user = new User(); $this->outletModel = new Outlet(); } public function index() { $user_id = $this->request->getVar('user_id'); // Get the requesting user's data to check their role $requesting_user = $this->user->find($user_id); if (!$requesting_user) { $response = [ 'status' => 'error', 'message' => 'Requesting user not found.', 'data' => null ]; return $this->respond($response, 404); } // If user is admin, get all users if ($requesting_user['role'] === 'admin') { $users = $this->user->findAll(); } else { // If not admin, only return their own data $users = [$this->user->find($user_id)]; } if (empty($users)) { $response = [ 'status' => 'error', 'message' => 'No user data found.', 'data' => null ]; return $this->respond($response, 200); } $response = [ 'status' => 'success', 'message' => 'User data retrieved successfully.', 'data' => $users ]; return $this->respond($response, 200); } //Create User Function public function create() { $validationRules = [ 'username' => 'required', 'name' => 'required', 'password_hash' => 'required', 'role' => 'required', 'status' => 'required', ]; // Add conditional validation for outlet_id when role is 'Outlet' if ($this->request->getVar('role') === 'outlet') { $validationRules['outlet_id'] = 'required|integer'; } if (!$this->validate($validationRules)) { $response = [ 'status' => 'error', 'message' => 'Validation failed.', 'data' => $this->validator->getErrors() ]; return $this->respond($response, 422); } // Get menu permissions from request $menuPermissions = $this->request->getVar('menuPermissions'); // Convert permissions to JSON string if they exist $permissionsJson = null; if ($menuPermissions) { $permissionsJson = json_encode($menuPermissions); if (json_last_error() !== JSON_ERROR_NONE) { $response = [ 'status' => 'error', 'message' => 'Invalid permissions format.', 'data' => null ]; return $this->respond($response, 400); } } $userData = [ 'username' => $this->request->getVar('username'), 'name' => $this->request->getVar('name'), 'password_hash' => md5($this->request->getVar('password_hash')), 'role' => $this->request->getVar('role'), 'status' => $this->request->getVar('status'), 'user_permissions' => $permissionsJson, // Store permissions as JSON string ]; // Only add outlet_id if role is 'Outlet' if ($this->request->getVar('role') === 'outlet') { $userData['outlet_id'] = $this->request->getVar('outlet_id'); } $id = $this->user->insert($userData); if ($id) { $result = $this->user->find($id); $response = [ 'status' => 'success', 'message' => 'User created successfully.', 'data' => $result ]; return $this->respond($response, 201); } $response = [ 'status' => 'error', 'message' => 'Failed to create user.', 'data' => null ]; return $this->respond($response, 500); } // show the required data. public function show($id = null) { $user = $this->user->find($id); if (!$user) { $response = [ 'status' => 'error', 'message' => 'User not found.', 'data' => null ]; return $this->respond($response, 404); } $response = [ 'status' => 'success', 'message' => 'User retrieved successfully.', 'data' => $user ]; return $this->respond($response, 200); } // Update the data public function update($id = null) { // Find existing user $existingUser = $this->user->find($id); if (!$existingUser) { $response = [ 'status' => 'error', 'message' => 'User not found.', 'data' => null ]; return $this->respond($response, 404); } // Get new data from request $input = $this->request->getJSON(true); // Get JSON data if (empty($input)) { // fallback: try to get POST vars $input = $this->request->getPost(); } // Prepare data array only with fields that are present $data = []; // Map frontend field names to backend field names if (isset($input['username'])) { $data['username'] = $input['username']; } if (isset($input['name'])) { $data['name'] = $input['name']; } if (isset($input['password'])) { $data['password_hash'] = password_hash($input['password'], PASSWORD_DEFAULT); } // Handle userRoles -> role mapping if (isset($input['role'])) { $data['role'] = $input['role']; // Handle outlet_id based on role change if ($input['role'] === 'outlet') { // Require outlet_id when changing to Outlet role if (!isset($input['outlet_id'])) { $response = [ 'status' => 'error', 'message' => 'Outlet ID is required when role is Outlet.', 'data' => null ]; return $this->respond($response, 422); } $data['outlet_id'] = $input['outlet_id']; } else { // Clear outlet_id when changing to non-Outlet role $data['outlet_id'] = null; } } // Handle activeStatus -> status mapping if (isset($input['activeStatus'])) { $data['status'] = strtolower($input['activeStatus']); } // Handle outlet separately if role isn't being changed but user is Outlet if (isset($input['outlet']) && $existingUser['role'] === 'outlet') { $data['outlet_id'] = $input['outlet']; } // Handle menu permissions if (isset($input['menuPermissions'])) { $menuPermissions = $input['menuPermissions']; $permissionsJson = null; if ($menuPermissions && is_array($menuPermissions)) { if (!empty($menuPermissions)) { $permissionsJson = json_encode($menuPermissions); if (json_last_error() !== JSON_ERROR_NONE) { $response = [ 'status' => 'error', 'message' => 'Invalid permissions format.', 'data' => null ]; return $this->respond($response, 400); } } } $data['user_permissions'] = $permissionsJson; } // If no fields to update, return an error if (empty($data)) { $response = [ 'status' => 'error', 'message' => 'No data provided to update.', 'data' => null ]; return $this->respond($response, 400); } // Validate outlet_id if being set if (isset($data['outlet_id']) && $data['outlet_id'] !== null) { if (!$this->outletModel->find($data['outlet_id'])) { $response = [ 'status' => 'error', 'message' => 'Specified outlet does not exist.', 'data' => null ]; return $this->respond($response, 422); } } // Add updated_at timestamp $data['updated_at'] = date('Y-m-d H:i:s'); try { // Update user $this->user->update($id, $data); // Return updated user data $updatedUser = $this->user->find($id); $response = [ 'status' => 'success', 'message' => 'User updated successfully.', 'data' => $updatedUser ]; return $this->respond($response, 200); } catch (\Exception $e) { log_message('error', 'User update failed: ' . $e->getMessage()); $response = [ 'status' => 'error', 'message' => 'Failed to update user.', 'data' => null ]; return $this->respond($response, 500); } } // Delete User Function public function delete($id = null) { $existingUser = $this->user->find($id); if (!$existingUser) { $response = [ 'status' => 'error', 'message' => 'User not found.', 'data' => null ]; return $this->respond($response, 404); } $this->user->delete($id); $response = [ 'status' => 'success', 'message' => 'User deleted successfully.', 'data' => null ]; return $this->respond($response, 200); } }