Skip to content

ProjectWork - Postgres database with and

Notifications You must be signed in to change notification settings


Folders and files

Last commit message
Last commit date

Latest commit

Denis Petrin
Jul 13, 2022
f0e77b5 · Jul 13, 2022
Jul 7, 2022
Jul 13, 2022
Jul 13, 2022
Jun 9, 2022
Jun 9, 2022
Jul 13, 2022
Jun 9, 2022
Jun 9, 2022
Jun 16, 2022
Jun 9, 2022
Jul 10, 2022
Jul 13, 2022
Jul 8, 2022
Jul 8, 2022
Jun 9, 2022
Jun 9, 2022
Jun 9, 2022

Repository files navigation

project work


This repo contains a project with a Postgresql database queried with

The backend also exposes API routes in the /api/v1 folder.

All requests to the API routes, except for the /api/v1/.../login API route , must have the authorization header set with the token in the form:

const headers = {
  authorization: `Bearer <jwt>`,

All API routes accept only application/json as Content-Type in body request and return application/json as Content-Type in response body.

⚠️ please note that the null value could possibly be returned as body response of a 200 or 204 response

start dev database server

A docker-compose.yaml file can be found in the project that starts a postgresql server.

Setup your .env file like the .env.example.

In order to start the dev database server, run:

⚠️ please note that we use the latest version of Docker that already has compose, not docker-compose

$ npm run dev:docker

To stop the database server run npm run dev:docker:stop.

make changes to database

The prisma model for the database can be found here.

Once a change is made, run:

$ npm run db:push

This will overwrite all existings data in your database, and setup a new library.

The connection to the database is handled by this helper, for example:

import { database } from "~/helpers/db-helper.server";

  data: {
    firstName: "Saul",
    lastName: "Goodman",

ℹ️ Migrations are work in progress

prisma studio

A great utility is the prisma studio package that should be already installed.

In order to run the prisma studio utility, run:

  • Linux/MacOS

    $ npm run dev:prisma
  • Windows

    $ DATABASE_URL="postresql://<user>:<password>@<host>:<port>/<db>" npx prisma studio

API docs



POST /api/v1/ecommerce/customers

Create a new customer

Required Headers:

Content-Type: application/json

Required Body:

  "email": "",
  "password": "password",
  "firstName": "John",
  "lastName": "Doe",
  "billingAddressId": "cl52gilrq0059g4jjj50ffvdg",
  "shippingAddressId": "cl4zoemig0036l2jjv0efdted"


  • email must have a valid email address syntax
  • password must have at least 8 characters


  "id": "",
  "email": "",
  "password": "password",
  "createdAt": "1970-01-01T00:00:00.000Z",
  "updatedAt": "1970-01-01T00:00:00.000Z",
  "firstName": "John",
  "lastName": "Doe",
  "billingAddressId": "cl52gilrq0059g4jjj50ffvdg",
  "shippingAddressId": "cl4zoemig0036l2jjv0efdted"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
405 Method Not Allowed The request method is not POST

PATCH /api/v1/ecommerce/customers

Update customer info

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid customer id

Required Body:

  "customer": {
    "email": "",
    "password": "password",
    "firstName": "John",
    "lastName": "Doe"


  • email must have a valid email address syntax
  • password must have at least 8 characters


  "id": "",
  "email": "",
  "password": "password",
  "createdAt": "1970-01-01T00:00:00.000Z",
  "updatedAt": "1970-01-01T00:00:00.000Z",
  "firstName": "John",
  "lastName": "Doe",
  "billingAddressId": "cl52gilrq0059g4jjj50ffvdg",
  "shippingAddressId": "cl4zoemig0036l2jjv0efdted"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
404 Not Found Customer not found
405 Method Not Allowed The request method is not PATCH

DELETE /api/v1/ecommerce/customers

Delete a customer

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid customer id


  "id": "",
  "email": "",
  "password": "password",
  "createdAt": "1970-01-01T00:00:00.000Z",
  "updatedAt": "1970-01-01T00:00:00.000Z",
  "firstName": "John",
  "lastName": "Doe",
  "billingAddressId": "cl52gilrq0059g4jjj50ffvdg",
  "shippingAddressId": "cl4zoemig0036l2jjv0efdted"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Customer not found
405 Method Not Allowed The request method is not PATCH

POST /api/v1/ecommerce/customers/creditCard

Create a customer credit card

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid customer id

Required Body:

  "creditCard": {
    "number": 1234567887654321,
    "expMonthDate": 1,
    "expoYearDate": 1970,
    "secretCode": 123


  • number must be positive
  • expMonthDate must be between 1 and 12
  • expYearDate must be greater than 1970
  • secretCode must be positive


  "id": "cl5atk1nr002506jjot8atd5p",
  "number": 1234567887654321,
  "expMonthDate": 1,
  "expoYearDate": 1970,
  "secretCode": 123

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Customer not found
405 Method Not Allowed The request method is not POST

POST /api/v1/ecommerce/customers/login

Get a valid jwt for a customer

Required Headers:

Content-Type: application/json

Required Body:

  "email": "",
  "password": "password"


  • email must have a valid email address syntax


  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
404 Not found User not found
405 Method Not Allowed The request method is not POST


POST /api/v1/ecommerce/orders

Creates an order given the id of the customer and a list of product id with relative quantity

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>

Required Body:

  "customerId": "cl5apl7c00037xhjjm5hela3m",
  "products": [
      "productId": "cl4zoemig0036l2jjv0efdted",
      "quantity": 2
      "productId": "cl5ar5z3y0051cujjz0cq3jo7",
      "quantity": 1


  • customerId must be a valid cuid
  • productId must be a valid cuid
  • quantity must be a positive number


  "id": "cl4vfbh0u00009xjjvk2btxym",
  "status": "ORDERED",
  "orderedAt": "2022-06-26T14:45:56.334Z",
  "shippedAt": null,
  "deliveredAt": null,
  "customerId": "cl4qrmvvf0278tcjjl1zu8g6a"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid or the customerId do not exist
401 Unauthorized Authentication credentials not valid
404 Not Found The productId(s) provided do not exist
405 Method Not Allowed The request method is not POST


Active Product

GET /api/v1/warehouse/activeProducts

Get all the active products

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "products": [
      "id": "cl4zoemig0036l2jjv0efdted",
      "status": "ACTIVE",
      "customerId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/activeProducts

Create a new Active Product

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "customerId": "c00p6qup20000ckkzslahp5pn"


  • customerId must be a valid cuid


  "id": "cl4zoemig0036l2jjv0efdted",
  "status": "ACTIVE",
  "customerId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not POST

PATCH /api/v1/warehouse/activeProducts

Update an Active Product status

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "activeProductInstanceId": "cl4zoemig0036l2jjv0efdted",
  "status": "ACTIVE"


  • activeProductInsanceId must be a valid cuid
  • status must be a valid ActiveProductInstanceStatus


  "id": "cl4zoemig0036l2jjv0efdted",
  "status": "ACTIVE",
  "customerId": "c00p6qup20000ckkzslahp5pn"

DELETE /api/v1/warehouse/activeProducts

Delete an Active Product

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "activeProductInstanceId": "cl4zoemig0036l2jjv0efdted"


  • activeProductInsanceId must be a valid cuid


  "id": "cl4zoemig0036l2jjv0efdted",
  "status": "ACTIVE",
  "customerId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not PATCH

GET /api/v1/warehouse/activeProducts/{activeProductInstanceId}

Get the active product with the specific activeProductInstanceId

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role


    "id": "cl4zoemig0036l2jjv0efdted",
    "status": "ACTIVE",
    "customerId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not GET


GET /api/v1/warehouse/customers

Get all the customers

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "customers": [
      "id": "c00p6qup20000ckkzslahp5pn",
      "email": "",
      "password": "hashedpassword",
      "createdAt": "1970-01-01T00:00:00.000Z",
      "updatedAt": "1970-01-01T00:00:00.000Z",
      "firstName": "John",
      "lastName": "Doe",
      "billingAddressId": "ch72gsb320000udocl363eofy",
      "shippingAddressId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

GET /api/v1/warehouse/customers/{customerId}

Get a specific customer

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


    "id": "c00p6qup20000ckkzslahp5pn",

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

DELETE /api/v1/warehouse/customers/{customerId}

Delete a specific customer

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


    "id": "c00p6qup20000ckkzslahp5pn",

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Customer not found
405 Method Not Allowed The request method is not GET

GET /api/v1/warehouse/customers/{customerId}/activeProducts

Get a specific customer's Active Products

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "activeProducts": [
      "status": "",
      "id": "c00p6qup20000ckkzslahp5pn",
      "model": ""

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Customer has no Active Products
405 Method Not Allowed The request method is not GET

GET /api/v1/warehouse/customers/{customerId}/orders

Get a specific customer's Orders

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "orders": [
      "id": "c00p6qup20000ckkzslahp5pn",
      "status": "ORDERED",
      "orderedAt": "1970-01-01T00:00:00.000Z",
      "shippedAt": "1970-01-01T00:00:00.000Z",
      "deliveredAt": "1970-01-01T00:00:00.000Z",
      "customerId": "c00p6qup20000ckkzslahp5pn"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Customer has no Orders
405 Method Not Allowed The request method is not GET


GET /api/v1/warehouse/employees

List all the employees

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role


  "employees": [
      "id": "",
      "email": "",
      "createdAt": "",
      "updatedAt": "",
      "firstName": "",
      "lastName": "",
      "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not METHOD

POST /api/v1/warehouse/employees

Create a new employee

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "email": "",
  "password": "",
  "firstName": "",
  "lastName": "",
  "role": ""


  • role must be a valid Role


  "id": "",
  "email": "",
  "createdAt": "",
  "updatedAt": "",
  "firstName": "",
  "lastName": "",
  "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not POST

POST /api/v1/warehouse/employees/login

Get a valid jwt for an employee

Required Headers:

Content-Type: application/json

Required Body:

  "email": "",
  "password": "password"


  • email must have a valid email address syntax


  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
405 Method Not Allowed The request method is not POST

GET /api/v1/warehouse/employees/me

Get information about the current employee

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "id": "",
  "email": "",
  "password": "",
  "createdAt": "",
  "updatedAt": "",
  "firstName": "",
  "lastName": "",
  "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

GET /api/v1/warehouse/employees/{employeeId}

Get information about a specific employee

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "employee": {
    "id": "ch72gsb320000udocl363eofy",
    "email": "",
    "password": "988119d6cca702beb1748f4eb497e316467f69580ffa125aa8bcb6fb63dce237",
    "createdAt": "01-01-1970-00:00:00",
    "updatedAt": "01-01-1970-00:00:00",
    "firstName": "John",
    "lastName": "Doe",
    "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

PATCH /api/v1/warehouse/employees/{employeeId}

Get information about a specific employee

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "id": "",
  "email": "",
  "password": "",
  "createdAt": "",
  "updatedAt": "",
  "firstName": "",
  "lastName": "",
  "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not PATCH

DELETE /api/v1/warehouse/employees/{employeeId}

Delete a specific employee

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role


  "id": "",
  "email": "",
  "password": "",
  "createdAt": "",
  "updatedAt": "",
  "firstName": "",
  "lastName": "",
  "role": "ADMIN"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Employee not found
405 Method Not Allowed The request method is not DELETE


GET /api/v1/warehouse/orders

Retrieves the complete list of orders.

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "orders": [
    "id": "cl4qrncms0334tcjj75gn06tv",
    "status": "ORDERED",
    "orderedAt": "1970-01-01T00:00:00.000Z",
    "shippedAt": null,
    "deliveredAt": null,
    "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
    "productInstances": [
        "id": "cl52gilrq0059g4jjj50ffvdg",
        "status": "SOLD",
        "orderId": "cl5atk1nr002506jjot8atd5p",
        "productId": "cl4zoemig0036l2jjv0efdted",
        "product": {
          "id": "cl4zoemig0036l2jjv0efdted",
          "model": "Test Product",
          "imageUrl": "/path/to/image",
          "description": "Test Description",
          "color": "Blue",
          "size": "M",
          "price": 19.99,
          "createdAt": "1970-01-01T00:00:00.000Z",
          "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not DELETE

GET /api/v1/warehouse/orders/{id}

Retrieves a single order

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "id": "1970-01-01T00:00:00.000Z",
  "status": "ORDERED",
  "orderedAt": "1970-01-01T00:00:00.000Z",
  "shippedAt": null,
  "deliveredAt": null,
  "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
  "productInstances": [
      "id": "cl52gilrq0059g4jjj50ffvdg",
      "status": "SOLD",
      "orderId": "cl5atk1nr002506jjot8atd5p",
      "productId": "cl4zoemig0036l2jjv0efdted",
      "product": {
        "id": "cl4zoemig0036l2jjv0efdted",
        "model": "Test Product",
        "imageUrl": "/path/to/image",
        "description": "Test Description",
        "color": "Blue",
        "size": "M",
        "price": 19.99,
        "createdAt": "1970-01-01T00:00:00.000Z",
        "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Order not found
405 Method Not Allowed The request method is not GET

PATCH /api/v1/warehouse/orders/{id}

Update an order

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "status": "DELIVERED",
  "shippedAt": "1970-01-01T00:00:00.000Z",
  "deliveredAt": "1970-01-01T00:00:00.000Z"


  • id must be a valid cuid
  • status must be a valid status


  "id": "cl4vfbh0u00009xjjvk2btxym",
  "status": "ORDERED",
  "orderedAt": "1970-01-01T00:00:00.000Z",
  "shippedAt": "1970-01-01T00:00:00.000Z",
  "deliveredAt": "1970-01-01T00:00:00.000Z",
  "customerId": "cl4qrmvvf0278tcjjl1zu8g6a"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
403 Forbidden User has not enough rights to access the resource
404 Not Found The order do not exist
405 Method Not Allowed The request method is not PATCH


Set an order status to CANCELLED.

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee


  "id": "cl4vfbh0u00009xjjvk2btxym",
  "status": "CANCELLED",
  "orderedAt": "1970-01-01T00:00:00.000Z",
  "shippedAt": "1970-01-01T00:00:00.000Z",
  "deliveredAt": "1970-01-01T00:00:00.000Z",
  "customerId": "cl4qrmvvf0278tcjjl1zu8g6a"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
403 Forbidden User has not enough rights to access the resource
404 Not Found The order do not exist
405 Method Not Allowed The request method is not DELETE

GET /api/v1/warehouse/orders//by-status/{status}

Get a list of orders that match the given status

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "orders": [
    "id": "cl4qrncms0334tcjj75gn06tv",
    "status": "ORDERED",
    "orderedAt": "1970-01-01T00:00:00.000Z",
    "shippedAt": null,
    "deliveredAt": null,
    "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
    "productInstances": [
        "id": "cl52gilrq0059g4jjj50ffvdg",
        "status": "SOLD",
        "orderId": "cl5atk1nr002506jjot8atd5p",
        "productId": "cl4zoemig0036l2jjv0efdted",
        "product": {
          "id": "cl4zoemig0036l2jjv0efdted",
          "model": "Test Product",
          "imageUrl": "/path/to/image",
          "description": "Test Description",
          "color": "Blue",
          "size": "M",
          "price": 19.99,
          "createdAt": "1970-01-01T00:00:00.000Z",
          "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Order not found
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/orders/dates/within-delivered

Get a list of orders delivered within the given dates

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "startDate": "1970-01-01T00:00:00.000Z",
  "endDate": "1970-01-01T00:00:00.000Z"


  "orders": [
    "id": "cl4qrncms0334tcjj75gn06tv",
    "status": "ORDERED",
    "orderedAt": "1970-01-01T00:00:00.000Z",
    "shippedAt": null,
    "deliveredAt": "1970-01-01T00:00:00.000Z",

    "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
    "productInstances": [
        "id": "cl52gilrq0059g4jjj50ffvdg",
        "status": "SOLD",
        "orderId": "cl5atk1nr002506jjot8atd5p",
        "productId": "cl4zoemig0036l2jjv0efdted",
        "product": {
          "id": "cl4zoemig0036l2jjv0efdted",
          "model": "Test Product",
          "imageUrl": "/path/to/image",
          "description": "Test Description",
          "color": "Blue",
          "size": "M",
          "price": 19.99,
          "createdAt": "1970-01-01T00:00:00.000Z",
          "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Order not found
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/orders/dates/within-ordered

Get a list of orders ordered within the given dates

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "startDate": "1970-01-01T00:00:00.000Z",
  "endDate": "1970-01-01T00:00:00.000Z"


  "orders": [
    "id": "cl4qrncms0334tcjj75gn06tv",
    "status": "ORDERED",
    "orderedAt": "1970-01-01T00:00:00.000Z",
    "shippedAt": null,
    "deliveredAt": null,

    "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
    "productInstances": [
        "id": "cl52gilrq0059g4jjj50ffvdg",
        "status": "SOLD",
        "orderId": "cl5atk1nr002506jjot8atd5p",
        "productId": "cl4zoemig0036l2jjv0efdted",
        "product": {
          "id": "cl4zoemig0036l2jjv0efdted",
          "model": "Test Product",
          "imageUrl": "/path/to/image",
          "description": "Test Description",
          "color": "Blue",
          "size": "M",
          "price": 19.99,
          "createdAt": "1970-01-01T00:00:00.000Z",
          "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Order not found
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/orders/dates/within-shipped

Get a list of orders ordered within the given dates

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "startDate": "1970-01-01T00:00:00.000Z",
  "endDate": "1970-01-01T00:00:00.000Z"


  "orders": [
    "id": "cl4qrncms0334tcjj75gn06tv",
    "status": "ORDERED",
    "orderedAt": "1970-01-01T00:00:00.000Z",
    "shippedAt": "1970-01-01T00:00:00.000Z",
    "deliveredAt": null,

    "customerId": "cl4qrmvvf0278tcjjl1zu8g6a",
    "productInstances": [
        "id": "cl52gilrq0059g4jjj50ffvdg",
        "status": "SOLD",
        "orderId": "cl5atk1nr002506jjot8atd5p",
        "productId": "cl4zoemig0036l2jjv0efdted",
        "product": {
          "id": "cl4zoemig0036l2jjv0efdted",
          "model": "Test Product",
          "imageUrl": "/path/to/image",
          "description": "Test Description",
          "color": "Blue",
          "size": "M",
          "price": 19.99,
          "createdAt": "1970-01-01T00:00:00.000Z",
          "updatedAt": "1970-01-01T00:00:00.000Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Order not found
405 Method Not Allowed The request method is not GET

Product Instances

GET /api/v1/warehouse/productInstances

Retrieve the complete list of product instances.

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "productInstances": [
    "id": "ch72gsb320000udocl363eofy",
    "status": "SOLD",
    "orderId": "c00p6qup20000ckkzslahp5pn",
    "productId": "cl4rb193000002a66jmw17ri3",
    "activeProductInstance": {
      "id": "cl4rb2pdh00012a6640drwif0",
      "status": "ACTIVE",
      "customerId": "cl4rb3wvv00032a66audt0pbp"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/productInstances

Create a number of new product instances given the quantity and the type of product

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "productId": "cl4rb193000002a66jmw17ri3",
  "quantity": 3


  • productId must be a valid cuid
  • quantity must be greater than 0


  "numberOfCreatedProductInstances": 3

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not POST

PATCH /api/v1/warehouse/productInstances/{productInstanceId}

Update the fields of a specific product instance

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "id": "ch72gsb320000udocl363eofy",
  "status": "SOLD",
  "orderId": "c00p6qup20000ckkzslahp5pn",
  "productId": "cl4rb193000002a66jmw17ri3"


  • The id field is readonly, used only to query the product instance to update
  • All the id fields must be a valid cuid
  • status accepts only "SOLD" and "IN_STOCK" as valid values
  • orderId can be null


  "productInstance": {
    "id": "ch72gsb320000udocl363eofy",
    "status": "SOLD",
    "orderId": "c00p6qup20000ckkzslahp5pn",
    "productId": "cl4rb193000002a66jmw17ri3"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Product Instance not found
405 Method Not Allowed The request method is not PATCH

DELETE /api/v1/warehouse/productInstanceso/{productInstanceId}

Delete a specific product instance record and its related active product instance record (if present)

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "id": "ch72gsb320000udocl363eofy"


  • The id field is readonly, used only to query the product instance to update, and must be a valid cuid


  "productInstance": {
    "id": "ch72gsb320000udocl363eofy",
    "status": "SOLD",
    "orderId": "c00p6qup20000ckkzslahp5pn",
    "productId": "cl4rb193000002a66jmw17ri3"


  • The id field is readonly, used only to query the product instance to update
  • All the id fields must be a valid cuid
  • status accepts only "SOLD" and "IN_STOCK" as valid values
  • orderId can be null

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Product Instance not found
405 Method Not Allowed The request method is not DELETE

GET /api/v1/warehouse/productInstances/{productInstanceId}

Retrieve a specific product instance

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "productInstance": {
    "id": "ch72gsb320000udocl363eofy",
    "status": "SOLD",
    "orderId": "c00p6qup20000ckkzslahp5pn",
    "productId": "cl4rb193000002a66jmw17ri3"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/productInstances/productInstanceActivation

Activate a specific product instance

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "customerId": "ch72gsb320000udocl363eofy",
  "productInstanceId": "cl4zoemig0036l2jjv0efdted"


  • The id fields must be a valid cuid


  "productInstanceActivated": {
    "id": "ch72gsb320000udocl363eofy",
    "status": "SOLD",
    "orderId": "c00p6qup20000ckkzslahp5pn",
    "productId": "cl4rb193000002a66jmw17ri3"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Product Instance not found
405 Method Not Allowed The request method is not POST

GET /api/v1/warehouse/productInstances/count/by-status/{productInstanceStatus}

Retrieve a count of product instances by their status

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role


  "numberOfProductInstances": 3

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Product Instances not found
405 Method Not Allowed The request method is not GET

GET /api/v1/warehouse/productInstances/count/by-type/{productId}

Retrieve a count of product instances by their product type

Required Headers:

Content-Type: application/json
Authorization: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role


  "numberOfProductInstances": 3

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Product Instances not found
405 Method Not Allowed The request method is not GET


GET /api/v1/warehouse/products

List all products

Required Headers

Content-Type: application/json
Authentication: Bearer <jwt>


  "products": [
      "model": "Watch",
      "imageUrl": ["/path/to/image"],
      "description": "A cool watch",
      "color": "Blue",
      "size": "L",
      "price": 199.99

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
405 Method Not Allowed The request method is not GET

POST /api/v1/warehouse/products

Create a new product given the necessary parameters.

Required Headers:

Content-Type: application/json
Authentication: Bearer <jwt>


  • The jwt must contain a valid employee id with ADMIN role

Required Body:

  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Blue",
  "size": "L",
  "price": 199.99


  • price must be greater than 0


  "id": "cl4zoemig0036l2jjv0efdted",
  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Blue",
  "size": "L",
  "price": 199.99,
  "createdAt": "2022-06-29T14:10:44.094Z",
  "updatedAt": "2022-06-29T14:11:24.664Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
405 Method Not Allowed The request method is not POST

GET /api/v1/warehouse/products/{productId}

Get a specific product

Required Headers

Content-Type: application/json
Authentication: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Blue",
  "size": "L",
  "price": 199.99

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
404 Not Found Product not found
405 Method Not Allowed The request method is not GET

PATCH /api/v1/warehouse/products/{product-id}

Update the fields of a specific product

Required Headers:

Content-Type: application/json
Authentication: Bearer <jwt>


  • The jwt must contain a valid employee id and role

Required Body:

  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Black",
  "size": "L",
  "price": 189.99


  • price must be greater than 0


  "id": "cl4zoemig0036l2jjv0efdted",
  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Black",
  "size": "L",
  "price": 199.99,
  "createdAt": "2022-06-29T14:10:44.094Z",
  "updatedAt": "2022-06-30T15:02:55.335Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Product not found
405 Method Not Allowed The request method is not PATCH

DELETE /api/v1/warehouse/products/{product-id}

Delete a specific product record

Required Headers:

Content-Type: application/json
Authentication: Bearer <jwt>


  • The jwt must contain a valid employee id and role


  "id": "cl4zoemig0036l2jjv0efdted",
  "model": "Watch",
  "imageUrl": ["/path/to/image"],
  "description": "A cool watch",
  "color": "Black",
  "size": "L",
  "price": 199.99,
  "createdAt": "2022-06-29T14:10:44.094Z",
  "updatedAt": "2022-06-30T15:02:55.335Z"

Possible errors:

Error code Description
400 Bad Request The request body content is invalid
401 Unauthorized Authentication credentials not valid
403 Forbidden User has not enough rights to access the resource
404 Not Found Product not found
405 Method Not Allowed The request method is not PATCH


ProjectWork - Postgres database with and







No releases published


No packages published
