Added Get User (admin only) route

app/apiroutes/users.php

@@ -240,6 +240,50 @@ $app->post('/api/users', function( Request $request, Response $response){
     }
 });
 
+/** 
+ * Get User : admin only (see documentation) 
+ */ 
+$app->get('/api/users/{username}', function( Request $request, Response $response){ 
+    $username = $request->getAttribute('username');
+    $token = get_token_infos($request);
+
+    if (!$token->admin) {
+        // response : 403 : not Found
+        $response->getBody()->write('{"error": {"msg": "Access denied."}}'); 
+        return $response->withHeader('Content-Type', 'application/json')->withStatus(403); 
+    }
+
+    $dbconn = new DB\DBConnection();
+    // Check user exists in database
+    try {
+        $db = $dbconn->connect();    
+    
+        // query
+        $sql = "SELECT * FROM users WHERE (username='" . $username . "')";
+        $stmt = $db->query( $sql );
+        $users = $stmt->fetchAll( PDO::FETCH_OBJ );
+        $db = null; // clear db object
+
+        // Check if the user does not exist
+        if (sizeof($users) != 1) {
+            // response : 404 : not Found
+            $response->getBody()->write('{"error": {"msg": "Could not find user."}}'); 
+            return $response->withHeader('Content-Type', 'application/json')->withStatus(404); 
+        }
+
+        $user = $users[0];
+    }
+    catch( PDOException $e ) { 
+        echo $e; 
+        // response : 500 : PDO Error (DB) 
+        $response->getBody()->write('{"error": {"msg": "' . $e->getMessage() . '"}}'); 
+        return $response->withHeader('Content-Type', 'application/json')->withStatus(500); 
+    }
+
+    $response->getBody()->write(json_encode($user)); 
+    return $response->withHeader('Content-Type', 'application/json')->withStatus(200);   
+});
+
 /** 
  * Function which parse token, decode user infos from this token and Throws  
  * UnauthenticatedException if Authentication Issue.