62 lines
2.3 KiB
PHP
62 lines
2.3 KiB
PHP
<?php
|
|
// api/controllers/BantuanController.php
|
|
class BantuanController {
|
|
public function index(): void {
|
|
requireAuth([ROLE_ADMIN, ROLE_PENGURUS, ROLE_PIMPINAN]);
|
|
$db = getDB();
|
|
$rows = $db->query("SELECT * FROM bantuan ORDER BY kategori, nama_bantuan")->fetchAll();
|
|
jsonSuccess($rows);
|
|
}
|
|
public function show(string $id): void {
|
|
requireAuth([ROLE_ADMIN, ROLE_PENGURUS, ROLE_PIMPINAN]);
|
|
$db = getDB();
|
|
$stmt = $db->prepare("SELECT * FROM bantuan WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$row = $stmt->fetch();
|
|
if (!$row) jsonError('Jenis bantuan tidak ditemukan', 404);
|
|
jsonSuccess($row);
|
|
}
|
|
public function store(): void {
|
|
requireAuth([ROLE_ADMIN, ROLE_PENGURUS]);
|
|
$body = getBody();
|
|
$errs = required($body, ['nama_bantuan', 'kategori']);
|
|
if ($errs) jsonError(implode('; ', $errs));
|
|
$db = getDB();
|
|
$db->prepare(
|
|
"INSERT INTO bantuan (nama_bantuan, kategori, sumber, deskripsi, satuan)
|
|
VALUES (?,?,?,?,?)"
|
|
)->execute([
|
|
sanitize($body['nama_bantuan']),
|
|
$body['kategori'],
|
|
sanitize($body['sumber'] ?? ''),
|
|
sanitize($body['deskripsi'] ?? ''),
|
|
sanitize($body['satuan'] ?? ''),
|
|
]);
|
|
jsonSuccess(['id' => getDB()->lastInsertId()], 'Jenis bantuan ditambahkan', 201);
|
|
}
|
|
public function update(string $id): void {
|
|
requireAuth([ROLE_ADMIN, ROLE_PENGURUS]);
|
|
$body = getBody();
|
|
$db = getDB();
|
|
$db->prepare(
|
|
"UPDATE bantuan SET nama_bantuan=?, kategori=?, sumber=?, deskripsi=?, satuan=?, aktif=?
|
|
WHERE id=?"
|
|
)->execute([
|
|
sanitize($body['nama_bantuan'] ?? ''),
|
|
$body['kategori'] ?? 'lainnya',
|
|
sanitize($body['sumber'] ?? ''),
|
|
sanitize($body['deskripsi'] ?? ''),
|
|
sanitize($body['satuan'] ?? ''),
|
|
(int)($body['aktif'] ?? 1),
|
|
$id,
|
|
]);
|
|
jsonSuccess([], 'Jenis bantuan diperbarui');
|
|
}
|
|
public function destroy(string $id): void {
|
|
requireAuth([ROLE_ADMIN]);
|
|
$db = getDB();
|
|
$db->prepare("DELETE FROM bantuan WHERE id = ?")->execute([$id]);
|
|
jsonSuccess([], 'Jenis bantuan dihapus');
|
|
}
|
|
}
|