v1.0 Initial commit of project

pub/api/v1/users/index.php

@@ -0,0 +1,89 @@
+<?php
+
+use api\classes\API_users;
+
+session_start();
+require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
+
+$API_users = new API_users();
+
+if ($API_users->request_method === 'GET') {
+    #echo json_encode($api->getAllUsers());
+
+
+} elseif ($API_users->request_method === 'POST') {
+    # create a new user
+    $API_users->checkPermissions('admin-access-admins', 'RW');
+
+    $requiredFields = [
+        'user_group_uuid' => ['type' => 'uuid'],
+        'user_email' => ['type' => 'email'],
+        'user_first_name' => ['type' => 'string'],
+        'user_last_name' => ['type' => 'string'],
+        'user_full_name' => ['type' => 'string'],
+        'user_phone_number' => ['type' => 'string'],
+        'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
+        'user_password' => ['type' => 'string'],
+        'user_pref_language' => ['type' => 'string'],
+        'user_password_reset_token' => ['type' => 'string'],
+        'user_password_reset_expires' => ['type' => 'int'],
+    ];
+
+    # The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email
+    $random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
+    $user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
+    $API_users->postedData['user_password'] = $user_password;
+
+    $API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
+    $API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
+
+    # Password reset token that will be send to the newly created user
+    $API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
+    $API_users->postedData['user_password_reset_expires'] = time() + 86400;
+
+    $API_users->validateData($requiredFields);
+    $API_users->createUser();
+
+} elseif ($API_users->request_method === 'PUT') {
+
+    # Edit a user
+    $API_users->checkPermissions('admin-access-admins', 'RW');
+
+    $requiredFields = [
+        'user_uuid' => ['type' => 'uuid'],
+        'user_group_uuid' => ['type' => 'uuid'],
+        'user_email' => ['type' => 'email'],
+        'user_first_name' => ['type' => 'string'],
+        'user_last_name' => ['type' => 'string'],
+        'user_full_name' => ['type' => 'string'],
+        'user_phone_number' => ['type' => 'string'],
+        'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
+        'user_pref_language' => ['type' => 'string'],
+        'user_stompable' => ['type' => 'boolean']
+    ];
+
+    $API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
+    $API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
+    $API_users->postedData['user_stompable'] = (bool)$_POST['user_stompable'];
+
+
+    $API_users->validateData($requiredFields);
+
+
+    $API_users->updateUser();
+
+} elseif ($API_users->request_method === 'DELETE') {
+
+
+    $API_users->return_url = false;
+
+    $API_users->checkPermissions('admin-access-admins', 'RW');
+    $requiredFields = [
+        'user_uuid' => ['type' => 'uuid'],
+    ];
+
+
+    $API_users->validateData($requiredFields);
+
+    $API_users->deleteUser();
+}