https://github.com/cybersully/tarpaulin-api

Test out this robust GCP course & user management API
https://github.com/cybersully/tarpaulin-api

api-rest auth0 auth0-jwt datastore gae gcp nosql-data-storage

Last synced: 16 days ago
JSON representation

Test out this robust GCP course & user management API

• Host: GitHub
• URL: https://github.com/cybersully/tarpaulin-api
• Owner: CyberSully
• Created: 2025-06-06T07:23:53.000Z (12 months ago)
• Default Branch: main
• Last Pushed: 2025-06-06T07:34:56.000Z (12 months ago)
• Last Synced: 2025-06-06T08:28:34.257Z (12 months ago)
• Topics: api-rest, auth0, auth0-jwt, datastore, gae, gcp, nosql-data-storage
• Language: Python
• Homepage: https://tarpaulin-api-sullbret.uw.r.appspot.com/
• Size: 150 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Tarpaulin Course Management API

The **Tarpaulin Course Management Tool** is a RESTful API built using Python 3 and Google App Engine. It provides role-based access to manage users, courses, enrollments, and profile avatars. The system supports authentication via Auth0 JWTs and uses Google Cloud Datastore and Cloud Storage for persistent data and file storage.

## Overview

This project was developed as a cloud application portfolio project for CS 493. It demonstrates a fully functional API deployment on GCP using:

- Google App Engine (GAE)

- Cloud Datastore (NoSQL)

- Cloud Storage for file uploads

- Auth0 for authentication

- Postman and Newman for automated testing

The API supports multiple user roles (`admin`, `instructor`, and `student`) with permissions and access controls enforced at the route level.

---

## Endpoints

All endpoints are protected via JWT (Bearer token). Routes are scoped by user role, and validation rules ensure proper access and data consistency.

### Users

- `POST /users`  

  Create a new user profile.

- `GET /users/`  

  Retrieve a specific user's information (restricted by role).

- `PATCH /users/`  

  Update a user's role (admin only).

- `DELETE /users/`  

  Delete a user (admin only).

### Avatars

- `POST /users//avatar`  

  Upload an avatar image (PNG only, 5MB max).

- `GET /users//avatar`  

  Retrieve a user's avatar.

- `DELETE /users//avatar`  

  Remove a user's avatar.

### Courses

- `POST /courses`  

  Create a new course (admin or instructor).

- `GET /courses/`  

  Get details about a course (restricted by role).

- `PATCH /courses/`  

  Update course info (admin or the instructor who owns it).

- `DELETE /courses/`  

  Delete a course (admin only).

- `PATCH /courses//students`  

  Enroll or disenroll students (admin or course instructor).

- `GET /courses//students`  

  Get the list of enrolled student IDs (admin or course instructor).

---

## Testing

The project includes a full [Postman collection](assignment6.postman_collection2.json) to validate all API behavior.

### Local Testing with Newman

To run the test suite from the command line:

```bash

newman run assignment6.postman_collection2.json -e assignment6.postman_environment.json