) {
+      console.error("Error deleting note:", error);
+      return new Response("Failed to delete note", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,52 @@
+// @deno-types="https://cdn.sheetjs.com/xlsx-0.20.3/package/types/index.d.ts"
+import * as XLSX from "https://cdn.sheetjs.com/xlsx-0.20.3/package/xlsx.mjs";
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../../databases/db.ts";
+import { notes } from "../../../../../databases/schema.ts";
+
+export const handler: Handlers = {
+  //# 44 POST /notes/import-xlsx
+  async POST(request) {
+    try {
+      const formData = await request.formData();
+      const file = formData.get("file");
+      const idModule = formData.get("idModule");
+
+      if (!file || !(file instanceof File)) {
+        return new Response("Champ 'file' manquant", { status: 400 });
+      }
+
+      if (!idModule || typeof idModule !== "string") {
+        return new Response("Champ 'idModule' manquant", { status: 400 });
+      }
+
+      const buffer = await file.arrayBuffer();
+      const workbook = XLSX.read(buffer);
+      const sheet = workbook.Sheets[workbook.SheetNames[0]];
+      const rows = XLSX.utils.sheet_to_json(sheet) as {
+        numEtud: number;
+        note: number;
+      }[];
+
+      for (const row of rows) {
+        const { numEtud, note } = row;
+
+        if (!numEtud || note === undefined) {
+          continue;
+        }
+
+        await db.insert(notes)
+          .values({ numEtud, idModule, note })
+          .onConflictDoUpdate({
+            target: [notes.numEtud, notes.idModule],
+            set: { note },
+          });
+      }
+
+      return new Response(null, { status: 204 });
+    } catch (error) {
+      console.error("Error importing notes:", error);
+      return new Response("Failed to import notes", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,72 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../databases/db.ts";
+import { ueModules } from "../../../../databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers = {
+  // #37 GET /ue-modules
+  async GET(request) {
+    try {
+      const url = new URL(request.url);
+      const idPromo = url.searchParams.get("idPromo");
+      const idUEParam = url.searchParams.get("idUE");
+
+      const idUE = idUEParam ? parseInt(idUEParam) : null;
+
+      if (idUEParam && isNaN(idUE!)) {
+        return new Response("Paramètre idUE invalide", { status: 400 });
+      }
+
+      const result = await db.select().from(ueModules).where(
+        and(
+          idPromo ? eq(ueModules.idPromo, idPromo) : undefined,
+          idUE ? eq(ueModules.idUE, idUE) : undefined,
+        ),
+      );
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching UE-modules:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #38 POST /ue-modules
+  async POST(request) {
+    try {
+      const body = await request.json();
+      const { idModule, idUE, idPromo, coeff } = body;
+
+      if (!idModule || !idUE || !idPromo || coeff === undefined) {
+        return new Response(
+          "Champs 'idModule', 'idUE', 'idPromo' et 'coeff' requis",
+          { status: 400 },
+        );
+      }
+
+      if (typeof coeff !== "number" || coeff < 0) {
+        return new Response("Champ 'coeff' doit être un nombre >= 0", {
+          status: 400,
+        });
+      }
+
+      const result = await db.insert(ueModules).values({
+        idModule,
+        idUE,
+        idPromo,
+        coeff,
+      }).returning();
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 201,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error creating UE-module:", error);
+      return new Response("Failed to create UE-module", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,139 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { ueModules } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Association UE-Module introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+const BAD_REQUEST = new Response(
+  JSON.stringify({ error: "Paramètres invalides" }),
+  { status: 400, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #39 GET /ue-modules/{idModule}/{idUE}/{idPromo}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const ueModuleAssociation = await db
+      .select()
+      .from(ueModules)
+      .where(
+        eq(ueModules.idModule, idModule),
+        eq(ueModules.idUE, idUE),
+        eq(ueModules.idPromo, idPromo),
+      )
+      .then((rows) => rows[0] ?? null);
+
+    if (!ueModuleAssociation) return NOT_FOUND;
+
+    return new Response(JSON.stringify(ueModuleAssociation), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #40 PUT /ue-modules/{idModule}/{idUE}/{idPromo}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const body: { coeff: number } = await request.json();
+
+    if (typeof body.coeff !== "number") {
+      return new Response(
+        JSON.stringify({ error: "Le champ 'coeff' doit être un nombre" }),
+        { status: 400, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [updated] = await db
+      .update(ueModules)
+      .set({ coeff: body.coeff })
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(
+      JSON.stringify({
+        idModule: updated.idModule,
+        idUE: updated.idUE,
+        idPromo: updated.idPromo,
+        coeff: updated.coeff,
+      }),
+      {
+        headers: { "content-type": "application/json" },
+      },
+    );
+  },
+
+  // #41 DELETE /ue-modules/{idModule}/{idUE}/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const idModule = context.params.idModule;
+    const idUE = Number(context.params.idUE);
+    const idPromo = context.params.idPromo;
+
+    if (isNaN(idUE)) {
+      return BAD_REQUEST;
+    }
+
+    const [deleted] = await db
+      .delete(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, idModule),
+          eq(ueModules.idUE, idUE),
+          eq(ueModules.idPromo, idPromo),
+        ),
+      )
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,42 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../databases/db.ts";
+import { ues } from "../../../../databases/schema.ts";
+
+export const handler: Handlers = {
+  // #32 GET /ues
+  async GET() {
+    try {
+      const result = await db.select().from(ues);
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching UEs:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #33 POST /ues
+  async POST(request) {
+    try {
+      const body = await request.json();
+      const { nom } = body;
+
+      if (!nom || !nom.trim()) {
+        return new Response("Champ 'nom' manquant", { status: 400 });
+      }
+
+      const result = await db.insert(ues).values({ nom }).returning();
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 201,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error creating UE:", error);
+      return new Response("Failed to create UE", { status: 500 });
+    }
+  },
+};
@@ -0,0 +1,122 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../../databases/db.ts";
+import { ues } from "../../../../../databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+export const handler: Handlers = {
+  // # 34 GET /ues/:idUE
+  async GET(_request, context) {
+    try {
+      const idUE = parseInt(context.params.idUE);
+
+      if (isNaN(idUE)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const result = await db.select().from(ues).where(eq(ues.id, idUE));
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching UE:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+
+  // #35 PUT /ues/:idUE
+  async PUT(request, context) {
+    try {
+      const idUE = parseInt(context.params.idUE);
+
+      if (isNaN(idUE)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const body = await request.json();
+      const { nom } = body;
+
+      if (!nom) {
+        return new Response("Champ 'nom' manquant", { status: 400 });
+      }
+
+      const result = await db.update(ues).set({ nom }).where(eq(ues.id, idUE))
+        .returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error updating UE:", error);
+      return new Response("Failed to update UE", { status: 500 });
+    }
+  },
+
+  // #36 DELETE /ues/:idUE
+  async DELETE(_request, context) {
+    try {
+      const idUE = parseInt(context.params.idUE);
+
+      if (isNaN(idUE)) {
+        return new Response(
+          JSON.stringify({ error: "Paramètre idUE invalide" }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      const result = await db.delete(ues).where(eq(ues.id, idUE)).returning();
+
+      if (result.length === 0) {
+        return new Response(
+          JSON.stringify({ error: "Ressource introuvable" }),
+          {
+            status: 404,
+            headers: { "Content-Type": "application/json" },
+          },
+        );
+      }
+
+      return new Response(null, { status: 204 });
+    } catch (error) {
+      console.error("Error deleting UE:", error);
+      return new Response("Failed to delete UE", { status: 500 });
+    }
+  },
+};
@@ -22,7 +22,7 @@ export default function Promotion(props: PromotionProps) {
        <tbody>
          {props.students
            .filter((student) => student.promotionId === props.promo.id)
-            .map((student) => <Student student={student} />)}
+            .map((student) => <Student key={student.id} student={student} />)}
        </tbody>
      </table>
    </div>
@@ -104,7 +104,7 @@ export default function UploadStudents() {
  return (
    <>
      <input type="file" accept=".xlsx, .xls" onChange={handleFileChange} />
-      <button onClick={confirmUpload}>Confirm Upload</button>
+      <button type="button" onClick={confirmUpload}>Confirm Upload</button>
      <p>{statusMessage.value}</p>
    </>
  );
@@ -0,0 +1,49 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { promotions } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #13 GET /promotions
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(JSON.stringify([]), {
+        headers: { "content-type": "application/json" },
+      });
+    }
+
+    const rows = await db.select().from(promotions);
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #14 POST /promotions
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    const body: { idPromo: string; annee: string } = await request.json();
+
+    if (!body.idPromo || !body.annee) {
+      return new Response(null, { status: 400 });
+    }
+
+    const [created] = await db
+      .insert(promotions)
+      .values({ id: body.idPromo, annee: body.annee })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,79 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { promotions } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #15 GET /promotions/{idPromo}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const promo = await db
+      .select()
+      .from(promotions)
+      .where(eq(promotions.id, context.params.idPromo))
+      .then((rows) => rows[0] ?? null);
+
+    if (!promo) return NOT_FOUND;
+
+    return new Response(JSON.stringify(promo), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #16 PUT /promotions/{idPromo}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const body: { annee: string } = await request.json();
+
+    const [updated] = await db
+      .update(promotions)
+      .set({ annee: body.annee })
+      .where(eq(promotions.id, context.params.idPromo))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #17 DELETE /promotions/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const [deleted] = await db
+      .delete(promotions)
+      .where(eq(promotions.id, context.params.idPromo))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -1,151 +1,61 @@
 import { FreshContext, Handlers } from "$fresh/server.ts";
-import connect from "$root/databases/connect.ts";
+import { db } from "$root/databases/db.ts";
+import { students } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { Database } from "@db/sqlite";
-
-/**
- * Gets itself from the database.
- * @param database The database connection
- * @param userId The user ID.
- * @returns Itself from the database.
- */
-function getItself(
-  database: Database,
-  userId: string,
-): { student: Student | null; promo: Promotion | null } {
-  const studentQuery = "select * from students where userId = ?";
-  const student: Student | undefined = database.prepare(studentQuery).get(
-    userId,
-  );
-
-  if (!student) {
-    return { student: null, promo: null };
-  }
-
-  const promoQuery = "select * from promotions where id = ?";
-  const promo: Promotion | undefined = database.prepare(promoQuery).get(
-    student.promotionId,
-  );
-
-  return { student, promo: promo ?? null };
-}
-
-/**
- * Gets itself from the database.
- * @param database The database connexion
- * @param userId The user ID.
- * @returns Itself from the database.
- */
-function getAll(
-  database: Database,
-): { students: Student[]; promos: Promotion[] } {
-  const studentsQuery = `
-    select userId, firstName, lastName, mail, promotionId
-    from students inner join promotions
-    on students.promotionId = promotions.id
-    where promotions.current < 6`;
-  const students: Student[] = database.prepare(studentsQuery).all();
-
-  const promosQuery = "select * from promotions where promotions.current < 6";
-  const promos: Promotion[] | undefined = database.prepare(promosQuery).all();
-
-  return { students, promos };
-}
-
-/**
- * Add users to the database.
- * @param database The database connexion
- * @param students The students to add
- * @param promoId The promotion id.
- */
-function addStudents(database: Database, students: Student[], promoId: string) {
-  const query = `
-    INSERT INTO students 
-    (userId, firstName, lastName, mail, promotionId) 
-    VALUES (?, ?, ?, ?, ?)`;
-
-  const statement = database.prepare(query);
-
-  for (const student of students) {
-    statement.run(
-      student.userId,
-      student.firstName,
-      student.lastName,
-      student.mail,
-      promoId,
-    );
-  }
-}
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers<null, AuthenticatedState> = {
-  /**
-   * The students the user can see.
-   * @param _request The HTTP request.
-   * @param _context The context with authenticated state.
-   * @returns All students our user can see.
-   */
-  // deno-lint-ignore require-await
+  // #7 GET /students
  async GET(
-    _request: Request,
+    request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
-    using connection = connect("students");
-    const database = connection.database;
-
-    if (context.state.session.eduPersonPrimaryAffiliation == "student") {
-      return new Response(
-        JSON.stringify(getItself(database, context.state.session.uid)),
-        {
-          headers: {
-            "content-type": "application/json",
-          },
-        },
-      );
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(JSON.stringify([]), {
+        headers: { "content-type": "application/json" },
+      });
    }

-    return new Response(
-      JSON.stringify(getAll(database)),
-      {
-        headers: {
-          "content-type": "application/json",
-        },
-      },
-    );
+    const url = new URL(request.url);
+    const idPromo = url.searchParams.get("idPromo");
+
+    const rows = idPromo
+      ? await db.select().from(students).where(eq(students.idPromo, idPromo))
+      : await db.select().from(students);
+
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
  },
-  /**
-   * Add students in the database.
-   * @param request The HTTP request.
-   * @param _context The Fresh context.
-   * @returns HTTP 201 on successful insert.
-   */
+
+  // #8 POST /students
  async POST(
    request: Request,
-    _context: FreshContext<AuthenticatedState>,
+    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
-    const { students, promo }: { students: Student[]; promo: string } =
-      await request.json();
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }

-    if (!promo || !promo.match(/^\d{4}-\dA$/) || !Array.isArray(students)) {
+    const body: {
+      numEtud: number;
+      nom: string;
+      prenom: string;
+      idPromo: string;
+    } = await request.json();
+
+    if (!body.nom || !body.prenom || !body.idPromo) {
      return new Response(null, { status: 400 });
    }

-    using connection = connect("students");
-    const database = connection.database;
+    const [created] = await db
+      .insert(students)
+      .values({ nom: body.nom, prenom: body.prenom, idPromo: body.idPromo })
+      .returning();

-    const { endyear, current } = promo.match(
-      /^(?<endyear>\d{4})-(?<current>\d)A$/,
-    )?.groups!;
-
-    database.prepare(
-      "insert or ignore into promotions (endyear, current) values (?, ?)",
-    ).run(endyear, current);
-
-    const { id: promoId }: { id: string } = database
-      .prepare("select id from promotions where endyear = ? and current = ?")
-      .get(endyear, current)!;
-
-    addStudents(database, students, promoId);
-
-    return new Response(null, { status: 201 });
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
  },
 };
@@ -0,0 +1,83 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { students } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #10 GET /students/{numEtud}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const student = await db
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, numEtud))
+      .then((rows) => rows[0] ?? null);
+
+    if (!student) return NOT_FOUND;
+
+    return new Response(JSON.stringify(student), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #11 PUT /students/{numEtud}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const body: { nom: string; prenom: string; idPromo: string } = await request
+      .json();
+
+    const [updated] = await db
+      .update(students)
+      .set({ nom: body.nom, prenom: body.prenom, idPromo: body.idPromo })
+      .where(eq(students.numEtud, numEtud))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #12 DELETE /students/{numEtud}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const [deleted] = await db
+      .delete(students)
+      .where(eq(students.numEtud, numEtud))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,64 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { students } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+// #9 POST /students/import-csv
+export const handler: Handlers<null, AuthenticatedState> = {
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    const formData = await request.formData();
+    const file = formData.get("file") as File | null;
+    const idPromo = formData.get("idPromo") as string | null;
+
+    if (!file || !idPromo) {
+      return new Response(null, { status: 400 });
+    }
+
+    const text = await file.text();
+    const lines = text.trim().split("\n");
+
+    let imported = 0;
+    const errors: { line: number; message: string }[] = [];
+
+    for (let i = 0; i < lines.length; i++) {
+      const lineNum = i + 1;
+      const cols = lines[i].split(",").map((c) => c.trim());
+
+      const [numEtudStr, nom, prenom] = cols;
+
+      if (!numEtudStr) {
+        errors.push({ line: lineNum, message: "Numéro étudiant manquant" });
+        continue;
+      }
+
+      const numEtud = Number(numEtudStr);
+      if (isNaN(numEtud)) {
+        errors.push({ line: lineNum, message: "Numéro étudiant invalide" });
+        continue;
+      }
+
+      if (!nom || !prenom) {
+        errors.push({ line: lineNum, message: "Nom ou prénom manquant" });
+        continue;
+      }
+
+      await db
+        .insert(students)
+        .values({ nom, prenom, idPromo })
+        .onConflictDoNothing();
+
+      imported++;
+    }
+
+    return new Response(JSON.stringify({ imported, errors }), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,23 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+pkgs.mkShell {
+  name = "polympr-dev";
+  nativeBuildInputs = [
+    pkgs.deno
+    pkgs.patchelf
+    pkgs.tea
+  ];
+
+  buildInputs = [
+    pkgs.stdenv.cc.cc.lib
+  ];
+
+  shellHook = ''
+    export LD_LIBRARY_PATH="${pkgs.stdenv.cc.cc.lib}/lib:$LD_LIBRARY_PATH"
+    # Find the dynamic linker
+    export NIX_LD_INTERPRETER=$(cat ${pkgs.stdenv.cc}/nix-support/dynamic-linker)
+    echo "Welcome to PolyMPR development shell!"
+    echo "Use 'deno task compile' to build the CLI."
+    echo "If on NixOS, it will be automatically patched."
+  '';
+}
@@ -0,0 +1,349 @@
+// E2E tests for /ajustements endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedAjustements,
+  seedPromotions,
+  seedStudents,
+  seedUes,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as ajustementsHandler } from "$apps/notes/api/ajustements.ts";
+import { handler as ajustementHandler } from "$apps/notes/api/ajustements/[numEtud]/[idUE].ts";
+import { ajustements as ajustementsTable } from "$root/databases/schema.ts";
+import { testDb } from "../helpers/db_integration.ts";
+
+// --- GET /ajustements ---
+
+Deno.test({
+  name: "e2e ajustements: GET /ajustements returns all",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedAjustements([{ numEtud: s.numEtud, idUE: ue.id, valeur: 13.0 }]);
+    const res = await ajustementsHandler.GET!(
+      makeGetRequest("/ajustements"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: GET /ajustements?numEtud filters by student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s1] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    const [s2] = await seedStudents([{
+      nom: "Martin",
+      prenom: "Alice",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedAjustements([
+      { numEtud: s1.numEtud, idUE: ue.id, valeur: 13.0 },
+      { numEtud: s2.numEtud, idUE: ue.id, valeur: 15.0 },
+    ]);
+    const res = await ajustementsHandler.GET!(
+      makeGetRequest("/ajustements", { numEtud: String(s1.numEtud) }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+    assertEquals(body[0].numEtud, s1.numEtud);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: GET /ajustements?numEtud=NaN returns 400",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementsHandler.GET!(
+      makeGetRequest("/ajustements", { numEtud: "abc" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /ajustements ---
+
+Deno.test({
+  name:
+    "e2e ajustements: POST /ajustements creates ajustement (201) as employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Leroy",
+      prenom: "Paul",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    const res = await ajustementsHandler.POST!(
+      makeJsonRequest("/ajustements", "POST", {
+        numEtud: s.numEtud,
+        idUE: ue.id,
+        valeur: 14.5,
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.numEtud);
+    assertEquals(body.valeur, 14.5);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: POST /ajustements 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementsHandler.POST!(
+      makeJsonRequest("/ajustements", "POST", {
+        numEtud: 1,
+        idUE: 1,
+        valeur: 10.0,
+      }),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: POST /ajustements 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementsHandler.POST!(
+      makeJsonRequest("/ajustements", "POST", { numEtud: 12345 }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /ajustements/:numEtud/:idUE ---
+
+Deno.test({
+  name:
+    "e2e ajustements: GET /ajustements/:numEtud/:idUE returns correct ajustement (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s1, s2] = await seedStudents([
+      { nom: "Bernard", prenom: "Lucie", idPromo: "P1" },
+      { nom: "Dupont", prenom: "Jean", idPromo: "P1" },
+    ]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Maths" }, { nom: "UE Info" }]);
+    // Plusieurs lignes partageant numEtud=s1 — le handler doit discriminer par idUE
+    await seedAjustements([
+      { numEtud: s1.numEtud, idUE: ue1.id, valeur: 16.0 },
+      { numEtud: s1.numEtud, idUE: ue2.id, valeur: 8.0 },
+      { numEtud: s2.numEtud, idUE: ue1.id, valeur: 12.0 },
+    ]);
+    const res = await ajustementHandler.GET!(
+      makeGetRequest(`/ajustements/${s1.numEtud}/${ue1.id}`),
+      makeEmployeeContext({
+        numEtud: String(s1.numEtud),
+        idUE: String(ue1.id),
+      }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.valeur, 16.0);
+    assertEquals(body.numEtud, s1.numEtud);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: GET /ajustements/:numEtud/:idUE 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.GET!(
+      makeGetRequest("/ajustements/1/1"),
+      makeContextWithAffiliation("student", { numEtud: "1", idUE: "1" }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: GET /ajustements/:numEtud/:idUE 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.GET!(
+      makeGetRequest("/ajustements/99999/99"),
+      makeEmployeeContext({ numEtud: "99999", idUE: "99" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /ajustements/:numEtud/:idUE ---
+
+Deno.test({
+  name:
+    "e2e ajustements: PUT /ajustements/:numEtud/:idUE updates only targeted row (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Thomas",
+      prenom: "Eva",
+      idPromo: "P1",
+    }]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Physique" }, {
+      nom: "UE Chimie",
+    }]);
+    // Deux ajustements pour le même étudiant — seul ue1 doit être modifié
+    await seedAjustements([
+      { numEtud: s.numEtud, idUE: ue1.id, valeur: 10.0 },
+      { numEtud: s.numEtud, idUE: ue2.id, valeur: 7.0 },
+    ]);
+    const res = await ajustementHandler.PUT!(
+      makeJsonRequest(`/ajustements/${s.numEtud}/${ue1.id}`, "PUT", {
+        valeur: 19.0,
+      }),
+      makeEmployeeContext({ numEtud: String(s.numEtud), idUE: String(ue1.id) }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.valeur, 19.0);
+    // ue2 doit rester intact
+    const unchanged = await testDb.select().from(ajustementsTable);
+    const ue2Row = unchanged.find((a) => a.idUE === ue2.id);
+    assertEquals(ue2Row?.valeur, 7.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: PUT /ajustements/:numEtud/:idUE 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.PUT!(
+      makeJsonRequest("/ajustements/1/1", "PUT", { valeur: 10.0 }),
+      makeContextWithAffiliation("student", { numEtud: "1", idUE: "1" }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ajustements: PUT /ajustements/:numEtud/:idUE 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.PUT!(
+      makeJsonRequest("/ajustements/99999/99", "PUT", { valeur: 10.0 }),
+      makeEmployeeContext({ numEtud: "99999", idUE: "99" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /ajustements/:numEtud/:idUE ---
+
+Deno.test({
+  name:
+    "e2e ajustements: DELETE /ajustements/:numEtud/:idUE deletes only targeted row (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Petit",
+      prenom: "Hugo",
+      idPromo: "P1",
+    }]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Chimie" }, { nom: "UE Bio" }]);
+    // Deux ajustements pour le même étudiant — seul ue1 doit être supprimé
+    await seedAjustements([
+      { numEtud: s.numEtud, idUE: ue1.id, valeur: 11.0 },
+      { numEtud: s.numEtud, idUE: ue2.id, valeur: 14.0 },
+    ]);
+    const res = await ajustementHandler.DELETE!(
+      makeGetRequest(`/ajustements/${s.numEtud}/${ue1.id}`),
+      makeEmployeeContext({ numEtud: String(s.numEtud), idUE: String(ue1.id) }),
+    );
+    assertEquals(res.status, 204);
+    // ue2 doit toujours exister
+    const remaining = await testDb.select().from(ajustementsTable);
+    assertEquals(remaining.length, 1);
+    assertEquals(remaining[0].idUE, ue2.id);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ajustements: DELETE /ajustements/:numEtud/:idUE 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.DELETE!(
+      makeGetRequest("/ajustements/1/1"),
+      makeContextWithAffiliation("student", { numEtud: "1", idUE: "1" }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ajustements: DELETE /ajustements/:numEtud/:idUE 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementHandler.DELETE!(
+      makeGetRequest("/ajustements/99999/99"),
+      makeEmployeeContext({ numEtud: "99999", idUE: "99" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,240 @@
+// E2E tests for /enseignements endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedEnseignements,
+  seedModules,
+  seedPromotions,
+  seedUsers,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as enseignementsHandler } from "$apps/admin/api/enseignements.ts";
+import { handler as enseignementHandler } from "$apps/admin/api/enseignements/[idProf]/[idModule]/[idPromo].ts";
+
+// --- POST /enseignements ---
+
+Deno.test({
+  name:
+    "e2e enseignements: POST /enseignements creates enseignement (201) as employee",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    const res = await enseignementsHandler.POST!(
+      makeJsonRequest("/enseignements", "POST", {
+        idProf: "prof.dupont",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.idProf);
+    assertEquals(body.idModule, "M1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e enseignements: POST /enseignements 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementsHandler.POST!(
+      makeJsonRequest("/enseignements", "POST", {
+        idProf: "p",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e enseignements: POST /enseignements 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementsHandler.POST!(
+      makeJsonRequest("/enseignements", "POST", { idProf: "prof.dupont" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e enseignements: POST /enseignements 409 on duplicate",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([{
+      idProf: "prof.dupont",
+      idModule: "M1",
+      idPromo: "P1",
+    }]);
+    const res = await enseignementsHandler.POST!(
+      makeJsonRequest("/enseignements", "POST", {
+        idProf: "prof.dupont",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 409);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /enseignements/:idProf/:idModule/:idPromo ---
+
+Deno.test({
+  name:
+    "e2e enseignements: GET /enseignements/:idProf/:idModule/:idPromo returns enseignement (employee)",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([{
+      idProf: "prof.dupont",
+      idModule: "M1",
+      idPromo: "P1",
+    }]);
+    const res = await enseignementHandler.GET!(
+      makeGetRequest("/enseignements/prof.dupont/M1/P1"),
+      makeEmployeeContext({
+        idProf: "prof.dupont",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.idProf, "prof.dupont");
+    assertEquals(body.idModule, "M1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e enseignements: GET /enseignements/:idProf/:idModule/:idPromo 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementHandler.GET!(
+      makeGetRequest("/enseignements/p/M1/P1"),
+      makeContextWithAffiliation("student", {
+        idProf: "p",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e enseignements: GET /enseignements/:idProf/:idModule/:idPromo 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementHandler.GET!(
+      makeGetRequest("/enseignements/ghost/GHOST/GHOST"),
+      makeEmployeeContext({
+        idProf: "ghost",
+        idModule: "GHOST",
+        idPromo: "GHOST",
+      }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /enseignements/:idProf/:idModule/:idPromo ---
+
+Deno.test({
+  name:
+    "e2e enseignements: DELETE /enseignements/:idProf/:idModule/:idPromo returns 204 (employee)",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([{
+      idProf: "prof.dupont",
+      idModule: "M1",
+      idPromo: "P1",
+    }]);
+    const res = await enseignementHandler.DELETE!(
+      makeGetRequest("/enseignements/prof.dupont/M1/P1"),
+      makeEmployeeContext({
+        idProf: "prof.dupont",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e enseignements: DELETE /enseignements/:idProf/:idModule/:idPromo 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementHandler.DELETE!(
+      makeGetRequest("/enseignements/p/M1/P1"),
+      makeContextWithAffiliation("student", {
+        idProf: "p",
+        idModule: "M1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e enseignements: DELETE /enseignements/:idProf/:idModule/:idPromo 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementHandler.DELETE!(
+      makeGetRequest("/enseignements/ghost/GHOST/GHOST"),
+      makeEmployeeContext({
+        idProf: "ghost",
+        idModule: "GHOST",
+        idPromo: "GHOST",
+      }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,210 @@
+// #113 - E2E tests for /modules endpoints
+
+import { assertEquals } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import { seedModules, truncateAll } from "../helpers/db_integration.ts";
+import { handler as modulesHandler } from "$apps/admin/api/modules.ts";
+import { handler as moduleHandler } from "$apps/admin/api/modules/[idModule].ts";
+
+// --- GET /modules ---
+
+Deno.test({
+  name: "e2e modules: GET /modules returns all as employee",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "MATH101", nom: "Mathématiques" }, {
+      id: "INFO101",
+      nom: "Informatique",
+    }]);
+    const res = await modulesHandler.GET!(
+      makeGetRequest("/modules"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: GET /modules returns empty for non-employee",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "MATH101", nom: "Mathématiques" }]);
+    const res = await modulesHandler.GET!(
+      makeGetRequest("/modules"),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /modules ---
+
+Deno.test({
+  name: "e2e modules: POST /modules creates module (201)",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "PHYS101", nom: "Physique" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertEquals(body.id, "PHYS101");
+    assertEquals(body.nom, "Physique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: POST /modules 409 on duplicate id",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "MATH101", nom: "Mathématiques" }]);
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "MATH101", nom: "Doublon" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 409);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: POST /modules 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "X" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: POST /modules 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "X", nom: "Y" }),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /modules/:id ---
+
+Deno.test({
+  name: "e2e modules: GET /modules/:id returns module",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "ELEC201", nom: "Électronique" }]);
+    const res = await moduleHandler.GET!(
+      makeGetRequest("/modules/ELEC201"),
+      makeEmployeeContext({ idModule: "ELEC201" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "Électronique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: GET /modules/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await moduleHandler.GET!(
+      makeGetRequest("/modules/GHOST"),
+      makeEmployeeContext({ idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /modules/:id ---
+
+Deno.test({
+  name: "e2e modules: PUT /modules/:id updates nom",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "CHIM101", nom: "Chimie" }]);
+    const res = await moduleHandler.PUT!(
+      makeJsonRequest("/modules/CHIM101", "PUT", { nom: "Chimie organique" }),
+      makeEmployeeContext({ idModule: "CHIM101" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "Chimie organique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: PUT /modules/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await moduleHandler.PUT!(
+      makeJsonRequest("/modules/GHOST", "PUT", { nom: "X" }),
+      makeEmployeeContext({ idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /modules/:id ---
+
+Deno.test({
+  name: "e2e modules: DELETE /modules/:id returns 204",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "BIO101", nom: "Biologie" }]);
+    const res = await moduleHandler.DELETE!(
+      makeGetRequest("/modules/BIO101"),
+      makeEmployeeContext({ idModule: "BIO101" }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e modules: DELETE /modules/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await moduleHandler.DELETE!(
+      makeGetRequest("/modules/GHOST"),
+      makeEmployeeContext({ idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,283 @@
+// E2E tests for /notes endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedModules,
+  seedNotes,
+  seedPromotions,
+  seedStudents,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as notesHandler } from "$apps/notes/api/notes.ts";
+import { handler as noteHandler } from "$apps/notes/api/notes/[numEtud]/[idModule].ts";
+
+// --- GET /notes ---
+
+Deno.test({
+  name: "e2e notes: GET /notes returns all notes",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    await seedNotes([
+      { numEtud: s.numEtud, idModule: "M1", note: 15.0 },
+      { numEtud: s.numEtud, idModule: "M2", note: 12.0 },
+    ]);
+    const res = await notesHandler.GET!(
+      makeGetRequest("/notes"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: GET /notes?numEtud filters by student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s1] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    const [s2] = await seedStudents([{
+      nom: "Martin",
+      prenom: "Alice",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedNotes([
+      { numEtud: s1.numEtud, idModule: "M1", note: 15.0 },
+      { numEtud: s2.numEtud, idModule: "M1", note: 12.0 },
+    ]);
+    const res = await notesHandler.GET!(
+      makeGetRequest("/notes", { numEtud: String(s1.numEtud) }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+    assertEquals(body[0].numEtud, s1.numEtud);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: GET /notes?numEtud=NaN returns 400",
+  async fn() {
+    await truncateAll();
+    const res = await notesHandler.GET!(
+      makeGetRequest("/notes", { numEtud: "abc" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: GET /notes?idModule filters by module",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    await seedNotes([
+      { numEtud: s.numEtud, idModule: "M1", note: 15.0 },
+      { numEtud: s.numEtud, idModule: "M2", note: 10.0 },
+    ]);
+    const res = await notesHandler.GET!(
+      makeGetRequest("/notes", { idModule: "M1" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+    assertEquals(body[0].idModule, "M1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /notes ---
+
+Deno.test({
+  name: "e2e notes: POST /notes creates note (201)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Leroy",
+      prenom: "Paul",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const res = await notesHandler.POST!(
+      makeJsonRequest("/notes", "POST", {
+        numEtud: s.numEtud,
+        idModule: "M1",
+        note: 14.0,
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.numEtud);
+    assertEquals(body.note, 14.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: POST /notes 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await notesHandler.POST!(
+      makeJsonRequest("/notes", "POST", { numEtud: 12345 }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /notes/:numEtud/:idModule ---
+
+Deno.test({
+  name: "e2e notes: GET /notes/:numEtud/:idModule returns note",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Bernard",
+      prenom: "Lucie",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "M1", note: 18.0 }]);
+    const res = await noteHandler.GET!(
+      makeGetRequest(`/notes/${s.numEtud}/M1`),
+      makeEmployeeContext({ numEtud: String(s.numEtud), idModule: "M1" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.note, 18.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: GET /notes/:numEtud/:idModule 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await noteHandler.GET!(
+      makeGetRequest("/notes/99999/GHOST"),
+      makeEmployeeContext({ numEtud: "99999", idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /notes/:numEtud/:idModule ---
+
+Deno.test({
+  name: "e2e notes: PUT /notes/:numEtud/:idModule updates note",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Thomas",
+      prenom: "Eva",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "M1", note: 10.0 }]);
+    const res = await noteHandler.PUT!(
+      makeJsonRequest(`/notes/${s.numEtud}/M1`, "PUT", { note: 16.0 }),
+      makeEmployeeContext({ numEtud: String(s.numEtud), idModule: "M1" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.note, 16.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: PUT /notes/:numEtud/:idModule 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await noteHandler.PUT!(
+      makeJsonRequest("/notes/99999/GHOST", "PUT", { note: 10.0 }),
+      makeEmployeeContext({ numEtud: "99999", idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /notes/:numEtud/:idModule ---
+
+Deno.test({
+  name: "e2e notes: DELETE /notes/:numEtud/:idModule returns 204",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Petit",
+      prenom: "Hugo",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "M1", note: 9.0 }]);
+    const res = await noteHandler.DELETE!(
+      makeGetRequest(`/notes/${s.numEtud}/M1`),
+      makeEmployeeContext({ numEtud: String(s.numEtud), idModule: "M1" }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e notes: DELETE /notes/:numEtud/:idModule 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await noteHandler.DELETE!(
+      makeGetRequest("/notes/99999/GHOST"),
+      makeEmployeeContext({ numEtud: "99999", idModule: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,42 @@
+// #115 - E2E tests for GET /permissions
+// Handler statique (pas de DB), test direct du handler
+
+import { assertEquals, assertExists } from "@std/assert";
+import { makeEmployeeContext, makeGetRequest } from "../helpers/handler.ts";
+import { handler as permissionsHandler } from "$apps/admin/api/permissions.ts";
+
+Deno.test({
+  name: "e2e permissions: GET /permissions returns all 9 permissions",
+  fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    return res.text().then((text) => {
+      const data = JSON.parse(text);
+      assertEquals(data.length, 9);
+      assertExists(data.find((p: { id: string }) => p.id === "student_read"));
+      assertExists(data.find((p: { id: string }) => p.id === "role_write"));
+    });
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e permissions: GET /permissions - all entries have id and nom",
+  async fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    const data: { id: string; nom: string }[] = await res.json();
+    for (const p of data) {
+      assertEquals(typeof p.id, "string");
+      assertEquals(typeof p.nom, "string");
+    }
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,212 @@
+// #110 - E2E tests for /promotions endpoints
+
+import { assertEquals } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import { seedPromotions, truncateAll } from "../helpers/db_integration.ts";
+import { handler as promotionsHandler } from "$apps/students/api/promotions.ts";
+import { handler as promotionHandler } from "$apps/students/api/promotions/[idPromo].ts";
+
+// --- GET /promotions ---
+
+Deno.test({
+  name: "e2e promotions: GET /promotions returns all as employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([
+      { id: "PEIP1-2024", annee: "2024" },
+      { id: "PEIP2-2024", annee: "2024" },
+    ]);
+    const res = await promotionsHandler.GET!(
+      makeGetRequest("/promotions"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: GET /promotions returns empty for non-employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024", annee: "2024" }]);
+    const res = await promotionsHandler.GET!(
+      makeGetRequest("/promotions"),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /promotions ---
+
+Deno.test({
+  name: "e2e promotions: POST /promotions creates promotion (201)",
+  async fn() {
+    await truncateAll();
+    const res = await promotionsHandler.POST!(
+      makeJsonRequest("/promotions", "POST", {
+        idPromo: "INFO3-2025",
+        annee: "2025",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertEquals(body.id, "INFO3-2025");
+    assertEquals(body.annee, "2025");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: POST /promotions 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await promotionsHandler.POST!(
+      makeJsonRequest("/promotions", "POST", { idPromo: "X", annee: "2025" }),
+      makeContextWithAffiliation("student"),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: POST /promotions 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await promotionsHandler.POST!(
+      makeJsonRequest("/promotions", "POST", { idPromo: "X" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /promotions/:idPromo ---
+
+Deno.test({
+  name: "e2e promotions: GET /promotions/:id returns promotion",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024", annee: "2024" }]);
+    const res = await promotionHandler.GET!(
+      makeGetRequest("/promotions/INFO3-2024"),
+      makeEmployeeContext({ idPromo: "INFO3-2024" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.id, "INFO3-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: GET /promotions/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await promotionHandler.GET!(
+      makeGetRequest("/promotions/GHOST"),
+      makeEmployeeContext({ idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: GET /promotions/:id 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await promotionHandler.GET!(
+      makeGetRequest("/promotions/INFO3-2024"),
+      makeContextWithAffiliation("student", { idPromo: "INFO3-2024" }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /promotions/:idPromo ---
+
+Deno.test({
+  name: "e2e promotions: PUT /promotions/:id updates annee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2023", annee: "2023" }]);
+    const res = await promotionHandler.PUT!(
+      makeJsonRequest("/promotions/INFO3-2023", "PUT", { annee: "2024" }),
+      makeEmployeeContext({ idPromo: "INFO3-2023" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.annee, "2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: PUT /promotions/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await promotionHandler.PUT!(
+      makeJsonRequest("/promotions/GHOST", "PUT", { annee: "2025" }),
+      makeEmployeeContext({ idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /promotions/:idPromo ---
+
+Deno.test({
+  name: "e2e promotions: DELETE /promotions/:id returns 204",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2022", annee: "2022" }]);
+    const res = await promotionHandler.DELETE!(
+      makeGetRequest("/promotions/INFO3-2022"),
+      makeEmployeeContext({ idPromo: "INFO3-2022" }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e promotions: DELETE /promotions/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await promotionHandler.DELETE!(
+      makeGetRequest("/promotions/GHOST"),
+      makeEmployeeContext({ idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,592 @@
+// Robustness tests — input validation & side-effect isolation
+//
+// Chaque test documente le comportement réel du handler face à des entrées invalides.
+// Les tests marqués [BUG] représentent le comportement ATTENDU — ils échouent
+// intentionnellement pour exposer un bug dans le handler ciblé.
+
+import { assertEquals } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedModules,
+  seedPromotions,
+  seedStudents,
+  seedUes,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as modulesHandler } from "$apps/admin/api/modules.ts";
+import { handler as moduleHandler } from "$apps/admin/api/modules/[idModule].ts";
+import { handler as notesHandler } from "$apps/notes/api/notes.ts";
+import { handler as uesHandler } from "$apps/notes/api/ues.ts";
+import { handler as ueModulesHandler } from "$apps/notes/api/ue-modules.ts";
+import { handler as ajustementsHandler } from "$apps/notes/api/ajustements.ts";
+import { handler as enseignementsHandler } from "$apps/admin/api/enseignements.ts";
+import { handler as usersHandler } from "$apps/admin/api/users.ts";
+
+// Helper : request POST avec un body JSON invalide
+function makeMalformedRequest(path: string): Request {
+  return new Request(`http://localhost${path}`, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: "{ ceci n'est pas du json }",
+  });
+}
+
+// Helper : request POST sans body du tout
+function makeEmptyBodyRequest(path: string, method = "POST"): Request {
+  return new Request(`http://localhost${path}`, { method });
+}
+
+// =============================================================================
+// JSON MALFORMÉ
+// =============================================================================
+// Handlers AVEC try/catch → retournent 500
+// Handlers SANS try/catch → throwent (assertRejects)
+
+Deno.test({
+  name: "robustness: POST /notes malformed JSON → 500 (try/catch présent)",
+  async fn() {
+    await truncateAll();
+    const res = await notesHandler.POST!(
+      makeMalformedRequest("/notes"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /ues malformed JSON → 500 (try/catch présent)",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.POST!(
+      makeMalformedRequest("/ues"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /ue-modules malformed JSON → 500 (try/catch présent)",
+  async fn() {
+    await truncateAll();
+    const res = await ueModulesHandler.POST!(
+      makeMalformedRequest("/ue-modules"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "robustness: POST /ajustements malformed JSON → 500 (try/catch présent)",
+  async fn() {
+    await truncateAll();
+    const res = await ajustementsHandler.POST!(
+      makeMalformedRequest("/ajustements"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /modules malformed JSON → 500",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeMalformedRequest("/modules"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /enseignements malformed JSON → 500",
+  async fn() {
+    await truncateAll();
+    const res = await enseignementsHandler.POST!(
+      makeMalformedRequest("/enseignements"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /users malformed JSON → 500",
+  async fn() {
+    await truncateAll();
+    const res = await usersHandler.POST!(
+      makeMalformedRequest("/users"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// BODY ABSENT
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /notes sans body → 500",
+  async fn() {
+    await truncateAll();
+    const res = await notesHandler.POST!(
+      makeEmptyBodyRequest("/notes"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /modules sans body → 500",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeEmptyBodyRequest("/modules"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 500);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// CHAÎNES VIDES — comportement correct ✓
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /modules id vide → 400",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "", nom: "Test" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /modules nom vide → 400",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "M1", nom: "" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /ues nom vide → 400",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.POST!(
+      makeJsonRequest("/ues", "POST", { nom: "" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// CHAÎNES AVEC ESPACES SEULS — [BUG] passent !field et s'insèrent en DB
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /modules id=espaces → 400",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: "   ", nom: "Test" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /ues nom=espaces → 400",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.POST!(
+      makeJsonRequest("/ues", "POST", { nom: "   " }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /users id=espaces → 400",
+  async fn() {
+    await truncateAll();
+    const res = await usersHandler.POST!(
+      makeJsonRequest("/users", "POST", { id: "   ", nom: "X", prenom: "Y" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// MAUVAIS TYPES
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /notes note=string → 400",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Test",
+      prenom: "User",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const res = await notesHandler.POST!(
+      makeJsonRequest("/notes", "POST", {
+        note: "pas-un-nombre",
+        numEtud: s.numEtud,
+        idModule: "M1",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: PUT /modules/:id nom=number → 400",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const res = await moduleHandler.PUT!(
+      makeJsonRequest("/modules/M1", "PUT", { nom: 42 }),
+      makeEmployeeContext({ idModule: "M1" }),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// VALEUR ZÉRO — falsy bug sur numEtud/idUE
+// =============================================================================
+
+Deno.test({
+  name:
+    "robustness [BUG]: POST /ajustements numEtud=0 → 400 pour mauvaise raison",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    const res = await ajustementsHandler.POST!(
+      makeJsonRequest("/ajustements", "POST", {
+        numEtud: 0,
+        idUE: ue.id,
+        valeur: 10.0,
+      }),
+      makeEmployeeContext(),
+    );
+    // !0 === true → retourne 400 à cause du falsy check, pas d'une vraie validation
+    // Comportement attendu : 422 ou message d'erreur explicite sur numEtud invalide
+    // Comportement réel    : 400 générique "champs requis"
+    assertEquals(res.status, 400); // passe, mais pour la mauvaise raison — le message est trompeur
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness [BUG]: POST /ajustements idUE=0 → 400 pour mauvaise raison",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Test",
+      prenom: "User",
+      idPromo: "P1",
+    }]);
+    const res = await ajustementsHandler.POST!(
+      makeJsonRequest("/ajustements", "POST", {
+        numEtud: s.numEtud,
+        idUE: 0,
+        valeur: 10.0,
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400); // !0 → 400, message trompeur
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// VALEUR ZÉRO CORRECTEMENT GÉRÉE — coeff=0 est valide
+// =============================================================================
+
+Deno.test({
+  name:
+    "robustness: POST /ue-modules coeff=0 → 201 (zéro est une valeur valide)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    const res = await ueModulesHandler.POST!(
+      makeJsonRequest("/ue-modules", "POST", {
+        idModule: "M1",
+        idUE: ue.id,
+        idPromo: "P1",
+        coeff: 0,
+      }),
+      makeEmployeeContext(),
+    );
+    // coeff === undefined → false pour 0 → passe ✓
+    assertEquals(res.status, 201);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// INJECTION SQL DANS LES PARAMÈTRES D'URL
+// Drizzle utilise des requêtes paramétrées → les injections sont neutralisées
+// =============================================================================
+
+Deno.test({
+  name:
+    "robustness: GET /modules avec SQL injection dans id → 404 (Drizzle paramètre)",
+  async fn() {
+    await truncateAll();
+    const injectionId = "'; DROP TABLE modules; --";
+    const res = await moduleHandler.GET!(
+      makeGetRequest(`/modules/${encodeURIComponent(injectionId)}`),
+      makeEmployeeContext({ idModule: injectionId }),
+    );
+    // Drizzle génère WHERE id = $1 avec $1 = "'; DROP TABLE modules; --"
+    // Aucune injection possible → module non trouvé → 404
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "robustness: POST /modules avec SQL injection dans id → s'insère littéralement (safe)",
+  async fn() {
+    await truncateAll();
+    const injectionId = "'; DROP TABLE modules; --";
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", { id: injectionId, nom: "Test" }),
+      makeEmployeeContext(),
+    );
+    // Drizzle paramètre la valeur → s'insère comme une chaîne ordinaire → 201
+    assertEquals(res.status, 201);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// ABSENCE DE VALIDATION MÉTIER — valeurs hors limites acceptées
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /notes note > 20 → 400",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Test",
+      prenom: "User",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const res = await notesHandler.POST!(
+      makeJsonRequest("/notes", "POST", {
+        note: 999,
+        numEtud: s.numEtud,
+        idModule: "M1",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /notes note < 0 → 400",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Test",
+      prenom: "User",
+      idPromo: "P1",
+    }]);
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const res = await notesHandler.POST!(
+      makeJsonRequest("/notes", "POST", {
+        note: -5,
+        numEtud: s.numEtud,
+        idModule: "M1",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "robustness: POST /ue-modules coeff négatif → 400",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    const res = await ueModulesHandler.POST!(
+      makeJsonRequest("/ue-modules", "POST", {
+        idModule: "M1",
+        idUE: ue.id,
+        idPromo: "P1",
+        coeff: -3,
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// ISOLATION DES EFFETS DE BORD
+// Vérification que truncateAll() isole correctement chaque test
+// =============================================================================
+
+Deno.test({
+  name: "robustness: isolation — données du test précédent non visibles",
+  async fn() {
+    // Ce test crée un module
+    await truncateAll();
+    await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", {
+        id: "ISOLATION-TEST",
+        nom: "Test",
+      }),
+      makeEmployeeContext(),
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "robustness: isolation — truncateAll efface bien les données du test précédent",
+  async fn() {
+    await truncateAll();
+    // Le module créé dans le test précédent ne doit plus exister
+    const res = await moduleHandler.GET!(
+      makeGetRequest("/modules/ISOLATION-TEST"),
+      makeEmployeeContext({ idModule: "ISOLATION-TEST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// CHAMPS SUPPLÉMENTAIRES INCONNUS — doivent être ignorés silencieusement
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /modules avec champs inconnus → 201 (champs ignorés)",
+  async fn() {
+    await truncateAll();
+    const res = await modulesHandler.POST!(
+      makeJsonRequest("/modules", "POST", {
+        id: "M-EXTRA",
+        nom: "Test",
+        champInconnu: "valeur",
+        _admin: true,
+        __proto__: { polluted: true },
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// =============================================================================
+// ACCÈS NON AUTHENTIFIÉ — vérification que l'état auth est bien contrôlé
+// =============================================================================
+
+Deno.test({
+  name: "robustness: POST /modules sans affiliation employee → 403",
+  async fn() {
+    await truncateAll();
+    for (const role of ["student", "alumni", "", "EMPLOYEE", "admin"]) {
+      const res = await modulesHandler.POST!(
+        makeJsonRequest("/modules", "POST", { id: `M-${role}`, nom: "Test" }),
+        makeContextWithAffiliation(role),
+      );
+      assertEquals(res.status, 403, `role "${role}" devrait être 403`);
+    }
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,175 @@
+// #112 - E2E tests for /roles endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import { seedRoles, testDb, truncateAll } from "../helpers/db_integration.ts";
+import { permissions } from "$root/databases/schema.ts";
+import { handler as rolesHandler } from "$apps/admin/api/roles.ts";
+import { handler as roleHandler } from "$apps/admin/api/roles/[idRole].ts";
+
+// --- GET /roles ---
+
+Deno.test({
+  name: "e2e roles: GET /roles returns all with permissions",
+  async fn() {
+    await truncateAll();
+    await seedRoles([{ nom: "admin" }, { nom: "employee" }]);
+    const res = await rolesHandler.GET!(
+      makeGetRequest("/roles"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertExists(body[0].permissions);
+    assertEquals(Array.isArray(body[0].permissions), true);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /roles ---
+
+Deno.test({
+  name: "e2e roles: POST /roles creates role (201)",
+  async fn() {
+    await truncateAll();
+    const res = await rolesHandler.POST!(
+      makeJsonRequest("/roles", "POST", { nom: "viewer" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.id);
+    assertEquals(body.nom, "viewer");
+    assertEquals(body.permissions, []);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e roles: POST /roles 400 on missing nom",
+  async fn() {
+    await truncateAll();
+    const res = await rolesHandler.POST!(
+      makeJsonRequest("/roles", "POST", {}),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /roles/:id ---
+
+Deno.test({
+  name: "e2e roles: GET /roles/:id returns role with permissions",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "admin" }]);
+    await testDb.insert(permissions).values([
+      { id: "student_read", nom: "Consulter les élèves" },
+    ]);
+    const res = await roleHandler.GET!(
+      makeGetRequest(`/roles/${role.id}`),
+      makeEmployeeContext({ idRole: String(role.id) }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "admin");
+    assertEquals(Array.isArray(body.permissions), true);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e roles: GET /roles/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await roleHandler.GET!(
+      makeGetRequest("/roles/9999"),
+      makeEmployeeContext({ idRole: "9999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /roles/:id ---
+
+Deno.test({
+  name: "e2e roles: PUT /roles/:id updates nom and permissions",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "employee" }]);
+    await testDb.insert(permissions).values([
+      { id: "note_read", nom: "Consulter les notes" },
+    ]);
+    const res = await roleHandler.PUT!(
+      makeJsonRequest(`/roles/${role.id}`, "PUT", {
+        nom: "teacher",
+        permissions: ["note_read"],
+      }),
+      makeEmployeeContext({ idRole: String(role.id) }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "teacher");
+    assertEquals(body.permissions, ["note_read"]);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e roles: PUT /roles/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await roleHandler.PUT!(
+      makeJsonRequest("/roles/9999", "PUT", { nom: "ghost", permissions: [] }),
+      makeEmployeeContext({ idRole: "9999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /roles/:id ---
+
+Deno.test({
+  name: "e2e roles: DELETE /roles/:id returns 204",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "moderator" }]);
+    const res = await roleHandler.DELETE!(
+      makeGetRequest(`/roles/${role.id}`),
+      makeEmployeeContext({ idRole: String(role.id) }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e roles: DELETE /roles/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await roleHandler.DELETE!(
+      makeGetRequest("/roles/9999"),
+      makeEmployeeContext({ idRole: "9999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,288 @@
+// #109 - E2E tests for /students endpoints
+// Appelle les handlers Fresh directement avec un vrai contexte + vraie DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedPromotions,
+  seedStudents,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as studentsHandler } from "$apps/students/api/students.ts";
+import { handler as studentHandler } from "$apps/students/api/students/[numEtud].ts";
+
+// --- GET /students ---
+
+Deno.test({
+  name: "e2e students: GET /students returns all students as employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+    ]);
+
+    const req = makeGetRequest("/students");
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertExists(body.find((s: { nom: string }) => s.nom === "Dupont"));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students returns empty array for non-employee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+    ]);
+
+    const req = makeGetRequest("/students");
+    const ctx = makeContextWithAffiliation("student");
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students?idPromo filters by promotion",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }, { id: "PEIP2-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+      { nom: "Durand", prenom: "Claire", idPromo: "PEIP2-2024" },
+    ]);
+
+    const req = makeGetRequest("/students", { idPromo: "PEIP1-2024" });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertEquals(
+      body.every((s: { idPromo: string }) => s.idPromo === "PEIP1-2024"),
+      true,
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /students ---
+
+Deno.test({
+  name: "e2e students: POST /students creates a student (201)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const req = makeJsonRequest("/students", "POST", {
+      nom: "Leroy",
+      prenom: "Paul",
+      idPromo: "INFO3-2024",
+    });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.numEtud);
+    assertEquals(body.nom, "Leroy");
+    assertEquals(body.idPromo, "INFO3-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: POST /students 403 for non-employee",
+  async fn() {
+    await truncateAll();
+
+    const req = makeJsonRequest("/students", "POST", {
+      nom: "Test",
+      prenom: "User",
+      idPromo: "PEIP1-2024",
+    });
+    const ctx = makeContextWithAffiliation("student");
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: POST /students 400 when missing required fields",
+  async fn() {
+    await truncateAll();
+
+    const req = makeJsonRequest("/students", "POST", { nom: "Leroy" });
+    const ctx = makeEmployeeContext();
+    const res = await studentsHandler.POST!(req, ctx);
+
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud returns student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Bernard", prenom: "Lucie", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeGetRequest(`/students/${s.numEtud}`);
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.numEtud, s.numEtud);
+    assertEquals(body.nom, "Bernard");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/999999");
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: GET /students/:numEtud 403 for non-employee",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/12345");
+    const ctx = makeContextWithAffiliation("student", { numEtud: "12345" });
+    const res = await studentHandler.GET!(req, ctx);
+
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: PUT /students/:numEtud updates student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }, { id: "INFO4-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Petit", prenom: "Hugo", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeJsonRequest(`/students/${s.numEtud}`, "PUT", {
+      nom: "Grand",
+      prenom: "Hugo",
+      idPromo: "INFO4-2024",
+    });
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.PUT!(req, ctx);
+
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "Grand");
+    assertEquals(body.idPromo, "INFO4-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: PUT /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const req = makeJsonRequest("/students/999999", "PUT", {
+      nom: "Ghost",
+      prenom: "Ghost",
+      idPromo: "INFO3-2024",
+    });
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.PUT!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /students/:numEtud ---
+
+Deno.test({
+  name: "e2e students: DELETE /students/:numEtud returns 204",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Thomas", prenom: "Eva", idPromo: "INFO3-2024" },
+    ]);
+
+    const req = makeGetRequest(`/students/${s.numEtud}`);
+    const ctx = makeEmployeeContext({ numEtud: String(s.numEtud) });
+    const res = await studentHandler.DELETE!(req, ctx);
+
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e students: DELETE /students/:numEtud 404 when not found",
+  async fn() {
+    await truncateAll();
+
+    const req = makeGetRequest("/students/999999");
+    const ctx = makeEmployeeContext({ numEtud: "999999" });
+    const res = await studentHandler.DELETE!(req, ctx);
+
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,312 @@
+// E2E tests for /ue-modules endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeContextWithAffiliation,
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedModules,
+  seedPromotions,
+  seedUeModules,
+  seedUes,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as ueModulesHandler } from "$apps/notes/api/ue-modules.ts";
+import { handler as ueModuleHandler } from "$apps/notes/api/ue-modules/[idModule]/[idUE]/[idPromo].ts";
+import { ueModules as ueModulesTable } from "$root/databases/schema.ts";
+import { testDb } from "../helpers/db_integration.ts";
+
+// --- GET /ue-modules ---
+
+Deno.test({
+  name: "e2e ue_modules: GET /ue-modules returns all associations",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([
+      { idModule: "M1", idUE: ue.id, idPromo: "P1", coeff: 2.0 },
+      { idModule: "M2", idUE: ue.id, idPromo: "P1", coeff: 3.0 },
+    ]);
+    const res = await ueModulesHandler.GET!(
+      makeGetRequest("/ue-modules"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ue_modules: GET /ue-modules?idPromo filters by promo",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }, { id: "P2" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([
+      { idModule: "M1", idUE: ue.id, idPromo: "P1", coeff: 2.0 },
+      { idModule: "M1", idUE: ue.id, idPromo: "P2", coeff: 3.0 },
+    ]);
+    const res = await ueModulesHandler.GET!(
+      makeGetRequest("/ue-modules", { idPromo: "P1" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+    assertEquals(body[0].idPromo, "P1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /ue-modules ---
+
+Deno.test({
+  name: "e2e ue_modules: POST /ue-modules creates association (201)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    const res = await ueModulesHandler.POST!(
+      makeJsonRequest("/ue-modules", "POST", {
+        idModule: "M1",
+        idUE: ue.id,
+        idPromo: "P1",
+        coeff: 4.0,
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.idModule);
+    assertEquals(body.coeff, 4.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ue_modules: POST /ue-modules 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await ueModulesHandler.POST!(
+      makeJsonRequest("/ue-modules", "POST", { idModule: "M1" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /ue-modules/:idModule/:idUE/:idPromo ---
+
+Deno.test({
+  name:
+    "e2e ue_modules: GET /ue-modules/:idModule/:idUE/:idPromo returns correct association (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }, { id: "P2" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Info" }, { nom: "UE Maths" }]);
+    // Plusieurs lignes qui partagent idModule="M1" — le handler doit discriminer par idUE ET idPromo
+    await seedUeModules([
+      { idModule: "M1", idUE: ue1.id, idPromo: "P1", coeff: 3.5 },
+      { idModule: "M1", idUE: ue2.id, idPromo: "P1", coeff: 1.0 },
+      { idModule: "M1", idUE: ue1.id, idPromo: "P2", coeff: 2.0 },
+      { idModule: "M2", idUE: ue1.id, idPromo: "P1", coeff: 4.0 },
+    ]);
+    const res = await ueModuleHandler.GET!(
+      makeGetRequest(`/ue-modules/M1/${ue1.id}/P1`),
+      makeEmployeeContext({
+        idModule: "M1",
+        idUE: String(ue1.id),
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    // Doit retourner exactement M1/ue1/P1 avec coeff 3.5, pas une autre ligne
+    assertEquals(body.coeff, 3.5);
+    assertEquals(body.idPromo, "P1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: GET /ue-modules/:idModule/:idUE/:idPromo 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.GET!(
+      makeGetRequest("/ue-modules/M1/1/P1"),
+      makeContextWithAffiliation("student", {
+        idModule: "M1",
+        idUE: "1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: GET /ue-modules/:idModule/:idUE/:idPromo 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.GET!(
+      makeGetRequest("/ue-modules/GHOST/1/GHOST"),
+      makeEmployeeContext({ idModule: "GHOST", idUE: "1", idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /ue-modules/:idModule/:idUE/:idPromo ---
+
+Deno.test({
+  name:
+    "e2e ue_modules: PUT /ue-modules/:idModule/:idUE/:idPromo updates only the targeted row (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }, { id: "P2" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Info" }, { nom: "UE Maths" }]);
+    // Deux lignes avec même idModule — le PUT ne doit modifier que celle ciblée
+    await seedUeModules([
+      { idModule: "M1", idUE: ue1.id, idPromo: "P1", coeff: 2.0 },
+      { idModule: "M1", idUE: ue2.id, idPromo: "P2", coeff: 9.0 },
+    ]);
+    const res = await ueModuleHandler.PUT!(
+      makeJsonRequest(`/ue-modules/M1/${ue1.id}/P1`, "PUT", { coeff: 5.0 }),
+      makeEmployeeContext({
+        idModule: "M1",
+        idUE: String(ue1.id),
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.coeff, 5.0);
+    assertEquals(body.idPromo, "P1");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: PUT /ue-modules/:idModule/:idUE/:idPromo 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.PUT!(
+      makeJsonRequest("/ue-modules/M1/1/P1", "PUT", { coeff: 5.0 }),
+      makeContextWithAffiliation("student", {
+        idModule: "M1",
+        idUE: "1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: PUT /ue-modules/:idModule/:idUE/:idPromo 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.PUT!(
+      makeJsonRequest("/ue-modules/GHOST/1/GHOST", "PUT", { coeff: 5.0 }),
+      makeEmployeeContext({ idModule: "GHOST", idUE: "1", idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /ue-modules/:idModule/:idUE/:idPromo ---
+
+Deno.test({
+  name:
+    "e2e ue_modules: DELETE /ue-modules/:idModule/:idUE/:idPromo deletes only targeted row (employee)",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }, { id: "P2" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue1, ue2] = await seedUes([{ nom: "UE Info" }, { nom: "UE Maths" }]);
+    // Deux lignes avec même idModule — seule celle ciblée doit être supprimée
+    await seedUeModules([
+      { idModule: "M1", idUE: ue1.id, idPromo: "P1", coeff: 2.0 },
+      { idModule: "M1", idUE: ue2.id, idPromo: "P2", coeff: 4.0 },
+    ]);
+    const res = await ueModuleHandler.DELETE!(
+      makeGetRequest(`/ue-modules/M1/${ue1.id}/P1`),
+      makeEmployeeContext({
+        idModule: "M1",
+        idUE: String(ue1.id),
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 204);
+    // L'autre ligne doit toujours exister
+    const remaining = await testDb.select().from(ueModulesTable);
+    assertEquals(remaining.length, 1);
+    assertEquals(remaining[0].idUE, ue2.id);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: DELETE /ue-modules/:idModule/:idUE/:idPromo 403 for non-employee",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.DELETE!(
+      makeGetRequest("/ue-modules/M1/1/P1"),
+      makeContextWithAffiliation("student", {
+        idModule: "M1",
+        idUE: "1",
+        idPromo: "P1",
+      }),
+    );
+    assertEquals(res.status, 403);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "e2e ue_modules: DELETE /ue-modules/:idModule/:idUE/:idPromo 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueModuleHandler.DELETE!(
+      makeGetRequest("/ue-modules/GHOST/1/GHOST"),
+      makeEmployeeContext({ idModule: "GHOST", idUE: "1", idPromo: "GHOST" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,178 @@
+// E2E tests for /ues endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import { seedUes, truncateAll } from "../helpers/db_integration.ts";
+import { handler as uesHandler } from "$apps/notes/api/ues.ts";
+import { handler as ueHandler } from "$apps/notes/api/ues/[idUE].ts";
+
+// --- GET /ues ---
+
+Deno.test({
+  name: "e2e ues: GET /ues returns all UEs",
+  async fn() {
+    await truncateAll();
+    await seedUes([{ nom: "UE Informatique" }, { nom: "UE Mathématiques" }]);
+    const res = await uesHandler.GET!(
+      makeGetRequest("/ues"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ues: GET /ues returns empty when no UEs",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.GET!(
+      makeGetRequest("/ues"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /ues ---
+
+Deno.test({
+  name: "e2e ues: POST /ues creates UE (201)",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.POST!(
+      makeJsonRequest("/ues", "POST", { nom: "UE Physique" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertExists(body.id);
+    assertEquals(body.nom, "UE Physique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ues: POST /ues 400 on missing nom",
+  async fn() {
+    await truncateAll();
+    const res = await uesHandler.POST!(
+      makeJsonRequest("/ues", "POST", {}),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /ues/:id ---
+
+Deno.test({
+  name: "e2e ues: GET /ues/:id returns UE",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE Chimie" }]);
+    const res = await ueHandler.GET!(
+      makeGetRequest(`/ues/${ue.id}`),
+      makeEmployeeContext({ idUE: String(ue.id) }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "UE Chimie");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ues: GET /ues/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueHandler.GET!(
+      makeGetRequest("/ues/99999"),
+      makeEmployeeContext({ idUE: "99999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /ues/:id ---
+
+Deno.test({
+  name: "e2e ues: PUT /ues/:id updates nom",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE Biologie" }]);
+    const res = await ueHandler.PUT!(
+      makeJsonRequest(`/ues/${ue.id}`, "PUT", {
+        nom: "UE Biologie moléculaire",
+      }),
+      makeEmployeeContext({ idUE: String(ue.id) }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "UE Biologie moléculaire");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ues: PUT /ues/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueHandler.PUT!(
+      makeJsonRequest("/ues/99999", "PUT", { nom: "X" }),
+      makeEmployeeContext({ idUE: "99999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /ues/:id ---
+
+Deno.test({
+  name: "e2e ues: DELETE /ues/:id returns 204",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE à supprimer" }]);
+    const res = await ueHandler.DELETE!(
+      makeGetRequest(`/ues/${ue.id}`),
+      makeEmployeeContext({ idUE: String(ue.id) }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e ues: DELETE /ues/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await ueHandler.DELETE!(
+      makeGetRequest("/ues/99999"),
+      makeEmployeeContext({ idUE: "99999" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,239 @@
+// E2E tests for /users endpoints — handler + real DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  makeEmployeeContext,
+  makeGetRequest,
+  makeJsonRequest,
+} from "../helpers/handler.ts";
+import {
+  seedRoles,
+  seedUsers,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { handler as usersHandler } from "$apps/admin/api/users.ts";
+import { handler as userHandler } from "$apps/admin/api/users/[id].ts";
+
+// --- GET /users ---
+
+Deno.test({
+  name: "e2e users: GET /users returns all users",
+  async fn() {
+    await truncateAll();
+    await seedUsers([
+      { id: "dupont.jean", nom: "Dupont", prenom: "Jean" },
+      { id: "martin.alice", nom: "Martin", prenom: "Alice" },
+    ]);
+    const res = await usersHandler.GET!(
+      makeGetRequest("/users"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 2);
+    assertExists(body.find((u: { id: string }) => u.id === "dupont.jean"));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: GET /users returns empty when no users",
+  async fn() {
+    await truncateAll();
+    const res = await usersHandler.GET!(
+      makeGetRequest("/users"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: GET /users?idRole filters by role",
+  async fn() {
+    await truncateAll();
+    const [role1] = await seedRoles([{ nom: "admin" }]);
+    const [role2] = await seedRoles([{ nom: "employee" }]);
+    await seedUsers([
+      { id: "admin.user", nom: "Admin", prenom: "User", idRole: role1.id },
+      { id: "emp.user", nom: "Emp", prenom: "User", idRole: role2.id },
+    ]);
+    const res = await usersHandler.GET!(
+      makeGetRequest("/users", { idRole: String(role1.id) }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.length, 1);
+    assertEquals(body[0].id, "admin.user");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- POST /users ---
+
+Deno.test({
+  name: "e2e users: POST /users creates user (201)",
+  async fn() {
+    await truncateAll();
+    const res = await usersHandler.POST!(
+      makeJsonRequest("/users", "POST", {
+        id: "new.user",
+        nom: "New",
+        prenom: "User",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 201);
+    const body = await res.json();
+    assertEquals(body.id, "new.user");
+    assertEquals(body.nom, "New");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: POST /users 400 on missing fields",
+  async fn() {
+    await truncateAll();
+    const res = await usersHandler.POST!(
+      makeJsonRequest("/users", "POST", { id: "x" }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 400);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: POST /users 409 on duplicate id",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "dupont.jean", nom: "Dupont", prenom: "Jean" }]);
+    const res = await usersHandler.POST!(
+      makeJsonRequest("/users", "POST", {
+        id: "dupont.jean",
+        nom: "Doublon",
+        prenom: "X",
+      }),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 409);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- GET /users/:id ---
+
+Deno.test({
+  name: "e2e users: GET /users/:id returns user",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "bernard.lucie", nom: "Bernard", prenom: "Lucie" }]);
+    const res = await userHandler.GET!(
+      makeGetRequest("/users/bernard.lucie"),
+      makeEmployeeContext({ id: "bernard.lucie" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.id, "bernard.lucie");
+    assertEquals(body.nom, "Bernard");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: GET /users/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await userHandler.GET!(
+      makeGetRequest("/users/ghost.user"),
+      makeEmployeeContext({ id: "ghost.user" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- PUT /users/:id ---
+
+Deno.test({
+  name: "e2e users: PUT /users/:id updates user",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "thomas.eva", nom: "Thomas", prenom: "Eva" }]);
+    const res = await userHandler.PUT!(
+      makeJsonRequest("/users/thomas.eva", "PUT", {
+        nom: "Thomas-Modifié",
+        prenom: "Eva",
+        idRole: null,
+      }),
+      makeEmployeeContext({ id: "thomas.eva" }),
+    );
+    assertEquals(res.status, 200);
+    const body = await res.json();
+    assertEquals(body.nom, "Thomas-Modifié");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: PUT /users/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await userHandler.PUT!(
+      makeJsonRequest("/users/ghost.user", "PUT", {
+        nom: "X",
+        prenom: "Y",
+        idRole: null,
+      }),
+      makeEmployeeContext({ id: "ghost.user" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+// --- DELETE /users/:id ---
+
+Deno.test({
+  name: "e2e users: DELETE /users/:id returns 204",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "petit.hugo", nom: "Petit", prenom: "Hugo" }]);
+    const res = await userHandler.DELETE!(
+      makeGetRequest("/users/petit.hugo"),
+      makeEmployeeContext({ id: "petit.hugo" }),
+    );
+    assertEquals(res.status, 204);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e users: DELETE /users/:id 404 when not found",
+  async fn() {
+    await truncateAll();
+    const res = await userHandler.DELETE!(
+      makeGetRequest("/users/ghost.user"),
+      makeEmployeeContext({ id: "ghost.user" }),
+    );
+    assertEquals(res.status, 404);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,123 @@
+// Mock de fetch() pour les tests — supporte méthodes HTTP et status codes
+
+type HttpMethod = "GET" | "POST" | "PUT" | "DELETE";
+
+export interface MockRoute {
+  method?: HttpMethod;
+  status?: number;
+  body?: unknown;
+  headers?: Record<string, string>;
+}
+
+// deno-lint-ignore no-explicit-any
+let _originalFetch: ((input: any, init?: any) => Promise<Response>) | null =
+  null;
+let _calls: { url: string; method: string; body?: unknown }[] = [];
+
+/**
+ * Remplace globalThis.fetch par un mock configurable.
+ *
+ * Usage simple (GET 200 par défaut) :
+ *   mockFetch({ "/students": studentsData })
+ *
+ * Usage avancé (méthode + status) :
+ *   mockFetch({ "/students": { method: "POST", status: 201, body: newStudent } })
+ */
+export function mockFetch(
+  routes: Record<string, unknown | MockRoute>,
+): void {
+  _originalFetch = globalThis.fetch;
+  _calls = [];
+
+  globalThis.fetch = (
+    input: string | URL | Request,
+    init?: RequestInit,
+  ): Promise<Response> => {
+    const url = typeof input === "string"
+      ? input
+      : input instanceof URL
+      ? input.toString()
+      : input.url;
+    const method = (init?.method ?? "GET").toUpperCase();
+
+    // Parse le body si présent
+    let reqBody: unknown = undefined;
+    if (init?.body) {
+      try {
+        reqBody = JSON.parse(init.body as string);
+      } catch {
+        reqBody = init.body;
+      }
+    }
+
+    _calls.push({ url, method, body: reqBody });
+
+    for (const [pattern, config] of Object.entries(routes)) {
+      if (!url.includes(pattern)) continue;
+
+      // Config simple : la valeur est directement le body de réponse (GET 200)
+      if (!isRouteConfig(config)) {
+        return new Response(JSON.stringify(config), {
+          status: 200,
+          headers: { "Content-Type": "application/json" },
+        });
+      }
+
+      // Config avancée : vérifier la méthode si spécifiée
+      if (config.method && config.method !== method) continue;
+
+      const status = config.status ?? 200;
+
+      // 204 : pas de body
+      if (status === 204) {
+        return new Response(null, { status: 204 });
+      }
+
+      return new Response(
+        config.body !== undefined ? JSON.stringify(config.body) : null,
+        {
+          status,
+          headers: {
+            "Content-Type": "application/json",
+            ...config.headers,
+          },
+        },
+      );
+    }
+
+    return new Response(JSON.stringify({ error: "Not Found" }), {
+      status: 404,
+      headers: { "Content-Type": "application/json" },
+    });
+  };
+}
+
+/**
+ * Restaure le fetch original.
+ */
+export function restoreFetch(): void {
+  if (_originalFetch) {
+    globalThis.fetch = _originalFetch;
+    _originalFetch = null;
+  }
+  _calls = [];
+}
+
+/**
+ * Retourne la liste des appels fetch interceptés.
+ */
+export function getFetchCalls(): {
+  url: string;
+  method: string;
+  body?: unknown;
+}[] {
+  return [..._calls];
+}
+
+function isRouteConfig(value: unknown): value is MockRoute {
+  if (typeof value !== "object" || value === null || Array.isArray(value)) {
+    return false;
+  }
+  const v = value as Record<string, unknown>;
+  return "status" in v || "method" in v || "body" in v;
+}
@@ -0,0 +1,113 @@
+// Helper pour les tests d'intégration avec PostgreSQL
+// Nécessite les variables d'environnement POSTGRES_* (ou TEST_DATABASE_URL)
+
+import { drizzle } from "npm:drizzle-orm@0.45.2/node-postgres";
+import pg from "npm:pg@8.20.0";
+import * as schema from "$root/databases/schema.ts";
+
+const { Pool } = pg;
+
+function createTestPool(): pg.Pool {
+  const url = Deno.env.get("TEST_DATABASE_URL");
+  if (url) {
+    return new Pool({ connectionString: url });
+  }
+  return new Pool({
+    host: Deno.env.get("POSTGRES_HOST") ?? "localhost",
+    port: Number(Deno.env.get("POSTGRES_PORT") ?? 5432),
+    user: Deno.env.get("POSTGRES_USER") ?? "test",
+    password: Deno.env.get("POSTGRES_PASS") ?? "test",
+    database: Deno.env.get("POSTGRES_DB") ?? "polympr_test",
+    ssl: false,
+  });
+}
+
+export const testPool = createTestPool();
+export const testDb = drizzle(testPool, { schema });
+
+const ALL_TABLES =
+  '"mobility","ajustements","notes","ue_modules","enseignements","role_permissions","students","users","modules","ues","promotions","permissions","roles"';
+
+/**
+ * Vide toutes les tables dans le bon ordre.
+ * À appeler dans beforeEach de chaque test d'intégration.
+ */
+export async function truncateAll(): Promise<void> {
+  const client = await testPool.connect();
+  try {
+    await client.query(
+      `TRUNCATE TABLE ${ALL_TABLES} RESTART IDENTITY CASCADE`,
+    );
+  } finally {
+    client.release();
+  }
+}
+
+/**
+ * Ferme le pool à la fin de la suite de tests.
+ */
+export async function closeTestPool(): Promise<void> {
+  await testPool.end();
+}
+
+// --- Helpers d'insertion de fixtures ---
+
+export async function seedRoles(
+  rows: { nom: string }[],
+): Promise<typeof schema.roles.$inferSelect[]> {
+  return await testDb.insert(schema.roles).values(rows).returning();
+}
+
+export async function seedPromotions(
+  rows: { id: string; annee?: string }[],
+): Promise<typeof schema.promotions.$inferSelect[]> {
+  return await testDb.insert(schema.promotions).values(rows).returning();
+}
+
+export async function seedStudents(
+  rows: { nom: string; prenom: string; idPromo?: string }[],
+): Promise<typeof schema.students.$inferSelect[]> {
+  return await testDb.insert(schema.students).values(rows).returning();
+}
+
+export async function seedModules(
+  rows: { id: string; nom: string }[],
+): Promise<typeof schema.modules.$inferSelect[]> {
+  return await testDb.insert(schema.modules).values(rows).returning();
+}
+
+export async function seedUes(
+  rows: { nom: string }[],
+): Promise<typeof schema.ues.$inferSelect[]> {
+  return await testDb.insert(schema.ues).values(rows).returning();
+}
+
+export async function seedUsers(
+  rows: { id: string; nom: string; prenom: string; idRole?: number }[],
+): Promise<typeof schema.users.$inferSelect[]> {
+  return await testDb.insert(schema.users).values(rows).returning();
+}
+
+export async function seedNotes(
+  rows: { numEtud: number; idModule: string; note: number }[],
+): Promise<typeof schema.notes.$inferSelect[]> {
+  return await testDb.insert(schema.notes).values(rows).returning();
+}
+
+export async function seedUeModules(
+  rows: { idModule: string; idUE: number; idPromo: string; coeff: number }[],
+): Promise<typeof schema.ueModules.$inferSelect[]> {
+  return await testDb.insert(schema.ueModules).values(rows).returning();
+}
+
+export async function seedEnseignements(
+  rows: { idProf: string; idModule: string; idPromo: string }[],
+): Promise<typeof schema.enseignements.$inferSelect[]> {
+  return await testDb.insert(schema.enseignements).values(rows).returning();
+}
+
+export async function seedAjustements(
+  rows: { numEtud: number; idUE: number; valeur: number }[],
+): Promise<typeof schema.ajustements.$inferSelect[]> {
+  return await testDb.insert(schema.ajustements).values(rows).returning();
+}
@@ -0,0 +1,122 @@
+// Mock de la couche Drizzle pour les tests unitaires/intégration
+// Permet de tester les handlers sans connexion PostgreSQL
+
+export interface MockQueryResult<T> {
+  rows: T[];
+}
+
+export interface MockDbConfig {
+  // Table name → array of rows
+  // deno-lint-ignore no-explicit-any
+  tables: Record<string, Record<string, any>[]>;
+}
+
+/**
+ * Crée un mock de la DB Drizzle.
+ * Simule select/insert/update/delete avec un store en mémoire.
+ *
+ * Usage :
+ * ```ts
+ * const db = createMockDb({
+ *   tables: {
+ *     students: [{ numEtud: 21212006, nom: "Dupont", ... }],
+ *     notes: [],
+ *   }
+ * });
+ *
+ * // Lire toutes les lignes d'une table
+ * const rows = db.getTable("students");
+ *
+ * // Insérer
+ * db.insert("students", { numEtud: 21212009, nom: "Test", ... });
+ *
+ * // Trouver par clé
+ * const student = db.findOne("students", (r) => r.numEtud === 21212006);
+ *
+ * // Supprimer
+ * db.deleteWhere("students", (r) => r.numEtud === 21212006);
+ * ```
+ */
+export function createMockDb(config: MockDbConfig) {
+  // Deep clone pour éviter les mutations entre tests
+  // deno-lint-ignore no-explicit-any
+  const tables: Record<string, Record<string, any>[]> = {};
+  for (const [name, rows] of Object.entries(config.tables)) {
+    tables[name] = rows.map((r) => ({ ...r }));
+  }
+
+  return {
+    /** Retourne toutes les lignes d'une table */
+    getTable<T = Record<string, unknown>>(name: string): T[] {
+      return (tables[name] ?? []) as T[];
+    },
+
+    /** Retourne les lignes qui matchent le filtre */
+    findMany<T = Record<string, unknown>>(
+      name: string,
+      predicate: (row: T) => boolean,
+    ): T[] {
+      return (this.getTable<T>(name)).filter(predicate);
+    },
+
+    /** Retourne la première ligne qui matche, ou undefined */
+    findOne<T = Record<string, unknown>>(
+      name: string,
+      predicate: (row: T) => boolean,
+    ): T | undefined {
+      return (this.getTable<T>(name)).find(predicate);
+    },
+
+    /** Insère une ligne dans la table */
+    insert<T = Record<string, unknown>>(name: string, row: T): T {
+      if (!tables[name]) tables[name] = [];
+      const copy = { ...row } as T;
+      // deno-lint-ignore no-explicit-any
+      tables[name].push(copy as any);
+      return copy;
+    },
+
+    /** Met à jour les lignes qui matchent le prédicat */
+    updateWhere<T = Record<string, unknown>>(
+      name: string,
+      predicate: (row: T) => boolean,
+      updates: Partial<T>,
+    ): number {
+      const rows = this.getTable<T>(name);
+      let count = 0;
+      for (const row of rows) {
+        if (predicate(row)) {
+          Object.assign(row as Record<string, unknown>, updates);
+          count++;
+        }
+      }
+      return count;
+    },
+
+    /** Supprime les lignes qui matchent le prédicat */
+    deleteWhere<T = Record<string, unknown>>(
+      name: string,
+      predicate: (row: T) => boolean,
+    ): number {
+      const before = (tables[name] ?? []).length;
+      tables[name] = (tables[name] ?? []).filter(
+        (r) => !predicate(r as unknown as T),
+      );
+      return before - tables[name].length;
+    },
+
+    /** Vide une table */
+    clear(name: string): void {
+      tables[name] = [];
+    },
+
+    /** Vide toutes les tables */
+    reset(): void {
+      for (const name of Object.keys(tables)) {
+        tables[name] = [];
+      }
+    },
+  };
+}
+
+export type MockDb = ReturnType<typeof createMockDb>;
@@ -0,0 +1,137 @@
+// Types et données de test alignés sur l'API REST PolyMPR
+
+// --- Types ---
+
+export interface Student {
+  numEtud: number;
+  nom: string;
+  prenom: string;
+  idPromo: string;
+}
+
+export interface Promotion {
+  idPromo: string;
+  annee: string;
+}
+
+export interface Prof {
+  id: number;
+  nom: string;
+  prenom: string;
+}
+
+export interface Module {
+  id: string;
+  nom: string;
+}
+
+export interface Note {
+  note: number;
+  numEtud: number;
+  idModule: string;
+}
+
+export interface UE {
+  id: number;
+  nom: string;
+}
+
+export interface UeModule {
+  idModule: string;
+  idUE: number;
+  idPromo: string;
+  coeff: number;
+}
+
+export interface Enseignement {
+  idProf: number;
+  idModule: string;
+  idPromo: string;
+}
+
+export interface Ajustement {
+  numEtud: number;
+  idUE: number;
+  valeur: number;
+}
+
+export interface ImportResult {
+  imported: number;
+  errors: { line: number; message: string }[];
+}
+
+export interface ApiError {
+  error: string;
+}
+
+// --- Fixtures ---
+
+export const students: Student[] = [
+  { numEtud: 21212006, nom: "Dupont", prenom: "Jean", idPromo: "4AFISE25/26" },
+  {
+    numEtud: 21212007,
+    nom: "Martin",
+    prenom: "Alice",
+    idPromo: "4AFISE25/26",
+  },
+  {
+    numEtud: 21212008,
+    nom: "Durand",
+    prenom: "Claire",
+    idPromo: "3AFISE25/26",
+  },
+];
+
+export const promotions: Promotion[] = [
+  { idPromo: "4AFISE25/26", annee: "2025" },
+  { idPromo: "3AFISE25/26", annee: "2025" },
+  { idPromo: "JIA4A2526", annee: "2025" },
+];
+
+export const profs: Prof[] = [
+  { id: 1, nom: "Leclerc", prenom: "Jean" },
+  { id: 2, nom: "Moreau", prenom: "Sophie" },
+];
+
+export const modules: Module[] = [
+  { id: "JIN702C", nom: "Optimisation" },
+  { id: "JIN703C", nom: "Informatique" },
+  { id: "JIN704C", nom: "Physique" },
+];
+
+export const notes: Note[] = [
+  { note: 15.5, numEtud: 21212006, idModule: "JIN702C" },
+  { note: 12.0, numEtud: 21212006, idModule: "JIN703C" },
+  { note: 18.0, numEtud: 21212007, idModule: "JIN702C" },
+  { note: 9.0, numEtud: 21212008, idModule: "JIN704C" },
+];
+
+export const ues: UE[] = [
+  { id: 1, nom: "UE Informatique" },
+  { id: 2, nom: "UE Mathématiques" },
+];
+
+export const ueModules: UeModule[] = [
+  { idModule: "JIN702C", idUE: 1, idPromo: "4AFISE25/26", coeff: 3.0 },
+  { idModule: "JIN703C", idUE: 2, idPromo: "4AFISE25/26", coeff: 4.0 },
+  { idModule: "JIN704C", idUE: 1, idPromo: "3AFISE25/26", coeff: 2.0 },
+];
+
+export const enseignements: Enseignement[] = [
+  { idProf: 1, idModule: "JIN702C", idPromo: "4AFISE25/26" },
+  { idProf: 2, idModule: "JIN703C", idPromo: "4AFISE25/26" },
+  { idProf: 1, idModule: "JIN704C", idPromo: "3AFISE25/26" },
+];
+
+export const ajustements: Ajustement[] = [
+  { numEtud: 21212006, idUE: 1, valeur: 13.25 },
+  { numEtud: 21212008, idUE: 1, valeur: 11.0 },
+];
+
+// --- Réponses d'erreur standard ---
+
+export const ERROR_NOT_FOUND: ApiError = { error: "Ressource introuvable" };
+export const ERROR_CONFLICT: ApiError = { error: "Ressource déjà existante" };
+export const ERROR_BAD_REQUEST: ApiError = { error: "Requête invalide" };
+export const ERROR_UNAUTHORIZED: ApiError = { error: "Non authentifié" };
+export const ERROR_FORBIDDEN: ApiError = { error: "Accès interdit" };
@@ -0,0 +1,88 @@
+// Helper pour les tests E2E — appel direct des handlers Fresh
+// sans lancer de serveur HTTP
+
+import { FreshContext } from "$fresh/server.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { CasContent } from "$root/defaults/interfaces.ts";
+
+const BASE_EMPLOYEE_SESSION: CasContent = {
+  amuCampus: "",
+  amuComposante: "",
+  amuDateValidation: "",
+  coGroup: "",
+  eduPersonPrimaryAffiliation: "employee",
+  eduPersonPrincipalName: "test.user@polytech.fr",
+  mail: "test.user@polytech.fr",
+  displayName: "Test User",
+  givenName: "Test",
+  memberOf: [],
+  sn: "User",
+  supannCivilite: "M.",
+  supannEntiteAffectation: "",
+  supannEtuAnneeInscription: "",
+  supannEtuEtape: "",
+  uid: "test.user",
+};
+
+/**
+ * Crée un FreshContext mock authentifié en tant qu'employee.
+ */
+export function makeEmployeeContext(
+  params: Record<string, string> = {},
+): FreshContext<AuthenticatedState> {
+  return {
+    params,
+    state: {
+      isAuthenticated: true,
+      session: { ...BASE_EMPLOYEE_SESSION },
+      availablePages: {},
+    },
+    render: () => Promise.resolve(new Response()),
+    renderNotFound: () => Promise.resolve(new Response(null, { status: 404 })),
+    next: () => Promise.resolve(new Response()),
+  } as unknown as FreshContext<AuthenticatedState>;
+}
+
+/**
+ * Crée un FreshContext mock avec un affiliation personnalisée.
+ */
+export function makeContextWithAffiliation(
+  affiliation: string,
+  params: Record<string, string> = {},
+): FreshContext<AuthenticatedState> {
+  const ctx = makeEmployeeContext(params);
+  (ctx.state as AuthenticatedState).session.eduPersonPrimaryAffiliation =
+    affiliation;
+  return ctx;
+}
+
+/**
+ * Crée une Request GET simple.
+ */
+export function makeGetRequest(
+  path: string,
+  searchParams?: Record<string, string>,
+): Request {
+  const url = new URL(`http://localhost${path}`);
+  if (searchParams) {
+    for (const [k, v] of Object.entries(searchParams)) {
+      url.searchParams.set(k, v);
+    }
+  }
+  return new Request(url.toString());
+}
+
+/**
+ * Crée une Request POST/PUT avec un corps JSON.
+ */
+export function makeJsonRequest(
+  path: string,
+  method: string,
+  body: unknown,
+): Request {
+  return new Request(`http://localhost${path}`, {
+    method,
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify(body),
+  });
+}
@@ -0,0 +1,55 @@
+// Setup happy-dom + wrapper render pour les tests de composants Preact
+
+import { Window } from "happy-dom";
+
+let _window: Window | null = null;
+
+/**
+ * Initialise un environnement DOM virtuel via happy-dom.
+ * À appeler avant de rendre des composants Preact dans les tests.
+ */
+export function setupDOM(): void {
+  _window = new Window({ url: "http://localhost" });
+
+  // Expose les globals DOM nécessaires à Preact
+  const globals = _window as unknown as Record<string, unknown>;
+  const target = globalThis as unknown as Record<string, unknown>;
+
+  for (
+    const key of [
+      "document",
+      "navigator",
+      "location",
+      "HTMLElement",
+      "HTMLInputElement",
+      "HTMLTextAreaElement",
+      "HTMLSelectElement",
+      "Event",
+      "CustomEvent",
+      "KeyboardEvent",
+      "MouseEvent",
+      "InputEvent",
+      "MutationObserver",
+      "requestAnimationFrame",
+      "cancelAnimationFrame",
+    ]
+  ) {
+    target[key] = globals[key];
+  }
+
+  target["window"] = _window;
+}
+
+/**
+ * Nettoie l'environnement DOM.
+ * À appeler dans un afterEach ou à la fin d'un test.
+ */
+export function cleanupDOM(): void {
+  if (_window) {
+    const doc = _window.document;
+    doc.body.innerHTML = "";
+    doc.head.innerHTML = "";
+    _window.close();
+    _window = null;
+  }
+}
@@ -0,0 +1,160 @@
+// Integration tests for /ajustements — Drizzle ORM direct on real DB
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import {
+  seedAjustements,
+  seedPromotions,
+  seedStudents,
+  seedUes,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { ajustements } from "$root/databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration ajustements: list all ajustements",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedAjustements([{ numEtud: s.numEtud, idUE: ue.id, valeur: 13.0 }]);
+    const rows = await testDb.select().from(ajustements);
+    assertEquals(rows.length, 1);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ajustements: create and retrieve by composite key",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Martin",
+      prenom: "Alice",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Maths" }]);
+
+    const [created] = await testDb
+      .insert(ajustements)
+      .values({ numEtud: s.numEtud, idUE: ue.id, valeur: 15.5 })
+      .returning();
+    assertExists(created);
+    assertEquals(created.valeur, 15.5);
+
+    const row = await testDb
+      .select()
+      .from(ajustements)
+      .where(
+        and(eq(ajustements.numEtud, s.numEtud), eq(ajustements.idUE, ue.id)),
+      )
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+    assertEquals(row.valeur, 15.5);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "integration ajustements: get by composite key returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(ajustements)
+      .where(and(eq(ajustements.numEtud, 99999), eq(ajustements.idUE, 99)))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ajustements: duplicate composite key insert fails",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Durand",
+      prenom: "Claire",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedAjustements([{ numEtud: s.numEtud, idUE: ue.id, valeur: 12.0 }]);
+    await assertRejects(() =>
+      testDb.insert(ajustements).values({
+        numEtud: s.numEtud,
+        idUE: ue.id,
+        valeur: 13.0,
+      })
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ajustements: update valeur",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Bernard",
+      prenom: "Lucie",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Physique" }]);
+    await seedAjustements([{ numEtud: s.numEtud, idUE: ue.id, valeur: 10.0 }]);
+
+    const [updated] = await testDb
+      .update(ajustements)
+      .set({ valeur: 18.0 })
+      .where(
+        and(eq(ajustements.numEtud, s.numEtud), eq(ajustements.idUE, ue.id)),
+      )
+      .returning();
+    assertEquals(updated.valeur, 18.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ajustements: delete removes the ajustement",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    const [s] = await seedStudents([{
+      nom: "Thomas",
+      prenom: "Eva",
+      idPromo: "P1",
+    }]);
+    const [ue] = await seedUes([{ nom: "UE Chimie" }]);
+    await seedAjustements([{ numEtud: s.numEtud, idUE: ue.id, valeur: 11.0 }]);
+
+    await testDb.delete(ajustements).where(
+      and(eq(ajustements.numEtud, s.numEtud), eq(ajustements.idUE, ue.id)),
+    );
+    const row = await testDb
+      .select()
+      .from(ajustements)
+      .where(
+        and(eq(ajustements.numEtud, s.numEtud), eq(ajustements.idUE, ue.id)),
+      )
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,148 @@
+// Integration tests for /enseignements — Drizzle ORM direct on real DB
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import {
+  seedEnseignements,
+  seedModules,
+  seedPromotions,
+  seedUsers,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { enseignements } from "$root/databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration enseignements: list all enseignements",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([
+      { idProf: "prof.dupont", idModule: "M1", idPromo: "P1" },
+      { idProf: "prof.dupont", idModule: "M2", idPromo: "P1" },
+    ]);
+    const rows = await testDb.select().from(enseignements);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration enseignements: create and retrieve by composite key",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.moreau", nom: "Moreau", prenom: "Sophie" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+
+    const [created] = await testDb
+      .insert(enseignements)
+      .values({ idProf: "prof.moreau", idModule: "M1", idPromo: "P1" })
+      .returning();
+    assertExists(created);
+    assertEquals(created.idProf, "prof.moreau");
+
+    const row = await testDb
+      .select()
+      .from(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, "prof.moreau"),
+          eq(enseignements.idModule, "M1"),
+          eq(enseignements.idPromo, "P1"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "integration enseignements: get by composite key returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, "ghost"),
+          eq(enseignements.idModule, "GHOST"),
+          eq(enseignements.idPromo, "GHOST"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration enseignements: duplicate composite key insert fails",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([{
+      idProf: "prof.dupont",
+      idModule: "M1",
+      idPromo: "P1",
+    }]);
+    await assertRejects(() =>
+      testDb.insert(enseignements).values({
+        idProf: "prof.dupont",
+        idModule: "M1",
+        idPromo: "P1",
+      })
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration enseignements: delete removes the enseignement",
+  async fn() {
+    await truncateAll();
+    await seedUsers([{ id: "prof.dupont", nom: "Dupont", prenom: "Jean" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    await seedPromotions([{ id: "P1" }]);
+    await seedEnseignements([{
+      idProf: "prof.dupont",
+      idModule: "M1",
+      idPromo: "P1",
+    }]);
+
+    await testDb
+      .delete(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, "prof.dupont"),
+          eq(enseignements.idModule, "M1"),
+          eq(enseignements.idPromo, "P1"),
+        ),
+      );
+    const row = await testDb
+      .select()
+      .from(enseignements)
+      .where(
+        and(
+          eq(enseignements.idProf, "prof.dupont"),
+          eq(enseignements.idModule, "M1"),
+          eq(enseignements.idPromo, "P1"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,104 @@
+// #113 - Integration tests for /modules endpoints
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import { seedModules, testDb, truncateAll } from "../helpers/db_integration.ts";
+import { modules } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration modules: list all modules",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "MATH101", nom: "Mathématiques" }, {
+      id: "INFO101",
+      nom: "Informatique",
+    }]);
+    const rows = await testDb.select().from(modules);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration modules: create and retrieve by id",
+  async fn() {
+    await truncateAll();
+    const [created] = await testDb.insert(modules).values({
+      id: "PHYS101",
+      nom: "Physique",
+    }).returning();
+    assertExists(created);
+    assertEquals(created.id, "PHYS101");
+
+    const row = await testDb
+      .select()
+      .from(modules)
+      .where(eq(modules.id, "PHYS101"))
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration modules: get by id returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(modules)
+      .where(eq(modules.id, "NONEXISTENT"))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration modules: duplicate id insert fails",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "MATH101", nom: "Mathématiques" }]);
+    await assertRejects(() =>
+      testDb.insert(modules).values({ id: "MATH101", nom: "Doublon" })
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration modules: update nom",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "ELEC201", nom: "Électronique" }]);
+    const [updated] = await testDb
+      .update(modules)
+      .set({ nom: "Électronique numérique" })
+      .where(eq(modules.id, "ELEC201"))
+      .returning();
+    assertEquals(updated.nom, "Électronique numérique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration modules: delete removes the module",
+  async fn() {
+    await truncateAll();
+    await seedModules([{ id: "BIO101", nom: "Biologie" }]);
+    await testDb.delete(modules).where(eq(modules.id, "BIO101"));
+    const row = await testDb
+      .select()
+      .from(modules)
+      .where(eq(modules.id, "BIO101"))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,154 @@
+// Integration tests for /notes — Drizzle ORM direct on real DB
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import {
+  seedModules,
+  seedNotes,
+  seedPromotions,
+  seedStudents,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { notes } from "$root/databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration notes: list all notes",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PROMO-2024" }]);
+    const [s] = await seedStudents([{
+      nom: "Dupont",
+      prenom: "Jean",
+      idPromo: "PROMO-2024",
+    }]);
+    await seedModules([{ id: "MOD101", nom: "Module A" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "MOD101", note: 15.5 }]);
+    const rows = await testDb.select().from(notes);
+    assertEquals(rows.length, 1);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration notes: create and retrieve by composite key",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PROMO-2024" }]);
+    const [s] = await seedStudents([{
+      nom: "Martin",
+      prenom: "Alice",
+      idPromo: "PROMO-2024",
+    }]);
+    await seedModules([{ id: "MOD102", nom: "Module B" }]);
+
+    const [created] = await testDb.insert(notes).values({
+      numEtud: s.numEtud,
+      idModule: "MOD102",
+      note: 12.0,
+    }).returning();
+    assertExists(created);
+    assertEquals(created.note, 12.0);
+
+    const row = await testDb
+      .select()
+      .from(notes)
+      .where(and(eq(notes.numEtud, s.numEtud), eq(notes.idModule, "MOD102")))
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+    assertEquals(row.note, 12.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration notes: get by composite key returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(notes)
+      .where(and(eq(notes.numEtud, 99999), eq(notes.idModule, "GHOST")))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration notes: duplicate composite key insert fails",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PROMO-2024" }]);
+    const [s] = await seedStudents([{
+      nom: "Durand",
+      prenom: "Claire",
+      idPromo: "PROMO-2024",
+    }]);
+    await seedModules([{ id: "MOD103", nom: "Module C" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "MOD103", note: 10.0 }]);
+    await assertRejects(() =>
+      testDb.insert(notes).values({
+        numEtud: s.numEtud,
+        idModule: "MOD103",
+        note: 11.0,
+      })
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration notes: update note value",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PROMO-2024" }]);
+    const [s] = await seedStudents([{
+      nom: "Bernard",
+      prenom: "Lucie",
+      idPromo: "PROMO-2024",
+    }]);
+    await seedModules([{ id: "MOD104", nom: "Module D" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "MOD104", note: 8.0 }]);
+
+    const [updated] = await testDb
+      .update(notes)
+      .set({ note: 16.0 })
+      .where(and(eq(notes.numEtud, s.numEtud), eq(notes.idModule, "MOD104")))
+      .returning();
+    assertEquals(updated.note, 16.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration notes: delete removes the note",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PROMO-2024" }]);
+    const [s] = await seedStudents([{
+      nom: "Thomas",
+      prenom: "Eva",
+      idPromo: "PROMO-2024",
+    }]);
+    await seedModules([{ id: "MOD105", nom: "Module E" }]);
+    await seedNotes([{ numEtud: s.numEtud, idModule: "MOD105", note: 14.0 }]);
+
+    await testDb.delete(notes).where(
+      and(eq(notes.numEtud, s.numEtud), eq(notes.idModule, "MOD105")),
+    );
+    const row = await testDb
+      .select()
+      .from(notes)
+      .where(and(eq(notes.numEtud, s.numEtud), eq(notes.idModule, "MOD105")))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,112 @@
+// #110 - Integration tests for /promotions endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  seedPromotions,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { promotions } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration promotions: list all",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([
+      { id: "PEIP1-2024", annee: "2024" },
+      { id: "PEIP2-2024", annee: "2024" },
+    ]);
+    const rows = await testDb.select().from(promotions);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration promotions: create and retrieve by id",
+  async fn() {
+    await truncateAll();
+    const [created] = await testDb
+      .insert(promotions)
+      .values({ id: "INFO3-2025", annee: "2025" })
+      .returning();
+    assertExists(created);
+    assertEquals(created.id, "INFO3-2025");
+    assertEquals(created.annee, "2025");
+
+    const row = await testDb
+      .select()
+      .from(promotions)
+      .where(eq(promotions.id, "INFO3-2025"))
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration promotions: get by id returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(promotions)
+      .where(eq(promotions.id, "NONEXISTENT"))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration promotions: update annee",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2023", annee: "2023" }]);
+    const [updated] = await testDb
+      .update(promotions)
+      .set({ annee: "2024" })
+      .where(eq(promotions.id, "INFO3-2023"))
+      .returning();
+    assertExists(updated);
+    assertEquals(updated.annee, "2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration promotions: delete removes the row",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2022", annee: "2022" }]);
+    await testDb.delete(promotions).where(eq(promotions.id, "INFO3-2022"));
+    const row = await testDb
+      .select()
+      .from(promotions)
+      .where(eq(promotions.id, "INFO3-2022"))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration promotions: update non-existent returns empty",
+  async fn() {
+    await truncateAll();
+    const result = await testDb
+      .update(promotions)
+      .set({ annee: "2099" })
+      .where(eq(promotions.id, "GHOST"))
+      .returning();
+    assertEquals(result.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,123 @@
+// #112 - Integration tests for /roles endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import { seedRoles, testDb, truncateAll } from "../helpers/db_integration.ts";
+import { permissions, rolePermissions, roles } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration roles: list all roles",
+  async fn() {
+    await truncateAll();
+    await seedRoles([{ nom: "admin" }, { nom: "employee" }]);
+    const rows = await testDb.select().from(roles);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration roles: create and retrieve by id",
+  async fn() {
+    await truncateAll();
+    const [created] = await testDb.insert(roles).values({ nom: "viewer" })
+      .returning();
+    assertExists(created.id);
+    assertEquals(created.nom, "viewer");
+    const row = await testDb
+      .select()
+      .from(roles)
+      .where(eq(roles.id, created.id))
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration roles: assign and retrieve permissions",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "admin" }]);
+    await testDb.insert(permissions).values([
+      { id: "student_read", nom: "Consulter les élèves" },
+      { id: "student_write", nom: "Gérer les élèves" },
+    ]);
+    await testDb.insert(rolePermissions).values([
+      { idRole: role.id, idPermission: "student_read" },
+      { idRole: role.id, idPermission: "student_write" },
+    ]);
+    const perms = await testDb
+      .select()
+      .from(rolePermissions)
+      .where(eq(rolePermissions.idRole, role.id));
+    assertEquals(perms.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration roles: update role nom",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "employee" }]);
+    const [updated] = await testDb
+      .update(roles)
+      .set({ nom: "teacher" })
+      .where(eq(roles.id, role.id))
+      .returning();
+    assertEquals(updated.nom, "teacher");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration roles: reset permissions on update",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "admin" }]);
+    await testDb.insert(permissions).values([
+      { id: "note_read", nom: "Consulter les notes" },
+      { id: "note_write", nom: "Gérer les notes" },
+    ]);
+    await testDb.insert(rolePermissions).values([
+      { idRole: role.id, idPermission: "note_read" },
+    ]);
+    // reset
+    await testDb.delete(rolePermissions).where(
+      eq(rolePermissions.idRole, role.id),
+    );
+    await testDb.insert(rolePermissions).values([
+      { idRole: role.id, idPermission: "note_write" },
+    ]);
+    const perms = await testDb
+      .select()
+      .from(rolePermissions)
+      .where(eq(rolePermissions.idRole, role.id));
+    assertEquals(perms.length, 1);
+    assertEquals(perms[0].idPermission, "note_write");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration roles: delete role removes it",
+  async fn() {
+    await truncateAll();
+    const [role] = await seedRoles([{ nom: "moderator" }]);
+    await testDb.delete(roles).where(eq(roles.id, role.id));
+    const row = await testDb
+      .select()
+      .from(roles)
+      .where(eq(roles.id, role.id))
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,173 @@
+// #109 - Integration tests for /students endpoints
+// Teste les opérations DB directement avec une vraie base de données
+
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  seedPromotions,
+  seedStudents,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { students } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration students: list all students",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+    ]);
+
+    const rows = await testDb.select().from(students);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: filter by idPromo",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "PEIP1-2024" }, { id: "PEIP2-2024" }]);
+    await seedStudents([
+      { nom: "Dupont", prenom: "Jean", idPromo: "PEIP1-2024" },
+      { nom: "Martin", prenom: "Alice", idPromo: "PEIP1-2024" },
+      { nom: "Durand", prenom: "Claire", idPromo: "PEIP2-2024" },
+    ]);
+
+    const rows = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.idPromo, "PEIP1-2024"));
+    assertEquals(rows.length, 2);
+    assertEquals(rows.every((s) => s.idPromo === "PEIP1-2024"), true);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: create and retrieve by numEtud",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+
+    const [created] = await testDb
+      .insert(students)
+      .values({ nom: "Leroy", prenom: "Paul", idPromo: "INFO3-2024" })
+      .returning();
+
+    assertExists(created.numEtud);
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, created.numEtud))
+      .then((r) => r[0] ?? null);
+
+    assertExists(row);
+    assertEquals(row.nom, "Leroy");
+    assertEquals(row.idPromo, "INFO3-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: get by numEtud returns null when not found",
+  async fn() {
+    await truncateAll();
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, 999999))
+      .then((r) => r[0] ?? null);
+
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: update student fields",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }, { id: "INFO4-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Petit", prenom: "Hugo", idPromo: "INFO3-2024" },
+    ]);
+
+    const [updated] = await testDb
+      .update(students)
+      .set({ nom: "Grand", idPromo: "INFO4-2024" })
+      .where(eq(students.numEtud, s.numEtud))
+      .returning();
+
+    assertEquals(updated.nom, "Grand");
+    assertEquals(updated.idPromo, "INFO4-2024");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: delete student",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "INFO3-2024" }]);
+    const [s] = await seedStudents([
+      { nom: "Thomas", prenom: "Eva", idPromo: "INFO3-2024" },
+    ]);
+
+    await testDb.delete(students).where(eq(students.numEtud, s.numEtud));
+
+    const row = await testDb
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, s.numEtud))
+      .then((r) => r[0] ?? null);
+
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: update non-existent student returns empty",
+  async fn() {
+    await truncateAll();
+
+    const result = await testDb
+      .update(students)
+      .set({ nom: "Ghost" })
+      .where(eq(students.numEtud, 999999))
+      .returning();
+
+    assertEquals(result.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration students: delete non-existent student returns empty",
+  async fn() {
+    await truncateAll();
+
+    const result = await testDb
+      .delete(students)
+      .where(eq(students.numEtud, 999999))
+      .returning();
+
+    assertEquals(result.length, 0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,183 @@
+// Integration tests for /ue-modules — Drizzle ORM direct on real DB
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import {
+  seedModules,
+  seedPromotions,
+  seedUeModules,
+  seedUes,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { ueModules } from "$root/databases/schema.ts";
+import { and, eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration ue_modules: list all associations",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }, { id: "M2", nom: "Mod B" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([
+      { idModule: "M1", idUE: ue.id, idPromo: "P1", coeff: 2.0 },
+      { idModule: "M2", idUE: ue.id, idPromo: "P1", coeff: 3.0 },
+    ]);
+    const rows = await testDb.select().from(ueModules);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ue_modules: create and retrieve by composite key",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Maths" }]);
+
+    const [created] = await testDb
+      .insert(ueModules)
+      .values({ idModule: "M1", idUE: ue.id, idPromo: "P1", coeff: 4.0 })
+      .returning();
+    assertExists(created);
+    assertEquals(created.coeff, 4.0);
+
+    const row = await testDb
+      .select()
+      .from(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, "M1"),
+          eq(ueModules.idUE, ue.id),
+          eq(ueModules.idPromo, "P1"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+    assertEquals(row.coeff, 4.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name:
+    "integration ue_modules: get by composite key returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb
+      .select()
+      .from(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, "GHOST"),
+          eq(ueModules.idUE, 99),
+          eq(ueModules.idPromo, "GHOST"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ue_modules: duplicate composite key insert fails",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([{
+      idModule: "M1",
+      idUE: ue.id,
+      idPromo: "P1",
+      coeff: 2.0,
+    }]);
+    await assertRejects(() =>
+      testDb.insert(ueModules).values({
+        idModule: "M1",
+        idUE: ue.id,
+        idPromo: "P1",
+        coeff: 5.0,
+      })
+    );
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ue_modules: update coeff",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([{
+      idModule: "M1",
+      idUE: ue.id,
+      idPromo: "P1",
+      coeff: 2.0,
+    }]);
+
+    const [updated] = await testDb
+      .update(ueModules)
+      .set({ coeff: 6.0 })
+      .where(
+        and(
+          eq(ueModules.idModule, "M1"),
+          eq(ueModules.idUE, ue.id),
+          eq(ueModules.idPromo, "P1"),
+        ),
+      )
+      .returning();
+    assertEquals(updated.coeff, 6.0);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ue_modules: delete removes the association",
+  async fn() {
+    await truncateAll();
+    await seedPromotions([{ id: "P1" }]);
+    await seedModules([{ id: "M1", nom: "Mod A" }]);
+    const [ue] = await seedUes([{ nom: "UE Info" }]);
+    await seedUeModules([{
+      idModule: "M1",
+      idUE: ue.id,
+      idPromo: "P1",
+      coeff: 2.0,
+    }]);
+
+    await testDb
+      .delete(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, "M1"),
+          eq(ueModules.idUE, ue.id),
+          eq(ueModules.idPromo, "P1"),
+        ),
+      );
+    const row = await testDb
+      .select()
+      .from(ueModules)
+      .where(
+        and(
+          eq(ueModules.idModule, "M1"),
+          eq(ueModules.idUE, ue.id),
+          eq(ueModules.idPromo, "P1"),
+        ),
+      )
+      .then((r) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,90 @@
+// Integration tests for /ues — Drizzle ORM direct on real DB
+
+import { assertEquals, assertExists, assertRejects } from "@std/assert";
+import { seedUes, testDb, truncateAll } from "../helpers/db_integration.ts";
+import { ues } from "$root/databases/schema.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+Deno.test({
+  name: "integration ues: list all UEs",
+  async fn() {
+    await truncateAll();
+    await seedUes([{ nom: "UE Informatique" }, { nom: "UE Mathématiques" }]);
+    const rows = await testDb.select().from(ues);
+    assertEquals(rows.length, 2);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ues: create and retrieve by id",
+  async fn() {
+    await truncateAll();
+    const [created] = await testDb.insert(ues).values({ nom: "UE Physique" })
+      .returning();
+    assertExists(created);
+    assertExists(created.id);
+    assertEquals(created.nom, "UE Physique");
+
+    const row = await testDb.select().from(ues).where(eq(ues.id, created.id))
+      .then((r) => r[0] ?? null);
+    assertExists(row);
+    assertEquals(row.nom, "UE Physique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ues: get by id returns null when not found",
+  async fn() {
+    await truncateAll();
+    const row = await testDb.select().from(ues).where(eq(ues.id, 99999)).then((
+      r,
+    ) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ues: update nom",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE Chimie" }]);
+    const [updated] = await testDb.update(ues).set({
+      nom: "UE Chimie organique",
+    }).where(eq(ues.id, ue.id)).returning();
+    assertEquals(updated.nom, "UE Chimie organique");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ues: delete removes the UE",
+  async fn() {
+    await truncateAll();
+    const [ue] = await seedUes([{ nom: "UE à supprimer" }]);
+    await testDb.delete(ues).where(eq(ues.id, ue.id));
+    const row = await testDb.select().from(ues).where(eq(ues.id, ue.id)).then((
+      r,
+    ) => r[0] ?? null);
+    assertEquals(row, null);
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration ues: nom is required (not null)",
+  async fn() {
+    await truncateAll();
+    // deno-lint-ignore no-explicit-any
+    await assertRejects(() => testDb.insert(ues).values({ nom: null as any }));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,58 @@
+import { assertEquals, assertExists } from "@std/assert";
+import {
+  closeTestPool,
+  seedRoles,
+  seedUsers,
+  testDb,
+  truncateAll,
+} from "../helpers/db_integration.ts";
+import { users } from "$root/databases/schema.ts";
+
+Deno.test({
+  name: "integration: GET /users - DB round trip",
+  async fn() {
+    await truncateAll();
+
+    const [role] = await seedRoles([{ nom: "employee" }]);
+    await seedUsers([
+      { id: "dupont.jean", nom: "Dupont", prenom: "Jean", idRole: role.id },
+      { id: "martin.alice", nom: "Martin", prenom: "Alice", idRole: role.id },
+    ]);
+
+    const rows = await testDb.select().from(users);
+    assertEquals(rows.length, 2);
+    assertExists(rows.find((u) => u.id === "dupont.jean"));
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration: INSERT user and retrieve by id",
+  async fn() {
+    await truncateAll();
+
+    const [role] = await seedRoles([{ nom: "admin" }]);
+    const [created] = await testDb.insert(users).values({
+      id: "durand.claire",
+      nom: "Durand",
+      prenom: "Claire",
+      idRole: role.id,
+    }).returning();
+
+    assertExists(created);
+    assertEquals(created.id, "durand.claire");
+    assertEquals(created.nom, "Durand");
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "integration: cleanup - close pool",
+  async fn() {
+    await closeTestPool();
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
@@ -0,0 +1,224 @@
+// Unit tests for /ajustements endpoints — fixtures, mock API, mock DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Ajustement, ajustements } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("ajustements: fixtures have correct shape", () => {
+  assertEquals(ajustements.length, 2);
+  assertEquals(typeof ajustements[0].numEtud, "number");
+  assertEquals(typeof ajustements[0].idUE, "number");
+  assertEquals(typeof ajustements[0].valeur, "number");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /ajustements returns list", async () => {
+  mockFetch({ "/ajustements": ajustements });
+  try {
+    const res = await fetch("http://localhost/api/ajustements");
+    assertEquals(res.status, 200);
+    const data: Ajustement[] = await res.json();
+    assertEquals(data.length, 2);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ajustements?numEtud filters by student", async () => {
+  const filtered = ajustements.filter((a) => a.numEtud === 21212006);
+  mockFetch({ "/ajustements": filtered });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ajustements?numEtud=21212006",
+    );
+    const data: Ajustement[] = await res.json();
+    assertEquals(data.length, 1);
+    assertEquals(data[0].numEtud, 21212006);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ajustements?numEtud=NaN returns 400", async () => {
+  mockFetch({ "/ajustements": { status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/ajustements?numEtud=abc");
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ajustements creates ajustement (201) as employee", async () => {
+  const newAjust: Ajustement = { numEtud: 21212007, idUE: 2, valeur: 14.0 };
+  mockFetch({
+    "/ajustements": { method: "POST", status: 201, body: newAjust },
+  });
+  try {
+    const res = await fetch("http://localhost/api/ajustements", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(newAjust),
+    });
+    assertEquals(res.status, 201);
+    const data: Ajustement = await res.json();
+    assertEquals(data.numEtud, 21212007);
+    assertEquals(data.valeur, 14.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ajustements 403 for non-employee", async () => {
+  mockFetch({ "/ajustements": { method: "POST", status: 403 } });
+  try {
+    const res = await fetch("http://localhost/api/ajustements", {
+      method: "POST",
+    });
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ajustements 400 on missing fields", async () => {
+  mockFetch({ "/ajustements": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/ajustements", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ numEtud: 21212006 }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ajustements/:numEtud/:idUE returns ajustement (employee)", async () => {
+  mockFetch({ "/ajustements/21212006/1": ajustements[0] });
+  try {
+    const res = await fetch("http://localhost/api/ajustements/21212006/1");
+    assertEquals(res.status, 200);
+    const data: Ajustement = await res.json();
+    assertEquals(data.valeur, 13.25);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ajustements/:numEtud/:idUE 403 for non-employee", async () => {
+  mockFetch({ "/ajustements/21212006/1": { status: 403 } });
+  try {
+    const res = await fetch("http://localhost/api/ajustements/21212006/1");
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ajustements/:numEtud/:idUE 404 when not found", async () => {
+  mockFetch({
+    "/ajustements/99999/9": {
+      status: 404,
+      body: { error: "Ajustement introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/ajustements/99999/9");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /ajustements/:numEtud/:idUE updates valeur", async () => {
+  const updated: Ajustement = { ...ajustements[0], valeur: 18.0 };
+  mockFetch({
+    "/ajustements/21212006/1": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/ajustements/21212006/1", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ valeur: 18.0 }),
+    });
+    assertEquals(res.status, 200);
+    const data: Ajustement = await res.json();
+    assertEquals(data.valeur, 18.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /ajustements/:numEtud/:idUE returns 204", async () => {
+  mockFetch({ "/ajustements/21212006/1": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/ajustements/21212006/1", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find ajustement by composite key", () => {
+  const db = createMockDb({ tables: { ajustements: [...ajustements] } });
+  const a = db.findOne<Ajustement>(
+    "ajustements",
+    (a) => a.numEtud === 21212006 && a.idUE === 1,
+  );
+  assertExists(a);
+  assertEquals(a.valeur, 13.25);
+});
+
+Deno.test("mock DB: filter ajustements by numEtud", () => {
+  const db = createMockDb({ tables: { ajustements: [...ajustements] } });
+  const rows = db.findMany<Ajustement>(
+    "ajustements",
+    (a) => a.numEtud === 21212006,
+  );
+  assertEquals(rows.length, 1);
+});
+
+Deno.test("mock DB: insert ajustement", () => {
+  const db = createMockDb({ tables: { ajustements: [...ajustements] } });
+  db.insert<Ajustement>("ajustements", {
+    numEtud: 21212007,
+    idUE: 2,
+    valeur: 14.0,
+  });
+  assertEquals(db.getTable("ajustements").length, 3);
+});
+
+Deno.test("mock DB: update ajustement valeur", () => {
+  const db = createMockDb({ tables: { ajustements: [...ajustements] } });
+  db.updateWhere<Ajustement>(
+    "ajustements",
+    (a) => a.numEtud === 21212006 && a.idUE === 1,
+    { valeur: 20.0 },
+  );
+  assertEquals(
+    db.findOne<Ajustement>(
+      "ajustements",
+      (a) => a.numEtud === 21212006 && a.idUE === 1,
+    )?.valeur,
+    20.0,
+  );
+});
+
+Deno.test("mock DB: delete ajustement", () => {
+  const db = createMockDb({ tables: { ajustements: [...ajustements] } });
+  db.deleteWhere<Ajustement>(
+    "ajustements",
+    (a) => a.numEtud === 21212006 && a.idUE === 1,
+  );
+  assertEquals(db.getTable("ajustements").length, 1);
+});
@@ -0,0 +1,239 @@
+// Unit tests for /enseignements endpoints — fixtures, mock API, mock DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { enseignements } from "../helpers/fixtures.ts";
+
+interface Enseignement {
+  idProf: string;
+  idModule: string;
+  idPromo: string;
+}
+
+// --- Fixtures ---
+
+Deno.test("enseignements: fixtures have correct shape", () => {
+  assertEquals(enseignements.length, 3);
+  assertEquals(typeof enseignements[0].idModule, "string");
+  assertEquals(typeof enseignements[0].idPromo, "string");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: POST /enseignements creates enseignement (201) as employee", async () => {
+  const newEns: Enseignement = {
+    idProf: "prof.dupont",
+    idModule: "JIN702C",
+    idPromo: "4AFISE25/26",
+  };
+  mockFetch({
+    "/enseignements": { method: "POST", status: 201, body: newEns },
+  });
+  try {
+    const res = await fetch("http://localhost/api/enseignements", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(newEns),
+    });
+    assertEquals(res.status, 201);
+    const data: Enseignement = await res.json();
+    assertEquals(data.idModule, "JIN702C");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /enseignements 403 for non-employee", async () => {
+  mockFetch({ "/enseignements": { method: "POST", status: 403 } });
+  try {
+    const res = await fetch("http://localhost/api/enseignements", {
+      method: "POST",
+    });
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /enseignements 400 on missing fields", async () => {
+  mockFetch({ "/enseignements": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/enseignements", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ idProf: "prof.dupont" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /enseignements 409 on duplicate", async () => {
+  mockFetch({
+    "/enseignements": {
+      method: "POST",
+      status: 409,
+      body: { error: "Cet enseignement existe déjà." },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/enseignements", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        idProf: "prof.dupont",
+        idModule: "JIN702C",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 409);
+    const data = await res.json();
+    assertExists(data.error);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /enseignements/:idProf/:idModule/:idPromo returns enseignement (employee)", async () => {
+  const ens: Enseignement = {
+    idProf: "prof.dupont",
+    idModule: "JIN702C",
+    idPromo: "4AFISE25/26",
+  };
+  mockFetch({ "/enseignements/prof.dupont/JIN702C/4AFISE25": ens });
+  try {
+    const res = await fetch(
+      "http://localhost/api/enseignements/prof.dupont/JIN702C/4AFISE25%2F26",
+    );
+    assertEquals(res.status, 200);
+    const data: Enseignement = await res.json();
+    assertEquals(data.idProf, "prof.dupont");
+    assertEquals(data.idModule, "JIN702C");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /enseignements/:idProf/:idModule/:idPromo 403 for non-employee", async () => {
+  mockFetch({ "/enseignements/prof.dupont/JIN702C/4AFISE25": { status: 403 } });
+  try {
+    const res = await fetch(
+      "http://localhost/api/enseignements/prof.dupont/JIN702C/4AFISE25%2F26",
+    );
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /enseignements/:idProf/:idModule/:idPromo 404 when not found", async () => {
+  mockFetch({
+    "/enseignements/ghost/GHOST/GHOST": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch(
+      "http://localhost/api/enseignements/ghost/GHOST/GHOST",
+    );
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /enseignements/:idProf/:idModule/:idPromo returns 204 (employee)", async () => {
+  mockFetch({
+    "/enseignements/prof.dupont/JIN702C/4AFISE25": {
+      method: "DELETE",
+      status: 204,
+    },
+  });
+  try {
+    const res = await fetch(
+      "http://localhost/api/enseignements/prof.dupont/JIN702C/4AFISE25%2F26",
+      {
+        method: "DELETE",
+      },
+    );
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /enseignements/:idProf/:idModule/:idPromo 403 for non-employee", async () => {
+  mockFetch({
+    "/enseignements/prof.dupont/JIN702C/4AFISE25": {
+      method: "DELETE",
+      status: 403,
+    },
+  });
+  try {
+    const res = await fetch(
+      "http://localhost/api/enseignements/prof.dupont/JIN702C/4AFISE25%2F26",
+      {
+        method: "DELETE",
+      },
+    );
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find enseignement by composite key", () => {
+  const data = [
+    { idProf: "prof.dupont", idModule: "JIN702C", idPromo: "4AFISE25/26" },
+    { idProf: "prof.moreau", idModule: "JIN703C", idPromo: "4AFISE25/26" },
+  ];
+  const db = createMockDb({ tables: { enseignements: data } });
+  const e = db.findOne<Enseignement>(
+    "enseignements",
+    (e) => e.idProf === "prof.dupont" && e.idModule === "JIN702C",
+  );
+  assertExists(e);
+  assertEquals(e.idPromo, "4AFISE25/26");
+});
+
+Deno.test("mock DB: insert enseignement", () => {
+  const db = createMockDb({ tables: { enseignements: [] } });
+  db.insert<Enseignement>("enseignements", {
+    idProf: "prof.dupont",
+    idModule: "JIN702C",
+    idPromo: "4AFISE25/26",
+  });
+  assertEquals(db.getTable("enseignements").length, 1);
+});
+
+Deno.test("mock DB: delete enseignement", () => {
+  const data = [
+    { idProf: "prof.dupont", idModule: "JIN702C", idPromo: "4AFISE25/26" },
+    { idProf: "prof.moreau", idModule: "JIN703C", idPromo: "4AFISE25/26" },
+  ];
+  const db = createMockDb({ tables: { enseignements: data } });
+  db.deleteWhere<Enseignement>(
+    "enseignements",
+    (e) => e.idProf === "prof.dupont",
+  );
+  assertEquals(db.getTable("enseignements").length, 1);
+});
+
+Deno.test("mock DB: filter enseignements by idModule", () => {
+  const data = [
+    { idProf: "prof.dupont", idModule: "JIN702C", idPromo: "4AFISE25/26" },
+    { idProf: "prof.dupont", idModule: "JIN702C", idPromo: "3AFISE25/26" },
+    { idProf: "prof.moreau", idModule: "JIN703C", idPromo: "4AFISE25/26" },
+  ];
+  const db = createMockDb({ tables: { enseignements: data } });
+  const rows = db.findMany<Enseignement>(
+    "enseignements",
+    (e) => e.idModule === "JIN702C",
+  );
+  assertEquals(rows.length, 2);
+});
@@ -0,0 +1,266 @@
+import { assertEquals, assertExists } from "@std/assert";
+import { getFetchCalls, mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import {
+  ERROR_CONFLICT,
+  ERROR_NOT_FOUND,
+  modules,
+  notes,
+  type Student,
+  students,
+} from "../helpers/fixtures.ts";
+import { cleanupDOM, setupDOM } from "../helpers/render.ts";
+
+// --- Fixtures ---
+
+Deno.test("fixtures - students match API shape", () => {
+  assertEquals(students.length, 3);
+  assertEquals(students[0].numEtud, 21212006);
+  assertEquals(students[0].idPromo, "4AFISE25/26");
+  assertEquals(typeof students[0].idPromo, "string");
+});
+
+Deno.test("fixtures - modules have string ids", () => {
+  assertEquals(modules[0].id, "JIN702C");
+  assertEquals(typeof modules[0].id, "string");
+});
+
+Deno.test("fixtures - notes use decimal values", () => {
+  assertEquals(notes[0].note, 15.5);
+  assertEquals(notes[0].idModule, "JIN702C");
+});
+
+// --- Mock fetch simple (GET 200) ---
+
+Deno.test("mockFetch - GET returns mocked data", async () => {
+  mockFetch({ "/students": students });
+  try {
+    const res = await fetch("http://localhost/api/students");
+    assertEquals(res.status, 200);
+    const data = await res.json();
+    assertEquals(data.length, 3);
+    assertEquals(data[0].nom, "Dupont");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mockFetch - returns 404 for unknown routes", async () => {
+  mockFetch({});
+  try {
+    const res = await fetch("http://localhost/api/unknown");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock fetch avancé (méthodes + status codes) ---
+
+Deno.test("mockFetch - POST 201 created", async () => {
+  const newStudent = students[0];
+  mockFetch({
+    "/students": { method: "POST", status: 201, body: newStudent },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(newStudent),
+    });
+    assertEquals(res.status, 201);
+    const data = await res.json();
+    assertEquals(data.numEtud, 21212006);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mockFetch - DELETE 204 no content", async () => {
+  mockFetch({
+    "/students/21212006": { method: "DELETE", status: 204 },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+    assertEquals(res.body, null);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mockFetch - 404 error response", async () => {
+  mockFetch({
+    "/students/99999": { status: 404, body: ERROR_NOT_FOUND },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/99999");
+    assertEquals(res.status, 404);
+    const data = await res.json();
+    assertEquals(data.error, "Ressource introuvable");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mockFetch - 409 conflict", async () => {
+  mockFetch({
+    "/enseignements": { method: "POST", status: 409, body: ERROR_CONFLICT },
+  });
+  try {
+    const res = await fetch("http://localhost/api/enseignements", {
+      method: "POST",
+      body: JSON.stringify({
+        idProf: 1,
+        idModule: "JIN702C",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 409);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- getFetchCalls ---
+
+Deno.test("getFetchCalls - tracks all intercepted calls", async () => {
+  mockFetch({ "/notes": notes });
+  try {
+    await fetch("http://localhost/api/notes");
+    await fetch("http://localhost/api/notes?numEtud=21212006");
+    const calls = getFetchCalls();
+    assertEquals(calls.length, 2);
+    assertEquals(calls[0].method, "GET");
+    assertEquals(calls[1].url, "http://localhost/api/notes?numEtud=21212006");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("getFetchCalls - captures POST body", async () => {
+  mockFetch({ "/notes": { method: "POST", status: 201, body: notes[0] } });
+  try {
+    await fetch("http://localhost/api/notes", {
+      method: "POST",
+      body: JSON.stringify(notes[0]),
+    });
+    const calls = getFetchCalls();
+    assertEquals(calls.length, 1);
+    assertEquals(calls[0].method, "POST");
+    assertEquals((calls[0].body as { note: number }).note, 15.5);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mockDb - getTable returns seeded rows", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  assertEquals(db.getTable("students").length, 3);
+});
+
+Deno.test("mockDb - findOne by key", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const found = db.findOne<Student>("students", (r) => r.numEtud === 21212006);
+  assertExists(found);
+  assertEquals(found.nom, "Dupont");
+});
+
+Deno.test("mockDb - findOne returns undefined for missing", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const found = db.findOne<Student>("students", (r) => r.numEtud === 99999);
+  assertEquals(found, undefined);
+});
+
+Deno.test("mockDb - insert adds a row", () => {
+  const db = createMockDb({ tables: { students: [] } });
+  const newStudent: Student = {
+    numEtud: 21212099,
+    nom: "Test",
+    prenom: "User",
+    idPromo: "4AFISE25/26",
+  };
+  db.insert("students", newStudent);
+  assertEquals(db.getTable("students").length, 1);
+  assertEquals(
+    db.findOne<Student>("students", (r) => r.numEtud === 21212099)?.nom,
+    "Test",
+  );
+});
+
+Deno.test("mockDb - updateWhere modifies matching rows", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const updated = db.updateWhere<Student>(
+    "students",
+    (r) => r.numEtud === 21212006,
+    { prenom: "Marie" },
+  );
+  assertEquals(updated, 1);
+  assertEquals(
+    db.findOne<Student>("students", (r) => r.numEtud === 21212006)?.prenom,
+    "Marie",
+  );
+});
+
+Deno.test("mockDb - deleteWhere removes matching rows", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const deleted = db.deleteWhere<Student>(
+    "students",
+    (r) => r.numEtud === 21212006,
+  );
+  assertEquals(deleted, 1);
+  assertEquals(db.getTable("students").length, 2);
+});
+
+Deno.test("mockDb - findMany with filter", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const promo4 = db.findMany<Student>(
+    "students",
+    (r) => r.idPromo === "4AFISE25/26",
+  );
+  assertEquals(promo4.length, 2);
+});
+
+Deno.test("mockDb - reset clears all tables", () => {
+  const db = createMockDb({
+    tables: { students: [...students], notes: [...notes] },
+  });
+  db.reset();
+  assertEquals(db.getTable("students").length, 0);
+  assertEquals(db.getTable("notes").length, 0);
+});
+
+Deno.test("mockDb - isolated between instances", () => {
+  const db1 = createMockDb({ tables: { students: [...students] } });
+  const db2 = createMockDb({ tables: { students: [...students] } });
+  db1.deleteWhere<Student>("students", () => true);
+  assertEquals(db1.getTable("students").length, 0);
+  assertEquals(db2.getTable("students").length, 3);
+});
+
+// --- happy-dom ---
+
+Deno.test({
+  name: "happy-dom - document is available after setup",
+  sanitizeResources: false,
+  sanitizeOps: false,
+  fn() {
+    setupDOM();
+    try {
+      const doc = globalThis.document;
+      assertExists(doc);
+
+      const div = doc.createElement("div");
+      div.textContent = "hello";
+      doc.body.appendChild(div);
+
+      assertEquals(doc.body.textContent, "hello");
+    } finally {
+      cleanupDOM();
+    }
+  },
+});
@@ -0,0 +1,171 @@
+// #113 - Unit tests for /modules endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Module, modules } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("modules: fixtures have correct shape", () => {
+  assertEquals(modules.length, 3);
+  assertEquals(typeof modules[0].id, "string");
+  assertEquals(typeof modules[0].nom, "string");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /modules returns list", async () => {
+  mockFetch({ "/modules": modules });
+  try {
+    const res = await fetch("http://localhost/api/modules");
+    assertEquals(res.status, 200);
+    const data: Module[] = await res.json();
+    assertEquals(data.length, 3);
+    assertExists(data.find((m) => m.id === "JIN702C"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /modules/:id returns one module", async () => {
+  mockFetch({ "/modules/JIN702C": modules[0] });
+  try {
+    const res = await fetch("http://localhost/api/modules/JIN702C");
+    assertEquals(res.status, 200);
+    const data: Module = await res.json();
+    assertEquals(data.id, "JIN702C");
+    assertEquals(data.nom, "Optimisation");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /modules/:id 404 when not found", async () => {
+  mockFetch({
+    "/modules/UNKNOWN": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/modules/UNKNOWN");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /modules creates module (201)", async () => {
+  const newModule: Module = { id: "NEW101", nom: "Nouveau Module" };
+  mockFetch({ "/modules": { method: "POST", status: 201, body: newModule } });
+  try {
+    const res = await fetch("http://localhost/api/modules", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(newModule),
+    });
+    assertEquals(res.status, 201);
+    const data: Module = await res.json();
+    assertEquals(data.id, "NEW101");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /modules 409 on duplicate id", async () => {
+  mockFetch({
+    "/modules": {
+      method: "POST",
+      status: 409,
+      body: { error: "Un module avec cet identifiant existe déjà" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/modules", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(modules[0]),
+    });
+    assertEquals(res.status, 409);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /modules 400 on missing fields", async () => {
+  mockFetch({ "/modules": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/modules", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ id: "X" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /modules/:id updates nom", async () => {
+  const updated: Module = { id: "JIN702C", nom: "Optimisation avancée" };
+  mockFetch({
+    "/modules/JIN702C": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/modules/JIN702C", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "Optimisation avancée" }),
+    });
+    assertEquals(res.status, 200);
+    const data: Module = await res.json();
+    assertEquals(data.nom, "Optimisation avancée");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /modules/:id returns 204", async () => {
+  mockFetch({ "/modules/JIN702C": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/modules/JIN702C", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find module by id", () => {
+  const db = createMockDb({ tables: { modules: [...modules] } });
+  const m = db.findOne<Module>("modules", (m) => m.id === "JIN702C");
+  assertExists(m);
+  assertEquals(m.nom, "Optimisation");
+});
+
+Deno.test("mock DB: insert module", () => {
+  const db = createMockDb({ tables: { modules: [...modules] } });
+  db.insert<Module>("modules", { id: "NEW101", nom: "Nouveau" });
+  assertEquals(db.getTable("modules").length, 4);
+});
+
+Deno.test("mock DB: update module nom", () => {
+  const db = createMockDb({ tables: { modules: [...modules] } });
+  db.updateWhere<Module>("modules", (m) => m.id === "JIN702C", {
+    nom: "Updated",
+  });
+  assertEquals(
+    db.findOne<Module>("modules", (m) => m.id === "JIN702C")?.nom,
+    "Updated",
+  );
+});
+
+Deno.test("mock DB: delete module", () => {
+  const db = createMockDb({ tables: { modules: [...modules] } });
+  db.deleteWhere<Module>("modules", (m) => m.id === "JIN702C");
+  assertEquals(db.getTable("modules").length, 2);
+});
@@ -0,0 +1,224 @@
+// Unit tests for /notes endpoints — fixtures, mock API, mock DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Note, notes } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("notes: fixtures have correct shape", () => {
+  assertEquals(notes.length, 4);
+  assertEquals(typeof notes[0].note, "number");
+  assertEquals(typeof notes[0].numEtud, "number");
+  assertEquals(typeof notes[0].idModule, "string");
+});
+
+Deno.test("notes: fixtures use decimal values", () => {
+  assertEquals(notes[0].note, 15.5);
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /notes returns list", async () => {
+  mockFetch({ "/notes": notes });
+  try {
+    const res = await fetch("http://localhost/api/notes");
+    assertEquals(res.status, 200);
+    const data: Note[] = await res.json();
+    assertEquals(data.length, 4);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /notes?numEtud filters by student", async () => {
+  const filtered = notes.filter((n) => n.numEtud === 21212006);
+  mockFetch({ "/notes": filtered });
+  try {
+    const res = await fetch("http://localhost/api/notes?numEtud=21212006");
+    const data: Note[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((n) => n.numEtud === 21212006), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /notes?idModule filters by module", async () => {
+  const filtered = notes.filter((n) => n.idModule === "JIN702C");
+  mockFetch({ "/notes": filtered });
+  try {
+    const res = await fetch("http://localhost/api/notes?idModule=JIN702C");
+    const data: Note[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((n) => n.idModule === "JIN702C"), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /notes?numEtud=NaN returns 400", async () => {
+  mockFetch({ "/notes": { status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/notes?numEtud=abc");
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /notes creates note (201)", async () => {
+  const newNote: Note = { note: 14.0, numEtud: 21212006, idModule: "JIN704C" };
+  mockFetch({ "/notes": { method: "POST", status: 201, body: newNote } });
+  try {
+    const res = await fetch("http://localhost/api/notes", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(newNote),
+    });
+    assertEquals(res.status, 201);
+    const data: Note = await res.json();
+    assertEquals(data.note, 14.0);
+    assertEquals(data.numEtud, 21212006);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /notes 400 on missing fields", async () => {
+  mockFetch({ "/notes": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/notes", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ numEtud: 21212006 }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /notes/:numEtud/:idModule returns note", async () => {
+  mockFetch({ "/notes/21212006/JIN702C": notes[0] });
+  try {
+    const res = await fetch("http://localhost/api/notes/21212006/JIN702C");
+    assertEquals(res.status, 200);
+    const data: Note = await res.json();
+    assertEquals(data.note, 15.5);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /notes/:numEtud/:idModule 404 when not found", async () => {
+  mockFetch({
+    "/notes/99999/GHOST": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/notes/99999/GHOST");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /notes/:numEtud/:idModule updates note", async () => {
+  const updated: Note = { ...notes[0], note: 17.0 };
+  mockFetch({
+    "/notes/21212006/JIN702C": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/notes/21212006/JIN702C", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ note: 17.0 }),
+    });
+    assertEquals(res.status, 200);
+    const data: Note = await res.json();
+    assertEquals(data.note, 17.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /notes/:numEtud/:idModule returns 204", async () => {
+  mockFetch({ "/notes/21212006/JIN702C": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/notes/21212006/JIN702C", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /notes/:numEtud/:idModule 404 when not found", async () => {
+  mockFetch({ "/notes/99999/GHOST": { method: "DELETE", status: 404 } });
+  try {
+    const res = await fetch("http://localhost/api/notes/99999/GHOST", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find note by composite key", () => {
+  const db = createMockDb({ tables: { notes: [...notes] } });
+  const n = db.findOne<Note>(
+    "notes",
+    (n) => n.numEtud === 21212006 && n.idModule === "JIN702C",
+  );
+  assertExists(n);
+  assertEquals(n.note, 15.5);
+});
+
+Deno.test("mock DB: filter notes by numEtud", () => {
+  const db = createMockDb({ tables: { notes: [...notes] } });
+  const rows = db.findMany<Note>("notes", (n) => n.numEtud === 21212006);
+  assertEquals(rows.length, 2);
+});
+
+Deno.test("mock DB: insert note", () => {
+  const db = createMockDb({ tables: { notes: [...notes] } });
+  db.insert<Note>("notes", {
+    note: 10.0,
+    numEtud: 21212006,
+    idModule: "JIN704C",
+  });
+  assertEquals(db.getTable("notes").length, 5);
+});
+
+Deno.test("mock DB: update note value", () => {
+  const db = createMockDb({ tables: { notes: [...notes] } });
+  db.updateWhere<Note>(
+    "notes",
+    (n) => n.numEtud === 21212006 && n.idModule === "JIN702C",
+    { note: 20.0 },
+  );
+  assertEquals(
+    db.findOne<Note>(
+      "notes",
+      (n) => n.numEtud === 21212006 && n.idModule === "JIN702C",
+    )?.note,
+    20.0,
+  );
+});
+
+Deno.test("mock DB: delete note", () => {
+  const db = createMockDb({ tables: { notes: [...notes] } });
+  db.deleteWhere<Note>(
+    "notes",
+    (n) => n.numEtud === 21212006 && n.idModule === "JIN702C",
+  );
+  assertEquals(db.getTable("notes").length, 3);
+});
@@ -0,0 +1,65 @@
+// #115 - Unit tests for GET /permissions
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+
+interface Permission {
+  id: string;
+  nom: string;
+}
+
+const EXPECTED_PERMISSIONS: Permission[] = [
+  { id: "student_read", nom: "Consulter les élèves" },
+  { id: "student_write", nom: "Gérer les élèves" },
+  { id: "note_read", nom: "Consulter les notes" },
+  { id: "note_write", nom: "Gérer les notes" },
+  { id: "module_read", nom: "Consulter les modules" },
+  { id: "module_write", nom: "Gérer les modules" },
+  { id: "user_read", nom: "Consulter les utilisateurs" },
+  { id: "user_write", nom: "Gérer les utilisateurs" },
+  { id: "role_write", nom: "Gérer les rôles" },
+];
+
+Deno.test("permissions: known permission ids", () => {
+  const ids = EXPECTED_PERMISSIONS.map((p) => p.id);
+  assertEquals(ids.includes("student_read"), true);
+  assertEquals(ids.includes("student_write"), true);
+  assertEquals(ids.includes("note_read"), true);
+  assertEquals(ids.includes("role_write"), true);
+  assertEquals(ids.length, 9);
+});
+
+Deno.test("permissions: all permissions have string id and nom", () => {
+  for (const p of EXPECTED_PERMISSIONS) {
+    assertEquals(typeof p.id, "string");
+    assertEquals(typeof p.nom, "string");
+  }
+});
+
+Deno.test("mock API: GET /permissions returns all permissions", async () => {
+  mockFetch({ "/permissions": EXPECTED_PERMISSIONS });
+  try {
+    const res = await fetch("http://localhost/api/permissions");
+    assertEquals(res.status, 200);
+    const data: Permission[] = await res.json();
+    assertEquals(data.length, 9);
+    assertExists(data.find((p) => p.id === "student_read"));
+    assertExists(data.find((p) => p.id === "role_write"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /permissions - each permission has id and nom", async () => {
+  mockFetch({ "/permissions": EXPECTED_PERMISSIONS });
+  try {
+    const res = await fetch("http://localhost/api/permissions");
+    const data: Permission[] = await res.json();
+    for (const p of data) {
+      assertExists(p.id);
+      assertExists(p.nom);
+    }
+  } finally {
+    restoreFetch();
+  }
+});
@@ -0,0 +1,160 @@
+// #110 - Unit tests for /promotions endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Promotion, promotions } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("promotions: fixtures have correct shape", () => {
+  assertEquals(promotions.length, 3);
+  assertEquals(typeof promotions[0].idPromo, "string");
+  assertEquals(typeof promotions[0].annee, "string");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /promotions returns list", async () => {
+  mockFetch({ "/promotions": promotions });
+  try {
+    const res = await fetch("http://localhost/api/promotions");
+    assertEquals(res.status, 200);
+    const data: Promotion[] = await res.json();
+    assertEquals(data.length, 3);
+    assertExists(data.find((p) => p.idPromo === "4AFISE25/26"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /promotions/:id returns one", async () => {
+  mockFetch({ "/promotions/4AFISE25%2F26": promotions[0] });
+  try {
+    const res = await fetch("http://localhost/api/promotions/4AFISE25%2F26");
+    assertEquals(res.status, 200);
+    const data: Promotion = await res.json();
+    assertEquals(data.idPromo, "4AFISE25/26");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /promotions/:id 404 when not found", async () => {
+  mockFetch({
+    "/promotions/UNKNOWN": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/promotions/UNKNOWN");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /promotions creates promotion (201)", async () => {
+  const newPromo: Promotion = { idPromo: "NEW2025", annee: "2025" };
+  mockFetch({ "/promotions": { method: "POST", status: 201, body: newPromo } });
+  try {
+    const res = await fetch("http://localhost/api/promotions", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ idPromo: "NEW2025", annee: "2025" }),
+    });
+    assertEquals(res.status, 201);
+    const data: Promotion = await res.json();
+    assertEquals(data.idPromo, "NEW2025");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /promotions 400 on missing fields", async () => {
+  mockFetch({ "/promotions": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/promotions", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ idPromo: "NEW2025" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /promotions/:id updates promotion", async () => {
+  const updated = { idPromo: "4AFISE25/26", annee: "2026" };
+  mockFetch({
+    "/promotions/4AFISE25%2F26": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/promotions/4AFISE25%2F26", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ annee: "2026" }),
+    });
+    assertEquals(res.status, 200);
+    const data: Promotion = await res.json();
+    assertEquals(data.annee, "2026");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /promotions/:id returns 204", async () => {
+  mockFetch({ "/promotions/4AFISE25%2F26": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/promotions/4AFISE25%2F26", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find promotion by idPromo", () => {
+  const db = createMockDb({ tables: { promotions: [...promotions] } });
+  const p = db.findOne<Promotion>(
+    "promotions",
+    (r) => r.idPromo === "4AFISE25/26",
+  );
+  assertExists(p);
+  assertEquals(p.annee, "2025");
+});
+
+Deno.test("mock DB: insert promotion", () => {
+  const db = createMockDb({ tables: { promotions: [...promotions] } });
+  db.insert<Promotion>("promotions", { idPromo: "NEW2025", annee: "2025" });
+  assertEquals(db.getTable("promotions").length, 4);
+});
+
+Deno.test("mock DB: update promotion annee", () => {
+  const db = createMockDb({ tables: { promotions: [...promotions] } });
+  db.updateWhere<Promotion>(
+    "promotions",
+    (p) => p.idPromo === "4AFISE25/26",
+    { annee: "2026" },
+  );
+  assertEquals(
+    db.findOne<Promotion>("promotions", (p) => p.idPromo === "4AFISE25/26")
+      ?.annee,
+    "2026",
+  );
+});
+
+Deno.test("mock DB: delete promotion", () => {
+  const db = createMockDb({ tables: { promotions: [...promotions] } });
+  const count = db.deleteWhere<Promotion>(
+    "promotions",
+    (p) => p.idPromo === "4AFISE25/26",
+  );
+  assertEquals(count, 1);
+  assertEquals(db.getTable("promotions").length, 2);
+});
@@ -0,0 +1,159 @@
+// #112 - Unit tests for /roles endpoints
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+
+interface Role {
+  id: number;
+  nom: string;
+  permissions: string[];
+}
+
+const roles: Role[] = [
+  { id: 1, nom: "admin", permissions: ["student_read", "student_write"] },
+  { id: 2, nom: "employee", permissions: ["student_read"] },
+];
+
+// --- Fixtures ---
+
+Deno.test("roles: fixtures have correct shape", () => {
+  assertEquals(roles.length, 2);
+  assertEquals(typeof roles[0].id, "number");
+  assertEquals(typeof roles[0].nom, "string");
+  assertEquals(Array.isArray(roles[0].permissions), true);
+});
+
+Deno.test("roles: permissions are strings", () => {
+  assertEquals(roles[0].permissions.every((p) => typeof p === "string"), true);
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /roles returns list with permissions", async () => {
+  mockFetch({ "/roles": roles });
+  try {
+    const res = await fetch("http://localhost/api/roles");
+    assertEquals(res.status, 200);
+    const data: Role[] = await res.json();
+    assertEquals(data.length, 2);
+    assertExists(data.find((r) => r.nom === "admin"));
+    assertEquals(data[0].permissions.length, 2);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /roles/:id returns role", async () => {
+  mockFetch({ "/roles/1": roles[0] });
+  try {
+    const res = await fetch("http://localhost/api/roles/1");
+    assertEquals(res.status, 200);
+    const data: Role = await res.json();
+    assertEquals(data.nom, "admin");
+    assertEquals(data.permissions.length, 2);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /roles/:id 404 when not found", async () => {
+  mockFetch({
+    "/roles/99": { status: 404, body: { error: "Ressource introuvable" } },
+  });
+  try {
+    const res = await fetch("http://localhost/api/roles/99");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /roles creates role (201)", async () => {
+  const newRole: Role = { id: 3, nom: "viewer", permissions: [] };
+  mockFetch({ "/roles": { method: "POST", status: 201, body: newRole } });
+  try {
+    const res = await fetch("http://localhost/api/roles", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "viewer" }),
+    });
+    assertEquals(res.status, 201);
+    const data: Role = await res.json();
+    assertEquals(data.nom, "viewer");
+    assertEquals(data.permissions.length, 0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /roles 400 on missing nom", async () => {
+  mockFetch({ "/roles": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/roles", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({}),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /roles/:id updates role and permissions", async () => {
+  const updated: Role = { id: 2, nom: "teacher", permissions: ["note_read"] };
+  mockFetch({ "/roles/2": { method: "PUT", status: 200, body: updated } });
+  try {
+    const res = await fetch("http://localhost/api/roles/2", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "teacher", permissions: ["note_read"] }),
+    });
+    assertEquals(res.status, 200);
+    const data: Role = await res.json();
+    assertEquals(data.nom, "teacher");
+    assertEquals(data.permissions, ["note_read"]);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /roles/:id returns 204", async () => {
+  mockFetch({ "/roles/2": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/roles/2", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find role by id", () => {
+  const db = createMockDb({ tables: { roles: [...roles] } });
+  const r = db.findOne<Role>("roles", (r) => r.id === 1);
+  assertExists(r);
+  assertEquals(r.nom, "admin");
+});
+
+Deno.test("mock DB: insert role", () => {
+  const db = createMockDb({ tables: { roles: [...roles] } });
+  db.insert<Role>("roles", { id: 3, nom: "viewer", permissions: [] });
+  assertEquals(db.getTable("roles").length, 3);
+});
+
+Deno.test("mock DB: update role nom", () => {
+  const db = createMockDb({ tables: { roles: [...roles] } });
+  db.updateWhere<Role>("roles", (r) => r.id === 2, { nom: "teacher" });
+  assertEquals(db.findOne<Role>("roles", (r) => r.id === 2)?.nom, "teacher");
+});
+
+Deno.test("mock DB: delete role", () => {
+  const db = createMockDb({ tables: { roles: [...roles] } });
+  db.deleteWhere<Role>("roles", (r) => r.id === 1);
+  assertEquals(db.getTable("roles").length, 1);
+});
@@ -0,0 +1,216 @@
+// #109 - Unit tests for /students endpoints
+// Tests purs : fixtures, mock API, mock DB — aucun appel réseau réel
+
+import { assertEquals, assertExists } from "@std/assert";
+import { getFetchCalls, mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type Student, students } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("students: fixtures have correct shape", () => {
+  assertEquals(students.length, 3);
+  assertEquals(typeof students[0].numEtud, "number");
+  assertEquals(typeof students[0].nom, "string");
+  assertEquals(typeof students[0].prenom, "string");
+  assertEquals(typeof students[0].idPromo, "string");
+});
+
+Deno.test("students: two students belong to the same promo", () => {
+  const promo4 = students.filter((s) => s.idPromo === "4AFISE25/26");
+  assertEquals(promo4.length, 2);
+});
+
+// --- Mock API - GET /students ---
+
+Deno.test("mock API: GET /students returns list", async () => {
+  mockFetch({ "/students": students });
+  try {
+    const res = await fetch("http://localhost/api/students");
+    assertEquals(res.status, 200);
+    const data: Student[] = await res.json();
+    assertEquals(data.length, 3);
+    assertExists(data.find((s) => s.nom === "Dupont"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students?idPromo filters by promo", async () => {
+  const filtered = students.filter((s) => s.idPromo === "4AFISE25/26");
+  mockFetch({ "/students": filtered });
+  try {
+    const res = await fetch(
+      "http://localhost/api/students?idPromo=4AFISE25/26",
+    );
+    const data: Student[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((s) => s.idPromo === "4AFISE25/26"), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students/:numEtud returns one student", async () => {
+  mockFetch({ "/students/21212006": students[0] });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006");
+    assertEquals(res.status, 200);
+    const data: Student = await res.json();
+    assertEquals(data.numEtud, 21212006);
+    assertEquals(data.nom, "Dupont");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /students/:numEtud 404 when not found", async () => {
+  mockFetch({
+    "/students/99999": {
+      status: 404,
+      body: { error: "Ressource introuvable" },
+    },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/99999");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /students creates student", async () => {
+  const newStudent = students[0];
+  mockFetch({ "/students": { method: "POST", status: 201, body: newStudent } });
+  try {
+    const res = await fetch("http://localhost/api/students", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        nom: "Dupont",
+        prenom: "Jean",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 201);
+    const data: Student = await res.json();
+    assertEquals(data.nom, "Dupont");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /students/:numEtud updates student", async () => {
+  const updated = { ...students[0], nom: "Dupont-Modifié" };
+  mockFetch({
+    "/students/21212006": { method: "PUT", status: 200, body: updated },
+  });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        nom: "Dupont-Modifié",
+        prenom: "Jean",
+        idPromo: "4AFISE25/26",
+      }),
+    });
+    assertEquals(res.status, 200);
+    const data: Student = await res.json();
+    assertEquals(data.nom, "Dupont-Modifié");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /students/:numEtud returns 204", async () => {
+  mockFetch({ "/students/21212006": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/students/21212006", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /students 400 on missing fields", async () => {
+  mockFetch({ "/students": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/students", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "Test" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find student by numEtud", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const s = db.findOne<Student>("students", (r) => r.numEtud === 21212006);
+  assertExists(s);
+  assertEquals(s.nom, "Dupont");
+});
+
+Deno.test("mock DB: filter students by idPromo", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const rows = db.findMany<Student>(
+    "students",
+    (s) => s.idPromo === "4AFISE25/26",
+  );
+  assertEquals(rows.length, 2);
+});
+
+Deno.test("mock DB: insert student increments count", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  db.insert<Student>("students", {
+    numEtud: 21212099,
+    nom: "Test",
+    prenom: "Ing",
+    idPromo: "4AFISE25/26",
+  });
+  assertEquals(db.getTable("students").length, 4);
+});
+
+Deno.test("mock DB: update student nom", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const count = db.updateWhere<Student>(
+    "students",
+    (s) => s.numEtud === 21212006,
+    { nom: "Nouveau" },
+  );
+  assertEquals(count, 1);
+  assertEquals(
+    db.findOne<Student>("students", (s) => s.numEtud === 21212006)?.nom,
+    "Nouveau",
+  );
+});
+
+Deno.test("mock DB: delete student removes exactly one", () => {
+  const db = createMockDb({ tables: { students: [...students] } });
+  const count = db.deleteWhere<Student>(
+    "students",
+    (s) => s.numEtud === 21212006,
+  );
+  assertEquals(count, 1);
+  assertEquals(db.getTable("students").length, 2);
+});
+
+Deno.test("mock API: getFetchCalls tracks student requests", async () => {
+  mockFetch({ "/students": students });
+  try {
+    await fetch("http://localhost/api/students");
+    await fetch("http://localhost/api/students?idPromo=4AFISE25/26");
+    const calls = getFetchCalls();
+    assertEquals(calls.length, 2);
+    assertEquals(calls[0].method, "GET");
+  } finally {
+    restoreFetch();
+  }
+});
@@ -0,0 +1,222 @@
+// Unit tests for /ue-modules endpoints — fixtures, mock API, mock DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type UeModule, ueModules } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("ue_modules: fixtures have correct shape", () => {
+  assertEquals(ueModules.length, 3);
+  assertEquals(typeof ueModules[0].idModule, "string");
+  assertEquals(typeof ueModules[0].idUE, "number");
+  assertEquals(typeof ueModules[0].idPromo, "string");
+  assertEquals(typeof ueModules[0].coeff, "number");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /ue-modules returns list", async () => {
+  mockFetch({ "/ue-modules": ueModules });
+  try {
+    const res = await fetch("http://localhost/api/ue-modules");
+    assertEquals(res.status, 200);
+    const data: UeModule[] = await res.json();
+    assertEquals(data.length, 3);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ue-modules?idPromo filters by promo", async () => {
+  const filtered = ueModules.filter((u) => u.idPromo === "4AFISE25/26");
+  mockFetch({ "/ue-modules": filtered });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ue-modules?idPromo=4AFISE25%2F26",
+    );
+    const data: UeModule[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((u) => u.idPromo === "4AFISE25/26"), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ue-modules?idUE filters by UE", async () => {
+  const filtered = ueModules.filter((u) => u.idUE === 1);
+  mockFetch({ "/ue-modules": filtered });
+  try {
+    const res = await fetch("http://localhost/api/ue-modules?idUE=1");
+    const data: UeModule[] = await res.json();
+    assertEquals(data.length, 2);
+    assertEquals(data.every((u) => u.idUE === 1), true);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ue-modules creates association (201)", async () => {
+  const newUeModule: UeModule = {
+    idModule: "JIN705C",
+    idUE: 2,
+    idPromo: "3AFISE25/26",
+    coeff: 3.0,
+  };
+  mockFetch({
+    "/ue-modules": { method: "POST", status: 201, body: newUeModule },
+  });
+  try {
+    const res = await fetch("http://localhost/api/ue-modules", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify(newUeModule),
+    });
+    assertEquals(res.status, 201);
+    const data: UeModule = await res.json();
+    assertEquals(data.idModule, "JIN705C");
+    assertEquals(data.coeff, 3.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ue-modules 400 on missing fields", async () => {
+  mockFetch({ "/ue-modules": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/ue-modules", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ idModule: "X" }),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ue-modules/:idModule/:idUE/:idPromo returns association (employee)", async () => {
+  mockFetch({ "/ue-modules/JIN702C/1/4AFISE25": ueModules[0] });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ue-modules/JIN702C/1/4AFISE25%2F26",
+    );
+    assertEquals(res.status, 200);
+    const data: UeModule = await res.json();
+    assertEquals(data.coeff, 3.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ue-modules/:idModule/:idUE/:idPromo 403 for non-employee", async () => {
+  mockFetch({ "/ue-modules/JIN702C/1/4AFISE25": { status: 403 } });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ue-modules/JIN702C/1/4AFISE25%2F26",
+    );
+    assertEquals(res.status, 403);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /ue-modules/:idModule/:idUE/:idPromo updates coeff", async () => {
+  const updated: UeModule = { ...ueModules[0], coeff: 5.0 };
+  mockFetch({
+    "/ue-modules/JIN702C/1/4AFISE25": {
+      method: "PUT",
+      status: 200,
+      body: updated,
+    },
+  });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ue-modules/JIN702C/1/4AFISE25%2F26",
+      {
+        method: "PUT",
+        headers: { "content-type": "application/json" },
+        body: JSON.stringify({ coeff: 5.0 }),
+      },
+    );
+    assertEquals(res.status, 200);
+    const data: UeModule = await res.json();
+    assertEquals(data.coeff, 5.0);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /ue-modules/:idModule/:idUE/:idPromo returns 204", async () => {
+  mockFetch({
+    "/ue-modules/JIN702C/1/4AFISE25": { method: "DELETE", status: 204 },
+  });
+  try {
+    const res = await fetch(
+      "http://localhost/api/ue-modules/JIN702C/1/4AFISE25%2F26",
+      { method: "DELETE" },
+    );
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find ue-module by composite key", () => {
+  const db = createMockDb({ tables: { ueModules: [...ueModules] } });
+  const u = db.findOne<UeModule>(
+    "ueModules",
+    (u) =>
+      u.idModule === "JIN702C" && u.idUE === 1 && u.idPromo === "4AFISE25/26",
+  );
+  assertExists(u);
+  assertEquals(u.coeff, 3.0);
+});
+
+Deno.test("mock DB: filter ue-modules by promo", () => {
+  const db = createMockDb({ tables: { ueModules: [...ueModules] } });
+  const rows = db.findMany<UeModule>(
+    "ueModules",
+    (u) => u.idPromo === "4AFISE25/26",
+  );
+  assertEquals(rows.length, 2);
+});
+
+Deno.test("mock DB: insert ue-module", () => {
+  const db = createMockDb({ tables: { ueModules: [...ueModules] } });
+  db.insert<UeModule>("ueModules", {
+    idModule: "JIN705C",
+    idUE: 2,
+    idPromo: "3AFISE25/26",
+    coeff: 1.5,
+  });
+  assertEquals(db.getTable("ueModules").length, 4);
+});
+
+Deno.test("mock DB: update ue-module coeff", () => {
+  const db = createMockDb({ tables: { ueModules: [...ueModules] } });
+  db.updateWhere<UeModule>(
+    "ueModules",
+    (u) => u.idModule === "JIN702C" && u.idUE === 1,
+    { coeff: 6.0 },
+  );
+  assertEquals(
+    db.findOne<UeModule>(
+      "ueModules",
+      (u) => u.idModule === "JIN702C" && u.idUE === 1,
+    )?.coeff,
+    6.0,
+  );
+});
+
+Deno.test("mock DB: delete ue-module", () => {
+  const db = createMockDb({ tables: { ueModules: [...ueModules] } });
+  db.deleteWhere<UeModule>(
+    "ueModules",
+    (u) => u.idModule === "JIN702C" && u.idUE === 1,
+  );
+  assertEquals(db.getTable("ueModules").length, 2);
+});
@@ -0,0 +1,164 @@
+// Unit tests for /ues endpoints — fixtures, mock API, mock DB
+
+import { assertEquals, assertExists } from "@std/assert";
+import { mockFetch, restoreFetch } from "../helpers/api_mock.ts";
+import { createMockDb } from "../helpers/db_mock.ts";
+import { type UE, ues } from "../helpers/fixtures.ts";
+
+// --- Fixtures ---
+
+Deno.test("ues: fixtures have correct shape", () => {
+  assertEquals(ues.length, 2);
+  assertEquals(typeof ues[0].id, "number");
+  assertEquals(typeof ues[0].nom, "string");
+});
+
+// --- Mock API ---
+
+Deno.test("mock API: GET /ues returns list", async () => {
+  mockFetch({ "/ues": ues });
+  try {
+    const res = await fetch("http://localhost/api/ues");
+    assertEquals(res.status, 200);
+    const data: UE[] = await res.json();
+    assertEquals(data.length, 2);
+    assertExists(data.find((u) => u.nom === "UE Informatique"));
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ues/:id returns one UE", async () => {
+  mockFetch({ "/ues/1": ues[0] });
+  try {
+    const res = await fetch("http://localhost/api/ues/1");
+    assertEquals(res.status, 200);
+    const data: UE = await res.json();
+    assertEquals(data.id, 1);
+    assertEquals(data.nom, "UE Informatique");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: GET /ues/:id 404 when not found", async () => {
+  mockFetch({
+    "/ues/99": { status: 404, body: { error: "Ressource introuvable" } },
+  });
+  try {
+    const res = await fetch("http://localhost/api/ues/99");
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ues creates UE (201)", async () => {
+  const newUE: UE = { id: 3, nom: "UE Physique" };
+  mockFetch({ "/ues": { method: "POST", status: 201, body: newUE } });
+  try {
+    const res = await fetch("http://localhost/api/ues", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "UE Physique" }),
+    });
+    assertEquals(res.status, 201);
+    const data: UE = await res.json();
+    assertEquals(data.nom, "UE Physique");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: POST /ues 400 on missing nom", async () => {
+  mockFetch({ "/ues": { method: "POST", status: 400 } });
+  try {
+    const res = await fetch("http://localhost/api/ues", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({}),
+    });
+    assertEquals(res.status, 400);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /ues/:id updates nom", async () => {
+  const updated: UE = { id: 1, nom: "UE Informatique avancée" };
+  mockFetch({ "/ues/1": { method: "PUT", status: 200, body: updated } });
+  try {
+    const res = await fetch("http://localhost/api/ues/1", {
+      method: "PUT",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nom: "UE Informatique avancée" }),
+    });
+    assertEquals(res.status, 200);
+    const data: UE = await res.json();
+    assertEquals(data.nom, "UE Informatique avancée");
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: PUT /ues/:id 404 when not found", async () => {
+  mockFetch({ "/ues/99": { method: "PUT", status: 404 } });
+  try {
+    const res = await fetch("http://localhost/api/ues/99", {
+      method: "PUT",
+      body: JSON.stringify({ nom: "X" }),
+    });
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /ues/:id returns 204", async () => {
+  mockFetch({ "/ues/1": { method: "DELETE", status: 204 } });
+  try {
+    const res = await fetch("http://localhost/api/ues/1", { method: "DELETE" });
+    assertEquals(res.status, 204);
+  } finally {
+    restoreFetch();
+  }
+});
+
+Deno.test("mock API: DELETE /ues/:id 404 when not found", async () => {
+  mockFetch({ "/ues/99": { method: "DELETE", status: 404 } });
+  try {
+    const res = await fetch("http://localhost/api/ues/99", {
+      method: "DELETE",
+    });
+    assertEquals(res.status, 404);
+  } finally {
+    restoreFetch();
+  }
+});
+
+// --- Mock DB ---
+
+Deno.test("mock DB: find UE by id", () => {
+  const db = createMockDb({ tables: { ues: [...ues] } });
+  const u = db.findOne<UE>("ues", (u) => u.id === 1);
+  assertExists(u);
+  assertEquals(u.nom, "UE Informatique");
+});
+
+Deno.test("mock DB: insert UE", () => {
+  const db = createMockDb({ tables: { ues: [...ues] } });
+  db.insert<UE>("ues", { id: 3, nom: "UE Physique" });
+  assertEquals(db.getTable("ues").length, 3);
+});
+
+Deno.test("mock DB: update UE nom", () => {
+  const db = createMockDb({ tables: { ues: [...ues] } });
+  db.updateWhere<UE>("ues", (u) => u.id === 1, { nom: "Updated" });
+  assertEquals(db.findOne<UE>("ues", (u) => u.id === 1)?.nom, "Updated");
+});
+
+Deno.test("mock DB: delete UE", () => {
+  const db = createMockDb({ tables: { ues: [...ues] } });
+  db.deleteWhere<UE>("ues", (u) => u.id === 1);
+  assertEquals(db.getTable("ues").length, 1);
+});
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -e
+
+# Default output path
+OUTPUT_PATH="${HOME}/.deno/bin/pmpr"
+
+# Ensure directory exists
+mkdir -p "$(dirname "$OUTPUT_PATH")"
+
+# Check if we are on a system that needs patching (like NixOS)
+IS_NIXOS=false
+if [ "$(uname)" = "Linux" ]; then
+    if [ ! -f /lib64/ld-linux-x86-64.so.2 ] || ls -l /lib64/ld-linux-x86-64.so.2 | grep -q "stub-ld"; then
+        IS_NIXOS=true
+    fi
+fi
+
+if [ "$IS_NIXOS" = true ]; then
+    echo "NixOS detected. Creating a wrapper script instead of a compiled binary to avoid linking issues with Deno."
+    # Use absolute paths for config and script to make it work from anywhere
+    PROJECT_ROOT="$(pwd)"
+    cat > "$OUTPUT_PATH" <<EOF
+#!/usr/bin/env bash
+# PolyMPR CLI Wrapper for Nix
+exec deno run -A --config "$PROJECT_ROOT/deno.json" "$PROJECT_ROOT/toolbox/cli.ts" "\$@"
+EOF
+    chmod +x "$OUTPUT_PATH"
+    echo "Wrapper created at $OUTPUT_PATH"
+else
+    echo "Compiling CLI to $OUTPUT_PATH..."
+    deno compile -A --output "$OUTPUT_PATH" toolbox/cli.ts
+    echo "Done."
+fi