Garoshi/Streamer-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
153c83f7fa50a04d7827c2247202a830a1879d56
Streamer-app/api/rater_groups.php
Vlastislav Svatek 153c83f7fa first commit
2026-04-26 02:23:11 +02:00

173 lines
6.7 KiB
PHP
Raw Blame History

<?php
// ============================================================
// api/rater_groups.php
//
// GET /api/rater_groups — list groups + members + linked streamer (admin)
// GET /api/rater_groups?my=1 — my group(s) info (rater); returns array
// POST /api/rater_groups — create group, optional streamer_id (admin)
// PUT /api/rater_groups?id=N — update group (rename, set/unset streamer_id) (admin)
// DELETE /api/rater_groups?id=N — delete group (admin)
// POST /api/rater_groups?members=1 — add member to group (admin)
// DELETE /api/rater_groups?member=N — remove member (admin)
// ============================================================
require_once __DIR__ . '/db.php';
cors();
start_session();
$method = $_SERVER['REQUEST_METHOD'];
// ── My groups — for logged-in raters (returns array of groups) ─
if ($method === 'GET' && isset($_GET['my'])) {
$user = $_SESSION['oauth_user'] ?? null;
if (!$user) json_error('Not logged in', 401);
$stmt = db()->prepare("
SELECT g.id, g.name, g.streamer_id
FROM rater_groups g
JOIN rater_group_members m ON m.group_id = g.id
WHERE m.user_id = :uid
ORDER BY g.name
");
$stmt->execute([':uid' => $user['id']]);
$groups = $stmt->fetchAll();
json_out($groups);
}
// All remaining endpoints require admin
require_admin();
// ── GET — list all groups with members + linked streamer ────
if ($method === 'GET') {
$groups = db()->query("
SELECT g.id, g.name, g.streamer_id, g.created_at,
s.name AS streamer_name
FROM rater_groups g
LEFT JOIN streamers s ON s.id = g.streamer_id
ORDER BY g.name
")->fetchAll();
foreach ($groups as &$g) {
$stmt = db()->prepare("
SELECT m.id AS member_id, m.role, u.id, u.provider, u.login, u.display_name, u.avatar
FROM rater_group_members m
JOIN users u ON u.id = m.user_id
WHERE m.group_id = :gid
ORDER BY (m.role = 'owner') DESC, m.added_at
");
$stmt->execute([':gid' => $g['id']]);
$g['members'] = $stmt->fetchAll();
$stmt = db()->prepare("SELECT COUNT(*) FROM community_ratings WHERE group_id = :gid");
$stmt->execute([':gid' => $g['id']]);
$g['ratings_count'] = (int)$stmt->fetchColumn();
}
json_out($groups);
}
// ── POST — create group or add member ────────────────────────
if ($method === 'POST') {
if (isset($_GET['members'])) {
$body = body();
$group_id = (int)($body['group_id'] ?? 0);
$login = strtolower(trim($body['login'] ?? ''));
$provider = in_array($body['provider'] ?? '', ['twitch','kick']) ? $body['provider'] : 'twitch';
$role = in_array($body['role'] ?? '', ['owner','rater']) ? $body['role'] : 'rater';
if (!$group_id || empty($login)) json_error('Missing group_id or login');
$stmt = db()->prepare("SELECT id, display_name FROM users WHERE LOWER(login)=:l AND provider=:p AND (banned IS NULL OR banned=false)");
$stmt->execute([':l' => $login, ':p' => $provider]);
$user = $stmt->fetch();
if (!$user) json_error("User '$login' on $provider has not logged in yet or is banned.", 404);
// Only one owner per team — promote, if owner role requested
if ($role === 'owner') {
db()->prepare("UPDATE rater_group_members SET role='rater' WHERE group_id=:gid AND role='owner'")
->execute([':gid' => $group_id]);
}
db()->prepare("
INSERT INTO rater_group_members (group_id, user_id, role)
VALUES (:gid, :uid, :role)
ON CONFLICT (group_id, user_id) DO UPDATE SET role = EXCLUDED.role
")->execute([':gid' => $group_id, ':uid' => $user['id'], ':role' => $role]);
json_out(['ok' => true, 'display_name' => $user['display_name'], 'role' => $role]);
}
$body = body();
$name = trim($body['name'] ?? '');
$streamer_id = !empty($body['streamer_id']) ? (int)$body['streamer_id'] : null;
if (empty($name)) json_error('Missing name');
try {
$stmt = db()->prepare("
INSERT INTO rater_groups (name, streamer_id)
VALUES (:n, :sid)
RETURNING id, name, streamer_id, created_at
");
$stmt->execute([':n' => $name, ':sid' => $streamer_id]);
json_out($stmt->fetch(), 201);
} catch (PDOException $e) {
$msg = $e->getMessage();
if (str_contains($msg, 'rater_groups_name')) json_error('Group name already exists', 409);
if (str_contains($msg, 'idx_rater_groups_streamer')) json_error('This streamer already has a team', 409);
json_error('DB error: ' . $msg, 500);
}
}
// ── PUT — update group (rename, link/unlink streamer) ────────
if ($method === 'PUT') {
$id = (int)($_GET['id'] ?? 0);
if (!$id) json_error('Missing id');
$body = body();
$sets = [];
$params = [':id' => $id];
if (array_key_exists('name', $body)) {
$name = trim($body['name'] ?? '');
if (empty($name)) json_error('Name cannot be empty');
$sets[] = 'name = :name';
$params[':name'] = $name;
}
if (array_key_exists('streamer_id', $body)) {
$sets[] = 'streamer_id = :sid';
$params[':sid'] = !empty($body['streamer_id']) ? (int)$body['streamer_id'] : null;
}
if (empty($sets)) json_error('Nothing to update');
try {
$stmt = db()->prepare("UPDATE rater_groups SET " . implode(', ', $sets) . " WHERE id = :id");
$stmt->execute($params);
json_out(['ok' => true]);
} catch (PDOException $e) {
$msg = $e->getMessage();
if (str_contains($msg, 'rater_groups_name')) json_error('Group name already exists', 409);
if (str_contains($msg, 'idx_rater_groups_streamer')) json_error('This streamer already has a team', 409);
json_error('DB error', 500);
}
}
// ── DELETE — remove group or member ──────────────────────────
if ($method === 'DELETE') {
if (isset($_GET['member'])) {
$id = (int)($_GET['member'] ?? 0);
if (!$id) json_error('Missing member id');
db()->prepare("DELETE FROM rater_group_members WHERE id=:id")->execute([':id' => $id]);
json_out(['ok' => true]);
}
$id = (int)($_GET['id'] ?? 0);
if (!$id) json_error('Missing id');
db()->prepare("DELETE FROM rater_groups WHERE id=:id")->execute([':id' => $id]);
json_out(['ok' => true]);
}
json_error('Method not allowed', 405);
Reference in New Issue View Git Blame Copy Permalink