boris/Ecobuddy
1
0
Fork 0
Code Issues 12 Pull Requests Packages Projects 1 Releases Wiki Activity
Files
main
Ecobuddy/facilitycontroller.php
boris 78508a7cbd erm 
Signed-off-by: boris <boris@borishub.co.uk>
2025-04-20 16:49:23 +01:00

214 lines
8.3 KiB
PHP
Raw Permalink Blame History

<?php
require_once('Models/AuthService.php');
require_once('Models/FacilityDataSet.php');
require_once('Models/User.php');
// Enable CORS
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization');
header('Content-Type: application/json');
// Handle OPTIONS request
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit;
}
try {
$facilityDataSet = new FacilityDataSet();
// Handle POST requests for CRUD operations
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
// Set up request data
$request = [
'action' => $action,
'data' => $_POST
];
// Apply different authentication checks based on action
if ($action === 'read' || $action === 'getStatuses') {
// These actions don't require authentication
// No authentication check needed
} else if (in_array($action, ['create', 'update', 'delete', 'editStatus', 'deleteStatus'])) {
// These actions require admin privileges
$auth = User::checkAdmin();
if (!$auth) {
// The checkAdmin method already sent the error response
exit;
}
} else if ($action === 'status') {
// This action requires authentication but not admin privileges
$auth = User::checkAuth();
if (!$auth) {
// The checkAuth method already sent the error response
exit;
}
} else {
// Unknown action
http_response_code(400);
echo json_encode(['error' => 'Invalid action']);
exit;
}
// Process the action
switch ($action) {
case 'read':
$facilities = $facilityDataSet->fetchAll();
if ($facilities) {
echo json_encode(['success' => true, 'facilities' => $facilities]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to fetch facilities']);
}
break;
case 'create':
try {
$data = [
'title' => $_POST['title'],
'category' => $_POST['category'],
'description' => $_POST['description'],
'houseNumber' => $_POST['houseNumber'],
'streetName' => $_POST['streetName'],
'county' => $_POST['county'],
'town' => $_POST['town'],
'postcode' => $_POST['postcode'],
'lng' => $_POST['lng'],
'lat' => $_POST['lat'],
'contributor' => $auth['username']
];
$facility = $facilityDataSet->createFacility($data);
if ($facility) {
echo json_encode(['success' => true, 'facility' => $facility]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to create facility']);
}
} catch (Exception $e) {
http_response_code(400);
echo json_encode(['error' => $e->getMessage()]);
}
break;
case 'update':
try {
$id = $_POST['id'];
$data = [
'title' => $_POST['title'],
'category' => $_POST['category'],
'description' => $_POST['description'],
'houseNumber' => $_POST['houseNumber'],
'streetName' => $_POST['streetName'],
'county' => $_POST['county'],
'town' => $_POST['town'],
'postcode' => $_POST['postcode'],
'lng' => $_POST['lng'],
'lat' => $_POST['lat'],
'contributor' => $auth['username']
];
$facility = $facilityDataSet->updateFacility($id, $data);
if ($facility) {
echo json_encode(['success' => true, 'facility' => $facility]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to update facility']);
}
} catch (Exception $e) {
http_response_code(400);
echo json_encode(['error' => $e->getMessage()]);
}
break;
case 'delete':
$id = $_POST['id'];
if ($facilityDataSet->deleteFacility($id)) {
echo json_encode(['success' => true]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to delete facility']);
}
break;
case 'status':
$facilityId = $_POST['facilityId'];
$statusComment = $_POST['statusComment'];
if ($facilityDataSet->addFacilityStatus($facilityId, $statusComment)) {
echo json_encode(['success' => true]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to add status']);
}
break;
case 'getStatuses':
if (!isset($_POST['facilityId'])) {
http_response_code(400);
echo json_encode(['error' => 'Facility ID is required']);
break;
}
$facilityId = $_POST['facilityId'];
try {
$statuses = $facilityDataSet->getFacilityStatuses($facilityId);
if ($statuses === false) {
throw new Exception('Failed to fetch facility statuses');
}
echo json_encode([
'success' => true,
'statuses' => $statuses
]);
} catch (Exception $e) {
error_log('Error getting facility statuses: ' . $e->getMessage());
http_response_code(500);
echo json_encode([
'error' => 'Failed to load comments',
'message' => $e->getMessage()
]);
}
break;
case 'editStatus':
$statusId = $_POST['statusId'];
$statusComment = $_POST['statusComment'];
if ($facilityDataSet->updateFacilityStatus($statusId, $statusComment)) {
echo json_encode(['success' => true]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to update status']);
}
break;
case 'deleteStatus':
$statusId = $_POST['statusId'];
if ($facilityDataSet->deleteFacilityStatus($statusId)) {
echo json_encode(['success' => true]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to delete status']);
}
break;
default:
http_response_code(400);
echo json_encode(['error' => 'Invalid action']);
break;
}
} else {
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
}
} catch (Exception $e) {
error_log('Facility controller error: ' . $e->getMessage());
http_response_code(500);
echo json_encode(['error' => 'Server error', 'message' => $e->getMessage()]);
}
Reference in New Issue View Git Blame Copy Permalink