Rotina para listar o monitoramento a partir das ordens

controllers/OrderbookCprMonitoringListController.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace Controllers;
+
+use Libs\ResponseLib;
+use Models\CprMonitoringModel;
+use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Exceptions\ValidationException;
+use Respect\Validation\Validator as val;
+
+class OrderbookCprMonitoringListController
+{
+    private \PDO $pdo;
+    private CprMonitoringModel $monitoringModel;
+
+    public function __construct()
+    {
+        if (!isset($GLOBALS['pdo']) || !$GLOBALS['pdo'] instanceof \PDO) {
+            throw new \RuntimeException('Global PDO connection not initialized');
+        }
+
+        $this->pdo = $GLOBALS['pdo'];
+        $this->monitoringModel = new CprMonitoringModel();
+    }
+
+    public function __invoke(ServerRequestInterface $request)
+    {
+        $userId = (int)($request->getAttribute('api_user_id') ?? 0);
+        $companyId = (int)($request->getAttribute('api_company_id') ?? 0);
+
+        if ($userId <= 0 || $companyId <= 0) {
+            return ResponseLib::sendFail('Unauthorized', [], 'E_VALIDATE')->withStatus(401);
+        }
+
+        $body = json_decode((string)$request->getBody(), true) ?? [];
+
+        try {
+            val::key('orderbook_id', val::intType()->positive())
+                ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail('Validation failed: ' . $e->getFullMessage(), [], 'E_VALIDATE')->withStatus(400);
+        }
+
+        $orderbookId = (int)$body['orderbook_id'];
+
+        try {
+            $stmt = $this->pdo->prepare(
+                'SELECT
+                    t.cpr_id,
+                    w.company_id AS wallet_company_id
+                 FROM "orderbook" o
+                 LEFT JOIN "token" t ON t.token_id = o.token_id
+                 LEFT JOIN "wallet" w ON w.wallet_id = o.wallet_id
+                 WHERE o.orderbook_id = :orderbook_id
+                 LIMIT 1'
+            );
+            $stmt->execute(['orderbook_id' => $orderbookId]);
+            $row = $stmt->fetch(\PDO::FETCH_ASSOC) ?: null;
+
+            $cprId = (int)($row['cpr_id'] ?? 0);
+            $walletCompanyId = (int)($row['wallet_company_id'] ?? 0);
+
+            if ($cprId <= 0) {
+                return ResponseLib::sendFail('CPR not found for orderbook', ['orderbook_id' => $orderbookId], 'E_NOT_FOUND')->withStatus(404);
+            }
+
+            if ($walletCompanyId <= 0) {
+                return ResponseLib::sendFail('Wallet not found for orderbook', ['orderbook_id' => $orderbookId], 'E_NOT_FOUND')->withStatus(404);
+            }
+
+            if ($companyId !== 1 && $walletCompanyId !== $companyId) {
+                return ResponseLib::sendFail('Forbidden', [], 'E_FORBIDDEN')->withStatus(403);
+            }
+
+            $rows = $this->monitoringModel->listByCprId($cprId);
+
+        } catch (\Throwable $e) {
+            return ResponseLib::sendFail('Failed to list cpr monitoring: ' . $e->getMessage(), [], 'E_DATABASE')->withStatus(500);
+        }
+
+        return $rows
+            ? ResponseLib::sendOk($rows)
+            : ResponseLib::sendFail('Cpr monitoring not found', [], 'E_DATABASE')->withStatus(204);
+    }
+}

public/index.php

@@ -89,6 +89,7 @@ $app->post('/orderbook/filter', $authJwt, \Controllers\OrderbookFilterController
 $app->post('/orderbook/payment', $authJwt, \Controllers\OrderbookPaymentController::class);
 $app->post('/orderbook/cancel', $authJwt, \Controllers\OrderbookUpdateStatusController::class);
 $app->post('/orderbook/transfer', $authJwt, \Controllers\OrderbookTransferController::class);
+$app->post('/orderbook/monitoring/list', $authJwt, \Controllers\OrderbookCprMonitoringListController::class);
 $app->post('/harvest/list', $authJwt, \Controllers\HarvestListController::class);
 
 // Documents (JWT-protected)