chore: prepare docker webgis deployment
This commit is contained in:
@@ -0,0 +1,21 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
require_once '../../config.php';
|
||||
require_once '../../auth/helper.php';
|
||||
require_once '../../koneksi.php';
|
||||
require_auth('administrator');
|
||||
|
||||
$sql = "
|
||||
SELECT u.id, u.username, u.nama_lengkap, u.role, u.ibadah_id,
|
||||
u.is_active, u.must_change_password, u.created_at,
|
||||
ri.nama AS nama_ibadah
|
||||
FROM users u
|
||||
LEFT JOIN rumah_ibadah ri ON u.ibadah_id = ri.id AND ri.deleted_at IS NULL
|
||||
ORDER BY u.created_at DESC
|
||||
";
|
||||
$result = $conn->query($sql);
|
||||
$data = [];
|
||||
while ($row = $result->fetch_assoc()) $data[] = $row;
|
||||
|
||||
echo json_encode(['status' => 'success', 'data' => $data]);
|
||||
$conn->close();
|
||||
@@ -0,0 +1,38 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
require_once '../../config.php';
|
||||
require_once '../../auth/helper.php';
|
||||
require_once '../../koneksi.php';
|
||||
require_auth('administrator');
|
||||
require_csrf();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Method not allowed']); exit;
|
||||
}
|
||||
|
||||
$id = (int) ($_POST['id'] ?? 0);
|
||||
if (!$id) { echo json_encode(['status' => 'error', 'message' => 'ID tidak valid']); exit; }
|
||||
|
||||
$chars = 'abcdefghjkmnpqrstuvwxyz';
|
||||
$digits = '23456789';
|
||||
$temp_pw = '';
|
||||
for ($i = 0; $i < 4; $i++) $temp_pw .= $chars[random_int(0, strlen($chars)-1)];
|
||||
for ($i = 0; $i < 4; $i++) $temp_pw .= $digits[random_int(0, strlen($digits)-1)];
|
||||
$temp_pw = str_shuffle($temp_pw);
|
||||
|
||||
$hash = password_hash($temp_pw, PASSWORD_BCRYPT);
|
||||
$stmt = $conn->prepare(
|
||||
"UPDATE users SET password=?, must_change_password=1, login_attempts=0, locked_until=NULL WHERE id=?"
|
||||
);
|
||||
$stmt->bind_param('si', $hash, $id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode([
|
||||
'status' => 'success',
|
||||
'temp_password' => $temp_pw,
|
||||
'message' => 'Password direset. Sampaikan password sementara ini ke pengguna secara langsung.',
|
||||
]);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => $stmt->error]);
|
||||
}
|
||||
$stmt->close(); $conn->close();
|
||||
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
require_once '../../config.php';
|
||||
require_once '../../auth/helper.php';
|
||||
require_once '../../koneksi.php';
|
||||
require_auth('administrator');
|
||||
require_csrf();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Method not allowed']); exit;
|
||||
}
|
||||
|
||||
$username = trim($_POST['username'] ?? '');
|
||||
$nama_lengkap = trim($_POST['nama_lengkap'] ?? '');
|
||||
$password = trim($_POST['password'] ?? '');
|
||||
$role = trim($_POST['role'] ?? '');
|
||||
$ibadah_id = ($_POST['ibadah_id'] ?? '') !== '' ? (int)$_POST['ibadah_id'] : null;
|
||||
|
||||
$valid_roles = ['administrator', 'operator', 'viewer'];
|
||||
if (!$username || !$nama_lengkap || !$password || !in_array($role, $valid_roles)) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Data tidak lengkap atau role tidak valid']); exit;
|
||||
}
|
||||
if (strlen($password) < 8 || !preg_match('/[a-zA-Z]/', $password) || !preg_match('/[0-9]/', $password)) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Password min 8 karakter, kombinasi huruf dan angka']); exit;
|
||||
}
|
||||
if ($role === 'operator' && !$ibadah_id) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Operator harus dikaitkan ke rumah ibadah']); exit;
|
||||
}
|
||||
if ($role !== 'operator') {
|
||||
$ibadah_id = null;
|
||||
}
|
||||
if ($role === 'operator') {
|
||||
$ri_stmt = $conn->prepare("SELECT id FROM rumah_ibadah WHERE id = ? AND deleted_at IS NULL LIMIT 1");
|
||||
$ri_stmt->bind_param('i', $ibadah_id);
|
||||
$ri_stmt->execute();
|
||||
$ri = $ri_stmt->get_result()->fetch_assoc();
|
||||
$ri_stmt->close();
|
||||
if (!$ri) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Rumah ibadah operator tidak valid atau sudah dihapus']); exit;
|
||||
}
|
||||
}
|
||||
|
||||
$hash = password_hash($password, PASSWORD_BCRYPT);
|
||||
|
||||
$stmt = $conn->prepare(
|
||||
"INSERT INTO users (username, nama_lengkap, password, role, ibadah_id, must_change_password)
|
||||
VALUES (?, ?, ?, ?, ?, 1)"
|
||||
);
|
||||
$stmt->bind_param('ssssi', $username, $nama_lengkap, $hash, $role, $ibadah_id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode(['status' => 'success', 'message' => 'Akun berhasil dibuat', 'id' => $conn->insert_id]);
|
||||
} else {
|
||||
$msg = str_contains($conn->error, 'Duplicate') ? "Username '$username' sudah digunakan" : $conn->error;
|
||||
echo json_encode(['status' => 'error', 'message' => $msg]);
|
||||
}
|
||||
$stmt->close(); $conn->close();
|
||||
@@ -0,0 +1,59 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
require_once '../../config.php';
|
||||
require_once '../../auth/helper.php';
|
||||
require_once '../../koneksi.php';
|
||||
require_auth('administrator');
|
||||
require_csrf();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Method not allowed']); exit;
|
||||
}
|
||||
|
||||
$id = (int) ($_POST['id'] ?? 0);
|
||||
if (!$id) { echo json_encode(['status' => 'error', 'message' => 'ID tidak valid']); exit; }
|
||||
|
||||
if ($id === get_user_id()) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Tidak dapat menonaktifkan akun sendiri']); exit;
|
||||
}
|
||||
|
||||
$target_stmt = $conn->prepare("SELECT role, is_active FROM users WHERE id = ? LIMIT 1");
|
||||
$target_stmt->bind_param('i', $id);
|
||||
$target_stmt->execute();
|
||||
$target = $target_stmt->get_result()->fetch_assoc();
|
||||
$target_stmt->close();
|
||||
if (!$target) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Akun tidak ditemukan']); exit;
|
||||
}
|
||||
|
||||
if ($target['role'] === 'administrator' && (int)$target['is_active'] === 1) {
|
||||
$admin_stmt = $conn->prepare(
|
||||
"SELECT COUNT(*) AS n FROM users WHERE role='administrator' AND is_active=1 AND id <> ?"
|
||||
);
|
||||
$admin_stmt->bind_param('i', $id);
|
||||
$admin_stmt->execute();
|
||||
$other_admins = (int)$admin_stmt->get_result()->fetch_assoc()['n'];
|
||||
$admin_stmt->close();
|
||||
if ($other_admins === 0) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Tidak dapat menonaktifkan administrator aktif terakhir']); exit;
|
||||
}
|
||||
}
|
||||
|
||||
$stmt = $conn->prepare("UPDATE users SET is_active = NOT is_active WHERE id = ?");
|
||||
$stmt->bind_param('i', $id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
$s2 = $conn->prepare("SELECT is_active FROM users WHERE id = ?");
|
||||
$s2->bind_param('i', $id);
|
||||
$s2->execute();
|
||||
$r = $s2->get_result()->fetch_assoc();
|
||||
$s2->close();
|
||||
echo json_encode([
|
||||
'status' => 'success',
|
||||
'is_active' => (int)$r['is_active'],
|
||||
'message' => $r['is_active'] ? 'Akun diaktifkan' : 'Akun dinonaktifkan',
|
||||
]);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => $stmt->error]);
|
||||
}
|
||||
$stmt->close(); $conn->close();
|
||||
@@ -0,0 +1,73 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
require_once '../../config.php';
|
||||
require_once '../../auth/helper.php';
|
||||
require_once '../../koneksi.php';
|
||||
require_auth('administrator');
|
||||
require_csrf();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Method not allowed']); exit;
|
||||
}
|
||||
|
||||
$id = (int) ($_POST['id'] ?? 0);
|
||||
$nama_lengkap = trim($_POST['nama_lengkap'] ?? '');
|
||||
$role = trim($_POST['role'] ?? '');
|
||||
$ibadah_id = ($_POST['ibadah_id'] ?? '') !== '' ? (int)$_POST['ibadah_id'] : null;
|
||||
|
||||
if (!$id || !$nama_lengkap || !in_array($role, ['administrator','operator','viewer'])) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Data tidak valid']); exit;
|
||||
}
|
||||
if ($role === 'operator' && !$ibadah_id) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Operator harus dikaitkan ke rumah ibadah']); exit;
|
||||
}
|
||||
if ($role !== 'operator') {
|
||||
$ibadah_id = null;
|
||||
}
|
||||
|
||||
$current_stmt = $conn->prepare("SELECT role, is_active FROM users WHERE id = ? LIMIT 1");
|
||||
$current_stmt->bind_param('i', $id);
|
||||
$current_stmt->execute();
|
||||
$current = $current_stmt->get_result()->fetch_assoc();
|
||||
$current_stmt->close();
|
||||
if (!$current) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Akun tidak ditemukan']); exit;
|
||||
}
|
||||
|
||||
if ($id === get_user_id() && $current['role'] === 'administrator' && $role !== 'administrator') {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Tidak dapat menurunkan role akun sendiri']); exit;
|
||||
}
|
||||
|
||||
if ($current['role'] === 'administrator' && (int)$current['is_active'] === 1 && $role !== 'administrator') {
|
||||
$admin_stmt = $conn->prepare(
|
||||
"SELECT COUNT(*) AS n FROM users WHERE role='administrator' AND is_active=1 AND id <> ?"
|
||||
);
|
||||
$admin_stmt->bind_param('i', $id);
|
||||
$admin_stmt->execute();
|
||||
$other_admins = (int)$admin_stmt->get_result()->fetch_assoc()['n'];
|
||||
$admin_stmt->close();
|
||||
if ($other_admins === 0) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Tidak dapat mengubah administrator aktif terakhir']); exit;
|
||||
}
|
||||
}
|
||||
|
||||
if ($role === 'operator') {
|
||||
$ri_stmt = $conn->prepare("SELECT id FROM rumah_ibadah WHERE id = ? AND deleted_at IS NULL LIMIT 1");
|
||||
$ri_stmt->bind_param('i', $ibadah_id);
|
||||
$ri_stmt->execute();
|
||||
$ri = $ri_stmt->get_result()->fetch_assoc();
|
||||
$ri_stmt->close();
|
||||
if (!$ri) {
|
||||
echo json_encode(['status' => 'error', 'message' => 'Rumah ibadah operator tidak valid atau sudah dihapus']); exit;
|
||||
}
|
||||
}
|
||||
|
||||
$stmt = $conn->prepare("UPDATE users SET nama_lengkap=?, role=?, ibadah_id=? WHERE id=?");
|
||||
$stmt->bind_param('ssii', $nama_lengkap, $role, $ibadah_id, $id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
echo json_encode(['status' => 'success', 'message' => 'Akun berhasil diperbarui']);
|
||||
} else {
|
||||
echo json_encode(['status' => 'error', 'message' => $stmt->error]);
|
||||
}
|
||||
$stmt->close(); $conn->close();
|
||||
Reference in New Issue
Block a user