1. Users

• Get the authenticated user
• Update the authenticated user
• Delete the authenticated user
• Get all users
• Get a single user by id
• Get a single user by e-mail
• Create a new user by admin
• Update the user by admin
• Enable/disable the user by admin
• Delete the user by admin

2. Restaurants

• Get all restaurants
• Get a single restaurant by id
• Create a new restaurant
• Update restaurant
• Delete restaurant

3. Menu

• Get all
• Get menu
• Get a single dish from the menu
• Create a new dish in the menu
• Update the dish in the menu
• Delete menu
• Delete a single dish from the menu

4. Vote

• Vote for the restaurant
• Get current vote results

5. Errors

Lists profile information when authenticated through basic auth and authorized as a user.

GET /api/v1/profile

No parameters.

Do not supply a request body with this method.

Status: 200 OK
    
{
  "id": 1,
  "name": "User",
  "email": "user@yandex.ru",
  "password": "$2a$10$Sh0ZD2NFrzRRJJEKEWn8l.92ROEuzlVyzB9SV1AM8fdluPR0aC1ni"
}

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/profile --user user@yandex.ru:password

Updates profile information of the authenticated user (require basic auth).

PUT /api/v1/profile

No parameters.

{
  "id": 1,
  "name": "Updated",
  "email": "updated@yandex.ru",
  "password": "updated_password"
}

In the JSON request body, include the following object properties:

• id | number
  The ID of the user to update (or authenticated user ID).
• name | string | required
  The user name.
• email | string | required
  The user e-mail.
  Must be unique.
• password | string | required
  The user password.
  Minimum length: 5.
  Maximum length: 70.

Status: 200 OK

Status: 401 Unauthorized

Status: 409 Conflict.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X PUT http://localhost:8080/votingsystem/api/v1/profile --user user@yandex.ru:password \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "id": 1,
      "name": "Updated",
      "email": "updated@yandex.ru",
      "password": "updated_password"
    }'

Deletes the authenticated user profile (require basic auth).

DELETE /api/v1/profile

No parameters.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

curl -s -X DELETE http://localhost:8080/votingsystem/api/v1/profile --user user@yandex.ru:password

Lists all users when authenticated through basic auth and authorized as an admin.

GET /api/v1/admin/users

No parameters.

Do not supply a request body with this method.

Status: 200 OK
    
[
  {
    "id": 1,
    "name": "User",
    "email": "user@yandex.ru",
    "password": "$2a$10$Sh0ZD2NFrzRRJJEKEWn8l.92ROEuzlVyzB9SV1AM8fdluPR0aC1ni",
    "roles": ["ROLE_USER"],
    "registered": "2017-05-25T11:26:08.899+0000",
    "enabled": true
    ]
  },
  {
    "id": 2,
    "name": "Admin",
    "email": "admin@gmail.com",
    "password": "$2a$10$WejOLxVuXRpOgr4IlzQJ.eT4UcukNqHlAiOVZj1P/nmc8WbpMkiju",
     "roles":       [
       "ROLE_ADMIN",
       "ROLE_USER"
    ],
    "registered": "2017-05-25T11:26:08.899+0000",
    "enabled": true
  },
  {
    "id": 3,
    "name": "User2",
    "email": "user2@gmail.com",
    "password": "$2a$10$n5P60SQcI85qU3RRHkR4EOKgQN9Ld2mfGiSKj2q.1sXSN1nYqnkzm",
    "roles": ["ROLE_USER"],
    "registered": "2017-05-25T11:26:08.900+0000",
    "enabled": true
     }
]

Returns an array of user objects in JSON format:

• id | number
  The ID of the user.
• name | string
  The user name.
• email | string
  The user e-mail (unique).
• password | string
  The encoded user password.
• roles | array of enums
  An array of user roles.
• registered | string
  The date and time when the user was created, in ISO 8601 format.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).

Possible values:
["ROLE_USER"] - is the regular user.
["ROLE_ADMIN", "ROLE_USER"] - is admin.

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/admin/users --user admin@gmail.com:admin

Shows details for a user, by ID. Requires authentication through basic auth and authorization as an admin.

GET /api/v1/admin/users/:id

Path parameters:

• id | string
  The ID of the user to show.

Do not supply a request body with this method.

Status: 200 OK
    
{
  "id": 1,
     "name": "User",
     "email": "user@yandex.ru",
     "password": "$2a$10$Sh0ZD2NFrzRRJJEKEWn8l.92ROEuzlVyzB9SV1AM8fdluPR0aC1ni",
     "roles": ["ROLE_USER"],
     "registered": "2017-05-25T11:26:08.899+0000",
     "enabled": true
}

Returns a user object in JSON format:

• id | number
  The ID of the user.
• name | string
  The user name.
• email | string
  The user e-mail (unique).
• password | string
  The encoded user password.
• roles | array of enums
  An array of user roles.
• registered | string
  The date and time when the user was created, in ISO 8601 format.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).

Possible values:
["ROLE_USER"] - is the regular user.
["ROLE_ADMIN", "ROLE_USER"] - is admin.

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s http://localhost:8080/votingsystem/api/v1/admin/users/1 --user admin@gmail.com:admin

Shows details for a user, by e-mail. Requires authentication through basic auth and authorization as an admin.

GET /api/v1/admin/users/by

Query parameters:

• email | string | required
  The e-mail of the user to show.

Do not supply a request body with this method.

Status: 200 OK
    
{
  "id": 1,
  "name": "User",
  "email": "user@yandex.ru",
  "password": "$2a$10$Sh0ZD2NFrzRRJJEKEWn8l.92ROEuzlVyzB9SV1AM8fdluPR0aC1ni",
  "roles": ["ROLE_USER"],
  "registered": "2017-05-25T11:26:08.899+0000",
  "enabled": true
}

Returns a user object in JSON format:

• id | number
  The ID of the user.
• name | string
  The user name.
• email | string
  The user e-mail (unique).
• password | string
  The encoded user password.
• roles | array of enums
  An array of user roles.
• registered | string
  The date and time when the user was created, in ISO 8601 format.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).

Possible values:
["ROLE_USER"] - is the regular user.
["ROLE_ADMIN", "ROLE_USER"] - is admin.

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s http://localhost:8080/votingsystem/api/v1/admin/users/by?email=user@yandex.ru \
--user admin@gmail.com:admin

Creates a new user by admin (requires authentication through basic auth and authorization as an admin).

POST /api/v1/admin/users

No parameters.

{
  "name": "newName",
  "email": "newMail@gmail.com",
  "password": "newPass",
  "roles": [
          "ROLE_USER",
          "ROLE_ADMIN"
        ],
  "enabled": true
}

In the JSON request body, include the following object properties:

• name | string | required
  The user name.
• email | string | required
  The user e-mail.
  Must be unique.
• password | string | required
  The user password.
  Minimum length: 5.
  Maximum length: 70.
• roles | array of enums | required
  An array of user roles.
  Possible values:
  ["ROLE_USER"] - is the regular user.
  ["ROLE_ADMIN", "ROLE_USER"] - is admin.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).
  Default: true.

Status: 201 Created
    
{
  "id": 15,
  "name": "newName",
  "email": "newmail@gmail.com",
  "password": "$2a$10$D3dsqwULGYK0oSUskxNmWOXsxndYX6F43Ys7RwclIODVyGGOQPQHK",
  "roles":    [
    "ROLE_ADMIN",
    "ROLE_USER"
  ],
  "registered": "2017-04-17T21:15:23.526+0000",
  "enabled": true
}

Returns a user object in JSON format:

• id | number
  The ID of the user.
• name | string
  The user name.
• email | string
  The user e-mail (unique).
• password | string
  The encoded user password.
• roles | array of enums
  An array of user roles.
  Possible values:
  ["ROLE_USER"] - is the regular user.
  ["ROLE_ADMIN", "ROLE_USER"] - is admin.
• registered | string
  The date and time when the user was created, in ISO 8601 format.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).

Status: 401 Unauthorized

Status: 409 Conflict.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X POST http://localhost:8080/votingsystem/api/v1/admin/users --user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "name": "newName",
      "email": "newMail@gmail.com",
      "password": "newPass",
      "roles": [
         "ROLE_USER",
         "ROLE_ADMIN"
      ],
      "enabled": true
    }'

Updates the user details by admin (requires authentication through basic auth and authorization as an admin).

PUT /api/v1/admin/users/:id

Path parameters:

• id | string
  The ID of the user to update.

{
  "id": 1,
  "name": "Updated name",
  "email": "updated@yandex.ru",
  "password": "updated_pass",
  "roles": ["ROLE_USER"],
  "enabled": true
}

In the JSON request body, include the following object properties:

• id | number
  The ID of the user to update.
• name | string | required
  The user name.
• email | string | required
  The user e-mail.
  Must be unique.
• password | string | required
  The user password.
  Minimum length: 5.
  Maximum length: 70.
• roles | array of enums | required
  An array of user roles.
  Possible values:
  ["ROLE_USER"] - is the regular user.
  ["ROLE_ADMIN", "ROLE_USER"] - is admin.
• enabled | boolean
  The user status, user may be enabled (true) or disabled (false).

Status: 200 OK

Status: 401 Unauthorized

Status: 409 Conflict.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X PUT http://localhost:8080/votingsystem/api/v1/admin/users/1 --user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
       "id": 1,
       "name": "Updated name",
       "email": "updated@yandex.ru",
       "password": "updated_pass",
       "roles": [ "ROLE_USER" ],
       "enabled": true
    }'

Enables and disables the user by admin (requires authentication through basic auth and authorization as an admin).

PATCH /api/v1/admin/users/:id

Path parameters:

• id | string
  The ID of the user to enable/disable.

Query parameters:

• enabled | boolean | required
  Possible values:
  true - enable user;
  false - disable user.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X PATCH http://localhost:8080/votingsystem/api/v1/admin/users/1?enabled=false \
--user admin@gmail.com:admin

Deletes the user by admin (requires authentication through basic auth and authorization as an admin).

DELETE /api/v1/admin/users/:id

Path parameters:

• id | string
  The ID of the user to delete.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X DELETE http://localhost:8080/votingsystem/api/v1/admin/users/1 \
--user admin@gmail.com:admin

Lists all restaurants sorted by name with their menus, dishes in menus are also sorted by name (required authentication through basic auth and authorization as a user).

GET /api/v1/restaurants

No parameters.

Do not supply a request body with this method.

Status: 200 OK
    
[
  {
  "id": 6,
  "name": "На парах"
 },
  {
  "id": 4,
  "name": "Жрем днем"
 },
  {
  "id": 5,
  "name": "Хочу харчо"
 }
]

Returns an array of restaurant objects with menus in JSON format:

• id | number
  The ID of the restaurant.
• name | string
  The restaurant name.

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/restaurants --user user@yandex.ru:password

Shows details for the restaurant, by ID.

GET /api/v1/restaurants/:id

Path parameters:

• id | string
  The ID of the restaurant to show.

Do not supply a request body with this method.

Status: 200 OK
    
{
  "id": 6,
  "name": "На парах",
}

Returns a restaurant object in JSON format:

• id | number
  The ID of the restaurant.
• name | string
  The restaurant name.

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s http://localhost:8080/votingsystem/api/v1/restaurants/6 --user user@yandex.ru:password

Creates a new restaurant by admin (requires authentication through basic auth and authorization as an admin).

POST /api/v1/restaurants

No parameters.

{
  "name": "new restaurant"
}

In the JSON request body, include the following object properties:

• name | string | required
  The name of the restaurant.

Status: 201 Created
    
{
  "id": 15,
  "name": "new restaurant"
}

Returns a restaurant object in JSON format:

• id | number
  The ID of the restaurant.
• name | string
  The restaurant name.

Status: 401 Unauthorized

Status: 409 Conflict.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X POST http://localhost:8080/votingsystem/api/v1/restaurants --user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "name": "new restaurant"
    }'

Updates the restaurant details by admin (requires authentication through basic auth and authorization as an admin).

PUT /api/v1/restaurants/:id

Path parameters:

• id | string
  The ID of the restaurant to update.

{
  "id": 6,
  "name": "Updated restaurant"
}

In the JSON request body, include the following object properties:

• id | number
  The ID of the user to update.
• name | string | required
  The name of the restaurant.

Status: 200 OK

Status: 401 Unauthorized

Status: 409 Conflict.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X PUT http://localhost:8080/votingsystem/api/v1/restaurants/6 --user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "id": 6,
      "name": "Updated restaurant"
    }'

Deletes the restaurant, by ID (requires authentication through basic auth and authorization as an admin).

DELETE /api/v1/restaurants/:id

Path parameters:

• id | string
  The ID of the restaurant to delete.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X DELETE http://localhost:8080/votingsystem/api/v1/restaurants/6 \
--user admin@gmail.com:admin

Shows a list of dishes (menu) for the restaurant, by the restaurant ID. Dishes in the menu are sorted by their name. Requires authentication through basic auth and authorization as an admin.

GET /api/v1/restaurants/:id/dishes/all

Path parameters:

• id | string
  The ID of the restaurant.

Do not supply a request body with this method.

Status: 200 OK
    
[
  {
  "id": 9,
  "name": "Супец",
  "price": 350,
  "menudate": "2017-05-25"
 },
  {
  "id": 10,
  "name": "Холодец",
  "price": 400,
  "menudate": "2017-05-24"
 }
]

Returns an array of the dish objects in JSON format:

• id | number
  The ID of the dish in menu.
• name | string
  The name of the dish in menu.
• price | number
  The price of the dish in menu.
• menudate | number
  Actual date of menu.

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes/all --user admin@gmail.com:admin

Shows a list of dishes (menu) for the restaurant, by the restaurant ID and current day. Dishes in the menu are sorted by their name.

GET /api/v1/restaurants/:id/dishes

Path parameters:

• id | string
  The ID of the restaurant.

Do not supply a request body with this method.

Status: 200 OK
    
[
  {
  "id": 9,
  "name": "Супец",
  "price": 350,
  "menudate": "2017-05-25"
 }
]

Returns an array of the dish objects in JSON format:

• id | number
  The ID of the dish in menu.
• name | string
  The name of the dish in menu.
• price | number
  The price of the dish in menu.
• menudate | number
  Actual date of menu.

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes --user user@yandex.ru:password

Shows details for the dish, by ID. Requires authentication through basic auth and authorization as an admin.

GET /api/v1/restaurants/:restaurantID/dishes/:id

Path parameters:

• restaurantID | string
  The ID of the restaurant.
• id | string
  The ID of the dish to show.

Do not supply a request body with this method.

Status: 200 OK
    
{
  "id": 9,
  "name": "Супец",
  "price": 350,
  "menudate": "2017-05-25"
}

Returns the dish object in JSON format:

• id | number
  The ID of the dish.
• name | string
  The name of the dish.
• price | number
  The price of the dish.
• menudate | number
  Actual date of menu.

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes/9 \
--user admin@gmail.com:admin

Adds a new dish to the menu of the restaurant (requires authentication through basic auth and authorization as an admin).

POST /api/v1/restaurants/:id/dishes

Path parameters:

• id | string
  The ID of the restaurant.

{
  "name": "newDish",
  "price": 999
}

In the JSON request body, include the following object properties:

• name | string | required
  The name of the dish.
• price | number | required
  The price of the dish.
  Minimum value: 0.

Status: 201 Created
    
{
  "id": 16,
  "name": "newDish",
  "price": 999,
  "menudate": "2017-05-25"
}

Returns the dish object in JSON format:

• id | number
  The ID of the dish.
• name | string
  The name of the dish.
• price | number
  The price of the dish.
• menudate | number
  Actual date of menu.

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X POST http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes \
--user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "name": "neDish",
      "price": 999
    }'

Updates the dish details, by ID (requires authentication through basic auth and authorization as an admin).

PUT /api/v1/restaurants/:restaurantID/dishes/:id

Path parameters:

• restaurantID | string
  The ID of the restaurant.
• id | string
  The ID of the dish to update.

{
  "id": 10,
  "name": "Updated dish",
  "price": 10
}

In the JSON request body, include the following object properties:

• id | number
  The ID of the dish to update.
• name | string | required
  The name of the dish.
• price | number | required
  The price of the dish.
  Minimum value: 0.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X PUT http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes/10 \
--user admin@gmail.com:admin \
-H "Content-Type:application/json;charset=UTF-8" \
-d '{
      "id": 10,
      "name": "Updated dish",
      "price": 10
    }'

Deletes the menu (a list of dishes) of the restaurant, by the restaurant ID (requires authentication through basic auth and authorization as an admin).

DELETE /api/v1/restaurants/:id/dishes

Path parameters:

• id | string
  The ID of the restaurant.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X DELETE http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes \
--user admin@gmail.com:admin

Deletes a single dish from the menu, by ID (requires authentication through basic auth and authorization as an admin).

DELETE /api/v1/restaurants/:restaurantID/dishes/:id

Path parameters:

• restaurantID | string
  The ID of the restaurant.
• id | string
  The ID of the dish to delete.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X DELETE http://localhost:8080/votingsystem/api/v1/restaurants/5/dishes/9 \
--user admin@gmail.com:admin

Votes for the restaurant.

If the user votes again the same day:

• If it is before 11:00 we assume that he changed his mind.
• If it is after 11:00 then it is too late, vote can't be changed.

POST /api/v1/restaurants/:id/votes

Path parameters:

• id | string
  The ID of the restaurant.

Do not supply a request body with this method.

Status: 200 OK

Status: 401 Unauthorized

Status: 403 Forbidden.
Returns an Error JSON object (see here).

Status: 422 Unprocessable Entity.
Returns an Error JSON object (see here).

curl -s -X POST http://localhost:8080/votingsystem/api/v1/restaurants/4 \
--user user@yandex.ru:password

Lists current vote results.

GET /api/v1/restaurants/:id/votes

Path parameters:

• id | string
  The ID of the restaurant.

Do not supply a request body with this method.

Status: 200 OK
    
[
  {
     "restaurantName": "Хочу харчо",
     "voteCount": 2,
     "voteDate": "2017-05-25"
  }
]

Returns an array of the votes result objects in JSON format:

• restaurantName | string
  The name of the restaurant.
• votes | number
  The number of votes for the restaurant.
• date | string
  The date of the vote (in ISO 8601 format).

Status: 401 Unauthorized

curl -s http://localhost:8080/votingsystem/api/v1/restaurants/5/votes --user user@yandex.ru:password

This API returns standard HTTP status codes for error responses.

The response body for all errors except Identity errors includes additional error details in this format:

{
  "url": "http://localhost:8080/votingSystem/api/v1/admin/users",
  "cause": "ValidationException",
  "details": [
    "password size must be between 5 and 70",
    "name may not be empty",
    "email not a well-formed email address"
  ]
}

Where:

• url | stirng
  Error documentation link.
• cause | string
  Error name.
• details | array of strings
  Error detailed description.