feat: dist/ pridan do repa pro server deploy
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
132
dist/api/admin/trips.php
vendored
Normal file
132
dist/api/admin/trips.php
vendored
Normal file
@@ -0,0 +1,132 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Trips API - Kniha jízd
|
||||
*
|
||||
* Endpoints:
|
||||
* GET /api/admin/trips.php - Get current user's trips for month
|
||||
* GET /api/admin/trips.php?action=history - Get trip history with filters
|
||||
* GET /api/admin/trips.php?action=admin - Get all trips (admin)
|
||||
* GET /api/admin/trips.php?action=print - Get print data for trips (admin)
|
||||
* GET /api/admin/trips.php?action=vehicles - Get all vehicles (admin)
|
||||
* GET /api/admin/trips.php?action=active_vehicles - Get active vehicles
|
||||
* GET /api/admin/trips.php?action=last_km&vehicle_id=X - Get last km for vehicle
|
||||
* POST /api/admin/trips.php - Create trip
|
||||
* POST /api/admin/trips.php?action=vehicle - Create/update vehicle (admin)
|
||||
* PUT /api/admin/trips.php?id=X - Update trip
|
||||
* DELETE /api/admin/trips.php?id=X - Delete trip
|
||||
* DELETE /api/admin/trips.php?action=vehicle&id=X - Delete vehicle (admin)
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
require_once dirname(__DIR__) . '/config.php';
|
||||
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
|
||||
require_once dirname(__DIR__) . '/includes/AuditLog.php';
|
||||
require_once dirname(__DIR__) . '/includes/AttendanceHelpers.php';
|
||||
require_once __DIR__ . '/handlers/trips-handlers.php';
|
||||
|
||||
// Set headers
|
||||
setCorsHeaders();
|
||||
setSecurityHeaders();
|
||||
setNoCacheHeaders();
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
// Handle preflight
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
||||
http_response_code(200);
|
||||
exit();
|
||||
}
|
||||
|
||||
// Require authentication
|
||||
$authData = JWTAuth::requireAuth();
|
||||
AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
|
||||
|
||||
$userId = $authData['user_id'];
|
||||
$isAdmin = $authData['user']['is_admin'] ?? false;
|
||||
$pdo = db();
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
|
||||
// Route request
|
||||
try {
|
||||
switch ($method) {
|
||||
case 'GET':
|
||||
$action = $_GET['action'] ?? 'current';
|
||||
|
||||
switch ($action) {
|
||||
case 'history':
|
||||
requirePermission($authData, 'trips.history');
|
||||
handleGetHistory($pdo, $userId);
|
||||
break;
|
||||
case 'admin':
|
||||
requirePermission($authData, 'trips.admin');
|
||||
handleGetAdmin($pdo);
|
||||
break;
|
||||
case 'print':
|
||||
requirePermission($authData, 'trips.admin');
|
||||
handleGetPrint($pdo);
|
||||
break;
|
||||
case 'vehicles':
|
||||
requirePermission($authData, 'trips.vehicles');
|
||||
handleGetVehicles($pdo);
|
||||
break;
|
||||
case 'active_vehicles':
|
||||
requirePermission($authData, 'trips.record');
|
||||
handleGetActiveVehicles($pdo);
|
||||
break;
|
||||
case 'last_km':
|
||||
requirePermission($authData, 'trips.record');
|
||||
handleGetLastKm($pdo);
|
||||
break;
|
||||
default:
|
||||
requirePermission($authData, 'trips.record');
|
||||
handleGetCurrent($pdo, $userId);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'POST':
|
||||
$action = $_GET['action'] ?? '';
|
||||
|
||||
if ($action === 'vehicle') {
|
||||
requirePermission($authData, 'trips.vehicles');
|
||||
handleVehicle($pdo);
|
||||
} else {
|
||||
requirePermission($authData, 'trips.record');
|
||||
handleCreateTrip($pdo, $userId);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'PUT':
|
||||
$id = (int)($_GET['id'] ?? 0);
|
||||
if (!$id) {
|
||||
errorResponse('ID je povinné');
|
||||
}
|
||||
handleUpdateTrip($pdo, $id, $userId, $authData);
|
||||
break;
|
||||
|
||||
case 'DELETE':
|
||||
$id = (int)($_GET['id'] ?? 0);
|
||||
$action = $_GET['action'] ?? '';
|
||||
|
||||
if ($action === 'vehicle') {
|
||||
requirePermission($authData, 'trips.vehicles');
|
||||
handleDeleteVehicle($pdo, $id);
|
||||
} else {
|
||||
if (!$id) {
|
||||
errorResponse('ID je povinné');
|
||||
}
|
||||
handleDeleteTrip($pdo, $id, $userId, $authData);
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
errorResponse('Nepodporovaná metoda', 405);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
error_log('Trips API Error: ' . $e->getMessage());
|
||||
errorResponse('Chyba databáze', 500);
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Helper Functions
|
||||
// ============================================================================
|
||||
Reference in New Issue
Block a user