request_method === 'GET') { $API_office_stompjes->checkPermissions('office-stompjes', 'RO'); if (isset($_GET['frontend'])) { # This one is used by the frontend and is filtered by date. $stompjes = $API_office_stompjes->getStomp(true); } else { $stompjes = $API_office_stompjes->getStomp(); } $API_office_stompjes->apiOutput($code = 200, ['success' => $stompjes]); } elseif ($API_office_stompjes->request_method === 'POST') { $API_office_stompjes->checkPermissions('office-stompjes-canstomp', 'RW'); $API_office_stompjes->return_url = false; $requiredFields = [ 'user_uuid' => ['type' => 'uuid'] ]; $API_office_stompjes->validateData($requiredFields); $API_office_stompjes->addStomp(); } elseif ($API_office_stompjes->request_method === 'DELETE') { # Only superuser can delete permission due to fact that the backend needs programming when setting a permission $API_office_stompjes->checkPermissions('office-stompjes', 'RW'); # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection $API_office_stompjes->return_url = false; $requiredFields = ['stomp_uuid' => ['type' => 'uuid']]; $API_office_stompjes->validateData($requiredFields); # delete permission $API_office_stompjes->deleteStomp(); }