userModel = new UserModel(); } public function __invoke(ServerRequestInterface $request) { // company_id NÃO vem mais do body: é herdado do usuário autenticado (JWT). // Isso impede que alguém se registre sob uma empresa arbitrária. $userId = (int) ($request->getAttribute('user_id') ?? 0); if ($userId <= 0) { return ResponseLib::sendFail("Unauthorized: Missing authenticated user", [], "E_VALIDATE")->withStatus(401); } $body = json_decode((string) $request->getBody(), true) ?: []; $name = $body['name'] ?? $body['user_name'] ?? null; $phone = $body['phone'] ?? $body['user_phone'] ?? ''; $email = $body['email'] ?? $body['user_email'] ?? ''; $role = $body['role'] ?? $body['user_role'] ?? ''; $password = $body['password'] ?? ''; $validator = (new Validator([ 'name' => $name, 'phone' => $phone, 'email' => $email, 'role' => $role, 'password' => $password, ])) ->maxLength('name', 120) ->required('phone')->phone('phone') ->required('email')->email('email')->maxLength('email', 255) ->required('role')->maxLength('role', 50) ->required('password')->minLength('password', 8)->maxLength('password', 255); if ($validator->fails()) { return ResponseLib::sendFail($validator->firstError(), [], "E_VALIDATE")->withStatus(400); } try { $companyId = $this->userModel->getCompanyIdByUserId($userId); if ($companyId === null) { return ResponseLib::sendFail("User not found", [], "E_NOT_FOUND")->withStatus(404); } $userData = $this->userModel->createUser($companyId, $email, $password, $phone, $role, $name); if (!$userData) { return ResponseLib::sendFail("Email already exists or creation failed", [], "E_VALIDATE")->withStatus(400); } return ResponseLib::sendOk($userData, "S_CREATED", "User created."); } catch (\Throwable $e) { Logger::error('Failed to register user', ['error' => $e->getMessage()]); return ResponseLib::sendFail("Failed to register user", [], "E_GENERIC")->withStatus(500); } } }