window.webgisOpenApiSpec = { openapi: '3.0.3', info: { title: 'WebGIS API', version: '1.0.0', description: 'API for public map data, manager registrations, and admin approvals.' }, servers: [{ url: '.' }], components: { securitySchemes: { bearerAuth: { type: 'http', scheme: 'bearer', bearerFormat: 'JWT' } } }, paths: { '/src/api/auth/register.php': { post: { summary: 'Register manager account', description: 'Public registration endpoint for manager accounts.', requestBody: { required: true, content: { 'application/json': { schema: { type: 'object', required: ['email', 'password'], properties: { email: { type: 'string', format: 'email' }, password: { type: 'string' }, name: { type: 'string' }, organization: { type: 'string' } } } } } }, responses: { '200': { description: 'Registration successful, pending approval' } } } }, '/src/api/auth/login.php': { post: { summary: 'Login', requestBody: { required: true, content: { 'application/json': { schema: { type: 'object', required: ['email', 'password'], properties: { email: { type: 'string', format: 'email' }, password: { type: 'string' } } } } } }, responses: { '200': { description: 'Login successful' } } } }, '/src/api/auth/logout.php': { post: { summary: 'Logout', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Logout successful' } } } }, '/src/api/auth/me.php': { get: { summary: 'Current user session', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Current auth state' } } } }, '/src/api/get_lokasi.php': { get: { summary: 'List locations', description: 'Public read-only endpoint.', responses: { '200': { description: 'Location list' } } } }, '/src/api/tambah_lokasi.php': { post: { summary: 'Create location', description: 'Bearer JWT required. Managers can create records; admins can create all.', security: [{ bearerAuth: [] }], requestBody: { required: true, content: { 'application/json': { schema: { type: 'object', properties: { nama: { type: 'string' }, jenis: { type: 'string' }, alamat: { type: 'string' }, latitude: { type: 'number' }, longitude: { type: 'number' } } } } } }, responses: { '200': { description: 'Created' } } } }, '/src/api/update_lokasi.php': { post: { summary: 'Update location', description: 'Bearer JWT required. Managers can edit only their own lokasi; admins can edit all.', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Updated' } } } }, '/src/api/hapus_lokasi.php': { post: { summary: 'Delete location', description: 'Bearer JWT required. Managers can delete only their own lokasi; admins can delete all.', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Deleted' } } } }, '/src/api/upload_photo.php': { post: { summary: 'Upload location photo', description: 'Bearer JWT required. Managers can upload only for their own lokasi.', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Uploaded' } } } }, '/src/api/admin/list_pending_managers.php': { get: { summary: 'List pending manager registrations', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Pending list' } } } }, '/src/api/admin/approve_user.php': { post: { summary: 'Approve pending user', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Approved' } } } }, '/src/api/admin/reject_user.php': { post: { summary: 'Reject pending user', security: [{ bearerAuth: [] }], responses: { '200': { description: 'Rejected' } } } } } };