diff --git a/includes/api.php b/includes/api.php new file mode 100644 index 0000000..7404b59 --- /dev/null +++ b/includes/api.php @@ -0,0 +1,133 @@ + 401] + ); + } + + if (!current_user_can('manage_options')) { + return new WP_Error( + 'kc_api_forbidden', + 'Keine Berechtigung für diese API.', + ['status' => 403] + ); + } + + return true; +} + +function kc_api_get_wahlen(WP_REST_Request $request) { + global $wpdb; + $prefix = $wpdb->prefix; + + $rows = $wpdb->get_results("SELECT id, name, anzahl_einheiten, freigegeben FROM {$prefix}kc_wahlen WHERE deleted=0 ORDER BY id DESC"); + + $data = []; + foreach ((array) $rows as $row) { + $data[] = [ + 'id' => intval($row->id), + 'name' => (string) $row->name, + 'anzahl_einheiten' => max(1, intval($row->anzahl_einheiten)), + 'freigegeben' => intval($row->freigegeben) === 1, + ]; + } + + return rest_ensure_response([ + 'success' => true, + 'count' => count($data), + 'items' => $data, + ]); +} + +function kc_api_get_wahl_zuteilungen(WP_REST_Request $request) { + global $wpdb; + $prefix = $wpdb->prefix; + + $wahl_id = intval($request->get_param('id')); + if ($wahl_id <= 0) { + return new WP_Error('kc_api_invalid_id', 'Ungültige Wahl-ID.', ['status' => 400]); + } + + $wahl = $wpdb->get_row($wpdb->prepare( + "SELECT id, name, anzahl_einheiten FROM {$prefix}kc_wahlen WHERE id=%d AND deleted=0", + $wahl_id + )); + + if (!$wahl) { + return new WP_Error('kc_api_wahl_not_found', 'Wahl nicht gefunden.', ['status' => 404]); + } + + $rows = $wpdb->get_results($wpdb->prepare( + "SELECT z.id, z.teilnehmer_id, z.vorname, z.nachname, z.phase, z.workshop_id, z.wunsch_rang, ws.name AS workshop_name + FROM {$prefix}kc_zuteilung z + LEFT JOIN {$prefix}kc_workshops ws ON ws.id = z.workshop_id + WHERE z.wahl_id = %d + ORDER BY z.phase ASC, z.nachname ASC, z.vorname ASC", + $wahl_id + )); + + $items = []; + foreach ((array) $rows as $row) { + $items[] = [ + 'id' => intval($row->id), + 'teilnehmer_id' => intval($row->teilnehmer_id), + 'vorname' => (string) $row->vorname, + 'nachname' => (string) $row->nachname, + 'phase' => intval($row->phase), + 'workshop_id' => $row->workshop_id !== null ? intval($row->workshop_id) : null, + 'workshop_name' => $row->workshop_name !== null ? (string) $row->workshop_name : null, + 'wunsch_rang' => $row->wunsch_rang !== null ? intval($row->wunsch_rang) : null, + ]; + } + + return rest_ensure_response([ + 'success' => true, + 'wahl' => [ + 'id' => intval($wahl->id), + 'name' => (string) $wahl->name, + 'anzahl_einheiten' => max(1, intval($wahl->anzahl_einheiten)), + ], + 'count' => count($items), + 'items' => $items, + ]); +} + +add_action('rest_api_init', function() { + register_rest_route('kc-internal/v1', '/wahlen', [ + 'methods' => WP_REST_Server::READABLE, + 'callback' => 'kc_api_get_wahlen', + 'permission_callback' => 'kc_api_permission_check', + ]); + + register_rest_route('kc-internal/v1', '/wahlen/(?P\d+)/zuteilungen', [ + 'methods' => WP_REST_Server::READABLE, + 'callback' => 'kc_api_get_wahl_zuteilungen', + 'permission_callback' => 'kc_api_permission_check', + 'args' => [ + 'id' => [ + 'validate_callback' => function($param) { + return is_numeric($param) && intval($param) > 0; + } + ] + ], + ]); +}); + +add_filter('rest_endpoints', function($endpoints) { + if (current_user_can('manage_options')) { + return $endpoints; + } + + foreach ($endpoints as $route => $handlers) { + if (strpos($route, '/kc-internal/v1/') === 0) { + unset($endpoints[$route]); + } + } + + return $endpoints; +}); diff --git a/konficastle-workshopwahl.php b/konficastle-workshopwahl.php index 3468ac7..9de3620 100644 --- a/konficastle-workshopwahl.php +++ b/konficastle-workshopwahl.php @@ -77,4 +77,5 @@ require_once plugin_dir_path(__FILE__).'includes/frontend-form.php'; require_once plugin_dir_path(__FILE__).'includes/frontend-ergebnis.php'; require_once plugin_dir_path(__FILE__).'includes/zuteilungslogik.php'; require_once plugin_dir_path(__FILE__).'includes/admin-data.php'; +require_once plugin_dir_path(__FILE__).'includes/api.php'; require_once plugin_dir_path(__FILE__).'install.php'; \ No newline at end of file