added trainees endpoint

2024-01-01 10:07:48 +01:00
parent d285f2ba2c
commit 9cd4eb3226
2 changed files with 59 additions and 0 deletions
--- a/homepage/participo/api/inc/bootstrap.php
+++ b/homepage/participo/api/inc/bootstrap.php
@@ -22,6 +22,27 @@ require_once("local/cwsvJudo.php");
 /// - since this is a rest api implementation we can assume each endpoint needs dbAccess
 require_once("participoLib/dbConnector.php");

+function authorize()
+{
+    if (array_key_exists("HTTP_AUTHORIZATION", $_SERVER)) {
+        if (!empty($_SERVER["HTTP_AUTHORIZATION"])) {
+            $auth = explode(" ", $_SERVER["HTTP_AUTHORIZATION"]);
+            if ($auth[0] = "Basic") {
+                $allowKey = ApiKey::loadFromDb($auth[1]);
+            }
+        }
+    }
+
+    if (!$allowKey || !$allowKey->isValidFor("api")) {
+        die(
+            json_encode([
+                "success" => false,
+                "reason" => "apiKey not sufficient or no api key provided",
+            ])
+        );
+    }
+}
+
 /// - initialize the database connection
 dbConnector::connect(
    $cwsvJudoConfig["db"]["host"],
--- a/homepage/participo/api/trainees.php
+++ b/homepage/participo/api/trainees.php
@@ -0,0 +1,38 @@
+<?php
+require_once("inc/bootstrap.php");
+
+require_once 'participoLib/apiKey.php';
+
+function get()
+{
+    $wkSqlQuery =
+        "SELECT DISTINCT" .
+        "  `wkParticipo_Users`.* " .
+        " FROM `wkParticipo_Users`" .
+        " JOIN `wkParticipo_user<=>userAttributes`" .
+        "   ON `wkParticipo_user<=>userAttributes`.`userId` = `wkParticipo_Users`.`id`" .
+        " WHERE `wkParticipo_user<=>userAttributes`.`attributeId` = 4". 
+        " ORDER BY `wkParticipo_Users`.`id` ASC;";
+
+    $wkSqlResponse = dbConnector::query($wkSqlQuery);
+
+    // Postprocessing
+    // - convert the comma separated list into an array
+    foreach ($wkSqlResponse as &$user) {
+        $user["eMail"] = explode(",", $user["eMail"]);
+        foreach ($user["eMail"] as &$email) {
+            $email = trim($email);
+        }
+    }
+    return $wkSqlResponse;
+}
+
+
+authorize();
+$wkSqlResponse = get();
+
+// Sending Response
+// - setting header
+header("Content-Type: application/json");
+// - sending body payload
+echo json_encode($wkSqlResponse);