edit files
This commit is contained in:
@@ -0,0 +1,74 @@
|
||||
<?php
|
||||
// api/controllers/UserController.php
|
||||
class UserController {
|
||||
public function index(): void {
|
||||
requireAuth([ROLE_ADMIN]);
|
||||
$db = getDB();
|
||||
$rows = $db->query(
|
||||
"SELECT u.id, u.username, u.nama_lengkap, u.email, u.no_hp,
|
||||
u.aktif, u.last_login, u.created_at, r.nama_role
|
||||
FROM user u JOIN role r ON u.id_role=r.id ORDER BY r.id, u.nama_lengkap"
|
||||
)->fetchAll();
|
||||
jsonSuccess($rows);
|
||||
}
|
||||
public function show(string $id): void {
|
||||
requireAuth([ROLE_ADMIN]);
|
||||
$db = getDB();
|
||||
$stmt = $db->prepare(
|
||||
"SELECT u.id, u.username, u.nama_lengkap, u.email, u.no_hp, u.aktif, r.nama_role
|
||||
FROM user u JOIN role r ON u.id_role=r.id WHERE u.id=?"
|
||||
);
|
||||
$stmt->execute([$id]);
|
||||
$row = $stmt->fetch();
|
||||
if (!$row) jsonError('User tidak ditemukan',404);
|
||||
jsonSuccess($row);
|
||||
}
|
||||
public function store(): void {
|
||||
requireAuth([ROLE_ADMIN]);
|
||||
$body = getBody();
|
||||
$errs = required($body, ['username','password','nama_lengkap','id_role']);
|
||||
if ($errs) jsonError(implode('; ',$errs));
|
||||
if (strlen($body['password']) < 6) jsonError('Password minimal 6 karakter');
|
||||
$db = getDB();
|
||||
$chk = $db->prepare("SELECT id FROM user WHERE username=?");
|
||||
$chk->execute([$body['username']]);
|
||||
if ($chk->fetch()) jsonError('Username sudah dipakai',409);
|
||||
$db->prepare(
|
||||
"INSERT INTO user (id_role,username,password_hash,nama_lengkap,email,no_hp)
|
||||
VALUES (?,?,?,?,?,?)"
|
||||
)->execute([
|
||||
(int)$body['id_role'],
|
||||
sanitize($body['username']),
|
||||
password_hash($body['password'], PASSWORD_BCRYPT),
|
||||
sanitize($body['nama_lengkap']),
|
||||
sanitize($body['email'] ?? ''),
|
||||
sanitize($body['no_hp'] ?? ''),
|
||||
]);
|
||||
jsonSuccess(['id' => $db->lastInsertId()], 'User dibuat',201);
|
||||
}
|
||||
public function update(string $id): void {
|
||||
requireAuth([ROLE_ADMIN]);
|
||||
$body = getBody();
|
||||
$db = getDB();
|
||||
$sets = ["nama_lengkap=?","email=?","no_hp=?","id_role=?","aktif=?"];
|
||||
$vals = [
|
||||
sanitize($body['nama_lengkap'] ?? ''),
|
||||
sanitize($body['email'] ?? ''),
|
||||
sanitize($body['no_hp'] ?? ''),
|
||||
(int)($body['id_role'] ?? 4),
|
||||
(int)($body['aktif'] ?? 1),
|
||||
];
|
||||
if (!empty($body['password'])) {
|
||||
$sets[] = "password_hash=?";
|
||||
$vals[] = password_hash($body['password'], PASSWORD_BCRYPT);
|
||||
}
|
||||
$vals[] = $id;
|
||||
$db->prepare("UPDATE user SET " . implode(',',$sets) . " WHERE id=?")->execute($vals);
|
||||
jsonSuccess([],'User diperbarui');
|
||||
}
|
||||
public function destroy(string $id): void {
|
||||
requireAuth([ROLE_ADMIN]);
|
||||
getDB()->prepare("UPDATE user SET aktif=0 WHERE id=?")->execute([$id]);
|
||||
jsonSuccess([],'User dinonaktifkan');
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user