feat: add user management

backend/src/user/dto/createUser.dto.ts

@@ -0,0 +1,14 @@
+import { Expose, plainToClass } from "class-transformer";
+import { Allow } from "class-validator";
+import { UserDTO } from "./user.dto";
+
+export class CreateUserDTO extends UserDTO{
+
+  @Expose()
+  @Allow()
+  isAdmin: boolean;
+
+  from(partial: Partial<CreateUserDTO>) {
+    return plainToClass(CreateUserDTO, partial, { excludeExtraneousValues: true });
+  }
+}

backend/src/user/dto/updateOwnUser.dto.ts

@@ -2,5 +2,5 @@ import { OmitType, PartialType } from "@nestjs/mapped-types";
 import { UserDTO } from "./user.dto";
 
 export class UpdateOwnUserDTO extends PartialType(
-  OmitType(UserDTO, ["isAdmin"] as const)
+  OmitType(UserDTO, ["isAdmin", "password"] as const)
 ) {}

backend/src/user/dto/user.dto.ts

@@ -1,17 +1,10 @@
 import { Expose, plainToClass } from "class-transformer";
-import {
-  IsEmail,
-  IsNotEmpty,
-  IsString,
-  Length,
-  Matches,
-} from "class-validator";
+import { IsEmail, Length, Matches, MinLength } from "class-validator";
 
 export class UserDTO {
   @Expose()
   id: string;
 
-  @Expose()
   @Expose()
   @Matches("^[a-zA-Z0-9_.]*$", undefined, {
     message: "Username can only contain letters, numbers, dots and underscores",
@@ -23,8 +16,7 @@ export class UserDTO {
   @IsEmail()
   email: string;
 
-  @IsNotEmpty()
-  @IsString()
+  @MinLength(8)
   password: string;
 
   @Expose()

backend/src/user/user.controller.ts

@@ -12,6 +12,8 @@ import { User } from "@prisma/client";
 import { GetUser } from "src/auth/decorator/getUser.decorator";
 import { AdministratorGuard } from "src/auth/guard/isAdmin.guard";
 import { JwtGuard } from "src/auth/guard/jwt.guard";
+import { CreateUserDTO } from "./dto/createUser.dto";
+import { UpdateOwnUserDTO } from "./dto/updateOwnUser.dto";
 import { UpdateUserDto } from "./dto/updateUser.dto";
 import { UserDTO } from "./dto/user.dto";
 import { UserSevice } from "./user.service";
@@ -29,7 +31,10 @@ export class UserController {
 
   @Patch("me")
   @UseGuards(JwtGuard)
-  async updateCurrentUser(@GetUser() user: User, @Body() data: UpdateUserDto) {
+  async updateCurrentUser(
+    @GetUser() user: User,
+    @Body() data: UpdateOwnUserDTO
+  ) {
     return new UserDTO().from(await this.userService.update(user.id, data));
   }
 
@@ -48,7 +53,7 @@ export class UserController {
 
   @Post()
   @UseGuards(JwtGuard, AdministratorGuard)
-  async create(@Body() user: UserDTO) {
+  async create(@Body() user: CreateUserDTO) {
     return new UserDTO().from(await this.userService.create(user));
   }
 
@@ -60,7 +65,7 @@ export class UserController {
 
   @Delete(":id")
   @UseGuards(JwtGuard, AdministratorGuard)
-  async delete(@Param() id: string) {
+  async delete(@Param("id") id: string) {
     return new UserDTO().from(await this.userService.delete(id));
   }
 }

backend/src/user/user.service.ts

@@ -2,6 +2,7 @@ import { BadRequestException, Injectable } from "@nestjs/common";
 import { PrismaClientKnownRequestError } from "@prisma/client/runtime";
 import * as argon from "argon2";
 import { PrismaService } from "src/prisma/prisma.service";
+import { CreateUserDTO } from "./dto/createUser.dto";
 import { UpdateUserDto } from "./dto/updateUser.dto";
 import { UserDTO } from "./dto/user.dto";
 
@@ -17,7 +18,7 @@ export class UserSevice {
     return await this.prisma.user.findUnique({ where: { id } });
   }
 
-  async create(dto: UserDTO) {
+  async create(dto: CreateUserDTO) {
     const hash = await argon.hash(dto.password);
     try {
       return await this.prisma.user.create({