boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
758be819c3e0d0670b248b9977686e510ad93957
app/api/admin/users.php
Simon 5ef6fc8064 refactor: odstraneni PSR-1 SideEffects warningu 
- Handler funkce extrahovany z API souboru do api/admin/handlers/
- config.php rozdeleny na helpers.php (funkce) a constants.php (konstanty)
- require_once odstranen z class souboru (AuditLog, JWTAuth, LeaveNotification)
- vendor/autoload.php presunuto do config.php bootstrap
- totp-handlers.php: pridany use deklarace pro TwoFactorAuth
- phpstan.neon: bootstrapFiles, scanDirectories, dynamicConstantNames
- Opraveny chybejici routing bloky v totp.php a session.php

Vysledek: phpcs 0 errors 0 warnings, PHPStan 0 errors, ESLint 0 errors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 14:29:21 +01:00

74 lines
2.1 KiB
PHP
Raw Blame History

<?php
/**
* BOHA Automation - Users API
*
* GET /api/admin/users.php - List all users
* POST /api/admin/users.php - Create new user
* PUT /api/admin/users.php?id=X - Update user
* DELETE /api/admin/users.php?id=X - Delete user
*/
declare(strict_types=1);
require_once dirname(__DIR__) . '/config.php';
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
require_once dirname(__DIR__) . '/includes/AuditLog.php';
require_once __DIR__ . '/handlers/users-handlers.php';
// Set headers
setCorsHeaders();
setSecurityHeaders();
setNoCacheHeaders();
header('Content-Type: application/json; charset=utf-8');
// Require authentication
$authData = JWTAuth::requireAuth();
AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
$method = $_SERVER['REQUEST_METHOD'];
$userId = isset($_GET['id']) ? (int) $_GET['id'] : null;
$currentUserId = $authData['user_id'];
try {
$pdo = db();
switch ($method) {
case 'GET':
requirePermission($authData, 'users.view');
handleGetUser($pdo);
break;
case 'POST':
requirePermission($authData, 'users.create');
handleCreateUser($pdo, $authData);
break;
case 'PUT':
requirePermission($authData, 'users.edit');
if (!$userId) {
errorResponse('ID uživatele je povinné');
}
handleUpdateUser($pdo, $userId, $currentUserId, $authData);
break;
case 'DELETE':
requirePermission($authData, 'users.delete');
if (!$userId) {
errorResponse('ID uživatele je povinné');
}
handleDeleteUser($pdo, $userId, $currentUserId);
break;
default:
errorResponse('Metoda není povolena', 405);
}
} catch (PDOException $e) {
error_log('Users API error: ' . $e->getMessage());
if (DEBUG_MODE) {
errorResponse('Chyba databáze: ' . $e->getMessage(), 500);
} else {
errorResponse('Chyba databáze', 500);
}
}
Reference in New Issue View Git Blame Copy Permalink