From 49978a48df0b714ed4e4296f5ac9e5dbcde2b4b0 Mon Sep 17 00:00:00 2001
From: marko <marko@arvi>
Date: Mon, 25 Dec 2023 11:13:26 +0100
Subject: [PATCH] wip: participo rest api `users` endpoint

---
 homepage/participo/api/users.php | 79 ++++++++++++++++++--------------
 1 file changed, 44 insertions(+), 35 deletions(-)

diff --git a/homepage/participo/api/users.php b/homepage/participo/api/users.php
index c30f7af..2e50205 100644
--- a/homepage/participo/api/users.php
+++ b/homepage/participo/api/users.php
@@ -7,52 +7,61 @@ require_once 'local/cwsvJudo.php';
 
 require_once 'participoLib/participo.php';
 
+$db = dbConnector::connect(
+    $cwsvJudoConfig['db']['host'],
+    $cwsvJudoConfig['db']['name'],
+    $cwsvJudoConfig['db']['user'],
+    $cwsvJudoConfig['db']['password']
+);    
 
-if(array_key_exists("HTTP_AUTHORIZATION", $_SERVER)){
-    if(!empty($_SERVER["HTTP_AUTHORIZATION"])){
-        $auth = explode(" ", $_SERVER["HTTP_AUTHORIZATION"]);
-        if($auth[0]="Basic"){
-            $db = dbConnector::connect(
-                $cwsvJudoConfig['db']['host'],
-                $cwsvJudoConfig['db']['name'],
-                $cwsvJudoConfig['db']['user'],
-                $cwsvJudoConfig['db']['password']
-            );
-            $allowKey = ApiKey::loadFromDb($auth[1]);
+function authorize(){
+    if(array_key_exists("HTTP_AUTHORIZATION", $_SERVER)){
+        if(!empty($_SERVER["HTTP_AUTHORIZATION"])){
+            $auth = explode(" ", $_SERVER["HTTP_AUTHORIZATION"]);
+            if($auth[0]="Basic"){
+                $allowKey = ApiKey::loadFromDb($auth[1]);
+            }
         }
     }
-}
 
-if (!$allowKey || !$allowKey->isValidFor('api')) {
-    die(json_encode(['success' => false]));
-}
-
-$wkSqlQuery = "SELECT DISTINCT"
-    ."  `wkParticipo_Users`.* "
-    ." FROM `wkParticipo_Users`"
-    ." JOIN `vormundschaft`"
-    ."   ON `wkParticipo_Users`.`id` =`vormundschaft`.`userId`"
-    ." JOIN `wkParticipo_user<=>userAttributes`"
-    ."   ON `wkParticipo_user<=>userAttributes`.`userId` = `vormundschaft`.`kidId`"
-    ." WHERE `wkParticipo_user<=>userAttributes`.`attributeId` = 4"
-    ." ORDER BY `wkParticipo_Users`.`id` ASC;";
-
-$wkSqlResponse = dbConnector::query($wkSqlQuery);
-
-// Postprocessing
-// - convert the comma separated list into an array
-foreach( $wkSqlResponse as &$user){
-    $user['eMail'] = explode(",", $user['eMail']);
-    foreach( $user['eMail'] as &$email){
-        $email = trim($email);
+    if (!$allowKey || !$allowKey->isValidFor('api')) {
+        die(json_encode(['success' => false]));
     }
 }
 
+function get(){
+    $wkSqlQuery = "SELECT DISTINCT"
+        ."  `wkParticipo_Users`.* "
+        ." FROM `wkParticipo_Users`"
+        ." JOIN `vormundschaft`"
+        ."   ON `wkParticipo_Users`.`id` =`vormundschaft`.`userId`"
+        ." JOIN `wkParticipo_user<=>userAttributes`"
+        ."   ON `wkParticipo_user<=>userAttributes`.`userId` = `vormundschaft`.`kidId`"
+        ." WHERE `wkParticipo_user<=>userAttributes`.`attributeId` = 4"
+        ." ORDER BY `wkParticipo_Users`.`id` ASC;";
+
+    $wkSqlResponse = dbConnector::query($wkSqlQuery);
+
+    // Postprocessing
+    // - convert the comma separated list into an array
+    foreach( $wkSqlResponse as &$user){
+        $user['eMail'] = explode(",", $user['eMail']);
+        foreach( $user['eMail'] as &$email){
+            $email = trim($email);
+        }
+    }
+    return $wkSqlResponse;
+}
+
+authorize();
+$wkSqlResponse = get();
+
 // Sending Response
 // - setting header
 header('Content-Type: application/json');
 // - sending body payload
-echo(
+// @todo die() seems to be more a error handling function. But echo+exit doesn't seem to close the connection (?). What leads to pythons requests.get() always wait for the complete timeout.
+die(
     json_encode($wkSqlResponse)
 );