diff --git a/Documentation/Dokumentation.md b/Documentation/Dokumentation.md index 4c63aef..98c455e 100644 --- a/Documentation/Dokumentation.md +++ b/Documentation/Dokumentation.md @@ -81,7 +81,7 @@ POST 127.0.0.1/DirektiveDesDons/shoppinglist/1 BODY { - "incredientId": 1 + "ingredientId": 1 } ``` diff --git a/index.php b/index.php index 685aa0c..191819a 100644 --- a/index.php +++ b/index.php @@ -135,7 +135,7 @@ $app->route("/ingredient/:id") } $unitId = $unitInTable[0]["id"]; - $db->update("ingredienti", $id,["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]); + $db->update("ingredienti", $id, ["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]); $res->json(["message" => "Ingredient has been updated", "data" => $db->select("ingredienti", ["id" => $id])[0]]); }) @@ -229,23 +229,60 @@ $app->route("/list") $lastListId = $db->insert("elenco", ["cognome" => $name, "coloreDiSfondo" => $bgColor, "utenteID" => $req["user"]->id]); $res->json(["message" => "New List '" . $name . "' created", "data" => $db->select("elenco", ["id" => $lastListId])], HTTP_STATUS_CODE::CREATED); }); -$app->get("/list/:id", function (array $req, Response $res) use ($db) { - $id = $req["params"]["id"]; - $list = $db->select("elenco", ["id" => $id, "utenteID" => $req["user"]->id])[0]; +$app->route("/list/:id") + ->get(function (array $req, Response $res) use ($db) { + $id = $req["params"]["id"]; + $query = $db->select("elenco", ["id" => $id, "utenteID" => $req["user"]->id]); - $listId = $list["id"]; - $ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]); - $ingredientData = []; - foreach ($ingredients as &$ingredient) { - $ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]); - } - $list["inredients"] = $ingredientData; + if (count($query) < 1) { + $res->json(["message" => "List does not exists or you dont have permissions to view it"]); + return; + } + $list = $query[0]; - $res->json(["data" => $list]); -}); -$app->post("/list/:id", function (array $req, Response $res) use ($db) { - // TODO: add Item to List with id -}); + $listId = $list["id"]; + $ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]); + $ingredientData = []; + foreach ($ingredients as &$ingredient) { + $ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]); + } + $list["inredients"] = $ingredientData; + + $res->json(["data" => $list]); + }) + ->post(function (array $req, Response $res) use ($db) { + // TODO: add Item to List with id + $id = $req["params"]["id"]; + $ingredientId = $req["body"]["ingredientId"]; + + if (!isset($ingredientId)) { + $res->json(["message" => "You need to set a valid 'ingredientId'", HTTP_STATUS_CODE::BAD_REQUEST]); + return; + } + + $newId = $db->insert("elencoIngredienti", ["ingredientiID" => $ingredientId, "elencoID" => $id]); + if(!$newId){ + $res->json(["message" => "Cannot insert item in list"], HTTP_STATUS_CODE::BAD_REQUEST); + return; + } + $res->json(["message" => "Item has been added"]); + }) + ->delete(function (array $req, Response $res) use ($db) { + $id = $req["params"]["id"]; + + $list = $db->select("elenco", ["id" => $id]); + if (count($list) < 1) { + $res->json(["message" => "List does not exist"]); + return; + } + if ($list[0]["utenteID"] != $req["user"]->id) { + $res->json(["message" => "You have no permissions the delete this list"], HTTP_STATUS_CODE::FORBIDDEN); + return; + } + + $db->delete("elenco", $id); + $res->json(["message" => "List has been deleted"]); + }); $app->delete("/list/:id/:item", function (array $req, Response $res) use ($db) { // TODO: delete item from list });