feat: dist/ pridan do repa pro server deploy
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
73
dist/api/admin/users.php
vendored
Normal file
73
dist/api/admin/users.php
vendored
Normal file
@@ -0,0 +1,73 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* BOHA Automation - Users API
|
||||
*
|
||||
* GET /api/admin/users.php - List all users
|
||||
* POST /api/admin/users.php - Create new user
|
||||
* PUT /api/admin/users.php?id=X - Update user
|
||||
* DELETE /api/admin/users.php?id=X - Delete user
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
require_once dirname(__DIR__) . '/config.php';
|
||||
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
|
||||
require_once dirname(__DIR__) . '/includes/AuditLog.php';
|
||||
require_once __DIR__ . '/handlers/users-handlers.php';
|
||||
|
||||
// Set headers
|
||||
setCorsHeaders();
|
||||
setSecurityHeaders();
|
||||
setNoCacheHeaders();
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
// Require authentication
|
||||
$authData = JWTAuth::requireAuth();
|
||||
AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
|
||||
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
$userId = isset($_GET['id']) ? (int) $_GET['id'] : null;
|
||||
$currentUserId = $authData['user_id'];
|
||||
|
||||
try {
|
||||
$pdo = db();
|
||||
|
||||
switch ($method) {
|
||||
case 'GET':
|
||||
requirePermission($authData, 'users.view');
|
||||
handleGetUser($pdo);
|
||||
break;
|
||||
|
||||
case 'POST':
|
||||
requirePermission($authData, 'users.create');
|
||||
handleCreateUser($pdo, $authData);
|
||||
break;
|
||||
|
||||
case 'PUT':
|
||||
requirePermission($authData, 'users.edit');
|
||||
if (!$userId) {
|
||||
errorResponse('ID uživatele je povinné');
|
||||
}
|
||||
handleUpdateUser($pdo, $userId, $currentUserId, $authData);
|
||||
break;
|
||||
|
||||
case 'DELETE':
|
||||
requirePermission($authData, 'users.delete');
|
||||
if (!$userId) {
|
||||
errorResponse('ID uživatele je povinné');
|
||||
}
|
||||
handleDeleteUser($pdo, $userId, $currentUserId);
|
||||
break;
|
||||
|
||||
default:
|
||||
errorResponse('Metoda není povolena', 405);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
error_log('Users API error: ' . $e->getMessage());
|
||||
if (DEBUG_MODE) {
|
||||
errorResponse('Chyba databáze: ' . $e->getMessage(), 500);
|
||||
} else {
|
||||
errorResponse('Chyba databáze', 500);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user