feat: cpr company history

controllers/CprQueryController.php

@@ -0,0 +1,67 @@
+<?php
+
+namespace Controllers;
+
+use Libs\ResponseLib;
+use Psr\Http\Message\ServerRequestInterface;
+use React\Http\Message\Response;
+use Models\CprQueryModel;
+
+class CprQueryController
+{
+    private CprQueryModel $model;
+
+    public function __construct()
+    {
+        $this->model = new CprQueryModel();
+    }
+
+    public function __invoke(ServerRequestInterface $request)
+    {
+        $body = json_decode((string)$request->getBody(), true);
+        if (!is_array($body)) {
+            return ResponseLib::sendFail('Invalid JSON body', [], 'E_VALIDATE')->withStatus(400);
+        }
+
+        $bodyCompanyId = (int)($body['company_id'] ?? 0);
+        if ($bodyCompanyId <= 0) {
+            return ResponseLib::sendFail('company_id is required', [], 'E_VALIDATE')->withStatus(400);
+        }
+
+        $authCompanyId = (int)$request->getAttribute('api_company_id');
+        if ($authCompanyId !== $bodyCompanyId) {
+            return ResponseLib::sendFail(
+                'Unauthorized company access',
+                [],
+                'E_AUTH'
+            )->withStatus(403);
+        }
+
+        $cprId = isset($body['cpr_id']) ? (int)$body['cpr_id'] : null;
+
+        try {
+            if ($cprId) {
+                $record = $this->model->getByIdAndCompany($cprId, $authCompanyId);
+                if (!$record) {
+                    return ResponseLib::sendFail(
+                        'CPR not found',
+                        [],
+                        'E_NOT_FOUND'
+                    )->withStatus(404);
+                }
+
+                return Response::json($record)->withStatus(200);
+            }
+
+            $list = $this->model->listByCompany($authCompanyId);
+            return Response::json($list)->withStatus(200);
+
+        } catch (\Throwable $e) {
+            return ResponseLib::sendFail(
+                'Failed to query CPRs: ' . $e->getMessage(),
+                [],
+                'E_DATABASE'
+            )->withStatus(500);
+        }
+    }
+}

models/CprQueryModel.php

@@ -0,0 +1,88 @@
+<?php
+
+namespace Models;
+
+class CprQueryModel
+{
+    private \PDO $pdo;
+
+    public function __construct()
+    {
+        if (!isset($GLOBALS['pdo']) || !$GLOBALS['pdo'] instanceof \PDO) {
+            throw new \RuntimeException('Global PDO not initialized');
+        }
+
+        $this->pdo = $GLOBALS['pdo'];
+    }
+
+    /**
+     * Lista resumida
+     */
+    public function listByCompany(int $companyId): array
+    {
+        $sql = '
+            SELECT
+                cpr_id,
+                cpr_product_class_name,
+                cpr_issue_date,
+                cpr_issuer_name,
+                cpr_issue_financial_value
+            FROM cpr
+            WHERE company_id = :company_id
+            ORDER BY cpr_issue_date DESC
+        ';
+
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['company_id' => $companyId]);
+
+        return $stmt->fetchAll(\PDO::FETCH_ASSOC);
+    }
+
+    /**
+     * Detalhe completo
+     */
+    public function getByIdAndCompany(int $cprId, int $companyId): ?array
+    {
+        $sql = '
+            SELECT *
+            FROM cpr
+            WHERE cpr_id = :cpr_id
+              AND company_id = :company_id
+            LIMIT 1
+        ';
+
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute([
+            'cpr_id' => $cprId,
+            'company_id' => $companyId
+        ]);
+
+        $row = $stmt->fetch(\PDO::FETCH_ASSOC);
+        if (!$row) {
+            return null;
+        }
+
+        return $this->filterEmptyFields($row);
+    }
+
+    /**
+     * Remove NULL e "na"
+     */
+    private function filterEmptyFields(array $data): array
+    {
+        return array_filter(
+            $data,
+            static function ($value) {
+                if ($value === null) {
+                    return false;
+                }
+
+                if (is_string($value) && strtolower(trim($value)) === 'na') {
+                    return false;
+                }
+
+                return true;
+            }
+        );
+    }
+}

public/index.php

@@ -65,6 +65,9 @@ $app->post('/commodities/get', $authJwt, \Controllers\CommoditiesGetController::
 // CPR registration
 $app->post('/cpr/create', $authJwt, \Controllers\RegisterCprController::class);
 
+// CPR history
+$app->post('/cpr/history', $authJwt, \Controllers\CprQueryController::class);
+
 $app->post('/token/get', $authJwt, \Controllers\TokenGetController::class);
 
 $app->post('/b3/token', \Controllers\B3TokenController::class);