updated api
This commit is contained in:
91
handlers/activity.php
Normal file
91
handlers/activity.php
Normal file
@ -0,0 +1,91 @@
|
||||
<?php
|
||||
|
||||
$tokenRec = require_valid_token();
|
||||
require_role(['admin', 'supervisor'], $tokenRec);
|
||||
|
||||
if ($method !== 'GET') {
|
||||
json_error('METHOD_NOT_ALLOWED', 'Method not allowed', 405);
|
||||
}
|
||||
|
||||
$limit = min(500, max(1, (int)($_GET['limit'] ?? 100)));
|
||||
$offset = max(0, (int)($_GET['offset'] ?? 0));
|
||||
$since = isset($_GET['since']) ? (int)$_GET['since'] : null;
|
||||
$until = isset($_GET['until']) ? (int)$_GET['until'] : null;
|
||||
$action = trim($_GET['action'] ?? '');
|
||||
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(false);
|
||||
|
||||
$role = $tokenRec['role'] ?? '';
|
||||
$entityID = $tokenRec['entityID'] ?? '';
|
||||
|
||||
$where = ['1=1'];
|
||||
$params = [];
|
||||
|
||||
if ($role === 'supervisor') {
|
||||
$where[] = "(
|
||||
(ae.actorRole = 'coach' AND ae.actorEntityID IN (
|
||||
SELECT coachID FROM coach WHERE supervisorID = :sup_id
|
||||
))
|
||||
OR (ae.targetType = 'client' AND ae.targetID IN (
|
||||
SELECT clientCode FROM client WHERE coachID IN (
|
||||
SELECT coachID FROM coach WHERE supervisorID = :sup_id2
|
||||
)
|
||||
))
|
||||
OR (ae.actorRole = 'supervisor' AND ae.actorEntityID = :sup_self)
|
||||
)";
|
||||
$params[':sup_id'] = $entityID;
|
||||
$params[':sup_id2'] = $entityID;
|
||||
$params[':sup_self'] = $entityID;
|
||||
}
|
||||
|
||||
if ($since !== null) {
|
||||
$where[] = 'ae.createdAt >= :since';
|
||||
$params[':since'] = $since;
|
||||
}
|
||||
if ($until !== null) {
|
||||
$where[] = 'ae.createdAt <= :until';
|
||||
$params[':until'] = $until;
|
||||
}
|
||||
if ($action !== '') {
|
||||
$where[] = 'ae.action = :action';
|
||||
$params[':action'] = $action;
|
||||
}
|
||||
|
||||
$whereSql = implode(' AND ', $where);
|
||||
|
||||
$countStmt = $pdo->prepare("SELECT COUNT(*) FROM activity_event ae WHERE $whereSql");
|
||||
$countStmt->execute($params);
|
||||
$total = (int)$countStmt->fetchColumn();
|
||||
|
||||
$sql = "
|
||||
SELECT ae.eventID, ae.createdAt, ae.actorUserID, ae.actorUsername, ae.actorRole,
|
||||
ae.actorEntityID, ae.action, ae.targetType, ae.targetID, ae.summary, ae.detailsJson
|
||||
FROM activity_event ae
|
||||
WHERE $whereSql
|
||||
ORDER BY ae.createdAt DESC
|
||||
LIMIT :lim OFFSET :off
|
||||
";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
foreach ($params as $k => $v) {
|
||||
$stmt->bindValue($k, $v);
|
||||
}
|
||||
$stmt->bindValue(':lim', $limit, PDO::PARAM_INT);
|
||||
$stmt->bindValue(':off', $offset, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
$events = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
foreach ($events as &$e) {
|
||||
$e['createdAt'] = (int)$e['createdAt'];
|
||||
$e['details'] = json_decode($e['detailsJson'] ?? '{}', true) ?: [];
|
||||
unset($e['detailsJson']);
|
||||
}
|
||||
unset($e);
|
||||
|
||||
qdb_discard($tmpDb, $lockFp);
|
||||
|
||||
json_success([
|
||||
'events' => $events,
|
||||
'total' => $total,
|
||||
'limit' => $limit,
|
||||
'offset' => $offset,
|
||||
]);
|
||||
Reference in New Issue
Block a user