首頁 探索 說明
註冊 登入
TooEasy
/
backend-php
3
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: 2017457ddb
分支列表 標籤列表
backend-php
/
controllers
/
CprQueryController.php

CprQueryController.php 2.4 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. <?php
    2. 

  2. 

  3. namespace Controllers;
    4. 

  4. 

  5. use Libs\ResponseLib;
    6. 

  6. use Psr\Http\Message\ServerRequestInterface;
    7. 

  7. use React\Http\Message\Response;
    8. 

  8. use Models\CprQueryModel;
    9. 

  9. 

  10. class CprQueryController
    11. 

  11. {
    12. 

  12.     private CprQueryModel $model;
    13. 

  13. 

  14.     public function __construct()
    15. 

  15.     {
    16. 

  16.         $this->model = new CprQueryModel();
    17. 

  17.     }
    18. 

  18. 

  19.     public function __invoke(ServerRequestInterface $request)
    20. 

  20.     {
    21. 

  21.         $body = json_decode((string)$request->getBody(), true);
    22. 

  22.         if (!is_array($body)) {
    23. 

  23.             return ResponseLib::sendFail('Invalid JSON body', [], 'E_VALIDATE')->withStatus(400);
    24. 

  24.         }
    25. 

  25. 

  26.         $authCompanyId = (int)($request->getAttribute('api_company_id') ?? 0);
    27. 

  27.         if ($authCompanyId <= 0) {
    28. 

  28.             return ResponseLib::sendFail('Authenticated company not found', [], 'E_VALIDATE')->withStatus(401);
    29. 

  29.         }
    30. 

  30. 

  31.         $bodyCompanyId = (int)($body['company_id'] ?? $authCompanyId);
    32. 

  32.         if ($bodyCompanyId <= 0) {
    33. 

  33.             return ResponseLib::sendFail('company_id is required', [], 'E_VALIDATE')->withStatus(400);
    34. 

  34.         }
    35. 

  35. 

  36.         if ($authCompanyId !== 1 && $authCompanyId !== $bodyCompanyId) {
    37. 

  37.             return ResponseLib::sendFail(
    38. 

  38.                 'Unauthorized company access',
    39. 

  39.                 [],
    40. 

  40.                 'E_AUTH'
    41. 

  41.             )->withStatus(403);
    42. 

  42.         }
    43. 

  43. 

  44.         $hasGlobalAccess = $authCompanyId === 1;
    45. 

  45.         $cprId = isset($body['cpr_id']) ? (int)$body['cpr_id'] : null;
    46. 

  46. 

  47.         try {
    48. 

  48.             if ($cprId) {
    49. 

  49.                 $record = $hasGlobalAccess
    50. 

  50.                     ? $this->model->getById($cprId)
    51. 

  51.                     : $this->model->getByIdAndCompany($cprId, $authCompanyId);
    52. 

  52.                 if (!$record) {
    53. 

  53.                     return ResponseLib::sendFail(
    54. 

  54.                         'CPR not found',
    55. 

  55.                         [],
    56. 

  56.                         'E_NOT_FOUND'
    57. 

  57.                     )->withStatus(404);
    58. 

  58.                 }
    59. 

  59. 

  60.                 return Response::json($record)->withStatus(200);
    61. 

  61.             }
    62. 

  62. 

  63.             $list = $hasGlobalAccess
    64. 

  64.                 ? $this->model->listAll()
    65. 

  65.                 : $this->model->listByCompany($authCompanyId);
    66. 

  66.             return Response::json($list)->withStatus(200);
    67. 

  67. 

  68.         } catch (\Throwable $e) {
    69. 

  69.             return ResponseLib::sendFail(
    70. 

  70.                 'Failed to query CPRs: ' . $e->getMessage(),
    71. 

  71.                 [],
    72. 

  72.                 'E_DATABASE'
    73. 

  73.             )->withStatus(500);
    74. 

  74.         }
    75. 

  75.     }
    76. 

  76. }
    77.