Home Esplora Aiuto
Registrati Accedi
TooEasy
/
backend-php
3
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 524d93ec84
Rami (Branch) Tag
backend-php
/
controllers
/
CprQueryController.php

CprQueryController.php 2.0 KB
Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. <?php
    2. 

  2. 

  3. namespace Controllers;
    4. 

  4. 

  5. use Libs\ResponseLib;
    6. 

  6. use Psr\Http\Message\ServerRequestInterface;
    7. 

  7. use React\Http\Message\Response;
    8. 

  8. use Models\CprQueryModel;
    9. 

  9. 

  10. class CprQueryController
    11. 

  11. {
    12. 

  12.     private CprQueryModel $model;
    13. 

  13. 

  14.     public function __construct()
    15. 

  15.     {
    16. 

  16.         $this->model = new CprQueryModel();
    17. 

  17.     }
    18. 

  18. 

  19.     public function __invoke(ServerRequestInterface $request)
    20. 

  20.     {
    21. 

  21.         $body = json_decode((string)$request->getBody(), true);
    22. 

  22.         if (!is_array($body)) {
    23. 

  23.             return ResponseLib::sendFail('Invalid JSON body', [], 'E_VALIDATE')->withStatus(400);
    24. 

  24.         }
    25. 

  25. 

  26.         $bodyCompanyId = (int)($body['company_id'] ?? 0);
    27. 

  27.         if ($bodyCompanyId <= 0) {
    28. 

  28.             return ResponseLib::sendFail('company_id is required', [], 'E_VALIDATE')->withStatus(400);
    29. 

  29.         }
    30. 

  30. 

  31.         $authCompanyId = (int)$request->getAttribute('api_company_id');
    32. 

  32.         if ($authCompanyId !== $bodyCompanyId) {
    33. 

  33.             return ResponseLib::sendFail(
    34. 

  34.                 'Unauthorized company access',
    35. 

  35.                 [],
    36. 

  36.                 'E_AUTH'
    37. 

  37.             )->withStatus(403);
    38. 

  38.         }
    39. 

  39. 

  40.         $cprId = isset($body['cpr_id']) ? (int)$body['cpr_id'] : null;
    41. 

  41. 

  42.         try {
    43. 

  43.             if ($cprId) {
    44. 

  44.                 $record = $this->model->getByIdAndCompany($cprId, $authCompanyId);
    45. 

  45.                 if (!$record) {
    46. 

  46.                     return ResponseLib::sendFail(
    47. 

  47.                         'CPR not found',
    48. 

  48.                         [],
    49. 

  49.                         'E_NOT_FOUND'
    50. 

  50.                     )->withStatus(404);
    51. 

  51.                 }
    52. 

  52. 

  53.                 return Response::json($record)->withStatus(200);
    54. 

  54.             }
    55. 

  55. 

  56.             $list = $this->model->listByCompany($authCompanyId);
    57. 

  57.             return Response::json($list)->withStatus(200);
    58. 

  58. 

  59.         } catch (\Throwable $e) {
    60. 

  60.             return ResponseLib::sendFail(
    61. 

  61.                 'Failed to query CPRs: ' . $e->getMessage(),
    62. 

  62.                 [],
    63. 

  63.                 'E_DATABASE'
    64. 

  64.             )->withStatus(500);
    65. 

  65.         }
    66. 

  66.     }
    67. 

  67. }
    68.