74fdea3f9e
All checks were successful
Deploy Workshop-Wahlen (DEV / PROD) / deploy (push) Successful in 12s
191 lines
5.7 KiB
PHP
191 lines
5.7 KiB
PHP
<?php
|
|
if (!defined('ABSPATH')) exit;
|
|
|
|
function kc_api_permission_check() {
|
|
if (!is_user_logged_in()) {
|
|
return new WP_Error(
|
|
'kc_api_auth_required',
|
|
'Authentifizierung erforderlich.',
|
|
['status' => 401]
|
|
);
|
|
}
|
|
|
|
if (!current_user_can('manage_options')) {
|
|
return new WP_Error(
|
|
'kc_api_forbidden',
|
|
'Keine Berechtigung für diese API.',
|
|
['status' => 403]
|
|
);
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
function kc_api_get_wahlen(WP_REST_Request $request) {
|
|
global $wpdb;
|
|
$prefix = $wpdb->prefix;
|
|
|
|
$rows = $wpdb->get_results("SELECT id, name, anzahl_einheiten, freigegeben FROM {$prefix}kc_wahlen WHERE deleted=0 ORDER BY id DESC");
|
|
|
|
$data = [];
|
|
foreach ((array) $rows as $row) {
|
|
$data[] = [
|
|
'id' => intval($row->id),
|
|
'name' => (string) $row->name,
|
|
'anzahl_einheiten' => max(1, intval($row->anzahl_einheiten)),
|
|
'freigegeben' => intval($row->freigegeben) === 1,
|
|
];
|
|
}
|
|
|
|
return rest_ensure_response([
|
|
'success' => true,
|
|
'count' => count($data),
|
|
'items' => $data,
|
|
]);
|
|
}
|
|
|
|
function kc_api_get_wahl_zuteilungen(WP_REST_Request $request) {
|
|
global $wpdb;
|
|
$prefix = $wpdb->prefix;
|
|
|
|
$wahl_id = intval($request->get_param('id'));
|
|
if ($wahl_id <= 0) {
|
|
return new WP_Error('kc_api_invalid_id', 'Ungültige Wahl-ID.', ['status' => 400]);
|
|
}
|
|
|
|
$wahl = $wpdb->get_row($wpdb->prepare(
|
|
"SELECT id, name, anzahl_einheiten FROM {$prefix}kc_wahlen WHERE id=%d AND deleted=0",
|
|
$wahl_id
|
|
));
|
|
|
|
if (!$wahl) {
|
|
return new WP_Error('kc_api_wahl_not_found', 'Wahl nicht gefunden.', ['status' => 404]);
|
|
}
|
|
|
|
$rows = $wpdb->get_results($wpdb->prepare(
|
|
"SELECT z.id, z.teilnehmer_id, z.vorname, z.nachname, z.phase, z.workshop_id, z.wunsch_rang, ws.name AS workshop_name
|
|
FROM {$prefix}kc_zuteilung z
|
|
LEFT JOIN {$prefix}kc_workshops ws ON ws.id = z.workshop_id
|
|
WHERE z.wahl_id = %d
|
|
ORDER BY z.phase ASC, z.nachname ASC, z.vorname ASC",
|
|
$wahl_id
|
|
));
|
|
|
|
$items = [];
|
|
foreach ((array) $rows as $row) {
|
|
$items[] = [
|
|
'id' => intval($row->id),
|
|
'teilnehmer_id' => intval($row->teilnehmer_id),
|
|
'vorname' => (string) $row->vorname,
|
|
'nachname' => (string) $row->nachname,
|
|
'phase' => intval($row->phase),
|
|
'workshop_id' => $row->workshop_id !== null ? intval($row->workshop_id) : null,
|
|
'workshop_name' => $row->workshop_name !== null ? (string) $row->workshop_name : null,
|
|
'wunsch_rang' => $row->wunsch_rang !== null ? intval($row->wunsch_rang) : null,
|
|
];
|
|
}
|
|
|
|
return rest_ensure_response([
|
|
'success' => true,
|
|
'wahl' => [
|
|
'id' => intval($wahl->id),
|
|
'name' => (string) $wahl->name,
|
|
'anzahl_einheiten' => max(1, intval($wahl->anzahl_einheiten)),
|
|
],
|
|
'count' => count($items),
|
|
'items' => $items,
|
|
]);
|
|
}
|
|
|
|
function kc_api_get_status(WP_REST_Request $request) {
|
|
$user = wp_get_current_user();
|
|
|
|
return rest_ensure_response([
|
|
'success' => true,
|
|
'authenticated' => is_user_logged_in(),
|
|
'authorized' => current_user_can('manage_options'),
|
|
'user' => [
|
|
'id' => intval($user->ID),
|
|
'login' => (string) $user->user_login,
|
|
'display_name' => (string) $user->display_name,
|
|
],
|
|
]);
|
|
}
|
|
|
|
add_action('rest_api_init', function() {
|
|
register_rest_route('kc-internal/v1', '/status', [
|
|
'methods' => WP_REST_Server::READABLE,
|
|
'callback' => 'kc_api_get_status',
|
|
'permission_callback' => 'kc_api_permission_check',
|
|
]);
|
|
|
|
register_rest_route('kc-internal/v1', '/wahlen', [
|
|
'methods' => WP_REST_Server::READABLE,
|
|
'callback' => 'kc_api_get_wahlen',
|
|
'permission_callback' => 'kc_api_permission_check',
|
|
]);
|
|
|
|
register_rest_route('kc-internal/v1', '/wahlen/(?P<id>\d+)/zuteilungen', [
|
|
'methods' => WP_REST_Server::READABLE,
|
|
'callback' => 'kc_api_get_wahl_zuteilungen',
|
|
'permission_callback' => 'kc_api_permission_check',
|
|
'args' => [
|
|
'id' => [
|
|
'validate_callback' => function($param) {
|
|
return is_numeric($param) && intval($param) > 0;
|
|
}
|
|
]
|
|
],
|
|
]);
|
|
});
|
|
|
|
add_filter('rest_index', function($response) {
|
|
if (current_user_can('manage_options')) {
|
|
return $response;
|
|
}
|
|
|
|
if (!($response instanceof WP_REST_Response)) {
|
|
return $response;
|
|
}
|
|
|
|
$data = $response->get_data();
|
|
if (!is_array($data)) {
|
|
return $response;
|
|
}
|
|
|
|
if (!empty($data['namespaces']) && is_array($data['namespaces'])) {
|
|
$data['namespaces'] = array_values(array_filter($data['namespaces'], function($ns) {
|
|
return $ns !== 'kc-internal/v1';
|
|
}));
|
|
}
|
|
|
|
if (!empty($data['routes']) && is_array($data['routes'])) {
|
|
foreach ($data['routes'] as $route => $route_config) {
|
|
if (strpos($route, '/kc-internal/v1/') === 0) {
|
|
unset($data['routes'][$route]);
|
|
}
|
|
}
|
|
}
|
|
|
|
$response->set_data($data);
|
|
return $response;
|
|
});
|
|
|
|
add_filter('rest_post_dispatch', function($response, $server, $request) {
|
|
if (!($response instanceof WP_REST_Response) || !($request instanceof WP_REST_Request)) {
|
|
return $response;
|
|
}
|
|
|
|
$route = $request->get_route();
|
|
if (strpos($route, '/kc-internal/v1/') !== 0) {
|
|
return $response;
|
|
}
|
|
|
|
if (intval($response->get_status()) === 401) {
|
|
$response->header('WWW-Authenticate', 'Basic realm="KC Internal API"');
|
|
$response->header('Cache-Control', 'no-store');
|
|
}
|
|
|
|
return $response;
|
|
}, 10, 3);
|